Accent circonflexe/tréma n'apparaissent plus
Fermé
massoun
Messages postés
1011
Date d'inscription
dimanche 13 avril 2008
Statut
Membre
Dernière intervention
11 septembre 2018
-
6 avril 2011 à 11:55
Utilisateur anonyme - 6 avril 2011 à 18:59
Utilisateur anonyme - 6 avril 2011 à 18:59
A voir également:
- Accent circonflexe/tréma n'apparaissent plus
- E avec accent - Guide
- Comment faire un accent circonflexe sur un clavier azerty ✓ - Forum Clavier
- I trema - Forum Bureautique
- ''E'' et ''i'' Tréma - Forum Windows
- Obtenir un i tréma avec clavier allemand ✓ - Forum Bureautique
25 réponses
Utilisateur anonyme
6 avril 2011 à 17:22
6 avril 2011 à 17:22
__________________________________________________
=>/!\Le script qui suit a été écrit spécialement cet ordinateur/!\ <=
=>il est fort déconseillé de le transposer sur un autre ordinateur !<=
----------------------------------------------------------------------------
Toujours avec toutes les protections désactivées, fais ceci :
▶ Ouvre le bloc-notes (Menu démarrer --> programmes --> accessoires --> bloc-notes)
▶ Copie/colle dans le bloc-notes ce qui entre les lignes ci dessous (sans les lignes) :
----------------------------------------------------------
KillAll::
RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
------------------------------------------------------------------
▶ Enregistre ce fichier sur ton Bureau (et pas ailleurs !) sous le nom CFScript.txt
▶ Quitte le Bloc Notes
▶ Fais un glisser/déposer de ce fichier CFScript sur le fichier combofix
▶ Patiente le temps du scan. Le Bureau va disparaître à plusieurs reprises : c'est normal ! Ne touche à rien tant que le scan n'est pas terminé.
▶ Une fois le scan achevé, un rapport va s'afficher: poste son contenu.
▶ Si le fichier ne s'ouvre pas, il se trouve ici => C:\ComboFix.txt
massoun
Messages postés
1011
Date d'inscription
dimanche 13 avril 2008
Statut
Membre
Dernière intervention
11 septembre 2018
43
6 avril 2011 à 17:40
6 avril 2011 à 17:40
ComboFix 11-04-05.02 - Geoffrey 06/04/2011 17:31:12.2.4 - x64
Microsoft Windows 7 Édition Familiale Premium 6.1.7600.0.1252.33.1036.18.3959.2588 [GMT 2:00]
Lancé depuis: c:\users\Geoffrey\Desktop\Geoffrey.exe
Commutateurs utilisés :: c:\users\Geoffrey\Desktop\CFScript.txt
AV: AntiVir Desktop *Enabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Enabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2011-03-06 au 2011-04-06 ))))))))))))))))))))))))))))))))))))
.
.
2011-04-06 15:35 . 2011-04-06 15:35 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-04-06 13:57 . 2011-04-06 13:57 -------- d-----w- C:\Kill'em
2011-04-06 13:57 . 2011-04-06 14:53 -------- d-----w- c:\program files (x86)\List_Kill'em
2011-04-06 12:04 . 2010-12-20 16:09 38224 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
2011-04-06 12:04 . 2011-04-06 12:04 -------- d-----w- c:\programdata\Malwarebytes
2011-04-06 12:04 . 2011-04-06 12:04 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2011-04-06 12:04 . 2010-12-20 16:08 24152 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-04-06 11:30 . 2011-04-06 15:12 -------- d-----w- C:\tdsskiller
2011-04-06 11:06 . 2011-04-06 11:09 -------- d-----w- C:\UsbFix
2011-04-05 09:07 . 2011-03-15 05:17 8424784 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D6307EA5-8474-44A1-8FA1-167D3AF56283}\mpengine.dll
2011-04-03 18:37 . 2011-04-03 18:38 -------- d-----w- c:\program files (x86)\Total Video Converter
2011-04-02 11:44 . 2011-04-02 11:44 -------- d-----w- c:\program files (x86)\Lame For Audacity
2011-04-02 11:43 . 2011-04-02 11:43 -------- d-----w- c:\program files (x86)\Audacity
2011-03-29 18:00 . 2011-04-06 10:05 -------- d-----w- c:\program files (x86)\JDownloader
2011-03-28 16:46 . 2011-03-28 16:46 -------- d-----w- c:\programdata\CanonIJ
2011-03-26 20:48 . 2011-03-29 18:16 -------- d-----w- c:\program files (x86)\Internet Download Manager
2011-03-26 19:58 . 2011-03-26 19:58 -------- d-----w- c:\program files (x86)\TeamViewer
2011-03-21 19:16 . 2011-03-21 19:16 -------- d-----w- c:\windows\Sun
2011-03-21 19:15 . 2011-03-21 19:15 -------- d-----w- c:\program files\Common Files\CANON
2011-03-21 19:15 . 2011-03-21 19:15 -------- d-----w- c:\program files\Canon
2011-03-21 19:12 . 2011-03-21 19:12 -------- d--h--w- c:\programdata\CanonBJ
2011-03-21 19:12 . 2008-05-29 20:00 82944 ----a-w- c:\windows\system32\Spool\prtprocs\x64\CNMPP9D.DLL
2011-03-21 19:12 . 2008-05-29 20:00 27648 ----a-w- c:\windows\system32\Spool\prtprocs\x64\CNMPD9D.DLL
2011-03-21 19:12 . 2011-03-21 19:12 -------- d--h--w- c:\windows\system32\CanonIJ Uninstaller Information
2011-03-21 19:12 . 2008-05-29 20:00 279040 ----a-w- c:\windows\system32\CNMLM9D.DLL
