API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Jan 6th, 2012
55
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 27.75 KB | None | 0 0
raw download clone embed print report
  1. ComboFix 12-01-06.01 - natinusala 06/01/2012 22:29:58.1.4 - x64 NETWORK
  2. Microsoft Windows 7 Édition Intégrale 6.1.7600.0.1252.33.1036.18.4079.2781 [GMT 1:00]
  3. Lancé depuis: c:\users\natinusala\Desktop\ComboFix.exe
  4. AV: Kaspersky Internet Security *Enabled/Updated* {2EAA32A5-1EE1-1B22-95DA-337730C6E984}
  5. FW: Kaspersky Internet Security *Enabled* {1691B380-548E-1A7A-BE85-9A42CE15AEFF}
  6. SP: Kaspersky Internet Security *Enabled/Updated* {95CBD341-38DB-14AC-AF6A-08054B41A339}
  7. SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
  8. * Un nouveau point de restauration a été créé
  9. .
  10. .
  11. (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
  12. .
  13. .
  14. C:\install.exe
  15. c:\users\natinusala\AppData\Local\assembly\tmp
  16. c:\users\natinusala\AppData\Roaming\RIFT
  17. c:\users\natinusala\AppData\Roaming\RIFT\rift.cfg
  18. c:\windows\system32\java.exe
  19. c:\windows\SysWow64\RGSS100J.dll
  20. c:\windows\SysWow64\RGSS103J.dll
  21. c:\windows\SysWow64\RGSS104E.dll
  22. c:\windows\SysWow64\RGSS104J.dll
  23. .
  24. .
  25. ((((((((((((((((((((((((((((( Fichiers créés du 2011-12-06 au 2012-01-06 ))))))))))))))))))))))))))))))))))))
  26. .
  27. .
  28. 2012-01-05 18:19 . 2012-01-05 18:19 512 ----a-w- C:\PhysicalMBR.bin
  29. 2012-01-04 19:06 . 2012-01-05 17:38 -------- d-----w- C:\ZHP
  30. 2012-01-04 19:06 . 2012-01-05 17:38 -------- d-----w- c:\program files (x86)\ZHPDiag
  31. 2012-01-04 14:52 . 2012-01-04 15:07 -------- d-----w- c:\users\natinusala\AppData\Roaming\.minecraft
  32. 2012-01-04 11:15 . 2012-01-04 11:15 -------- d-----w- c:\users\natinusala\AppData\Local\NeoSmart_Technologies
  33. 2012-01-04 11:14 . 2012-01-04 11:14 -------- d-----w- c:\program files (x86)\NeoSmart Technologies
  34. 2012-01-03 17:31 . 2011-11-21 11:40 8822856 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D163BE0D-08B4-4AAC-957A-D507A51624F7}\mpengine.dll
  35. 2012-01-02 19:09 . 2012-01-02 19:10 -------- d-----w- c:\program files (x86)\MTA San Andreas 1.2
  36. 2012-01-02 19:09 . 2012-01-02 19:09 -------- d-----w- c:\programdata\MTA San Andreas All
  37. 2012-01-02 18:59 . 2012-01-02 19:05 -------- d-----w- c:\users\natinusala\AppData\Local\MTA San Andreas
  38. 2012-01-02 18:59 . 2012-01-02 18:59 -------- d-----w- c:\program files (x86)\MTA San Andreas
  39. 2012-01-02 18:46 . 2008-07-13 12:51 -------- d-----w- c:\program files (x86)\GTA San andreas
  40. 2012-01-01 18:37 . 2012-01-01 18:37 -------- d-----w- C:\Games
  41. 2012-01-01 14:39 . 2012-01-01 14:39 -------- d-----w- c:\program files (x86)\RomStation
  42. 2012-01-01 14:13 . 2012-01-01 14:13 -------- d-----w- c:\program files (x86)\RPG Maker VX
  43. 2012-01-01 14:12 . 2005-08-29 23:00 781312 ----a-w- c:\windows\SysWow64\RGSS102J.dll
  44. 2012-01-01 14:12 . 2005-08-29 23:00 778752 ----a-w- c:\windows\SysWow64\RGSS102E.dll
  45. 2012-01-01 14:12 . 2012-01-01 14:12 -------- d-----w- c:\program files (x86)\RPG Maker XP
  46. 2011-12-30 16:02 . 2011-12-30 16:04 -------- d-----w- c:\users\natinusala\AppData\Roaming\redsn0w
