Publicité
Publicité
Format du document : text/plain
Prévisualisation
ComboFix 14-07-14.01 - ASUS 2014-07-14 15:04:18.1.4 - x86
Microsoft Windows 7 Professionnel 6.1.7601.1.1252.1.1036.18.2264.1090 [GMT -4:00]
Lanc� depuis: c:\downloads\Software\ComboFix.exe
AV: AVG AntiVirus Free Edition 2014 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: AVG AntiVirus Free Edition 2014 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Un nouveau point de restauration a �t� cr��
.
/wow section - STAGE 3
.
.
((((((((((((((((((((((((((((( Fichiers cr��s du 2014-06-14 au 2014-07-14 ))))))))))))))))))))))))))))))))))))
.
.
2014-07-14 19:18 . 2014-07-14 19:18 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-07-14 18:30 . 2014-07-14 18:30 39464 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{0A6CDB1F-D90A-440F-A346-4AEB8283B696}\MpKslad5f87cd.sys
2014-07-13 20:05 . 2014-06-05 10:54 8140904 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{0A6CDB1F-D90A-440F-A346-4AEB8283B696}\mpengine.dll
2014-07-13 20:04 . 2014-07-13 20:04 -------- d-----w- C:\BigFishCache
2014-07-12 20:17 . 2014-07-12 20:17 -------- d-----w- c:\programdata\GlarySoft
2014-07-12 20:17 . 2014-07-12 20:17 17088 ----a-w- c:\windows\system32\drivers\GUBootStartup.sys
2014-07-12 20:17 . 2014-07-13 16:54 -------- d-----w- c:\users\ASUS\AppData\Roaming\DiskDefrag
2014-07-12 20:17 . 2014-07-02 09:10 101664 ----a-w- c:\windows\system32\BootDefrag.exe
2014-07-12 20:17 . 2014-07-01 07:52 16064 ----a-w- c:\windows\system32\drivers\BootDefragDriver.sys
2014-07-12 20:17 . 2014-07-12 20:17 -------- d-----w- c:\program files\Glary Utilities 5
2014-07-12 18:44 . 2014-07-12 18:45 -------- d-----w- c:\users\ASUS\AppData\Roaming\Arcanika
2014-07-12 18:15 . 2014-06-05 10:54 8140904 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-07-12 15:54 . 2014-07-12 16:00 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2014-07-12 14:33 . 2014-05-02 18:14 765968 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{06350671-88C5-42C5-817F-DADAEF8D02E3}\gapaengine.dll
2014-07-12 00:24 . 2014-07-12 00:24 -------- d-----w- C:\Bernard Tremblay
2014-07-11 21:04 . 2014-07-11 21:04 14886400 ----a-w- c:\windows\system32\QtGuid4.dll
2014-07-11 21:00 . 2014-07-11 21:00 -------- d-----w- c:\programdata\Logs
2014-07-11 20:33 . 2006-11-29 17:06 3426072 ----a-w- c:\windows\system32\d3dx9_32.dll
2014-07-11 20:31 . 2014-07-11 20:33 -------- d-----w- c:\program files\Arcanika
2014-07-11 18:13 . 2014-07-12 19:56 -------- d-----w- c:\users\Bernard
2014-07-11 15:50 . 2014-07-11 15:50 -------- d-----w- c:\program files\Legends of Solitaire - La Malediction Draconique
2014-07-11 15:47 . 2014-07-11 15:47 -------- d-----w- c:\program files\bfgclient
2014-07-10 17:24 . 2014-07-14 18:56 -------- d-----w- c:\users\ASUS\AppData\Roaming\Free Download Manager
2014-07-10 17:21 . 2014-07-10 17:21 -------- d-----w- c:\programdata\Doctor Web
2014-07-09 18:03 . 2014-07-10 23:50 29160 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2014-07-09 18:03 . 2014-07-09 18:03 -------- d-----w- c:\programdata\RogueKiller
2014-07-09 17:53 . 2014-06-27 09:54 40064 ----a-w- c:\windows\system32\drivers\iSafeKrnlBoot.sys
2014-07-08 20:48 . 2014-07-08 20:48 -------- d-----w- c:\users\ASUS\AppData\Roaming\8floor
2014-07-08 20:09 . 2010-08-30 12:34 536576 ----a-w- c:\windows\system32\sqlite3.dll
2014-07-08 19:06 . 2014-07-10 01:06 512 ----a-w- C:\PhysicalDisk0_MBR.bin
2014-07-08 18:53 . 2014-07-11 00:50 -------- d-----w- c:\users\ASUS\AppData\Roaming\ZHP
2014-07-08 18:53 . 2014-07-10 01:06 -------- d-----w- c:\program files\ZHPDiag
2014-07-08 18:25 . 2014-06-03 09:29 936960 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2014-07-08 18:23 . 2014-05-30 07:52 247808 ----a-w- c:\windows\system32\schannel.dll
2014-07-08 18:23 . 2014-05-30 07:52 550912 ----a-w- c:\windows\system32\kerberos.dll
2014-07-08 18:23 . 2014-05-30 07:52 220160 ----a-w- c:\windows\system32\ncrypt.dll
2014-07-08 18:23 . 2014-05-30 07:52 259584 ----a-w- c:\windows\system32\msv1_0.dll
2014-07-08 18:23 . 2014-05-30 07:52 172032 ----a-w- c:\windows\system32\wdigest.dll
2014-07-08 18:23 . 2014-05-30 07:52 65536 ----a-w- c:\windows\system32\TSpkg.dll
2014-07-08 18:23 . 2014-05-30 07:52 17408 ----a-w- c:\windows\system32\credssp.dll
2014-07-08 18:22 . 2014-06-05 14:26 1059840 ----a-w- c:\windows\system32\lsasrv.dll
2014-07-07 19:57 . 2014-07-07 20:42 -------- d-----w- c:\program files\Dream Vacation Solitaire
2014-07-04 00:04 . 2014-07-13 19:49 -------- d-----w- C:\AdwCleaner
2014-07-03 19:39 . 2014-07-03 19:39 -------- d-----w- c:\programdata\TreeCardGames
2014-07-03 19:37 . 2014-07-03 19:37 -------- d-----w- c:\users\ASUS\AppData\Roaming\TreeCardGames