2011-03-21 19:12 . 2008-05-30 00:28 293376 ----a-w- c:\windows\system32\CNC620L.DLL
2011-03-21 19:12 . 2008-04-07 05:59 92672 ----a-w- c:\windows\system32\CNC620I.DLL
2011-03-21 19:12 . 2007-03-15 05:13 229888 ----a-w- c:\windows\system32\CNC620O.DLL
2011-03-21 19:12 . 2008-04-07 05:59 1354240 ----a-w- c:\windows\system32\CNC620C.DLL
2011-03-21 19:11 . 2007-06-06 00:42 151552 ----a-w- c:\windows\system32\CNMN6UI.DLL
2011-03-21 19:11 . 2007-06-06 00:42 251904 ----a-w- c:\windows\system32\CNMN6PPM.DLL
2011-03-21 19:07 . 2011-03-21 19:20 -------- d-----w- c:\program files (x86)\Canon
2011-03-19 16:04 . 2011-03-19 16:04 -------- d-----w- c:\program files\DIFX
2011-03-19 16:04 . 2009-09-03 15:30 128512 ----a-w- c:\windows\system32\drivers\tiehdusb.sys
2011-03-19 16:04 . 2011-03-19 16:04 -------- d-----w- c:\program files (x86)\Common Files\TI Shared
2011-03-19 16:04 . 2011-03-19 16:04 -------- d-----w- c:\program files (x86)\TI Education
2011-03-18 23:39 . 2011-03-18 23:39 -------- d-----w- c:\program files (x86)\Pod to PC
2011-03-18 18:39 . 2011-03-18 18:39 -------- d-----w- c:\program files (x86)\FreeTime
2011-03-17 20:45 . 2011-03-27 15:28 -------- d-----w- c:\program files (x86)\Free PDF to Word Converter
2011-03-17 20:36 . 2011-03-17 20:36 -------- d-----w- c:\program files (x86)\Guitar Pro 6
2011-03-17 07:52 . 2011-03-17 07:52 -------- d-----w- c:\windows\SysWow64\Wat
2011-03-17 07:52 . 2011-03-17 07:52 -------- d-----w- c:\windows\system32\Wat
2011-03-16 18:40 . 2010-09-14 06:45 367104 ----a-w- c:\windows\system32\wcncsvc.dll
2011-03-16 18:40 . 2010-09-14 06:07 276992 ----a-w- c:\windows\SysWow64\wcncsvc.dll
2011-03-16 18:37 . 2011-03-16 18:37 -------- d-----w- c:\program files (x86)\MSXML 4.0
2011-03-16 18:36 . 2009-11-25 11:47 99176 ----a-w- c:\windows\SysWow64\PresentationHostProxy.dll
2011-03-16 18:36 . 2009-11-25 11:47 49472 ----a-w- c:\windows\SysWow64\netfxperf.dll
2011-03-16 18:36 . 2009-11-25 11:47 48960 ----a-w- c:\windows\system32\netfxperf.dll
2011-03-16 18:36 . 2009-11-25 11:47 297808 ----a-w- c:\windows\SysWow64\mscoree.dll
2011-03-16 18:36 . 2009-11-25 11:47 295264 ----a-w- c:\windows\SysWow64\PresentationHost.exe
2011-03-16 18:36 . 2009-11-25 11:47 1130824 ----a-w- c:\windows\SysWow64\dfshim.dll
2011-03-16 18:36 . 2009-11-25 11:47 109912 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2011-03-16 18:36 . 2009-11-25 11:47 444752 ----a-w- c:\windows\system32\mscoree.dll
2011-03-16 18:36 . 2009-11-25 11:47 320352 ----a-w- c:\windows\system32\PresentationHost.exe
2011-03-16 18:36 . 2009-11-25 11:47 1942856 ----a-w- c:\windows\system32\dfshim.dll
2011-03-16 18:36 . 2010-02-23 08:16 294912 ----a-w- c:\windows\system32\browserchoice.exe
2011-03-16 17:32 . 2011-03-16 17:32 -------- d-----w- c:\program files (x86)\VideoLAN
2011-03-16 14:16 . 2010-12-18 06:11 714752 ----a-w- c:\windows\system32\kerberos.dll
2011-03-16 14:15 . 2010-11-02 05:12 1837568 ----a-w- c:\windows\system32\d3d10warp.dll
2011-03-16 14:14 . 2010-10-27 05:18 5510528 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-03-16 14:14 . 2010-10-27 05:16 1739176 ----a-w- c:\windows\system32\ntdll.dll
2011-03-16 14:14 . 2010-10-27 04:43 3901824 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2011-03-16 14:14 . 2010-10-27 04:43 3957120 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2011-03-16 14:14 . 2010-10-27 04:40 1293120 ----a-w- c:\windows\SysWow64\ntdll.dll
2011-03-16 14:14 . 2011-01-07 08:06 46080 ----a-w- c:\windows\system32\atmlib.dll
2011-03-16 14:14 . 2011-01-07 07:27 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2011-03-16 14:14 . 2011-01-07 05:49 366080 ----a-w- c:\windows\system32\atmfd.dll
2011-03-16 14:14 . 2011-01-07 05:33 294400 ----a-w- c:\windows\SysWow64\atmfd.dll
2011-03-16 14:12 . 2010-12-23 06:07 961024 ----a-w- c:\windows\system32\CPFilters.dll
2011-03-16 14:12 . 2010-12-23 06:07 723968 ----a-w- c:\windows\system32\EncDec.dll
2011-03-16 14:12 . 2010-12-23 05:28 642048 ----a-w- c:\windows\SysWow64\CPFilters.dll
2011-03-16 14:12 . 2010-12-23 05:28 534528 ----a-w- c:\windows\SysWow64\EncDec.dll
2011-03-16 14:12 . 2010-12-23 06:07 1118720 ----a-w- c:\windows\system32\sbe.dll
2011-03-16 14:12 . 2010-12-23 06:02 259072 ----a-w- c:\windows\system32\mpg2splt.ax
2011-03-16 14:12 . 2010-12-23 05:28 850432 ----a-w- c:\windows\SysWow64\sbe.dll
2011-03-16 14:12 . 2010-12-23 05:24 199680 ----a-w- c:\windows\SysWow64\mpg2splt.ax
2011-03-16 14:12 . 2010-10-19 08:47 7680 ----a-w- c:\program files\Internet Explorer\iecompat.dll
2011-03-16 14:12 . 2010-10-19 08:10 7680 ----a-w- c:\program files (x86)\Internet Explorer\iecompat.dll
2011-03-16 14:11 . 2010-10-16 05:17 720896 ----a-w- c:\windows\system32\odbc32.dll