  47. 2011-12-30 15:09 . 2011-12-30 15:09 -------- d-----w- c:\program files\iPod
  48. 2011-12-30 15:09 . 2011-12-30 15:09 -------- d-----w- c:\program files\iTunes
  49. 2011-12-30 15:09 . 2011-12-30 15:09 -------- d-----w- c:\program files (x86)\iTunes
  50. 2011-12-30 15:07 . 2011-12-30 15:07 -------- d-----w- c:\program files\Bonjour
  51. 2011-12-30 15:07 . 2011-12-30 15:07 -------- d-----w- c:\program files (x86)\Bonjour
  52. 2011-12-30 15:03 . 2011-12-30 15:03 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin7.dll
  53. 2011-12-30 15:03 . 2011-12-30 15:03 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin6.dll
  54. 2011-12-30 15:03 . 2011-12-30 15:03 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin5.dll
  55. 2011-12-30 15:03 . 2011-12-30 15:03 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin4.dll
  56. 2011-12-30 15:03 . 2011-12-30 15:03 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin3.dll
  57. 2011-12-30 15:03 . 2011-12-30 15:03 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin2.dll
  58. 2011-12-30 15:03 . 2011-12-30 15:03 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin.dll
  59. 2011-12-30 14:59 . 2011-12-30 14:59 -------- d-----w- c:\program files (x86)\Apple Software Update
  60. 2011-12-21 15:49 . 2011-12-21 15:51 -------- d-----w- c:\users\natinusala\git
  61. 2011-12-15 18:26 . 2011-12-15 18:26 -------- d-----w- c:\program files (x86)\PremiumSoft
  62. 2011-12-14 12:01 . 2011-10-26 05:19 43520 ----a-w- c:\windows\system32\csrsrv.dll
  63. 2011-12-14 12:01 . 2011-11-24 05:00 3141632 ----a-w- c:\windows\system32\win32k.sys
  64. 2011-12-14 12:01 . 2011-10-15 06:25 723456 ----a-w- c:\windows\system32\EncDec.dll
  65. 2011-12-14 12:01 . 2011-10-15 05:48 534528 ----a-w- c:\windows\SysWow64\EncDec.dll
  66. 2011-12-14 12:00 . 2011-11-05 05:17 2048 ----a-w- c:\windows\system32\tzres.dll
  67. 2011-12-14 12:00 . 2011-11-05 04:30 2048 ----a-w- c:\windows\SysWow64\tzres.dll
  68. 2011-12-10 18:42 . 2012-01-05 19:10 -------- d-----w- c:\program files\COMODO
  69. 2011-12-10 18:41 . 2011-12-10 18:42 -------- d-----w- c:\programdata\Comodo Downloader
  70. 2011-12-10 17:45 . 2011-12-10 17:45 -------- d-----w- c:\users\natinusala\AppData\Roaming\CheckPoint
  71. 2011-12-10 17:45 . 2011-12-10 18:35 -------- d-----w- c:\program files\CheckPoint
  72. 2011-12-10 17:44 . 2011-12-10 17:44 -------- d-----w- c:\programdata\CheckPoint
  73. 2011-12-10 17:44 . 2010-04-09 11:06 374664 ----a-w- c:\windows\system32\drivers\netio.sys
  74. 2011-12-10 17:35 . 2011-12-10 18:35 -------- d-----w- c:\program files (x86)\CheckPoint
  75. 2011-12-10 14:51 . 2011-12-10 14:51 -------- d-----w- c:\windows\SysWow64\RTCOM
  76. 2011-12-10 14:51 . 2011-12-10 14:51 -------- d-----w- c:\program files\Realtek
  77. 2011-12-09 20:33 . 2011-12-09 20:36 -------- d-----w- C:\mole
  78. 2011-12-08 16:43 . 2011-12-08 16:43 -------- d-----w- c:\users\natinusala\AppData\Local\GForce
  79. 2011-12-08 16:42 . 2011-12-08 16:42 -------- d-----w- c:\program files (x86)\GForce
  80. 2011-12-08 16:39 . 2011-12-11 18:39 -------- d-----w- c:\program files (x86)\Saints Row The Third
  81. 2011-12-07 21:39 . 2011-12-07 21:40 -------- d-----w- c:\users\natinusala\AppData\Roaming\QuickScan
  82. .
