cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

ComboFix 15-05-09.01 - thomas 09/05/2015 15:42:40.3.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1252.33.1033.18.3766.1962 [GMT 2:00]
Lanc� depuis: c:\users\thomas\Desktop\ComboFix.exe
Commutateurs utilis�s :: c:\users\thomas\Desktop\CFScript.txt
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Un nouveau point de restauration a �t� cr��
.
.
((((((((((((((((((((((((((((( Fichiers cr��s du 2015-04-09 au 2015-05-09 ))))))))))))))))))))))))))))))))))))
.
.
2015-05-09 14:10 . 2015-05-09 14:10 -------- dc----w- c:\users\Default\AppData\Local\temp
2015-05-09 14:10 . 2015-05-09 14:10 -------- d-----w- c:\users\marie\AppData\Local\temp
2015-05-09 08:27 . 2015-05-09 08:27 -------- dc----w- C:\dd1fa77169676bbc5171d9bae6aa
2015-05-09 08:15 . 2015-05-09 08:15 -------- dc----w- C:\dbc1a5a0e11802c1da80b500
2015-05-08 22:22 . 2015-05-08 22:22 -------- dc----w- C:\7d8a9f169541e85281912101800a
2015-05-08 17:39 . 2015-05-08 18:13 -------- dc----w- C:\FRST
2015-05-08 17:29 . 2015-05-09 10:35 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{8DE193AE-E1EB-4863-842A-43F330208E13}\offreg.dll
2015-05-08 16:01 . 2015-05-09 08:06 136408 -c--a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-05-08 16:00 . 2015-05-08 16:00 -------- dc----w- c:\program files (x86)\Malwarebytes Anti-Malware
2015-05-08 16:00 . 2015-04-14 07:37 63704 -c--a-w- c:\windows\system32\drivers\mwac.sys
2015-05-08 16:00 . 2015-04-14 07:37 107736 -c--a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-05-08 16:00 . 2015-04-14 07:37 25816 -c--a-w- c:\windows\system32\drivers\mbam.sys
2015-05-08 15:37 . 2015-04-04 06:25 12032440 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{8DE193AE-E1EB-4863-842A-43F330208E13}\mpengine.dll
2015-05-08 08:32 . 2015-05-08 08:32 -------- dc----w- C:\f46d290bcd96f146070e109c9b
2015-05-07 15:49 . 2015-05-08 15:22 -------- dc----w- C:\AdsFix
2015-05-07 15:03 . 2015-05-08 20:56 512 -c--a-w- C:\PhysicalDisk0_MBR.bin
2015-05-07 14:54 . 2015-05-08 20:51 -------- dc----w- c:\users\thomas\AppData\Roaming\ZHP
2015-05-07 14:54 . 2015-05-08 10:54 -------- dc----w- c:\program files (x86)\ZHPDiag
2015-05-07 14:32 . 2015-05-07 14:32 -------- dc----w- c:\users\thomas\AppData\Local\Sony Corporation
2015-05-07 14:11 . 2015-05-07 14:10 13792 -c--a-w- c:\windows\system32\drivers\semav6thermal64ro.sys
2015-05-07 14:11 . 2015-05-07 14:11 74703 -c--a-w- c:\windows\SysWow64\mfc45.dll
2015-05-07 14:11 . 2013-11-01 12:59 69000 -c--a-w- c:\windows\system32\offreg.dll
2015-05-07 14:11 . 2013-11-01 12:59 21176 -c--a-w- c:\windows\system32\iolorgdf64.exe
2015-04-28 16:36 . 2013-02-04 10:30 192800 -c--a-w- c:\windows\system32\nvservice.exe
2015-04-28 16:17 . 2015-05-07 14:40 -------- dc----w- C:\Update
2015-04-28 15:55 . 2015-04-28 15:55 -------- dc----w- C:\2b148e9adbdd193ce1330e42
2015-04-28 15:34 . 2015-04-28 15:34 -------- dc----w- c:\program files\CPUID
2015-04-27 19:44 . 2015-05-09 08:05 -------- dc----w- C:\AdwCleaner
2015-04-25 15:12 . 2015-04-28 15:54 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-25 15:11 . 2015-05-07 13:47 696320 ----a-w- c:\windows\system32\wuapi.dll
2015-04-25 15:10 . 2015-05-07 13:31 404480 ----a-w- c:\windows\system32\gdi32.dll
2015-04-17 20:09 . 2015-04-18 20:06 79360 ----a-w- c:\windows\system32\clfsw32.dll
2015-04-17 20:09 . 2015-04-18 20:06 58880 ----a-w- c:\windows\SysWow64\clfsw32.dll
