Combofix :
--------------------
ComboFix 13-05-16.02 - Andrea 18.05.2013 3:30.1.4 - x64
Microsoft Windows 7 Édition Familiale Premium 6.1.7601.1.1252.41.1036.18.4095.2479 [GMT 2:00]
Lancé depuis: c:\users\Andrea\Downloads\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\program files (x86)\Complitly
c:\program files (x86)\Complitly\chrome\ComplitlyChrome.crx
c:\program files (x86)\Complitly\FireFoxExtension.exe
c:\program files (x86)\Complitly\InstTracker.exe
c:\program files (x86)\Complitly\
support@Complitly.com\chrome.manifest
c:\program files (x86)\Complitly\
support@Complitly.com\chrome\content\appIcon.png
c:\program files (x86)\Complitly\
support@Complitly.com\chrome\content\browserOverlay.xul
c:\program files (x86)\Complitly\
support@Complitly.com\chrome\content\options.js
c:\program files (x86)\Complitly\
support@Complitly.com\chrome\content\options.xul
c:\program files (x86)\Complitly\
support@Complitly.com\chrome\content\utils.js
c:\program files (x86)\Complitly\
support@Complitly.com\defaults\preferences\predictad.js
c:\program files (x86)\Complitly\
support@Complitly.com\install.rdf
c:\program files (x86)\Complitly\unins000.dat
c:\program files (x86)\Complitly\unins000.exe
c:\program files (x86)\searchweb\tbunscADA.tmp\tbHElper.dll
c:\users\Andrea\AppData\Roaming\cacaoweb
c:\users\Andrea\AppData\Roaming\cacaoweb\cacaoweb.exe
c:\users\Andrea\AppData\Roaming\cacaoweb\errorlog.txt
c:\users\Andrea\AppData\Roaming\cacaoweb\npdfile.dat
c:\users\Andrea\AppData\Roaming\cacaoweb\replicating102017C4736805ADFF6A6DD9E00BE315.cacao
c:\users\Andrea\AppData\Roaming\cacaoweb\replicating1CBA09C88CEC85767BCBF38F1B8B4F14.cacao
c:\users\Andrea\AppData\Roaming\cacaoweb\replicating1D11FBB853C7867FF281811C65BB12FA.cacao
c:\users\Andrea\AppData\Roaming\cacaoweb\replicating1D42AC2C321FFBFEF5E2F0607521D53C.cacao
c:\users\Andrea\AppData\Roaming\cacaoweb\replicating2FB4A145F6471999EFB78ED544FB38AC.cacao
c:\users\Andrea\AppData\Roaming\cacaoweb\replicating489870EF3FE94727D06F4C5A91BCCD10.cacao
c:\users\Andrea\AppData\Roaming\cacaoweb\replicating4EC0421820AC3ECCEE42404E756CA56F.cacao
c:\users\Andrea\AppData\Roaming\cacaoweb\replicating7F5D81A1EFF676FCA380D4CA93B3B536.cacao
c:\users\Andrea\AppData\Roaming\cacaoweb\replicating83AC4A176B3B79955740930D56CE3CF1.cacao
c:\users\Andrea\AppData\Roaming\cacaoweb\replicating8CA96CF716F6D4BE5814175F890EFB43.cacao
c:\users\Andrea\AppData\Roaming\cacaoweb\replicatingE0F769941F6862AFC70F539CBB5D9C06.cacao
c:\users\Andrea\AppData\Roaming\cacaoweb\replicatingF052C0B04887B2405504AA2C4463BE9A.cacao
c:\users\Andrea\AppData\Roaming\cacaoweb\replicatingF3014E60E3BF97186CC837126054735D.cacao
c:\users\Andrea\AppData\Roaming\cacaoweb\replicatingFC30B5732AB8CC6CC2F89A11E376AC54.cacao
c:\users\Andrea\AppData\Roaming\cacaoweb\storage.db
c:\users\Andrea\AppData\Roaming\Microsoft\Network\Connections\Pbk\_hiddenPbk
c:\users\Andrea\AppData\Roaming\Microsoft\Network\Connections\Pbk\_hiddenPbk\rasphone.pbk
.
Une copie infectée de c:\windows\System32\AtBroker.exe a été trouvée et désinfectée
Copie restaurée à partir de - c:\windows\winsxs\amd64_microsoft-windows-atbroker_31bf3856ad364e35_6.1.7600.16385_none_2b95a17838063e9b\AtBroker.exe
.
