cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

ComboFix 15-10-21.01 - Alice&Maurice 22/10/2015 8:27.1.2 - x86
Microsoft® Windows Vista™ Professionnel 6.0.6002.2.1252.33.1036.18.3036.1134 [GMT 2:00]
Lancé depuis: c:\users\Alice&Maurice\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Alice&Maurice\AppData\Roaming\Microsoft\~DFKf078e.tmp
c:\users\Alice&Maurice\AppData\Roaming\Microsoft\1eaadjc.dll
c:\users\Alice&Maurice\AppData\Roaming\Microsoft\bass.dll
c:\users\Alice&Maurice\AppData\Roaming\Microsoft\engine_vx.dll
c:\users\Alice&Maurice\AppData\Roaming\Microsoft\kfgresk.dll
c:\users\Alice&Maurice\AppData\Roaming\Microsoft\mjcriu.dll
c:\users\Alice&Maurice\AppData\Roaming\Microsoft\peaadje.dll
c:\users\Alice&Maurice\AppData\Roaming\Microsoft\qwadjb.dll
c:\users\Alice&Maurice\AppData\Roaming\Microsoft\rsaadjd.dll
S:\AUTORUN.INF
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2015-09-22 au 2015-10-22 ))))))))))))))))))))))))))))))))))))
.
.
2015-10-22 06:37 . 2015-10-22 06:37 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-10-22 06:34 . 2015-10-22 06:34 62576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{8831052D-1387-4E13-BE9F-FBDF9D3987F4}\offreg.1064.dll
2015-10-21 16:16 . 2015-10-21 16:16 -------- d-----w- C:\MGADiagToolOutput
2015-10-21 16:14 . 2015-10-21 16:14 -------- d-----w- c:\programdata\Office Genuine Advantage
2015-10-21 13:39 . 2015-10-21 13:40 -------- d-----w- c:\users\Alice&Maurice\AppData\Roaming\ZHP
2015-10-21 07:06 . 2015-10-13 09:30 8985080 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{8831052D-1387-4E13-BE9F-FBDF9D3987F4}\mpengine.dll
2015-10-21 06:48 . 2015-09-28 05:44 313472 ----a-w- c:\windows\system32\aswBoot.exe
2015-10-20 15:41 . 2015-10-20 16:15 -------- d-----w- c:\programdata\RogueKiller
2015-10-20 15:30 . 2015-10-20 15:30 -------- d-----w- c:\users\Alice&Maurice\AppData\Roaming\QuickScan
2015-10-20 07:49 . 2015-10-20 07:50 -------- d-----w- c:\users\Alice&Maurice\AppData\Roaming\Mozilla(59)
2015-10-20 07:49 . 2015-10-20 07:49 -------- d-----w- c:\program files\Mozilla Maintenance Service(39)
2015-10-20 05:44 . 2015-10-20 05:44 -------- d-----w- c:\users\Alice&Maurice\AppData\Local\Mozilla
2015-10-19 08:22 . 2015-10-21 14:09 -------- d-----w- C:\FRST
2015-10-17 06:52 . 2015-10-20 05:23 -------- d-----w- c:\windows\AutoKMS
2015-10-16 20:27 . 2015-10-16 20:27 -------- d-----w- c:\program files\Microsoft Sync Framework
2015-10-16 20:25 . 2015-10-16 20:25 -------- d-----w- c:\program files\Microsoft Visual Studio 8
2015-10-16 20:23 . 2015-10-16 20:23 -------- d-----w- c:\program files\Microsoft Analysis Services
2015-10-16 20:19 . 2015-10-16 20:19 -------- d-----r- C:\MSOCache
2015-10-15 07:31 . 2015-09-28 17:17 1206192 ----a-w- c:\windows\system32\ntdll.dll
2015-10-15 07:31 . 2015-09-26 16:09 3606464 ----a-w- c:\windows\system32\ntkrnlpa.exe
2015-10-15 07:31 . 2015-09-26 16:09 3554240 ----a-w- c:\windows\system32\ntoskrnl.exe
2015-10-12 11:18 . 2015-10-12 11:26 -------- d-----w- c:\program files\WIKO
2015-10-10 08:30 . 2015-10-10 08:51 -------- d-----w- c:\users\Alice&Maurice\AppData\Roaming\NCH Software
2015-10-10 08:30 . 2015-10-10 08:30 -------- d-----w- c:\program files\NCH Software
2015-10-10 08:30 . 2015-10-10 08:30 -------- d-----w- c:\programdata\NCH Software
2015-10-10 08:09 . 2012-10-03 14:14 26840 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2015-10-10 08:06 . 2015-10-10 08:07 -------- d-----w- c:\program files\iPod
2015-10-10 08:06 . 2015-10-10 08:09 -------- d-----w- c:\program files\iTunes