2011-03-16 14:11 . 2010-10-16 05:16 495616 ----a-w- c:\program files\Common Files\System\ado\msadox.dll
2011-03-16 14:11 . 2010-10-16 05:16 466944 ----a-w- c:\program files\Common Files\System\ado\msadomd.dll
2011-03-16 14:11 . 2010-10-16 05:16 1425408 ----a-w- c:\program files\Common Files\System\ado\msado15.dll
2011-03-16 14:11 . 2010-10-16 04:34 573440 ----a-w- c:\windows\SysWow64\odbc32.dll
2011-03-16 14:11 . 2010-10-16 05:16 258048 ----a-w- c:\program files\Common Files\System\msadc\msadco.dll
2011-03-16 14:11 . 2010-10-16 04:33 372736 ----a-w- c:\program files (x86)\Common Files\System\ado\msadox.dll
2011-03-16 14:11 . 2010-10-16 04:33 352256 ----a-w- c:\program files (x86)\Common Files\System\ado\msadomd.dll
2011-03-16 14:11 . 2010-10-16 04:33 987136 ----a-w- c:\program files (x86)\Common Files\System\ado\msado15.dll
2011-03-16 14:11 . 2010-10-16 04:33 208896 ----a-w- c:\program files (x86)\Common Files\System\msadc\msadco.dll
2011-03-16 14:10 . 2011-01-05 04:00 3127808 ----a-w- c:\windows\system32\win32k.sys
2011-03-16 14:09 . 2004-08-04 02:56 431616 ----a-w- c:\windows\SysWow64\temp.000
2011-03-16 14:09 . 2000-05-21 23:00 203976 ----a-w- c:\windows\SysWow64\RICHTX32.OCX
2011-03-16 14:09 . 2011-03-16 14:09 -------- d-----w- c:\programdata\KLC
2011-03-16 14:09 . 1999-12-07 06:00 61491 ----a-w- c:\windows\SysWow64\wbemdisp.TLB
2011-03-16 14:02 . 2011-01-07 08:07 662528 ----a-w- c:\windows\system32\XpsPrint.dll
2011-03-16 14:02 . 2011-01-07 08:07 475648 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-03-16 14:02 . 2011-01-07 07:31 442880 ----a-w- c:\windows\SysWow64\XpsPrint.dll
2011-03-16 14:02 . 2011-01-07 07:31 288256 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2011-03-16 14:01 . 2010-08-21 06:29 558592 ----a-w- c:\windows\system32\spoolsv.exe
2011-03-16 13:54 . 2010-12-21 06:16 214016 ----a-w- c:\windows\system32\winsrv.dll
2011-03-16 13:47 . 2010-10-16 05:19 395776 ----a-w- c:\windows\system32\webio.dll
2011-03-16 13:47 . 2010-10-16 04:36 314368 ----a-w- c:\windows\SysWow64\webio.dll
2011-03-16 13:44 . 2009-09-26 06:20 223448 ----a-w- c:\windows\system32\drivers\fvevol.sys
2011-03-16 13:10 . 2010-10-12 05:05 35328 ----a-w- c:\program files\Windows Mail\wabfind.dll
2011-03-16 13:10 . 2010-10-12 05:00 516096 ----a-w- c:\program files\Windows Mail\wab.exe
2011-03-16 13:10 . 2010-10-12 04:25 516096 ----a-w- c:\program files (x86)\Windows Mail\wab.exe
2011-03-16 13:04 . 2010-07-13 05:37 27008 ----a-w- c:\windows\system32\drivers\Diskdump.sys
2011-03-16 12:33 . 2010-12-18 06:12 3138048 ----a-w- c:\windows\system32\mstscax.dll
2011-03-16 12:33 . 2010-12-18 06:08 1097216 ----a-w- c:\windows\system32\mstsc.exe
2011-03-16 12:33 . 2010-12-18 05:30 2690560 ----a-w- c:\windows\SysWow64\mstscax.dll
2011-03-16 12:33 . 2010-12-18 05:26 1034240 ----a-w- c:\windows\SysWow64\mstsc.exe
2011-03-16 12:32 . 2010-10-16 05:23 112000 ----a-w- c:\windows\system32\consent.exe
2011-03-16 12:27 . 2011-03-16 12:27 -------- d-----w- c:\programdata\Guitar Pro 6
2011-03-16 11:09 . 2011-03-16 11:10 -------- d-----w- c:\program files (x86)\WildTangent Games
2011-03-15 19:09 . 2011-03-27 09:30 -------- d-----w- c:\program files (x86)\uTorrent
2011-03-15 18:54 . 2011-03-15 18:54 -------- dc----w- c:\windows\system32\DRVSTORE
2011-03-15 18:54 . 2009-05-18 12:17 34152 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2011-03-15 18:54 . 2008-04-17 11:12 126312 ----a-w- c:\windows\system32\GEARAspi64.dll
2011-03-15 18:54 . 2008-04-17 11:12 107368 ----a-w- c:\windows\SysWow64\GEARAspi.dll
2011-03-15 18:52 . 2011-03-15 18:52 -------- d-----w- c:\program files\Bonjour
2011-03-15 18:52 . 2011-03-15 18:52 -------- d-----w- c:\program files (x86)\Bonjour
2011-03-15 18:52 . 2011-03-15 19:04 -------- d-----w- c:\programdata\Apple
2011-03-15 18:52 . 2011-03-15 18:53 -------- d-----w- c:\program files (x86)\Common Files\Apple
2011-03-15 12:55 . 2011-03-15 12:55 -------- d-----w- c:\program files (x86)\RocketDock
2011-03-15 12:54 . 2011-03-15 12:54 -------- d-----w- c:\programdata\Avira
2011-03-15 12:54 . 2011-03-15 12:54 -------- d-----w- c:\program files (x86)\Avira
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-04-06 11:09 . 2011-04-06 11:09 988715 ----a-w- C:\UsbFix_Upload_Me_PC-DE-GEOFFREY.zip
2011-03-29 17:17 . 2010-06-24 10:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-02-18 15:36 . 2011-02-18 15:36 51712 ----a-w- c:\windows\system32\drivers\usbaapl64.sys
2011-02-18 15:36 . 2011-02-18 15:36 4184352 ----a-w- c:\windows\system32\usbaaplrc.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2011-04-06_15.12.35 )))))))))))))))))))))))))))))))))))))))))
.