2014-07-03 19:36 . 2014-07-07 20:42 -------- d-----w- c:\program files\Free FreeCell Solitaire
2014-07-01 16:46 . 2014-07-11 20:31 -------- d-----w- C:\Temp
2014-06-30 17:55 . 2014-07-07 20:33 -------- d-----w- c:\program files\Linksys
2014-06-30 17:51 . 2014-06-30 17:51 -------- d-----w- c:\programdata\Linksys
2014-06-29 18:52 . 2014-06-29 18:52 -------- d-----w- c:\programdata\ATI
2014-06-29 18:51 . 2014-06-29 18:51 -------- d-----w- c:\users\ASUS\AppData\Local\AppEx Networks
2014-06-29 18:50 . 2014-07-13 21:47 65536 ----a-w- c:\windows\system32\spu_storage.bin
2014-06-29 18:43 . 2014-06-29 18:43 -------- d-----w- c:\users\ASUS\AppData\Roaming\library_dir
2014-06-29 18:42 . 2014-07-07 20:40 -------- d-----w- c:\users\ASUS\AppData\Roaming\Raptr
2014-06-29 18:42 . 2014-07-07 20:36 -------- d-----w- c:\program files\Raptr
2014-06-29 18:41 . 2014-03-28 15:52 184032 ----a-w- c:\windows\system32\drivers\appexDrv.sys
2014-06-29 18:41 . 2014-07-07 20:33 -------- d-----w- c:\program files\AMD Quick Stream
2014-06-29 18:41 . 2014-07-07 20:33 -------- d-----w- c:\program files\AMD AVT
2014-06-29 18:38 . 2012-08-28 12:27 45736 ----a-w- c:\windows\system32\drivers\usbfilter.sys
2014-06-23 16:15 . 2014-06-23 16:15 123544 ----a-w- c:\windows\system32\drivers\RapportKELL.sys
2014-06-18 18:59 . 2014-06-18 19:02 -------- d-----w- c:\program files\Dark Manor - A Hidden Object Mystery
2014-06-17 20:22 . 2014-06-17 20:22 188696 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2014-06-17 20:21 . 2014-06-17 20:21 197400 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2014-06-17 20:18 . 2014-06-17 20:18 241944 ----a-w- c:\windows\system32\drivers\avglogx.sys
2014-06-17 20:17 . 2014-06-17 20:17 147736 ----a-w- c:\windows\system32\drivers\avgidshx.sys
2014-06-17 20:06 . 2014-06-17 20:06 199960 ----a-w- c:\windows\system32\drivers\avgidsdriverx.sys
2014-06-17 20:06 . 2014-06-17 20:06 121624 ----a-w- c:\windows\system32\drivers\avgdiskx.sys
2014-06-17 20:06 . 2014-06-17 20:06 98584 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2014-06-17 20:06 . 2014-06-17 20:06 27416 ----a-w- c:\windows\system32\drivers\avgrkx86.sys
2014-06-17 20:06 . 2014-06-17 20:06 21272 ----a-w- c:\windows\system32\drivers\avgidsshimx.sys
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-07-09 17:29 . 2014-04-30 19:10 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-07-09 17:29 . 2014-04-30 19:10 699056 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-07-08 19:57 . 2014-03-28 17:17 13464 ----a-w- c:\windows\system32\drivers\SWDUMon.sys
2014-06-19 05:28 . 2013-10-25 19:41 36152 ----a-w- c:\windows\system32\TURegOpt.exe
2014-06-19 05:28 . 2014-05-02 19:33 25400 ----a-w- c:\windows\system32\authuitu.dll
2014-06-19 05:28 . 2014-04-01 14:53 35640 ----a-w- c:\windows\system32\uxtuneup.dll
2014-05-08 09:06 . 2014-06-12 18:40 2742784 ----a-w- c:\windows\system32\rdpcorets.dll
2014-05-08 09:06 . 2014-06-12 18:40 13824 ----a-w- c:\windows\system32\RdpGroupPolicyExtension.dll
2014-05-02 18:14 . 2013-10-18 17:48 765968 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2014-04-25 02:06 . 2014-06-12 21:33 626688 ----a-w- c:\windows\system32\usp10.dll
2014-04-18 02:43 . 2014-04-18 02:43 117560 ----a-w- c:\windows\system32\amdhcp32.dll
2014-04-18 02:43 . 2014-04-18 02:43 71704 ----a-w- c:\windows\system32\atimpc32.dll
2014-04-18 02:43 . 2014-04-18 02:43 71704 ----a-w- c:\windows\system32\amdpcom32.dll
2014-04-18 02:42 . 2013-09-05 08:01 126336 ----a-w- c:\windows\system32\atiuxpag.dll
2014-04-18 02:42 . 2014-04-18 02:42 99520 ----a-w- c:\windows\system32\atiu9pag.dll
2014-04-18 02:42 . 2013-09-05 08:01 1117184 ----a-w- c:\windows\system32\aticfx32.dll
2014-04-18 02:42 . 2013-09-05 08:01 8866928 ----a-w- c:\windows\system32\atidxx32.dll
2014-04-18 02:42 . 2014-04-18 02:42 6796592 ----a-w- c:\windows\system32\atiumdva.dll
2014-04-18 02:42 . 2014-04-18 02:42 6799688 ----a-w- c:\windows\system32\atiumdag.dll
2014-04-18 02:39 . 2014-04-18 02:39 247520 ----a-w- c:\windows\system32\drivers\amdacpksd.sys
2014-04-18 02:35 . 2014-04-18 02:35 13515264 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2014-04-18 02:28 . 2014-04-18 02:28 38912 ----a-w- c:\windows\system32\kdbsdk32.dll
2014-04-18 02:23 . 2014-04-18 02:23 200704 ----a-w- c:\windows\system32\clinfo.exe
2014-04-18 02:22 . 2014-04-18 02:22 83456 ----a-w- c:\windows\system32\OpenVideo.dll
2014-04-18 02:22 . 2014-04-18 02:22 73216 ----a-w- c:\windows\system32\OVDecode.dll
2014-04-18 02:19 . 2014-04-18 02:19 24107520 ----a-w- c:\windows\system32\amdocl.dll
2014-04-18 02:17 . 2014-04-18 02:17 58880 ----a-w- c:\windows\system32\OpenCL.dll
2014-04-18 02:13 . 2014-04-18 02:13 113664 ----a-w- c:\windows\system32\mantle32.dll
