cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

ComboFix 16-01-24.01 - rihaminhouss 26/01/2016 20:04:33.1.2 - x86
Microsoft Windows 7 Édition Intégrale 6.1.7600.0.1252.33.1036.18.3327.1997 [GMT 0:00]
Lancé depuis: c:\users\rihaminhouss\Desktop\ComboFix.exe
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Un nouveau point de restauration a été créé
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\DFX\DFX.exe
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2015-12-26 au 2016-01-26 ))))))))))))))))))))))))))))))))))))
.
.
2016-01-26 20:10 . 2016-01-26 20:10 -------- d-----w- c:\users\Default\AppData\Local\temp
2016-01-26 18:37 . 2016-01-26 13:39 94520 ----a-w- c:\windows\system32\drivers\TAOKernel.sys
2016-01-26 18:37 . 2016-01-26 13:39 114616 ----a-w- c:\windows\system32\drivers\TAOAccelerator.sys
2016-01-26 18:36 . 2016-01-26 19:16 30392 ----a-w- c:\windows\system32\drivers\TS888.sys
2016-01-26 18:36 . 2016-01-26 18:36 -------- d-----w- c:\program files\Common Files\Tencent
2016-01-26 18:35 . 2016-01-26 18:35 -------- d-----w- c:\programdata\TXQMPC
2016-01-26 18:25 . 2016-01-26 18:33 -------- d-----w- C:\AdwCleaner
2016-01-26 14:58 . 2016-01-26 14:58 -------- d-----w- c:\programdata\{FD6F83C0-EC70-4581-8361-C70CD1AA4B98}
2016-01-26 14:57 . 2016-01-26 14:57 -------- d-----w- c:\program files\Common Files\IObit
2016-01-26 14:56 . 2016-01-26 14:58 -------- d-----w- c:\programdata\ProductData
2016-01-26 14:56 . 2016-01-26 15:12 -------- d-----w- c:\programdata\IObit
2016-01-26 14:55 . 2016-01-26 15:08 -------- d-----w- c:\program files\IObit
2016-01-26 13:40 . 2016-01-26 13:39 14008 ------w- c:\windows\system32\drivers\TSDefenseBt.sys
2016-01-26 13:40 . 2016-01-26 13:39 67896 ------w- c:\windows\system32\TSSK.sys
2016-01-26 13:39 . 2016-01-26 13:39 150072 ------w- c:\windows\system32\drivers\TFsFlt.sys
2016-01-26 13:39 . 2016-01-14 09:47 128280 ------w- c:\windows\system32\drivers\TsFltMgr.sys
2016-01-26 13:39 . 2016-01-26 13:39 -------- d-----w- c:\program files\Tencent
2016-01-26 13:39 . 2016-01-26 19:02 -------- d-----w- c:\programdata\Tencent
2016-01-25 20:29 . 2016-01-25 20:29 -------- d-----w- c:\program files\K-Lite Codec Pack
2016-01-25 17:21 . 2016-01-25 17:21 -------- d-----w- c:\program files\Common Files\ATI Technologies
2016-01-25 17:21 . 2016-01-25 17:24 -------- d-----w- c:\program files\ATI Technologies
2016-01-25 17:21 . 2016-01-25 17:21 -------- d-----w- c:\program files\ATI
2016-01-25 17:19 . 2013-09-24 14:52 77312 ----a-w- c:\windows\system32\drivers\AtihdW73.sys
2016-01-25 17:19 . 2013-11-17 03:40 83968 ----a-w- c:\windows\system32\OpenVideo.dll
2016-01-25 17:19 . 2013-11-17 03:40 73728 ----a-w- c:\windows\system32\OVDecode.dll
2016-01-25 17:19 . 2013-11-17 03:35 57344 ----a-w- c:\windows\system32\OpenCL.dll
2016-01-25 17:19 . 2013-11-17 03:24 114688 ----a-w- c:\windows\system32\coinst_13.25.dll
2016-01-25 17:19 . 2013-11-17 02:48 442368 ----a-w- c:\windows\system32\atidemgy.dll
2016-01-25 17:19 . 2013-09-24 14:50 84480 ----a-w- c:\windows\system32\DelayAPO.dll
2016-01-25 16:23 . 2016-01-25 16:26 -------- d-----w- c:\program files\Raptr
2016-01-25 16:20 . 2016-01-25 16:20 -------- d-----w- c:\programdata\Package Cache
2016-01-25 16:19 . 2016-01-25 16:19 -------- d-----w- c:\program files\Microsoft.NET
2016-01-25 16:19 . 2009-11-25 11:47 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2016-01-25 16:19 . 2009-11-25 11:47 49472 ----a-w- c:\windows\system32\netfxperf.dll
2016-01-25 16:19 . 2009-11-25 11:47 297808 ----a-w- c:\windows\system32\mscoree.dll
2016-01-25 16:19 . 2009-11-25 11:47 295264 ----a-w- c:\windows\system32\PresentationHost.exe
2016-01-25 16:19 . 2009-11-25 11:47 1130824 ----a-w- c:\windows\system32\dfshim.dll
2016-01-25 16:17 . 2016-01-25 17:22 -------- d-----w- C:\AMD
2016-01-25 07:16 . 2012-06-02 22:19 53784 ----a-w- c:\windows\system32\wuauclt.exe
2016-01-25 07:16 . 2012-06-02 22:19 45080 ----a-w- c:\windows\system32\wups2.dll
2016-01-25 07:16 . 2012-06-02 22:19 1933848 ----a-w- c:\windows\system32\wuaueng.dll
2016-01-25 07:16 . 2012-06-02 22:12 2422272 ----a-w- c:\windows\system32\wucltux.dll
