cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

ComboFix 15-07-07.01 - Cameron 07/07/2015 19:59:18.2.6 - x64
Microsoft Windows 7 Édition Familiale Premium 6.1.7601.1.1252.33.1036.18.8142.6143 [GMT 2:00]
Lancé depuis: c:\users\Cameron\Desktop\ComboFix.exe
Commutateurs utilisés :: c:\users\Cameron\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
/wow section - STAGE 48
Le processus ne peut pas accéder au fichier car ce fichier est utilisé par un autre processus.
Le processus ne peut pas accéder au fichier car ce fichier est utilisé par un autre processus.
Le processus ne peut pas accéder au fichier car ce fichier est utilisé par un autre processus.
Le processus ne peut pas accéder au fichier car ce fichier est utilisé par un autre processus.
Le processus ne peut pas accéder au fichier car ce fichier est utilisé par un autre processus.
Le système ne peut trouver le fichier LockedB.
Le système ne peut trouver le fichier lockedB.
Le système ne peut trouver le fichier LockedB.
grep: temp2401: No such file or directory
Le système ne peut trouver le fichier LockedB.
Le processus ne peut pas accéder au fichier car ce fichier est utilisé par un autre processus.
Le processus ne peut pas accéder au fichier car ce fichier est utilisé par un autre processus.
Le processus ne peut pas accéder au fichier car ce fichier est utilisé par un autre processus.
.
/wow section - STAGE 50
Le processus ne peut pas accéder au fichier car ce fichier est utilisé par un autre processus.
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2015-06-07 au 2015-07-07 ))))))))))))))))))))))))))))))))))))
.
.
2015-07-07 18:09 . 2015-07-07 18:09 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-07-07 17:50 . 2011-12-07 17:42 328712 ----a-w- c:\windows\system32\MijFrc.dll
2015-07-07 17:50 . 2015-07-07 17:50 -------- d-----w- c:\program files\MotioninJoy
2015-07-07 14:10 . 2015-06-12 07:50 12221144 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{3E10331D-D3A0-4F7E-8209-83FAC22F530A}\mpengine.dll
2015-07-06 16:56 . 2015-07-06 16:56 -------- d-----w- c:\program files (x86)\ZHPFix
2015-07-03 22:08 . 2015-07-03 22:57 -------- d-----w- c:\program files (x86)\Batman Arkham City GOTY
2015-07-02 12:22 . 2015-07-02 12:22 -------- d-----w- c:\users\Cameron\AppData\Roaming\OpenOffice.org
2015-07-02 12:20 . 2015-07-02 12:20 -------- d-----w- c:\users\Cameron\AppData\Local\Icecream
2015-07-02 12:20 . 2015-07-02 12:20 -------- d-----w- c:\users\Cameron\.Icecream PDF Converter
2015-07-02 12:19 . 2015-07-02 12:20 -------- d-----w- c:\program files (x86)\Icecream PDF Converter
2015-07-02 11:33 . 2015-07-02 11:43 -------- d-----w- c:\users\Cameron\AppData\Roaming\PDF Architect 3
2015-07-02 11:29 . 2015-07-02 11:29 -------- d-----w- c:\programdata\PDF Architect 3
2015-06-29 11:37 . 2015-07-04 18:51 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
2015-06-29 11:21 . 2015-06-29 11:21 -------- d-----w- c:\program files\7-Zip
2015-06-29 11:11 . 2015-06-29 11:11 -------- d-----w- c:\users\Cameron\AppData\Roaming\AVAST Software
2015-06-29 11:11 . 2015-06-29 11:11 -------- d-----w- c:\windows\SysWow64\vbox
2015-06-29 11:11 . 2015-06-29 11:11 -------- d-----w- c:\windows\system32\vbox
2015-06-29 11:10 . 2015-06-29 11:10 -------- d-----w- c:\program files\avast software
2015-06-29 11:10 . 2015-06-29 11:10 272248 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2015-06-29 11:10 . 2015-06-29 11:10 137288 ----a-w- c:\windows\system32\drivers\aswStm.sys
2015-06-29 11:10 . 2015-06-29 11:10 442264 ----a-w- c:\windows\system32\drivers\aswsp.sys
