cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

ComboFix 15-06-09.01 - roland 14/06/2015 15:48:55.1.4 - x64
Microsoft Windows�7 �dition Familiale Premium 6.1.7601.1.1252.33.1036.18.5608.3631 [GMT 2:00]
Lanc� depuis: c:\users\roland\Downloads\ComboFix.exe
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
[i] ADS - Windows: deleted 24 bytes in 1 streams. [/i]
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\programdata\ma-config.com\Logs\activex.txt
c:\programdata\ma-config.com\Logs\mcdetection.txt
c:\programdata\ma-config.com\Logs\mcstubuser.txt
c:\programdata\ma-config.com\mcbase.db
c:\programdata\ma-config.com\server.pem
c:\windows\SysWow64\Packet.dll
c:\windows\SysWow64\wpcap.dll
.
.
((((((((((((((((((((((((((((( Fichiers cr��s du 2015-05-14 au 2015-06-14 ))))))))))))))))))))))))))))))))))))
.
.
2112-03-03 18:37 . 2112-03-03 18:37 96768 ----a-w- c:\windows\system32\fsutil.exe
2112-03-03 18:37 . 2112-03-03 18:37 91648 ----a-w- c:\windows\system32\drivers\USBSTOR.SYS
2112-03-03 18:37 . 2112-03-03 18:37 74240 ----a-w- c:\windows\SysWow64\fsutil.exe
2112-03-03 18:37 . 2112-03-03 18:37 410496 ----a-w- c:\windows\system32\drivers\iaStorV.sys
2112-03-03 18:37 . 2112-03-03 18:37 27008 ----a-w- c:\windows\system32\drivers\amdxata.sys
2112-03-03 18:37 . 2112-03-03 18:37 2565632 ----a-w- c:\windows\system32\esent.dll
2112-03-03 18:37 . 2112-03-03 18:37 1699328 ----a-w- c:\windows\SysWow64\esent.dll
2112-03-03 18:37 . 2112-03-03 18:37 166272 ----a-w- c:\windows\system32\drivers\nvstor.sys
2112-03-03 18:37 . 2112-03-03 18:37 148352 ----a-w- c:\windows\system32\drivers\nvraid.sys
2112-03-03 18:37 . 2112-03-03 18:37 107904 ----a-w- c:\windows\system32\drivers\amdsata.sys
2112-03-03 18:36 . 2112-03-03 18:36 501248 ----a-w- c:\windows\system32\WinSATAPI.dll
2112-03-03 18:36 . 2112-03-03 18:36 335872 ----a-w- c:\windows\SysWow64\WinSATAPI.dll
2112-03-03 18:35 . 2112-03-03 18:35 723456 ----a-w- c:\windows\system32\EncDec.dll
2112-03-03 18:35 . 2112-03-03 18:35 534528 ----a-w- c:\windows\SysWow64\EncDec.dll
2112-03-03 18:31 . 2112-03-03 18:31 75776 ----a-w- c:\windows\SysWow64\psisrndr.ax
2112-03-03 18:31 . 2112-03-03 18:31 613888 ----a-w- c:\windows\system32\psisdecd.dll
2112-03-03 18:31 . 2112-03-03 18:31 465408 ----a-w- c:\windows\SysWow64\psisdecd.dll
2112-03-03 18:31 . 2112-03-03 18:31 108032 ----a-w- c:\windows\system32\psisrndr.ax
2112-03-03 18:30 . 2112-03-03 18:30 331776 ----a-w- c:\windows\system32\oleacc.dll
2112-03-03 18:30 . 2112-03-03 18:30 233472 ----a-w- c:\windows\SysWow64\oleacc.dll
2112-03-03 18:27 . 2112-03-03 18:27 64512 ----a-w- c:\windows\SysWow64\devobj.dll
2112-03-03 18:27 . 2112-03-03 18:27 44544 ----a-w- c:\windows\SysWow64\devrtl.dll
2112-03-03 18:27 . 2112-03-03 18:27 404480 ----a-w- c:\windows\system32\umpnpmgr.dll
2112-03-03 18:27 . 2112-03-03 18:27 252928 ----a-w- c:\windows\SysWow64\drvinst.exe
2112-03-03 18:27 . 2112-03-03 18:27 145920 ----a-w- c:\windows\SysWow64\cfgmgr32.dll
2112-03-03 18:27 . 2112-03-03 18:27 246784 ----a-w- c:\windows\system32\input.dll
2112-03-03 18:27 . 2112-03-03 18:27 202240 ----a-w- c:\windows\SysWow64\input.dll
