cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

ComboFix 15-04-19.01 - Utilisateur 25/04/2015 18:43:22.1.4 - x64
Microsoft Windows�7 �dition Familiale Premium 6.1.7601.1.1252.33.1036.18.6056.4085 [GMT 2:00]
Lanc� depuis: c:\users\Utilisateur\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BZFUMJX7\ComboFix.exe
AV: Microsoft Security Essentials *Enabled/Updated* {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
SP: Microsoft Security Essentials *Enabled/Updated* {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\msvcr71.dll
.
.
((((((((((((((((((((((((((((( Fichiers cr��s du 2015-03-25 au 2015-04-25 ))))))))))))))))))))))))))))))))))))
.
.
2015-04-25 16:50 . 2015-04-25 16:50 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2015-04-25 16:50 . 2015-04-25 16:50 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-04-25 12:29 . 2015-04-25 12:29 512 ----a-w- C:\PhysicalDisk0_MBR.bin
2015-04-25 10:30 . 2015-04-25 15:04 -------- d-----w- c:\users\Utilisateur\AppData\Roaming\ZHP
2015-04-25 10:30 . 2015-04-25 10:30 -------- d-----w- c:\program files (x86)\ZHPDiag
2015-04-24 18:36 . 2015-04-24 18:39 -------- d-----w- c:\users\Utilisateur\AppData\Local\Microsoft Games
2015-04-24 16:42 . 2015-04-04 06:25 12032440 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{796FE9F9-615C-4FB4-9560-8BFF2DE5221C}\mpengine.dll
2015-04-24 16:36 . 2015-03-14 03:21 82944 ----a-w- c:\windows\system32\dwmapi.dll
2015-04-24 16:36 . 2015-03-14 03:21 1632768 ----a-w- c:\windows\system32\dwmcore.dll
2015-04-24 16:36 . 2015-03-14 03:04 67584 ----a-w- c:\windows\SysWow64\dwmapi.dll
2015-04-24 16:36 . 2015-03-14 03:04 1372160 ----a-w- c:\windows\SysWow64\dwmcore.dll
2015-04-24 16:35 . 2015-01-29 03:19 2543104 ----a-w- c:\windows\system32\wpdshext.dll
2015-04-24 16:35 . 2015-01-29 03:02 2311168 ----a-w- c:\windows\SysWow64\wpdshext.dll
2015-04-23 16:53 . 2015-04-23 16:53 -------- d-----w- C:\40065bdbd47ee19696
2015-04-23 16:53 . 2015-04-23 16:53 -------- d-----w- c:\windows\CheckSur
2015-04-23 15:13 . 2015-04-04 06:25 12032440 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2015-04-18 13:17 . 2015-04-18 15:43 -------- d-----w- c:\windows\SysWow64\drivers\de-DE
2015-04-18 13:17 . 2015-04-18 15:43 -------- d-----w- c:\windows\SysWow64\de
2015-04-18 13:17 . 2015-04-18 13:17 -------- d-----w- c:\windows\SysWow64\drivers\UMDF\de-DE
2015-04-18 13:17 . 2015-04-18 13:17 -------- d-----w- c:\windows\SysWow64\0407
2015-04-18 13:17 . 2015-04-18 13:17 -------- d-----w- c:\windows\system32\drivers\UMDF\de-DE
2015-04-18 13:17 . 2015-04-18 13:17 -------- d-----w- c:\windows\system32\drivers\de-DE
2015-04-18 13:17 . 2015-04-18 13:17 -------- d-----w- c:\windows\system32\0407
2015-04-18 13:17 . 2015-04-18 13:17 -------- d-----w- c:\windows\system32\de
2015-04-18 13:15 . 2015-04-18 15:43 -------- d-----w- c:\windows\SysWow64\drivers\ar-SA
