Suppression impossible avec usbfix
Utilisateur anonyme
-
Utilisateur anonyme -
Utilisateur anonyme -
Bonjour,
il fallait bien qu'un jour je demande de l'aide lol
voila j'ai fait tourner DrWeb qui a tout simplement éteint le pc , usbfix ne fonctionne qu'en mode recherche et Combofix n'a pas trouvé grand chose
si quelqu'un a une idée.......
ComboFix 10-07-13.08 - Thierry 14/07/2010 14:01:54.1.2 - x86
Microsoft Windows 7 Édition Intégrale 6.1.7600.0.1252.33.1036.18.2038.1315 [GMT 2:00]
Lancé depuis: c:\users\Thierry\Desktop\ComboFix.exe
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\system volume information\WindowsImageBackup
.
((((((((((((((((((((((((((((( Fichiers créés du 2010-06-14 au 2010-07-14 ))))))))))))))))))))))))))))))))))))
.
2010-07-13 14:57 . 2010-07-13 14:57 85640 ----a-w- c:\users\Thierry\AppData\Local\GDIPFONTCACHEV1.DAT
2010-07-13 09:10 . 2010-07-13 12:47 -------- d-----w- C:\Kill'em
2010-07-13 09:09 . 2010-07-13 18:19 -------- d-----w- c:\program files\List_Kill'em
2010-07-13 05:10 . 2009-12-08 11:32 292864 ----a-w- c:\windows\system32\apphelp.dll
2010-07-10 12:56 . 2010-07-10 12:56 -------- d-----w- c:\program files\Lexmark Fax Solutions
2010-07-10 12:39 . 2010-07-10 17:35 -------- d-----w- c:\program files\Lx_cats
2010-07-10 12:33 . 2010-07-10 13:28 -------- d-----w- c:\program files\Lexmark 2300 Series
2010-07-10 12:33 . 2010-07-11 18:14 -------- d-----w- c:\temp\{9F5FBC24-EFE2-4f90-B498-EC0FB7D47D15}
2010-07-09 15:00 . 2010-07-09 20:57 -------- d-----w- C:\UsbFix
2010-07-09 13:18 . 2000-06-25 18:21 176128 ----a-w- c:\windows\system32\MSTEXT35.DLL
2010-07-09 13:18 . 2000-06-25 18:21 430080 ----a-w- c:\windows\system32\MSREPL35.DLL
2010-07-09 13:18 . 2000-06-25 18:21 266240 ----a-w- c:\windows\system32\MSEXCL35.DLL
2010-07-09 13:18 . 2000-04-26 14:34 250128 ----a-w- c:\windows\system32\MSPDOX35.DLL
2010-07-09 13:18 . 2000-04-26 14:34 168720 ----a-w- c:\windows\system32\MSLTUS35.DLL
2010-07-09 13:18 . 1999-08-22 00:44 385024 ----a-w- c:\windows\system32\VBAR332.DLL
2010-07-09 13:18 . 1999-08-22 00:44 262144 ----a-w- c:\windows\system32\MSRD2X35.DLL
2010-07-09 13:18 . 1999-08-22 00:44 294912 ----a-w- c:\windows\system32\MSXBSE35.DLL
2010-07-09 13:18 . 1998-06-17 23:00 89360 ----a-w- c:\windows\system32\VB5DB.DLL
2010-07-09 13:18 . 2000-07-19 08:00 149776 ----a-w- c:\windows\system32\MSJINT35.DLL
2010-07-09 13:18 . 2000-06-08 16:00 1064960 ----a-w- c:\windows\system32\MSJET35.DLL
2010-07-09 13:18 . 1999-06-10 06:34 24848 ----a-w- c:\windows\system32\MSJTER35.DLL
2010-07-09 13:17 . 1998-10-01 13:22 304128 ----a-w- c:\windows\unin040c.exe
2010-07-09 12:53 . 2010-07-09 20:57 -------- d-----w- c:\program files\Common Files\Sage
2010-07-09 12:53 . 2008-11-03 10:22 262144 ----a-w- c:\windows\system32\mlcorert.dll
2010-07-09 12:53 . 2010-07-10 10:39 -------- d-----w- c:\program files\Ciel
2010-07-09 12:52 . 2010-07-09 20:57 -------- d-----w- c:\program files\Common Files\InstallShield
2010-06-23 14:12 . 2009-11-25 10:47 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2010-06-23 14:12 . 2009-11-25 10:47 49472 ----a-w- c:\windows\system32\netfxperf.dll
2010-06-23 14:12 . 2009-11-25 10:47 297808 ----a-w- c:\windows\system32\mscoree.dll
2010-06-23 14:12 . 2009-11-25 10:47 295264 ----a-w- c:\windows\system32\PresentationHost.exe
2010-06-23 14:12 . 2009-11-25 10:47 1130824 ----a-w- c:\windows\system32\dfshim.dll
2010-06-23 10:02 . 2010-03-24 06:37 1286456 ----a-w- c:\windows\system32\ntdll.dll