2014-04-18 01:58 . 2014-04-18 01:58 4358656 ----a-w- c:\windows\system32\amdmantle32.dll
2014-04-18 01:51 . 2014-04-18 01:51 23409152 ----a-w- c:\windows\system32\atioglxx.dll
2014-04-18 01:46 . 2014-04-18 01:46 368128 ----a-w- c:\windows\system32\atiapfxx.exe
2014-04-18 01:46 . 2014-04-18 01:46 52224 ----a-w- c:\windows\system32\aticalrt.dll
2014-04-18 01:46 . 2014-04-18 01:46 49152 ----a-w- c:\windows\system32\aticalcl.dll
2014-04-18 01:45 . 2014-04-18 01:45 85504 ----a-w- c:\windows\system32\mantleaxl32.dll
2014-04-18 01:42 . 2014-04-18 01:42 14302208 ----a-w- c:\windows\system32\aticaldd.dll
2014-04-18 01:33 . 2014-04-18 01:33 37888 ----a-w- c:\windows\system32\amdmmcl.dll
2014-04-18 01:30 . 2014-04-18 01:30 442368 ----a-w- c:\windows\system32\atidemgy.dll
2014-04-18 01:29 . 2014-04-18 01:29 30720 ----a-w- c:\windows\system32\atimuixx.dll
2014-04-18 01:29 . 2014-04-18 01:29 491520 ----a-w- c:\windows\system32\atieclxx.exe
2014-04-18 01:29 . 2014-04-18 01:29 208896 ----a-w- c:\windows\system32\atiesrxx.exe
2014-04-18 01:28 . 2014-04-18 01:28 164352 ----a-w- c:\windows\system32\atitmmxx.dll
2014-04-18 01:21 . 2014-04-18 01:21 616960 ----a-w- c:\windows\system32\coinst_14.100.dll
2014-04-18 01:08 . 2014-04-18 01:08 848896 ----a-w- c:\windows\system32\atiadlxx.dll
2014-04-18 01:08 . 2014-04-18 01:08 90112 ----a-w- c:\windows\system32\amdave32.dll
2014-04-18 01:08 . 2014-04-18 01:08 80896 ----a-w- c:\windows\system32\atisamu32.dll
2014-04-18 01:07 . 2014-04-18 01:07 69632 ----a-w- c:\windows\system32\atiglpxx.dll
2014-04-18 01:07 . 2014-04-18 01:07 133632 ----a-w- c:\windows\system32\atigktxx.dll
2014-04-18 01:06 . 2014-04-18 01:06 512000 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2014-04-18 01:04 . 2014-04-18 01:04 43520 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2013-10-16 16:39 . 2013-10-16 16:39 774144 ----a-w- c:\program files\RngInterstitial.dll
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les �l�ments vides & les �l�ments initiaux l�gitimes ne sont pas list�s
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2013-10-19 17:25 222712 ----a-w- c:\users\ASUS\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2013-10-19 17:25 222712 ----a-w- c:\users\ASUS\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2013-10-19 17:25 222712 ----a-w- c:\users\ASUS\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ShareOverlay]
@="{594D4122-1F87-41E2-96C7-825FB4796516}"
[HKEY_CLASSES_ROOT\CLSID\{594D4122-1F87-41E2-96C7-825FB4796516}]
2013-10-20 22:47 627712 ----a-w- c:\program files\Classic Shell\ClassicExplorer32.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Screenseven News"="c:\program files\OXXOGames\VIVAGPlayer\GameCenterNotifier.exe" [2013-12-06 483400]
"GUDelayStartup"="c:\program files\Glary Utilities 5\StartupManager.exe" [2014-07-02 37152]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AVG_UI"="c:\program files\AVG\AVG2014\avgui.exe" [2014-06-17 5179408]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2014-03-11 951576]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RtHDVBg.exe" [2000-01-01 1013616]
"Classic Start Menu"="c:\program files\Classic Shell\ClassicStartMenu.exe" [2014-01-18 150208]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI.exe" [2000-01-01 6667992]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk * \0BootDefrag.exe
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2013-11-21 16:57 959904 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppEx Accelerator UI]
2014-03-31 21:12 370912 ----a-w- c:\program files\AMD Quick Stream\AMDQuickStream.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2013-04-22 01:43 59720 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Raptr]
2014-06-24 20:00 55360 ----a-w- c:\progra~1\Raptr\raptrstub.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2013-11-14 21:42 20584608 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
2014-04-18 02:38 748256 ----a-w- c:\program files\ATI Technologies\ATI.ACE\Core-Static\x86\CLIStart.exe
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"ConduitFloatingPlugin_fdkednngfjmpnljkolbapdednncafhen"="c:\windows\system32\Rundll32.exe" "c:\program files\Conduit\CT3298566\plugins\TBVerifier.dll",RunConduitFloatingPlugin fdkednngfjmpnljkolbapdednncafhen
"ConduitFloatingPlugin_oahepomnpijmejhllnialnkhnadmcjdp"="c:\windows\system32\Rundll32.exe" "c:\program files\Conduit\CT3287808\plugins\TBVerifier.dll",RunConduitFloatingPlugin oahepomnpijmejhllnialnkhnadmcjdp
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\x86\CLIStart.exe" MSRun
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" -hide -runkey
"NeroFilterCheck"=c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
.
