[Résolu] impossible de lancer kaspersky

(2 Pages)
←
1
2

Vous ne pouvez pas commencer un sujet
Vous ne pouvez pas répondre à ce sujet

[Résolu] impossible de lancer kaspersky Noter :

#11 kolchok

Junior Member

Groupe : Membres
Messages : 20
Inscrit(e) : 12-décembre 10

Posté 16 février 2011 - 10:34

bonjour,
ComboFix 11-02-15.04 - kolchok 16/02/2011 12:24:32.1.4 - x64
Microsoft Windows 7 Édition Intégrale 6.1.7600.0.1252.33.1033.18.2750.1765 [GMT 1:00]
Lancé depuis: c:\users\kolchok\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\install.exe
c:\programdata\Desktop
c:\users\kolchok\AppData\Roaming\Local
c:\users\kolchok\AppData\Roaming\Local\Temp\DDM\Settings\.ddr
c:\users\kolchok\AppData\Roaming\Local\Temp\DDM\Settings\0.ddi
c:\users\kolchok\AppData\Roaming\Local\Temp\DDM\Settings\1.ddi
c:\users\kolchok\AppData\Roaming\Local\Temp\DDM\Settings\Megamind.2010.FRENCH.DVDSCR.LD.REPACK.1CD.XviD-SERENiTY-UNDERGROUNDDDL.COM.avi.ddr
c:\users\kolchok\AppData\Roaming\Local\Temp\DDM\Settings\settings.ddi
c:\users\kolchok\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\(2)
c:\users\kolchok\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\Megamind.2010.FRENCH.DVDSCR.LD.REPACK.1CD.XviD-SERENiTY-UNDERGROUNDDDL.COM.avi.ddp
c:\windows\system32\rockers.reg
c:\windows\SysWow64\rockers.reg

.
((((((((((((((((((((((((((((( Fichiers créés du 2011-01-16 au 2011-02-16 ))))))))))))))))))))))))))))))))))))
.

2011-02-16 11:30 . 2011-02-16 11:30 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-02-16 02:05 . 2011-02-16 02:13 270856 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2011-02-16 02:05 . 2011-02-16 02:05 -------- d-----w- c:\users\kolchok\AppData\Local\PunkBuster
2011-02-15 13:29 . 2011-02-15 13:29 -------- d-----w- c:\program files (x86)\SEAF
2011-02-14 20:32 . 2011-02-14 20:32 -------- d-----w- c:\users\kolchok\AppData\Roaming\Hi-Rez Studios
2011-02-14 20:32 . 2011-02-14 20:32 -------- d--h--w- c:\windows\msdownld.tmp
2011-02-14 20:32 . 2011-02-14 20:32 -------- d-----w- c:\windows\B83FC356B7C0441F8A4DD71E088E7974.TMP
2011-02-14 20:31 . 2011-02-14 20:31 -------- d-----w- c:\program files (x86)\Common Files\Wise Installation Wizard
2011-02-14 04:50 . 2009-09-04 16:29 1974616 ----a-w- c:\windows\SysWow64\D3DCompiler_42.dll
2011-02-13 20:05 . 2011-02-13 20:05 -------- d-----w- c:\program files (x86)\Ad-Remover
2011-02-13 07:27 . 2011-02-13 07:27 -------- d--h--r- c:\users\kolchok\AppData\Roaming\SecuROM
2011-02-13 04:11 . 2011-02-13 04:11 -------- d-sh--w- c:\programdata\DSS
2011-02-13 03:48 . 2011-02-13 03:51 -------- d-----w- c:\users\kolchok\AppData\Roaming\DAEMON Tools Lite
2011-02-13 03:48 . 2011-02-13 03:51 -------- d-----w- c:\programdata\DAEMON Tools Lite
2011-02-12 09:24 . 2011-02-12 09:24 -------- d-----w- c:\programdata\Steam
2011-02-12 09:24 . 2011-02-12 09:25 -------- d-----w- c:\programdata\PopCap Games
2011-02-09 02:01 . 2010-12-18 03:35 2381824 ----a-w- c:\windows\system32\mshtml.tlb
2011-02-09 02:01 . 2010-12-18 03:15 2381824 ----a-w- c:\windows\SysWow64\mshtml.tlb
2011-02-09 02:01 . 2010-12-18 03:39 1502208 ----a-w- c:\windows\system32\inetcpl.cpl
2011-02-09 02:01 . 2010-12-18 03:19 1448448 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2011-02-08 23:45 . 2011-01-13 10:20 7844688 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{EF044FD4-7991-4B48-85D4-200BCD6D3DE3}\mpengine.dll
2011-01-18 09:18 . 2011-02-14 08:38 -------- d-----w- c:\users\kolchok\AppData\Roaming\DivX
2011-01-18 09:18 . 2011-01-18 09:18 -------- d-----w- c:\program files (x86)\Common Files\PX Storage Engine
2011-01-18 09:18 . 2011-01-18 09:18 -------- d-----w- c:\program files\DivX
2011-01-18 09:17 . 2011-01-18 09:18 -------- d-----w- c:\program files (x86)\Common Files\DivX Shared