2010-06-23 10:02 . 2010-05-09 09:14 641536 ----a-w- c:\windows\system32\CPFilters.dll
2010-06-23 10:02 . 2010-05-09 09:14 417792 ----a-w- c:\windows\system32\msdri.dll
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-07-14 12:05 . 2009-07-14 08:39 704480 ----a-w- c:\windows\system32\perfh00C.dat
2010-07-14 12:05 . 2009-07-14 08:39 130754 ----a-w- c:\windows\system32\perfc00C.dat
2010-07-11 20:51 . 2010-05-25 20:16 -------- d-----w- c:\users\Thierry\AppData\Roaming\vlc
2010-07-03 23:08 . 2010-05-25 16:13 -------- d-----w- c:\program files\CCleaner
2010-07-03 23:07 . 2010-05-25 16:05 -------- d-----w- c:\program files\Defraggler
2010-07-03 23:01 . 2010-05-25 18:47 -------- d-----w- c:\program files\Shareaza
2010-06-26 01:02 . 2010-05-26 10:01 -------- d-----w- c:\program files\Microsoft.NET
2010-06-11 01:07 . 2010-05-26 09:58 -------- d-----w- c:\programdata\Microsoft Help
2010-06-08 20:19 . 2010-05-25 14:55 -------- d-----w- c:\program files\Microsoft Silverlight
2010-05-30 20:04 . 2010-05-30 20:04 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_09_00.Wdf
2010-05-27 22:02 . 2010-05-25 23:23 -------- d-----w- c:\program files\Logitech
2010-05-27 22:00 . 2010-05-25 23:23 -------- d-----w- c:\program files\Common Files\LogiShrd
2010-05-27 19:51 . 2010-05-27 19:36 -------- d-----w- c:\programdata\OnlineArmor
2010-05-27 19:36 . 2010-05-27 19:36 -------- d-----w- c:\users\Thierry\AppData\Roaming\OnlineArmor
2010-05-27 19:35 . 2010-05-27 19:35 -------- d-----w- c:\program files\Tall Emu
2010-05-27 18:51 . 2010-05-27 18:49 -------- d-----w- c:\program files\Common Files\Ahead
2010-05-27 18:49 . 2010-05-27 18:49 -------- d-----w- c:\programdata\Nero
2010-05-27 18:49 . 2010-05-27 18:49 -------- d-----w- c:\program files\Nero
2010-05-27 07:24 . 2010-06-10 05:56 34304 ----a-w- c:\windows\system32\atmlib.dll
2010-05-27 03:49 . 2010-06-10 05:56 293888 ----a-w- c:\windows\system32\atmfd.dll
2010-05-27 01:05 . 2010-05-26 10:03 -------- d-----w- c:\program files\Microsoft Works
2010-05-27 01:01 . 2010-05-27 01:01 -------- d-----w- c:\program files\MSXML 4.0
2010-05-26 10:14 . 2010-05-26 10:14 -------- d-----w- c:\users\Thierry\AppData\Roaming\Ahead
2010-05-26 10:14 . 2010-05-26 10:14 -------- d-----w- c:\programdata\Ahead
2010-05-26 10:02 . 2009-07-14 04:52 -------- d-----w- c:\program files\MSBuild
2010-05-26 09:59 . 2010-05-26 09:59 -------- d-----w- c:\program files\Microsoft Visual Studio 8
2010-05-26 01:00 . 2010-05-26 01:00 -------- d-----w- c:\program files\Microsoft CAPICOM 2.1.0.2
2010-05-26 00:39 . 2010-05-26 00:39 -------- d-----w- c:\program files\islim 310
2010-05-26 00:39 . 2010-05-26 00:39 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-05-26 00:39 . 2010-05-26 00:39 -------- d-----w- c:\users\Thierry\AppData\Roaming\InstallShield
2010-05-26 00:12 . 2010-05-26 00:12 -------- d-----w- c:\programdata\Logitech
2010-05-25 23:45 . 2010-05-25 23:23 -------- d-----w- c:\programdata\LogiShrd
2010-05-25 23:43 . 2010-05-25 23:43 -------- d-----w- c:\users\Thierry\AppData\Roaming\Leadertech
2010-05-25 22:19 . 2010-05-25 22:19 -------- d-----w- c:\program files\Common Files\Adobe
2010-05-25 22:09 . 2010-05-25 17:39 -------- d-----w- c:\program files\VS Revo Group
2010-05-25 21:50 . 2009-10-28 17:55 -------- d-----w- c:\program files\RocketDock
2010-05-25 21:01 . 2010-05-25 21:01 -------- d-----w- c:\program files\Common Files\Java
2010-05-25 21:00 . 2010-05-25 21:00 411368 ----a-w- c:\windows\system32\deployJava1.dll