  83. .
  84. .
  85. (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
  86. .
  87. 2012-01-01 18:37 . 2011-09-26 18:22 466456 ----a-w- c:\windows\system32\wrap_oal.dll
  88. 2012-01-01 18:37 . 2011-09-26 18:22 444952 ----a-w- c:\windows\SysWow64\wrap_oal.dll
  89. 2012-01-01 18:37 . 2011-09-26 18:22 122904 ----a-w- c:\windows\system32\OpenAL32.dll
  90. 2012-01-01 18:37 . 2011-09-26 18:22 109080 ----a-w- c:\windows\SysWow64\OpenAL32.dll
  91. 2011-12-10 14:24 . 2011-11-29 20:46 23152 ----a-w- c:\windows\system32\drivers\mbam.sys
  92. 2011-12-08 06:13 . 2011-07-13 16:56 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
  93. 2011-11-15 13:29 . 2011-07-13 17:32 270720 ------w- c:\windows\system32\MpSigStub.exe
  94. 2011-11-09 18:26 . 2011-07-16 11:21 191904 ----a-w- c:\programdata\Microsoft\VCSExpress\10.0\1036\ResourceCache.dll
  95. 2011-10-30 20:47 . 2011-10-30 20:47 0 ----a-w- C:\Text1.zip
  96. 2011-10-30 20:45 . 2011-10-30 20:45 4528 ----a-w- C:\text.zip
  97. 2011-10-24 13:29 . 2011-10-24 13:29 94208 ----a-w- c:\windows\SysWow64\QuickTimeVR.qtx
  98. 2011-10-24 13:29 . 2011-10-24 13:29 69632 ----a-w- c:\windows\SysWow64\QuickTime.qts
  99. .
  100. .
  101. ((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
  102. .
  103. .
  104. *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
  105. REGEDIT4
  106. .
  107. [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseNormal]
  108. @="{C5994560-53D9-4125-87C9-F193FC689CB2}"
  109. [HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}]
  110. 2011-06-13 09:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
  111. .
  112. [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseModified]
  113. @="{C5994561-53D9-4125-87C9-F193FC689CB2}"
  114. [HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}]
  115. 2011-06-13 09:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
  116. .
  117. [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseConflict]
  118. @="{C5994562-53D9-4125-87C9-F193FC689CB2}"
  119. [HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}]
  120. 2011-06-13 09:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
  121. .
  122. [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseLocked]
  123. @="{C5994563-53D9-4125-87C9-F193FC689CB2}"
  124. [HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}]
  125. 2011-06-13 09:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
  126. .
  127. [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseReadOnly]
  128. @="{C5994564-53D9-4125-87C9-F193FC689CB2}"
  129. [HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}]
  130. 2011-06-13 09:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
  131. .
  132. [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseDeleted]
  133. @="{C5994565-53D9-4125-87C9-F193FC689CB2}"
  134. [HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}]
  135. 2011-06-13 09:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
  136. .
  137. [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseAdded]
  138. @="{C5994566-53D9-4125-87C9-F193FC689CB2}"
  139. [HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}]
  140. 2011-06-13 09:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
  141. .
  142. [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\8TortoiseIgnored]
  143. @="{C5994567-53D9-4125-87C9-F193FC689CB2}"
  144. [HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}]
  145. 2011-06-13 09:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
  146. .
  147. [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\9TortoiseUnversioned]
  148. @="{C5994568-53D9-4125-87C9-F193FC689CB2}"
  149. [HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}]
  150. 2011-06-13 09:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
  151. .
  152. [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
  153. @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
  154. [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
  155. 2011-10-31 21:02 94208 ----a-w- c:\users\natinusala\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
  156. .
