[Aide] Demande d'analyse rapport HiJackThis

# AdwCleaner v1.801 - Rapport créé le 26/08/2012 à 15:25:17
# Mis à jour le 14/08/2012 par Xplode
# Système d'exploitation : Windows 7 Home Premium Service Pack 1 (64 bits)
# Nom d'utilisateur : Utilisateur - Utilisateur
# Mode de démarrage : Normal
# Exécuté depuis : C:\Users\Utilisateur\Desktop\adwcleaner.exe
# Option [Suppression]


***** [Services] *****


***** [Fichiers / Dossiers] *****

Dossier Supprimé : C:\Users\Utilisateur\AppData\Local\Conduit
Dossier Supprimé : C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehdmaehkiiampolokajdcelladmnopgp
Dossier Supprimé : C:\Users\Utilisateur\AppData\LocalLow\Conduit
Dossier Supprimé : C:\Users\Utilisateur\AppData\Roaming\Mozilla\Firefox\Profiles\0nosarce.default\Smartbar
Dossier Supprimé : C:\Program Files (x86)\Conduit
Fichier Supprimé : C:\Users\Utilisateur\AppData\Roaming\Mozilla\Firefox\Profiles\0nosarce.default\searchplugins\Conduit.xml
Fichier Supprimé : C:\Program Files (x86)\Uninstall.exe

***** [Registre] *****

[*] Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar.CT3128284
Clé Supprimée : HKCU\Software\AppDataLow\Software\SmartBar
Clé Supprimée : HKCU\Software\Conduit
Clé Supprimée : HKCU\Software\Google\Chrome\Extensions\ehdmaehkiiampolokajdcelladmnopgp
Clé Supprimée : HKLM\SOFTWARE\Conduit
Clé Supprimée : HKLM\SOFTWARE\Google\Chrome\Extensions\ehdmaehkiiampolokajdcelladmnopgp

***** [Registre - GUID] *****


***** [Navigateurs] *****

-\\ Internet Explorer v9.0.8112.16421

Remplacé : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.conduit.com?SearchSource=10&ctid=CT3128284 --> hxxp://www.google.com

-\\ Mozilla Firefox v14.0.1 (fr)

Nom du profil : default 
Fichier : C:\Users\Utilisateur\AppData\Roaming\Mozilla\Firefox\Profiles\0nosarce.default\prefs.js

C:\Users\Utilisateur\AppData\Roaming\Mozilla\Firefox\Profiles\0nosarce.default\user.js ... Supprimé !