Une copie infectée de c:\windows\System32\autoconv.exe a été trouvée et désinfectée
Copie restaurée à partir de - c:\windows\winsxs\amd64_microsoft-windows-convert_31bf3856ad364e35_6.1.7601.17514_none_fafb502abef1be40\autoconv.exe
.
Une copie infectée de c:\windows\System32\bitsadmin.exe a été trouvée et désinfectée
Copie restaurée à partir de - c:\windows\winsxs\amd64_microsoft-windows-bits-bitsadmin_31bf3856ad364e35_6.1.7601.17514_none_ab379671230b963f\bitsadmin.exe
.
Une copie infectée de c:\windows\System32\bootcfg.exe a été trouvée et désinfectée
Copie restaurée à partir de - c:\windows\winsxs\amd64_microsoft-windows-bootconfig_31bf3856ad364e35_6.1.7600.16385_none_680b6eb133f91b1b\bootcfg.exe
.
Une copie infectée de c:\windows\System32\chkntfs.exe a été trouvée et désinfectée
Copie restaurée à partir de - c:\windows\winsxs\amd64_microsoft-windows-autochkconfigurator_31bf3856ad364e35_6.1.7600.16385_none_74b76d3fa1757c6f\chkntfs.exe
.
Une copie infectée de c:\windows\System32\clip.exe a été trouvée et désinfectée
Copie restaurée à partir de - c:\windows\winsxs\amd64_microsoft-windows-clip_31bf3856ad364e35_6.1.7600.16385_none_03d0d3c435b27637\clip.exe
.
Une copie infectée de c:\windows\System32\ddodiag.exe a été trouvée et désinfectée
Copie restaurée à partir de - c:\windows\winsxs\amd64_microsoft-windows-ddodiag_31bf3856ad364e35_6.1.7600.16385_none_924b83b9b69fb351\ddodiag.exe
.
Une copie infectée de c:\windows\System32\DeviceProperties.exe a été trouvée et désinfectée
Copie restaurée à partir de - c:\windows\winsxs\amd64_microsoft-windows-deviceproperties_31bf3856ad364e35_6.1.7600.16385_none_463f54aa539a0b62\DeviceProperties.exe
.
Une copie infectée de c:\windows\System32\diantz.exe a été trouvée et désinfectée
Copie restaurée à partir de - c:\windows\winsxs\amd64_microsoft-windows-diantz_31bf3856ad364e35_6.1.7600.16385_none_02bb0612dc529329\diantz.exe
.
Une copie infectée de c:\windows\System32\diskpart.exe a été trouvée et désinfectée
Copie restaurée à partir de - c:\windows\winsxs\amd64_microsoft-windows-diskpart_31bf3856ad364e35_6.1.7601.17514_none_c6fe6ac9ac8c7105\diskpart.exe
.
Une copie infectée de c:\windows\System32\DpiScaling.exe a été trouvée et désinfectée
Copie restaurée à partir de - c:\windows\winsxs\amd64_microsoft-windows-dpiscaling_31bf3856ad364e35_6.1.7600.16385_none_d63cc4dd74a11d0b\DpiScaling.exe
.
Une copie infectée de c:\windows\System32\dxdiag.exe a été trouvée et désinfectée
Copie restaurée à partir de - c:\windows\winsxs\amd64_microsoft-windows-d..x-directxdiagnostic_31bf3856ad364e35_6.1.7601.17514_none_81e99da174638311\dxdiag.exe
.
Une copie infectée de c:\windows\System32\eudcedit.exe a été trouvée et désinfectée
Copie restaurée à partir de - c:\windows\winsxs\amd64_microsoft-windows-eudcedit_31bf3856ad364e35_6.1.7601.17514_none_b7be8a14d61db17a\eudcedit.exe
.
Une copie infectée de c:\windows\System32\extrac32.exe a été trouvée et désinfectée
Copie restaurée à partir de - c:\windows\winsxs\amd64_microsoft-windows-extrac32_31bf3856ad364e35_6.1.7600.16385_none_371e8c461d966a55\extrac32.exe
.