2015-06-29 11:10 . 2015-06-29 11:10 65736 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2015-06-29 11:10 . 2015-06-29 11:10 89944 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2015-06-29 11:10 . 2015-06-29 11:10 29168 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2015-06-29 11:10 . 2015-06-29 11:10 93528 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2015-06-29 11:10 . 2015-06-29 11:10 1047320 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2015-06-29 11:10 . 2015-06-29 11:10 364472 ----a-w- c:\windows\system32\aswBoot.exe
2015-06-29 11:10 . 2015-06-29 11:10 43112 ----a-w- c:\windows\avastSS.scr
2015-06-29 11:09 . 2015-06-29 11:09 -------- d-----w- c:\program files (x86)\AVAST Software
2015-06-29 10:57 . 2015-06-29 10:57 -------- d-----w- c:\users\Cameron\AppData\Local\Apple
2015-06-28 22:53 . 2015-06-29 10:53 -------- d-----w- c:\program files\OBS
2015-06-28 02:39 . 2015-06-28 02:52 -------- d-----w- c:\users\Cameron\AppData\Roaming\RadeonPro
2015-06-28 01:41 . 2015-06-28 01:41 -------- d-----w- c:\program files (x86)\NVIDIA Corporation
2015-06-26 00:04 . 2015-06-26 00:04 -------- d-----w- C:\MicrosoftIndexer
2015-06-24 20:52 . 2010-02-02 08:57 2902498 ------w- c:\windows\SysWow64\Sens_oal.dll
2015-06-24 19:54 . 2015-06-24 19:54 -------- d-----w- c:\program files (x86)\Common Files\Adobe AIR
2015-06-24 17:42 . 2015-06-24 17:42 -------- d-----w- c:\program files\Realtek
2015-06-24 17:39 . 2015-05-05 16:02 1739992 ----a-w- c:\windows\system32\RCoInstII64.dll
2015-06-24 17:38 . 2015-03-08 10:22 3182104 ----a-w- c:\windows\system32\FMAPO64.dll
2015-06-21 03:01 . 2015-06-21 03:01 4103168 ----a-w- c:\windows\system32\drivers\athrx.sys
2015-06-21 02:59 . 2015-06-21 02:59 11944 ----a-w- c:\windows\system32\drivers\amdide64.sys
2015-06-21 02:45 . 2015-06-21 02:45 977624 ----a-w- c:\windows\system32\drivers\Rt64win7.sys
2015-06-21 02:45 . 2015-06-21 02:45 73800 ----a-w- c:\windows\system32\RtNicProp64.dll
2015-06-21 02:42 . 2015-06-21 02:42 -------- d-----w- c:\programdata\ProductData
2015-06-21 02:42 . 2015-06-21 02:42 26528 ----a-w- c:\windows\SysWow64\drivers\HWiNFO64A.SYS
2015-06-21 02:42 . 2015-06-21 02:42 -------- d-----w- c:\users\Cameron\AppData\Roaming\IObit
2015-06-20 22:53 . 2010-02-02 08:59 1940992 ------w- c:\windows\system32\Sens_oal.dll
2015-06-20 22:52 . 2015-06-20 22:52 -------- d-----w- c:\program files (x86)\Common Files\Creative Labs Shared
2015-06-20 03:39 . 2015-03-27 20:33 178225576 ----a-w- c:\windows\avira_antivirus_pro_en.exe
2015-06-16 00:32 . 2015-06-29 11:05 -------- d-----w- c:\programdata\Avira
2015-06-15 23:32 . 2015-06-15 23:32 7168 ----a-w- c:\windows\SysWow64\drivers\ute3otkw.sys
2015-06-15 21:32 . 2015-06-15 21:32 -------- d-----w- c:\program files (x86)\Common Files\Java
2015-06-15 21:32 . 2015-06-15 21:32 97888 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2015-06-15 21:31 . 2015-06-15 21:31 -------- d-----w- c:\program files (x86)\Java
2015-06-15 21:28 . 2015-06-15 21:32 -------- d-----w- c:\programdata\Oracle
2015-06-10 08:51 . 2015-06-27 14:51 -------- d-----w- c:\users\Cameron\AppData\Local\Jigoku_Kisetsukan
2015-06-10 08:44 . 2015-06-10 08:44 -------- d-----w- c:\users\Cameron\AppData\Roaming\HeroesAndGeneralsDesktop
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-07-07 18:10 . 2014-08-19 14:28 113880 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-06-25 20:12 . 2013-10-22 23:10 778416 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-06-25 20:12 . 2013-10-22 23:10 142512 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-06-24 20:53 . 2013-10-23 21:24 466520 ----a-w- c:\windows\system32\wrap_oal.dll