Supprimée : user_pref("CT3128284.1000082.isPlayDisplay", "true");
Supprimée : user_pref("CT3128284.1000082.state", "{\"state\":\"stopped\",\"text\":\"RMC\",\"description\":\"RMC\[...]
Supprimée : user_pref("CT3128284.1000234.TWC_TMP_city", "RABAT");
Supprimée : user_pref("CT3128284.1000234.TWC_TMP_country", "MA");
Supprimée : user_pref("CT3128284.3128284a129638404769606799000000paramsGK0", "{\"updateReqTime\":1345990810170,\[...]
Supprimée : user_pref("CT3128284.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Supprimée : user_pref("CT3128284.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"tru[...]
Supprimée : user_pref("CT3128284.FirstTime", "true");
Supprimée : user_pref("CT3128284.FirstTimeFF3", "true");
Supprimée : user_pref("CT3128284.RSS_Pub_Config", "{\"settings\":{\"icon\":\"hxxp://storage.conduit.com/bankimag[...]
Supprimée : user_pref("CT3128284.RSSapp3128284a129638404769606799000000ReadItemsArr", "%7B%22571579%22%3A0%2C%22[...]
Supprimée : user_pref("CT3128284.RSSapp3128284a129638404769606799000000cat1", "%5B%7B%22type%22%3A%22rss%22%2C%2[...]
Supprimée : user_pref("CT3128284.RSSapp3128284a129638404769606799000000embeddedVersion", "2.4.0");
Supprimée : user_pref("CT3128284.RSSapp3128284a129638404769606799000000feedsObj", "%7B%22channels%22%3A%7B%22id%[...]
Supprimée : user_pref("CT3128284.RSSapp3128284a129638404769606799000000lastReportTime", "1345990811011 ");
Supprimée : user_pref("CT3128284.RSSapp3128284a129638404769606799000000newFeeds", "newFeeds");
Supprimée : user_pref("CT3128284.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT312[...]
Supprimée : user_pref("CT3128284.UserID", "UN81197295658423422");
Supprimée : user_pref("CT3128284.addressBarTakeOverEnabledInHidden", "true");
Supprimée : user_pref("CT3128284.autoDisableScopes", -1);
Supprimée : user_pref("CT3128284.browser.search.defaultthis.engineName", true);
Supprimée : user_pref("CT3128284.defaultSearch", "true");
Supprimée : user_pref("CT3128284.embeddedsData", "[{\"appId\":\"129638404645388048\",\"apiPermissions\":{\"cross[...]
Supprimée : user_pref("CT3128284.enableAlerts", "always");
Supprimée : user_pref("CT3128284.enableSearchFromAddressBar", "true");
Supprimée : user_pref("CT3128284.firstTimeDialogOpened", "true");
Supprimée : user_pref("CT3128284.fixPageNotFoundError", "true");
Supprimée : user_pref("CT3128284.fixPageNotFoundErrorInHidden", "true");
Supprimée : user_pref("CT3128284.fixUrls", true);
Supprimée : user_pref("CT3128284.installId", "ct3128284_01net.com.exe");
Supprimée : user_pref("CT3128284.installType", "ConduitNSISIntegration");
Supprimée : user_pref("CT3128284.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Supprimée : user_pref("CT3128284.isNewTabEnabled", true);
Supprimée : user_pref("CT3128284.isPerformedSmartBarTransition", "true");
Supprimée : user_pref("CT3128284.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Supprimée : user_pref("CT3128284.keyword", true);
Supprimée : user_pref("CT3128284.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"about[...]
Supprimée : user_pref("CT3128284.openThankYouPage", "false");
Supprimée : user_pref("CT3128284.openUninstallPage", "true");
Supprimée : user_pref("CT3128284.search.searchAppId", "129638404645388048");
Supprimée : user_pref("CT3128284.search.searchCount", "0");
Supprimée : user_pref("CT3128284.searchInNewTabEnabledInHidden", "true");
Supprimée : user_pref("CT3128284.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Supprimée : user_pref("CT3128284.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"d[...]
Supprimée : user_pref("CT3128284.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"2\[...]
Supprimée : user_pref("CT3128284.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"d[...]
Supprimée : user_pref("CT3128284.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"strin[...]
Supprimée : user_pref("CT3128284.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"strin[...]
Supprimée : user_pref("CT3128284.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data[...]
Supprimée : user_pref("CT3128284.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data[...]
Supprimée : user_pref("CT3128284.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1345990802792");
Supprimée : user_pref("CT3128284.serviceLayer_services_appsMetadata_lastUpdate", "1345990802772");
Supprimée : user_pref("CT3128284.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1345990804359");
Supprimée : user_pref("CT3128284.serviceLayer_services_login_10.10.12.503_lastUpdate", "1345990813599");
Supprimée : user_pref("CT3128284.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1345990804477");
Supprimée : user_pref("CT3128284.serviceLayer_services_searchAPI_lastUpdate", "1345990802928");
Supprimée : user_pref("CT3128284.serviceLayer_services_serviceMap_lastUpdate", "1345990800789");
Supprimée : user_pref("CT3128284.serviceLayer_services_toolbarContextMenu_lastUpdate", "1345990804055");
Supprimée : user_pref("CT3128284.serviceLayer_services_toolbarSettings_lastUpdate", "1345990801181");
Supprimée : user_pref("CT3128284.serviceLayer_services_translation_lastUpdate", "1345990802675");
Supprimée : user_pref("CT3128284.settingsINI", true);
Supprimée : user_pref("CT3128284.shouldFirstTimeDialog", "false");
Supprimée : user_pref("CT3128284.smartbar.CTID", "CT3128284");
Supprimée : user_pref("CT3128284.smartbar.Uninstall", "0");
Supprimée : user_pref("CT3128284.smartbar.homepage", true);
Supprimée : user_pref("CT3128284.smartbar.toolbarName", "01NET.com ");
Supprimée : user_pref("CT3128284.toolbarBornServerTime", "26-8-2012");
Supprimée : user_pref("CT3128284.toolbarCurrentServerTime", "26-8-2012");
Supprimée : user_pref("CT3128284.twitter_v1.8.0_twitter_app_open_t_f", "false");
Supprimée : user_pref("Smartbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT3128284&SearchSource=1[...]
Supprimée : user_pref("Smartbar.ConduitSearchEngineList", "01NET.com Customized Web Search");
Supprimée : user_pref("Smartbar.ConduitSearchUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3128284[...]
Supprimée : user_pref("Smartbar.keywordURLSelectedCTID", "CT3128284");
Supprimée : user_pref("browser.search.selectedEngine", "01NET.com Customized Web Search");
Supprimée : user_pref("browser.startup.homepage", "hxxp://search.conduit.com/?ctid=CT3128284&SearchSource=13");
Supprimée : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3128284&SearchSource=2&q=[...]

-\\ Google Chrome v21.0.1180.83

Fichier : C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Preferences

Supprimée :       "homepage": "hxxp://search.conduit.com/?ctid=CT3128284&SearchSource=48",
Supprimée :          "urls_to_restore_on_startup": [ "hxxp://search.conduit.com/?ctid=CT3128284&SearchSource=48"[...]
Supprimée :                "scriptable_host": [ "hxxp://*/*", "hxxp://cap1.conduit-apps.com/Apps/jdownloader/jdC[...]
Supprimée :                   "matches": [ "hxxp://cap1.conduit-apps.com/Apps/jdownloader/jdController.html*", "[...]
Supprimée :                   "path": "plugins/ConduitChromeApiPlugin.dll",
Supprimée :                "update_url": "hxxp://autoupdate.chromewebtb.conduit-services.com/?productId=CT312828[...]
Supprimée :    "homepage": "hxxp://search.conduit.com/?ctid=CT3128284&SearchSource=48",
Supprimée :       "urls_to_restore_on_startup": [ "hxxp://search.conduit.com/?ctid=CT3128284&SearchSource=48" ]

*************************

AdwCleaner[S1].txt - [9801 octets] - [26/08/2012 15:25:17]

########## EOF - C:\AdwCleaner[S1].txt - [9929 octets] ##########

Version de la base de données: v2012.08.26.04

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Utilisateur :: Utilisateur [administrateur]