2015-10-10 08:05 . 2015-10-10 08:05 -------- d-----w- c:\program files\Apple Software Update
2015-10-10 07:59 . 2015-10-10 07:59 -------- d-----w- c:\program files\Bonjour
2015-10-10 07:59 . 2015-10-10 08:06 -------- d-----w- c:\program files\Common Files\Apple
2015-10-01 09:24 . 2015-10-01 09:24 -------- d-----w- c:\program files\Common Files\Skype
2015-09-28 05:44 . 2015-09-28 05:44 157888 ----a-w- c:\windows\system32\drivers\aswStmXP.sys
2015-09-28 05:44 . 2015-09-28 05:43 107984 ----a-w- c:\windows\system32\drivers\ngvss.sys
2015-09-28 05:44 . 2015-09-28 05:44 43112 ----a-w- c:\windows\avastSS.scr
2015-09-24 15:40 . 2015-06-26 22:43 188304 ----a-w- c:\program files\Internet Explorer\Plugins\nppdf32.dll
2015-09-24 14:06 . 2015-05-27 22:00 89856 ----a-w- c:\windows\system32\drivers\ssudbus.sys
2015-09-24 14:06 . 2015-05-27 22:00 184192 ----a-w- c:\windows\system32\drivers\ssudmdm.sys
2015-09-24 14:06 . 2015-09-24 14:06 -------- d-----w- c:\program files\Android-Sync
2015-09-23 16:15 . 2015-08-13 14:15 304640 ----a-w- c:\windows\system32\drivers\srv.sys
2015-09-23 16:15 . 2015-08-13 14:15 102912 ----a-w- c:\windows\system32\drivers\srvnet.sys
2015-09-23 16:14 . 2015-07-21 16:03 49664 ----a-w- c:\windows\system32\csrsrv.dll
2015-09-23 16:14 . 2015-07-21 16:07 56256 ----a-w- c:\windows\system32\drivers\mountmgr.sys
2015-09-23 16:14 . 2015-07-21 16:07 140224 ----a-w- c:\windows\system32\drivers\ecache.sys
2015-09-23 16:14 . 2015-07-21 16:03 10752 ----a-w- c:\windows\system32\msmmsp.dll
2015-09-23 16:14 . 2015-07-21 16:03 564224 ----a-w- c:\windows\system32\emdmgmt.dll
2015-09-23 16:14 . 2015-07-03 16:04 1316864 ----a-w- c:\windows\system32\ole32.dll
2015-09-23 16:13 . 2015-09-02 21:26 1402368 ----a-w- c:\windows\system32\msxml6.dll
2015-09-23 16:13 . 2015-09-02 21:26 1253376 ----a-w- c:\windows\system32\msxml3.dll
2015-09-23 16:12 . 2015-07-31 19:27 103120 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-09-23 16:12 . 2015-06-17 15:09 73216 ----a-w- c:\windows\system32\msiexec.exe
2015-09-23 16:12 . 2015-06-17 16:50 2264576 ----a-w- c:\windows\system32\msi.dll
2015-09-23 16:11 . 2015-06-12 16:01 298496 ----a-w- c:\windows\system32\gdi32.dll
2015-09-23 16:09 . 2015-04-24 15:54 532480 ----a-w- c:\windows\system32\comctl32.dll
2015-09-23 16:09 . 2015-07-10 19:37 2067968 ----a-w- c:\windows\system32\mstscax.dll
2015-09-23 16:03 . 2015-07-18 16:03 68608 ----a-w- c:\windows\system32\basesrv.dll
2015-09-23 16:00 . 2015-07-10 14:21 2048 ----a-w- c:\windows\system32\tzres.dll
2015-09-23 15:59 . 2015-08-05 15:58 940032 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2015-09-23 15:59 . 2015-08-05 15:59 1220608 ----a-w- c:\program files\Windows Journal\NBDoc.DLL
2015-09-23 15:59 . 2015-08-05 15:58 985600 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll
2015-09-23 15:59 . 2015-08-05 15:58 967680 ----a-w- c:\program files\Windows Journal\JNWDRV.dll
2015-09-23 15:59 . 2015-08-05 14:24 1850880 ----a-w- c:\program files\Windows Journal\Journal.exe
2015-09-23 15:59 . 2015-09-02 21:26 34304 ----a-w- c:\windows\system32\atmlib.dll
2015-09-23 15:59 . 2015-09-02 19:55 2067456 ----a-w- c:\windows\system32\win32k.sys
2015-09-23 15:59 . 2015-09-02 19:54 297472 ----a-w- c:\windows\system32\atmfd.dll
2015-09-23 15:58 . 2015-08-05 15:59 602112 ----a-w- c:\windows\system32\schedsvc.dll
2015-09-23 15:57 . 2015-05-31 08:11 225792 ----a-w- c:\windows\system32\cewmdm.dll
2015-09-23 15:49 . 2015-07-31 21:46 219648 ----a-w- c:\windows\system32\d3d10_1core.dll