- 2011-04-06 13:02 . 2011-04-06 13:02 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-04-06 15:35 . 2011-04-06 15:35 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-04-06 15:35 . 2011-04-06 15:35 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2011-04-06 13:02 . 2011-04-06 13:02 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2009-07-14 05:01 . 2011-04-06 15:35 397664 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2009-07-14 05:01 . 2011-04-06 13:02 397664 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"="c:\program files (x86)\RocketDock\RocketDock.exe" [2007-09-02 495616]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-09-23 35760]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]
"NBAgent"="c:\program files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" [2010-09-02 1234216]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-04-26 102400]
"ToshibaServiceStation"="c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" [2009-10-06 1294136]
"TWebCamera"="c:\program files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" [2010-02-24 2454840]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2011-02-04 281768]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-29 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-03-07 421160]
"IJNetworkScanUtility"="c:\program files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE" [2007-11-19 128352]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"TOSHIBA Online Product Information"="c:\program files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe" [2010-03-03 4581280]
.
c:\users\Geoffrey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2010 - Capture d''cran et lancement.lnk - c:\program files\Microsoft Office\Office14\ONENOTEM.EXE [2010-3-29 245120]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
TRDCReminder.lnk - c:\program files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe [2009-9-1 481184]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 51456888]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUStor.sys [x]
R3 TMachInfo;TMachInfo;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2009-10-06 51512]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2011-02-04 135336]
S2 cfWiMAXService;ConfigFree WiMAX Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2010-01-28 249200]
S2 ConfigFree Service;ConfigFree Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-10 46448]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2010-05-04 503080]
S2 TeamViewer6;TeamViewer 6;c:\program files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-03-18 2271608]
S2 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO);c:\program files (x86)\Toshiba TEMPRO\TemproSvc.exe [2010-05-11 124368]
S2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;c:\program files\TOSHIBA\TECO\TecoService.exe [2010-03-17 258928]
S2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\DRIVERS\TVALZFL.sys [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-03-03 2320920]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 CnxtHdmiAudService;Conexant UAA HDMI Function Driver for High Definition Audio Service;c:\windows\system32\drivers\CHDMI64.sys [x]
S3 FwLnk;FwLnk Driver;c:\windows\system32\DRIVERS\FwLnk.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [x]
S3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys [x]
S3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;c:\windows\system32\DRIVERS\rtl8192se.sys [x]
S3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-02-05 137560]
S3 TPCHSrv;TPCH Service;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe [2010-02-23 835952]
.
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TosReelTimeMonitor"="%ProgramFiles%\TOSHIBA\ReelTime\TosReelTimeMonitor.exe" [BU]
"TosNC"="%ProgramFiles%\Toshiba\BulletinBoard\TosNcCore.exe" [BU]
"SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe" [BU]
"TosSENotify"="c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe" [2010-02-05 709976]
"Toshiba TEMPRO"="c:\program files (x86)\Toshiba TEMPRO\TemproTray.exe" [2010-05-11 1050072]
"TPwrMain"="%ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE" [BU]
"HSON"="%ProgramFiles%\TOSHIBA\TBS\HSON.exe" [BU]
"SmoothView"="%ProgramFiles%\Toshiba\SmoothView\SmoothView.exe" [BU]
"00TCrdMain"="%ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe" [BU]
"SmartAudio"="c:\program files\CONEXANT\SAII\SAIICpl.exe" [2009-11-19 307768]
"cAudioFilterAgent"="c:\program files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe" [2010-03-22 521272]
"SmartFaceVWatcher"="%ProgramFiles%\Toshiba\SmartFaceV\SmartFaceVWatcher.exe" [BU]
"Teco"="%ProgramFiles%\TOSHIBA\TECO\Teco.exe" [BU]
"TosWaitSrv"="%ProgramFiles%\TOSHIBA\TPHM\TosWaitSrv.exe" [BU]
"TosVolRegulator"="c:\program files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe" [2009-11-11 24376]
"Toshiba Registration"="c:\program files\Toshiba\Registration\ToshibaReminder.exe" [2010-04-19 136136]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 112512]
"CanonSolutionMenu"="c:\program files (x86)\Canon\SolutionMenu\CNSLMAIN.exe" [2008-03-10 689488]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2008-03-17 2114376]
.
------- Examen supplémentaire -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: &Envoyer à OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Télécharger avec Mipony - file://c:\program files (x86)\MiPony\Browser\IEContext.htm
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
FF - ProfilePath - c:\users\Geoffrey\AppData\Roaming\Mozilla\Firefox\Profiles\aovxzhnh.default\
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Aero Fox XL: {5c8bfb7c-9a54-11dc-8314-0800200c9a66} - %profile%\extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66}
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
.
- - - - ORPHELINS SUPPRIMES - - - -
.
Toolbar-Locked - (no file)
.
.
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
------------------------ Autres processus actifs ------------------------
.
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Bonjour\mDNSResponder.exe
c:\program files (x86)\Canon\IJPLM\IJPLMSVC.EXE
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\TeamViewer\Version6\TeamViewer.exe
c:\program files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
c:\program files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
.
**************************************************************************
.
Heure de fin: 2011-04-06 17:39:33 - La machine a redémarré
ComboFix-quarantined-files.txt 2011-04-06 15:39
ComboFix2.txt 2011-04-06 15:13
.
Avant-CF: 208 232 255 488 octets libres
Après-CF: 208 151 273 472 octets libres
.