2010-05-25 21:00 . 2010-05-25 21:00 -------- d-----w- c:\program files\Java
2010-05-25 20:56 . 2010-05-25 20:56 -------- d-----w- c:\program files\IZArc
2010-05-25 20:26 . 2010-05-25 20:26 -------- d-----w- c:\program files\WOT
2010-05-25 20:07 . 2010-05-25 20:07 -------- d-----w- c:\program files\VideoLAN
2010-05-25 19:49 . 2010-05-25 19:48 -------- d-----w- c:\program files\ma-config.com
2010-05-25 19:48 . 2010-05-25 19:48 -------- d-----w- c:\programdata\ma-config.com
2010-05-25 19:00 . 2010-05-25 19:00 -------- d-----w- c:\users\Thierry\AppData\Roaming\Malwarebytes
2010-05-25 18:47 . 2010-05-25 18:47 -------- d-----w- c:\users\Thierry\AppData\Roaming\Shareaza
2010-05-25 17:51 . 2010-05-25 17:51 -------- d-----w- c:\program files\Microsoft
2010-05-25 17:51 . 2010-05-25 17:50 -------- d-----w- c:\program files\Windows Live
2010-05-25 17:50 . 2010-05-25 17:50 -------- d-----w- c:\program files\Windows Live SkyDrive
2010-05-25 17:47 . 2010-05-25 17:47 -------- d-----w- c:\program files\Common Files\Windows Live
2010-05-25 16:12 . 2010-05-25 16:12 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-05-25 16:12 . 2010-05-25 16:12 -------- d-----w- c:\programdata\Malwarebytes
2010-05-25 16:10 . 2010-05-25 16:10 -------- d-----w- c:\programdata\Avira
2010-05-25 16:10 . 2010-05-25 16:10 -------- d-----w- c:\program files\Avira
2010-05-25 15:19 . 2009-07-14 02:37 -------- d-----w- c:\program files\Windows Mail
2010-05-25 15:09 . 2010-05-25 15:09 0 ----a-w- c:\windows\nsreg.dat
2010-05-25 14:57 . 2010-05-25 14:57 722416 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-05-25 14:56 . 2010-05-25 14:56 -------- d-----w- c:\program files\K-Lite Codec Pack
2010-05-25 14:54 . 2010-05-25 14:54 -------- d-sh--we c:\programdata\Modèles
2010-05-25 14:54 . 2010-05-25 14:54 -------- d-sh--we c:\programdata\Menu Démarrer
2010-05-25 14:54 . 2010-05-25 14:54 -------- d-sh--we c:\programdata\Favoris
2010-05-25 14:54 . 2010-05-25 14:54 -------- d-sh--we c:\programdata\Bureau
2010-05-25 14:54 . 2010-05-25 14:54 -------- d-sh--we c:\program files\Fichiers communs
2010-05-21 12:14 . 2010-05-25 15:12 221568 ------w- c:\windows\system32\MpSigStub.exe
2010-05-21 05:18 . 2010-06-10 06:30 977920 ----a-w- c:\windows\system32\wininet.dll
2010-05-01 14:49 . 2010-06-10 06:16 2326528 ----a-w- c:\windows\system32\win32k.sys
2010-04-29 13:39 . 2010-05-25 16:12 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-04-29 13:39 . 2010-05-25 16:12 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-04-23 07:13 . 2010-05-26 00:46 2048 ----a-w- c:\windows\system32\tzres.dll
2010-04-20 02:13 . 2010-05-27 19:35 24440 ----a-w- c:\windows\system32\drivers\OAmon.sys
2010-04-20 02:13 . 2010-05-27 19:35 30584 ----a-w- c:\windows\system32\drivers\OAnet.sys
2010-04-20 02:13 . 2010-05-27 19:35 228216 ----a-w- c:\windows\system32\drivers\OADriver.sys
2010-04-16 20:12 . 2010-04-16 20:12 48464 ----a-w- c:\windows\system32\sirenacm.dll
2009-06-10 21:26 . 2009-07-14 02:04 9633792 --sha-r- c:\windows\Fonts\StaticCache.dat
2009-07-14 01:14 . 2009-07-13 23:42 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2008-01-22 152872]
"ccleaner"="c:\program files\CCleaner\CCleaner.exe" [2010-06-23 1699128]
"Logitech Vid"="c:\program files\Logitech\Logitech Vid\vid.exe" [2009-07-16 5458704]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-06-20 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832]