2015-04-17 20:09 . 2015-04-18 20:06 367552 ----a-w- c:\windows\system32\clfs.sys
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-04-28 15:54 . 2015-04-25 15:13 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2015-04-01 09:16 . 2010-12-04 08:37 128913832 -c--a-w- c:\windows\system32\MRT.exe
2015-03-12 21:41 . 2015-03-12 17:27 70656 ----a-w- c:\windows\SysWow64\fontsub.dll
2015-03-12 21:41 . 2015-03-12 17:27 46080 ----a-w- c:\windows\system32\atmlib.dll
2015-03-12 21:41 . 2015-03-12 17:27 41984 ----a-w- c:\windows\system32\lpk.dll
2015-03-12 21:41 . 2015-03-12 17:27 372224 ----a-w- c:\windows\system32\atmfd.dll
2015-03-12 21:41 . 2015-03-12 17:27 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2015-03-12 21:41 . 2015-03-12 17:27 299008 ----a-w- c:\windows\SysWow64\atmfd.dll
2015-03-12 21:41 . 2015-03-12 17:27 25600 ----a-w- c:\windows\SysWow64\lpk.dll
2015-03-12 21:41 . 2015-03-12 17:27 14336 ----a-w- c:\windows\system32\dciman32.dll
2015-03-12 21:41 . 2015-03-12 17:27 10240 ----a-w- c:\windows\SysWow64\dciman32.dll
2015-03-12 21:41 . 2015-03-12 17:27 100864 ----a-w- c:\windows\system32\fontsub.dll
2015-03-12 21:40 . 2015-03-12 17:27 1480192 ----a-w- c:\windows\system32\crypt32.dll
2015-03-12 21:40 . 2015-03-12 17:27 663552 ----a-w- c:\windows\system32\drivers\PEAuth.sys
2015-03-12 21:40 . 2015-03-12 17:27 1574400 ----a-w- c:\windows\system32\quartz.dll
2015-03-12 21:40 . 2015-03-12 17:27 489984 ----a-w- c:\windows\SysWow64\evr.dll
2015-03-12 21:40 . 2015-03-12 17:27 188416 ----a-w- c:\windows\system32\pcasvc.dll
2015-03-12 21:40 . 2015-03-12 17:27 1005056 ----a-w- c:\windows\SysWow64\cryptui.dll
2015-03-12 21:40 . 2015-03-12 17:27 680960 ----a-w- c:\windows\system32\audiosrv.dll
2015-03-12 21:40 . 2015-03-12 17:27 61440 ----a-w- c:\windows\system32\drivers\appid.sys
2015-03-12 21:40 . 2015-03-12 17:27 500224 ----a-w- c:\windows\system32\AUDIOKSE.dll
2015-03-12 21:40 . 2015-03-12 17:27 32256 ----a-w- c:\windows\system32\appidsvc.dll
2015-03-12 21:40 . 2015-03-12 17:27 126464 ----a-w- c:\windows\system32\audiodg.exe
2015-03-12 21:40 . 2015-03-12 17:27 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
2015-03-12 21:40 . 2015-03-12 17:27 371712 ----a-w- c:\windows\system32\qdvd.dll
2015-03-12 21:40 . 2015-03-12 17:27 296448 ----a-w- c:\windows\system32\AudioSes.dll
2015-03-12 21:40 . 2015-03-12 17:27 143872 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2015-03-12 21:40 . 2015-03-12 17:27 440832 ----a-w- c:\windows\system32\AudioEng.dll
2015-03-12 21:40 . 2015-03-12 17:27 37376 ----a-w- c:\windows\system32\pcadm.dll
2015-03-12 21:40 . 2015-03-12 17:27 58880 ----a-w- c:\windows\system32\appidapi.dll
2015-03-12 21:40 . 2015-03-12 17:27 146944 ----a-w- c:\windows\system32\appidpolicyconverter.exe
2015-03-12 21:40 . 2015-03-12 17:27 11264 ----a-w- c:\windows\system32\pcawrk.exe
2015-03-12 21:40 . 2015-03-12 17:27 9728 ----a-w- c:\windows\system32\pcalua.exe
2015-03-12 21:40 . 2015-03-12 17:27 284672 ----a-w- c:\windows\system32\EncDump.dll
2015-03-12 21:40 . 2015-03-12 17:27 17920 ----a-w- c:\windows\system32\appidcertstorecheck.exe
2015-03-12 21:40 . 2015-03-12 17:27 8704 ----a-w- c:\windows\system32\pcaevts.dll
2015-03-12 21:40 . 2015-03-12 17:27 842240 ----a-w- c:\windows\system32\blackbox.dll
2015-03-12 21:40 . 2015-03-12 17:27 744960 ----a-w- c:\windows\SysWow64\blackbox.dll
2015-03-12 21:40 . 2015-03-12 17:27 1202176 ----a-w- c:\windows\system32\drmv2clt.dll