R2 AODDriver4.3;AODDriver4.3;c:\program files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys [2014-02-11 50400]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2014\avgidsagent.exe [2014-06-27 3241488]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2014-06-18 108032]
R3 iSafeKrnlBoot;iSafeKrnl Boot Driver;c:\windows\system32\DRIVERS\iSafeKrnlBoot.sys [2014-06-27 40064]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2014-07-12 40776]
R3 RapportKELL;RapportKELL;c:\windows\system32\Drivers\RapportKELL.sys [2014-06-23 123544]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 14848]
R3 SWDUMon;SWDUMon;c:\windows\system32\DRIVERS\SWDUMon.sys [2014-07-08 13464]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2013-10-02 49152]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 27136]
R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2013-09-21 1343400]
R4 OfficeSvc;Service Microsoft Office;c:\program files\Microsoft Office 15\ClientX86\integratedoffice.exe [2013-11-02 1320120]
R4 ogmservice;Online Games Manager;c:\program files\Online Games Manager\ogmservice.exe [2014-03-27 581568]
R4 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2013-10-23 172192]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys [2013-11-06 71400]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys [2013-11-06 35560]
S0 AVGIDSHX;AVGIDSHX;c:\windows\system32\DRIVERS\avgidshx.sys [2014-06-17 147736]
S0 Avglogx;AVG Logging Driver;c:\windows\system32\DRIVERS\avglogx.sys [2014-06-17 241944]
S0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx86.sys [2014-06-17 27416]
S0 BootDefragDriver;BootDefragDriver;c:\windows\System32\drivers\BootDefragDriver.sys [2014-07-01 16064]
S0 GUBootStartup;GUBootStartup;c:\windows\System32\drivers\GUBootStartup.sys [2014-07-12 17088]
S1 Avgdiskx;AVG Disk Driver;c:\windows\system32\DRIVERS\avgdiskx.sys [2014-06-17 121624]
S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdriverx.sys [2014-06-17 199960]
S1 AVGIDSShim;AVGIDSShim;c:\windows\system32\DRIVERS\avgidsshimx.sys [2014-06-17 21272]
S1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx86.sys [2014-06-17 188696]
S1 Avgtdix;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdix.sys [2014-06-17 197400]
S1 MpKslad5f87cd;MpKslad5f87cd;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{0A6CDB1F-D90A-440F-A346-4AEB8283B696}\MpKslad5f87cd.sys [2014-07-14 39464]
S1 RapportCerberus_69108;RapportCerberus_69108;c:\programdata\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus32_69108.sys [2014-07-01 358040]
S1 RapportEI;RapportEI;c:\program files\Trusteer\Rapport\bin\RapportEI.sys [2014-06-23 171000]
S1 RapportPG;RapportPG;c:\program files\Trusteer\Rapport\bin\RapportPG.sys [2014-06-23 249688]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2014-04-18 208896]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2014-04-18 276992]
S2 AODDriver4.2.0;AODDriver4.2.0;c:\program files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys [2014-02-11 50400]
S2 APXACC;AppEx Networks Accelerator LWF;c:\windows\system32\DRIVERS\appexDrv.sys [2014-03-28 184032]
S2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2014\avgwdsvc.exe [2014-06-17 289328]
S2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2014-03-11 104264]
S2 RapportMgmtService;Rapport Management Service;c:\program files\Trusteer\Rapport\bin\RapportMgmtService.exe [2014-06-23 1886488]
S2 TuneUp.UtilitiesSvc;AVG PC TuneUp Service;c:\program files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe [2014-06-19 1857336]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys [2012-08-20 110408]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys [2012-08-20 331080]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [2013-12-19 77824]
S3 NisSrv;Inspection du r�seau Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe [2014-03-11 279776]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2013-07-09 208600]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2013-06-18 669912]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver32.sys [2013-09-18 12320]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [2012-08-28 45736]
.
.
--- Autres Services/Pilotes en m�moire ---
.
*NewlyCreated* - MPKSLAD5F87CD
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Contenu du dossier 'T�ches planifi�es'
.
2014-07-14 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-30 17:29]
.
2014-07-14 c:\windows\Tasks\GlaryInitialize 5.job
- c:\program files\Glary Utilities 5\Initialize.exe [2014-07-02 09:08]
.
.
------- Examen suppl�mentaire -------
.
uStart Page = hxxp://affaires.lapresse.ca/bourse/
mStart Page = about:blank
uInternet Settings,ProxyOverride =
IE: E&xport to Microsoft Excel - c:\program files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
IE: Scanner avec Dr.Web - http://www.drweb.com/static/online/drweb-online-fr.html
IE: Se&nd to OneNote - c:\program files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
IE: Tout t�l�charger avec Free Download Manager - file://c:\program files\Free Download Manager\dlall.htm
IE: T�l�charger avec Free Download Manager - file://c:\program files\Free Download Manager\dllink.htm
IE: T�l�charger la s�lection avec Free Download Manager - file://c:\program files\Free Download Manager\dlselected.htm
IE: T�l�charger la vid�o avec Free Download Manager - file://c:\program files\Free Download Manager\dlfvideo.htm
TCP: DhcpNameServer = 24.200.241.37 24.202.72.13 24.200.0.1
.
- - - - ORPHELINS SUPPRIMES - - - -
.
AddRemove-Eusing Free Registry Cleaner - c:\progra~1\EUSING~1\UNWISE.EXE
.
.
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Heure de fin: 2014-07-14 15:22:26
ComboFix-quarantined-files.txt 2014-07-14 19:22
.
Avant-CF: 945�219�313�664 octets libres
Apr�s-CF: 945�112�117�248 octets libres
.