2015-06-24 20:53 . 2013-10-23 21:24 123480 ----a-w- c:\windows\system32\OpenAL32.dll
2015-06-24 20:53 . 2013-10-23 21:24 445016 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2015-06-24 20:53 . 2013-10-23 21:24 109144 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2015-06-23 11:30 . 2013-10-22 22:55 300704 ------w- c:\windows\system32\MpSigStub.exe
2015-06-21 02:45 . 2011-06-10 04:34 107552 ----a-w- c:\windows\system32\RTNUninst64.dll
2015-06-18 06:41 . 2014-08-19 14:27 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2015-06-18 06:41 . 2014-08-19 14:27 109272 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-06-18 06:41 . 2014-08-19 14:27 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2015-06-10 11:41 . 2013-10-23 02:06 140135120 ----a-w- c:\windows\system32\MRT.exe
2015-05-25 18:24 . 2015-06-03 19:11 5569984 ----a-w- c:\windows\system32\ntoskrnl.exe
2015-05-25 18:23 . 2015-06-03 19:11 155584 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2015-05-25 18:23 . 2015-06-03 19:10 95680 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2015-05-25 18:21 . 2015-06-03 19:11 1728960 ----a-w- c:\windows\system32\ntdll.dll
2015-05-25 18:19 . 2015-06-03 19:11 243712 ----a-w- c:\windows\system32\wow64.dll
2015-05-25 18:19 . 2015-06-03 19:10 362496 ----a-w- c:\windows\system32\wow64win.dll
2015-05-25 18:19 . 2015-06-03 19:10 13312 ----a-w- c:\windows\system32\wow64cpu.dll
2015-05-25 18:19 . 2015-06-03 19:11 215040 ----a-w- c:\windows\system32\winsrv.dll
2015-05-25 18:19 . 2015-06-03 19:11 1255424 ----a-w- c:\windows\system32\diagtrack.dll
2015-05-25 18:19 . 2015-06-03 19:10 210944 ----a-w- c:\windows\system32\wdigest.dll
2015-05-25 18:19 . 2015-06-03 19:10 879104 ----a-w- c:\windows\system32\tdh.dll
2015-05-25 18:19 . 2015-06-03 19:10 86528 ----a-w- c:\windows\system32\TSpkg.dll
2015-05-25 18:19 . 2015-06-03 19:10 136192 ----a-w- c:\windows\system32\sspicli.dll
2015-05-25 18:19 . 2015-06-03 19:10 29184 ----a-w- c:\windows\system32\sspisrv.dll
2015-05-25 18:19 . 2015-06-03 19:11 503808 ----a-w- c:\windows\system32\srcore.dll
2015-05-25 18:19 . 2015-06-03 19:10 113664 ----a-w- c:\windows\system32\sechost.dll
2015-05-25 18:19 . 2015-06-03 19:10 50176 ----a-w- c:\windows\system32\srclient.dll
2015-05-25 18:19 . 2015-06-03 19:10 28160 ----a-w- c:\windows\system32\secur32.dll
2015-05-25 18:19 . 2015-06-03 19:11 342016 ----a-w- c:\windows\system32\schannel.dll
2015-05-25 18:19 . 2015-06-03 19:10 314880 ----a-w- c:\windows\system32\msv1_0.dll
2015-05-25 18:19 . 2015-06-03 19:10 309760 ----a-w- c:\windows\system32\ncrypt.dll
2015-05-25 18:19 . 2015-06-03 19:10 16384 ----a-w- c:\windows\system32\ntvdm64.dll
2015-05-25 18:19 . 2015-06-03 19:11 728576 ----a-w- c:\windows\system32\kerberos.dll
2015-05-25 18:19 . 2015-06-03 19:11 424960 ----a-w- c:\windows\system32\KernelBase.dll
2015-05-25 18:19 . 2015-06-03 19:11 1162752 ----a-w- c:\windows\system32\kernel32.dll
2015-05-25 18:19 . 2015-06-03 19:11 1461760 ----a-w- c:\windows\system32\lsasrv.dll
2015-05-25 18:18 . 2015-06-03 19:10 43520 ----a-w- c:\windows\system32\csrsrv.dll
2015-05-25 18:18 . 2015-06-03 19:10 22016 ----a-w- c:\windows\system32\credssp.dll
2015-05-25 18:18 . 2015-06-03 19:11 879104 ----a-w- c:\windows\system32\advapi32.dll
2015-05-25 18:18 . 2015-06-03 19:11 404992 ----a-w- c:\windows\system32\tracerpt.exe
2015-05-25 18:18 . 2015-06-03 19:10 47104 ----a-w- c:\windows\system32\typeperf.exe
2015-05-25 18:18 . 2015-06-03 19:10 112640 ----a-w- c:\windows\system32\smss.exe