- - End Of File - - FCA08319A3B6A852BD36B141C6D3301C
Microsoft Windows 7 Édition Familiale Premium 6.1.7600.0.1252.33.1036.18.3959.2588 [GMT 2:00]
Lancé depuis: c:\users\Geoffrey\Desktop\Geoffrey.exe
Commutateurs utilisés :: c:\users\Geoffrey\Desktop\CFScript.txt
AV: AntiVir Desktop *Enabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Enabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2011-03-06 au 2011-04-06 ))))))))))))))))))))))))))))))))))))
.
.
2011-04-06 15:35 . 2011-04-06 15:35 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-04-06 13:57 . 2011-04-06 13:57 -------- d-----w- C:\Kill'em
2011-04-06 13:57 . 2011-04-06 14:53 -------- d-----w- c:\program files (x86)\List_Kill'em
2011-04-06 12:04 . 2010-12-20 16:09 38224 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
2011-04-06 12:04 . 2011-04-06 12:04 -------- d-----w- c:\programdata\Malwarebytes
2011-04-06 12:04 . 2011-04-06 12:04 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2011-04-06 12:04 . 2010-12-20 16:08 24152 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-04-06 11:30 . 2011-04-06 15:12 -------- d-----w- C:\tdsskiller
2011-04-06 11:06 . 2011-04-06 11:09 -------- d-----w- C:\UsbFix
2011-04-05 09:07 . 2011-03-15 05:17 8424784 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D6307EA5-8474-44A1-8FA1-167D3AF56283}\mpengine.dll
2011-04-03 18:37 . 2011-04-03 18:38 -------- d-----w- c:\program files (x86)\Total Video Converter
2011-04-02 11:44 . 2011-04-02 11:44 -------- d-----w- c:\program files (x86)\Lame For Audacity
2011-04-02 11:43 . 2011-04-02 11:43 -------- d-----w- c:\program files (x86)\Audacity
2011-03-29 18:00 . 2011-04-06 10:05 -------- d-----w- c:\program files (x86)\JDownloader
2011-03-28 16:46 . 2011-03-28 16:46 -------- d-----w- c:\programdata\CanonIJ
2011-03-26 20:48 . 2011-03-29 18:16 -------- d-----w- c:\program files (x86)\Internet Download Manager
2011-03-26 19:58 . 2011-03-26 19:58 -------- d-----w- c:\program files (x86)\TeamViewer
2011-03-21 19:16 . 2011-03-21 19:16 -------- d-----w- c:\windows\Sun
2011-03-21 19:15 . 2011-03-21 19:15 -------- d-----w- c:\program files\Common Files\CANON
2011-03-21 19:15 . 2011-03-21 19:15 -------- d-----w- c:\program files\Canon
2011-03-21 19:12 . 2011-03-21 19:12 -------- d--h--w- c:\programdata\CanonBJ
2011-03-21 19:12 . 2008-05-29 20:00 82944 ----a-w- c:\windows\system32\Spool\prtprocs\x64\CNMPP9D.DLL
2011-03-21 19:12 . 2008-05-29 20:00 27648 ----a-w- c:\windows\system32\Spool\prtprocs\x64\CNMPD9D.DLL
2011-03-21 19:12 . 2011-03-21 19:12 -------- d--h--w- c:\windows\system32\CanonIJ Uninstaller Information
2011-03-21 19:12 . 2008-05-29 20:00 279040 ----a-w- c:\windows\system32\CNMLM9D.DLL
2011-03-21 19:12 . 2008-05-30 00:28 293376 ----a-w- c:\windows\system32\CNC620L.DLL
2011-03-21 19:12 . 2008-04-07 05:59 92672 ----a-w- c:\windows\system32\CNC620I.DLL
2011-03-21 19:12 . 2007-03-15 05:13 229888 ----a-w- c:\windows\system32\CNC620O.DLL
2011-03-21 19:12 . 2008-04-07 05:59 1354240 ----a-w- c:\windows\system32\CNC620C.DLL
2011-03-21 19:11 . 2007-06-06 00:42 151552 ----a-w- c:\windows\system32\CNMN6UI.DLL
2011-03-21 19:11 . 2007-06-06 00:42 251904 ----a-w- c:\windows\system32\CNMN6PPM.DLL
2011-03-21 19:07 . 2011-03-21 19:20 -------- d-----w- c:\program files (x86)\Canon
2011-03-19 16:04 . 2011-03-19 16:04 -------- d-----w- c:\program files\DIFX
2011-03-19 16:04 . 2009-09-03 15:30 128512 ----a-w- c:\windows\system32\drivers\tiehdusb.sys
2011-03-19 16:04 . 2011-03-19 16:04 -------- d-----w- c:\program files (x86)\Common Files\TI Shared
2011-03-19 16:04 . 2011-03-19 16:04 -------- d-----w- c:\program files (x86)\TI Education
2011-03-18 23:39 . 2011-03-18 23:39 -------- d-----w- c:\program files (x86)\Pod to PC
2011-03-18 18:39 . 2011-03-18 18:39 -------- d-----w- c:\program files (x86)\FreeTime
2011-03-17 20:45 . 2011-03-27 15:28 -------- d-----w- c:\program files (x86)\Free PDF to Word Converter
2011-03-17 20:36 . 2011-03-17 20:36 -------- d-----w- c:\program files (x86)\Guitar Pro 6
2011-03-17 07:52 . 2011-03-17 07:52 -------- d-----w- c:\windows\SysWow64\Wat
2011-03-17 07:52 . 2011-03-17 07:52 -------- d-----w- c:\windows\system32\Wat
2011-03-16 18:40 . 2010-09-14 06:45 367104 ----a-w- c:\windows\system32\wcncsvc.dll
2011-03-16 18:40 . 2010-09-14 06:07 276992 ----a-w- c:\windows\SysWow64\wcncsvc.dll
2011-03-16 18:37 . 2011-03-16 18:37 -------- d-----w- c:\program files (x86)\MSXML 4.0
2011-03-16 18:36 . 2009-11-25 11:47 99176 ----a-w- c:\windows\SysWow64\PresentationHostProxy.dll
2011-03-16 18:36 . 2009-11-25 11:47 49472 ----a-w- c:\windows\SysWow64\netfxperf.dll
2011-03-16 18:36 . 2009-11-25 11:47 48960 ----a-w- c:\windows\system32\netfxperf.dll
2011-03-16 18:36 . 2009-11-25 11:47 297808 ----a-w- c:\windows\SysWow64\mscoree.dll
2011-03-16 18:36 . 2009-11-25 11:47 295264 ----a-w- c:\windows\SysWow64\PresentationHost.exe
2011-03-16 18:36 . 2009-11-25 11:47 1130824 ----a-w- c:\windows\SysWow64\dfshim.dll
2011-03-16 18:36 . 2009-11-25 11:47 109912 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2011-03-16 18:36 . 2009-11-25 11:47 444752 ----a-w- c:\windows\system32\mscoree.dll
2011-03-16 18:36 . 2009-11-25 11:47 320352 ----a-w- c:\windows\system32\PresentationHost.exe