- - End Of File - - 53D6CABD1393993C759F2A7122553C32
A36C5E4F47E84449FF07ED3517B43A31
Microsoft Windows 7 Professionnel 6.1.7601.1.1252.1.1036.18.2264.1090 [GMT -4:00]
Lanc� depuis: c:\downloads\Software\ComboFix.exe
AV: AVG AntiVirus Free Edition 2014 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: AVG AntiVirus Free Edition 2014 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Un nouveau point de restauration a �t� cr��
.
/wow section - STAGE 3
.
.
((((((((((((((((((((((((((((( Fichiers cr��s du 2014-06-14 au 2014-07-14 ))))))))))))))))))))))))))))))))))))
.
.
2014-07-14 19:18 . 2014-07-14 19:18 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-07-14 18:30 . 2014-07-14 18:30 39464 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{0A6CDB1F-D90A-440F-A346-4AEB8283B696}\MpKslad5f87cd.sys
2014-07-13 20:05 . 2014-06-05 10:54 8140904 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{0A6CDB1F-D90A-440F-A346-4AEB8283B696}\mpengine.dll
2014-07-13 20:04 . 2014-07-13 20:04 -------- d-----w- C:\BigFishCache
2014-07-12 20:17 . 2014-07-12 20:17 -------- d-----w- c:\programdata\GlarySoft
2014-07-12 20:17 . 2014-07-12 20:17 17088 ----a-w- c:\windows\system32\drivers\GUBootStartup.sys
2014-07-12 20:17 . 2014-07-13 16:54 -------- d-----w- c:\users\ASUS\AppData\Roaming\DiskDefrag
2014-07-12 20:17 . 2014-07-02 09:10 101664 ----a-w- c:\windows\system32\BootDefrag.exe
2014-07-12 20:17 . 2014-07-01 07:52 16064 ----a-w- c:\windows\system32\drivers\BootDefragDriver.sys
2014-07-12 20:17 . 2014-07-12 20:17 -------- d-----w- c:\program files\Glary Utilities 5
2014-07-12 18:44 . 2014-07-12 18:45 -------- d-----w- c:\users\ASUS\AppData\Roaming\Arcanika
2014-07-12 18:15 . 2014-06-05 10:54 8140904 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-07-12 15:54 . 2014-07-12 16:00 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2014-07-12 14:33 . 2014-05-02 18:14 765968 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{06350671-88C5-42C5-817F-DADAEF8D02E3}\gapaengine.dll
2014-07-12 00:24 . 2014-07-12 00:24 -------- d-----w- C:\Bernard Tremblay
2014-07-11 21:04 . 2014-07-11 21:04 14886400 ----a-w- c:\windows\system32\QtGuid4.dll
2014-07-11 21:00 . 2014-07-11 21:00 -------- d-----w- c:\programdata\Logs
2014-07-11 20:33 . 2006-11-29 17:06 3426072 ----a-w- c:\windows\system32\d3dx9_32.dll
2014-07-11 20:31 . 2014-07-11 20:33 -------- d-----w- c:\program files\Arcanika
2014-07-11 18:13 . 2014-07-12 19:56 -------- d-----w- c:\users\Bernard
2014-07-11 15:50 . 2014-07-11 15:50 -------- d-----w- c:\program files\Legends of Solitaire - La Malediction Draconique
2014-07-11 15:47 . 2014-07-11 15:47 -------- d-----w- c:\program files\bfgclient
2014-07-10 17:24 . 2014-07-14 18:56 -------- d-----w- c:\users\ASUS\AppData\Roaming\Free Download Manager
2014-07-10 17:21 . 2014-07-10 17:21 -------- d-----w- c:\programdata\Doctor Web
2014-07-09 18:03 . 2014-07-10 23:50 29160 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2014-07-09 18:03 . 2014-07-09 18:03 -------- d-----w- c:\programdata\RogueKiller
2014-07-09 17:53 . 2014-06-27 09:54 40064 ----a-w- c:\windows\system32\drivers\iSafeKrnlBoot.sys
2014-07-08 20:48 . 2014-07-08 20:48 -------- d-----w- c:\users\ASUS\AppData\Roaming\8floor
2014-07-08 20:09 . 2010-08-30 12:34 536576 ----a-w- c:\windows\system32\sqlite3.dll
2014-07-08 19:06 . 2014-07-10 01:06 512 ----a-w- C:\PhysicalDisk0_MBR.bin
2014-07-08 18:53 . 2014-07-11 00:50 -------- d-----w- c:\users\ASUS\AppData\Roaming\ZHP
2014-07-08 18:53 . 2014-07-10 01:06 -------- d-----w- c:\program files\ZHPDiag
2014-07-08 18:25 . 2014-06-03 09:29 936960 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2014-07-08 18:23 . 2014-05-30 07:52 247808 ----a-w- c:\windows\system32\schannel.dll
2014-07-08 18:23 . 2014-05-30 07:52 550912 ----a-w- c:\windows\system32\kerberos.dll
2014-07-08 18:23 . 2014-05-30 07:52 220160 ----a-w- c:\windows\system32\ncrypt.dll
2014-07-08 18:23 . 2014-05-30 07:52 259584 ----a-w- c:\windows\system32\msv1_0.dll
2014-07-08 18:23 . 2014-05-30 07:52 172032 ----a-w- c:\windows\system32\wdigest.dll
2014-07-08 18:23 . 2014-05-30 07:52 65536 ----a-w- c:\windows\system32\TSpkg.dll
2014-07-08 18:23 . 2014-05-30 07:52 17408 ----a-w- c:\windows\system32\credssp.dll
2014-07-08 18:22 . 2014-06-05 14:26 1059840 ----a-w- c:\windows\system32\lsasrv.dll
2014-07-07 19:57 . 2014-07-07 20:42 -------- d-----w- c:\program files\Dream Vacation Solitaire
2014-07-04 00:04 . 2014-07-13 19:49 -------- d-----w- C:\AdwCleaner
2014-07-03 19:39 . 2014-07-03 19:39 -------- d-----w- c:\programdata\TreeCardGames
2014-07-03 19:37 . 2014-07-03 19:37 -------- d-----w- c:\users\ASUS\AppData\Roaming\TreeCardGames