26/08/2012 15:58:56
mbam-log-2012-08-26 (15-58-56).txt

Type d'examen: Examen complet (C:\|D:\|E:\|F:\|G:\|)
Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM | P2P
Options d'examen désactivées: 
Elément(s) analysé(s): 613743
Temps écoulé: 2 heure(s), 36 minute(s), 56 seconde(s)

Processus mémoire détecté(s): 0
(Aucun élément nuisible détecté)

Module(s) mémoire détecté(s): 0
(Aucun élément nuisible détecté)

Clé(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)

Valeur(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)

Elément(s) de données du Registre détecté(s): 0
(Aucun élément nuisible détecté)

Dossier(s) détecté(s): 0
(Aucun élément nuisible détecté)

Fichier(s) détecté(s): 4
F:\BUREAU DU 10 MAI 2012 A 20H38\Nouveau dossier (10)\mon usb\Sindibad 2 ème\???  ???????? ??????????\setup_equachim.exe (Adware.Onlinegames) -> Mis en quarantaine et supprimé avec succès.
F:\winrar 4.01 final activated-akhilesh910\WinRAR4.01.exe (RiskWare.Tool.CK) -> Mis en quarantaine et supprimé avec succès.
G:\the-turtle_theturtle_5.0_francais_409400.exe (Adware.Onlinegames) -> Mis en quarantaine et supprimé avec succès.
G:\bureau du 17 07 2012 A 00 1 MIN\Programs\iMeshV11fr.exe (P2P.iMesh) -> Mis en quarantaine et supprimé avec succès.

(fin)