2015-04-18 13:15 . 2015-04-18 13:15 -------- d-----w- c:\windows\SysWow64\ar
2015-04-18 13:14 . 2015-04-18 13:14 -------- d-----w- c:\windows\system32\drivers\UMDF\ar-SA
2015-04-18 13:14 . 2015-04-18 13:14 -------- d-----w- c:\windows\system32\drivers\ar-SA
2015-04-18 13:14 . 2015-04-18 13:14 -------- d-----w- c:\windows\system32\ar
2015-04-18 13:14 . 2015-04-18 13:14 -------- d-----w- c:\windows\ar-SA
2015-04-18 13:13 . 2015-04-18 15:42 -------- d-----w- c:\windows\SysWow64\zh-CHT
2015-04-18 13:13 . 2015-04-18 15:43 -------- d-----w- c:\windows\SysWow64\drivers\zh-TW
2015-04-18 13:13 . 2015-04-18 13:13 -------- d-----w- c:\windows\system32\zh-CHT
2015-04-18 13:13 . 2015-04-18 13:13 -------- d-----w- c:\windows\system32\drivers\zh-TW
2015-04-18 13:13 . 2015-04-18 13:13 -------- d-----w- c:\windows\system32\drivers\UMDF\zh-TW
2015-04-18 13:12 . 2015-04-18 15:43 -------- d-----w- c:\windows\SysWow64\drivers\es-ES
2015-04-18 13:12 . 2015-04-18 15:43 -------- d-----w- c:\windows\SysWow64\es
2015-04-18 13:12 . 2015-04-18 13:12 -------- d-----w- c:\windows\SysWow64\drivers\UMDF\es-ES
2015-04-18 13:12 . 2015-04-18 13:12 -------- d-----w- c:\windows\SysWow64\0C0A
2015-04-18 13:12 . 2015-04-18 13:12 -------- d-----w- c:\windows\system32\es
2015-04-18 13:12 . 2015-04-18 13:12 -------- d-----w- c:\windows\system32\drivers\UMDF\es-ES
2015-04-18 13:12 . 2015-04-18 13:12 -------- d-----w- c:\windows\system32\drivers\es-ES
2015-04-18 13:12 . 2015-04-18 13:12 -------- d-----w- c:\windows\system32\0C0A
2015-04-18 13:10 . 2015-04-18 13:10 -------- d-----w- c:\windows\el-GR
2015-04-18 13:10 . 2015-04-18 15:43 -------- d-----w- c:\windows\SysWow64\drivers\el-GR
2015-04-18 13:10 . 2015-04-18 15:43 -------- d-----w- c:\windows\SysWow64\el
2015-04-18 13:10 . 2015-04-18 13:10 -------- d-----w- c:\windows\system32\el
2015-04-18 13:10 . 2015-04-18 13:10 -------- d-----w- c:\windows\system32\drivers\UMDF\el-GR
2015-04-18 13:10 . 2015-04-18 13:10 -------- d-----w- c:\windows\system32\drivers\el-GR
2015-04-18 13:09 . 2015-04-18 15:43 -------- d-----w- c:\windows\SysWow64\drivers\he-IL
2015-04-18 13:09 . 2015-04-18 15:43 -------- d-----w- c:\windows\SysWow64\he
2015-04-18 13:09 . 2015-04-18 13:09 -------- d-----w- c:\windows\system32\he
2015-04-18 13:09 . 2015-04-18 13:09 -------- d-----w- c:\windows\system32\drivers\UMDF\he-IL
2015-04-18 13:09 . 2015-04-18 13:09 -------- d-----w- c:\windows\system32\drivers\he-IL
2015-04-18 13:09 . 2015-04-18 13:09 -------- d-----w- c:\windows\he-IL
2015-04-18 13:08 . 2015-04-18 15:43 -------- d-----w- c:\windows\SysWow64\drivers\it-IT
2015-04-18 13:08 . 2015-04-18 13:08 -------- d-----w- c:\windows\SysWow64\drivers\UMDF\it-IT
2015-04-18 13:08 . 2015-04-18 13:08 -------- d-----w- c:\windows\SysWow64\0410
2015-04-18 13:08 . 2015-04-18 15:42 -------- d-----w- c:\windows\SysWow64\it
2015-04-18 13:07 . 2015-04-18 13:07 -------- d-----w- c:\windows\system32\drivers\it-IT
