ComboFix 11-10-09.01 - Romain 09/10/2011 16:11:51.4.2 - x64 Microsoft Windows 7 Édition Intégrale 6.1.7600.0.1252.33.1036.18.4095.2793 [GMT 2:00] Lancé depuis: c:\users\Romain\Documents\Downloads\ComboFix.exe Commutateurs utilisés :: c:\users\Romain\Documents\Downloads\CFScript.txt AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7} SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . FILE :: "c:\windows\Tasks\Norton Security Scan for Romain.job" . . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . . c:\program files (x86)\ESET c:\program files (x86)\ESET\ESET Online Scanner\esets_apiA.dll c:\program files (x86)\ESET\ESET Online Scanner\esets_apiW.dll c:\program files (x86)\ESET\ESET Online Scanner\esets_apiW_a.dll c:\program files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe c:\program files (x86)\ESET\ESET Online Scanner\log.txt c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\continuous\nod5303.nup c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\http_update.eset.com\update.ver c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\lastupd.ver c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\nod0751.nup c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\nod0F54.nup c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\nod1257.nup c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\nod176D.nup c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\nod2139.nup c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\nod31B1.nup c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\nod320D.nup c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\nod358B.nup c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\nod392F.nup c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\nod3D36.nup c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\nod4066.nup c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\nod413A.nup c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\nod54E2.nup c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\nod5693.nup c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\nod6110.nup c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\nod63FD.nup c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\nod66B8.nup c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\nod6729.nup c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\nod7702.nup c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\nod78C9.nup c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\oldfiles\em002_32.dat c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\temp\em002_32.dat c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\upd.ver c:\program files (x86)\ESET\ESET Online Scanner\Modules\em000_32.dat c:\program files (x86)\ESET\ESET Online Scanner\Modules\em000_64.dat c:\program files (x86)\ESET\ESET Online Scanner\Modules\em001_32.dat c:\program files (x86)\ESET\ESET Online Scanner\Modules\em002_32.dat c:\program files (x86)\ESET\ESET Online Scanner\Modules\em003_32.dat c:\program files (x86)\ESET\ESET Online Scanner\Modules\em004_32.dat c:\program files (x86)\ESET\ESET Online Scanner\Modules\em005_32.dat c:\program files (x86)\ESET\ESET Online Scanner\Modules\em006_32.dat c:\program files (x86)\ESET\ESET Online Scanner\Modules\em006_64.dat c:\program files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe c:\program files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScannerA.exe c:\program files (x86)\ESET\ESET Online Scanner\OnlineScanner.cab c:\program files (x86)\ESET\ESET Online Scanner\OnlineScanner.inf c:\program files (x86)\ESET\ESET Online Scanner\OnlineScanner.ocx c:\program files (x86)\ESET\ESET Online Scanner\OnlineScanner64.ocx c:\program files (x86)\ESET\ESET Online Scanner\OnlineScannerApp.exe c:\program files (x86)\ESET\ESET Online Scanner\OnlineScannerLang.dll c:\program files (x86)\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe c:\program files (x86)\ESET\ESET Online Scanner\unicows.dll c:\program files (x86)\Norton Security Scan c:\program files (x86)\Norton Security Scan\Engine\3.5.2.9\{2A85E335-7417-424d-AD89-31DED1689794}.dat c:\program files (x86)\Norton Security Scan\Engine\3.5.2.9\{71B3DD3A-BC1F-40cc-A74F-C0C30DFCE7D5}.dat c:\program files (x86)\Norton Security Scan\Engine\3.5.2.9\{F8D07955-00ED-4093-88AA-0A0F69AFD83C}.dat c:\program files (x86)\Norton Security Scan\Engine\3.5.2.9\BilBDRes.dll c:\program files (x86)\Norton Security Scan\Engine\3.5.2.9\ccL100U.dll c:\program files (x86)\Norton Security Scan\Engine\3.5.2.9\ccScanw.dll