ComboFix 12-08-28.01 - utilisateur 28/08/2012  11:10:19.1.4 - x64
Microsoft Windows 7 Édition Familiale Premium   6.1.7601.1.1252.33.1036.18.5883.4355 [GMT 0:00]
Lancé depuis: c:\users\utilisateur\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Enabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}
SP: Microsoft Security Essentials *Enabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Un nouveau point de restauration a été créé
.
.
((((((((((((((((((((((((((((((((((((   Autres suppressions   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\PFRO.log
c:\windows\SysWow64\tmp241A.tmp
c:\windows\SysWow64\tmp242B.tmp
F:\Autorun.inf
.
.
(((((((((((((((((((((((((((((   Fichiers créés du 2012-07-28 au 2012-08-28  ))))))))))))))))))))))))))))))))))))
.
.
2012-08-28 11:23 . 2012-08-28 11:23	--------	d-----w-	c:\users\Default\AppData\Local\temp
2012-08-26 15:55 . 2012-08-26 15:55	--------	d-----w-	c:\programdata\Malwarebytes
2012-08-26 15:55 . 2012-07-03 13:46	24904	----a-w-	c:\windows\system32\drivers\mbam.sys
2012-08-26 15:55 . 2012-08-26 15:55	--------	d-----w-	c:\program files (x86)\Malwarebytes' Anti-Malware
2012-08-26 14:16 . 2012-08-26 14:16	--------	d-----w-	c:\users\utilisateur\AppData\Local\CRE
2012-08-26 00:26 . 2012-08-26 00:26	--------	d-----w-	c:\program files (x86)\Common Files\Java
2012-08-26 00:24 . 2012-08-26 00:24	95208	----a-w-	c:\windows\SysWow64\WindowsAccessBridge-32.dll
2012-08-24 16:45 . 2012-08-24 16:45	--------	d-----w-	c:\program files\COMODO
2012-08-23 01:20 . 2012-08-23 01:20	--------	d--h--w-	c:\programdata\Common Files
2012-08-23 01:19 . 2012-08-23 01:20	--------	d-----w-	c:\programdata\MFAData
2012-08-23 00:12 . 2012-08-23 11:53	--------	d-----w-	c:\program files (x86)\GridinSoft Trojan Killer
2012-08-22 17:28 . 2012-08-23 13:19	--------	d-----w-	c:\program files (x86)\ZHPDiag
2012-08-22 17:28 . 2012-08-22 22:10	--------	d-----w-	C:\ZHP
2012-08-22 03:12 . 2012-08-26 21:07	--------	d-----w-	c:\program files (x86)\Spybot - Search & Destroy
2012-08-22 03:12 . 2012-08-26 21:07	--------	d-----w-	c:\programdata\Spybot - Search & Destroy
2012-08-22 01:59 . 2012-08-22 01:59	--------	d-----w-	c:\users\utilisateur\AppData\Roaming\Malwarebytes
2012-08-21 23:30 . 2012-08-21 23:30	--------	d-----w-	C:\VritualRoot
2012-08-21 23:20 . 2012-08-21 23:20	--------	d-----w-	c:\users\utilisateur\AppData\Local\COMODO
2012-08-21 22:04 . 2012-08-23 01:11	--------	d-----w-	c:\programdata\Comodo
2012-08-21 18:37 . 2012-07-06 20:07	552960	----a-w-	c:\windows\system32\drivers\bthport.sys
2012-08-21 18:23 . 2012-05-04 11:00	366592	----a-w-	c:\windows\system32\qdvd.dll
2012-08-21 18:23 . 2012-05-04 09:59	514560	----a-w-	c:\windows\SysWow64\qdvd.dll
2012-08-21 18:23 . 2012-05-05 07:46	43008	----a-w-	c:\windows\SysWow64\srclient.dll
2012-08-21 18:23 . 2012-05-05 08:36	503808	----a-w-	c:\windows\system32\srcore.dll
2012-08-21 18:23 . 2012-05-01 05:40	209920	----a-w-	c:\windows\system32\profsvc.dll
2012-08-21 18:21 . 2011-01-17 05:47	161792	----a-w-	c:\windows\SysWow64\d3d10_1.dll
2012-08-21 18:21 . 2011-01-17 11:09	197120	----a-w-	c:\windows\system32\d3d10_1.dll
2012-08-21 18:18 . 2012-08-21 18:23	--------	d-----w-	c:\programdata\CPA_VA
2012-08-21 17:49 . 2012-08-21 19:29	--------	d-----w-	c:\program files (x86)\Comodo
2012-08-21 17:49 . 2012-08-21 17:49	1700352	----a-w-	c:\windows\SysWow64\gdiplus.dll
2012-08-21 17:22 . 2012-08-21 17:22	--------	d-----w-	C:\AMD
2012-08-20 21:18 . 2012-02-11 06:43	751104	----a-w-	c:\windows\system32\win32spl.dll
2012-08-20 21:18 . 2012-02-11 06:36	559104	----a-w-	c:\windows\system32\spoolsv.exe
2012-08-20 21:18 . 2012-02-11 06:36	67072	----a-w-	c:\windows\splwow64.exe
2012-08-20 21:18 . 2012-02-11 05:43	492032	----a-w-	c:\windows\SysWow64\win32spl.dll
2012-08-20 21:18 . 2012-04-07 12:31	3216384	----a-w-	c:\windows\system32\msi.dll
2012-08-20 21:18 . 2012-04-07 11:26	2342400	----a-w-	c:\windows\SysWow64\msi.dll
2012-08-20 21:10 . 2011-03-11 06:41	166272	----a-w-	c:\windows\system32\drivers\nvstor.sys
2012-08-20 21:10 . 2011-03-11 06:41	148352	----a-w-	c:\windows\system32\drivers\nvraid.sys
2012-08-20 21:10 . 2011-03-11 06:41	410496	----a-w-	c:\windows\system32\drivers\iaStorV.sys
2012-08-20 21:10 . 2011-03-11 06:41	27008	----a-w-	c:\windows\system32\drivers\amdxata.sys
2012-08-20 21:10 . 2011-03-11 06:41	107904	----a-w-	c:\windows\system32\drivers\amdsata.sys
2012-08-20 21:10 . 2011-03-11 05:31	74240	----a-w-	c:\windows\SysWow64\fsutil.exe
2012-08-20 21:10 . 2011-03-11 04:37	91648	----a-w-	c:\windows\system32\drivers\USBSTOR.SYS
2012-08-20 21:10 . 2011-03-11 05:33	1699328	----a-w-	c:\windows\SysWow64\esent.dll