2112-03-03 18:25 . 2112-03-03 18:25 288768 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2112-03-03 18:25 . 2112-03-03 18:25 158208 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2112-03-03 18:25 . 2112-03-03 18:25 128000 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2112-03-03 18:25 . 2112-03-03 18:25 467456 ----a-w- c:\windows\system32\drivers\srv.sys
2112-03-03 18:25 . 2112-03-03 18:25 410112 ----a-w- c:\windows\system32\drivers\srv2.sys
2112-03-03 18:25 . 2112-03-03 18:25 168448 ----a-w- c:\windows\system32\drivers\srvnet.sys
2112-03-03 18:22 . 2112-03-03 18:22 31744 ----a-w- c:\windows\system32\drivers\usbrpm.sys
2112-03-03 18:21 . 2112-03-03 18:21 2871808 ----a-w- c:\windows\explorer.exe
2112-03-03 18:21 . 2112-03-03 18:21 2616320 ----a-w- c:\windows\SysWow64\explorer.exe
2112-03-03 18:21 . 2112-03-03 18:21 90624 ----a-w- c:\windows\system32\drivers\bowser.sys
2112-03-03 18:20 . 2112-03-03 18:20 357888 ----a-w- c:\windows\system32\dnsapi.dll
2112-03-03 18:20 . 2112-03-03 18:20 30208 ----a-w- c:\windows\system32\dnscacheugc.exe
2112-03-03 18:20 . 2112-03-03 18:20 28672 ----a-w- c:\windows\SysWow64\dnscacheugc.exe
2112-03-03 18:20 . 2112-03-03 18:20 183296 ----a-w- c:\windows\system32\dnsrslvr.dll
2112-03-03 18:19 . 2112-03-03 18:19 31232 ----a-w- c:\windows\SysWow64\prevhost.exe
2112-03-03 18:19 . 2112-03-03 18:19 31232 ----a-w- c:\windows\system32\prevhost.exe
2112-03-03 18:19 . 2112-03-03 18:19 1395712 ----a-w- c:\windows\system32\mfc42.dll
2112-03-03 18:19 . 2112-03-03 18:19 1359872 ----a-w- c:\windows\system32\mfc42u.dll
2112-03-03 18:19 . 2112-03-03 18:19 1164288 ----a-w- c:\windows\SysWow64\mfc42u.dll
2112-03-03 18:19 . 2112-03-03 18:19 1137664 ----a-w- c:\windows\SysWow64\mfc42.dll
2112-03-03 18:19 . 2112-03-03 18:19 20352 ----a-w- c:\windows\system32\kdusb.dll
2112-03-03 18:19 . 2112-03-03 18:19 19328 ----a-w- c:\windows\system32\kd1394.dll
2112-03-03 18:19 . 2112-03-03 18:19 17792 ----a-w- c:\windows\system32\kdcom.dll
2112-03-03 18:18 . 2112-03-03 18:18 296320 ----a-w- c:\windows\system32\drivers\volsnap.sys
2112-03-03 18:16 . 2112-03-03 18:16 267776 ----a-w- c:\windows\system32\FXSCOVER.exe
2112-03-03 18:14 . 2112-03-03 18:14 961024 ----a-w- c:\windows\system32\CPFilters.dll
2112-03-03 18:14 . 2112-03-03 18:14 850944 ----a-w- c:\windows\SysWow64\sbe.dll
2112-03-03 18:14 . 2112-03-03 18:14 642048 ----a-w- c:\windows\SysWow64\CPFilters.dll
2112-03-03 18:14 . 2112-03-03 18:14 259072 ----a-w- c:\windows\system32\mpg2splt.ax
2112-03-03 18:14 . 2112-03-03 18:14 199680 ----a-w- c:\windows\SysWow64\mpg2splt.ax
2112-03-03 18:14 . 2112-03-03 18:14 1118720 ----a-w- c:\windows\system32\sbe.dll
2112-03-03 18:11 . 2112-03-03 18:11 -------- d-----w- c:\windows\fr-FR
2112-03-03 18:11 . 2112-03-03 18:11 -------- d-----w- c:\windows\SysWow64\XPSViewer
2112-03-03 18:11 . 2112-03-03 18:11 -------- d-----w- c:\windows\SysWow64\fr
2112-03-03 18:11 . 2112-03-03 18:11 -------- d-----w- c:\windows\SysWow64\drivers\UMDF\fr-FR
2112-03-03 18:11 . 2112-03-03 18:11 -------- d-----w- c:\windows\SysWow64\drivers\fr-FR
2112-03-03 18:11 . 2112-03-03 18:11 -------- d-----w- c:\windows\SysWow64\040C
2112-03-03 18:11 . 2013-11-28 20:26 -------- d-----w- c:\windows\SysWow64\wbem\fr-FR
2112-03-03 18:11 . 2112-03-03 18:11 -------- d-----w- c:\windows\system32\040C