2015-03-12 21:40 . 2015-03-12 17:27 988160 ----a-w- c:\windows\SysWow64\drmv2clt.dll
2015-03-12 21:40 . 2015-03-12 17:27 782848 ----a-w- c:\windows\system32\wmdrmsdk.dll
2015-03-12 21:40 . 2015-03-12 17:27 617984 ----a-w- c:\windows\SysWow64\wmdrmsdk.dll
2015-03-12 21:40 . 2015-03-12 17:27 3209728 ----a-w- c:\windows\SysWow64\mf.dll
2015-03-12 21:40 . 2015-03-12 17:27 14632960 ----a-w- c:\windows\system32\wmp.dll
2015-03-12 21:40 . 2015-03-12 17:27 497664 ----a-w- c:\windows\system32\drmmgrtn.dll
2015-03-12 21:40 . 2015-03-12 17:27 406016 ----a-w- c:\windows\SysWow64\drmmgrtn.dll
2015-03-12 21:40 . 2015-03-12 17:27 1174528 ----a-w- c:\windows\SysWow64\crypt32.dll
2015-03-12 21:40 . 2015-03-12 17:27 631808 ----a-w- c:\windows\system32\evr.dll
2015-03-12 21:40 . 2015-03-12 17:27 1069056 ----a-w- c:\windows\system32\cryptui.dll
2015-03-12 21:40 . 2015-03-12 17:27 82432 ----a-w- c:\windows\system32\cryptsp.dll
2015-03-12 21:40 . 2015-03-12 17:27 81408 ----a-w- c:\windows\SysWow64\cryptsp.dll
2015-03-12 21:40 . 2015-03-12 17:27 432128 ----a-w- c:\windows\system32\mfplat.dll
2015-03-12 21:40 . 2015-03-12 17:27 4121600 ----a-w- c:\windows\system32\mf.dll
2015-03-12 21:40 . 2015-03-12 17:27 354816 ----a-w- c:\windows\SysWow64\mfplat.dll
2015-03-12 21:40 . 2015-03-12 17:27 1329664 ----a-w- c:\windows\SysWow64\quartz.dll
2015-03-12 21:40 . 2015-03-12 17:27 641024 ----a-w- c:\windows\system32\msscp.dll
2015-03-12 21:40 . 2015-03-12 17:27 519680 ----a-w- c:\windows\SysWow64\qdvd.dll
2015-03-12 21:40 . 2015-03-12 17:27 504320 ----a-w- c:\windows\SysWow64\msscp.dll
2015-03-12 21:40 . 2015-03-12 17:27 325632 ----a-w- c:\windows\system32\msnetobj.dll
2015-03-12 21:40 . 2015-03-12 17:27 229376 ----a-w- c:\windows\system32\wintrust.dll
2015-03-12 21:40 . 2015-03-12 17:27 179200 ----a-w- c:\windows\SysWow64\wintrust.dll
2015-03-12 21:40 . 2015-03-12 17:27 140288 ----a-w- c:\windows\system32\cryptnet.dll
2015-03-12 21:40 . 2015-03-12 17:27 265216 ----a-w- c:\windows\SysWow64\msnetobj.dll
2015-03-12 21:40 . 2015-03-12 17:27 187904 ----a-w- c:\windows\system32\cryptsvc.dll
2015-03-12 21:40 . 2015-03-12 17:27 374784 ----a-w- c:\windows\SysWow64\AudioEng.dll
2015-03-12 21:40 . 2015-03-12 17:27 55808 ----a-w- c:\windows\system32\rrinstaller.exe
2015-03-12 21:40 . 2015-03-12 17:27 50688 ----a-w- c:\windows\SysWow64\appidapi.dll
2015-03-12 21:40 . 2015-03-12 17:27 50176 ----a-w- c:\windows\SysWow64\rrinstaller.exe
2015-03-12 21:40 . 2015-03-12 17:27 442880 ----a-w- c:\windows\SysWow64\AUDIOKSE.dll
2015-03-12 21:40 . 2015-03-12 17:27 206848 ----a-w- c:\windows\system32\mfps.dll
2015-03-12 21:40 . 2015-03-12 17:27 103424 ----a-w- c:\windows\SysWow64\mfps.dll
2015-03-12 21:40 . 2015-03-12 17:27 24576 ----a-w- c:\windows\system32\mfpmp.exe
2015-03-12 21:40 . 2015-03-12 17:27 195584 ----a-w- c:\windows\SysWow64\AudioSes.dll
2015-03-12 21:40 . 2015-03-12 17:27 9728 ----a-w- c:\windows\system32\spwmp.dll
2015-03-12 21:40 . 2015-03-12 17:27 8192 ----a-w- c:\windows\SysWow64\spwmp.dll
2015-03-12 21:40 . 2015-03-12 17:27 5120 ----a-w- c:\windows\system32\msdxm.ocx
2015-03-12 21:40 . 2015-03-12 17:27 5120 ----a-w- c:\windows\system32\dxmasf.dll
2015-03-12 21:40 . 2015-03-12 17:27 4096 ----a-w- c:\windows\SysWow64\msdxm.ocx
2015-03-12 21:40 . 2015-03-12 17:27 4096 ----a-w- c:\windows\SysWow64\dxmasf.dll
2015-03-12 21:40 . 2015-03-12 17:27 12625920 ----a-w- c:\windows\system32\wmploc.DLL