2012-08-20 21:10 . 2011-03-11 06:41	189824	----a-w-	c:\windows\system32\drivers\storport.sys
2012-08-20 21:10 . 2011-03-11 06:41	1659776	----a-w-	c:\windows\system32\drivers\ntfs.sys
2012-08-20 21:10 . 2011-03-11 06:33	2565632	----a-w-	c:\windows\system32\esent.dll
2012-08-20 21:10 . 2011-03-11 06:30	96768	----a-w-	c:\windows\system32\fsutil.exe
2012-08-20 16:25 . 2012-08-20 23:16	--------	d-----w-	c:\users\utilisateur\AppData\Local\cache
2012-08-20 16:15 . 2012-08-20 16:20	--------	d-----w-	c:\programdata\FLEXnet
2012-08-20 15:38 . 2012-08-20 15:38	--------	d-----w-	c:\program files\Common Files\Macrovision Shared
2012-08-20 15:37 . 2012-08-21 19:53	--------	d-----w-	c:\users\utilisateur\AppData\Local\Autodesk
2012-08-20 15:31 . 2012-08-21 19:53	--------	d-----w-	c:\program files\Common Files\Autodesk Shared
2012-08-20 15:31 . 2012-08-21 19:53	--------	d-----w-	c:\program files\Autodesk
2012-08-20 15:22 . 2012-08-21 19:53	--------	d-----w-	c:\program files (x86)\Common Files\Autodesk Shared
2012-08-20 15:06 . 2012-08-21 19:53	--------	d-----w-	c:\programdata\Autodesk
2012-08-20 15:06 . 2012-08-21 19:05	--------	d-----w-	c:\users\utilisateur\AppData\Roaming\Autodesk
2012-08-15 06:54 . 2012-07-04 22:16	73216	----a-w-	c:\windows\system32\netapi32.dll
2012-08-15 06:54 . 2012-07-04 22:13	59392	----a-w-	c:\windows\system32\browcli.dll
2012-08-15 06:54 . 2012-07-04 22:13	136704	----a-w-	c:\windows\system32\browser.dll
2012-08-15 06:54 . 2012-07-04 21:14	41984	----a-w-	c:\windows\SysWow64\browcli.dll
2012-08-15 06:53 . 2012-07-18 18:15	3148800	----a-w-	c:\windows\system32\win32k.sys
2012-08-15 06:53 . 2012-05-14 05:26	956928	----a-w-	c:\windows\system32\localspl.dll
2012-08-15 02:15 . 2012-08-20 01:01	--------	d-----w-	C:\Nouveau dossier
2012-08-14 16:54 . 2012-08-14 16:54	--------	d-----w-	c:\users\utilisateur\AppData\Roaming\SystemRequirementsLab
2012-08-13 01:35 . 2011-12-19 13:45	224048	----a-w-	c:\windows\system32\drivers\VBoxDrv.sys
2012-08-13 01:33 . 2011-12-19 13:45	130864	----a-w-	c:\windows\system32\drivers\VBoxUSBMon.sys
2012-08-11 01:20 . 2012-08-11 01:20	--------	d-----w-	c:\users\utilisateur\AppData\Local\Atheros
2012-08-09 17:29 . 2012-08-09 17:29	--------	d-----w-	c:\users\utilisateur\AppData\Local\CAPCOM
2012-08-09 17:17 . 2012-08-09 17:17	--------	d-----w-	c:\program files (x86)\CAPCOM
2012-08-05 18:34 . 2012-08-05 18:34	--------	d-----w-	c:\program files (x86)\RS Components
2012-08-05 16:35 . 2012-08-25 19:26	--------	d-----w-	c:\users\utilisateur\AppData\Roaming\IDM
2012-08-04 19:07 . 2012-08-04 22:58	--------	d-----w-	c:\program files (x86)\ElcomSoft
2012-08-04 04:52 . 2012-08-04 04:52	--------	d-----w-	c:\program files (x86)\GPU-Z
2012-08-04 01:31 . 2012-08-04 01:31	238432	----a-w-	c:\program files (x86)\idmcchandler2.dll
2012-08-03 01:27 . 2012-08-03 01:27	--------	d-----w-	c:\users\utilisateur\AppData\Roaming\MCHP
2012-08-03 01:27 . 2012-08-03 01:27	--------	d-----w-	c:\users\utilisateur\.mplabcomm
2012-08-02 23:51 . 2012-08-02 23:51	--------	d-----w-	c:\users\utilisateur\MPLABXProjects
2012-08-02 23:51 . 2012-08-02 23:51	--------	d-----w-	c:\users\utilisateur\.netbeans
2012-08-02 23:50 . 2012-08-02 23:50	--------	d-----w-	c:\users\utilisateur\AppData\Roaming\.mplab_ide
2012-08-02 23:50 . 2011-08-29 22:36	98304	----a-w-	c:\windows\SysWow64\mchpwinusbdevice.exe
2012-08-02 23:49 . 2012-04-02 20:44	90624	----a-w-	c:\windows\system32\SerialAccessLink.dll
2012-08-02 23:49 . 2011-10-17 21:32	105472	----a-w-	c:\windows\system32\mchpwinusbdevice64.exe
2012-08-02 23:49 . 2011-10-17 20:47	161792	----a-w-	c:\windows\system32\USBAccessLink.dll
2012-08-02 22:55 . 2003-07-21 09:00	65536	----a-w-	c:\windows\SysWow64\MPLBCOMM.dll
2012-07-31 14:17 . 2012-07-31 14:17	--------	d-----w-	c:\program files (x86)\SQUARE ENIX - Eidos Interactive
2012-07-31 13:54 . 2012-07-31 14:08	--------	d-----w-	c:\program files (x86)\Just Cause 2
2012-07-31 12:42 . 2012-07-31 12:42	2106216	----a-w-	c:\program files (x86)\Mozilla Firefox\D3DCompiler_43.dll
2012-07-31 12:42 . 2012-07-31 12:42	18912	----a-w-	c:\program files (x86)\Mozilla Firefox\AccessibleMarshal.dll
2012-07-31 12:42 . 2012-07-31 12:42	136672	----a-w-	c:\program files (x86)\Mozilla Firefox\components\browsercomps.dll
2012-07-31 12:42 . 2012-07-31 12:42	117728	----a-w-	c:\program files (x86)\Mozilla Firefox\crashreporter.exe
2012-07-31 12:42 . 2012-07-31 12:42	913888	----a-w-	c:\program files (x86)\Mozilla Firefox\firefox.exe
2012-07-31 12:42 . 2012-07-31 12:42	82400	----a-w-	c:\program files (x86)\Mozilla Firefox\libEGL.dll
2012-07-31 12:42 . 2012-07-31 12:42	573920	----a-w-	c:\program files (x86)\Mozilla Firefox\gkmedias.dll