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-12-30 10:59 . 2011-01-11 11:01 2690280 ----a-w- c:\windows\system32\drivers\RTKVHD64.sys
2010-12-30 00:35 . 2010-10-05 20:09 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2010-12-29 13:30 . 2011-01-11 11:01 2828904 ----a-w- c:\windows\system32\RtkAPO64.dll
2010-12-28 14:51 . 2011-01-11 11:01 608768 ----a-w- c:\windows\system32\RCoRes64.dat
2010-12-22 10:28 . 2011-01-11 11:01 2328168 ----a-w- c:\windows\system32\RtPgEx64.dll
2010-12-20 17:08 . 2010-11-14 18:03 24152 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-12-14 02:12 . 2010-12-14 02:13 521448 ----a-w- c:\windows\system32\deployJava1.dll
2010-11-29 17:47 . 2011-01-11 11:01 2578576 ----a-w- c:\windows\system32\WavesGUILib.dll
2010-11-29 17:47 . 2011-01-11 11:01 1868944 ----a-w- c:\windows\system32\MaxxAudioRealtek.dll
2010-11-23 17:45 . 2011-01-11 11:01 1247848 ----a-w- c:\windows\system32\RTCOM64.dll
2010-11-22 10:39 . 2011-01-11 11:01 626792 ----a-w- c:\windows\system32\RtkApi64.dll
.

------- Sigcheck -------

[-] 2010-10-06 . 861C4346F9281DC0380DE72C8D55D6BE . 833024 . . [6.1.7600.16385] . . c:\windows\SysWOW64\user32.dll
[7] 2009-07-14 . 72D7B3EA16946E8F0CF7458150031CC6 . 1008640 . . [6.1.7600.16385] . . c:\windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll
[7] 2009-07-14 . E8B0FFC209E504CB7E79FC24E6C085F0 . 833024 . . [6.1.7600.16385] . . c:\windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_3382083abb6e47d4\user32.dll
[-] 2010-10-06 . 2C353B6CE0C8D03225CAA2AF33B68D79 . 1008640 . . [6.1.7600.16385] . . c:\windows\system32\user32.dll

[-] 2010-10-06 . 861C4346F9281DC0380DE72C8D55D6BE . 833024 . . [6.1.7600.16385] . . c:\windows\SysWOW64\user32.dll
[7] 2009-07-14 . 72D7B3EA16946E8F0CF7458150031CC6 . 1008640 . . [6.1.7600.16385] . . c:\windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll
[7] 2009-07-14 . E8B0FFC209E504CB7E79FC24E6C085F0 . 833024 . . [6.1.7600.16385] . . c:\windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_3382083abb6e47d4\user32.dll
[-] 2010-10-06 . 2C353B6CE0C8D03225CAA2AF33B68D79 . 1008640 . . [6.1.7600.16385] . . c:\windows\system32\user32.dll
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1475072]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2010-10-5 1207312]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)
"NoSMBalloonTip"= 1 (0x1)