"iSlim310_Monitor"="c:\windows\iSlim310\Monitor.exe" [2007-12-10 323584]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2010-04-29 437584]
"@OnlineArmor GUI"="c:\program files\Tall Emu\Online Armor\oaui.exe" [2010-04-20 6678008]
"LogitechQuickCamRibbon"="c:\program files\Logitech\Logitech WebCam Software\LWS.exe" [2009-10-14 2793304]
"LXCGCATS"="c:\windows\system32\spool\DRIVERS\W32X86\3\LXCGtime.dll" [2005-04-27 69632]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Welcome Center"="c:\windows\system32\OobeFldr.dll" [2009-10-26 859648]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]
c:\users\Thierry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Logitech . Enregistrement du produit.lnk - c:\program files\Logitech\Logitech WebCam Software\eReg.exe [2009-10-14 517384]
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Little transparency.exe [2009-9-10 402263]
RocketDock.lnk - c:\program files\RocketDock\RocketDock.exe [2009-10-28 495616]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 0 (0x0)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"EnableShellExecuteHooks"= 1 (0x1)
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)
"NoSMBalloonTip"= 1 (0x1)
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{4F07DA45-8170-4859-9B5F-037EF2970034}"= "c:\progra~1\TALLEM~1\ONLINE~1\oaevent.dll" [2010-04-20 925688]
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\maconfservice.exe [2010-05-11 271728]
R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2010-06-10 1343400]
R4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys [2010-05-25 722416]
S1 OADevice;OADriver;c:\windows\system32\drivers\OADriver.sys [2010-04-20 228216]
S1 OAmon;OAmon;c:\windows\system32\drivers\OAmon.sys [2010-04-20 24440]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2010-04-29 304464]
S2 OAcat;Online Armor Helper Service;c:\program files\Tall Emu\Online Armor\OAcat.exe [2010-04-20 1284600]
S2 SvcOnlineArmor;Online Armor;c:\program files\Tall Emu\Online Armor\oasrv.exe [2010-04-20 3364856]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2010-04-29 20952]
S3 OAnet;OnlineArmor Service;c:\windows\system32\DRIVERS\oanet.sys [2010-04-20 30584]
S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.google.com/
IE: Download with &Shareaza - c:\program files\Shareaza\RazaWebHook32.dll/3000
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~4\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\users\Thierry\AppData\Roaming\Mozilla\Firefox\Profiles\7f7r0fly.default\
FF - prefs.js: browser.startup.homepage - http:/www.google.fr
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
FF - plugin: c:\program files\ma-config.com\nphardwaredetection.dll
FF - plugin: c:\users\Thierry\AppData\Roaming\Mozilla\Firefox\Profiles\7f7r0fly.default\extensions\DeviceDetection@logitech.com\plugins\npLogitechDeviceDetection.dll
---- PARAMETRES FIREFOX ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.proxy.type", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe,-101"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Heure de fin: 2010-07-14 14:19:19
ComboFix-quarantined-files.txt 2010-07-14 12:19
Avant-CF: 45 870 632 960 octets libres
Après-CF: 45 768 015 872 octets libres
- - End Of File - - 2B51754FB933E0C9DF7E3B049D787705
il fallait bien qu'un jour je demande de l'aide lol
voila j'ai fait tourner DrWeb qui a tout simplement éteint le pc , usbfix ne fonctionne qu'en mode recherche et Combofix n'a pas trouvé grand chose
si quelqu'un a une idée.......