2014-07-03 19:36 . 2014-07-07 20:42 -------- d-----w- c:\program files\Free FreeCell Solitaire
2014-07-01 16:46 . 2014-07-11 20:31 -------- d-----w- C:\Temp
2014-06-30 17:55 . 2014-07-07 20:33 -------- d-----w- c:\program files\Linksys
2014-06-30 17:51 . 2014-06-30 17:51 -------- d-----w- c:\programdata\Linksys
2014-06-29 18:52 . 2014-06-29 18:52 -------- d-----w- c:\programdata\ATI
2014-06-29 18:51 . 2014-06-29 18:51 -------- d-----w- c:\users\ASUS\AppData\Local\AppEx Networks
2014-06-29 18:50 . 2014-07-13 21:47 65536 ----a-w- c:\windows\system32\spu_storage.bin
2014-06-29 18:43 . 2014-06-29 18:43 -------- d-----w- c:\users\ASUS\AppData\Roaming\library_dir
2014-06-29 18:42 . 2014-07-07 20:40 -------- d-----w- c:\users\ASUS\AppData\Roaming\Raptr
2014-06-29 18:42 . 2014-07-07 20:36 -------- d-----w- c:\program files\Raptr
2014-06-29 18:41 . 2014-03-28 15:52 184032 ----a-w- c:\windows\system32\drivers\appexDrv.sys
2014-06-29 18:41 . 2014-07-07 20:33 -------- d-----w- c:\program files\AMD Quick Stream
2014-06-29 18:41 . 2014-07-07 20:33 -------- d-----w- c:\program files\AMD AVT
2014-06-29 18:38 . 2012-08-28 12:27 45736 ----a-w- c:\windows\system32\drivers\usbfilter.sys
2014-06-23 16:15 . 2014-06-23 16:15 123544 ----a-w- c:\windows\system32\drivers\RapportKELL.sys
2014-06-18 18:59 . 2014-06-18 19:02 -------- d-----w- c:\program files\Dark Manor - A Hidden Object Mystery
2014-06-17 20:22 . 2014-06-17 20:22 188696 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2014-06-17 20:21 . 2014-06-17 20:21 197400 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2014-06-17 20:18 . 2014-06-17 20:18 241944 ----a-w- c:\windows\system32\drivers\avglogx.sys
2014-06-17 20:17 . 2014-06-17 20:17 147736 ----a-w- c:\windows\system32\drivers\avgidshx.sys
2014-06-17 20:06 . 2014-06-17 20:06 199960 ----a-w- c:\windows\system32\drivers\avgidsdriverx.sys
2014-06-17 20:06 . 2014-06-17 20:06 121624 ----a-w- c:\windows\system32\drivers\avgdiskx.sys
2014-06-17 20:06 . 2014-06-17 20:06 98584 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2014-06-17 20:06 . 2014-06-17 20:06 27416 ----a-w- c:\windows\system32\drivers\avgrkx86.sys
2014-06-17 20:06 . 2014-06-17 20:06 21272 ----a-w- c:\windows\system32\drivers\avgidsshimx.sys
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-07-09 17:29 . 2014-04-30 19:10 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-07-09 17:29 . 2014-04-30 19:10 699056 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-07-08 19:57 . 2014-03-28 17:17 13464 ----a-w- c:\windows\system32\drivers\SWDUMon.sys
2014-06-19 05:28 . 2013-10-25 19:41 36152 ----a-w- c:\windows\system32\TURegOpt.exe
2014-06-19 05:28 . 2014-05-02 19:33 25400 ----a-w- c:\windows\system32\authuitu.dll
2014-06-19 05:28 . 2014-04-01 14:53 35640 ----a-w- c:\windows\system32\uxtuneup.dll
2014-05-08 09:06 . 2014-06-12 18:40 2742784 ----a-w- c:\windows\system32\rdpcorets.dll
2014-05-08 09:06 . 2014-06-12 18:40 13824 ----a-w- c:\windows\system32\RdpGroupPolicyExtension.dll
2014-05-02 18:14 . 2013-10-18 17:48 765968 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2014-04-25 02:06 . 2014-06-12 21:33 626688 ----a-w- c:\windows\system32\usp10.dll
2014-04-18 02:43 . 2014-04-18 02:43 117560 ----a-w- c:\windows\system32\amdhcp32.dll
2014-04-18 02:43 . 2014-04-18 02:43 71704 ----a-w- c:\windows\system32\atimpc32.dll
2014-04-18 02:43 . 2014-04-18 02:43 71704 ----a-w- c:\windows\system32\amdpcom32.dll
2014-04-18 02:42 . 2013-09-05 08:01 126336 ----a-w- c:\windows\system32\atiuxpag.dll
2014-04-18 02:42 . 2014-04-18 02:42 99520 ----a-w- c:\windows\system32\atiu9pag.dll
2014-04-18 02:42 . 2013-09-05 08:01 1117184 ----a-w- c:\windows\system32\aticfx32.dll
2014-04-18 02:42 . 2013-09-05 08:01 8866928 ----a-w- c:\windows\system32\atidxx32.dll
2014-04-18 02:42 . 2014-04-18 02:42 6796592 ----a-w- c:\windows\system32\atiumdva.dll
2014-04-18 02:42 . 2014-04-18 02:42 6799688 ----a-w- c:\windows\system32\atiumdag.dll
2014-04-18 02:39 . 2014-04-18 02:39 247520 ----a-w- c:\windows\system32\drivers\amdacpksd.sys
2014-04-18 02:35 . 2014-04-18 02:35 13515264 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2014-04-18 02:28 . 2014-04-18 02:28 38912 ----a-w- c:\windows\system32\kdbsdk32.dll
2014-04-18 02:23 . 2014-04-18 02:23 200704 ----a-w- c:\windows\system32\clinfo.exe
2014-04-18 02:22 . 2014-04-18 02:22 83456 ----a-w- c:\windows\system32\OpenVideo.dll
2014-04-18 02:22 . 2014-04-18 02:22 73216 ----a-w- c:\windows\system32\OVDecode.dll
2014-04-18 02:19 . 2014-04-18 02:19 24107520 ----a-w- c:\windows\system32\amdocl.dll
2014-04-18 02:17 . 2014-04-18 02:17 58880 ----a-w- c:\windows\system32\OpenCL.dll
2014-04-18 02:13 . 2014-04-18 02:13 113664 ----a-w- c:\windows\system32\mantle32.dll