2015-05-25 18:18 . 2015-06-03 19:11 296960 ----a-w- c:\windows\system32\rstrui.exe
2015-05-25 18:18 . 2015-06-03 19:10 43008 ----a-w- c:\windows\system32\relog.exe
2015-05-25 18:18 . 2015-06-03 19:10 104448 ----a-w- c:\windows\system32\logman.exe
2015-05-25 18:18 . 2015-06-03 19:10 31232 ----a-w- c:\windows\system32\lsass.exe
2015-05-25 18:18 . 2015-06-03 19:10 19456 ----a-w- c:\windows\system32\diskperf.exe
2015-05-25 18:18 . 2015-06-03 19:11 338432 ----a-w- c:\windows\system32\conhost.exe
2015-05-25 18:18 . 2015-06-03 19:10 64000 ----a-w- c:\windows\system32\auditpol.exe
2015-05-25 18:14 . 2015-06-03 19:10 60416 ----a-w- c:\windows\system32\msobjs.dll
2015-05-25 18:14 . 2015-06-03 19:10 146432 ----a-w- c:\windows\system32\msaudite.dll
2015-05-25 18:11 . 2015-06-03 19:10 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-25 18:11 . 2015-06-03 19:10 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-25 18:11 . 2015-06-03 19:10 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-25 18:11 . 2015-06-03 19:10 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-05-25 18:11 . 2015-06-03 19:10 3584 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-25 18:11 . 2015-06-03 19:10 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-25 18:11 . 2015-06-03 19:10 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-25 18:11 . 2015-06-03 19:10 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-05-25 18:11 . 2015-06-03 19:10 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-05-25 18:11 . 2015-06-03 19:10 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-05-25 18:11 . 2015-06-03 19:10 3584 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-05-25 18:11 . 2015-06-03 19:10 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-05-25 18:11 . 2015-06-03 19:10 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-25 18:11 . 2015-06-03 19:10 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-25 18:11 . 2015-06-03 19:10 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-05-25 18:11 . 2015-06-03 19:10 3072 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-05-25 18:11 . 2015-06-03 19:10 6656 ----a-w- c:\windows\system32\apisetschema.dll
2015-05-25 18:11 . 2015-06-03 19:10 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-05-25 18:11 . 2015-06-03 19:10 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-05-25 18:11 . 2015-06-03 19:10 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-05-25 18:11 . 2015-06-03 19:10 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-05-25 18:11 . 2015-06-03 19:10 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-05-25 18:11 . 2015-06-03 19:10 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-05-25 18:11 . 2015-06-03 19:10 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-05-25 18:11 . 2015-06-03 19:10 3072 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-25 18:11 . 2015-06-03 19:10 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-25 18:11 . 2015-06-03 19:10 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-05-25 18:11 . 2015-06-03 19:10 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-05-25 18:11 . 2015-06-03 19:10 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-05-25 18:11 . 2015-06-03 19:10 686080 ----a-w- c:\windows\system32\adtschema.dll
2015-05-25 18:07 . 2015-06-03 19:11 3989440 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2015-05-25 18:07 . 2015-06-03 19:11 3934144 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2015-05-25 18:04 . 2015-06-03 19:10 1310744 ----a-w- c:\windows\SysWow64\ntdll.dll