2011-03-16 18:36 . 2009-11-25 11:47 1942856 ----a-w- c:\windows\system32\dfshim.dll
2011-03-16 18:36 . 2010-02-23 08:16 294912 ----a-w- c:\windows\system32\browserchoice.exe
2011-03-16 17:32 . 2011-03-16 17:32 -------- d-----w- c:\program files (x86)\VideoLAN
2011-03-16 14:16 . 2010-12-18 06:11 714752 ----a-w- c:\windows\system32\kerberos.dll
2011-03-16 14:15 . 2010-11-02 05:12 1837568 ----a-w- c:\windows\system32\d3d10warp.dll
2011-03-16 14:14 . 2010-10-27 05:18 5510528 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-03-16 14:14 . 2010-10-27 05:16 1739176 ----a-w- c:\windows\system32\ntdll.dll
2011-03-16 14:14 . 2010-10-27 04:43 3901824 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2011-03-16 14:14 . 2010-10-27 04:43 3957120 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2011-03-16 14:14 . 2010-10-27 04:40 1293120 ----a-w- c:\windows\SysWow64\ntdll.dll
2011-03-16 14:14 . 2011-01-07 08:06 46080 ----a-w- c:\windows\system32\atmlib.dll
2011-03-16 14:14 . 2011-01-07 07:27 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2011-03-16 14:14 . 2011-01-07 05:49 366080 ----a-w- c:\windows\system32\atmfd.dll
2011-03-16 14:14 . 2011-01-07 05:33 294400 ----a-w- c:\windows\SysWow64\atmfd.dll
2011-03-16 14:12 . 2010-12-23 06:07 961024 ----a-w- c:\windows\system32\CPFilters.dll
2011-03-16 14:12 . 2010-12-23 06:07 723968 ----a-w- c:\windows\system32\EncDec.dll
2011-03-16 14:12 . 2010-12-23 05:28 642048 ----a-w- c:\windows\SysWow64\CPFilters.dll
2011-03-16 14:12 . 2010-12-23 05:28 534528 ----a-w- c:\windows\SysWow64\EncDec.dll
2011-03-16 14:12 . 2010-12-23 06:07 1118720 ----a-w- c:\windows\system32\sbe.dll
2011-03-16 14:12 . 2010-12-23 06:02 259072 ----a-w- c:\windows\system32\mpg2splt.ax
2011-03-16 14:12 . 2010-12-23 05:28 850432 ----a-w- c:\windows\SysWow64\sbe.dll
2011-03-16 14:12 . 2010-12-23 05:24 199680 ----a-w- c:\windows\SysWow64\mpg2splt.ax
2011-03-16 14:12 . 2010-10-19 08:47 7680 ----a-w- c:\program files\Internet Explorer\iecompat.dll
2011-03-16 14:12 . 2010-10-19 08:10 7680 ----a-w- c:\program files (x86)\Internet Explorer\iecompat.dll
2011-03-16 14:11 . 2010-10-16 05:17 720896 ----a-w- c:\windows\system32\odbc32.dll
2011-03-16 14:11 . 2010-10-16 05:16 495616 ----a-w- c:\program files\Common Files\System\ado\msadox.dll
2011-03-16 14:11 . 2010-10-16 05:16 466944 ----a-w- c:\program files\Common Files\System\ado\msadomd.dll
2011-03-16 14:11 . 2010-10-16 05:16 1425408 ----a-w- c:\program files\Common Files\System\ado\msado15.dll
2011-03-16 14:11 . 2010-10-16 04:34 573440 ----a-w- c:\windows\SysWow64\odbc32.dll
2011-03-16 14:11 . 2010-10-16 05:16 258048 ----a-w- c:\program files\Common Files\System\msadc\msadco.dll
2011-03-16 14:11 . 2010-10-16 04:33 372736 ----a-w- c:\program files (x86)\Common Files\System\ado\msadox.dll
2011-03-16 14:11 . 2010-10-16 04:33 352256 ----a-w- c:\program files (x86)\Common Files\System\ado\msadomd.dll
2011-03-16 14:11 . 2010-10-16 04:33 987136 ----a-w- c:\program files (x86)\Common Files\System\ado\msado15.dll
2011-03-16 14:11 . 2010-10-16 04:33 208896 ----a-w- c:\program files (x86)\Common Files\System\msadc\msadco.dll
2011-03-16 14:10 . 2011-01-05 04:00 3127808 ----a-w- c:\windows\system32\win32k.sys
2011-03-16 14:09 . 2004-08-04 02:56 431616 ----a-w- c:\windows\SysWow64\temp.000
2011-03-16 14:09 . 2000-05-21 23:00 203976 ----a-w- c:\windows\SysWow64\RICHTX32.OCX
2011-03-16 14:09 . 2011-03-16 14:09 -------- d-----w- c:\programdata\KLC
2011-03-16 14:09 . 1999-12-07 06:00 61491 ----a-w- c:\windows\SysWow64\wbemdisp.TLB
2011-03-16 14:02 . 2011-01-07 08:07 662528 ----a-w- c:\windows\system32\XpsPrint.dll
2011-03-16 14:02 . 2011-01-07 08:07 475648 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-03-16 14:02 . 2011-01-07 07:31 442880 ----a-w- c:\windows\SysWow64\XpsPrint.dll
2011-03-16 14:02 . 2011-01-07 07:31 288256 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2011-03-16 14:01 . 2010-08-21 06:29 558592 ----a-w- c:\windows\system32\spoolsv.exe
2011-03-16 13:54 . 2010-12-21 06:16 214016 ----a-w- c:\windows\system32\winsrv.dll
2011-03-16 13:47 . 2010-10-16 05:19 395776 ----a-w- c:\windows\system32\webio.dll
2011-03-16 13:47 . 2010-10-16 04:36 314368 ----a-w- c:\windows\SysWow64\webio.dll
2011-03-16 13:44 . 2009-09-26 06:20 223448 ----a-w- c:\windows\system32\drivers\fvevol.sys
2011-03-16 13:10 . 2010-10-12 05:05 35328 ----a-w- c:\program files\Windows Mail\wabfind.dll
2011-03-16 13:10 . 2010-10-12 05:00 516096 ----a-w- c:\program files\Windows Mail\wab.exe
2011-03-16 13:10 . 2010-10-12 04:25 516096 ----a-w- c:\program files (x86)\Windows Mail\wab.exe
2011-03-16 13:04 . 2010-07-13 05:37 27008 ----a-w- c:\windows\system32\drivers\Diskdump.sys
2011-03-16 12:33 . 2010-12-18 06:12 3138048 ----a-w- c:\windows\system32\mstscax.dll
2011-03-16 12:33 . 2010-12-18 06:08 1097216 ----a-w- c:\windows\system32\mstsc.exe
2011-03-16 12:33 . 2010-12-18 05:30 2690560 ----a-w- c:\windows\SysWow64\mstscax.dll
2011-03-16 12:33 . 2010-12-18 05:26 1034240 ----a-w- c:\windows\SysWow64\mstsc.exe
2011-03-16 12:32 . 2010-10-16 05:23 112000 ----a-w- c:\windows\system32\consent.exe
2011-03-16 12:27 . 2011-03-16 12:27 -------- d-----w- c:\programdata\Guitar Pro 6
2011-03-16 11:09 . 2011-03-16 11:10 -------- d-----w- c:\program files (x86)\WildTangent Games