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)
"NoSMBalloonTip"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Service Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-11-18 136176]
R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2010-10-06 1255736]
S0 videX64;videX64;c:\windows\system32\DRIVERS\videX64.sys [2010-02-11 15000]
S0 xfiltx64;VIA SATA IDE Hot-plug Driver;c:\windows\system32\DRIVERS\xfiltx64.sys [2010-02-11 26776]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-10-16 369256]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys [2009-11-23 22408]
S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys [2009-11-23 16008]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [2010-09-07 155752]
S3 RTL8023x64;Realtek 10/100 NIC Family NDIS x64 Driver;c:\windows\system32\DRIVERS\Rtnic64.sys [2009-07-23 52736]

.
Contenu du dossier 'Tâches planifiées'

2011-02-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-11-18 20:51]
.

--------- x86-64 -----------

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2009-06-17 130576]
"Launch LgDeviceAgent"="c:\program files\Logitech\GamePanel Software\LgDevAgt.exe" [2010-08-03 415816]
"Launch LCDMon"="c:\program files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe" [2010-08-03 2412616]
"Launch LGDCore"="c:\program files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" [2010-08-03 4725320]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-12-23 11725928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Examen supplémentaire -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
FF - ProfilePath - c:\users\kolchok\AppData\Roaming\Mozilla\Firefox\Profiles\je2z1rt4.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/firefox
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Skype extension for Firefox: {AB2CE124-6272-4b12-94A9-7303C7397BD1} - c:\program files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: DivX Plus Web Player HTML5 <video>: {23fcfd51-4958-4f00-80a3-ae97e717ed8b} - c:\program files (x86)\DivX\DivX Plus Web Player\firefox\html5video
FF - Ext: DivX HiQ: {6904342A-8307-11DF-A508-4AE2DFD72085} - c:\program files (x86)\DivX\DivX Plus Web Player\firefox\wpa
.
- - - - ORPHELINS SUPPRIMES - - - -

Notify-klogon - (no file)
Notify-LBTWlgn - (no file)
AddRemove-installer - c:\program files (x86)\Installer\un_installer_21627.exe
AddRemove-Magelo Sync - c:\program files (x86)\Magelo\Magelo Sync\UnInstall.exe
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc_moh.exe

.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------

[HKEY_USERS\S-1-5-21-1832532766-817392245-452576883-1000\Software\SecuROM\License information*]
"datasecu"=hex:e2,35,9d,5a,62,2a,75,4c,38,87,7b,de,c9,7e,57,b4,44,85,a9,2a,ac,
60,8a,42,81,70,d8,7f,08,cc,5b,05,e0,54,73,e4,f4,d9,77,37,50,84,84,52,bd,c8,\
"rkeysecu"=hex:c2,af,b8,dc,a2,ec,ac,41,f0,cd,ed,17,ee,98,77,f4

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx"
"ThreadingModel"="Apartment"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx"
"ThreadingModel"="Apartment"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Autres processus actifs ------------------------
.
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files\Logitech\SetPoint\x86\SetPoint32.exe
c:\program files (x86)\Windows Media Player\wmplayer.exe
.
**************************************************************************
.
Heure de fin: 2011-02-16 12:38:38 - La machine a redémarré
ComboFix-quarantined-files.txt 2011-02-16 11:38

Avant-CF: 374 985 760 768 octets libres
Après-CF: 374 742 278 144 octets libres

- - End Of File - - 654941B1AFEDE1CE408A8031A8218979

Ce message a été modifié par kolchok - 16 février 2011 - 01:02 .

Retour en haut of the page up there ^

#12 pear

Devil Member !