2112-03-03 18:11 . 2112-03-03 18:11 -------- d-----w- c:\windows\system32\fr
2112-03-03 18:11 . 2112-03-03 18:11 -------- d-----w- c:\windows\system32\drivers\UMDF\fr-FR
2112-03-03 18:11 . 2014-09-13 07:51 -------- d-----w- c:\windows\system32\drivers\fr-FR
2112-03-03 18:11 . 2013-11-28 20:26 -------- d-----w- c:\windows\system32\wbem\fr-FR
2112-03-03 18:10 . 2112-03-03 18:10 3584 ----a-w- c:\windows\system32\Spool\prtprocs\x64\fr-FR\LXKPTPRC.DLL.mui
2015-06-14 14:03 . 2015-06-14 14:03 -------- d-----w- c:\users\FMDK7412\AppData\Local\temp
2015-06-14 14:03 . 2015-06-14 14:03 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-06-14 14:03 . 2015-06-14 14:03 -------- d-----w- c:\users\CLMENC~1\AppData\Local\temp
2015-06-13 08:09 . 2015-06-13 08:09 -------- d-----w- c:\users\roland\AppData\Roaming\AVG
2015-06-13 08:08 . 2015-06-13 08:08 -------- d-----w- c:\program files (x86)\AVG
2015-06-13 08:08 . 2015-06-13 08:08 -------- d-----w- c:\users\roland\AppData\Local\Avg
2015-06-13 08:07 . 2015-06-13 08:09 -------- d-----w- c:\programdata\AVG
2015-06-13 07:36 . 2015-06-13 07:36 -------- d-----w- c:\users\roland\AppData\Roaming\TuneUp Software
2015-06-13 07:36 . 2015-06-13 07:36 -------- d-----w- c:\users\roland\AppData\Local\TuneUp Software
2015-06-13 07:35 . 2015-06-13 07:37 -------- d-----w- c:\programdata\TuneUp Software
2015-06-11 21:54 . 2015-06-11 21:54 -------- d-----w- c:\program files (x86)\GUM5052.tmp
2015-06-11 21:54 . 2015-06-11 21:54 -------- d-----w- c:\program files (x86)\GUM8A74.tmp
2015-06-11 21:08 . 2015-05-25 18:01 635392 ----a-w- c:\windows\SysWow64\tdh.dll
2015-06-11 21:07 . 2015-05-25 18:21 1728960 ----a-w- c:\windows\system32\ntdll.dll
2015-06-11 20:38 . 2015-05-22 18:18 700416 ----a-w- c:\windows\system32\generaltel.dll
2015-06-11 20:38 . 2015-05-22 18:18 757248 ----a-w- c:\windows\system32\invagent.dll
2015-06-11 20:38 . 2015-05-22 18:18 1021440 ----a-w- c:\windows\system32\appraiser.dll
2015-06-11 20:38 . 2015-05-22 18:13 1119232 ----a-w- c:\windows\system32\aeinv.dll
2015-06-11 20:38 . 2015-05-21 13:19 193536 ----a-w- c:\windows\system32\aepic.dll
2015-06-11 20:38 . 2015-05-22 18:18 423424 ----a-w- c:\windows\system32\devinv.dll
2015-06-11 20:38 . 2015-05-22 18:18 45568 ----a-w- c:\windows\system32\acmigration.dll
2015-06-11 20:38 . 2015-05-22 18:18 227328 ----a-w- c:\windows\system32\aepdu.dll
2015-06-11 20:32 . 2015-04-11 03:19 69888 ----a-w- c:\windows\system32\drivers\stream.sys
2015-06-11 20:30 . 2015-06-01 18:07 815312 ----a-w- c:\program files (x86)\Internet Explorer\iexplore.exe
2015-06-11 20:21 . 2015-05-24 16:43 364472 ----a-w- c:\windows\system32\aswBoot.exe
2015-06-09 19:33 . 2015-06-12 05:04 -------- d-----w- c:\program files (x86)\Unchecky
2015-06-09 19:33 . 2015-06-09 19:33 -------- d-----w- c:\programdata\Unchecky
2015-06-09 19:01 . 2015-06-10 20:02 -------- d-----w- C:\FRST
2015-06-06 06:44 . 2015-06-06 06:44 -------- d-----w- c:\program files (x86)\GUM4AF4.tmp
2015-06-05 13:44 . 2015-06-05 13:44 -------- d-----w- c:\users\roland\AppData\Local\CrashRpt
2015-06-02 22:33 . 2015-06-03 19:07 512 ----a-w- C:\PhysicalDisk0_MBR.bin
2015-06-02 22:24 . 2015-06-05 07:12 -------- d-----w- c:\program files (x86)\ZHPDiag