2011-03-15 19:09 . 2011-03-27 09:30 -------- d-----w- c:\program files (x86)\uTorrent
2011-03-15 18:54 . 2011-03-15 18:54 -------- dc----w- c:\windows\system32\DRVSTORE
2011-03-15 18:54 . 2009-05-18 12:17 34152 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2011-03-15 18:54 . 2008-04-17 11:12 126312 ----a-w- c:\windows\system32\GEARAspi64.dll
2011-03-15 18:54 . 2008-04-17 11:12 107368 ----a-w- c:\windows\SysWow64\GEARAspi.dll
2011-03-15 18:52 . 2011-03-15 18:52 -------- d-----w- c:\program files\Bonjour
2011-03-15 18:52 . 2011-03-15 18:52 -------- d-----w- c:\program files (x86)\Bonjour
2011-03-15 18:52 . 2011-03-15 19:04 -------- d-----w- c:\programdata\Apple
2011-03-15 18:52 . 2011-03-15 18:53 -------- d-----w- c:\program files (x86)\Common Files\Apple
2011-03-15 12:55 . 2011-03-15 12:55 -------- d-----w- c:\program files (x86)\RocketDock
2011-03-15 12:54 . 2011-03-15 12:54 -------- d-----w- c:\programdata\Avira
2011-03-15 12:54 . 2011-03-15 12:54 -------- d-----w- c:\program files (x86)\Avira
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-04-06 11:09 . 2011-04-06 11:09 988715 ----a-w- C:\UsbFix_Upload_Me_PC-DE-GEOFFREY.zip
2011-03-29 17:17 . 2010-06-24 10:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-02-18 15:36 . 2011-02-18 15:36 51712 ----a-w- c:\windows\system32\drivers\usbaapl64.sys
2011-02-18 15:36 . 2011-02-18 15:36 4184352 ----a-w- c:\windows\system32\usbaaplrc.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2011-04-06_15.12.35 )))))))))))))))))))))))))))))))))))))))))
.
- 2011-04-06 13:02 . 2011-04-06 13:02 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-04-06 15:35 . 2011-04-06 15:35 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-04-06 15:35 . 2011-04-06 15:35 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2011-04-06 13:02 . 2011-04-06 13:02 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2009-07-14 05:01 . 2011-04-06 15:35 397664 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2009-07-14 05:01 . 2011-04-06 13:02 397664 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"="c:\program files (x86)\RocketDock\RocketDock.exe" [2007-09-02 495616]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-09-23 35760]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]
"NBAgent"="c:\program files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" [2010-09-02 1234216]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-04-26 102400]
"ToshibaServiceStation"="c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" [2009-10-06 1294136]
"TWebCamera"="c:\program files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" [2010-02-24 2454840]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2011-02-04 281768]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-29 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-03-07 421160]
"IJNetworkScanUtility"="c:\program files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE" [2007-11-19 128352]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"TOSHIBA Online Product Information"="c:\program files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe" [2010-03-03 4581280]
.
c:\users\Geoffrey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2010 - Capture d''cran et lancement.lnk - c:\program files\Microsoft Office\Office14\ONENOTEM.EXE [2010-3-29 245120]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
TRDCReminder.lnk - c:\program files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe [2009-9-1 481184]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 51456888]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUStor.sys [x]
R3 TMachInfo;TMachInfo;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2009-10-06 51512]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2011-02-04 135336]
S2 cfWiMAXService;ConfigFree WiMAX Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2010-01-28 249200]
S2 ConfigFree Service;ConfigFree Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-10 46448]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2010-05-04 503080]
S2 TeamViewer6;TeamViewer 6;c:\program files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-03-18 2271608]
S2 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO);c:\program files (x86)\Toshiba TEMPRO\TemproSvc.exe [2010-05-11 124368]
S2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;c:\program files\TOSHIBA\TECO\TecoService.exe [2010-03-17 258928]
S2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\DRIVERS\TVALZFL.sys [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-03-03 2320920]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 CnxtHdmiAudService;Conexant UAA HDMI Function Driver for High Definition Audio Service;c:\windows\system32\drivers\CHDMI64.sys [x]
S3 FwLnk;FwLnk Driver;c:\windows\system32\DRIVERS\FwLnk.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [x]
S3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys [x]
S3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;c:\windows\system32\DRIVERS\rtl8192se.sys [x]
S3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-02-05 137560]
S3 TPCHSrv;TPCH Service;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe [2010-02-23 835952]
.
