Dropper.Generic_c.MMI et ComboFix

Bonjour,

Mon ordi a malencontreusement été infecté par le virus Dropper.Generic_c.MMI sur le fichier
C:\\ windows\ system 32\ service. J'ai fait fonctionner ComboFix car ce fichier était sur liste blanche mais ne l'ai probablement pas fait dans les règles de l'art car des modules d'avg n'étaient pas désactivés. Résultat: mon ordi rame notamment quand je navigue dans l'explorateur windows et je n'ai plus accès à internet. Pourriez-vous m'aider svp?
Mon rapport Combofix:
ComboFix 12-08-05.02 - Olivier 07/08/2012 0:21.2.4 - x64
Microsoft Windows 7 Édition Intégrale 6.1.7601.1.1252.33.1036.18.4077.2544 [GMT 2:00]
Lancé depuis: c:\users\Olivier\Desktop\ComboFix.exe
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Exécution préalable -------
.
c:\program files (x86)\ShopperReports3
c:\program files (x86)\ShopperReports3\bin\3.0.517.0\CmndFF.dll
c:\program files (x86)\ShopperReports3\bin\3.0.517.0\firefox\firefoxtoolbar\extensions\chrome.manifest
c:\program files (x86)\ShopperReports3\bin\3.0.517.0\firefox\firefoxtoolbar\extensions\chrome\firefoxtoolbar.jar
c:\program files (x86)\ShopperReports3\bin\3.0.517.0\firefox\firefoxtoolbar\extensions\components\BRNstFF.xpt
c:\program files (x86)\ShopperReports3\bin\3.0.517.0\firefox\firefoxtoolbar\extensions\install.rdf
c:\program files (x86)\ShopperReports3\bin\3.0.517.0\link.ico
c:\program files (x86)\ShopperReports3\bin\3.0.517.0\Pltfrm.dll
c:\program files (x86)\ShopperReports3\bin\3.0.517.0\ShopperReports.dll
c:\programdata\2ACA5CC3-0F83-453D-A079-1076FE1A8B65
c:\programdata\Microsoft\Windows\Start Menu\Programs\ShopperReports
c:\programdata\Microsoft\Windows\Start Menu\Programs\ShopperReports\About Us.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\ShopperReports\Customer Support.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\ShopperReports\ShopperReports Uninstall Instructions.lnk
c:\users\Olivier\AppData\Roaming\ShopperReports3
c:\users\Olivier\videos\jdownloader_jdownloader_0.9.579_francais_275252.exe
c:\windows\Installer\{33d376a9-8080-12dd-6367-3eecd313228d}\@
c:\windows\Installer\{33d376a9-8080-12dd-6367-3eecd313228d}\L\00000004.@
c:\windows\Installer\{33d376a9-8080-12dd-6367-3eecd313228d}\L\201d3dde
c:\windows\Installer\{33d376a9-8080-12dd-6367-3eecd313228d}\U\00000004.@
c:\windows\Installer\{33d376a9-8080-12dd-6367-3eecd313228d}\U\00000008.@
c:\windows\Installer\{33d376a9-8080-12dd-6367-3eecd313228d}\U\000000cb.@
c:\windows\Installer\{33d376a9-8080-12dd-6367-3eecd313228d}\U\80000000.@
c:\windows\Installer\{33d376a9-8080-12dd-6367-3eecd313228d}\U\80000032.@
c:\windows\Installer\{33d376a9-8080-12dd-6367-3eecd313228d}\U\80000064.@
c:\windows\SysWow64\tmp84D9.tmp
c:\windows\SysWow64\tmpFB.tmp
c:\windows\SysWow64\tmpFC.tmp
c:\windows\SysWow64\URTTemp
c:\windows\SysWow64\URTTemp\regtlib.exe
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2012-07-06 au 2012-08-06 ))))))))))))))))))))))))))))))))))))
.
.