  157. [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
  158. @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
  159. [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
  160. 2011-10-31 21:02 94208 ----a-w- c:\users\natinusala\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
  161. .
  162. [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
  163. @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
  164. [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
  165. 2011-10-31 21:02 94208 ----a-w- c:\users\natinusala\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
  166. .
  167. [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
  168. @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
  169. [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
  170. 2011-10-31 21:02 94208 ----a-w- c:\users\natinusala\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
  171. .
  172. [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
  173. "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-01 59240]
  174. "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-12-08 421736]
  175. "avp"="c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe" [2011-04-24 202296]
  176. .
  177. [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
  178. "ConsentPromptBehaviorUser"= 3 (0x3)
  179. "EnableUIADesktopToggle"= 0 (0x0)
  180. .
  181. [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
  182. Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
  183. .
  184. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CLPSLS]
  185. @="Service"
  186. .
  187. [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
  188. "DisableMonitoring"=dword:00000001
  189. .
  190. R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
  191. R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys [x]
  192. R3 EverestDriver;Lavalys EVEREST Kernel Driver;c:\program files (x86)\Lavalys\EVEREST Ultimate Edition\kerneld.amd64 [x]
  193. R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 51740536]
  194. R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
  195. R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
  196. R3 phaudlwr;Philips Audio Filter;c:\windows\system32\DRIVERS\phaudlwr.sys [x]
  197. R3 SPC520;Philips SPC520NC PC Camera;c:\windows\system32\drivers\SPC520.sys [x]
  198. R3 SPC520m;Philips SPC520NC PC Cameram;c:\windows\system32\drivers\SPC520m.sys [x]
  199. R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
  200. R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
  201. S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
  202. S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
  203. S1 kl2;kl2;c:\windows\system32\DRIVERS\kl2.sys [x]
  204. S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys [x]
  205. S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
  206. S2 aksdf;aksdf;c:\windows\system32\drivers\aksdf.sys [x]
  207. S2 CLPSLS;COMODO livePCsupport Service;c:\program files\COMODO\COMODO GeekBuddy\CLPSLS.exe [2011-11-23 1267000]
  208. S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-08-03 379496]
  209. S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2011-12-02 2923392]
  210. S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys [x]
  211. S3 MEIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
  212. S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [x]
  213. S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [x]
  214. S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]
  215. S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
  216. S3 SaiK0CCB;SaiK0CCB;c:\windows\system32\DRIVERS\SaiK0CCB.sys [x]
  217. S3 SaiU0CCB;SaiU0CCB;c:\windows\system32\DRIVERS\SaiU0CCB.sys [x]
  218. .
  219. .
  220. Contenu du dossier 'Tâches planifiées'
  221. .
  222. 2012-01-01 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-933837062-1086551996-2592468455-1000Core.job
  223. - c:\users\natinusala\AppData\Local\Google\Update\GoogleUpdate.exe [2011-07-13 17:49]
  224. .
  225. 2012-01-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-933837062-1086551996-2592468455-1000UA.job
  226. - c:\users\natinusala\AppData\Local\Google\Update\GoogleUpdate.exe [2011-07-13 17:49]
  227. .
  228. .
  229. --------- x86-64 -----------
  230. .
  231. .
  232. [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseNormal]
  233. @="{C5994560-53D9-4125-87C9-F193FC689CB2}"
  234. [HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}]
  235. 2011-06-13 09:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
  236. .
  237. [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseModified]
  238. @="{C5994561-53D9-4125-87C9-F193FC689CB2}"
  239. [HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}]
  240. 2011-06-13 09:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
  241. .
  242. [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseConflict]
  243. @="{C5994562-53D9-4125-87C9-F193FC689CB2}"
  244. [HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}]
  245. 2011-06-13 09:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
  246. .
  247. [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseLocked]
  248. @="{C5994563-53D9-4125-87C9-F193FC689CB2}"
  249. [HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}]
  250. 2011-06-13 09:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
  251. .
  252. [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseReadOnly]
  253. @="{C5994564-53D9-4125-87C9-F193FC689CB2}"
  254. [HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}]
  255. 2011-06-13 09:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
  256. .