2012-07-31 12:42 . 2012-07-31 12:42	258528	----a-w-	c:\program files (x86)\Mozilla Firefox\freebl3.dll
2012-07-31 12:42 . 2012-07-31 12:42	1998168	----a-w-	c:\program files (x86)\Mozilla Firefox\d3dx9_43.dll
2012-07-31 12:42 . 2012-07-31 12:42	425952	----a-w-	c:\program files (x86)\Mozilla Firefox\libGLESv2.dll
2012-07-31 12:42 . 2012-07-31 12:42	113120	----a-w-	c:\program files (x86)\Mozilla Firefox\maintenanceservice.exe
2012-07-29 13:34 . 2012-07-29 13:34	--------	d-----w-	c:\windows\SysWow64\Shaders
.
.
.
((((((((((((((((((((((((((((((((((   Compte-rendu de Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-26 00:24 . 2012-03-06 13:03	821736	----a-w-	c:\windows\SysWow64\npdeployJava1.dll
2012-08-26 00:24 . 2010-08-16 17:36	746984	----a-w-	c:\windows\SysWow64\deployJava1.dll
2012-08-16 03:01 . 2012-03-17 03:00	62134624	----a-w-	c:\windows\system32\MRT.exe
2012-08-14 22:31 . 2012-04-04 17:06	426184	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2012-08-14 22:31 . 2012-01-25 13:58	70344	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-08-04 01:31 . 2012-05-20 09:41	339808	----a-w-	c:\program files (x86)\idmcchandler2_64.dll
2012-07-25 15:52 . 2009-08-18 11:49	564632	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\wlidui.dll
2012-07-25 15:52 . 2009-08-18 10:24	19736	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2012-07-25 14:41 . 2012-07-25 14:41	178800	----a-w-	c:\windows\SysWow64\CmdLineExt_x64.dll
2012-07-13 15:01 . 2012-07-13 15:01	147752	----a-w-	c:\windows\system32\SynTPCo4.dll
2012-07-04 23:20 . 2012-07-04 23:20	290816	------w-	c:\windows\Setup1.exe
2012-07-04 23:20 . 2012-07-04 23:20	74752	----a-w-	c:\windows\ST6UNST.EXE
2012-07-04 20:16 . 2012-03-16 22:48	107832	----a-w-	c:\windows\SysWow64\PnkBstrB.exe
2012-07-04 20:16 . 2012-07-04 19:44	682280	----a-w-	c:\windows\SysWow64\pbsvc.exe
2012-07-04 20:16 . 2012-03-16 22:48	66872	----a-w-	c:\windows\SysWow64\PnkBstrA.exe
2012-06-28 18:02 . 2012-06-28 18:02	45056	----a-r-	c:\users\utilisateur\AppData\Roaming\Microsoft\Installer\{373C3DAE-62C8-4F63-887C-769A8986ED50}\GameShadow.exe1_0A3DE514292C4EBA987823B82B0B2BA2.exe
2012-06-28 18:02 . 2012-06-28 18:02	45056	----a-r-	c:\users\utilisateur\AppData\Roaming\Microsoft\Installer\{373C3DAE-62C8-4F63-887C-769A8986ED50}\GameShadow.exe_0A3DE514292C4EBA987823B82B0B2BA2.exe
2012-06-28 18:02 . 2012-06-28 18:02	45056	----a-r-	c:\users\utilisateur\AppData\Roaming\Microsoft\Installer\{373C3DAE-62C8-4F63-887C-769A8986ED50}\ARPPRODUCTICON.exe
2012-06-25 16:04 . 2012-06-25 16:04	1394248	----a-w-	c:\windows\SysWow64\msxml4.dll
2012-06-20 09:42 . 2012-06-20 09:42	3678720	----a-w-	c:\windows\system32\drivers\athrx.sys
2012-06-09 17:21 . 2012-07-04 17:46	178688	----a-w-	c:\windows\SysWow64\unrar.dll
2012-06-09 05:43 . 2012-07-11 16:05	14172672	----a-w-	c:\windows\system32\shell32.dll
2012-06-06 20:59 . 2012-06-06 20:59	1070152	----a-w-	c:\windows\SysWow64\MSCOMCTL.OCX
2012-06-06 06:06 . 2012-07-11 16:06	2004480	----a-w-	c:\windows\system32\msxml6.dll
2012-06-06 06:06 . 2012-07-11 16:06	1881600	----a-w-	c:\windows\system32\msxml3.dll
2012-06-06 06:02 . 2012-07-11 16:00	1133568	----a-w-	c:\windows\system32\cdosys.dll
2012-06-06 05:05 . 2012-07-11 16:06	1390080	----a-w-	c:\windows\SysWow64\msxml6.dll
2012-06-06 05:05 . 2012-07-11 16:06	1236992	----a-w-	c:\windows\SysWow64\msxml3.dll
2012-06-06 05:03 . 2012-07-11 16:00	805376	----a-w-	c:\windows\SysWow64\cdosys.dll
2012-06-02 22:19 . 2012-06-25 07:03	38424	----a-w-	c:\windows\system32\wups.dll
2012-06-02 22:19 . 2012-06-25 07:03	2428952	----a-w-	c:\windows\system32\wuaueng.dll
2012-06-02 22:19 . 2012-06-25 07:03	44056	----a-w-	c:\windows\system32\wups2.dll
2012-06-02 22:19 . 2012-06-25 07:03	57880	----a-w-	c:\windows\system32\wuauclt.exe
2012-06-02 22:19 . 2012-06-25 07:03	701976	----a-w-	c:\windows\system32\wuapi.dll
2012-06-02 22:15 . 2012-06-25 07:03	2622464	----a-w-	c:\windows\system32\wucltux.dll
2012-06-02 22:15 . 2012-06-25 07:03	99840	----a-w-	c:\windows\system32\wudriver.dll
2012-06-02 15:19 . 2012-06-25 07:03	186752	----a-w-	c:\windows\system32\wuwebv.dll
2012-06-02 15:15 . 2012-06-25 07:03	36864	----a-w-	c:\windows\system32\wuapp.exe
2012-06-02 05:50 . 2012-07-11 16:05	458704	----a-w-	c:\windows\system32\drivers\cng.sys
2012-06-02 05:48 . 2012-07-11 16:05	151920	----a-w-	c:\windows\system32\drivers\ksecpkg.sys
2012-06-02 05:48 . 2012-07-11 16:05	95600	----a-w-	c:\windows\system32\drivers\ksecdd.sys
2012-06-02 05:45 . 2012-07-11 16:05	340992	----a-w-	c:\windows\system32\schannel.dll
2012-06-02 05:44 . 2012-07-11 16:05	307200	----a-w-	c:\windows\system32\ncrypt.dll