Groupe : Equipe Sécurité
Messages : 16496
Inscrit(e) : 22-mars 05

Posté 16 février 2011 - 04:56

Déconnectez-vous du net et désactivez l'antivirus (juste le temps de la procédure !)
Connecter tous les disques amovibles (disque dur externe, clé USB…).
Dans certaines circonstances , le Mode sans échec peut être nécessaire
Vérifiez que l'antivirus soit bien désactivé car un redémarrage le réactive

# Dans le bloc-note ,copiez-collez ces lignes :
KillAll::

Driver::
"Bonjour Service"
gupdate
File::
c:\Program Files\\Bonjour\\mDNSResponder.exe
c:\program files\Google\Update\GoogleUpdate.exe
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
Fcopy::
c:\windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_3382083abb6e47d4\user32.dll | c:\windows\SysWOW64\user32.dll

c:\windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll | c:\windows\System32\user32.dll

* Attention, ce code a été rédigé spécialement pour cet utilisateur, il serait dangereux de le réutiliser dans d'autres cas !
Enregistrez-le en lui donnant le nom CFScript.txt
Ouvrez Combofix
* Faire un glisser/déposer de ce fichier CFScript sur le fichier ComboFix.exe
Image IPB

* Au message qui apparait dans une fenêtre bleue ( Type 1 to continue, or 2 to abort) , taper 1 puis valider.
* Patienter le temps du scan.
Le bureau va disparaitre à plusieurs reprises: c'est normal!
Ne toucher à rien tant que le scan n'est pas terminé.

Le rapport de ComboFix ne s'affichera qu'à la fin
Poster son contenu.
Si le fichier n'apparait pas, il se trouve ici > C:\ComboFix.txt
[/color]

Si ce que tu as à dire ne vaut pas mieux que le silence, tais-toi (Confucius)

Retour en haut of the page up there ^

#13 kolchok

Junior Member

Groupe : Membres
Messages : 20
Inscrit(e) : 12-décembre 10

Posté 17 février 2011 - 08:21

bonsoir, voila le rapport de combofix

ComboFix 11-02-15.04 - kolchok 17/02/2011 20:03:55.2.4 - x64
Microsoft Windows 7 Édition Intégrale 6.1.7600.0.1252.33.1033.18.2750.2029 [GMT 1:00]
Lancé depuis: c:\users\kolchok\Desktop\ComboFix.exe
Commutateurs utilisés :: c:\users\kolchok\Desktop\CFScript.txt.txt
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

FILE ::
"c:\program files\\Bonjour\\mDNSResponder.exe"
"c:\program files\Google\Update\GoogleUpdate.exe"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

.
--------------- FCopy ---------------

c:\windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_3382083abb6e47d4\user32.dll --> c:\windows\SysWOW64\user32.dll
c:\windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll --> c:\windows\System32\user32.dll
.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_gupdate

((((((((((((((((((((((((((((( Fichiers créés du 2011-01-17 au 2011-02-17 ))))))))))))))))))))))))))))))))))))
.