2014-04-18 01:58 . 2014-04-18 01:58 4358656 ----a-w- c:\windows\system32\amdmantle32.dll
2014-04-18 01:51 . 2014-04-18 01:51 23409152 ----a-w- c:\windows\system32\atioglxx.dll
2014-04-18 01:46 . 2014-04-18 01:46 368128 ----a-w- c:\windows\system32\atiapfxx.exe
2014-04-18 01:46 . 2014-04-18 01:46 52224 ----a-w- c:\windows\system32\aticalrt.dll
2014-04-18 01:46 . 2014-04-18 01:46 49152 ----a-w- c:\windows\system32\aticalcl.dll
2014-04-18 01:45 . 2014-04-18 01:45 85504 ----a-w- c:\windows\system32\mantleaxl32.dll
2014-04-18 01:42 . 2014-04-18 01:42 14302208 ----a-w- c:\windows\system32\aticaldd.dll
2014-04-18 01:33 . 2014-04-18 01:33 37888 ----a-w- c:\windows\system32\amdmmcl.dll
2014-04-18 01:30 . 2014-04-18 01:30 442368 ----a-w- c:\windows\system32\atidemgy.dll
2014-04-18 01:29 . 2014-04-18 01:29 30720 ----a-w- c:\windows\system32\atimuixx.dll
2014-04-18 01:29 . 2014-04-18 01:29 491520 ----a-w- c:\windows\system32\atieclxx.exe
2014-04-18 01:29 . 2014-04-18 01:29 208896 ----a-w- c:\windows\system32\atiesrxx.exe
2014-04-18 01:28 . 2014-04-18 01:28 164352 ----a-w- c:\windows\system32\atitmmxx.dll
2014-04-18 01:21 . 2014-04-18 01:21 616960 ----a-w- c:\windows\system32\coinst_14.100.dll
2014-04-18 01:08 . 2014-04-18 01:08 848896 ----a-w- c:\windows\system32\atiadlxx.dll
2014-04-18 01:08 . 2014-04-18 01:08 90112 ----a-w- c:\windows\system32\amdave32.dll
2014-04-18 01:08 . 2014-04-18 01:08 80896 ----a-w- c:\windows\system32\atisamu32.dll
2014-04-18 01:07 . 2014-04-18 01:07 69632 ----a-w- c:\windows\system32\atiglpxx.dll
2014-04-18 01:07 . 2014-04-18 01:07 133632 ----a-w- c:\windows\system32\atigktxx.dll
2014-04-18 01:06 . 2014-04-18 01:06 512000 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2014-04-18 01:04 . 2014-04-18 01:04 43520 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2013-10-16 16:39 . 2013-10-16 16:39 774144 ----a-w- c:\program files\RngInterstitial.dll
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les �l�ments vides & les �l�ments initiaux l�gitimes ne sont pas list�s
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2013-10-19 17:25 222712 ----a-w- c:\users\ASUS\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2013-10-19 17:25 222712 ----a-w- c:\users\ASUS\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2013-10-19 17:25 222712 ----a-w- c:\users\ASUS\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ShareOverlay]
@="{594D4122-1F87-41E2-96C7-825FB4796516}"
[HKEY_CLASSES_ROOT\CLSID\{594D4122-1F87-41E2-96C7-825FB4796516}]
2013-10-20 22:47 627712 ----a-w- c:\program files\Classic Shell\ClassicExplorer32.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Screenseven News"="c:\program files\OXXOGames\VIVAGPlayer\GameCenterNotifier.exe" [2013-12-06 483400]
"GUDelayStartup"="c:\program files\Glary Utilities 5\StartupManager.exe" [2014-07-02 37152]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AVG_UI"="c:\program files\AVG\AVG2014\avgui.exe" [2014-06-17 5179408]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2014-03-11 951576]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RtHDVBg.exe" [2000-01-01 1013616]
"Classic Start Menu"="c:\program files\Classic Shell\ClassicStartMenu.exe" [2014-01-18 150208]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI.exe" [2000-01-01 6667992]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk * \0BootDefrag.exe
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2013-11-21 16:57 959904 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppEx Accelerator UI]
2014-03-31 21:12 370912 ----a-w- c:\program files\AMD Quick Stream\AMDQuickStream.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2013-04-22 01:43 59720 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Raptr]
2014-06-24 20:00 55360 ----a-w- c:\progra~1\Raptr\raptrstub.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2013-11-14 21:42 20584608 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
2014-04-18 02:38 748256 ----a-w- c:\program files\ATI Technologies\ATI.ACE\Core-Static\x86\CLIStart.exe
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"ConduitFloatingPlugin_fdkednngfjmpnljkolbapdednncafhen"="c:\windows\system32\Rundll32.exe" "c:\program files\Conduit\CT3298566\plugins\TBVerifier.dll",RunConduitFloatingPlugin fdkednngfjmpnljkolbapdednncafhen
"ConduitFloatingPlugin_oahepomnpijmejhllnialnkhnadmcjdp"="c:\windows\system32\Rundll32.exe" "c:\program files\Conduit\CT3287808\plugins\TBVerifier.dll",RunConduitFloatingPlugin oahepomnpijmejhllnialnkhnadmcjdp
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\x86\CLIStart.exe" MSRun
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" -hide -runkey
"NeroFilterCheck"=c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
.