2015-06-01 19:19 . 2015-06-01 19:19 -------- d-----w- c:\users\roland\AppData\Local\GWX
2015-05-24 17:39 . 2015-05-24 17:39 -------- d-----w- c:\program files (x86)\iTunes
2015-05-24 17:39 . 2015-05-24 17:39 -------- d-----w- c:\program files\iPod
2015-05-24 17:39 . 2015-05-24 17:41 -------- d-----w- c:\programdata\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-05-24 17:39 . 2015-05-24 17:41 -------- d-----w- c:\program files\iTunes
2015-05-24 17:18 . 2015-05-24 17:18 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin5.dll
2015-05-24 17:18 . 2015-05-24 17:18 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin4.dll
2015-05-24 17:18 . 2015-05-24 17:18 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin3.dll
2015-05-24 17:18 . 2015-05-24 17:18 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin2.dll
2015-05-24 17:18 . 2015-05-24 17:18 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin.dll
2015-05-24 17:17 . 2015-05-24 17:18 -------- d-----w- c:\program files (x86)\QuickTime
2015-05-24 16:53 . 2015-05-24 16:53 -------- d-----w- c:\users\roland\AppData\Roaming\AVAST Software
2015-05-24 16:43 . 2015-05-24 16:43 137288 ----a-w- c:\windows\system32\drivers\aswStm.sys
2015-05-24 16:43 . 2015-05-24 16:43 272248 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2015-05-24 16:43 . 2015-05-24 16:43 442264 ----a-w- c:\windows\system32\drivers\aswSP.sys
2015-05-24 16:43 . 2015-05-24 16:43 89944 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2015-05-24 16:43 . 2015-05-24 16:43 65736 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2015-05-24 16:43 . 2015-05-24 16:43 29168 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2015-05-24 16:43 . 2015-05-24 16:43 93528 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2015-05-24 16:43 . 2015-05-24 16:43 1047320 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2015-05-24 16:43 . 2015-05-24 16:43 43112 ----a-w- c:\windows\avastSS.scr
2015-05-24 16:42 . 2015-05-24 16:42 -------- d-----w- c:\program files\AVAST Software
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2112-03-03 18:10 . 2112-03-03 18:10 2560 ----a-w- c:\windows\SysWow64\drivers\fr-FR\qwavedrv.sys.mui
2112-03-03 18:10 . 2112-03-03 18:10 29696 ----a-w- c:\windows\SysWow64\drivers\fr-FR\bfe.dll.mui
2112-03-03 18:10 . 2112-03-03 18:10 15872 ----a-w- c:\windows\SysWow64\drivers\fr-FR\pacer.sys.mui
2112-03-03 18:10 . 2112-03-03 18:10 6144 ----a-w- c:\windows\SysWow64\drivers\fr-FR\ndiscap.sys.mui
2112-03-03 18:10 . 2112-03-03 18:10 2560 ----a-w- c:\windows\SysWow64\drivers\fr-FR\scfilter.sys.mui
2112-03-03 18:10 . 2112-03-03 18:10 49152 ----a-w- c:\windows\SysWow64\drivers\fr-FR\tcpip.sys.mui
2015-06-13 08:41 . 2015-01-19 21:41 65536 ----a-w- c:\windows\system32\spu_storage.bin
2015-06-11 21:27 . 2010-12-31 23:15 778416 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-06-11 21:27 . 2010-12-31 23:15 142512 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-06-11 20:27 . 2012-10-02 10:35 140135120 ----a-w- c:\windows\system32\MRT.exe
