cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

ComboFix 15-10-15.01 - user 17/10/2015 22:10:48.1.2 - x86
Microsoft Windows 7 Édition Intégrale 6.1.7600.0.1252.33.1036.18.3062.1386 [GMT 0:00]
Lancé depuis: c:\users\user\Downloads\Programs\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {C37D8F93-0602-E43C-40AA-47DAD597F308}
SP: avast! Antivirus *Disabled/Updated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\027aed17-bda2-44b7-8b78-05564b2f3a87\8ac9f05f-514d-48eb-8978-bcaf2549c44d.dll
c:\program files\4078a900-a22c-4f97-aec8-6a21481efe3c\41e3de81-c76c-4721-af5e-e46a20c7bc97.dll
c:\program files\4078a900-a22c-4f97-aec8-6a21481efe3c\56d88353-3386-4095-bf3f-c86156f0e2f9.dll
c:\program files\4078a900-a22c-4f97-aec8-6a21481efe3c\7c6423f4-4861-4ff8-a708-c31d3c143191.dll
c:\program files\4078a900-a22c-4f97-aec8-6a21481efe3c\ad5dbc3b-ba0b-44be-bd7e-cb176a1d5a73.dll
c:\program files\7c0676c4-5bb6-427d-8fa3-3ca8077dc29c\3842b4a2-5d7c-43f8-90ae-b2b9900093d6.dll
c:\program files\Alwil Software\788ba831-4095-450b-af6b-7ca0da28efef.dll
c:\program files\cd6db29d-2556-428e-b609-55f5935be1a3\10a5eb7c-3eca-4cc7-b3c1-fc94115288ab.dll
c:\program files\CinemaP-1.9cV13.10\e89b7985-83ce-4bdb-8b12-f8068b7163a4.dll
c:\program files\CinemaPlus-3.2cV15.10\ed9c8092-0c02-4f28-b6b5-eff55c2083a5.dll
c:\program files\CinemaPlus-3.2cV16.10\69acf028-4880-4ff2-a028-3567989c6a14.dll
c:\program files\CinemaPlus-3.2cV17.10\5e0f7fd5-40a3-4b6a-8fac-7e0588ba035c.dll
.
.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_globalUpdate
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2015-09-17 au 2015-10-17 ))))))))))))))))))))))))))))))))))))
.
.
2015-10-17 21:57 . 2015-10-17 21:57 -------- d-----w- c:\programdata\6WdsManPro6
2015-10-17 21:49 . 2015-10-17 21:49 -------- d-----w- c:\programdata\ReviverSoft
2015-10-17 21:49 . 2015-10-17 21:49 -------- d-----w- c:\program files\ReviverSoft
2015-10-17 21:34 . 2015-10-17 21:34 -------- d-----w- c:\program files\187358c5-d8cc-4b44-8fa5-b33eda1ef5f1
2015-10-17 21:34 . 2015-10-17 21:34 -------- d-----w- c:\program files\MyBrowser 1.0.2V17.10
2015-10-17 21:31 . 2015-10-17 21:31 -------- d-----w- c:\program files\Crossbrowse
2015-10-17 21:06 . 2015-10-17 22:16 -------- d-----w- c:\program files\7c0676c4-5bb6-427d-8fa3-3ca8077dc29c
2015-10-17 21:05 . 2015-10-17 22:16 -------- d-----w- c:\program files\CinemaPlus-3.2cV17.10
2015-10-17 20:57 . 2015-10-17 20:57 -------- d-----w- c:\program files\MyBrowser
2015-10-16 22:22 . 2015-10-17 22:16 -------- d-----w- c:\program files\cd6db29d-2556-428e-b609-55f5935be1a3
2015-10-16 22:21 . 2015-10-17 22:16 -------- d-----w- c:\program files\CinemaPlus-3.2cV16.10
2015-10-16 20:57 . 2015-10-16 20:59 -------- d-----w- c:\programdata\BWdsManProB
2015-10-15 23:45 . 2015-10-15 23:45 -------- d-----w- c:\programdata\Canneverbe Limited
2015-10-15 20:44 . 2015-10-17 22:16 -------- d-----w- c:\program files\4078a900-a22c-4f97-aec8-6a21481efe3c
2015-10-15 20:43 . 2015-10-17 22:16 -------- d-----w- c:\program files\CinemaPlus-3.2cV15.10
2015-10-15 20:43 . 2015-10-15 21:22 -------- d-----w- c:\program files\ASP