2015-04-18 13:07 . 2015-04-18 13:07 -------- d-----w- c:\windows\system32\drivers\UMDF\it-IT
2015-04-18 13:07 . 2015-04-18 13:07 -------- d-----w- c:\windows\system32\0410
2015-04-18 13:07 . 2015-04-18 13:07 -------- d-----w- c:\windows\system32\it
2015-04-18 13:06 . 2015-04-18 15:42 -------- d-----w- c:\windows\SysWow64\nl
2015-04-18 13:06 . 2015-04-18 13:06 -------- d-----w- c:\windows\SysWow64\0413
2015-04-18 13:06 . 2015-04-18 15:43 -------- d-----w- c:\windows\SysWow64\drivers\nl-NL
2015-04-18 13:06 . 2015-04-18 13:06 -------- d-----w- c:\windows\SysWow64\drivers\UMDF\nl-NL
2015-04-18 13:06 . 2015-04-18 13:06 -------- d-----w- c:\windows\system32\nl
2015-04-18 13:06 . 2015-04-18 13:06 -------- d-----w- c:\windows\system32\0413
2015-04-18 13:06 . 2015-04-18 13:06 -------- d-----w- c:\windows\system32\drivers\nl-NL
2015-04-18 13:06 . 2015-04-18 13:06 -------- d-----w- c:\windows\system32\drivers\UMDF\nl-NL
2015-04-18 13:05 . 2015-04-18 15:43 -------- d-----w- c:\windows\SysWow64\drivers\pt-PT
2015-04-18 13:05 . 2015-04-18 15:42 -------- d-----w- c:\windows\SysWow64\pt
2015-04-18 13:05 . 2015-04-18 13:05 -------- d-----w- c:\windows\system32\drivers\UMDF\pt-PT
2015-04-18 13:05 . 2015-04-18 13:05 -------- d-----w- c:\windows\system32\drivers\pt-PT
2015-04-18 13:05 . 2015-04-18 13:05 -------- d-----w- c:\windows\system32\pt
2015-04-16 13:17 . 2015-03-25 03:24 696320 ----a-w- c:\windows\system32\wuapi.dll
2015-04-16 13:16 . 2015-03-13 03:37 372224 ----a-w- c:\program files\Internet Explorer\F12Tools.dll
2015-04-16 13:15 . 2015-03-04 04:55 367552 ----a-w- c:\windows\system32\clfs.sys
2015-04-16 13:15 . 2015-03-04 04:41 79360 ----a-w- c:\windows\system32\clfsw32.dll
2015-04-16 13:15 . 2015-03-04 04:10 58880 ----a-w- c:\windows\SysWow64\clfsw32.dll
2015-04-04 21:13 . 2015-04-04 21:13 -------- d-s---w- c:\windows\SysWow64\GWX
2015-04-04 21:13 . 2015-04-04 21:13 -------- d-s---w- c:\windows\system32\GWX
2015-04-01 12:35 . 2015-03-26 20:18 1187344 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{1CD686CA-F1B7-465D-B7BB-C38554B4FDBA}\gapaengine.dll
2015-03-26 20:19 . 2015-03-26 20:18 1187344 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-04-24 19:04 . 2015-03-03 16:30 45056 ----a-w- c:\windows\system32\acovcnt.exe
2015-04-24 17:12 . 2015-03-06 14:48 778416 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-04-24 17:12 . 2015-03-06 14:48 142512 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-04-16 16:21 . 2015-03-03 17:54 128913832 ----a-w- c:\windows\system32\MRT.exe
2015-03-17 04:56 . 2015-04-16 13:17 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2015-03-04 17:14 . 2015-03-04 17:14 80512 ----a-w- c:\windows\AsusScr_K3 Series_ENG_Basic Uninstaller.exe
2015-03-04 17:14 . 2015-03-04 17:14 3058304 ----a-w- c:\windows\AsScrPro.exe
2015-03-03 19:55 . 2015-03-03 19:55 194048 ----a-w- c:\windows\SysWow64\elshyph.dll