  257. [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseDeleted]
  258. @="{C5994565-53D9-4125-87C9-F193FC689CB2}"
  259. [HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}]
  260. 2011-06-13 09:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
  261. .
  262. [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseAdded]
  263. @="{C5994566-53D9-4125-87C9-F193FC689CB2}"
  264. [HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}]
  265. 2011-06-13 09:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
  266. .
  267. [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\8TortoiseIgnored]
  268. @="{C5994567-53D9-4125-87C9-F193FC689CB2}"
  269. [HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}]
  270. 2011-06-13 09:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
  271. .
  272. [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\9TortoiseUnversioned]
  273. @="{C5994568-53D9-4125-87C9-F193FC689CB2}"
  274. [HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}]
  275. 2011-06-13 09:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
  276. .
  277. [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
  278. @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
  279. [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
  280. 2011-10-31 21:02 97792 ----a-w- c:\users\natinusala\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
  281. .
  282. [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
  283. @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
  284. [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
  285. 2011-10-31 21:02 97792 ----a-w- c:\users\natinusala\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
  286. .
  287. [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
  288. @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
  289. [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
  290. 2011-10-31 21:02 97792 ----a-w- c:\users\natinusala\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
  291. .
  292. [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
  293. @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
  294. [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
  295. 2011-10-31 21:02 97792 ----a-w- c:\users\natinusala\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
  296. .
  297. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  298. "SaiMfd"="c:\program files\Saitek\SD6\Software\SaiMfd.exe" [2010-07-29 158208]
  299. .
  300. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
  301. "LoadAppInit_DLLs"=0x1
  302. .
  303. ------- Examen supplémentaire -------
  304. .
  305. uLocal Page = c:\windows\system32\blank.htm
  306. uStart Page = about:blank
  307. mStart Page = about:blank
  308. mLocal Page = c:\windows\SysWOW64\blank.htm
  309. uInternet Settings,ProxyOverride = *.local
  310. uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
  311. IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
  312. IE: Ajouter à l'Anti-bannière - c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ie_banner_deny.htm
  313. IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
  314. TCP: DhcpNameServer = 192.168.0.1
  315. FF - ProfilePath - c:\users\natinusala\AppData\Roaming\Mozilla\Firefox\Profiles\mqh7yryu.default\
  316. .
  317. - - - - ORPHELINS SUPPRIMES - - - -
  318. .
  319. SafeBoot-60156003.sys
  320. AddRemove-InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996} - c:\program files (x86)\InstallShield Installation Information\{5442DAB8-7177-49E1-8B22-09A049EA5996}\setup.exe
  321. AddRemove-InstallShield_{FC8A7918-D65D-440C-9596-C88185E8DCA4} - c:\program files (x86)\InstallShield Installation Information\{FC8A7918-D65D-440C-9596-C88185E8DCA4}\setup.exe
  322. AddRemove-NVIDIA StereoUSB Driver - c:\program files (x86)\InstallShield Installation Information\{714B9C6C-70FC-4750-98E2-61520B906C45}\setup.exe
  323. AddRemove-{63CEA2E4-4FE7-4F2C-B388-C1313D24157C} - c:\program files (x86)\InstallShield Installation Information\{63CEA2E4-4FE7-4F2C-B388-C1313D24157C}\setup.exe
  324. AddRemove-{8833FFB6-5B0C-4764-81AA-06DFEED9A476} - c:\program files (x86)\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\Setup.Exe
  325. AddRemove-{888F1505-C2B3-4FDE-835D-36353EBD4754} - c:\program files (x86)\InstallShield Installation Information\{888F1505-C2B3-4FDE-835D-36353EBD4754}\setup.exe
  326. AddRemove-{9DF0196F-B6B8-4C3A-8790-DE42AA530101} - c:\program files (x86)\InstallShield Installation Information\{9DF0196F-B6B8-4C3A-8790-DE42AA530101}\setup.exe
  327. AddRemove-{C07F8D75-7A8D-400E-A8F9-A3F396B49BB1} - c:\program files (x86)\InstallShield Installation Information\{C07F8D75-7A8D-400E-A8F9-A3F396B49BB1}\SPORE_BP1Setup.exe
  328. AddRemove-UnityWebPlayer - c:\users\natinusala\AppData\Local\Unity\WebPlayer\Uninstall.exe
  329. .