2015-10-15 20:41 . 2015-07-02 14:14 18200 ----a-w- c:\windows\system32\roboot.exe
2015-10-15 20:41 . 2015-10-17 00:49 -------- d-----w- c:\program files\RCP
2015-10-15 20:38 . 2015-10-17 21:57 -------- d-----w- c:\program files\SFK
2015-10-15 20:38 . 2015-10-15 20:39 -------- d-----w- c:\programdata\2WdsManPro2
2015-10-14 14:35 . 2015-10-14 14:35 -------- d-----w- c:\program files\Your Uninstaller! 7
2015-10-14 12:28 . 2015-10-17 21:27 -------- d-----w- c:\program files\483C75FE-1444825693-033D-9221-001EEC58C501
2015-10-13 23:03 . 2015-10-17 22:16 -------- d-----w- c:\program files\027aed17-bda2-44b7-8b78-05564b2f3a87
2015-10-13 23:03 . 2015-10-13 23:03 -------- d-----w- c:\program files\globalUpdate
2015-10-13 23:03 . 2015-10-17 22:16 -------- d-----w- c:\program files\CinemaP-1.9cV13.10
2015-10-13 23:02 . 2015-10-13 23:02 -------- d-----w- c:\program files\RayDld
2015-10-13 22:56 . 2015-10-13 23:01 -------- d-----w- c:\program files\Opera
2015-10-12 14:30 . 2015-10-12 14:30 -------- d-----w- c:\program files\innovata
2015-10-12 14:25 . 2015-10-12 14:25 -------- d-----w- c:\program files\Common Files\Adobe AIR
2015-10-01 13:15 . 2009-09-23 11:50 398336 ----a-w- c:\windows\system32\TVWizudlg.exe
2015-10-01 13:15 . 2009-09-23 11:49 140288 ----a-w- c:\windows\system32\igfxtvcx.dll
2015-10-01 13:15 . 2015-10-01 13:15 -------- d-----w- c:\program files\Intel
2015-10-01 12:41 . 2015-10-01 13:15 -------- d-----w- c:\windows\system32\Lang
2015-10-01 12:41 . 2015-10-01 12:41 -------- d-----w- c:\windows\system32\x64
2015-10-01 12:41 . 2015-10-01 12:40 1002008 ----a-w- c:\windows\system32\igxpun.exe
2015-10-01 12:28 . 2015-10-01 12:28 -------- d-----w- c:\programdata\ProductData
2015-10-01 12:28 . 2015-10-01 12:28 23840 ----a-w- c:\windows\system32\drivers\HWiNFO32.SYS
2015-10-01 12:28 . 2015-10-01 12:28 -------- d-----w- c:\programdata\IObit
2015-10-01 12:28 . 2015-10-01 12:28 -------- d-----w- c:\program files\IObit
2015-10-01 11:42 . 2015-10-01 11:42 -------- d-----w- c:\program files\Common Files\InstallShield
2015-10-01 11:20 . 2015-10-01 11:20 -------- d-----w- c:\program files\DIFX
2015-09-30 11:41 . 2015-09-30 11:41 -------- d-----w- c:\windows\system32\Wat
2015-09-28 21:45 . 2015-09-28 23:38 -------- d-----w- C:\FFOutput
2015-09-28 21:44 . 2015-09-28 21:45 -------- d-----w- c:\program files\FormatFactory
2015-09-28 20:18 . 2015-09-28 20:18 -------- d-----w- c:\program files\Common Files\Adobe
2015-09-28 13:37 . 2015-09-28 13:41 -------- d-----w- c:\program files\Google
2015-09-27 20:10 . 2015-09-27 20:10 -------- d-----w- c:\programdata\IDM
2015-09-27 20:10 . 2015-09-27 20:10 -------- d-----w- c:\program files\Internet Download Manager
2015-09-27 20:10 . 2015-09-16 05:43 8884144 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{4D786566-D629-45F9-B5D5-48BC6F162CBB}\mpengine.dll
2015-09-27 20:10 . 2015-06-23 13:27 246952 ------w- c:\windows\system32\MpSigStub.exe
2015-09-27 19:59 . 2015-10-16 21:55 780488 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2015-09-27 19:59 . 2015-10-16 21:55 142536 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2015-09-26 15:13 . 2015-09-26 14:42 -------- d-----w- c:\windows\Panther