2015-03-03 19:55 . 2015-03-03 19:55 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2015-03-03 19:55 . 2015-03-03 19:55 645120 ----a-w- c:\windows\SysWow64\jsIntl.dll
2015-03-03 19:55 . 2015-03-03 19:55 235008 ----a-w- c:\windows\system32\elshyph.dll
2015-03-03 19:55 . 2015-03-03 19:55 182272 ----a-w- c:\windows\SysWow64\msls31.dll
2015-03-03 19:55 . 2015-03-03 19:55 62464 ----a-w- c:\windows\SysWow64\tdc.ocx
2015-03-03 19:55 . 2015-03-03 19:55 36352 ----a-w- c:\windows\SysWow64\imgutil.dll
2015-03-03 19:55 . 2015-03-03 19:55 24576 ----a-w- c:\windows\SysWow64\licmgr10.dll
2015-03-03 19:55 . 2015-03-03 19:55 151552 ----a-w- c:\windows\SysWow64\iexpress.exe
2015-03-03 19:55 . 2015-03-03 19:55 139264 ----a-w- c:\windows\SysWow64\wextract.exe
2015-03-03 19:55 . 2015-03-03 19:55 13312 ----a-w- c:\windows\SysWow64\mshta.exe
2015-03-03 19:55 . 2015-03-03 19:55 111616 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2015-03-03 19:55 . 2015-03-03 19:55 86016 ----a-w- c:\windows\SysWow64\iesysprep.dll
2015-03-03 19:55 . 2015-03-03 19:55 74240 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2015-03-03 19:55 . 2015-03-03 19:55 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2015-03-03 19:55 . 2015-03-03 19:55 942592 ----a-w- c:\windows\system32\jsIntl.dll
2015-03-03 19:55 . 2015-03-03 19:55 90112 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2015-03-03 19:55 . 2015-03-03 19:55 86016 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2015-03-03 19:55 . 2015-03-03 19:55 77312 ----a-w- c:\windows\system32\tdc.ocx
2015-03-03 19:55 . 2015-03-03 19:55 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2015-03-03 19:55 . 2015-03-03 19:55 48640 ----a-w- c:\windows\system32\mshtmler.dll
2015-03-03 19:55 . 2015-03-03 19:55 247808 ----a-w- c:\windows\system32\msls31.dll
2015-03-03 19:55 . 2015-03-03 19:55 13312 ----a-w- c:\windows\system32\msfeedssync.exe
2015-03-03 19:55 . 2015-03-03 19:55 131072 ----a-w- c:\windows\system32\IEAdvpack.dll
2015-03-03 19:55 . 2015-03-03 19:55 105984 ----a-w- c:\windows\system32\iesysprep.dll
2015-03-03 19:55 . 2015-03-03 19:55 81408 ----a-w- c:\windows\system32\icardie.dll
2015-03-03 19:55 . 2015-03-03 19:55 616104 ----a-w- c:\windows\system32\ieapfltr.dat
2015-03-03 19:55 . 2015-03-03 19:55 30208 ----a-w- c:\windows\system32\licmgr10.dll
2015-03-03 19:55 . 2015-03-03 19:55 243200 ----a-w- c:\windows\system32\webcheck.dll
2015-03-03 19:55 . 2015-03-03 19:55 235520 ----a-w- c:\windows\system32\url.dll
2015-03-03 19:55 . 2015-03-03 19:55 167424 ----a-w- c:\windows\system32\iexpress.exe
2015-03-03 19:55 . 2015-03-03 19:55 143872 ----a-w- c:\windows\system32\wextract.exe
2015-03-03 19:55 . 2015-03-03 19:55 101376 ----a-w- c:\windows\system32\inseng.dll
2015-03-03 19:55 . 2015-03-03 19:55 774144 ----a-w- c:\windows\system32\jscript.dll
2015-03-03 19:55 . 2015-03-03 19:55 62464 ----a-w- c:\windows\system32\pngfilt.dll