c:\program files (x86)\Norton Security Scan\Engine\3.5.2.9\ccVrTrst.dll c:\program files (x86)\Norton Security Scan\Engine\3.5.2.9\Config.dll c:\program files (x86)\Norton Security Scan\Engine\3.5.2.9\dec_abi.dll c:\program files (x86)\Norton Security Scan\Engine\3.5.2.9\DefUtDCD.dll c:\program files (x86)\Norton Security Scan\Engine\3.5.2.9\diLueCbk.dll c:\program files (x86)\Norton Security Scan\Engine\3.5.2.9\ecmldr32.dll c:\program files (x86)\Norton Security Scan\Engine\3.5.2.9\HeartBt.dll c:\program files (x86)\Norton Security Scan\Engine\3.5.2.9\help.htm c:\program files (x86)\Norton Security Scan\Engine\3.5.2.9\InstWrap.exe c:\program files (x86)\Norton Security Scan\Engine\3.5.2.9\InstWRes.dll c:\program files (x86)\Norton Security Scan\Engine\3.5.2.9\Microsoft.VC90.CRT.manifest c:\program files (x86)\Norton Security Scan\Engine\3.5.2.9\msl.dll c:\program files (x86)\Norton Security Scan\Engine\3.5.2.9\msvcp90.dll c:\program files (x86)\Norton Security Scan\Engine\3.5.2.9\msvcr90.dll c:\program files (x86)\Norton Security Scan\Engine\3.5.2.9\Nss.exe c:\program files (x86)\Norton Security Scan\Engine\3.5.2.9\patch25d.dll c:\program files (x86)\Norton Security Scan\Engine\3.5.2.9\PrdDtRes.dll c:\program files (x86)\Norton Security Scan\Engine\3.5.2.9\RevList.dll c:\program files (x86)\Norton Security Scan\Engine\3.5.2.9\RptCdRes.dll c:\program files (x86)\Norton Security Scan\Engine\3.5.2.9\SAUpdt.dll c:\program files (x86)\Norton Security Scan\Engine\3.5.2.9\ScanCore.dll c:\program files (x86)\Norton Security Scan\Engine\3.5.2.9\ScanRes.dll c:\program files (x86)\Norton Security Scan\Engine\3.5.2.9\ScanText.dll c:\program files (x86)\Norton Security Scan\Engine\3.5.2.9\SKU.dll c:\program files (x86)\Norton Security Scan\Engine\3.5.2.9\SKURes.dll c:\program files (x86)\Norton Security Scan\Engine\3.5.2.9\symbos.exe c:\program files (x86)\Norton Security Scan\Engine\3.5.2.9\SymCCIS.dll c:\program files (x86)\Norton Security Scan\Engine\3.5.2.9\SymCCISE.exe c:\program files (x86)\Norton Security Scan\Engine\3.5.2.9\SymDltCl.dll c:\program files (x86)\Norton Security Scan\Engine\3.5.2.9\SymHTML.dll c:\program files (x86)\Norton Security Scan\Engine\3.5.2.9\SymInstallStub.exe c:\program files (x86)\Norton Security Scan\isolate.ini c:\program files (x86)\NortonInstaller c:\program files (x86)\NortonInstaller\{397E31AA-0D78-4649-A01C-339D73A2ED35}\NSS\LicenseType\3.5.2.9\09\01\InstUI.loc c:\program files (x86)\NortonInstaller\{397E31AA-0D78-4649-A01C-339D73A2ED35}\NSS\LicenseType\3.5.2.9\ccL100U.dll c:\program files (x86)\NortonInstaller\{397E31AA-0D78-4649-A01C-339D73A2ED35}\NSS\LicenseType\3.5.2.9\ccSet.dll c:\program files (x86)\NortonInstaller\{397E31AA-0D78-4649-A01C-339D73A2ED35}\NSS\LicenseType\3.5.2.9\Engine.dll c:\program files (x86)\NortonInstaller\{397E31AA-0D78-4649-A01C-339D73A2ED35}\NSS\LicenseType\3.5.2.9\extract.dat c:\program files (x86)\NortonInstaller\{397E31AA-0D78-4649-A01C-339D73A2ED35}\NSS\LicenseType\3.5.2.9\fallback.dat c:\program files (x86)\NortonInstaller\{397E31AA-0D78-4649-A01C-339D73A2ED35}\NSS\LicenseType\3.5.2.9\finalzed.dat c:\program files (x86)\NortonInstaller\{397E31AA-0D78-4649-A01C-339D73A2ED35}\NSS\LicenseType\3.5.2.9\install.dat c:\program files (x86)\NortonInstaller\{397E31AA-0D78-4649-A01C-339D73A2ED35}\NSS\LicenseType\3.5.2.9\Install.mft c:\program files (x86)\NortonInstaller\{397E31AA-0D78-4649-A01C-339D73A2ED35}\NSS\LicenseType\3.5.2.9\InstStub.exe c:\program files (x86)\NortonInstaller\{397E31AA-0D78-4649-A01C-339D73A2ED35}\NSS\LicenseType\3.5.2.9\InstUI.dll c:\program files (x86)\NortonInstaller\{397E31AA-0D78-4649-A01C-339D73A2ED35}\NSS\LicenseType\3.5.2.9\layout.dat c:\program files (x86)\NortonInstaller\{397E31AA-0D78-4649-A01C-339D73A2ED35}\NSS\LicenseType\3.5.2.9\Microsoft.VC90.CRT\Microsoft.VC90.CRT.manifest c:\program files (x86)\NortonInstaller\{397E31AA-0D78-4649-A01C-339D73A2ED35}\NSS\LicenseType\3.5.2.9\Microsoft.VC90.CRT\msvcm90.dll c:\program files (x86)\NortonInstaller\{397E31AA-0D78-4649-A01C-339D73A2ED35}\NSS\LicenseType\3.5.2.9\Microsoft.VC90.CRT\msvcp90.dll c:\program files (x86)\NortonInstaller\{397E31AA-0D78-4649-A01C-339D73A2ED35}\NSS\LicenseType\3.5.2.9\Microsoft.VC90.CRT\msvcr90.dll c:\program files (x86)\NortonInstaller\{397E31AA-0D78-4649-A01C-339D73A2ED35}\NSS\LicenseType\3.5.2.9\ProdCbk.dll c:\program files (x86)\NortonInstaller\{397E31AA-0D78-4649-A01C-339D73A2ED35}\NSS\LicenseType\3.5.2.9\SKU.dll c:\program files (x86)\Spybot - Search & Destroy