Une copie infectée de c:\windows\System32\fontview.exe a été trouvée et désinfectée
Copie restaurée à partir de - c:\windows\winsxs\amd64_microsoft-windows-fontview_31bf3856ad364e35_6.1.7600.16385_none_a058fee6d0280cab\fontview.exe
.
Une copie infectée de c:\windows\System32\LocationNotifications.exe a été trouvée et désinfectée
Copie restaurée à partir de - c:\windows\winsxs\amd64_microsoft-windows-m..cationnotifications_31bf3856ad364e35_6.1.7600.16385_none_737951ab23cf8ea0\LocationNotifications.exe
.
Une copie infectée de c:\windows\System32\Magnify.exe a été trouvée et désinfectée
Copie restaurée à partir de - c:\windows\winsxs\amd64_microsoft-windows-magnify_31bf3856ad364e35_6.1.7600.16385_none_ca22c913b260e66a\Magnify.exe
.
Une copie infectée de c:\windows\System32\MigAutoPlay.exe a été trouvée et désinfectée
Copie restaurée à partir de - c:\windows\winsxs\amd64_microsoft-windows-m..onwizardapplication_31bf3856ad364e35_6.1.7601.17514_none_18a11c58aaf4d08c\MigAutoPlay.exe
.
Une copie infectée de c:\windows\System32\mmc.exe a été trouvée et désinfectée
Copie restaurée à partir de - c:\windows\winsxs\amd64_microsoft-windows-m..-management-console_31bf3856ad364e35_6.1.7600.16385_none_6b683cb78f534561\mmc.exe
.
Une copie infectée de c:\windows\System32\migwiz\mighost.exe a été trouvée et désinfectée
Copie restaurée à partir de - c:\windows\winsxs\amd64_microsoft-windows-migrationengine_31bf3856ad364e35_6.1.7601.17514_none_b6cddd21f1df8715\mighost.exe
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2013-04-18 au 2013-05-18 ))))))))))))))))))))))))))))))))))))
.
.
2013-05-18 01:40 . 2013-05-18 01:40 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-05-18 01:40 . 2013-05-18 01:40 -------- d-----w- c:\users\hedev\AppData\Local\temp
2013-05-18 00:44 . 2013-05-18 00:44 8576000 ----a-w- c:\windows\SysWow64\qtgui4.dll
2013-05-18 00:44 . 2013-05-18 00:44 -------- d-----w- c:\users\Andrea\AppData\Roaming\dll-files.com
2013-05-18 00:44 . 2013-05-18 00:44 -------- d-----w- c:\programdata\Logs
2013-05-18 00:44 . 2013-04-11 14:12 19392 ----a-w- c:\windows\system32\roboot64.exe
2013-05-18 00:44 . 2013-05-18 00:44 -------- d-----w- c:\program files (x86)\Dll-Files.com Fixer
2013-05-17 22:54 . 2013-05-17 22:54 -------- d-----w- c:\users\Andrea\AppData\Roaming\Malwarebytes
2013-05-17 22:54 . 2013-05-17 22:54 -------- d-----w- c:\programdata\Malwarebytes
2013-05-17 22:54 . 2013-04-04 12:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-05-17 22:54 . 2013-05-17 22:54 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-05-17 15:17 . 2013-05-17 15:17 -------- d-----w- C:\Games
2013-05-17 12:26 . 2013-05-13 06:37 9460464 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{49C36CFE-44A7-40E6-9662-DBF20C3CDD8E}\mpengine.dll
2013-05-17 01:01 . 2013-05-05 21:36 17818624 ----a-w- c:\windows\system32\mshtml.dll
2013-05-17 01:01 . 2013-05-05 21:16 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2013-05-17 01:01 . 2013-05-05 19:12 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2013-05-16 10:05 . 2013-02-27 04:49 1796096 ----a-w- c:\windows\SysWow64\authui.dll
2013-05-16 10:05 . 2013-02-27 06:02 111448 ----a-w- c:\windows\system32\consent.exe
2013-05-16 10:05 . 2013-02-27 05:52 14172672 ----a-w- c:\windows\system32\shell32.dll
2013-05-16 10:05 . 2013-02-27 05:52 197120 ----a-w- c:\windows\system32\shdocvw.dll
2013-05-16 10:05 . 2013-02-27 05:48 1930752 ----a-w- c:\windows\system32\authui.dll
2013-05-16 10:05 . 2013-02-27 05:47 70144 ----a-w- c:\windows\system32\appinfo.dll
2013-05-16 10:04 . 2013-04-10 06:01 265064 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2013-05-16 10:04 . 2013-04-10 06:01 983400 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2013-05-16 10:04 . 2011-02-03 11:25 144384 ----a-w- c:\windows\system32\cdd.dll