2015-06-04 22:28 . 2014-12-24 17:13 136408 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-05-25 18:01 . 2015-06-11 21:08 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2015-05-01 13:17 . 2015-05-13 20:13 124112 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-01 13:16 . 2015-05-13 20:13 102608 ----a-w- c:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2015-04-20 03:17 . 2015-05-13 20:45 1647104 ----a-w- c:\windows\system32\DWrite.dll
2015-04-20 03:17 . 2015-05-13 20:45 1179136 ----a-w- c:\windows\system32\FntCache.dll
2015-04-20 02:56 . 2015-05-13 20:45 1250816 ----a-w- c:\windows\SysWow64\DWrite.dll
2015-04-18 03:10 . 2015-05-13 20:44 460800 ----a-w- c:\windows\system32\certcli.dll
2015-04-18 02:56 . 2015-05-13 20:44 342016 ----a-w- c:\windows\SysWow64\certcli.dll
2015-04-17 14:15 . 2014-10-03 13:01 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2015-04-14 07:37 . 2014-12-24 17:12 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2015-04-14 07:37 . 2014-12-24 17:12 107736 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-04-14 07:37 . 2014-12-24 17:12 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2015-04-13 03:28 . 2015-05-13 20:39 328704 ----a-w- c:\windows\system32\services.exe
2015-04-08 03:29 . 2015-05-13 20:37 275456 ----a-w- c:\windows\system32\InkEd.dll
2015-04-08 03:14 . 2015-05-13 20:37 216064 ----a-w- c:\windows\SysWow64\InkEd.dll
2015-03-25 03:24 . 2015-04-16 18:33 98304 ----a-w- c:\windows\system32\wudriver.dll
2015-03-25 03:24 . 2015-04-16 18:33 37376 ----a-w- c:\windows\system32\wups2.dll
2015-03-25 03:24 . 2015-04-16 18:33 35328 ----a-w- c:\windows\system32\wups.dll
2015-03-25 03:24 . 2015-04-16 18:33 3298816 ----a-w- c:\windows\system32\wucltux.dll
2015-03-25 03:24 . 2015-04-16 18:33 191488 ----a-w- c:\windows\system32\wuwebv.dll
2015-03-25 03:24 . 2015-04-16 18:33 2553856 ----a-w- c:\windows\system32\wuaueng.dll
2015-03-25 03:24 . 2015-04-16 18:33 696320 ----a-w- c:\windows\system32\wuapi.dll
2015-03-25 03:24 . 2015-04-16 18:33 60416 ----a-w- c:\windows\system32\WinSetupUI.dll
2015-03-25 03:23 . 2015-04-16 18:33 12288 ----a-w- c:\windows\system32\wu.upgrade.ps.dll
2015-03-25 03:23 . 2015-04-16 18:33 36864 ----a-w- c:\windows\system32\wuapp.exe
2015-03-25 03:23 . 2015-04-16 18:33 135168 ----a-w- c:\windows\system32\wuauclt.exe
2015-03-25 03:00 . 2015-04-16 18:33 92672 ----a-w- c:\windows\SysWow64\wudriver.dll
2015-03-25 03:00 . 2015-04-16 18:33 566784 ----a-w- c:\windows\SysWow64\wuapi.dll
2015-03-25 03:00 . 2015-04-16 18:33 29696 ----a-w- c:\windows\SysWow64\wups.dll
2015-03-25 03:00 . 2015-04-16 18:33 173056 ----a-w- c:\windows\SysWow64\wuwebv.dll
2015-03-25 03:00 . 2015-04-16 18:33 33792 ----a-w- c:\windows\SysWow64\wuapp.exe
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les �l�ments vides & les �l�ments initiaux l�gitimes ne sont pas list�s
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2015-05-08 8322328]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2015-05-24 5515496]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"HideFastUserSwitching"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"EnableShellExecuteHooks"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 DirectNT;DirectNT; [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