c:\program files (x86)\Spybot - Search & Destroy\advcheck.dll c:\program files (x86)\Spybot - Search & Destroy\aports.dll c:\program files (x86)\Spybot - Search & Destroy\blindman.exe c:\program files (x86)\Spybot - Search & Destroy\Default configuration.ini c:\program files (x86)\Spybot - Search & Destroy\DelZip179.dll c:\program files (x86)\Spybot - Search & Destroy\Dummies\dummy.cd_clint.dll c:\program files (x86)\Spybot - Search & Destroy\Dummies\dummy.dap.gif c:\program files (x86)\Spybot - Search & Destroy\Dummies\dummy.data.xml c:\program files (x86)\Spybot - Search & Destroy\Dummies\dummy.default.gif c:\program files (x86)\Spybot - Search & Destroy\Dummies\dummy.related.htm c:\program files (x86)\Spybot - Search & Destroy\Help\Brasil.license.txt c:\program files (x86)\Spybot - Search & Destroy\Help\Cesky.license.txt c:\program files (x86)\Spybot - Search & Destroy\Help\Deutsch.license.txt c:\program files (x86)\Spybot - Search & Destroy\Help\English.chm c:\program files (x86)\Spybot - Search & Destroy\Help\English.license.txt c:\program files (x86)\Spybot - Search & Destroy\Help\Espanol.license.txt c:\program files (x86)\Spybot - Search & Destroy\Help\Francais.license.txt c:\program files (x86)\Spybot - Search & Destroy\Help\Hellenic.license.txt c:\program files (x86)\Spybot - Search & Destroy\Help\Italiano.license.txt c:\program files (x86)\Spybot - Search & Destroy\Help\Japanese.license.ansi.txt c:\program files (x86)\Spybot - Search & Destroy\Help\Japanese.license.txt c:\program files (x86)\Spybot - Search & Destroy\Help\Korean.license.txt c:\program files (x86)\Spybot - Search & Destroy\Help\Nederlands.license.txt c:\program files (x86)\Spybot - Search & Destroy\Help\Polski.license.txt c:\program files (x86)\Spybot - Search & Destroy\Help\Russkiy.license.txt c:\program files (x86)\Spybot - Search & Destroy\Help\Slovensky.license.txt c:\program files (x86)\Spybot - Search & Destroy\Help\Srpski.license.txt c:\program files (x86)\Spybot - Search & Destroy\Help\Suomi.license.txt c:\program files (x86)\Spybot - Search & Destroy\Includes\Adware.sbi c:\program files (x86)\Spybot - Search & Destroy\Includes\AdwareC.sbi c:\program files (x86)\Spybot - Search & Destroy\Includes\Browserpages.sbs c:\program files (x86)\Spybot - Search & Destroy\Includes\CLSIDs.sbs c:\program files (x86)\Spybot - Search & Destroy\Includes\Cookies.sbi c:\program files (x86)\Spybot - Search & Destroy\Includes\Cookies.sbs c:\program files (x86)\Spybot - Search & Destroy\Includes\Dialer.sbi c:\program files (x86)\Spybot - Search & Destroy\Includes\Dialer.sbs c:\program files (x86)\Spybot - Search & Destroy\Includes\DialerC.sbi c:\program files (x86)\Spybot - Search & Destroy\Includes\Domains.sbs c:\program files (x86)\Spybot - Search & Destroy\Includes\HeavyDuty.sbi c:\program files (x86)\Spybot - Search & Destroy\Includes\Hijackers.sbi c:\program files (x86)\Spybot - Search & Destroy\Includes\HijackersC.sbi c:\program files (x86)\Spybot - Search & Destroy\Includes\iPhone.sbi c:\program files (x86)\Spybot - Search & Destroy\Includes\Keyloggers.sbi c:\program files (x86)\Spybot - Search & Destroy\Includes\KeyloggersC.sbi c:\program files (x86)\Spybot - Search & Destroy\Includes\Logs.uts c:\program files (x86)\Spybot - Search & Destroy\Includes\LSP.sbi c:\program files (x86)\Spybot - Search & Destroy\Includes\LSP.sbs c:\program files (x86)\Spybot - Search & Destroy\Includes\Malware.sbi c:\program files (x86)\Spybot - Search & Destroy\Includes\MalwareC.sbi c:\program files (x86)\Spybot - Search & Destroy\Includes\OperaPlugins.sbs c:\program files (x86)\Spybot - Search & Destroy\Includes\ProcWatch.sbs c:\program files (x86)\Spybot - Search & Destroy\Includes\PUPS.sbi c:\program files (x86)\Spybot - Search & Destroy\Includes\PUPSC.sbi c:\program files (x86)\Spybot - Search & Destroy\Includes\RegWatch.sbs c:\program files (x86)\Spybot - Search & Destroy\Includes\RegXLinks.sbs c:\program files (x86)\Spybot - Search & Destroy\Includes\Revision.sbi c:\program files (x86)\Spybot - Search & Destroy\Includes\Revision.sbs c:\program files (x86)\Spybot - Search & Destroy\Includes\Searchpages.sbs c:\program files (x86)\Spybot - Search & Destroy\Includes\Security.sbi c:\program files (x86)\Spybot - Search & Destroy\Includes\SecurityC.sbi c:\program files (x86)\Spybot - Search & Destroy\Includes\Services.sbs c:\program files (x86)\Spybot - Search & Destroy\Includes\Spybots.sbi c:\program files (x86)\Spybot - Search & Destroy\Includes\SpybotsC.sbi c:\program files (x86)\Spybot - Search & Destroy\Includes\Spyware.sbi c:\program files (x86)\Spybot - Search & Destroy\Includes\SpywareC.sbi c:\program files (x86)\Spybot - Search & Destroy\Includes\Startup.tnfo c:\program files (x86)\Spybot - Search & Destroy\Includes\Targets.nfo c:\program files (x86)\Spybot - Search & Destroy\Includes\Tracks.uti c:\program files (x86)\Spybot - Search & Destroy\Includes\Trojans.sbi c:\program files (x86)\Spybot - Search & Destroy\Includes\TrojansC-02.sbi c:\program files (x86)\Spybot - Search & Destroy\Includes\TrojansC-03.sbi c:\program files (x86)\Spybot - Search & Destroy\Includes\TrojansC-04.sbi c:\program files (x86)\Spybot - Search & Destroy\Includes\TrojansC-05.sbi c:\program files (x86)\Spybot - Search & Destroy\Includes\TrojansC.sbi c:\program files (x86)\Spybot - Search & Destroy\Includes\TTLASSH.sbs c:\program files (x86)\Spybot - Search & Destroy\Includes\URL-Blacklist.sbs c:\program files (x86)\Spybot - Search & Destroy\Includes\X509White.sbs c:\program files (x86)\Spybot - Search & Destroy\IUNDSCKJWWOIK.scr c:\program files (x86)\Spybot - Search & Destroy\Languages\Afrikaans.sbl c:\program files (x86)\Spybot - Search & Destroy\Languages\Arabic.sbl c:\program files (x86)\Spybot - Search & Destroy\Languages\Azeri.sbl c:\program files (x86)\Spybot - Search & Destroy\Languages\Bahasa Indonesia.sbl c:\program files (x86)\Spybot - Search & Destroy\Languages\Belarusskiy.sbl c:\program files (x86)\Spybot - Search & Destroy\Languages\Bosanski.sbl c:\program files (x86)\Spybot - Search & Destroy\Languages\Brasil.sbl c:\program files (x86)\Spybot - Search & Destroy\Languages\Bulgarski.sbl c:\program files (x86)\Spybot - Search & Destroy\Languages\Catalan.sbl c:\program files (x86)\Spybot - Search & Destroy\Languages\Cesky.sbl c:\program files (x86)\Spybot - Search & Destroy\Languages\Chinese (simplified).sbl c:\program files (x86)\Spybot - Search & Destroy\Languages\Chinese (traditional).sbl c:\program files (x86)\Spybot - Search & Destroy\Languages\Dansk.sbl c:\program files (x86)\Spybot - Search & Destroy\Languages\Deutsch.sbl c:\program files (x86)\Spybot - Search & Destroy\Languages\Eesti.sbl c:\program files (x86)\Spybot - Search & Destroy\Languages\English.sbl c:\program files (x86)\Spybot - Search & Destroy\Languages\Espanol.sbl c:\program files (x86)\Spybot - Search & Destroy\Languages\Esperanto.sbl c:\program files (x86)\Spybot - Search & Destroy\Languages\Euskera.sbl c:\program files (x86)\Spybot - Search & Destroy\Languages\Farsi.sbl c:\program files (x86)\Spybot - Search & Destroy\Languages\Francais.sbl c:\program files (x86)\Spybot - Search & Destroy\Languages\Furlan.sbl c:\program files (x86)\Spybot - Search & Destroy\Languages\Galego.sbl c:\program files (x86)\Spybot - Search & Destroy\Languages\Hebrew.sbl c:\program files (x86)\Spybot - Search & Destroy\Languages\Hellenic.sbl c:\program files (x86)\Spybot - Search & Destroy\Languages\Hindi.sbl c:\program files (x86)\Spybot - Search & Destroy\Languages\Hrvatski.sbl c:\program files (x86)\Spybot - Search & Destroy\Languages\Islenska.sbl c:\program files (x86)\Spybot - Search & Destroy\Languages\Italiano.sbl c:\program files (x86)\Spybot - Search & Destroy\Languages\Japanese.sbl c:\program files (x86)\Spybot - Search & Destroy\Languages\Korean.sbl c:\program files (x86)\Spybot - Search & Destroy\Languages\Latvian.sbl c:\program files (x86)\Spybot - Search & Destroy\Languages\Letzebuergesch.sbl c:\program files (x86)\Spybot - Search & Destroy\Languages\Lietuviu.sbl c:\program files (x86)\Spybot - Search & Destroy\Languages\Magyar.sbl c:\program files (x86)\Spybot - Search & Destroy\Languages\Makedonski.sbl c:\program files (x86)\Spybot - Search & Destroy\Languages\Melayu.sbl c:\program files (x86)\Spybot - Search & Destroy\Languages\Nederlands.sbl c:\program files (x86)\Spybot - Search & Destroy\Languages\Norsk.sbl c:\program files (x86)\Spybot - Search & Destroy\Languages\Polski.sbl c:\program files (x86)\Spybot - Search & Destroy\Languages\Portugues.sbl c:\program files (x86)\Spybot - Search & Destroy\Languages\Romaneste.sbl c:\program files (x86)\Spybot - Search & Destroy\Languages\Russkiy.sbl c:\program files (x86)\Spybot - Search & Destroy\Languages\Shqip.sbl c:\program files (x86)\Spybot - Search & Destroy\Languages\Slovenscina.sbl c:\program files (x86)\Spybot - Search & Destroy\Languages\Slovensky.sbl c:\program files (x86)\Spybot - Search & Destroy\Languages\Srpski.sbl c:\program files (x86)\Spybot - Search & Destroy\Languages\Suomi.sbl c:\program