2013-05-16 10:04 . 2013-04-10 03:30 3153920 ----a-w- c:\windows\system32\win32k.sys
2013-05-16 10:02 . 2013-03-19 05:53 48640 ----a-w- c:\windows\system32\wwanprotdim.dll
2013-05-16 10:02 . 2013-03-19 05:53 230400 ----a-w- c:\windows\system32\wwansvc.dll
2013-05-03 17:20 . 2013-05-03 17:20 -------- d-----w- c:\program files\eFusion
2013-05-03 17:03 . 2013-05-03 17:03 -------- d-----w- c:\program files\SD EnterNET
2013-05-03 16:52 . 2013-05-18 01:41 -------- d-----w- c:\users\Andrea\AppData\Local\PMB Files
2013-05-03 16:52 . 2013-05-03 16:52 -------- d-----w- c:\programdata\PMB Files
2013-05-03 16:52 . 2013-05-03 16:52 -------- d-----w- c:\program files (x86)\Pando Networks
2013-04-25 15:24 . 2013-04-25 15:24 -------- d-----w- c:\program files (x86)\Common Files\Skype
2013-04-24 15:27 . 2013-04-12 14:45 1656680 ----a-w- c:\windows\system32\drivers\ntfs.sys
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-17 16:16 . 2013-02-10 01:16 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-05-17 16:16 . 2013-02-10 01:16 866720 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-05-17 16:16 . 2011-09-27 16:44 788896 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-05-17 15:56 . 2009-07-13 23:33 67072 ----a-w- c:\windows\SysWow64\CertEnrollCtrl.exe
2013-05-17 15:56 . 2009-07-13 23:52 44032 ----a-w- c:\windows\SysWow64\FwRemoteSvr.dll
2013-05-14 23:09 . 2012-03-30 15:14 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-05-14 23:09 . 2011-09-27 16:53 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-05-14 13:32 . 2011-03-28 16:36 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-05-03 14:15 . 2011-09-27 08:44 75016696 ----a-w- c:\windows\system32\MRT.exe
2013-05-02 00:06 . 2010-11-21 03:27 278800 ------w- c:\windows\system32\MpSigStub.exe
2013-04-13 05:49 . 2013-05-16 10:03 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-04-13 05:49 . 2013-05-16 10:03 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-04-13 05:49 . 2013-05-16 10:03 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-04-13 05:49 . 2013-05-16 10:03 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-04-13 04:45 . 2013-05-16 10:03 474624 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-04-13 04:45 . 2013-05-16 10:03 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-03-19 06:04 . 2013-04-10 21:04 5550424 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-03-19 05:46 . 2013-04-10 21:04 43520 ----a-w- c:\windows\system32\csrsrv.dll
2013-03-19 05:04 . 2013-04-10 21:04 3968856 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-03-19 05:04 . 2013-04-10 21:04 3913560 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-03-19 04:47 . 2013-04-10 21:04 6656 ----a-w- c:\windows\SysWow64\apisetschema.dll
2013-03-19 03:06 . 2013-04-10 21:04 112640 ----a-w- c:\windows\system32\smss.exe
2013-02-25 22:32 . 2013-02-25 22:32 25256224 ----a-w- c:\windows\system32\nvcompiler.dll
2013-02-25 22:32 . 2013-02-25 22:32 2505144 ----a-w- c:\windows\SysWow64\nvapi.dll
2013-02-25 22:32 . 2013-02-25 22:32 15129960 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2013-02-25 22:32 . 2013-02-25 22:32 6262608 ----a-w- c:\windows\SysWow64\nvopencl.dll
2013-02-25 22:32 . 2013-02-25 22:32 2826040 ----a-w- c:\windows\system32\nvapi64.dll
2013-02-25 22:32 . 2013-02-25 22:32 18055184 ----a-w- c:\windows\system32\nvd3dumx.dll
2013-02-25 22:32 . 2011-09-27 11:33 1814304 ----a-w- c:\windows\system32\nvdispco64.dll
2013-02-25 22:32 . 2013-02-25 22:32 2720544 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2013-02-25 22:32 . 2013-02-25 22:32 26929440 ----a-w- c:\windows\system32\nvoglv64.dll