2015-05-25 18:01 . 2015-06-03 19:10 172032 ----a-w- c:\windows\SysWow64\wdigest.dll
2015-05-25 18:01 . 2015-06-03 19:10 65536 ----a-w- c:\windows\SysWow64\TSpkg.dll
2015-05-25 18:01 . 2015-06-03 19:10 635392 ----a-w- c:\windows\SysWow64\tdh.dll
2015-05-25 18:01 . 2015-06-03 19:10 43008 ----a-w- c:\windows\SysWow64\srclient.dll
2015-05-25 18:01 . 2015-06-03 19:11 248832 ----a-w- c:\windows\SysWow64\schannel.dll
2015-05-25 18:01 . 2015-06-03 19:10 92160 ----a-w- c:\windows\SysWow64\sechost.dll
2015-05-25 18:01 . 2015-06-03 19:10 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2015-05-25 18:01 . 2015-06-03 19:10 221184 ----a-w- c:\windows\SysWow64\ncrypt.dll
2015-05-25 18:01 . 2015-06-03 19:10 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2015-05-25 18:01 . 2015-06-03 19:10 259584 ----a-w- c:\windows\SysWow64\msv1_0.dll
2015-05-25 18:01 . 2015-06-03 19:11 551424 ----a-w- c:\windows\SysWow64\kerberos.dll
2015-05-25 18:01 . 2015-06-03 19:10 17408 ----a-w- c:\windows\SysWow64\credssp.dll
2015-05-25 18:01 . 2015-06-03 19:11 641536 ----a-w- c:\windows\SysWow64\advapi32.dll
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" [2015-05-15 767176]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2015-04-30 334896]
"AvastUI.exe"="c:\program files (x86)\AVAST Software\Avast\AvastUI.exe" [2015-06-29 5515496]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
R2 AODDriver4.2.0;AODDriver4.2.0;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 libusbd;LibUsb-Win32 - Daemon, Version 0.1.10.1;c:\windows\system32\libusbd-nt.exe;c:\windows\SYSNATIVE\libusbd-nt.exe [x]
R3 atillk64;atillk64;c:\program files (x86)\AMD\System Monitor\atillk64.sys;c:\program files (x86)\AMD\System Monitor\atillk64.sys [x]
R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [x]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys;c:\windows\SYSNATIVE\DRIVERS\ggflt.sys [x]
R3 libusb0;LibUsb-Win32 - Kernel Driver, Version 0.1.10.1;c:\windows\system32\drivers\libusb0.sys;c:\windows\SYSNATIVE\drivers\libusb0.sys [x]
R3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;c:\windows\system32\DRIVERS\MijXfilt.sys;c:\windows\SYSNATIVE\DRIVERS\MijXfilt.sys [x]
R3 Origin Client Service;Origin Client Service;c:\program files (x86)\Origin\OriginClientService.exe;c:\program files (x86)\Origin\OriginClientService.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\DRIVERS\ss_bbus.sys;c:\windows\SYSNATIVE\DRIVERS\ss_bbus.sys [x]
R3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\DRIVERS\ss_bmdfl.sys;c:\windows\SYSNATIVE\DRIVERS\ss_bmdfl.sys [x]
R3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\DRIVERS\ss_bmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ss_bmdm.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 ute3otkw;AVZ Kernel Driver;c:\windows\system32\Drivers\ute3otkw.sys;c:\windows\SYSNATIVE\Drivers\ute3otkw.sys [x]
R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 XSplit_Dummy;XSplit Stream Audio Renderer;c:\windows\system32\drivers\xspltspk.sys;c:\windows\SYSNATIVE\drivers\xspltspk.sys [x]
R4 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
S0 amdide64;amdide64;c:\windows\system32\DRIVERS\amdide64.sys;c:\windows\SYSNATIVE\DRIVERS\amdide64.sys [x]