  330. .
  331. .
  332. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\EverestDriver]
  333. "ImagePath"="\??\c:\program files (x86)\Lavalys\EVEREST Ultimate Edition\kerneld.amd64"
  334. .
  335. --------------------- CLES DE REGISTRE BLOQUEES ---------------------
  336. .
  337. [HKEY_USERS\S-1-5-21-933837062-1086551996-2592468455-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
  338. @Denied: (2) (S-1-5-21-933837062-1086551996-2592468455-1000)
  339. @Denied: (2) (LocalSystem)
  340. "Progid"="ThunderbirdEML"
  341. .
  342. [HKEY_USERS\S-1-5-21-933837062-1086551996-2592468455-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
  343. @Denied: (2) (LocalSystem)
  344. "Progid"="WindowsLiveMail.VCard.1"
  345. .
  346. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BEB3C0C7-B648-4257-96D9-B5D024816E27}\Version*Version]
  347. "Version"=hex:d8,95,48,f3,d6,e0,2a,38,96,5e,4a,19,1a,31,1b,ef,9e,df,20,41,bc,
  348. 2f,cd,8a,db,3f,61,d1,a7,08,c2,27,66,8d,ec,cd,0b,10,07,a5,7c,ac,7a,6d,ba,d2,\
  349. .
  350. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
  351. @Denied: (A 2) (Everyone)
  352. @="FlashBroker"
  353. "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe,-101"
  354. .
  355. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
  356. "Enabled"=dword:00000001
  357. .
  358. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
  359. @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe"
  360. .
  361. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
  362. @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
  363. .
  364. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
  365. @Denied: (A 2) (Everyone)
  366. @="Shockwave Flash Object"
  367. .
  368. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
  369. @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"
  370. "ThreadingModel"="Apartment"
  371. .
  372. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
  373. @="0"
  374. .
  375. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
  376. @="ShockwaveFlash.ShockwaveFlash.10"
  377. .
  378. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
  379. @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"
  380. .
  381. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
  382. @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
  383. .
  384. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
  385. @="1.0"
  386. .
  387. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
  388. @="ShockwaveFlash.ShockwaveFlash"
  389. .
  390. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
  391. @Denied: (A 2) (Everyone)
  392. @="Macromedia Flash Factory Object"
  393. .
  394. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
  395. @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"
  396. "ThreadingModel"="Apartment"
  397. .
  398. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
  399. @="FlashFactory.FlashFactory.1"
  400. .
  401. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
  402. @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"
  403. .
  404. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
  405. @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
  406. .
  407. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
  408. @="1.0"
  409. .
  410. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
  411. @="FlashFactory.FlashFactory"
  412. .
  413. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
  414. @Denied: (A 2) (Everyone)
  415. @="IFlashBroker4"
  416. .
  417. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
  418. @="{00020424-0000-0000-C000-000000000046}"
  419. .
  420. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
  421. @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
  422. "Version"="1.0"
  423. .
  424. [HKEY_LOCAL_MACHINE\SOFTWARE\Minnetonka Audio Software\SurCode Dolby Digital Premiere\Version*Version]
  425. "Version"=hex:d8,95,48,f3,d6,e0,2a,38,96,5e,4a,19,1a,31,1b,ef,9e,df,20,41,bc,
  426. 2f,cd,8a,db,3f,61,d1,a7,08,c2,27,66,8d,ec,cd,0b,10,07,a5,7c,ac,7a,6d,ba,d2,\
  427. .
  428. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
  429. @Denied: (Full) (Everyone)
  430. .
  431. ------------------------ Autres processus actifs ------------------------
  432. .
  433. c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
  434. c:\program files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
  435. .
  436. **************************************************************************
  437. .
  438. Heure de fin: 2012-01-06 22:42:36 - La machine a redémarré
  439. ComboFix-quarantined-files.txt 2012-01-06 21:42
  440. .
  441. Avant-CF: 622 735 785 984 octets libres
  442. Après-CF: 635 193 524 224 octets libres
  443. .
  444. - - End Of File - - A6383E5ECF0352F1DC7DC57419442687
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!