ComboFix 10-07-13.08 - Thierry 14/07/2010 14:01:54.1.2 - x86
Microsoft Windows 7 Édition Intégrale 6.1.7600.0.1252.33.1036.18.2038.1315 [GMT 2:00]
Lancé depuis: c:\users\Thierry\Desktop\ComboFix.exe
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\system volume information\WindowsImageBackup
.
((((((((((((((((((((((((((((( Fichiers créés du 2010-06-14 au 2010-07-14 ))))))))))))))))))))))))))))))))))))
.
2010-07-13 14:57 . 2010-07-13 14:57 85640 ----a-w- c:\users\Thierry\AppData\Local\GDIPFONTCACHEV1.DAT
2010-07-13 09:10 . 2010-07-13 12:47 -------- d-----w- C:\Kill'em
2010-07-13 09:09 . 2010-07-13 18:19 -------- d-----w- c:\program files\List_Kill'em
2010-07-13 05:10 . 2009-12-08 11:32 292864 ----a-w- c:\windows\system32\apphelp.dll
2010-07-10 12:56 . 2010-07-10 12:56 -------- d-----w- c:\program files\Lexmark Fax Solutions
2010-07-10 12:39 . 2010-07-10 17:35 -------- d-----w- c:\program files\Lx_cats
2010-07-10 12:33 . 2010-07-10 13:28 -------- d-----w- c:\program files\Lexmark 2300 Series
2010-07-10 12:33 . 2010-07-11 18:14 -------- d-----w- c:\temp\{9F5FBC24-EFE2-4f90-B498-EC0FB7D47D15}
2010-07-09 15:00 . 2010-07-09 20:57 -------- d-----w- C:\UsbFix
2010-07-09 13:18 . 2000-06-25 18:21 176128 ----a-w- c:\windows\system32\MSTEXT35.DLL
2010-07-09 13:18 . 2000-06-25 18:21 430080 ----a-w- c:\windows\system32\MSREPL35.DLL
2010-07-09 13:18 . 2000-06-25 18:21 266240 ----a-w- c:\windows\system32\MSEXCL35.DLL
2010-07-09 13:18 . 2000-04-26 14:34 250128 ----a-w- c:\windows\system32\MSPDOX35.DLL
2010-07-09 13:18 . 2000-04-26 14:34 168720 ----a-w- c:\windows\system32\MSLTUS35.DLL
2010-07-09 13:18 . 1999-08-22 00:44 385024 ----a-w- c:\windows\system32\VBAR332.DLL
2010-07-09 13:18 . 1999-08-22 00:44 262144 ----a-w- c:\windows\system32\MSRD2X35.DLL
2010-07-09 13:18 . 1999-08-22 00:44 294912 ----a-w- c:\windows\system32\MSXBSE35.DLL
2010-07-09 13:18 . 1998-06-17 23:00 89360 ----a-w- c:\windows\system32\VB5DB.DLL
2010-07-09 13:18 . 2000-07-19 08:00 149776 ----a-w- c:\windows\system32\MSJINT35.DLL
2010-07-09 13:18 . 2000-06-08 16:00 1064960 ----a-w- c:\windows\system32\MSJET35.DLL
2010-07-09 13:18 . 1999-06-10 06:34 24848 ----a-w- c:\windows\system32\MSJTER35.DLL
2010-07-09 13:17 . 1998-10-01 13:22 304128 ----a-w- c:\windows\unin040c.exe
2010-07-09 12:53 . 2010-07-09 20:57 -------- d-----w- c:\program files\Common Files\Sage
2010-07-09 12:53 . 2008-11-03 10:22 262144 ----a-w- c:\windows\system32\mlcorert.dll
2010-07-09 12:53 . 2010-07-10 10:39 -------- d-----w- c:\program files\Ciel
2010-07-09 12:52 . 2010-07-09 20:57 -------- d-----w- c:\program files\Common Files\InstallShield
2010-06-23 14:12 . 2009-11-25 10:47 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2010-06-23 14:12 . 2009-11-25 10:47 49472 ----a-w- c:\windows\system32\netfxperf.dll
2010-06-23 14:12 . 2009-11-25 10:47 297808 ----a-w- c:\windows\system32\mscoree.dll
2010-06-23 14:12 . 2009-11-25 10:47 295264 ----a-w- c:\windows\system32\PresentationHost.exe
2010-06-23 14:12 . 2009-11-25 10:47 1130824 ----a-w- c:\windows\system32\dfshim.dll
2010-06-23 10:02 . 2010-03-24 06:37 1286456 ----a-w- c:\windows\system32\ntdll.dll
2010-06-23 10:02 . 2010-05-09 09:14 641536 ----a-w- c:\windows\system32\CPFilters.dll
2010-06-23 10:02 . 2010-05-09 09:14 417792 ----a-w- c:\windows\system32\msdri.dll
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-07-14 12:05 . 2009-07-14 08:39 704480 ----a-w- c:\windows\system32\perfh00C.dat
2010-07-14 12:05 . 2009-07-14 08:39 130754 ----a-w- c:\windows\system32\perfc00C.dat