2015-03-03 19:55 . 2015-03-03 19:55 48128 ----a-w- c:\windows\system32\imgutil.dll
2015-03-03 19:55 . 2015-03-03 19:55 147968 ----a-w- c:\windows\system32\occache.dll
2015-03-03 19:55 . 2015-03-03 19:55 13824 ----a-w- c:\windows\system32\mshta.exe
2015-03-03 19:55 . 2015-03-03 19:55 135680 ----a-w- c:\windows\system32\iepeers.dll
2015-03-03 16:54 . 2010-06-24 18:33 23256 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2015-03-03 13:17 . 2015-03-06 14:33 295552 ------w- c:\windows\system32\MpSigStub.exe
2015-02-26 03:25 . 2015-03-11 14:50 3204096 ----a-w- c:\windows\system32\win32k.sys
2015-02-20 04:41 . 2015-03-11 14:52 41984 ----a-w- c:\windows\system32\lpk.dll
2015-02-20 04:40 . 2015-03-11 14:51 100864 ----a-w- c:\windows\system32\fontsub.dll
2015-02-20 04:40 . 2015-03-11 14:51 14336 ----a-w- c:\windows\system32\dciman32.dll
2015-02-20 04:40 . 2015-03-11 14:52 46080 ----a-w- c:\windows\system32\atmlib.dll
2015-02-20 04:13 . 2015-03-11 14:51 70656 ----a-w- c:\windows\SysWow64\fontsub.dll
2015-02-20 04:13 . 2015-03-11 14:51 10240 ----a-w- c:\windows\SysWow64\dciman32.dll
2015-02-20 04:13 . 2015-03-11 14:51 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2015-02-20 04:12 . 2015-03-11 14:51 25600 ----a-w- c:\windows\SysWow64\lpk.dll
2015-02-20 03:29 . 2015-03-11 14:52 372224 ----a-w- c:\windows\system32\atmfd.dll
2015-02-20 03:09 . 2015-03-11 14:52 299008 ----a-w- c:\windows\SysWow64\atmfd.dll
2015-02-17 15:04 . 2015-02-17 15:04 1202848 ----a-w- c:\windows\SysWow64\FM20.DLL
2015-02-16 03:21 . 2015-03-06 12:39 11910896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E3EDDE1B-A8E3-4849-A960-31BE891E3323}\mpengine.dll
2015-02-13 05:22 . 2015-03-11 14:50 14177280 ----a-w- c:\windows\system32\shell32.dll
2015-02-04 10:23 . 2015-02-04 10:23 875688 ----a-w- c:\windows\SysWow64\msvcr120_clr0400.dll
2015-02-04 10:13 . 2015-02-04 10:13 869536 ----a-w- c:\windows\system32\msvcr120_clr0400.dll
2015-02-04 03:16 . 2015-03-11 14:49 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2015-02-04 02:54 . 2015-03-11 14:49 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2015-02-03 03:34 . 2015-03-11 14:51 693176 ----a-w- c:\windows\system32\winload.efi
2015-02-03 03:34 . 2015-03-11 14:51 94656 ----a-w- c:\windows\system32\drivers\mountmgr.sys
2015-02-03 03:33 . 2015-03-11 14:51 616360 ----a-w- c:\windows\system32\winresume.efi
2015-02-03 03:31 . 2015-03-11 14:51 14632960 ----a-w- c:\windows\system32\wmp.dll
2015-02-03 03:31 . 2015-03-11 14:51 782848 ----a-w- c:\windows\system32\wmdrmsdk.dll
2015-02-03 03:31 . 2015-03-11 14:51 229376 ----a-w- c:\windows\system32\wintrust.dll
2015-02-03 03:31 . 2015-03-11 14:50 1424896 ----a-w- c:\windows\system32\WindowsCodecs.dll
2015-02-03 03:31 . 2015-03-11 14:50 215552 ----a-w- c:\windows\system32\ubpm.dll
2015-02-03 03:31 . 2015-03-11 14:51 5120 ----a-w- c:\windows\system32\msdxm.ocx