2015-03-12 21:40 . 2015-03-12 17:27 12625408 ----a-w- c:\windows\SysWow64\wmploc.DLL
2015-03-12 21:40 . 2015-03-12 17:27 2048 ----a-w- c:\windows\system32\mferror.dll
2015-03-12 21:40 . 2015-03-12 17:27 94656 ----a-w- c:\windows\system32\drivers\mountmgr.sys
2015-03-12 21:40 . 2015-03-12 17:27 616360 ----a-w- c:\windows\system32\winresume.efi
2015-03-12 21:40 . 2015-03-12 17:27 532176 ----a-w- c:\windows\system32\winresume.exe
2015-03-12 21:40 . 2015-03-12 17:27 619056 ----a-w- c:\windows\system32\winload.exe
2015-03-12 21:40 . 2015-03-12 17:27 693176 ----a-w- c:\windows\system32\winload.efi
2015-03-12 21:40 . 2015-03-12 17:27 457400 ----a-w- c:\windows\system32\ci.dll
2015-03-12 21:40 . 2015-03-12 17:27 11264 ----a-w- c:\windows\system32\msmmsp.dll
2015-03-12 21:40 . 2015-03-12 17:27 63488 ----a-w- c:\windows\system32\setbcdlocale.dll
2015-03-12 21:40 . 2015-03-12 17:27 23040 ----a-w- c:\windows\SysWow64\mfpmp.exe
2015-03-12 21:40 . 2015-03-12 17:27 2048 ----a-w- c:\windows\SysWow64\mferror.dll
2015-03-12 21:39 . 2015-03-12 17:26 215552 ----a-w- c:\windows\system32\ubpm.dll
2015-03-12 21:39 . 2015-03-12 17:26 171520 ----a-w- c:\windows\SysWow64\ubpm.dll
2015-03-12 21:38 . 2015-03-12 17:26 14177280 ----a-w- c:\windows\system32\shell32.dll
2015-03-12 21:38 . 2015-03-12 17:25 459336 ----a-w- c:\windows\system32\drivers\cng.sys
2015-03-12 21:37 . 2015-03-12 17:24 828928 ----a-w- c:\windows\SysWow64\msctf.dll
2015-03-12 21:37 . 2015-03-12 17:24 1067520 ----a-w- c:\windows\system32\msctf.dll
2015-03-12 21:37 . 2015-03-12 17:24 1424896 ----a-w- c:\windows\system32\WindowsCodecs.dll
2015-03-12 21:37 . 2015-03-12 17:24 1230848 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les �l�ments vides & les �l�ments initiaux l�gitimes ne sont pas list�s
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2015-02-09 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-03-04 284696]
"ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" [2010-05-31 673136]
"Path"="c:\program files (x86)\ZOOM\Edit_Share\bin\ZOOM Edit&Share startup.exe" [2012-06-08 1989632]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2010-6-9 1128224]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"EnablELUA"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean64.exe
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
R3 cpuz138;cpuz138;c:\users\thomas\AppData\Local\Temp\cpuz138\cpuz138_x64.sys;c:\users\thomas\AppData\Local\Temp\cpuz138\cpuz138_x64.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;c:\windows\system32\DRIVERS\LEqdUsb.Sys;c:\windows\SYSNATIVE\DRIVERS\LEqdUsb.Sys [x]
R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;c:\windows\system32\DRIVERS\LHidEqd.Sys;c:\windows\SYSNATIVE\DRIVERS\LHidEqd.Sys [x]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 McComponentHostServiceSony;McAfee Security Scan Component Host Service for Sony;c:\program files (x86)\Sony\MSS\3.8.130\McCHSvc.exe;c:\program files (x86)\Sony\MSS\3.8.130\McCHSvc.exe [x]
R3 ndfs;ndfs;c:\program files\MacroData Inc\NetDrive\ndfs.sys;c:\program files\MacroData Inc\NetDrive\ndfs.sys [x]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys;c:\windows\SYSNATIVE\DRIVERS\netaapl64.sys [x]
R3 ptun0901;TAP Adapter V9 for Private Tunnel;c:\windows\system32\DRIVERS\ptun0901.sys;c:\windows\SYSNATIVE\DRIVERS\ptun0901.sys [x]