files (x86)\Spybot - Search & Destroy\Languages\Svenska.sbl c:\program files (x86)\Spybot - Search & Destroy\Languages\Thai.sbl c:\program files (x86)\Spybot - Search & Destroy\Languages\Turkce.sbl c:\program files (x86)\Spybot - Search & Destroy\Languages\Ukrainian.sbl c:\program files (x86)\Spybot - Search & Destroy\Languages\Uzbek.sbl c:\program files (x86)\Spybot - Search & Destroy\LEXKFU.scr c:\program files (x86)\Spybot - Search & Destroy\messages.zres c:\program files (x86)\Spybot - Search & Destroy\OptOut.ini c:\program files (x86)\Spybot - Search & Destroy\OWVZLTN.scr c:\program files (x86)\Spybot - Search & Destroy\Plugins\Chai.dll c:\program files (x86)\Spybot - Search & Destroy\Plugins\Fennel.dll c:\program files (x86)\Spybot - Search & Destroy\Plugins\Mate.dll c:\program files (x86)\Spybot - Search & Destroy\Plugins\TCPIPAddress.dll c:\program files (x86)\Spybot - Search & Destroy\ROHXOIIYNLV.scr c:\program files (x86)\Spybot - Search & Destroy\SDFiles.exe c:\program files (x86)\Spybot - Search & Destroy\SDHelper.dll c:\program files (x86)\Spybot - Search & Destroy\SDMain.exe c:\program files (x86)\Spybot - Search & Destroy\SDUpdate.exe c:\program files (x86)\Spybot - Search & Destroy\Skins\Colorblind.ini c:\program files (x86)\Spybot - Search & Destroy\SpybotSD.exe c:\program files (x86)\Spybot - Search & Destroy\sqlite3.dll c:\program files (x86)\Spybot - Search & Destroy\TeaTimer.exe c:\program files (x86)\Spybot - Search & Destroy\Tools.dll c:\program files (x86)\Spybot - Search & Destroy\unins000.dat c:\program files (x86)\Spybot - Search & Destroy\unins000.exe c:\program files (x86)\Spybot - Search & Destroy\unins000.msg c:\program files (x86)\Spybot - Search & Destroy\UninsSrv.dll c:\program files (x86)\Spybot - Search & Destroy\Update.exe c:\program files (x86)\Spybot - Search & Destroy\Updates\advcheck165.exe c:\program files (x86)\Spybot - Search & Destroy\Updates\advcheck165.zip c:\program files (x86)\Spybot - Search & Destroy\Updates\clsid.zip c:\program files (x86)\Spybot - Search & Destroy\Updates\downloaded.ini c:\program files (x86)\Spybot - Search & Destroy\Updates\online.ini c:\program files (x86)\Spybot - Search & Destroy\Updates\online.ini.uiz c:\program files (x86)\Spybot - Search & Destroy\Updates\teatimer166.exe c:\program files (x86)\Spybot - Search & Destroy\Updates\teatimer166.zip c:\programdata\Kaspersky Lab c:\programdata\Kaspersky Lab\~PRCustomProps#4dd.dat c:\programdata\Kaspersky Lab\~PRObjects#4dd.dat c:\programdata\Norton c:\programdata\Norton\{086A63F0-6B13-4F29-9695-134E7A01E963}\LC.INI c:\programdata\Norton\{397E31AA-0D78-4649-A01C-339D73A2ED35}\isolate.ini c:\programdata\Norton\{397E31AA-0D78-4649-A01C-339D73A2ED35}\Module9000.txt c:\programdata\Norton\{397E31AA-0D78-4649-A01C-339D73A2ED35}\NSS_3.5.2.9\Connections\connections.dat c:\programdata\Norton\{397E31AA-0D78-4649-A01C-339D73A2ED35}\NSS_3.5.2.9\diMaster\eula.dat c:\programdata\Norton\{397E31AA-0D78-4649-A01C-339D73A2ED35}\NSS_3.5.2.9\diMaster\service.dat c:\programdata\Norton\{397E31AA-0D78-4649-A01C-339D73A2ED35}\NSS_3.5.2.9\itbLUReg\{65190544-26C3-43a4-A78A-694964901607}.dat c:\programdata\Norton\{397E31AA-0D78-4649-A01C-339D73A2ED35}\NSS_3.5.2.9\itbLUReg\{6E3396BD-C6A6-4f0f-9254-267F9058FEC4}.dat c:\programdata\Norton\{397E31AA-0D78-4649-A01C-339D73A2ED35}\NSS_3.5.2.9\itbLUReg\{D4F4CC32-7A41-4684-AE57-41E59E9B4503}.dat c:\programdata\Spybot - Search & Destroy c:\programdata\Spybot - Search & Destroy\Backups\regLocal.reg c:\programdata\Spybot - Search & Destroy\Backups\regUsers.reg c:\programdata\Spybot - Search & Destroy\Configuration.ini c:\programdata\Spybot - Search & Destroy\Excludes\Bots.sbe c:\programdata\Spybot - Search & Destroy\Excludes\Cookies.sbe c:\programdata\Spybot - Search & Destroy\Excludes\FileExt.sbe c:\programdata\Spybot - Search & Destroy\Excludes\Links.sbe c:\programdata\Spybot - Search & Destroy\Excludes\Single.sbe c:\programdata\Spybot - Search & Destroy\Excludes\SystemInternals.sbe c:\programdata\Spybot - Search & Destroy\Excludes\UpdateDL.sbe c:\programdata\Spybot - Search & Destroy\Excludes\WaitFor.sbe c:\programdata\Spybot - Search & Destroy\Immunization.ini c:\programdata\Spybot - Search & Destroy\Recovery\FraudWindowsRecovery.zip c:\programdata\Spybot - Search & Destroy\Recovery\FraudWindowsRecovery1.zip c:\programdata\Symantec c:\users\Romain\DoctorWeb c:\users\Romain\DoctorWeb\CureIt.log c:\windows\Tasks\Norton Security Scan for Romain.job . . ((((((((((((((((((((((((((((( Fichiers créés du 2011-09-09 au 2011-10-09 )))))))))))))))))))))))))))))))))))) . . 