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TosReelTimeMonitor"="%ProgramFiles%\TOSHIBA\ReelTime\TosReelTimeMonitor.exe" [BU]
"TosNC"="%ProgramFiles%\Toshiba\BulletinBoard\TosNcCore.exe" [BU]
"SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe" [BU]
"TosSENotify"="c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe" [2010-02-05 709976]
"Toshiba TEMPRO"="c:\program files (x86)\Toshiba TEMPRO\TemproTray.exe" [2010-05-11 1050072]
"TPwrMain"="%ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE" [BU]
"HSON"="%ProgramFiles%\TOSHIBA\TBS\HSON.exe" [BU]
"SmoothView"="%ProgramFiles%\Toshiba\SmoothView\SmoothView.exe" [BU]
"00TCrdMain"="%ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe" [BU]
"SmartAudio"="c:\program files\CONEXANT\SAII\SAIICpl.exe" [2009-11-19 307768]
"cAudioFilterAgent"="c:\program files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe" [2010-03-22 521272]
"SmartFaceVWatcher"="%ProgramFiles%\Toshiba\SmartFaceV\SmartFaceVWatcher.exe" [BU]
"Teco"="%ProgramFiles%\TOSHIBA\TECO\Teco.exe" [BU]
"TosWaitSrv"="%ProgramFiles%\TOSHIBA\TPHM\TosWaitSrv.exe" [BU]
"TosVolRegulator"="c:\program files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe" [2009-11-11 24376]
"Toshiba Registration"="c:\program files\Toshiba\Registration\ToshibaReminder.exe" [2010-04-19 136136]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 112512]
"CanonSolutionMenu"="c:\program files (x86)\Canon\SolutionMenu\CNSLMAIN.exe" [2008-03-10 689488]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2008-03-17 2114376]
.
------- Examen supplémentaire -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: &Envoyer à OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Télécharger avec Mipony - file://c:\program files (x86)\MiPony\Browser\IEContext.htm
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
FF - ProfilePath - c:\users\Geoffrey\AppData\Roaming\Mozilla\Firefox\Profiles\aovxzhnh.default\
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Aero Fox XL: {5c8bfb7c-9a54-11dc-8314-0800200c9a66} - %profile%\extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66}
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
.
- - - - ORPHELINS SUPPRIMES - - - -
.
Toolbar-Locked - (no file)
.
.
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
------------------------ Autres processus actifs ------------------------
.
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Bonjour\mDNSResponder.exe
c:\program files (x86)\Canon\IJPLM\IJPLMSVC.EXE
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\TeamViewer\Version6\TeamViewer.exe
c:\program files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
c:\program files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
.
**************************************************************************
.
Heure de fin: 2011-04-06 17:39:33 - La machine a redémarré
ComboFix-quarantined-files.txt 2011-04-06 15:39
ComboFix2.txt 2011-04-06 15:13
.
Avant-CF: 208 232 255 488 octets libres
Après-CF: 208 151 273 472 octets libres
.
- - End Of File - - FCA08319A3B6A852BD36B141C6D3301C
massoun
Messages postés
1011
Date d'inscription
dimanche 13 avril 2008
Statut
Membre
Dernière intervention
11 septembre 2018
43
6 avril 2011 à 18:05
6 avril 2011 à 18:05
Ils refonctionnent! Merci infiniment!
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Utilisateur anonyme
6 avril 2011 à 18:59
6 avril 2011 à 18:59
fermer toutes les fenêtres et applications lors de l'installation et de l'analyse.
▶ Télécharge ici :
Malwarebytes
▶ Installe le ( choisis bien "francais" ; ne modifie pas les paramètres d'installe ) et mets le à jour .
(NB : Si tu as un message d'erreur t'indiquant qu'il te manque "COMCTL32.OCX" lors de l'installe, alors télécharge le ici : COMCTL32.OCX
▶ Potasses le Tuto pour te familiariser avec le prg :
( cela dit, il est très simple d'utilisation ).
relance malwarebytes en suivant scrupuleusement ces consignes :
! Déconnecte toi et ferme toutes applications en cours !
▶ Lance Malwarebyte's .
Fais un examen dit "Complet" .
▶ Laisse le programme travailler ( et ne rien faire d'autre avec le PC durant le scan ).
▶ à la fin tu cliques sur "résultat" .
▶ Vérifie que tous les objets infectés soient validés, puis clique sur " suppression " .
▶ Note : si il faut redémarrer ton PC pour finir le nettoyage, fais le !
▶ Poste le rapport sauvegardé après la suppression des objets infectés (dans l'onglet "rapport/log"de Malwarebytes, le dernier en date)
▶ Télécharge ici :
Malwarebytes
▶ Installe le ( choisis bien "francais" ; ne modifie pas les paramètres d'installe ) et mets le à jour .
(NB : Si tu as un message d'erreur t'indiquant qu'il te manque "COMCTL32.OCX" lors de l'installe, alors télécharge le ici : COMCTL32.OCX
▶ Potasses le Tuto pour te familiariser avec le prg :
( cela dit, il est très simple d'utilisation ).
relance malwarebytes en suivant scrupuleusement ces consignes :
! Déconnecte toi et ferme toutes applications en cours !
▶ Lance Malwarebyte's .
Fais un examen dit "Complet" .
▶ Laisse le programme travailler ( et ne rien faire d'autre avec le PC durant le scan ).
▶ à la fin tu cliques sur "résultat" .
▶ Vérifie que tous les objets infectés soient validés, puis clique sur " suppression " .
▶ Note : si il faut redémarrer ton PC pour finir le nettoyage, fais le !
▶ Poste le rapport sauvegardé après la suppression des objets infectés (dans l'onglet "rapport/log"de Malwarebytes, le dernier en date)