R3 taphss6;Anchorfree HSS VPN Adapter;c:\windows\system32\DRIVERS\taphss6.sys;c:\windows\SYSNATIVE\DRIVERS\taphss6.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 USER_ESRV_SVC;User Energy Server Service;c:\program files\Sony\VAIO Care\ESRV\esrv_svc.exe;c:\program files\Sony\VAIO Care\ESRV\esrv_svc.exe [x]
R3 VCService;VCService;c:\program files\Sony\VAIO Care\VCService.exe;c:\program files\Sony\VAIO Care\VCService.exe [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WSDScan;WSD Scan Support via UMB;c:\windows\system32\drivers\WSDScan.sys;c:\windows\SYSNATIVE\drivers\WSDScan.sys [x]
R4 NasPmService;NAS PM Service;c:\program files (x86)\BUFFALO\NASNAVI\nassvc.exe;c:\program files (x86)\BUFFALO\NASNAVI\nassvc.exe [x]
R4 ndsvc;NetDrive Service;c:\program files\MacroData Inc\NetDrive\ndsvc.exe;c:\program files\MacroData Inc\NetDrive\ndsvc.exe [x]
R4 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe;c:\program files\Sony\VAIO Power Management\SPMService.exe [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys;c:\windows\SYSNATIVE\Drivers\sptd.sys [x]
S1 Ext2Fsd;Linux ext2 file system driver; [x]
S2 ESRV_SVC;Energy Server Service;c:\program files\Sony\VAIO Care\ESRV\esrv_svc.exe --AUTO_START --start --address 127.0.0.1;c:\program files\Sony\VAIO Care\ESRV\esrv_svc.exe --AUTO_START --start --address 127.0.0.1 [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 nvservice;NVIDIA GuardService;c:\windows\system32\nvservice.exe;c:\windows\SYSNATIVE\nvservice.exe [x]
S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe;c:\program files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [x]
S2 rimspci;rimspci;c:\windows\system32\drivers\rimssne64.sys;c:\windows\SYSNATIVE\drivers\rimssne64.sys [x]
S2 risdsnpe;risdsnpe;c:\windows\system32\drivers\risdsne64.sys;c:\windows\SYSNATIVE\drivers\risdsne64.sys [x]
S2 SampleCollector;Intel(R) System Behavior Tracker Collector Service;c:\program files\Sony\VAIO Care\VCPerfService.exe;c:\program files\Sony\VAIO Care\VCPerfService.exe [x]
S2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys;c:\windows\SYSNATIVE\Drivers\SSPORT.sys [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 VSNService;VSNService;c:\program files\Sony\VAIO Smart Network\VSNService.exe;c:\program files\Sony\VAIO Smart Network\VSNService.exe [x]
S3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys;c:\windows\SYSNATIVE\drivers\btwampfl.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
S3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K;c:\windows\system32\DRIVERS\e1k62x64.sys;c:\windows\SYSNATIVE\DRIVERS\e1k62x64.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\drivers\HECIx64.sys;c:\windows\SYSNATIVE\drivers\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys;c:\windows\SYSNATIVE\drivers\Impcd.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETw5s64.sys;c:\windows\SYSNATIVE\DRIVERS\NETw5s64.sys [x]
S3 semav6thermal64ro;semav6thermal64ro;c:\windows\system32\drivers\semav6thermal64ro.sys;c:\windows\SYSNATIVE\drivers\semav6thermal64ro.sys [x]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\DRIVERS\SFEP.sys;c:\windows\SYSNATIVE\DRIVERS\SFEP.sys [x]
S3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update\vuagent.exe;c:\program files\Sony\VAIO Update\vuagent.exe [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-05-07 19:17 988488 -c--a-w- c:\program files (x86)\Google\Chrome\Application\42.0.2311.135\Installer\chrmstp.exe
.