S0 amdkmpfd;AMD PCI Root Bus Lower Filter;c:\windows\system32\DRIVERS\amdkmpfd.sys;c:\windows\SYSNATIVE\DRIVERS\amdkmpfd.sys [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\SysWOW64\drivers\HWiNFO64A.SYS;c:\windows\SysWOW64\drivers\HWiNFO64A.SYS [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\AMD\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 AODDriver4.3;AODDriver4.3;c:\program files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 FreemakeVideoCapture;FreemakeVideoCapture;c:\program files (x86)\Freemake\CaptureLib\CaptureLibService.exe;c:\program files (x86)\Freemake\CaptureLib\CaptureLibService.exe [x]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
S2 VBoxAswDrv;VBoxAsw Support Driver;c:\program files (x86)\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys;c:\program files (x86)\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [x]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys;c:\windows\SYSNATIVE\DRIVERS\asmthub3.sys [x]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys;c:\windows\SYSNATIVE\DRIVERS\asmtxhci.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 AvastVBoxSvc;AvastVBox COM Service;c:\program files (x86)\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe;c:\program files (x86)\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
S3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
.
.
--- Autres Services/Pilotes en mémoire ---
.
*NewlyCreated* - MBAMSWISSARMY
.
Contenu du dossier 'Tâches planifiées'
.
2015-07-07 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-22 20:12]
.
2015-07-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-11-12 21:59]
.
2015-07-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-11-12 21:59]
.
2015-07-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3862555361-1167507310-1669404147-1000Core.job
- c:\users\Cameron\AppData\Local\Google\Update\GoogleUpdate.exe [2015-05-30 16:57]
.
2015-07-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3862555361-1167507310-1669404147-1000UA.job
- c:\users\Cameron\AppData\Local\Google\Update\GoogleUpdate.exe [2015-05-30 16:57]
.
2015-07-07 c:\windows\Tasks\SlimDrivers Startup.job
- c:\program files (x86)\SlimDrivers\SlimDrivers.exe [2015-02-27 06:59]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2015-06-29 11:10 722400 ----a-w- c:\program files (x86)\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"XboxStat"="c:\program files\Microsoft Xbox 360 Accessories\XboxStat.exe" [2009-09-30 825184]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2014-02-27 558496]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2015-04-30 8466136]
.
------- Examen supplémentaire -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:blank
uDefault_Search_URL = www.google.com
mDefault_Search_URL = www.google.com
mDefault_Page_URL = about:blank
mStart Page = about:blank
mSearch Page = www.google.com
uSearchAssistant = hxxp://www.google.com
TCP: DhcpNameServer = 212.27.40.240 212.27.40.241
FF - ProfilePath - c:\users\Cameron\AppData\Roaming\Mozilla\Firefox\Profiles\1wro48go.default-1405106414981\
.
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_18_0_0_194_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_18_0_0_194_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
------------------------ Autres processus actifs ------------------------
.
c:\program files (x86)\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Malwarebytes Anti-Malware\mbam.exe
.
**************************************************************************
.
Heure de fin: 2015-07-07 20:19:08 - La machine a redémarré
ComboFix-quarantined-files.txt 2015-07-07 18:19
ComboFix2.txt 2015-07-07 14:06
.
Avant-CF: 125 301 977 088 octets libres
Après-CF: 125 137 408 000 octets libres
.
- - End Of File - - 800CD8CBC53FB75662DEBCF100DC7B2D
A36C5E4F47E84449FF07ED3517B43A31

Publicité


Signaler le contenu de ce document

Publicité