2015-02-03 03:31 . 2015-03-11 14:51 5120 ----a-w- c:\windows\system32\dxmasf.dll
2015-02-03 03:31 . 2015-03-11 14:51 63488 ----a-w- c:\windows\system32\setbcdlocale.dll
2015-02-03 03:31 . 2015-03-11 14:51 1574400 ----a-w- c:\windows\system32\quartz.dll
2015-02-03 03:31 . 2015-03-11 14:51 500224 ----a-w- c:\windows\system32\AUDIOKSE.dll
2015-02-03 03:31 . 2015-03-11 14:51 371712 ----a-w- c:\windows\system32\qdvd.dll
2015-02-03 03:31 . 2015-03-11 14:51 188416 ----a-w- c:\windows\system32\pcasvc.dll
2015-02-03 03:31 . 2015-03-11 14:51 37376 ----a-w- c:\windows\system32\pcadm.dll
2015-02-03 03:31 . 2015-03-11 14:51 9728 ----a-w- c:\windows\system32\spwmp.dll
2015-02-03 03:31 . 2015-03-11 14:51 641024 ----a-w- c:\windows\system32\msscp.dll
2015-02-03 03:31 . 2015-03-11 14:51 325632 ----a-w- c:\windows\system32\msnetobj.dll
2015-02-03 03:31 . 2015-03-11 14:51 11264 ----a-w- c:\windows\system32\msmmsp.dll
2015-02-03 03:31 . 2015-03-11 14:51 432128 ----a-w- c:\windows\system32\mfplat.dll
2015-02-03 03:31 . 2015-03-11 14:51 4121600 ----a-w- c:\windows\system32\mf.dll
2015-02-03 03:31 . 2015-03-11 14:51 206848 ----a-w- c:\windows\system32\mfps.dll
2015-02-03 03:30 . 2015-03-11 14:51 631808 ----a-w- c:\windows\system32\evr.dll
2015-02-03 03:30 . 2015-03-11 14:51 284672 ----a-w- c:\windows\system32\EncDump.dll
2015-02-03 03:30 . 2015-03-11 14:51 1202176 ----a-w- c:\windows\system32\drmv2clt.dll
2015-02-03 03:30 . 2015-03-11 14:51 497664 ----a-w- c:\windows\system32\drmmgrtn.dll
2015-02-03 03:30 . 2015-03-11 14:51 1480192 ----a-w- c:\windows\system32\crypt32.dll
2015-02-03 03:30 . 2015-03-11 14:51 1069056 ----a-w- c:\windows\system32\cryptui.dll
2015-02-03 03:30 . 2015-03-11 14:51 82432 ----a-w- c:\windows\system32\cryptsp.dll
2015-02-03 03:30 . 2015-03-11 14:51 140288 ----a-w- c:\windows\system32\cryptnet.dll
2015-02-03 03:30 . 2015-03-11 14:51 187904 ----a-w- c:\windows\system32\cryptsvc.dll
2015-02-03 03:30 . 2015-03-11 14:51 842240 ----a-w- c:\windows\system32\blackbox.dll
2015-02-03 03:30 . 2015-03-11 14:51 680960 ----a-w- c:\windows\system32\audiosrv.dll
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les �l�ments vides & les �l�ments initiaux l�gitimes ne sont pas list�s
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2015-02-26 31344744]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Nuance PDF Reader-reminder"="c:\program files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" [2008-11-03 328992]
"ASUSPRP"="c:\program files (x86)\ASUS\APRP\APRP.EXE" [2011-04-13 2018032]
"ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2010-08-17 5732992]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2010-10-07 170624]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"Wireless Console 3"="c:\program files (x86)\ASUS\Wireless Console 3\wcourier.exe" [2010-09-24 1601536]
"UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-12-03 1021128]
.