Contenu du dossier 'T�ches planifi�es'
.
2015-05-09 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-06-07 20:26]
.
2015-05-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2015-01-17 07:04]
.
2015-05-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2015-01-17 07:04]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-06-22 166424]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-06-22 390680]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-06-22 410136]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-06-04 16414824]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-06-18 9962016]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
.
------- Examen suppl�mentaire -------
.
uLocal Page = c:\windows\system32\blank.htm
uSearchMigratedDefaultURL = https://www.google.com/
mLocal Page = c:\windows\System32\blank.htm
mSearch Bar = https://www.google.com/
mSearchMigratedDefaultURL = https://www.google.com/
uSearchAssistant = https://www.google.com/
uCustomizeSearch = https://www.google.com/
mSearchAssistant = https://www.google.com/
mCustomizeSearch = https://www.google.com/
IE: E&xporter vers Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\thomas\AppData\Roaming\Mozilla\Firefox\Profiles\ind1baes.default\
FF - prefs.js: browser.startup.homepage - www.google.fr
.
- - - - ORPHELINS SUPPRIMES - - - -
.
AddRemove-DigiTech JamManager - c:\programdata\{C800B840-79A7-481D-BDCC-960687612F5A}\JamManagerInstaller.exe
AddRemove-LTOOLS - c:\users\thomas\AppData\Local\Temp\Temp1_ltools-6.12.zip\uninst\fimain.exe
AddRemove-{1A1FA721-8EC9-4B53-8313-1B886911FDE4} - c:\programdata\{C800B840-79A7-481D-BDCC-960687612F5A}\JamManagerInstaller.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SampleCollector]
"ImagePath"="\"c:\program files\Sony\VAIO Care\VCPerfService.exe\" \"/service\" \"/sstates\" \"/sampleinterval=10000\" \"/procinterval=5\" \"/dllinterval=120\" \"/counter=\Processor(_Total)\% Processor Time:1\" \"/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1\" \"/counter=\Network Interface(*)\Bytes Total/sec:1\" \"/expandcounter=\Processor Information(*)\Processor Frequency:1\" \"\" \"/expandcounter=\Processor(*)\% Idle Time:1\" \"/expandcounter=\Processor(*)\% C1 Time:1\" \"/expandcounter=\Processor(*)\% C2 Time:1\" \"/expandcounter=\Processor(*)\%C3 Time:1\" \"/expandcounter=\Processor(*)\% Processor Time:1\" \"/directory=c:\programdata\Sony Corporation\VAIO Care\inteldata\""
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_USERS\S-1-5-21-3424450694-4108752165-2468900982-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-3424450694-4108752165-2468900982-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_305_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_305_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_16_0_0_305_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_16_0_0_305_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
------------------------ Autres processus actifs ------------------------
.
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\windows\SysWOW64\RunDll32.exe
c:\program files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
c:\program files\Sony\VAIO Care\listener.exe
.
**************************************************************************
.
Heure de fin: 2015-05-09 16:20:06 - La machine a red�marr�
ComboFix-quarantined-files.txt 2015-05-09 14:20
ComboFix2.txt 2015-05-09 11:41
.
Avant-CF: 9�031�479�296 bytes free
Apr�s-CF: 8�928�636�928 bytes free
.
- - End Of File - - 8EEE3E485757042AB9D5C46F7A6B949A

Publicité


Signaler le contenu de ce document

Publicité