2013-02-25 22:32 . 2013-02-25 22:32 7932256 ----a-w- c:\windows\SysWow64\nvcuda.dll
2013-02-25 22:32 . 2013-02-25 22:32 2346784 ----a-w- c:\windows\system32\nvcuvenc.dll
2013-02-25 22:32 . 2013-02-25 22:32 11036448 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2013-02-25 22:32 . 2012-10-10 20:23 1510176 ----a-w- c:\windows\system32\nvdispgenco64.dll
2013-02-25 22:32 . 2013-02-25 22:32 2904352 ----a-w- c:\windows\system32\nvcuvid.dll
2013-02-25 22:32 . 2013-02-25 22:32 20449056 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2013-02-25 22:32 . 2013-02-25 22:32 15053264 ----a-w- c:\windows\system32\nvwgf2umx.dll
2013-02-25 22:32 . 2013-02-25 22:32 17560352 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2013-02-25 22:32 . 2013-02-25 22:32 7564040 ----a-w- c:\windows\system32\nvopencl.dll
2013-02-25 22:32 . 2013-02-25 22:32 1985824 ----a-w- c:\windows\SysWow64\nvcuvenc.dll
2013-02-25 22:32 . 2013-02-25 22:32 12641992 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2013-02-25 22:32 . 2013-02-25 22:32 9390760 ----a-w- c:\windows\system32\nvcuda.dll
2013-02-18 20:13 . 2012-09-03 16:14 39768 ----a-w- c:\windows\system32\drivers\avgtpx64.sys
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2009-07-14 01:15 . C028E7E88424517078C6D51F4B382996 . 12288 . . [------] .. c:\windows\SysWOW64\cngaudit.dll
[-] 2009-07-14 01:15 . C028E7E88424517078C6D51F4B382996 . 12288 . . [------] .. c:\windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
.
[-] 2010-11-21 03:24 . F84EBB1A4CAC35C33B352CAAB4B6BF92 . 954288 . . [------] .. c:\windows\SysWOW64\mfc40u.dll
[-] 2010-11-21 03:24 . F84EBB1A4CAC35C33B352CAAB4B6BF92 . 954288 . . [------] .. c:\windows\winsxs\x86_microsoft-windows-mfc40u_31bf3856ad364e35_6.1.7601.17514_none_f51a7bf0b3d25294\mfc40u.dll
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{ef79f67a-6ad7-4715-a0f8-932fca442023}"= "c:\program files (x86)\BittorrentBar_FR\prxtbBitt.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{ef79f67a-6ad7-4715-a0f8-932fca442023}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{00000001-AB3B-4334-9DA2-EC6B2A02AFC6}]
2011-09-21 18:04 1257752 ----a-w- c:\program files (x86)\FileServe Manager\FileServeBHO.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{74322BF9-DF26-493f-B0DA-6D2FC5E6429E}]
2011-08-09 10:36 1235376 ----a-w- c:\progra~2\BEARSH~1\MediaBar\Datamngr\IEBHO.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
2013-02-18 20:13 1929392 ----a-w- c:\program files (x86)\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{C0924543-15FD-4F3D-889C-0B4562A9CB45}]
2011-08-23 14:33 2656256 ------w- c:\program files (x86)\searchweb\tbunscADA.tmp\tbcore3.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}]
2011-05-30 13:48 87480 ----a-w- c:\progra~2\BEARSH~1\MediaBar\Datamngr\ToolBar\bsdtxmltbpi.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{ef79f67a-6ad7-4715-a0f8-932fca442023}]
2011-05-09 08:49 176936 ----a-w- c:\program files (x86)\BittorrentBar_FR\prxtbBitt.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}]
2011-12-09 01:11 194848 ----a-w- c:\program files (x86)\Yontoo\YontooIEClient.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}"= "c:\progra~2\BEARSH~1\MediaBar\Datamngr\ToolBar\bsdtxmltbpi.dll" [2011-05-30 87480]
"{CDB982ED-F9D6-4E3B-B94B-96F705D35AD1}"= "c:\program files (x86)\searchweb\tbunscADA.tmp\tbcore3.dll" [2011-08-23 2656256]
"{ef79f67a-6ad7-4715-a0f8-932fca442023}"= "c:\program files (x86)\BittorrentBar_FR\prxtbBitt.dll" [2011-05-09 176936]
"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files (x86)\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll" [2013-02-18 1929392]
.