2015-09-23 15:49 . 2015-07-31 21:46 189952 ----a-w- c:\windows\system32\d3d10core.dll
2015-09-23 15:49 . 2015-07-31 21:46 160768 ----a-w- c:\windows\system32\d3d10_1.dll
2015-09-23 15:49 . 2015-07-31 21:46 1029120 ----a-w- c:\windows\system32\d3d10.dll
2015-09-23 15:49 . 2015-07-31 20:41 1172480 ----a-w- c:\windows\system32\d3d10warp.dll
2015-09-23 15:49 . 2015-07-31 20:40 486400 ----a-w- c:\windows\system32\d3d10level9.dll
2015-09-23 15:49 . 2015-07-31 20:35 682496 ----a-w- c:\windows\system32\d2d1.dll
2015-09-23 15:49 . 2015-07-31 20:33 1072640 ----a-w- c:\windows\system32\DWrite.dll
2015-09-23 15:49 . 2015-07-31 20:33 802304 ----a-w- c:\windows\system32\FntCache.dll
2015-09-23 15:47 . 2015-06-27 16:02 218112 ----a-w- c:\windows\system32\msv1_0.dll
2015-09-23 15:47 . 2015-06-27 14:21 217088 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2015-09-23 15:47 . 2015-06-27 14:21 81408 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2015-09-23 15:47 . 2015-01-09 00:17 107008 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2015-09-23 15:47 . 2015-06-27 16:03 783872 ----a-w- c:\windows\system32\rpcrt4.dll
2015-09-23 15:47 . 2015-06-27 16:02 501248 ----a-w- c:\windows\system32\kerberos.dll
2015-09-23 15:47 . 2015-06-27 16:01 801280 ----a-w- c:\windows\system32\advapi32.dll
2015-09-23 15:47 . 2015-06-12 13:13 440768 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2015-09-23 15:47 . 2015-07-01 15:57 199680 ----a-w- c:\windows\system32\WebClnt.dll
2015-09-23 15:46 . 2015-07-09 14:25 151040 ----a-w- c:\windows\system32\notepad.exe
2015-09-23 15:46 . 2015-07-09 14:25 151040 ----a-w- c:\windows\notepad.exe
2015-09-23 15:44 . 2015-05-04 22:50 7680 ----a-w- c:\windows\system32\spwmp.dll
2015-09-23 15:44 . 2015-05-04 22:50 4096 ----a-w- c:\windows\system32\msdxm.ocx
2015-09-23 15:44 . 2015-05-04 22:50 4096 ----a-w- c:\windows\system32\dxmasf.dll
2015-09-23 15:44 . 2015-05-04 21:21 107520 ----a-w- c:\program files\Windows Media Player\wmpconfig.exe
2015-09-23 15:44 . 2015-05-04 21:21 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2015-09-23 15:44 . 2015-05-04 21:21 168960 ----a-w- c:\program files\Windows Media Player\wmplayer.exe
2015-09-23 15:44 . 2015-05-04 21:21 107520 ----a-w- c:\program files\Windows Media Player\wmpshare.exe
2015-09-22 16:27 . 2015-09-22 16:27 -------- d-----w- c:\program files\avast software
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-10-21 08:06 . 2014-04-23 06:41 170200 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-10-18 05:48 . 2013-03-20 08:29 780488 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2015-10-18 05:48 . 2011-09-30 10:40 142536 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2015-10-05 07:50 . 2014-04-23 06:40 51928 ----a-w- c:\windows\system32\drivers\mwac.sys
2015-10-05 07:50 . 2014-04-23 06:40 94936 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-10-05 07:50 . 2014-04-23 06:40 23256 ----a-w- c:\windows\system32\drivers\mbam.sys
2015-09-28 05:44 . 2013-03-14 06:34 49776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2015-09-28 05:44 . 2013-03-14 06:34 208664 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2015-09-28 05:44 . 2009-11-14 09:51 57888 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2015-09-28 05:44 . 2009-11-14 09:51 434184 ----a-w- c:\windows\system32\drivers\aswSP.sys
