cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

ComboFix 15-06-30.01 - hp 04/07/2015 16:21:19.2.1 - x86
Microsoft Windows 7 Édition Intégrale 6.1.7600.0.1252.33.1036.18.1015.478 [GMT 0:00]
Lancé depuis: c:\users\hp\Downloads\ComboFix.exe
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Un nouveau point de restauration a été créé
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\hp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\start.lnk
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2015-06-04 au 2015-07-04 ))))))))))))))))))))))))))))))))))))
.
.
2015-07-04 16:29 . 2015-07-04 16:29 -------- d-----w- c:\users\hp\AppData\Local\temp
2015-07-04 16:29 . 2015-07-04 16:29 -------- d-----w- c:\users\Public\AppData\Local\temp
2015-07-04 16:29 . 2015-07-04 16:29 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-07-03 15:15 . 2015-07-03 15:16 -------- d-----w- c:\program files\CCleaner
2015-07-03 14:52 . 2015-07-03 14:55 -------- d-----w- C:\AdwCleaner
2015-06-27 22:50 . 2015-06-27 22:50 -------- d-----w- C:\Removable Data Recovery
2015-06-27 16:47 . 2015-06-27 23:13 -------- d-----w- c:\program files\Recuva
2015-06-27 16:03 . 2015-06-30 15:26 -------- d-----w- c:\program files\PowerDataRecovery6.8
2015-06-27 16:03 . 2015-06-27 16:03 -------- d-----w- c:\users\hp\AppData\Local\Programs
2015-06-27 15:03 . 2015-02-25 22:07 970912 ----a-w- c:\program files\Mozilla Firefox\msvcr120.dll
2015-06-26 22:11 . 2011-03-04 10:12 106112 ----a-w- c:\windows\system32\drivers\jrdusbser.sys
2015-06-26 22:11 . 2015-06-26 22:11 -------- d-----w- c:\program files\My Connection
2015-06-26 14:24 . 2015-06-26 14:24 -------- d-----w- c:\users\hp\AppData\Local\Diagnostics
2015-06-26 14:02 . 2013-02-17 03:14 207360 ----a-w- c:\windows\system32\drivers\ew_juwwanecm.sys
2015-06-26 14:02 . 2013-02-17 03:14 70272 ----a-w- c:\windows\system32\drivers\ew_jucdcecm.sys
2015-06-26 14:02 . 2013-01-25 03:33 97408 ----a-w- c:\windows\system32\drivers\ew_jucdcacm.sys
2015-06-26 14:02 . 2013-01-23 03:31 77696 ----a-w- c:\windows\system32\drivers\ew_jubusenum.sys
2015-06-26 14:02 . 2013-01-23 03:31 27776 ----a-w- c:\windows\system32\drivers\ew_juextctrl.sys
2015-06-26 14:02 . 2010-10-08 08:55 25856 ----a-w- c:\windows\system32\drivers\ewdcsc.sys
2015-06-26 14:02 . 2010-09-26 10:09 19200 ----a-w- c:\windows\system32\drivers\ew_hwupgrade.sys
2015-06-26 14:02 . 2010-08-05 23:42 861696 ----a-w- c:\windows\system32\drivers\mod7700.sys
2015-06-26 14:02 . 2013-01-25 01:16 95232 ----a-w- c:\windows\system32\drivers\ew_hwusbdev.sys
2015-06-26 14:02 . 2013-01-23 07:01 379904 ----a-w- c:\windows\system32\drivers\ewusbwwan.sys
2015-06-26 14:02 . 2013-01-23 06:56 199296 ----a-w- c:\windows\system32\drivers\ewusbmdm.sys
2015-06-26 14:02 . 2012-12-22 01:46 11904 ----a-w- c:\windows\system32\drivers\ew_usbenumfilter.sys
2015-06-26 14:01 . 2015-06-26 14:12 -------- d-----w- c:\program files\Internet Mobile
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-06-27 15:17 . 2014-10-23 20:47 778416 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2015-06-27 15:17 . 2014-10-23 20:47 142512 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-05-10 12:10 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner.exe" [2015-06-01 6405912]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 40048]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2014-10-23 202256]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-05-10 3459712]
"IAM Wave ModemListener"="c:\program files\My Connection\BackgroundService\ModemListener.exe" [2010-12-07 102400]
"bintin"="c:\windows\system32\wscript.exe" [2009-07-14 141824]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
R2 HWDeviceService.exe;HWDeviceService.exe;c:\programdata\DatacardService\HWDeviceService.exe [2011-03-14 271712]
R2 IAM Wave Modem Device Helper;IAM Wave Modem Device Helper;c:\program files\My Connection\BackgroundService\ServiceManager.exe [2011-05-23 49752]
R2 Internet Mobile. RunOuc;Internet Mobile. OUC;c:\program files\Internet Mobile\UpdateDog\ouc.exe [2012-11-12 657504]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2014-12-11 315496]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys [2013-01-25 95232]
R3 ewusbmbb;HUAWEI USB-WWAN miniport;c:\windows\system32\DRIVERS\ewusbwwan.sys [2013-01-23 379904]
R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys [2013-01-23 77696]
R3 jrdusbser;Modem Interface Device for Legacy Serial Communication;c:\windows\system32\DRIVERS\jrdusbser.sys [2011-03-04 106112]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-05-10 53592]
S2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2015-05-01 1394816]
S2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2015-05-01 1772672]
S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
.
.
Contenu du dossier 'Tâches planifiées'
.
2015-07-04 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-10-23 15:17]
.
2015-06-30 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1846552703-401768199-2491756976-1000Core.job
- c:\users\hp\AppData\Local\Google\Update\GoogleUpdate.exe [2015-02-17 20:14]
.
2015-07-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1846552703-401768199-2491756976-1000UA.job
- c:\users\hp\AppData\Local\Google\Update\GoogleUpdate.exe [2015-02-17 20:14]
.
.
------- Examen supplémentaire -------
.
uStart Page = www.wana.ma
mStart Page = hxxp://www.google.com
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: Interfaces\{E4D6ACCB-9360-4B57-9065-0DDA45909D60}: NameServer = 212.217.0.12 212.217.1.12
FF - ProfilePath - c:\users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\tzt3cw1u.default\
.
- - - - ORPHELINS SUPPRIMES - - - -
.
c:\users\hp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\03ffsh.lnk - c:\programdata\{89a5b112-413e-f01b-89a5-5b112413c449}\03ffsh.exe --startup=1
.
.
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_17_0_0_190_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_17_0_0_190_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Heure de fin: 2015-07-04 16:31:29
ComboFix-quarantined-files.txt 2015-07-04 16:31
ComboFix2.txt 2015-05-27 01:19
.
Avant-CF: 5 462 622 208 octets libres
Après-CF: 5 418 913 792 octets libres
.
- - End Of File - - 58B6B45A4B89F2622AC81E8D7DE21C6E
A36C5E4F47E84449FF07ED3517B43A31

Publicité


Signaler le contenu de ce document

Publicité