[HKEY_CLASSES_ROOT\clsid\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}]
.
[HKEY_CLASSES_ROOT\clsid\{cdb982ed-f9d6-4e3b-b94b-96f705d35ad1}]
[HKEY_CLASSES_ROOT\TBSB02609.TBSB02609.3]
[HKEY_CLASSES_ROOT\TypeLib\{EC4085F2-8DB3-45a6-AD0B-CA289F3C5D7E}]
[HKEY_CLASSES_ROOT\TBSB02609.TBSB02609]
.
[HKEY_CLASSES_ROOT\clsid\{ef79f67a-6ad7-4715-a0f8-932fca442023}]
.
[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2012-11-04 16:47 2042528 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2012-11-04 16:47 2042528 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2012-11-04 16:47 2042528 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\program files (x86)\Steam\Steam.exe" [2013-05-03 1635752]
"EADM"="c:\program files (x86)\Origin\Origin.exe" [2011-10-18 28628104]
"ISUSPM"="c:\programdata\FLEXnet\Connect\11\ISUSPM.exe" [2009-05-05 222496]
"SkyDrive"="c:\users\Andrea\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" [2013-04-26 256600]
"Pando Media Booster"="c:\program files (x86)\Pando Networks\Media Booster\PMB.exe" [2013-05-03 3093624]
"KPeerNexonEU"="c:\nexon\NEXON_EU_Downloader\nxEULauncher.exe" [2013-05-17 438272]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-04-29 284440]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-08-21 4282728]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"FileServe Manager Task"="c:\program files (x86)\FileServe Manager\FSStarter.exe" [2011-09-21 954648]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-10-11 59280]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-10-09 421736]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"LogitechQuickCamRibbon"="c:\program files\Logitech\Logitech WebCam Software\LWS.exe" [2009-10-14 2793304]
"vProt"="c:\program files (x86)\AVG Secure Search\vprot.exe" [2013-02-18 1151152]
"Communicator"="c:\program files (x86)\Microsoft Lync\communicator.exe" [2013-04-11 12107432]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-10-25 421888]
"IndexSearch"="c:\program files (x86)\Nuance\PaperPort\IndexSearch.exe" [2010-03-08 46368]
"PaperPort PTD"="c:\program files (x86)\Nuance\PaperPort\pptd40nt.exe" [2010-03-08 29984]
"PPort12reminder"="c:\program files (x86)\Nuance\PaperPort\Ereg\Ereg.exe" [2010-02-09 328992]
"PDFHook"="c:\program files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe" [2010-03-05 636192]
"PDF5 Registry Controller"="c:\program files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe" [2010-03-05 62752]
"ControlCenter4"="c:\program files (x86)\ControlCenter4\BrCcBoot.exe" [2011-04-20 139264]
"BrStsMon00"="c:\program files (x86)\Browny02\Brother\BrStMonW.exe" [2010-06-10 2621440]
.
c:\users\Andrea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Roulettechat Adultes.lnk - c:\program files (x86)\roulettechat\roulettechat.exe [2012-10-10 17524176]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\progra~2\BEARSH~1\MediaBar\Datamngr\datamngr.dll c:\progra~2\BEARSH~1\MediaBar\Datamngr\IEBHO.dll
.
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2013-03-01 161384]
R3 BrYNSvc;BrYNSvc;c:\program files (x86)\Browny02\BrYNSvc.exe [2010-01-25 245760]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-09-11 178808]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2011-08-02 51712]
R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2011-09-27 1255736]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys [2013-02-18 39768]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-08-21 71600]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-04-29 13592]
S2 LVPrcS64;Process Monitor;c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [2009-10-06 191000]
S2 OfficeSvc;Microsoft Office Service;c:\program files\Microsoft Office 15\ClientX64\integratedoffice.exe [2012-09-11 1494144]
S2 PDFProFiltSrvPP;PDFProFiltSrvPP;c:\program files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [2010-03-08 144672]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-01-18 383264]
S2 vToolbarUpdater14.2.0;vToolbarUpdater14.2.0;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe [2013-02-18 968880]
S3 lvpopf64;Logitech POP Suppression Filter;c:\windows\system32\DRIVERS\lvpopf64.sys [2007-05-11 1361952]
S3 LVPr2M64;Logitech LVPr2M64 Driver;c:\windows\system32\DRIVERS\LVPr2M64.sys [2009-10-06 30232]
S3 LVUSBS64;Logitech USB Monitor Filter;c:\windows\system32\drivers\LVUSBS64.sys [2007-05-11 50208]
S3 LVUVC64;Logitech QuickCam Fusion(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys [2007-05-11 3612704]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-03-01 187392]
.