2015-09-28 05:44 . 2014-04-27 06:32 24016 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2015-09-28 05:44 . 2009-11-14 09:51 55200 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2015-09-28 05:44 . 2009-11-14 09:50 76000 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2015-09-28 05:43 . 2012-03-09 17:31 789296 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2015-08-04 22:03 . 2015-08-04 22:03 877152 ----a-w- c:\windows\system32\msvcr120_clr0400.dll
2015-08-04 22:03 . 2015-08-04 22:03 538208 ----a-w- c:\windows\system32\msvcp120_clr0400.dll
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2015-09-28 05:44 696120 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-08-09 221184]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
"boincmgr"="c:\program files\BOINC\boincmgr.exe" [2008-11-17 3916544]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2006-09-11 86960]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner.exe" [2015-09-16 6495144]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-02-11 172568]
"Windows Mobile-based device management"="c:\windows\WindowsMobile\wmdcBase.exe" [2007-05-31 648072]
"AvastUI.exe"="c:\program files\Alwil Software\Avast5\AvastUI.exe" [2015-09-28 6134544]
"Wondershare Helper Compact.exe"="c:\program files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe" [2013-07-25 1985824]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2014-10-02 421888]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-02-11 137752]
"LPManager"="c:\progra~1\THINKV~1\PrdCtr\LPMGR.exe" [2008-06-08 165208]
"LPMailChecker"="c:\progra~1\THINKV~1\PrdCtr\LPMLCHK.exe" [2008-06-08 124248]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-02-11 171032]
"TVT Scheduler Proxy"="c:\program files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe" [2008-05-24 487424]
"boinctray"="c:\program files\BOINC\boinctray.exe" [2008-11-17 58112]
"AMSG"="c:\program files\ThinkVantage\AMSG\Amsg.exe" [2007-02-01 419376]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2009-06-17 55824]
"RtHDVCpl"="RtHDVCpl.exe" [2008-06-27 6295552]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2015-01-27 157480]
"Adobe Acrobat Speed Launcher"="c:\program files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" [2015-09-24 41360]
"Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" [2015-09-24 840592]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2012-11-05 89184]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2009-11-24 813584]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
backup=c:\windows\pss\Adobe Gamma Loader.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Lancement rapide d'Adobe Acrobat.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Lancement rapide d'Adobe Acrobat.lnk
backup=c:\windows\pss\Lancement rapide d'Adobe Acrobat.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk
backup=c:\windows\pss\Microsoft Office.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^NETGEAR WG311v3 Smart Wizard.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WG311v3 Smart Wizard.lnk
backup=c:\windows\pss\NETGEAR WG311v3 Smart Wizard.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^Users^Alice&Maurice^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Photoshop Interface Improver.lnk]
path=c:\users\Alice&Maurice\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Photoshop Interface Improver.lnk
backup=c:\windows\pss\Adobe Photoshop Interface Improver.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0]
2015-09-24 15:41 840592 ----a-w- c:\program files\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Acrobat Speed Launcher]