R2 Orange update Core Service;Orange update Core Service;c:\program files (x86)\Orange\OrangeUpdate\Service\OUCore.exe;c:\program files (x86)\Orange\OrangeUpdate\Service\OUCore.exe [x]
R3 amdiox64;AMD IO Driver;c:\windows\system32\drivers\amdiox64.sys;c:\windows\SYSNATIVE\drivers\amdiox64.sys [x]
R3 CH341SER_A64;CH341SER_A64;c:\windows\system32\Drivers\CH341S64.SYS;c:\windows\SYSNATIVE\Drivers\CH341S64.SYS [x]
R3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x]
R3 DraftSight API Service;DraftSight API Service;c:\program files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe;c:\program files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe [x]
R3 EsgScanner;EsgScanner;c:\windows\system32\DRIVERS\EsgScanner.sys;c:\windows\SYSNATIVE\DRIVERS\EsgScanner.sys [x]
R3 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance;c:\awroot\bin\lib\firebird\bin\fbguard.exe;c:\awroot\bin\lib\firebird\bin\fbguard.exe [x]
R3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance;c:\awroot\bin\lib\firebird\bin\fbserver.exe;c:\awroot\bin\lib\firebird\bin\fbserver.exe [x]
R3 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [x]
R3 hpsrv;HP Service;c:\windows\system32\Hpservice.exe;c:\windows\SYSNATIVE\Hpservice.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 libusb0;libusb-win32 - Kernel Driver 07/24/2011 1.2.5.0;c:\windows\system32\DRIVERS\libusb0.sys;c:\windows\SYSNATIVE\DRIVERS\libusb0.sys [x]
R3 ma-config_amd64;ma-config_amd64;c:\program files\ma-config.com\Drivers\ma-config_amd64.sys;c:\program files\ma-config.com\Drivers\ma-config_amd64.sys [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RT-USB;Ross-Tech USB driver;c:\windows\system32\drivers\RT-USB64.SYS;c:\windows\SYSNATIVE\drivers\RT-USB64.SYS [x]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTAZL6.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTDPV6.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTCNXT6.SYS [x]
R3 TomTomHOMEService;TomTomHOMEService;c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe;c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WSDScan;Prise en charge de la num�risation WSD via UMB;c:\windows\system32\DRIVERS\WSDScan.sys;c:\windows\SYSNATIVE\DRIVERS\WSDScan.sys [x]
S0 amd_sata;amd_sata;c:\windows\system32\drivers\amd_sata.sys;c:\windows\SYSNATIVE\drivers\amd_sata.sys [x]
S0 amd_xata;amd_xata;c:\windows\system32\drivers\amd_xata.sys;c:\windows\SYSNATIVE\drivers\amd_xata.sys [x]
S0 amdkmpfd;AMD PCI Root Bus Lower Filter;c:\windows\system32\drivers\amdkmpfd.sys;c:\windows\SYSNATIVE\drivers\amdkmpfd.sys [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\AMD\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 AODDriver4.3;AODDriver4.3;c:\program files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
S2 Apple Mobile Device Service;Apple Mobile Device Service;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
S2 Dedicarz Service;Dedicarz Service;c:\program files (x86)\Orange\ma Livebox\dedicarz\DedicarzService.exe;c:\program files (x86)\Orange\ma Livebox\dedicarz\DedicarzService.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 ezSharedSvc;Easybits Services for Windows;c:\windows\System32\ezSharedSvcHost.exe;c:\windows\SYSNATIVE\ezSharedSvcHost.exe [x]
S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]