2010-07-11 20:51 . 2010-05-25 20:16 -------- d-----w- c:\users\Thierry\AppData\Roaming\vlc
2010-07-03 23:08 . 2010-05-25 16:13 -------- d-----w- c:\program files\CCleaner
2010-07-03 23:07 . 2010-05-25 16:05 -------- d-----w- c:\program files\Defraggler
2010-07-03 23:01 . 2010-05-25 18:47 -------- d-----w- c:\program files\Shareaza
2010-06-26 01:02 . 2010-05-26 10:01 -------- d-----w- c:\program files\Microsoft.NET
2010-06-11 01:07 . 2010-05-26 09:58 -------- d-----w- c:\programdata\Microsoft Help
2010-06-08 20:19 . 2010-05-25 14:55 -------- d-----w- c:\program files\Microsoft Silverlight
2010-05-30 20:04 . 2010-05-30 20:04 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_09_00.Wdf
2010-05-27 22:02 . 2010-05-25 23:23 -------- d-----w- c:\program files\Logitech
2010-05-27 22:00 . 2010-05-25 23:23 -------- d-----w- c:\program files\Common Files\LogiShrd
2010-05-27 19:51 . 2010-05-27 19:36 -------- d-----w- c:\programdata\OnlineArmor
2010-05-27 19:36 . 2010-05-27 19:36 -------- d-----w- c:\users\Thierry\AppData\Roaming\OnlineArmor
2010-05-27 19:35 . 2010-05-27 19:35 -------- d-----w- c:\program files\Tall Emu
2010-05-27 18:51 . 2010-05-27 18:49 -------- d-----w- c:\program files\Common Files\Ahead
2010-05-27 18:49 . 2010-05-27 18:49 -------- d-----w- c:\programdata\Nero
2010-05-27 18:49 . 2010-05-27 18:49 -------- d-----w- c:\program files\Nero
2010-05-27 07:24 . 2010-06-10 05:56 34304 ----a-w- c:\windows\system32\atmlib.dll
2010-05-27 03:49 . 2010-06-10 05:56 293888 ----a-w- c:\windows\system32\atmfd.dll
2010-05-27 01:05 . 2010-05-26 10:03 -------- d-----w- c:\program files\Microsoft Works
2010-05-27 01:01 . 2010-05-27 01:01 -------- d-----w- c:\program files\MSXML 4.0
2010-05-26 10:14 . 2010-05-26 10:14 -------- d-----w- c:\users\Thierry\AppData\Roaming\Ahead
2010-05-26 10:14 . 2010-05-26 10:14 -------- d-----w- c:\programdata\Ahead
2010-05-26 10:02 . 2009-07-14 04:52 -------- d-----w- c:\program files\MSBuild
2010-05-26 09:59 . 2010-05-26 09:59 -------- d-----w- c:\program files\Microsoft Visual Studio 8
2010-05-26 01:00 . 2010-05-26 01:00 -------- d-----w- c:\program files\Microsoft CAPICOM 2.1.0.2
2010-05-26 00:39 . 2010-05-26 00:39 -------- d-----w- c:\program files\islim 310
2010-05-26 00:39 . 2010-05-26 00:39 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-05-26 00:39 . 2010-05-26 00:39 -------- d-----w- c:\users\Thierry\AppData\Roaming\InstallShield
2010-05-26 00:12 . 2010-05-26 00:12 -------- d-----w- c:\programdata\Logitech
2010-05-25 23:45 . 2010-05-25 23:23 -------- d-----w- c:\programdata\LogiShrd
2010-05-25 23:43 . 2010-05-25 23:43 -------- d-----w- c:\users\Thierry\AppData\Roaming\Leadertech
2010-05-25 22:19 . 2010-05-25 22:19 -------- d-----w- c:\program files\Common Files\Adobe
2010-05-25 22:09 . 2010-05-25 17:39 -------- d-----w- c:\program files\VS Revo Group
2010-05-25 21:50 . 2009-10-28 17:55 -------- d-----w- c:\program files\RocketDock
2010-05-25 21:01 . 2010-05-25 21:01 -------- d-----w- c:\program files\Common Files\Java
2010-05-25 21:00 . 2010-05-25 21:00 411368 ----a-w- c:\windows\system32\deployJava1.dll
2010-05-25 21:00 . 2010-05-25 21:00 -------- d-----w- c:\program files\Java
2010-05-25 20:56 . 2010-05-25 20:56 -------- d-----w- c:\program files\IZArc
2010-05-25 20:26 . 2010-05-25 20:26 -------- d-----w- c:\program files\WOT
2010-05-25 20:07 . 2010-05-25 20:07 -------- d-----w- c:\program files\VideoLAN
2010-05-25 19:49 . 2010-05-25 19:48 -------- d-----w- c:\program files\ma-config.com