2015-09-26 14:57 . 2015-09-26 14:57 -------- d-----w- c:\program files\Microsoft Silverlight
2015-09-26 14:56 . 2015-09-26 14:56 -------- d-----w- c:\windows\system32\Adobe
2015-09-26 14:56 . 2015-09-26 14:56 411368 ----a-w- c:\windows\system32\deployJava1.dll
2015-09-26 14:56 . 2015-09-26 14:56 -------- d-----w- c:\program files\Java
2015-09-26 14:56 . 2015-09-26 14:56 -------- d-----w- c:\windows\system32\Macromed
2015-09-26 14:54 . 2015-09-26 14:54 -------- d-----w- c:\program files\Conduit
2015-09-26 14:54 . 2015-09-28 13:27 -------- d-----w- c:\program files\my-search
2015-09-26 14:52 . 2009-11-12 14:48 7168 ----a-w- c:\windows\system32\drivers\StarOpen.sys
2015-09-26 14:52 . 2015-09-26 14:52 -------- d-----w- c:\program files\CDBurnerXP
2015-09-26 14:51 . 2010-05-06 20:33 19024 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2015-09-26 14:51 . 2010-05-06 20:39 164048 ----a-w- c:\windows\system32\drivers\aswSP.sys
2015-09-26 14:51 . 2010-05-06 20:34 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2015-09-26 14:51 . 2010-05-06 20:39 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2015-09-26 14:51 . 2010-05-06 20:34 51792 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2015-09-26 14:50 . 2015-10-17 21:05 -------- d-sh--w- c:\windows\Installer
2015-09-26 14:49 . 2010-05-06 20:59 38848 ----a-w- c:\windows\system32\avastSS.scr
2015-09-26 14:49 . 2010-05-06 20:59 165032 ----a-w- c:\windows\system32\aswBoot.exe
2015-09-26 14:49 . 2015-10-17 22:16 -------- d-----w- c:\program files\Alwil Software
2015-09-26 14:49 . 2015-09-26 14:49 -------- d-----w- c:\programdata\Alwil Software
2015-09-26 14:47 . 2015-09-26 14:47 -------- d-----w- c:\program files\Foxit PDF Reader
2015-09-26 14:47 . 2015-10-17 21:00 -------- d-----w- c:\windows\system32\wbem\Performance
2015-09-26 14:45 . 2015-09-26 14:45 -------- d-----w- c:\program files\VideoLAN
2015-09-23 09:31 . 2015-06-12 02:00 123968 ----a-w- c:\windows\system32\drivers\idmwfp.sys
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-10-01 12:40 . 2009-07-13 22:09 2551808 ----a-w- c:\windows\system32\igd10umd32.dll
2015-10-01 12:40 . 2009-07-13 22:09 3829760 ----a-w- c:\windows\system32\igdumd32.dll
2015-09-30 11:41 . 2009-07-13 23:40 409088 ----a-w- c:\windows\system32\systemcpl.dll
2015-09-30 11:41 . 2009-07-13 23:36 13824 ----a-w- c:\windows\system32\slwga.dll
2015-09-30 11:41 . 2010-06-27 12:36 811520 ----a-w- c:\windows\system32\user32.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2015-09-30 . 7BD7F45FF37FA0669CD32CA0EF46E22C . 811520 . . [6.1.7600.16529] . . c:\windows\System32\user32.dll
[7] 2010-06-27 . A59E558BEA7D9607E86E8BDE68E2488F . 811520 . . [6.1.7600.16529] . . c:\windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16529_none_cd53a6e0ce7bcca7\user32.dll
[7] 2010-06-27 . 109A1C1E7315CC2DC048EA4028A59563 . 811520 . . [6.1.7600.16529] . . c:\windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.20645_none_cdc3a2abe7ad3ef7\user32.dll
[7] 2010-06-27 . C7B21BEF09EC7249556BEE19F9D314CB . 811520 . . [6.1.7600.16400] . . c:\windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16400_none_cd604238ce73b38f\user32.dll