S2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service;c:\program files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe;c:\program files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [x]
S2 HPWMISVC;HPWMISVC;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [x]
S2 inpoutx64;inpoutx64;c:\windows\system32\Drivers\inpoutx64.sys;c:\windows\SYSNATIVE\Drivers\inpoutx64.sys [x]
S2 MaConfigAgent;Ma-Config Agent;c:\program files\ma-config.com\MaConfigAgent.exe;c:\program files\ma-config.com\MaConfigAgent.exe [x]
S3 amdhub30;AMD USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\amdhub30.sys;c:\windows\SYSNATIVE\DRIVERS\amdhub30.sys [x]
S3 amdxhc;AMD USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\amdxhc.sys;c:\windows\SYSNATIVE\DRIVERS\amdxhc.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 RSP2STOR;Realtek PCIE CardReader Driver - P2;c:\windows\system32\DRIVERS\RtsP2Stor.sys;c:\windows\SYSNATIVE\DRIVERS\RtsP2Stor.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-01-11 08:14 1087816 ----a-w- c:\program files (x86)\Google\Chrome\Application\39.0.2171.95\Installer\chrmstp.exe
.
Contenu du dossier 'T�ches planifi�es'
.
2015-06-11 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2010-12-31 21:27]
.
2015-06-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2015-01-11 08:11]
.
2015-06-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2015-01-11 08:11]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2015-05-24 16:43 722400 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
------- Examen suppl�mentaire -------
.
uStart Page = hxxp://www.orange.fr/
uLocal Page = c:\windows\system32\blank.htm
mDefault_Search_URL = hxxp://www.google.com
mDefault_Page_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://www.google.com
TCP: DhcpNameServer = 192.168.1.1 192.168.1.1
.
- - - - ORPHELINS SUPPRIMES - - - -
.
Toolbar-10 - (no file)
HKLM_Wow6432Node-ActiveSetup-{F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1} - msiexec
Toolbar-10 - (no file)
AddRemove-Cone Layout - g:\cone layout\Uninstall.exe
AddRemove-SLABCOMM&10C4&EA60 - c:\program files (x86)\Silabs\MCU\CP210x\DriverUninstaller.exe VCP CP210x Cardinal\SLABCOMM&10C4&EA60
AddRemove-EOBD-Facile - c:\automobile\Eobd\Uninstal.exe
.
.
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_18_0_0_160_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_18_0_0_160_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_18_0_0_160_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_18_0_0_160_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_160.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.18"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_160.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_160.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_160.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Heure de fin: 2015-06-14 16:09:00
ComboFix-quarantined-files.txt 2015-06-14 14:08
.
Avant-CF: 594�918�248�448 octets libres
Apr�s-CF: 596�778�008�576 octets libres
.
- - End Of File - - 0A091B62D9026A8D6B57BC9223154BF0
A36C5E4F47E84449FF07ED3517B43A31

Publicité


Signaler le contenu de ce document

Publicité