2011-02-17 19:10 . 2011-02-17 19:10 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-02-16 23:10 . 2011-02-17 03:27 -------- d-----w- c:\program files (x86)\EA GAMES
2011-02-16 23:09 . 2004-10-22 01:18 749568 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iKernel.dll
2011-02-16 23:09 . 2004-10-22 01:17 69715 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\ctor.dll
2011-02-16 23:09 . 2004-10-22 01:17 274432 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iscript.dll
2011-02-16 23:09 . 2004-10-22 01:16 180224 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iuser.dll
2011-02-16 23:09 . 2004-10-22 01:16 5632 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\DotNetInstaller.exe
2011-02-16 23:09 . 2011-02-16 23:09 323716 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\setup.dll
2011-02-16 23:09 . 2011-02-16 23:09 192644 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iGdi.dll
2011-02-16 02:05 . 2011-02-17 17:18 270856 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2011-02-16 02:05 . 2011-02-17 04:00 -------- d-----w- c:\users\kolchok\AppData\Local\PunkBuster
2011-02-15 20:58 . 2011-02-15 20:58 -------- d-----w- c:\users\kolchok\AppData\Local\Electronic Arts
2011-02-14 20:32 . 2011-02-14 20:32 -------- d-----w- c:\users\kolchok\AppData\Roaming\Hi-Rez Studios
2011-02-14 20:32 . 2011-02-14 20:32 -------- d--h--w- c:\windows\msdownld.tmp
2011-02-14 20:32 . 2011-02-14 20:32 -------- d-----w- c:\windows\B83FC356B7C0441F8A4DD71E088E7974.TMP
2011-02-14 20:31 . 2011-02-14 20:31 -------- d-----w- c:\program files (x86)\Common Files\Wise Installation Wizard
2011-02-14 04:50 . 2009-09-04 16:29 1974616 ----a-w- c:\windows\SysWow64\D3DCompiler_42.dll
2011-02-13 20:05 . 2011-02-13 20:05 -------- d-----w- c:\program files (x86)\Ad-Remover
2011-02-13 07:27 . 2011-02-13 07:27 -------- d--h--r- c:\users\kolchok\AppData\Roaming\SecuROM
2011-02-13 04:11 . 2011-02-13 04:11 -------- d-sh--w- c:\programdata\DSS
2011-02-13 03:48 . 2011-02-13 03:51 -------- d-----w- c:\users\kolchok\AppData\Roaming\DAEMON Tools Lite
2011-02-13 03:48 . 2011-02-13 03:51 -------- d-----w- c:\programdata\DAEMON Tools Lite
2011-02-12 09:24 . 2011-02-12 09:24 -------- d-----w- c:\programdata\Steam
2011-02-12 09:24 . 2011-02-12 09:25 -------- d-----w- c:\programdata\PopCap Games
2011-02-09 02:01 . 2010-12-18 03:35 2381824 ----a-w- c:\windows\system32\mshtml.tlb
2011-02-09 02:01 . 2010-12-18 03:15 2381824 ----a-w- c:\windows\SysWow64\mshtml.tlb
2011-02-09 02:01 . 2010-12-18 03:39 1502208 ----a-w- c:\windows\system32\inetcpl.cpl
2011-02-09 02:01 . 2010-12-18 03:19 1448448 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2011-02-08 23:45 . 2011-01-13 10:20 7844688 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{EF044FD4-7991-4B48-85D4-200BCD6D3DE3}\mpengine.dll

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-12-30 10:59 . 2011-01-11 11:01 2690280 ----a-w- c:\windows\system32\drivers\RTKVHD64.sys
2010-12-30 00:35 . 2010-10-05 20:09 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2010-12-29 13:30 . 2011-01-11 11:01 2828904 ----a-w- c:\windows\system32\RtkAPO64.dll
2010-12-28 14:51 . 2011-01-11 11:01 608768 ----a-w- c:\windows\system32\RCoRes64.dat
2010-12-22 10:28 . 2011-01-11 11:01 2328168 ----a-w- c:\windows\system32\RtPgEx64.dll
2010-12-20 17:08 . 2010-11-14 18:03 24152 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-12-14 02:12 . 2010-12-14 02:13 521448 ----a-w- c:\windows\system32\deployJava1.dll
2010-11-29 17:47 . 2011-01-11 11:01 2578576 ----a-w- c:\windows\system32\WavesGUILib.dll
2010-11-29 17:47 . 2011-01-11 11:01 1868944 ----a-w- c:\windows\system32\MaxxAudioRealtek.dll
2010-11-23 17:45 . 2011-01-11 11:01 1247848 ----a-w- c:\windows\system32\RTCOM64.dll
2010-11-22 10:39 . 2011-01-11 11:01 626792 ----a-w- c:\windows\system32\RtkApi64.dll
.