.
--- Autres Services/Pilotes en mémoire ---
.
*NewlyCreated* - WS2IFSL
.
Contenu du dossier 'Tâches planifiées'
.
2013-05-18 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-30 23:09]
.
2013-05-18 c:\windows\Tasks\DLL-Files.Com Fixer_MONTHLY.job
- c:\program files (x86)\Dll-Files.com Fixer\DLLFixer.exe [2013-05-18 14:12]
.
2013-05-18 c:\windows\Tasks\DLL-Files.Com Fixer_Updates.job
- c:\program files (x86)\Dll-Files.com Fixer\DLLFixer.exe [2013-05-18 14:12]
.
2013-05-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-07-21 19:17]
.
2013-05-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-07-21 19:17]
.
2013-05-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1356140123-1956174812-4015511781-1000Core.job
- c:\users\Andrea\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-28 07:40]
.
2013-05-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1356140123-1956174812-4015511781-1000UA.job
- c:\users\Andrea\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-28 07:40]
.
2013-05-18 c:\windows\Tasks\One-Click Tweak.job
- c:\program files (x86)\Advanced PC Tweaker\OneClick.exe [2013-05-17 08:02]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{74322BF9-DF26-493f-B0DA-6D2FC5E6429E}]
2011-08-09 10:36 1792944 ----a-w- c:\progra~2\BEARSH~1\MediaBar\Datamngr\x64\IEBHO.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2012-11-04 16:42 2860192 ----a-w- c:\program files\Microsoft Office 15\root\office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2012-11-04 16:42 2860192 ----a-w- c:\program files\Microsoft Office 15\root\office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2012-11-04 16:42 2860192 ----a-w- c:\program files\Microsoft Office 15\root\office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-08-21 09:11 133400 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\progra~2\BEARSH~1\MediaBar\Datamngr\x64\datamngr.dll c:\progra~2\BEARSH~1\MediaBar\Datamngr\x64\IEBHO.dll
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
FontCache
.
------- Examen supplémentaire -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://search.babylon.com/?babsrc=HP_Prot
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: Download with FileServe Manager - c:\program files (x86)\FileServe Manager\GetUrl.htm
IE: E&xport to Microsoft Excel - c:\program files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\program files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
IE: {{90EAE591-7E7E-434a-8E28-ECFD00071806} - c:\program files (x86)\PokerStars.FR\PokerStarsUpdate.exe
IE: {{CDB982ED-F9D6-4E3B-B94B-96F705D35AD1} - {CDB982ED-F9D6-4E3B-B94B-96F705D35AD1} - c:\program files (x86)\searchweb\tbunscADA.tmp\tbcore3.dll
TCP: DhcpNameServer = 192.168.1.1
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\14.2.0\ViProtocol.dll
FF - ProfilePath - c:\users\Andrea\AppData\Roaming\Mozilla\Firefox\Profiles\8l77qmym.default-1350828278218\
.
- - - - ORPHELINS SUPPRIMES - - - -
.
Toolbar-10 - (no file)
Toolbar-10 - (no file)
WebBrowser-{EF79F67A-6AD7-4715-A0F8-932FCA442023} - (no file)
AddRemove-{4FFBB818-B13C-11E0-931D-B2664824019B}_is1 - c:\program files (x86)\Complitly\unins000.exe
.
.
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Autres processus actifs ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
.
**************************************************************************
.
Heure de fin: 2013-05-18 03:47:57 - La machine a redémarré
ComboFix-quarantined-files.txt 2013-05-18 01:47
.
Avant-CF: 307'296'669'696 octets libres
Après-CF: 368'784'101'376 octets libres
.
- - End Of File - - 4DAED29C21D4E098871999022D0B2009