[7] 2010-06-27 . AE2B4D47934D3798C984D51B1694A490 . 811520 . . [6.1.7600.20496] . . c:\windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.20496_none_cd8e8f8de7d4e9b5\user32.dll
[7] 2009-07-14 . 34B7E222E81FAFA885F0C5F2CFA56861 . 811520 . . [6.1.7600.16385] . . c:\windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_cd0ec264ceb014a3\user32.dll
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ IDM Shell Extension]
@="{CDC95B92-E27C-4745-A8C5-64A52A78855D}"
[HKEY_CLASSES_ROOT\CLSID\{CDC95B92-E27C-4745-A8C5-64A52A78855D}]
2015-08-14 10:52 23520 ----a-w- c:\program files\Internet Download Manager\IDMShellExt.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IDMan"="c:\program files\Internet Download Manager\IDMan.exe" [2015-09-24 3907152]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-06-27 1173504]
"GoogleChromeAutoLaunch_605AC308D78062603A79A4C22DAD7502"="c:\program files\MyBrowser\MyBrowser\Application\mybrowser.exe" [2015-08-30 796160]
"GoogleChromeAutoLaunch_100535F106431A9BDA15E8895BE69FFB"="c:\program files\Crossbrowse\Crossbrowse\Application\crossbrowse.exe" [2015-05-12 637440]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast5"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2010-05-06 2815192]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2015-10-01 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2015-10-01 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2015-10-01 150552]
.
c:\users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
crossbrowse.lnk - c:\program files\Crossbrowse\Crossbrowse\Application\crossbrowse.exe [2015-10-17 637440]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
R3 globalUpdatem;globalUpdate Update Service (globalUpdatem);c:\program files\globalUpdate\Update\globalupdate.exe [2015-10-17 68608]
R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2015-09-30 1343400]
S1 aswSP;aswSP; [x]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\system32\drivers\HWiNFO32.SYS [2015-10-01 23840]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-05-06 51792]
S2 dijojyvi;Task Advertisement;c:\program files\483C75FE-1444825693-033D-9221-001EEC58C501\hnsn1C0B.tmp [2015-10-14 845312]
S2 hofegygy;Vector Image Collate;c:\program files\483C75FE-1444825693-033D-9221-001EEC58C501\jnscB1C2.tmp [2015-10-14 227328]
S2 IDMWFP;IDMWFP;c:\windows\system32\DRIVERS\idmwfp.sys [2015-06-12 123968]
S2 ihpmServer;ihpmServer;c:\program files\RayDld\ihpmServer.exe [2015-10-12 270568]
S2 jebozifu;Properties Cache;c:\program files\483C75FE-1444825693-033D-9221-001EEC58C501\knsx89B3.tmpfs [2015-10-14 391168]
.
.
--- Autres Services/Pilotes en mémoire ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components]
2015-10-17 21:31 913408 ----a-w- c:\program files\Crossbrowse\Crossbrowse\Application\39.6.2171.95\Installer\chrmstp.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-10-16 21:08 997704 ----a-w- c:\program files\Google\Chrome\Application\46.0.2490.71\Installer\chrmstp.exe
.
Contenu du dossier 'Tâches planifiées'
.