((((((((((((((((((((((((((((( SnapShot@2011-02-16_11.33.28 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-02-15 20:50 . 2011-02-17 03:47 75136 c:\windows\SysWOW64\PnkBstrA.exe
- 2011-02-15 20:50 . 2011-02-16 02:13 75136 c:\windows\SysWOW64\PnkBstrA.exe
+ 2010-10-05 20:28 . 2011-02-17 17:18 37618 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2011-02-17 17:18 31924 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2010-10-05 20:17 . 2011-02-17 17:18 11106 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1832532766-817392245-452576883-1000_UserData.bin
- 2009-07-14 05:30 . 2011-02-13 21:16 86016 c:\windows\system32\DriverStore\infpub.dat
+ 2009-07-14 05:30 . 2011-02-16 19:58 86016 c:\windows\system32\DriverStore\infpub.dat
- 2011-02-16 11:32 . 2011-02-16 11:32 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-02-17 19:13 . 2011-02-17 19:13 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-02-17 19:13 . 2011-02-17 19:13 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2011-02-16 11:32 . 2011-02-16 11:32 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2011-02-15 20:50 . 2011-02-17 17:18 270856 c:\windows\SysWOW64\PnkBstrB.exe
- 2011-02-15 20:50 . 2011-02-16 02:13 270856 c:\windows\SysWOW64\PnkBstrB.exe
+ 2009-07-14 05:30 . 2011-02-16 19:58 143360 c:\windows\system32\DriverStore\infstrng.dat
- 2009-07-14 05:30 . 2011-02-13 21:16 143360 c:\windows\system32\DriverStore\infstrng.dat
- 2009-07-14 05:30 . 2011-02-13 21:16 143360 c:\windows\system32\DriverStore\infstor.dat
+ 2009-07-14 05:30 . 2011-02-16 19:58 143360 c:\windows\system32\DriverStore\infstor.dat
- 2009-07-14 05:01 . 2011-02-16 11:30 226136 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2011-02-17 19:11 226136 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2010-10-16 07:20 . 2011-02-13 04:24 348368 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1832532766-817392245-452576883-1000-12288.dat
+ 2010-10-16 07:20 . 2011-02-17 16:15 348368 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1832532766-817392245-452576883-1000-12288.dat
- 2010-12-14 07:41 . 2011-02-16 03:36 1239048 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1832532766-817392245-452576883-1000-8192.dat
+ 2010-12-14 07:41 . 2011-02-17 16:15 1239048 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1832532766-817392245-452576883-1000-8192.dat
- 2009-07-14 02:34 . 2011-02-16 08:27 10485760 c:\windows\system32\SMI\Store\Machine\schema.dat
+ 2009-07-14 02:34 . 2011-02-17 16:31 10485760 c:\windows\system32\SMI\Store\Machine\schema.dat
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1475072]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2010-10-5 1207312]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)
"NoSMBalloonTip"= 1 (0x1)

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)
"NoSMBalloonTip"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\klogon]
[BU]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
[BU]

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2010-10-06 1255736]
S0 videX64;videX64;c:\windows\system32\DRIVERS\videX64.sys [2010-02-11 15000]
S0 xfiltx64;VIA SATA IDE Hot-plug Driver;c:\windows\system32\DRIVERS\xfiltx64.sys [2010-02-11 26776]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-10-16 369256]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys [2009-11-23 22408]
S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys [2009-11-23 16008]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [2010-09-07 155752]
S3 RTL8023x64;Realtek 10/100 NIC Family NDIS x64 Driver;c:\windows\system32\DRIVERS\Rtnic64.sys [2009-07-23 52736]

.

--------- x86-64 -----------

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"combofix"="c:\combofix\CF15493.cfxxe" [X]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2009-06-17 130576]
"Launch LgDeviceAgent"="c:\program files\Logitech\GamePanel Software\LgDevAgt.exe" [2010-08-03 415816]
"Launch LCDMon"="c:\program files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe" [2010-08-03 2412616]
"Launch LGDCore"="c:\program files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" [2010-08-03 4725320]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-12-23 11725928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_Dlls"=0x0
.
------- Examen supplémentaire -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
FF - ProfilePath - c:\users\kolchok\AppData\Roaming\Mozilla\Firefox\Profiles\je2z1rt4.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/firefox
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Skype extension for Firefox: {AB2CE124-6272-4b12-94A9-7303C7397BD1} - c:\program files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: DivX Plus Web Player HTML5 <video>: {23fcfd51-4958-4f00-80a3-ae97e717ed8b} - c:\program files (x86)\DivX\DivX Plus Web Player\firefox\html5video
FF - Ext: DivX HiQ: {6904342A-8307-11DF-A508-4AE2DFD72085} - c:\program files (x86)\DivX\DivX Plus Web Player\firefox\wpa
FF - Ext: Battlefield Heroes Updater: battlefieldheroespatcher@ea.com - %profile%\extensions\battlefieldheroespatcher@ea.com
.
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------