2012-08-06 22:28 . 2012-08-06 22:28 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-08-06 21:02 . 2012-08-06 21:02 -------- d-----w- c:\program files (x86)\Common Files\Java
2012-08-06 21:01 . 2012-08-06 21:01 -------- d-----w- c:\program files (x86)\Oracle
2012-08-06 21:01 . 2012-07-05 20:06 772544 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2012-08-06 19:53 . 2012-08-06 19:53 -------- d-----w- c:\users\Administrateur
2012-08-06 19:25 . 2012-08-06 21:04 312480 ----a-w- c:\windows\system32\drivers\atksgt.sys
2012-08-06 19:25 . 2012-08-06 19:25 43168 ----a-w- c:\windows\system32\drivers\lirsgt.sys
2012-08-06 19:15 . 2012-08-06 19:15 -------- d-----w- c:\program files (x86)\Deep Silver
2012-08-06 18:59 . 2012-08-06 18:59 -------- d-----w- c:\program files (x86)\Anuman interactive
2012-08-06 13:33 . 2012-08-06 13:33 -------- d-sh--w- c:\windows\SysWow64\%APPDATA%
2012-08-06 01:30 . 2012-08-06 01:30 -------- d-----w- c:\windows\SysWow64\xlive
2012-08-06 01:30 . 2012-08-06 01:30 -------- d-----w- c:\program files (x86)\Microsoft Games for Windows - LIVE
2012-08-05 23:26 . 2012-08-05 23:26 -------- d-sh--w- c:\programdata\SecuROM
2012-08-01 15:34 . 2012-08-01 15:34 -------- d-----w- c:\program files (x86)\Microsoft.NET
2012-07-27 22:25 . 2011-01-31 09:27 9728 ----a-w- c:\windows\system32\gTabletTaskDll.dll
2012-07-27 22:25 . 2011-01-24 10:12 40328 ----a-w- c:\windows\system32\drivers\ioTablet.sys
2012-07-27 22:25 . 2011-01-24 10:12 1720712 ----a-w- c:\windows\system32\WdfCoInstaller01009.dll
2012-07-27 22:25 . 2011-01-24 10:12 12680 ----a-w- c:\windows\system32\drivers\ioTblMap.sys
2012-07-27 22:25 . 2010-12-15 13:11 23936 ----a-w- c:\windows\system32\drivers\ioFakDrv.sys
2012-07-27 22:25 . 2010-12-15 13:11 12672 ----a-w- c:\windows\system32\drivers\ioFakMap.sys
2012-07-27 22:24 . 2012-07-27 22:24 -------- d-----w- C:\Genius
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-06 21:56 . 2011-06-18 13:40 20048 ----a-w- c:\windows\system32\drivers\AFD.SYS
2012-08-06 21:56 . 2009-07-14 00:10 20048 ----a-w- c:\windows\system32\drivers\WS2IFSL.SYS
2012-08-06 01:32 . 2009-08-18 10:49 564632 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\wlidui.dll
2012-08-06 01:32 . 2009-08-18 09:24 19720 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2012-08-03 01:26 . 2012-04-02 18:58 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-08-03 01:26 . 2011-12-01 23:03 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-07-05 20:06 . 2011-06-20 14:58 687544 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-06-02 22:19 . 2012-06-21 15:15 38424 ----a-w- c:\windows\system32\wups.dll
2012-06-02 22:19 . 2012-06-21 15:15 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-02 22:19 . 2012-06-21 15:15 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-02 22:19 . 2012-06-21 15:15 44056 ----a-w- c:\windows\system32\wups2.dll
2012-06-02 22:19 . 2012-06-21 15:15 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-06-02 22:15 . 2012-06-21 15:15 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-06-02 22:15 . 2012-06-21 15:15 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-06-02 13:19 . 2012-06-21 15:15 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-02 13:15 . 2012-06-21 15:15 36864 ----a-w- c:\windows\system32\wuapp.exe
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e}"= "c:\program files (x86)\uTorrentBar_FR\prxtbuTor.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e}]
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e}]
2011-05-09 09:49 176936 ----a-w- c:\program files (x86)\uTorrentBar_FR\prxtbuTor.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e}"= "c:\program files (x86)\uTorrentBar_FR\prxtbuTor.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"="c:\program files (x86)\RocketDock\RocketDock.exe" [2007-09-02 495616]
"Akamai NetSession Interface"="c:\users\Olivier\AppData\Local\Akamai\netsession_win.exe" [2012-05-26 4327744]
"AlcoholAutomount"="c:\program files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" [2010-08-20 33120]
"Spotify Web Helper"="c:\users\Olivier\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2012-08-06 1193176]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ATICustomerCare"="c:\program files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe" [2010-05-04 311296]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2011-03-11 113288]
"AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-07-22 402432]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"M-Audio Taskbar Icon"="c:\windows\system32\DeltaIITray.exe" [2009-07-27 236040]
"EEventManager"="c:\progra~2\EPSONS~1\EVENTM~1\EEventManager.exe" [2009-04-07 673616]
"atwtusb"="atwtusb.exe" [2007-05-15 323232]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-07-07 336384]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-01-03 37296]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712]
"Boxore Client"="c:\program files (x86)\Boxore\BoxoreClient\boxore.exe" [2012-06-19 598320]
"ioTablet"="c:\genius\ioTablet\gTabTaskBar.exe" [2011-01-31 45568]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]
.
c:\users\Olivier\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.3.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]
@="Service"
.