2015-10-17 c:\windows\Tasks\007ae613-68d4-46b1-88a9-ea79ae52f07e-6.job
- c:\program files\CinemaPlus-3.2cV16.10\007ae613-68d4-46b1-88a9-ea79ae52f07e-6.exe [2015-10-16 22:22]
.
2015-10-17 c:\windows\Tasks\2ef1708f-c754-4133-bd21-61d2fd7cc161-1-6.job
- c:\program files\CinemaPlus-3.2cV17.10\2ef1708f-c754-4133-bd21-61d2fd7cc161-1-6.exe [2015-10-17 21:06]
.
2015-10-17 c:\windows\Tasks\2ef1708f-c754-4133-bd21-61d2fd7cc161-1-7.job
- c:\program files\CinemaPlus-3.2cV17.10\2ef1708f-c754-4133-bd21-61d2fd7cc161-1-7.exe [2015-10-17 21:06]
.
2015-10-17 c:\windows\Tasks\2ef1708f-c754-4133-bd21-61d2fd7cc161-10_user.job
- c:\program files\CinemaPlus-3.2cV17.10\2ef1708f-c754-4133-bd21-61d2fd7cc161-10.exe [2015-10-17 21:05]
.
2015-10-17 c:\windows\Tasks\2ef1708f-c754-4133-bd21-61d2fd7cc161-11.job
- c:\program files\CinemaPlus-3.2cV17.10\2ef1708f-c754-4133-bd21-61d2fd7cc161-11.exe [2015-10-17 21:05]
.
2015-10-17 c:\windows\Tasks\2ef1708f-c754-4133-bd21-61d2fd7cc161-3.job
- c:\program files\CinemaPlus-3.2cV17.10\2ef1708f-c754-4133-bd21-61d2fd7cc161-3.exe [2015-10-17 21:05]
.
2015-10-17 c:\windows\Tasks\2ef1708f-c754-4133-bd21-61d2fd7cc161-4.job
- c:\program files\CinemaPlus-3.2cV17.10\2ef1708f-c754-4133-bd21-61d2fd7cc161-4.exe [2015-10-17 21:06]
.
2015-10-17 c:\windows\Tasks\2ef1708f-c754-4133-bd21-61d2fd7cc161-5.job
- c:\program files\CinemaPlus-3.2cV17.10\2ef1708f-c754-4133-bd21-61d2fd7cc161-5.exe [2015-10-17 21:07]
.
2015-10-17 c:\windows\Tasks\2ef1708f-c754-4133-bd21-61d2fd7cc161-5_user.job
- c:\program files\CinemaPlus-3.2cV17.10\2ef1708f-c754-4133-bd21-61d2fd7cc161-5.exe [2015-10-17 21:07]
.
2015-10-17 c:\windows\Tasks\2ef1708f-c754-4133-bd21-61d2fd7cc161-6.job
- c:\program files\CinemaPlus-3.2cV17.10\2ef1708f-c754-4133-bd21-61d2fd7cc161-6.exe [2015-10-17 21:06]
.
2015-10-17 c:\windows\Tasks\2ef1708f-c754-4133-bd21-61d2fd7cc161-7.job
- c:\program files\CinemaPlus-3.2cV17.10\2ef1708f-c754-4133-bd21-61d2fd7cc161-7.exe [2015-10-17 21:06]
.
2015-10-17 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-09-27 21:55]
.
2015-10-17 c:\windows\Tasks\Crossbrowse.job
- c:\program files\Crossbrowse\Crossbrowse\Application\utility.exe [2015-10-17 21:26]
.
2015-10-17 c:\windows\Tasks\dd31a9ce-9103-4c09-a460-9d3c1e72a3c1-1-6.job
- c:\program files\CinemaPlus-3.2cV15.10\dd31a9ce-9103-4c09-a460-9d3c1e72a3c1-1-6.exe [2015-10-15 20:46]
.