c:\users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Intel(R) Turbo Boost Technology Monitor 2.0.lnk - c:\program files\Intel\TurboBoost\SignalIslandUi.exe [2010-11-30 204288]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
AsusVibeLauncher.lnk - c:\program files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe /start [2011-4-13 548528]
FancyStart daemon.lnk - c:\windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_94E3CE3704FE82FBF49A6A.exe -d [2015-3-4 12862]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys;c:\windows\SYSNATIVE\DRIVERS\dc3d.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 Point64;Microsoft Mouse and Keyboard Center Filter Driver;c:\windows\system32\DRIVERS\point64.sys;c:\windows\SYSNATIVE\DRIVERS\point64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys;c:\windows\SYSNATIVE\DRIVERS\SiSG664.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S1 ATKWMIACPIIO;ATKWMIACPI Driver;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [x]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe;c:\windows\SYSNATIVE\FBAgent.exe [x]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [x]
S2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [x]
S2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [x]
S2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys;c:\windows\SYSNATIVE\DRIVERS\TurboB.sys [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys;c:\windows\SYSNATIVE\DRIVERS\netr28x.sys [x]
S3 NisSrv;Inspection du r�seau Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
S3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe;c:\program files\Intel\TurboBoost\TurboBoost.exe [x]
.
.
Contenu du dossier 'T�ches planifi�es'
.
2015-04-25 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-03-06 17:12]
.
2015-04-25 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3995296467-4052466226-3906910148-1001Core.job
- c:\users\Utilisateur\AppData\Local\Google\Update\GoogleUpdate.exe [2015-03-07 16:53]
.
2015-04-25 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3995296467-4052466226-3906910148-1001UA.job
- c:\users\Utilisateur\AppData\Local\Google\Update\GoogleUpdate.exe [2015-03-07 16:53]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-03-01 2189416]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2010-08-11 324096]
"IntelTBRunOnce"="wscript.exe" [2013-10-12 168960]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2014-01-29 171992]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2014-01-29 399832]
"Persistence"="c:\windows\system32\igfxpers.exe" [2014-01-29 442328]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2015-01-30 1332296]
"Logitech Download Assistant"="c:\windows\System32\LogiLDA.dll" [2012-09-20 1832760]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Examen suppl�mentaire -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = https://www.google.fr/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xporter vers Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 212.27.40.241 212.27.40.240
FF - ProfilePath - c:\users\Utilisateur\AppData\Roaming\Mozilla\Firefox\Profiles\z3pe42x0.default\
.
- - - - ORPHELINS SUPPRIMES - - - -
.
Toolbar-Locked - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
HKLM-Run-SynAsusAcpi - c:\program files (x86)\Synaptics\SynTP\SynAsusAcpi.exe
HKLM-Run-Setwallpaper - c:\programdata\SetWallpaper.cmd
.
.
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_17_0_0_169_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_17_0_0_169_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_17_0_0_169_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_17_0_0_169_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_169.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.17"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_169.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_169.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_169.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Heure de fin: 2015-04-25 18:54:05
ComboFix-quarantined-files.txt 2015-04-25 16:54
.
Avant-CF: 504�693�317�632 octets libres
Apr�s-CF: 513�647�083�520 octets libres
.
- - End Of File - - 96DD0B6A0FCE4587C6C4F4FB88E77B22

Publicité


Signaler le contenu de ce document

Publicité