R1 aiptektp;Pen Pad;c:\windows\system32\DRIVERS\aiptektp.sys [2006-12-27 29184]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Service Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-28 136176]
R2 supdate;Software Update Service (supdate);c:\program files (x86)\Software\Update\SoftwareUpdate.exe [2012-07-22 140080]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-03 250056]
R3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe [x]
R3 driverhardwarev2x64;driverhardwarev2x64;c:\program files\ma-config.com\Drivers\driverhardwarev2x64.sys [2010-08-30 15872]
R3 gupdatem;Service Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-28 136176]
R3 ioTablet;Tablet Minidriver for ioTablet;c:\windows\system32\DRIVERS\ioTablet.sys [2011-01-24 40328]
R3 ioTblMap;Mini Mapper for ioCentre;c:\windows\system32\DRIVERS\ioTblMap.sys [2011-01-24 12680]
R3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys [2011-08-09 17152]
R3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\x64\maconfservice.exe [2011-04-12 420864]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-07-17 113120]
R3 NvnUsbAudio;Novation USB Audio Driver;c:\windows\system32\DRIVERS\nvnusbaudio.sys [2010-05-26 55296]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 20992]
R3 RTL8187;Realtek RTL8187 Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\rtl8187.sys [2010-01-07 448512]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 wacmoumonitor;Wacom Mode Helper;c:\windows\system32\DRIVERS\wacmoumonitor.sys [2010-10-11 18288]
R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2011-03-10 1255736]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [2010-11-22 69152]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2011-03-04 55856]
S0 RapportKE64;RapportKE64;c:\windows\System32\Drivers\RapportKE64.sys [2012-03-11 63760]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-03-07 283200]
S1 RapportCerberus_34302;RapportCerberus_34302;c:\programdata\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_34302.sys [2012-03-11 397520]
S1 RapportEI64;RapportEI64;c:\program files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [2012-03-11 55056]
S1 RapportPG64;RapportPG64;c:\program files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [2012-03-11 61712]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2009-07-14 27136]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-07-08 204288]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files (x86)\Lavasoft\Ad-Aware\AAWService.exe [2011-09-02 2152152]
S2 RapportMgmtService;Rapport Management Service;c:\program files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [2012-03-11 931640]
S2 TabletServicePen;TabletServicePen;c:\program files\Tablet\Pen\Pen_Tablet.exe [2010-10-26 5790064]
S2 TouchServicePen;Wacom Consumer Touch Service;c:\program files\Tablet\Pen\Pen_TouchService.exe [2010-10-26 487280]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2011-07-08 9884672]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2011-07-08 307712]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys [2011-03-04 126952]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys [2011-03-04 390632]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2011-03-30 114704]
S3 automap;Automap MIDI Driver Service;c:\windows\system32\DRIVERS\automap.sys [2009-10-16 11264]
S3 DELTAII;Service for M-Audio Delta Driver (WDM);c:\windows\system32\DRIVERS\MAudioDelta.sys [2009-07-27 392712]
S3 ioFakDrv;ioVirtual Device;c:\windows\system32\DRIVERS\ioFakDrv.sys [2010-12-15 23936]
S3 ioFakMap;MiniHid Driver Service for ioFakeDrv Interface layer;c:\windows\system32\DRIVERS\ioFakMap.sys [2010-12-15 12672]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-03-11 406632]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai
.
Contenu du dossier 'Tâches planifiées'
.
2012-08-06 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2010-11-22 07:40]
.
2012-08-06 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-02 01:26]
.
2012-08-06 c:\windows\Tasks\DLL-files.com Fixer_MONTHLY.job
- c:\program files (x86)\Dll-Files.com Fixer\DLLFixer.exe [2012-06-27 12:12]
.
2012-08-06 c:\windows\Tasks\DLL-files.com Fixer_UPDATES.job
- c:\program files (x86)\Dll-Files.com Fixer\DLLFixer.exe [2012-06-27 12:12]
.
2012-08-06 c:\windows\Tasks\Epson Printer Software Downloader.job
- c:\program files (x86)\EPSON\EPAPDL\E_SAPDL2.EXE [2009-05-26 09:43]
.
2012-08-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-28 22:13]
.
2012-08-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-28 22:13]
.
2012-08-06 c:\windows\Tasks\SoftwareUpdateTaskMachineCore.job
- c:\program files (x86)\Software\Update\SoftwareUpdate.exe [2012-06-19 10:44]
.