[HKEY_USERS\S-1-5-21-1832532766-817392245-452576883-1000\Software\SecuROM\License information*]
"datasecu"=hex:e2,35,9d,5a,62,2a,75,4c,38,87,7b,de,c9,7e,57,b4,44,85,a9,2a,ac,
60,8a,42,81,70,d8,7f,08,cc,5b,05,e0,54,73,e4,f4,d9,77,37,50,84,84,52,bd,c8,\
"rkeysecu"=hex:c2,af,b8,dc,a2,ec,ac,41,f0,cd,ed,17,ee,98,77,f4

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx"
"ThreadingModel"="Apartment"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx"
"ThreadingModel"="Apartment"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Autres processus actifs ------------------------
.
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\program files\Logitech\SetPoint\x86\SetPoint32.exe
c:\program files (x86)\Windows Media Player\wmplayer.exe
.
**************************************************************************
.
Heure de fin: 2011-02-17 20:19:04 - La machine a redémarré
ComboFix-quarantined-files.txt 2011-02-17 19:19
ComboFix2.txt 2011-02-16 11:38

Avant-CF: 367 655 145 472 octets libres
Après-CF: 367 411 519 488 octets libres

- - End Of File - - 2F0D0B0DA000AECF16BE217C50212EE2

Retour en haut of the page up there ^

#14 pear

Devil Member !

Groupe : Equipe Sécurité
Messages : 16496
Inscrit(e) : 22-mars 05

Posté 18 février 2011 - 06:49

Et comment va la machine ?

Si ce que tu as à dire ne vaut pas mieux que le silence, tais-toi (Confucius)

Retour en haut of the page up there ^

#15 kolchok

Junior Member

Groupe : Membres
Messages : 20
Inscrit(e) : 12-décembre 10

Posté 19 février 2011 - 06:29

bonjour,
la machine se porte très bien. J'ai pu réinstaler kaspersky.
Merci pour tout, je ni serais jamais arrivé sans vous.
Encore une fois je vous remercie d'avoir passé du temps sur les problèmes de mon pc.

Amicalement, kolchok

Retour en haut of the page up there ^

(2 Pages)
←
1
2

Vous ne pouvez pas commencer un sujet
Vous ne pouvez pas répondre à ce sujet

Similar Topics
Sujet	Commencé par	Statistiques	Infos sur le dernier message
RAM surexploitée, lenteur, impossible d'enregistrer un projet	Raphaël	2 réponses 120 vues	16 mai 2012 - 07:27 Par : rafw
[Résolu] Firefox a cessé de fonctionner	patisijm	6 réponses 186 vues	25 mai 2012 - 03:40 Par : patisijm
[Résolu] GPU 98° WTTTTF ? 1 2	alakisi	12 réponses 205 vues	25 mai 2012 - 05:42 Par : Tonton
(Résolu)Regedit incomplet	gilles88	6 réponses 125 vues	24 mai 2012 - 09:47 Par : ticlou
[Résolu] Réseau Wifi Up !	Dragost	2 réponses 151 vues	23 mai 2012 - 07:40 Par : Dragost
[Résolu] Problème drivers Nvidia	yoyothebest	3 réponses 213 vues	25 mai 2012 - 08:59 Par : yoyothebest
[Résolu] Problème avec Java 1 2 3 4	Editha	33 réponses 1243 vues	19 avril 2012 - 06:24 Par : Editha
[Résolu] Installclick Connector	gilles88	1 réponses 183 vues	22 mai 2012 - 10:21 Par : Raymond 78
[Résolu] Extraire texte et images d'un PDF 1 2 [Résolu… si l'on veut !] Comment procéder ?	BayernFan62	11 réponses 1410 vues	19 août 2011 - 02:41 Par : asap
[Résolu] Apparition bandeau noir sur fond noir Au démarrage de Windows XP	pyramides	8 réponses 303 vues	21 mai 2012 - 07:07 Par : pyramides