2015-09-24 15:40 41360 ----a-w- c:\program files\Adobe\Acrobat 10.0\Acrobat\acrobat_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Acrobat Synchronizer]
2015-09-24 15:41 1104288 ----a-w- c:\program files\Adobe\Acrobat 10.0\Acrobat\AdobeCollabSync.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2015-09-14 07:25 1045720 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AndroidSync]
2015-09-01 10:43 6332344 ----a-w- c:\program files\Android-Sync\AndroidSync.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2015-01-20 20:35 60712 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ArcSoft Connection Service]
2010-10-27 18:17 207424 ----a-w- c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BLOG]
2008-10-14 17:00 214576 ------w- c:\progra~1\ThinkPad\UTILIT~1\BTVLOGEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2015-01-27 01:58 157480 ----a-w- c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Opware15]
2005-07-05 23:58 69632 ----a-w- c:\program files\ScanSoft\OmniPage15.0\OpWare15.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWMTRV]
2008-10-14 17:00 634880 ------w- c:\progra~1\ThinkPad\UTILIT~1\PWMTR32V.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRAGD]
2008-10-15 10:34 72256 ------w- c:\progra~1\ThinkPad\UTILIT~1\DPMHost.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2014-10-02 13:23 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ScanSoft OmniPage 15.0-reminder]
2005-06-03 14:29 729088 ----a-w- c:\program files\ScanSoft\OmniPage15.0\Ereg\Ereg.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2015-09-04 11:44 55349888 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2015-03-07 12:53 335232 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VoipConnect]
2015-10-09 08:44 32417376 ----a-w- c:\program files\VoipConnect.com\VoipConnect\voipconnect.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
2012-06-28 15:40 74752 ----a-w- c:\program files\Winamp\winampa.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
2008-01-21 02:25 202240 ----a-w- c:\program files\Windows Media Player\wmpnscfg.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
bthsvcs REG_MULTI_SZ BthServ
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Contenu du dossier 'Tâches planifiées'
.
2015-10-22 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-20 05:49]
.
2015-04-05 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job
- c:\program files\PCDR5\pcdr5cuiw32.exe [2008-12-12 23:32]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.google.com
uDefault_Search_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
uSearchAssistant = hxxp://www.google.com
uSearchURL,(Default) = hxxp://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~1\Office14\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.254
FF - ProfilePath - c:\users\Alice&Maurice\AppData\Roaming\Mozilla\Firefox\Profiles\u4ld6p3x.default-1430894588280\
FF - prefs.js: browser.startup.homepage - hxxps://www.google.fr/?gws_rd=ssl
.
- - - - ORPHELINS SUPPRIMES - - - -
.
SafeBoot-WudfPf
SafeBoot-WudfRd
MSConfigStartUp-Acrobat Assistant 7 - c:\program files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
MSConfigStartUp-FlashPlayerUpdate - c:\windows\system32\Macromed\Flash\FlashUtil11g_Plugin.exe
MSConfigStartUp-GoogleChromeAutoLaunch_31A292CB9269181E688F7A63404D817E - c:\program files\Google\Chrome\Application\chrome.exe
MSConfigStartUp-OliSpool - c:\program files\Olifax\OliSpool.Exe
MSConfigStartUp-OpScheduler - c:\program files\ScanSoft\OmniPage15.0\OpScheduler.exe