2012-08-06 c:\windows\Tasks\SoftwareUpdateTaskMachineUA.job
- c:\program files (x86)\Software\Update\SoftwareUpdate.exe [2012-06-19 10:44]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Examen supplémentaire -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local;127.0.0.1:9421;<local>
FF - ProfilePath - c:\users\Olivier\AppData\Roaming\Mozilla\Firefox\Profiles\kh0cxs9b.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.winamp.com/search/search?query={searchTerms}&invocationType=tb50-ff-winamp-chromesbox-en-us&tb_uuid=20110721225733970&tb_oid=22-07-2011&tb_mrud=22-07-2011&query=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: keyword.URL - hxxp://isearch.avg.com/search?cid=%7B54987d35-b120-4a0e-aa35-a7c3e1e1b3f0%7D&mid=44fe7f13201847d1a6a170b17b121e33-12ec5beda2c8f483b9e4c964525e33534aded7b7&ds=AVG&v=10.0.0.7&lang=fr&pr=pa&d=2011-11-30%2012%3A41%3A00&sap=ku&q=
FF - user.js: network.protocol-handler.warn-external.dnupdate - false
FF - user.js: browser.sessionstore.resume_from_crash - false
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true);user_pref(extensions.BabylonToolbar_i.babTrack, affID=109101
FF - user.js: extensions.BabylonToolbar_i.babExt -
FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
FF - user.js: extensions.BabylonToolbar_i.id - 1c6758ba000000000000bcaec5de747e
FF - user.js: extensions.BabylonToolbar_i.hardId - 1c6758ba000000000000bcaec5de747e
FF - user.js: extensions.BabylonToolbar_i.instlDay - 15510
FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1720:10
FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar_i.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
FF - user.js: extensions.BabylonToolbar_i.tlbrId - base
FF - user.js: extensions.BabylonToolbar_i.instlRef - sst
.
- - - - ORPHELINS SUPPRIMES - - - -
.
URLSearchHooks-{A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file)
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
Wow6432Node-HKLM-Run-ROC_roc_dec12 - c:\program files (x86)\AVG Secure Search\ROC_roc_dec12.exe
Wow6432Node-HKLM-Run-HF_G_Jul - c:\program files (x86)\AVG Secure Search\HF_G_Jul.exe
SafeBoot-04564294.sys
WebBrowser-{05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E} - (no file)
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file)
AddRemove-Adobe Shockwave Player - c:\windows\System32\Macromed\SHOCKW~1\UNWISE.EXE
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Akamai]
"ServiceDll"="c:\program files (x86)\common files\akamai/netsession_win_4f7fccd.dll"
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_USERS\S-1-5-21-3400830373-1123093094-1346394131-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{232503EE-5689-C71D-A1A4-DFFC1538E080}*]
"haaneaiffkclelei"=hex:6a,61,66,6b,6b,6c,6a,64,6a,62,70,67,6d,64,61,6b,69,68,
64,63,00,00
"iagnkcagiimobgdmad"=hex:6a,61,66,6b,6b,6c,6a,64,6a,62,70,67,6d,64,61,6b,69,68,
64,63,00,00
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BEB3C0C7-B648-4257-96D9-B5D024816E27}\Version*Version]
"Version"=hex:8a,82,30,03,de,43,2d,96,21,fe,1a,08,86,95,3d,9c,9a,4e,ac,a3,f9,
de,f3,80,7b,fd,d5,10,43,37,49,3d,71,05,36,62,1d,4c,cc,a6,01,fe,63,74,53,66,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_270_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_270_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_270.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_270.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_270.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_270.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Minnetonka Audio Software\SurCode Dolby Digital Premiere\Version*Version]
"Version"=hex:8a,82,30,03,de,43,2d,96,21,fe,1a,08,86,95,3d,9c,9a,4e,ac,a3,f9,
de,f3,80,7b,fd,d5,10,43,37,49,3d,71,05,36,62,1d,4c,cc,a6,01,fe,63,74,53,66,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Autres processus actifs ------------------------
.
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
c:\program files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
c:\program files (x86)\Trusteer\Rapport\bin\RapportService.exe
c:\program files (x86)\OpenOffice.org 3\program\soffice.exe
c:\program files (x86)\OpenOffice.org 3\program\soffice.bin
c:\windows\SysWOW64\DeltaIITray.exe
c:\program files (x86)\Epson Software\Event Manager\EEventManager.exe
c:\windows\SysWOW64\atwtusb.exe
.
**************************************************************************
.
Heure de fin: 2012-08-07 00:33:55 - La machine a redémarré
ComboFix-quarantined-files.txt 2012-08-06 22:33
.
Avant-CF: 15 541 895 168 octets libres
Après-CF: 15 140 352 000 octets libres
.
- - End Of File - - 2F2106DF330031B1AE0BDAE701188637