2015-10-17 c:\windows\Tasks\dd31a9ce-9103-4c09-a460-9d3c1e72a3c1-10_user.job
- c:\program files\CinemaPlus-3.2cV15.10\dd31a9ce-9103-4c09-a460-9d3c1e72a3c1-10.exe [2015-10-15 20:44]
.
2015-10-17 c:\windows\Tasks\dd31a9ce-9103-4c09-a460-9d3c1e72a3c1-6.job
- c:\program files\CinemaPlus-3.2cV15.10\dd31a9ce-9103-4c09-a460-9d3c1e72a3c1-6.exe [2015-10-15 20:46]
.
2015-10-17 c:\windows\Tasks\e9525936-62f3-4e59-b333-881fc9aaa331-1-6.job
- c:\program files\CinemaP-1.9cV13.10\e9525936-62f3-4e59-b333-881fc9aaa331-1-6.exe [2015-10-13 23:04]
.
2015-10-17 c:\windows\Tasks\e9525936-62f3-4e59-b333-881fc9aaa331-6.job
- c:\program files\CinemaP-1.9cV13.10\e9525936-62f3-4e59-b333-881fc9aaa331-6.exe [2015-10-13 23:04]
.
2015-10-17 c:\windows\Tasks\eLaeXpBOjQTVsuaujFgX1AkvI8.job
- c:\users\user\AppData\Roaming\eLaeXpBOjQTVsuaujFgX1AkvI8.exe [2015-04-20 14:05]
.
2015-10-17 c:\windows\Tasks\FaQnJYny.job
- c:\users\user\AppData\Roaming\FaQnJYny.exe [2015-04-20 14:05]
.
2015-10-17 c:\windows\Tasks\globalUpdateUpdateTaskMachineCore.job
- c:\program files\globalUpdate\Update\globalupdate.exe [2015-10-13 21:05]
.
2015-10-17 c:\windows\Tasks\globalUpdateUpdateTaskMachineUA.job
- c:\program files\globalUpdate\Update\globalupdate.exe [2015-10-13 21:05]
.
2015-10-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2015-09-28 13:37]
.
2015-10-17 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2015-09-28 13:37]
.
2015-10-17 c:\windows\Tasks\JW7pz9xi.job
- c:\users\user\AppData\Roaming\JW7pz9xi.exe [2015-04-20 14:05]
.
2015-10-17 c:\windows\Tasks\MyBrowser.job
- c:\program files\MyBrowser\MyBrowser\Application\utility.exe [2015-10-17 20:53]
.
2015-10-17 c:\windows\Tasks\Start Registry Reviver for user-PC@user(logon).job
- c:\program files\ReviverSoft\Registry Reviver\RegistryReviver.exe [2015-10-17 10:59]
.
2015-10-17 c:\windows\Tasks\Start Registry Reviver( SR ) for user-PC@user at logon.job
- c:\program files\ReviverSoft\Registry Reviver\RegistryReviver.exe [2015-10-17 10:59]
.
2015-10-17 c:\windows\Tasks\Start Registry Reviver( SR ) for user-PC@user.job
- c:\program files\ReviverSoft\Registry Reviver\RegistryReviver.exe [2015-10-17 10:59]
.
2015-10-17 c:\windows\Tasks\vMr91BPsu9s.job
- c:\users\user\AppData\Roaming\vMr91BPsu9s.exe [2015-04-20 14:05]
.
2015-10-17 c:\windows\Tasks\VMXK6EHuDprIsyHl.job
- c:\users\user\AppData\Roaming\VMXK6EHuDprIsyHl.exe [2015-04-20 14:05]
.
2015-10-17 c:\windows\Tasks\wCMfx2ztkAlInauKaGDJUVmL.job
- c:\users\user\AppData\Roaming\wCMfx2ztkAlInauKaGDJUVmL.exe [2015-04-20 14:05]
.
2015-10-17 c:\windows\Tasks\xn5bI7qfph9PKVQiPX.job
- c:\users\user\AppData\Roaming\xn5bI7qfph9PKVQiPX.exe [2015-04-20 14:05]
.