2012-06-02 04:40 . 2012-07-11 16:05	22016	----a-w-	c:\windows\SysWow64\secur32.dll
2012-06-02 04:40 . 2012-07-11 16:05	225280	----a-w-	c:\windows\SysWow64\schannel.dll
2012-06-02 04:39 . 2012-07-11 16:05	219136	----a-w-	c:\windows\SysWow64\ncrypt.dll
2012-06-02 04:34 . 2012-07-11 16:05	96768	----a-w-	c:\windows\SysWow64\sspicli.dll
2012-05-05 16:34 . 2012-05-03 19:07	3487128	----a-w-	c:\program files (x86)\IDMan.exe
2012-05-02 09:31 . 2012-05-03 19:07	383840	----a-w-	c:\program files (x86)\IDMIECC64.dll
2012-05-02 09:31 . 2012-05-03 19:07	226736	----a-w-	c:\program files (x86)\IDMIECC.dll
2012-04-23 11:26 . 2012-05-03 19:07	96056	----a-w-	c:\program files (x86)\idmwfp32.sys
2012-04-23 11:26 . 2012-05-03 19:07	176408	----a-w-	c:\program files (x86)\idmtdi64.sys
2012-04-23 11:26 . 2012-05-03 19:07	154272	----a-w-	c:\program files (x86)\idmwfp64.sys
2012-04-23 11:26 . 2012-05-03 19:07	108448	----a-w-	c:\program files (x86)\idmtdi32.sys
2012-04-19 13:37 . 2012-05-03 19:07	92448	----a-w-	c:\program files (x86)\idmbrbtn64.dll
2012-04-19 13:37 . 2012-05-03 19:07	78504	----a-w-	c:\program files (x86)\idmbrbtn.dll
2012-04-19 13:32 . 2012-05-03 19:07	153224	----a-w-	c:\program files (x86)\IDMNetMon64.dll
2012-04-19 13:32 . 2012-05-03 19:07	116632	----a-w-	c:\program files (x86)\IDMNetMon.dll
2012-04-03 12:31 . 2012-05-03 19:07	405344	----a-w-	c:\program files (x86)\IDMGrHlp.exe
2012-03-30 09:09 . 2012-05-03 19:07	38304	----a-w-	c:\program files (x86)\idmmkb.dll
2012-02-22 13:08 . 2012-05-03 19:07	88416	----a-w-	c:\program files (x86)\IDMGetAll64.dll
2012-02-22 13:07 . 2012-05-03 19:07	54624	----a-w-	c:\program files (x86)\IDMGetAll.dll
2012-02-22 13:07 . 2012-05-03 19:07	148832	----a-w-	c:\program files (x86)\downlWithIDM64.dll
2012-02-22 13:07 . 2012-05-03 19:07	95584	----a-w-	c:\program files (x86)\downlWithIDM.dll
2012-02-08 00:49 . 2012-05-03 19:07	22376	----a-w-	c:\program files (x86)\IDMShellExt.dll
2012-02-08 00:49 . 2012-05-03 19:07	23432	----a-w-	c:\program files (x86)\IDMShellExt64.dll
2011-02-11 17:35 . 2012-05-03 19:07	50736	----a-w-	c:\program files (x86)\IDMFType64.dll
2011-02-11 17:35 . 2012-05-03 19:07	42472	----a-w-	c:\program files (x86)\idmftype.dll
2011-01-24 06:56 . 2012-05-03 19:07	64352	----a-w-	c:\program files (x86)\IDMIntegrator64.exe
2010-05-25 12:28 . 2012-05-03 19:07	263600	----a-w-	c:\program files (x86)\IEMonitor.exe
2009-09-16 11:29 . 2012-05-03 19:07	83376	----a-w-	c:\program files (x86)\idmfsa.dll
.
.
(((((((((((((((((((((((((((((((((   Points de chargement Reg   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IDMan"="c:\program files (x86)\Internet Download Manager\IDMan.exe" [2012-05-05 3487128]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-04-16 98304]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"HideFastUserSwitching"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"EnableShellExecuteHooks"= 1 (0x1)
.
[hkey_local_machine\software\Wow6432Node\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages	REG_MULTI_SZ   	DPPassFilter scecli
Security Packages	REG_MULTI_SZ   	kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 Autodesk Content Service;Autodesk Content Service;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-14 250056]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-08-20 1432400]
R3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe [2011-12-09 135584]
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys [2009-10-12 114304]
R3 KinectCamera;Microsoft Kinect Camera Driver;c:\windows\system32\Drivers\kinectcamera.sys [2012-01-12 48512]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-07-31 113120]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2010-02-09 239136]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-11-28 295424]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [2011-12-19 146736]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [x]
R3 VBoxUSB;VirtualBox USB;c:\windows\system32\Drivers\VBoxUSB.sys [2011-12-19 117040]
R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2012-01-23 1255736]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [2009-06-10 389120]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe [2009-03-03 89600]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-04-16 202752]
S2 ezSharedSvc;Easybits Services for Windows;c:\windows\System32\ezSharedSvcHost.exe [x]
S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-09-09 86072]
S2 HP Wireless Assistant Service;HP Wireless Assistant Service;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-06-18 103992]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-05-21 103992]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2011-05-13 30520]