2010-05-25 19:48 . 2010-05-25 19:48 -------- d-----w- c:\programdata\ma-config.com
2010-05-25 19:00 . 2010-05-25 19:00 -------- d-----w- c:\users\Thierry\AppData\Roaming\Malwarebytes
2010-05-25 18:47 . 2010-05-25 18:47 -------- d-----w- c:\users\Thierry\AppData\Roaming\Shareaza
2010-05-25 17:51 . 2010-05-25 17:51 -------- d-----w- c:\program files\Microsoft
2010-05-25 17:51 . 2010-05-25 17:50 -------- d-----w- c:\program files\Windows Live
2010-05-25 17:50 . 2010-05-25 17:50 -------- d-----w- c:\program files\Windows Live SkyDrive
2010-05-25 17:47 . 2010-05-25 17:47 -------- d-----w- c:\program files\Common Files\Windows Live
2010-05-25 16:12 . 2010-05-25 16:12 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-05-25 16:12 . 2010-05-25 16:12 -------- d-----w- c:\programdata\Malwarebytes
2010-05-25 16:10 . 2010-05-25 16:10 -------- d-----w- c:\programdata\Avira
2010-05-25 16:10 . 2010-05-25 16:10 -------- d-----w- c:\program files\Avira
2010-05-25 15:19 . 2009-07-14 02:37 -------- d-----w- c:\program files\Windows Mail
2010-05-25 15:09 . 2010-05-25 15:09 0 ----a-w- c:\windows\nsreg.dat
2010-05-25 14:57 . 2010-05-25 14:57 722416 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-05-25 14:56 . 2010-05-25 14:56 -------- d-----w- c:\program files\K-Lite Codec Pack
2010-05-25 14:54 . 2010-05-25 14:54 -------- d-sh--we c:\programdata\Modèles
2010-05-25 14:54 . 2010-05-25 14:54 -------- d-sh--we c:\programdata\Menu Démarrer
2010-05-25 14:54 . 2010-05-25 14:54 -------- d-sh--we c:\programdata\Favoris
2010-05-25 14:54 . 2010-05-25 14:54 -------- d-sh--we c:\programdata\Bureau
2010-05-25 14:54 . 2010-05-25 14:54 -------- d-sh--we c:\program files\Fichiers communs
2010-05-21 12:14 . 2010-05-25 15:12 221568 ------w- c:\windows\system32\MpSigStub.exe
2010-05-21 05:18 . 2010-06-10 06:30 977920 ----a-w- c:\windows\system32\wininet.dll
2010-05-01 14:49 . 2010-06-10 06:16 2326528 ----a-w- c:\windows\system32\win32k.sys
2010-04-29 13:39 . 2010-05-25 16:12 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-04-29 13:39 . 2010-05-25 16:12 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-04-23 07:13 . 2010-05-26 00:46 2048 ----a-w- c:\windows\system32\tzres.dll
2010-04-20 02:13 . 2010-05-27 19:35 24440 ----a-w- c:\windows\system32\drivers\OAmon.sys
2010-04-20 02:13 . 2010-05-27 19:35 30584 ----a-w- c:\windows\system32\drivers\OAnet.sys
2010-04-20 02:13 . 2010-05-27 19:35 228216 ----a-w- c:\windows\system32\drivers\OADriver.sys
2010-04-16 20:12 . 2010-04-16 20:12 48464 ----a-w- c:\windows\system32\sirenacm.dll
2009-06-10 21:26 . 2009-07-14 02:04 9633792 --sha-r- c:\windows\Fonts\StaticCache.dat
2009-07-14 01:14 . 2009-07-13 23:42 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2008-01-22 152872]
"ccleaner"="c:\program files\CCleaner\CCleaner.exe" [2010-06-23 1699128]
"Logitech Vid"="c:\program files\Logitech\Logitech Vid\vid.exe" [2009-07-16 5458704]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-06-20 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832]
"iSlim310_Monitor"="c:\windows\iSlim310\Monitor.exe" [2007-12-10 323584]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2010-04-29 437584]
"@OnlineArmor GUI"="c:\program files\Tall Emu\Online Armor\oaui.exe" [2010-04-20 6678008]
"LogitechQuickCamRibbon"="c:\program files\Logitech\Logitech WebCam Software\LWS.exe" [2009-10-14 2793304]
"LXCGCATS"="c:\windows\system32\spool\DRIVERS\W32X86\3\LXCGtime.dll" [2005-04-27 69632]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Welcome Center"="c:\windows\system32\OobeFldr.dll" [2009-10-26 859648]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]