2015-10-17 c:\windows\Tasks\zYUHnrCgY0O0MxKzcRkEbgwUIJ.job
- c:\users\user\AppData\Roaming\zYUHnrCgY0O0MxKzcRkEbgwUIJ.exe [2015-04-20 14:05]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.oursurfing.com/?type=hp&ts=1444777315&z=258af9d671c54ba5674420cg9z4z8zam4m1m8cbgdw&from=amt&uid=hitachixhts543216l9a300_080602fb0200lcg6sv7bx
uDefault_Search_URL = hxxp://www.oursurfing.com/web/?type=ds&ts=1444777315&z=258af9d671c54ba5674420cg9z4z8zam4m1m8cbgdw&from=amt&uid=hitachixhts543216l9a300_080602fb0200lcg6sv7bx&q={searchTerms}
mStart Page = hxxp://www.oursurfing.com/?type=hp&ts=1444777315&z=258af9d671c54ba5674420cg9z4z8zam4m1m8cbgdw&from=amt&uid=hitachixhts543216l9a300_080602fb0200lcg6sv7bx
IE: Télécharger avec IDM - c:\program files\Internet Download Manager\IEExt.htm
IE: Télécharger tous les liens avec Internet Download Manager - c:\program files\Internet Download Manager\IEGetAll.htm
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sw7egdja.default\
FF - prefs.js: browser.search.selectedEngine - mystartsearch
FF - prefs.js: browser.startup.homepage - hxxp://www.mystartsearch.com/?type=hp&ts=1445118303&z=84365d7a2621a8ec14dbe4ag3z4z7wdgegab8e2q7q&from=cmi&uid=HitachiXHTS543216L9A300_080602FB0200LCG6SV7BX
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: IDM CC: mozilla_cc@internetdownloadmanager.com - c:\users\user\AppData\Roaming\IDM\idmmzcc5
.
- - - - ORPHELINS SUPPRIMES - - - -
.
AddRemove-VOPackage - c:\users\user\AppData\Roaming\VOPackage\Uninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\dijojyvi]
"ImagePath"="c:\program files\483C75FE-1444825693-033D-9221-001EEC58C501\hnsn1C0B.tmp"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\hofegygy]
"ImagePath"="c:\program files\483C75FE-1444825693-033D-9221-001EEC58C501\jnscB1C2.tmp"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\jebozifu]
"ImagePath"="c:\program files\483C75FE-1444825693-033D-9221-001EEC58C501\knsx89B3.tmpfs"
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_19_0_0_226_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_19_0_0_226_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- DLLs chargées dans les processus actifs ---------------------
.
- - - - - - - > 'Explorer.exe'(848)
c:\program files\Internet Download Manager\idmmkb.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\windows\system32\AUDIODG.EXE
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\windows\system32\taskhost.exe
c:\program files\CDBurnerXP\NMSAccessU.exe
c:\windows\system32\rundll32.exe
c:\windows\system32\conhost.exe
c:\windows\system32\igfxsrvc.exe
c:\program files\Internet Download Manager\IEMonitor.exe
c:\program files\Google\Chrome\Application\chrome.exe
c:\program files\Google\Chrome\Application\chrome.exe
c:\program files\Google\Chrome\Application\chrome.exe
c:\program files\Google\Chrome\Application\chrome.exe
c:\\?\c:\windows\system32\wbem\WMIADAP.EXE
c:\program files\IObit\Driver Booster\DBDownloader.exe
c:\program files\Opera\launcher.exe
.
**************************************************************************
.
Heure de fin: 2015-10-17 22:24:09 - La machine a redémarré
ComboFix-quarantined-files.txt 2015-10-17 22:24
.
Avant-CF: 73 995 194 368 octets libres
Après-CF: 73 823 510 528 octets libres
.
- - End Of File - - AD5DCF8B3E1A158BA199FA39C7C0BAF9
A36C5E4F47E84449FF07ED3517B43A31

Publicité


Signaler le contenu de ce document

Publicité