R2 AODDriver4.3;AODDriver4.3;c:\program files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys [2014-02-11 50400]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2014\avgidsagent.exe [2014-06-27 3241488]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2014-06-18 108032]
R3 iSafeKrnlBoot;iSafeKrnl Boot Driver;c:\windows\system32\DRIVERS\iSafeKrnlBoot.sys [2014-06-27 40064]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2014-07-12 40776]
R3 RapportKELL;RapportKELL;c:\windows\system32\Drivers\RapportKELL.sys [2014-06-23 123544]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 14848]
R3 SWDUMon;SWDUMon;c:\windows\system32\DRIVERS\SWDUMon.sys [2014-07-08 13464]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2013-10-02 49152]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 27136]
R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2013-09-21 1343400]
R4 OfficeSvc;Service Microsoft Office;c:\program files\Microsoft Office 15\ClientX86\integratedoffice.exe [2013-11-02 1320120]
R4 ogmservice;Online Games Manager;c:\program files\Online Games Manager\ogmservice.exe [2014-03-27 581568]
R4 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2013-10-23 172192]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys [2013-11-06 71400]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys [2013-11-06 35560]
S0 AVGIDSHX;AVGIDSHX;c:\windows\system32\DRIVERS\avgidshx.sys [2014-06-17 147736]
S0 Avglogx;AVG Logging Driver;c:\windows\system32\DRIVERS\avglogx.sys [2014-06-17 241944]
S0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx86.sys [2014-06-17 27416]
S0 BootDefragDriver;BootDefragDriver;c:\windows\System32\drivers\BootDefragDriver.sys [2014-07-01 16064]
S0 GUBootStartup;GUBootStartup;c:\windows\System32\drivers\GUBootStartup.sys [2014-07-12 17088]
S1 Avgdiskx;AVG Disk Driver;c:\windows\system32\DRIVERS\avgdiskx.sys [2014-06-17 121624]
S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdriverx.sys [2014-06-17 199960]
S1 AVGIDSShim;AVGIDSShim;c:\windows\system32\DRIVERS\avgidsshimx.sys [2014-06-17 21272]
S1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx86.sys [2014-06-17 188696]
S1 Avgtdix;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdix.sys [2014-06-17 197400]
S1 MpKslad5f87cd;MpKslad5f87cd;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{0A6CDB1F-D90A-440F-A346-4AEB8283B696}\MpKslad5f87cd.sys [2014-07-14 39464]
S1 RapportCerberus_69108;RapportCerberus_69108;c:\programdata\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus32_69108.sys [2014-07-01 358040]
S1 RapportEI;RapportEI;c:\program files\Trusteer\Rapport\bin\RapportEI.sys [2014-06-23 171000]
S1 RapportPG;RapportPG;c:\program files\Trusteer\Rapport\bin\RapportPG.sys [2014-06-23 249688]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2014-04-18 208896]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2014-04-18 276992]
S2 AODDriver4.2.0;AODDriver4.2.0;c:\program files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys [2014-02-11 50400]
S2 APXACC;AppEx Networks Accelerator LWF;c:\windows\system32\DRIVERS\appexDrv.sys [2014-03-28 184032]
S2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2014\avgwdsvc.exe [2014-06-17 289328]
S2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2014-03-11 104264]
S2 RapportMgmtService;Rapport Management Service;c:\program files\Trusteer\Rapport\bin\RapportMgmtService.exe [2014-06-23 1886488]
S2 TuneUp.UtilitiesSvc;AVG PC TuneUp Service;c:\program files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe [2014-06-19 1857336]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys [2012-08-20 110408]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys [2012-08-20 331080]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [2013-12-19 77824]
S3 NisSrv;Inspection du r�seau Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe [2014-03-11 279776]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2013-07-09 208600]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2013-06-18 669912]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver32.sys [2013-09-18 12320]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [2012-08-28 45736]
.
.
--- Autres Services/Pilotes en m�moire ---
.
*NewlyCreated* - MPKSLAD5F87CD
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Contenu du dossier 'T�ches planifi�es'
.
2014-07-14 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-30 17:29]
.
2014-07-14 c:\windows\Tasks\GlaryInitialize 5.job
- c:\program files\Glary Utilities 5\Initialize.exe [2014-07-02 09:08]
.
.
------- Examen suppl�mentaire -------
.
uStart Page = hxxp://affaires.lapresse.ca/bourse/
mStart Page = about:blank
uInternet Settings,ProxyOverride =
IE: E&xport to Microsoft Excel - c:\program files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
IE: Scanner avec Dr.Web - http://www.drweb.com/static/online/drweb-online-fr.html
IE: Se&nd to OneNote - c:\program files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
IE: Tout t�l�charger avec Free Download Manager - file://c:\program files\Free Download Manager\dlall.htm
IE: T�l�charger avec Free Download Manager - file://c:\program files\Free Download Manager\dllink.htm
IE: T�l�charger la s�lection avec Free Download Manager - file://c:\program files\Free Download Manager\dlselected.htm
IE: T�l�charger la vid�o avec Free Download Manager - file://c:\program files\Free Download Manager\dlfvideo.htm
TCP: DhcpNameServer = 24.200.241.37 24.202.72.13 24.200.0.1
.
- - - - ORPHELINS SUPPRIMES - - - -
.
AddRemove-Eusing Free Registry Cleaner - c:\progra~1\EUSING~1\UNWISE.EXE
.
.
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Heure de fin: 2014-07-14 15:22:26
ComboFix-quarantined-files.txt 2014-07-14 19:22
.
Avant-CF: 945�219�313�664 octets libres
Apr�s-CF: 945�112�117�248 octets libres
.
- - End Of File - - 53D6CABD1393993C759F2A7122553C32
A36C5E4F47E84449FF07ED3517B43A31