2011-10-09 15:24 . 2011-10-09 15:24 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{45884D8F-4A75-4CDB-8797-31A30C10A2B7}\offreg.dll 2011-10-09 15:18 . 2011-10-09 15:18 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp 2011-10-09 15:18 . 2011-10-09 15:18 -------- d-----w- c:\users\Public\AppData\Local\temp 2011-10-09 15:18 . 2011-10-09 15:18 -------- d-----w- c:\users\Default\AppData\Local\temp 2011-10-09 13:44 . 2011-10-09 13:48 -------- d-----w- C:\ZHP 2011-10-09 13:43 . 2011-10-09 13:48 -------- d-----w- c:\program files (x86)\ZHPDiag 2011-10-09 10:22 . 2011-10-09 10:22 388096 ----a-r- c:\users\Romain\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2011-10-09 10:22 . 2011-10-09 10:22 -------- d-----w- c:\program files (x86)\Trend Micro 2011-10-09 09:55 . 2011-10-09 09:55 -------- d-----w- c:\users\Romain\AppData\Roaming\SUPERAntiSpyware.com 2011-10-09 08:53 . 2011-10-09 08:53 -------- d-----w- c:\program files\CCleaner 2011-10-08 19:07 . 2011-10-08 19:07 -------- d-----w- c:\windows\system32\Macromed 2011-10-08 18:09 . 2011-10-08 18:09 -------- d-----w- c:\users\Romain\AppData\Roaming\Avira 2011-10-08 18:07 . 2011-07-21 10:22 123784 ----a-w- c:\windows\system32\drivers\avipbb.sys 2011-10-08 18:07 . 2011-07-21 10:22 88288 ----a-w- c:\windows\system32\drivers\avgntflt.sys 2011-10-08 18:07 . 2011-10-08 18:07 -------- d-----w- c:\programdata\Avira 2011-10-08 18:07 . 2011-10-08 18:07 -------- d-----w- c:\program files (x86)\Avira 2011-10-08 17:01 . 2011-09-21 07:00 9049936 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{45884D8F-4A75-4CDB-8797-31A30C10A2B7}\mpengine.dll 2011-10-08 16:45 . 2011-10-08 16:45 -------- d-----w- c:\users\Romain\AppData\Roaming\QuickScan 2011-10-08 16:28 . 2010-10-16 05:23 112000 ----a-w- c:\windows\system32\consent.exe 2011-10-08 16:28 . 2010-12-18 06:13 861184 ----a-w- c:\windows\system32\oleaut32.dll 2011-10-08 16:28 . 2010-12-18 05:31 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll 2011-10-08 16:28 . 2010-05-05 07:37 483840 ----a-w- c:\windows\system32\StructuredQuery.dll 2011-10-08 16:28 . 2010-05-05 06:46 363520 ----a-w- c:\windows\SysWow64\StructuredQuery.dll 2011-10-08 16:26 . 2011-04-09 06:58 142336 ----a-w- c:\windows\system32\poqexec.exe 2011-10-08 16:25 . 2011-03-03 06:17 182272 ----a-w- c:\windows\system32\dnsrslvr.dll 2011-10-08 16:24 . 2011-06-23 05:29 5507968 ----a-w- c:\windows\system32\ntoskrnl.exe 2011-10-08 16:24 . 2011-06-23 04:38 3957120 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe 2011-10-08 16:24 . 2011-06-23 04:38 3902336 ----a-w- c:\windows\SysWow64\ntoskrnl.exe 2011-10-08 16:24 . 2010-10-16 05:17 720896 ----a-w- c:\windows\system32\odbc32.dll 2011-10-08 16:24 . 2010-10-16 05:16 495616 ----a-w- c:\program files\Common Files\System\ado\msadox.dll 2011-10-08 16:24 . 2010-10-16 05:16 466944 ----a-w- c:\program files\Common Files\System\ado\msadomd.dll 2011-10-08 16:24 . 2010-10-16 05:16 1425408 ----a-w- c:\program files\Common Files\System\ado\msado15.dll 2011-10-08 16:24 . 2010-10-16 05:16 258048 ----a-w- c:\program files\Common Files\System\msadc\msadco.dll 2011-10-08 16:24 . 2010-10-16 04:34 573440 ----a-w- c:\windows\SysWow64\odbc32.dll 2011-10-08 16:24 . 2010-10-16 04:33 372736 ----a-w- c:\program files (x86)\Common Files\System\ado\msadox.dll 2011-10-08 16:24 . 2010-10-16 04:33 352256 ----a-w- c:\program files (x86)\Common Files\System\ado\msadomd.dll 2011-10-08 16:24 . 2010-10-16 04:33 987136 ----a-w- c:\program files (x86)\Common Files\System\ado\msado15.dll 2011-10-08 16:24 . 2010-10-16 04:33 208896 ----a-w- c:\program files (x86)\Common Files\System\msadc\msadco.dll 2011-10-08 16:21 . 2010-08-27 06:14 236032 ----a-w- c:\windows\system32\srvsvc.dll 2011-10-08 16:21 . 2010-08-27 05:46 9728 ----a-w- c:\windows\SysWow64\sscore.dll 2011-10-08 15:05 . 2011-10-08 15:05 -------- d-----w- c:\windows\system32\drivers\NSSx64 2011-10-08 15:05 . 2011-10-08 15:05 -------- d-----w- c:\programdata\NortonInstaller 2011-10-08 14:49 . 2011-10-08 14:49 -------- d-----w- c:\windows\SysWow64\wbem\en-US 2011-10-08 14:49 . 2011-10-08 14:49 -------- d-----w- c:\windows\system32\wbem\en-US 2011-10-08 14:46 . 2011-10-08 14:46 982912 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys . . . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2011-10-08 19:08 . 2011-05-21 10:19 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2011-08-08 16:41 . 