c:\users\Thierry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Logitech . Enregistrement du produit.lnk - c:\program files\Logitech\Logitech WebCam Software\eReg.exe [2009-10-14 517384]
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Little transparency.exe [2009-9-10 402263]
RocketDock.lnk - c:\program files\RocketDock\RocketDock.exe [2009-10-28 495616]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 0 (0x0)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"EnableShellExecuteHooks"= 1 (0x1)
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)
"NoSMBalloonTip"= 1 (0x1)
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{4F07DA45-8170-4859-9B5F-037EF2970034}"= "c:\progra~1\TALLEM~1\ONLINE~1\oaevent.dll" [2010-04-20 925688]
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\maconfservice.exe [2010-05-11 271728]
R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2010-06-10 1343400]
R4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys [2010-05-25 722416]
S1 OADevice;OADriver;c:\windows\system32\drivers\OADriver.sys [2010-04-20 228216]
S1 OAmon;OAmon;c:\windows\system32\drivers\OAmon.sys [2010-04-20 24440]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2010-04-29 304464]
S2 OAcat;Online Armor Helper Service;c:\program files\Tall Emu\Online Armor\OAcat.exe [2010-04-20 1284600]
S2 SvcOnlineArmor;Online Armor;c:\program files\Tall Emu\Online Armor\oasrv.exe [2010-04-20 3364856]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2010-04-29 20952]
S3 OAnet;OnlineArmor Service;c:\windows\system32\DRIVERS\oanet.sys [2010-04-20 30584]
S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.google.com/
IE: Download with &Shareaza - c:\program files\Shareaza\RazaWebHook32.dll/3000
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~4\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\users\Thierry\AppData\Roaming\Mozilla\Firefox\Profiles\7f7r0fly.default\
FF - prefs.js: browser.startup.homepage - http:/www.google.fr
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
FF - plugin: c:\program files\ma-config.com\nphardwaredetection.dll
FF - plugin: c:\users\Thierry\AppData\Roaming\Mozilla\Firefox\Profiles\7f7r0fly.default\extensions\DeviceDetection@logitech.com\plugins\npLogitechDeviceDetection.dll
---- PARAMETRES FIREFOX ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.proxy.type", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe,-101"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Heure de fin: 2010-07-14 14:19:19
ComboFix-quarantined-files.txt 2010-07-14 12:19
Avant-CF: 45 870 632 960 octets libres
Après-CF: 45 768 015 872 octets libres
- - End Of File - - 2B51754FB933E0C9DF7E3B049D787705
A voir également:
- Suppression impossible avec usbfix
- Forcer suppression fichier - Guide
- Suppression compte gmail - Guide
- Suppression facebook - Guide
- Suppression compte google - Guide
- Suppression page word - Guide
5 réponses
à noter que usbfix en mode suppression bloque à 10% , je l'ai laissé tourner 2 h
dans les clés usb , il y a un dossier .\Driver\usb
j'ai supprimé manuellement 2 fichiers autorun.inf pourris
dans les clés usb , il y a un dossier .\Driver\usb
j'ai supprimé manuellement 2 fichiers autorun.inf pourris
ta essayé avec un autre pc vu les tools que tu passes? doit peut être avoir un blême
c quoi comme clef ?
c quoi comme clef ?
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question