MSConfigStartUp-Orange Installer - c:\program files\Orange\Orange Installer\OrangeInstaller.exe
MSConfigStartUp-PDF3 Registry Controller - c:\program files\ScanSoft\OmniPage15.0\PDFConverter3\\RegistryController.exe
MSConfigStartUp-Sidebar - c:\program files\Desktop Sidebar\dsidebar.exe
MSConfigStartUp-TomTomHOME - c:\program files\TomTom HOME 2\TomTomHOMERunner.exe
MSConfigStartUp-VoipCheapCom - c:\program files\VoipCheapCom.com\VoipCheapCom\VoipCheapCom.exe
MSConfigStartUp-Windows Mobile Device Center - c:\windows\WindowsMobile\wmdc.exe
MSConfigStartUp-Zune Launcher - c:\program files\Zune\ZuneLauncher.exe
AddRemove-Uninstall_is1 - c:\program files\Common Files\DVDVideoSoft\unins000.exe
AddRemove-01_Simmental - c:\program files\SAMSUNG\USB Drivers\01_Simmental\Uninstall.exe
AddRemove-02_Siberian - c:\program files\SAMSUNG\USB Drivers\02_Siberian\Uninstall.exe
AddRemove-03_Swallowtail - c:\program files\SAMSUNG\USB Drivers\03_Swallowtail\Uninstall.exe
AddRemove-04_semseyite - c:\program files\SAMSUNG\USB Drivers\04_semseyite\Uninstall.exe
AddRemove-07_Schorl - c:\program files\SAMSUNG\USB Drivers\07_Schorl\Uninstall.exe
AddRemove-09_Hsp - c:\program files\SAMSUNG\USB Drivers\09_Hsp\Uninstall.exe
AddRemove-11_HSP_Plus_Default - c:\program files\SAMSUNG\USB Drivers\11_HSP_Plus_Default\Uninstall.exe
AddRemove-16_Shrewsbury - c:\program files\SAMSUNG\USB Drivers\16_Shrewsbury\Uninstall.exe
AddRemove-20_NXP_Driver - c:\program files\SAMSUNG\USB Drivers\20_NXP_Driver\Uninstall.exe
AddRemove-24_flashusbdriver - c:\program files\SAMSUNG\USB Drivers\24_flashusbdriver\Uninstall.exe
AddRemove-25_escape - c:\program files\SAMSUNG\USB Drivers\25_escape\Uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2015-10-22 08:38
Windows 6.0.6002 Service Pack 2 NTFS
.
Recherche de processus cachés ...
.
Recherche d'éléments en démarrage automatique cachés ...
.
Recherche de fichiers cachés ...
.
Scan terminé avec succès
Fichiers cachés: 0
.
**************************************************************************
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_USERS\S-1-5-21-2910439989-134704540-1849271374-1000\Software\Microsoft\Windows Mobile Disc\W*i*n*d*o*w*s* *M*o*b*i*l*e*"!\CriticalAppInstall\ActiveSync]
"Name"="ActiveSync"
"DisplayName"="Microsoft ActiveSync"
"Param1"="ActiveSync"
"Type"="wellknown"
"Order"=dword:00000001
"State"=dword:00000020
.
[HKEY_USERS\S-1-5-21-2910439989-134704540-1849271374-1000\Software\Microsoft\Windows Mobile Disc\W*i*n*d*o*w*s* *M*o*b*i*l*e*"!\CriticalAppInstall\IESettings]
"Name"="IESettings"
"Type"="IESettings"
"Order"=dword:00000003
"State"=dword:0000000b
.
[HKEY_USERS\S-1-5-21-2910439989-134704540-1849271374-1000\Software\Microsoft\Windows Mobile Disc\W*i*n*d*o*w*s* *M*o*b*i*l*e*"!\CriticalAppInstall\MediaFiles]
"Name"="MediaFiles"
"Type"="MediaFiles"
"Order"=dword:00000002
"State"=dword:0000000b
.
[HKEY_USERS\S-1-5-21-2910439989-134704540-1849271374-1000\Software\Microsoft\Windows Mobile Disc\W*i*n*d*o*w*s* *M*o*b*i*l*e*"!\CriticalAppInstall\Outlook]
"Name"="Outlook"
"DisplayName"="Microsoft Outlook"
"Param1"="Outlook"
"Type"="wellknown"
"Order"=dword:00000000
"State"=dword:0000000b
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Heure de fin: 2015-10-22 08:43:06
ComboFix-quarantined-files.txt 2015-10-22 06:42
.
Avant-CF: 81 511 784 448 octets libres
Après-CF: 81 679 966 208 octets libres
.
- - End Of File - - 8E2BD4869DB992FB84FB45627B094D1E
58DDF2534AA8843EAACBF1305BFC3CF5

Publicité


Signaler le contenu de ce document

Publicité