S2 HPWMISVC;HPWMISVC;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-06-29 27192]
S2 IDMWFP;IDMWFP;c:\windows\system32\DRIVERS\idmwfp.sys [2012-04-23 154272]
S2 KinectManagement;Kinect Management;c:\program files\Microsoft Kinect\Service\KinectManagementService.exe [2012-01-11 161048]
S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]
S2 vcsFPService;Validity VCS Fingerprint Service;c:\windows\system32\vcsFPService.exe [2010-02-23 2192176]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atipmdag.sys [2010-04-16 6403584]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2010-04-16 188928]
S3 clwvd;HP Webcam Splitter;c:\windows\system32\DRIVERS\clwvd.sys [2010-06-24 32880]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [2009-12-22 38456]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2010-05-19 09:36	451872	----a-w-	c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
Contenu du dossier 'Tâches planifiées'
.
2012-08-28 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-04 22:31]
.
2012-08-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2931839307-813136763-1367384597-1001Core.job
- c:\users\utilisateur\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-24 20:38]
.
2012-08-28 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2931839307-813136763-1367384597-1001UA.job
- c:\users\utilisateur\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-24 20:38]
.
2012-08-23 c:\windows\Tasks\HPCeeScheduleForutilisateur.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-01-05 01:53]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IDM Shell Extension]
@="{CDC95B92-E27C-4745-A8C5-64A52A78855D}"
[HKEY_CLASSES_ROOT\CLSID\{CDC95B92-E27C-4745-A8C5-64A52A78855D}]
2012-02-08 00:49	23432	----a-w-	c:\program files (x86)\Internet Download Manager\IDMShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.google.com
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xporter vers Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Télécharger avec IDM - c:\program files (x86)\Internet Download Manager\IEExt.htm
IE: Télécharger tous les liens avec IDM - c:\program files (x86)\Internet Download Manager\IEGetAll.htm
TCP: Interfaces\{CADA2854-8E26-4CB2-9EE3-772FA72AC2E2}: NameServer = 8.26.56.26,156.154.70.22
TCP: Interfaces\{CADA2854-8E26-4CB2-9EE3-772FA72AC2E2}\7514E41444F4F4D203646423: NameServer = 192.168.1.1
FF - ProfilePath - c:\users\utilisateur\AppData\Roaming\Mozilla\Firefox\Profiles\0nosarce.default\
.
- - - - ORPHELINS SUPPRIMES - - - -
.
URLSearchHooks-{8e5025c2-8ea3-430d-80b8-a14151068a6d} - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
AddRemove-EasyBits Magic Desktop - c:\windows\system32\ezMDUninstall.exe
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
AddRemove-{6F44AF95-3CDE-4513-AD3F-6D45F17BF324} - c:\program files (x86)\InstallShield Installation Information\{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}\setup.exe
.
.
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_USERS\S-1-5-21-2931839307-813136763-1367384597-1001_Classes\Wow6432Node\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"scansk"=hex(0):55,e9,31,75,57,c9,61,32,8d,23,ea,28,0f,f3,c2,96,17,e1,75,cf,5e,
   3c,c4,33,0c,2a,f6,f2,23,17,91,d6,b8,6b,9f,f7,ea,c5,58,1c,00,00,00,00,00,00,\
.
[HKEY_USERS\S-1-5-21-2931839307-813136763-1367384597-1001_Classes\Wow6432Node\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"scansk"=hex(0):80,87,7d,0a,76,9f,55,7d,a4,e8,b4,50,90,58,d0,34,0e,88,5b,3f,5e,
   b0,81,eb,1a,3c,12,de,f4,85,7c,87,eb,fa,6d,52,0a,03,ed,31,00,00,00,00,00,00,\
.
[HKEY_USERS\S-1-5-21-2931839307-813136763-1367384597-1001_Classes\Wow6432Node\CLSID\{7ef46d5e-045d-481e-843c-e8557a1cb8e8}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"Model"=dword:0000004d
"Therad"=dword:00000020
"MData"=hex(0):2b,8f,78,29,5a,0c,ce,ec,48,d4,68,e5,9f,6a,96,3e,ab,de,c5,81,26,
   38,95,44,42,3c,c6,95,86,b1,27,06,d0,61,f2,6d,d8,27,f5,91,1d,07,1e,b4,c6,34,\
.
[HKEY_USERS\S-1-5-21-2931839307-813136763-1367384597-1001_Classes\Wow6432Node\CLSID\{baa9c3a2-4333-4401-b4ce-c42c3d0a8fa6}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"Model"=dword:000000be
"Therad"=dword:0000001c
"MData"=hex(0):73,d5,cf,b8,a4,07,89,80,31,e4,35,6b,2a,ca,fe,43,b6,1f,81,1f,5a,
   1b,4d,36,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Heure de fin: 2012-08-28  11:29:44
ComboFix-quarantined-files.txt  2012-08-28 11:29
.
Avant-CF: 77 178 126 336 octets libres
Après-CF: 76 513 497 088 octets libres
.
- - End Of File - - 1182859AB1DAA14D7DE6B6BDF3FE51D4