2011-08-08 16:41 119808 ----a-r- c:\users\Romain\AppData\Roaming\Microsoft\Installer\{5F8683B5-5056-411C-B808-B289E29E9BBB}\icons.exe 2011-07-16 04:32 . 2011-10-08 16:27 44032 ----a-w- c:\windows\apppatch\acwow64.dll 2006-05-03 09:06 163328 --sh--r- c:\windows\SysWOW64\flvDX.dll 2007-02-21 10:47 31232 --sh--r- c:\windows\SysWOW64\msfDX.dll 2008-03-16 12:30 216064 --sh--r- c:\windows\SysWOW64\nbDX.dll . . ((((((((((((((((((((((((((((( SnapShot_2011-10-09_11.28.34 ))))))))))))))))))))))))))))))))))))))))) . + 2010-02-18 11:14 . 2011-10-09 15:22 49642 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin + 2009-07-14 05:10 . 2011-10-09 15:22 40852 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin + 2010-02-17 12:55 . 2011-10-09 15:22 16494 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-4161922021-3421606491-3562039713-1000_UserData.bin - 2009-07-14 05:30 . 2011-04-20 23:18 86016 c:\windows\system32\DriverStore\infpub.dat + 2009-07-14 05:30 . 2011-10-09 13:08 86016 c:\windows\system32\DriverStore\infpub.dat - 2010-02-17 12:19 . 2011-10-09 10:44 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2010-02-17 12:19 . 2011-10-09 13:56 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2010-02-17 12:19 . 2011-10-09 13:56 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2010-02-17 12:19 . 2011-10-09 10:44 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2009-07-14 04:54 . 2011-10-09 10:44 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2009-07-14 04:54 . 2011-10-09 13:56 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2009-07-14 04:46 . 2011-10-09 13:46 94496 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat - 2011-10-09 10:02 . 2011-10-09 10:02 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat + 2011-10-09 15:20 . 2011-10-09 15:20 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat + 2011-10-09 15:20 . 2011-10-09 15:20 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat - 2011-10-09 10:02 . 2011-10-09 10:02 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat + 2009-07-14 15:24 . 2011-10-09 13:08 708844 c:\windows\system32\perfh00C.dat + 2009-07-14 02:36 . 2011-10-09 13:08 619252 c:\windows\system32\perfh009.dat + 2009-07-14 15:24 . 2011-10-09 13:08 132060 c:\windows\system32\perfc00C.dat + 2009-07-14 02:36 . 2011-10-09 13:08 107572 c:\windows\system32\perfc009.dat - 2009-07-14 05:30 . 2011-04-20 23:18 143360 c:\windows\system32\DriverStore\infstrng.dat + 2009-07-14 05:30 . 2011-10-09 13:08 143360 c:\windows\system32\DriverStore\infstrng.dat - 2009-07-14 05:30 . 2011-04-20 23:18 143360 c:\windows\system32\DriverStore\infstor.dat + 2009-07-14 05:30 . 2011-10-09 13:08 143360 c:\windows\system32\DriverStore\infstor.dat - 2009-07-14 05:01 . 2011-10-09 09:20 481364 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat + 2009-07-14 05:01 . 2011-10-09 15:19 481364 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat + 2010-05-29 21:50 . 2011-10-09 15:19 3886716 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-4161922021-3421606491-3562039713-1000-12288.dat . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "msnmsgr"="c:\program files (x86)\Windows Live\Messenger\msnmsgr.exe" [2011-03-06 3872080] "Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2010-04-06 26102056] "DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2009-10-30 369200] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1475072] "3RVX"="c:\program files (x86)\3RVX\3RVX.exe" [2008-10-13 159232] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2010-02-17 36864] "Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-08-31 449608] "avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2011-04-21 281768] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ UltraMon.lnk - c:\windows\Installer\{B49673F8-7AB6-4A14-8213-C8A7BE370010}\IcoUltraMon.ico [2010-5-13 29310] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) "SoftwareSASGeneration"= 1 (0x1) . R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-08-31 366152] R3 driverhardwarev2x64;driverhardwarev2x64;c:\program files\ma-config.com\Drivers\driverhardwarev2x64.sys [2010-08-30 15872] R3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\x64\maconfservice.exe [2011-04-12 420864] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x] R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096] R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x] R3 vpcuxd;Service stub de virtualisation USB;c:\windows\system32\DRIVERS\vpcuxd.sys [x] R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [x] S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x] S2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2011-04-21 136360] S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [x] S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-04-08 2218600] S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-04-07 378472] S2 UltraMonUtility;UltraMon Utility Driver;c:\program files (x86)\Common Files\Realtime Soft\UltraMonMirrorDrv\x64\UltraMonUtility.sys [2008-11-14 20512] S3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller;c:\windows\system32\DRIVERS\l160x64.sys [x] . . . --------- x86-64 ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-12-10 9643552] . ------- Examen supplémentaire ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://www.google.fr/ mLocal Page = c:\windows\SysWOW64\blank.htm TCP: Interfaces\{CF80C607-4E0E-477D-8DD8-3761E49F4A9A}: NameServer = 192.168.1.1 FF - ProfilePath - c:\users\Romain\AppData\Roaming\Mozilla\Firefox\Profiles\exkjr8fp.default\ . - - - - ORPHELINS SUPPRIMES - - - - . Toolbar-Locked - (no file) SafeBoot-51897859.sys SafeBoot-57797113.sys Toolbar-Locked - (no file) AddRemove-ESET Online Scanner - c:\program files (x86)\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe AddRemove-NSS - c:\program files (x86)\Norton Security Scan\Engine\3.5.2.9\InstWrap.exe AddRemove-{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1 - c:\program files (x86)\Spybot - Search & Destroy\unins000.exe . . . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{95808DC4-FA4A-4C74-92FE-5B863F82066B}] "ImagePath"="\??\c:\program files (x86)\CyberLink\PowerDVD\000.fcl" . --------------------- CLES DE REGISTRE BLOQUEES --------------------- . [HKEY_USERS\S-1-5-21-4161922021-3421606491-3562039713-1000_Classes\Wow6432Node\CLSID\{0c704e45-6951-41c4-ad4f-cdc765cc9f91}] @Denied: (Full) (Everyone) @Allowed: (Read) (RestrictedCode) "Model"=dword:00000065 "Therad"=dword:0000001b "MData"=hex(0):73,d5,cf,b8,a4,07,89,80,31,e4,35,6b,2a,ca,fe,43,b6,1f,81,1f,5a, 1b,4d,36,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,\ . [HKEY_USERS\S-1-5-21-4161922021-3421606491-3562039713-1000_Classes\Wow6432Node\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}] @Denied: (Full) (Everyone) @Allowed: (Read) (RestrictedCode) "scansk"=hex(0):6a,c9,a7,64,1f,86,37,3d,72,5d,41,51,0e,13,5e,e4,ba,47,fd,fa,d4, ab,b6,0b,d0,4f,b6,cf,af,79,88,5b,f7,03,a4,87,4b,00,37,2b,00,00,00,00,00,00,\ . [HKEY_USERS\S-1-5-21-4161922021-3421606491-3562039713-1000_Classes\Wow6432Node\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}] @Denied: (Full) (Everyone) "scansk"=hex(0):9b,aa,90,d1,0e,e5,ba,b1,ea,3b,e0,f5,7c,06,c4,b0,30,61,f4,b0,dc, d4,23,91,2b,81,20,59,32,2f,3e,34,a6,3c,f5,f5,e2,e0,b6,03,00,00,00,00,00,00,\ . [HKEY_USERS\S-1-5-21-4161922021-3421606491-3562039713-1000_Classes\Wow6432Node\CLSID\{d8769d7f-0009-414a-abe6-78c85588ca87}] @Denied: (Full) (Everyone) @Allowed: (Read) (RestrictedCode) "Model"=dword:0000008d "Therad"=dword:00000014 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BEB3C0C7-B648-4257-96D9-B5D024816E27}\Version*Version] "Version"=hex:d7,10,c1,7a,6a,6d,3d,67,92,ee,6f,e4,8a,6c,4b,a2,ba,bb,5b,98,c8, 5e,05,5a,7b,48,a3,8d,8b,f3,43,05,5c,f5,03,84,68,d3,80,57,a3,9b,9c,e5,a5,57,\ . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11c_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11c_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Minnetonka Audio Software\SurCode Dolby Digital Premiere\Version*Version] "Version"=hex:d7,10,c1,7a,6a,6d,3d,67,92,ee,6f,e4,8a,6c,4b,a2,ba,bb,5b,98,c8, 5e,05,5a,7b,48,a3,8d,8b,f3,43,05,5c,f5,03,84,68,d3,80,57,a3,9b,9c,e5,a5,57,\ . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Autres processus actifs ------------------------ . c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\program files (x86)\Bonjour\mDNSResponder.exe c:\windows\SysWOW64\PnkBstrA.exe c:\program files (x86)\Panda USB Vaccine\USBVaccine.exe c:\program files (x86)\Common Files\Realtime Soft\RTSHookInterop\x32\RTSHookInterop.exe c:\program files (x86)\VideoLAN\VLC\vlc.exe . ************************************************************************** . Heure de fin: 2011-10-09 17:41:30 - La machine a redémarré ComboFix-quarantined-files.txt 2011-10-09 15:41 ComboFix2.txt 2011-10-09 11:45 ComboFix3.txt 2011-10-08 09:51 ComboFix4.txt 2011-07-10 13:14 ComboFix5.txt 2011-10-09 14:04 . Avant-CF: 55 825 408 000 octets libres Après-CF: 55 681 044 480 octets libres . - - End Of File - - 9422BF9D5BE5AD61E63B7721E692CECC