2016-01-25 07:16 . 2012-06-02 22:19 35864 ----a-w- c:\windows\system32\wups.dll
2016-01-25 07:16 . 2012-06-02 22:19 577048 ----a-w- c:\windows\system32\wuapi.dll
2016-01-25 07:16 . 2012-06-02 22:12 88576 ----a-w- c:\windows\system32\wudriver.dll
2016-01-25 07:16 . 2012-06-02 15:19 171904 ----a-w- c:\windows\system32\wuwebv.dll
2016-01-25 07:16 . 2012-06-02 15:12 33792 ----a-w- c:\windows\system32\wuapp.exe
2016-01-24 20:54 . 2016-01-24 20:51 322760 ----a-w- c:\windows\system32\aswBoot.exe
2016-01-24 20:51 . 2016-01-24 20:51 -------- d-----w- c:\program files\Common Files\AV
2016-01-24 20:51 . 2016-01-24 20:51 209432 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2016-01-24 20:51 . 2016-01-24 20:51 117712 ----a-w- c:\windows\system32\drivers\aswStm.sys
2016-01-24 20:51 . 2016-01-24 20:51 449384 ----a-w- c:\windows\system32\drivers\aswSP.sys
2016-01-24 20:51 . 2016-01-24 20:51 81168 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2016-01-24 20:51 . 2016-01-24 20:51 81728 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2016-01-24 20:51 . 2016-01-24 20:51 49776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2016-01-24 20:51 . 2016-01-24 20:51 24016 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2016-01-24 20:51 . 2016-01-24 20:51 812208 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2016-01-24 20:51 . 2016-01-24 20:51 43112 ----a-w- c:\windows\avastSS.scr
2016-01-24 20:49 . 2016-01-24 20:49 -------- d-----w- c:\program files\AVAST Software
2016-01-24 20:47 . 2016-01-24 20:47 -------- d-----w- c:\programdata\AVAST Software
2016-01-24 20:42 . 2016-01-24 20:42 -------- d-----w- c:\programdata\IDM
2016-01-24 20:42 . 2016-01-24 20:43 -------- d-----w- c:\program files\Internet Download Manager
2016-01-24 20:38 . 2016-01-25 17:24 -------- d-sh--w- c:\windows\Installer
2016-01-24 20:33 . 2016-01-24 20:35 -------- d-----w- c:\program files\Google
2016-01-24 20:32 . 2016-01-24 20:32 -------- d-----w- c:\program files\Mozilla Maintenance Service
2016-01-24 20:32 . 2016-01-24 20:32 -------- d-----w- c:\program files\Common Files\ArcSoft
2016-01-24 20:32 . 2016-01-24 20:32 -------- d-----w- c:\windows\system32\Macromed
2016-01-24 20:32 . 2016-01-24 20:32 -------- d-----w- c:\programdata\ArcSoft
2016-01-24 20:32 . 2009-12-05 17:42 85504 ----a-w- c:\windows\system32\ff_vfw.dll
2016-01-24 20:32 . 2009-12-05 17:41 50688 ----a-w- c:\windows\system32\ff_acm.acm
2016-01-24 20:17 . 2016-01-26 09:04 -------- d-----w- C:\dvbdream
2016-01-24 20:16 . 2015-12-16 10:15 9014120 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{3777261D-625B-412D-87AC-FEBAF67777FB}\mpengine.dll
2016-01-24 20:16 . 2015-12-02 13:25 247976 ------w- c:\windows\system32\MpSigStub.exe
2016-01-24 19:15 . 2008-05-26 03:21 22400 ----a-w- c:\windows\system32\drivers\DM1105Cap.sys
2016-01-24 19:13 . 2016-01-24 19:14 -------- d-----w- c:\program files\CCleaner
2016-01-24 19:12 . 2016-01-26 20:10 -------- d-----w- c:\program files\DFX
2016-01-24 19:12 . 2016-01-24 19:12 -------- d-----w- c:\users\Invité
2016-01-24 19:12 . 2016-01-24 19:12 -------- d-----w- c:\users\Administrateur
2016-01-24 19:12 . 2016-01-24 19:12 -------- d-----w- c:\program files\Common Files\DFX
2016-01-24 19:09 . 2016-01-24 19:09 -------- d-----w- c:\program files\USB Disk Security
2016-01-24 19:01 . 2016-01-24 19:01 0 ----a-w- c:\windows\ativpsrm.bin
2016-01-24 18:59 . 2013-04-10 15:34 45056 ----a-w- c:\windows\system32\ATIODCLI.exe
2016-01-24 18:59 . 2013-04-10 15:34 294912 ----a-w- c:\windows\system32\ATIODE.exe
2016-01-24 18:59 . 2013-04-10 15:34 118784 ----a-w- c:\windows\system32\atibtmon.exe
2016-01-24 18:59 . 2014-11-21 02:18 113664 ----a-w- c:\windows\system32\mantle32.dll
2016-01-24 18:59 . 2014-11-21 02:13 85504 ----a-w- c:\windows\system32\mantleaxl32.dll
2016-01-24 18:58 . 2014-11-21 02:19 38912 ----a-w- c:\windows\system32\amdmmcl.dll
2016-01-24 18:58 . 2014-11-21 02:15 4590592 ----a-w- c:\windows\system32\amdmantle32.dll
2016-01-24 18:57 . 2014-11-21 02:33 798734 ----a-w- c:\windows\system32\amdocl_ld32.exe
2016-01-24 18:57 . 2014-11-21 02:33 995342 ----a-w- c:\windows\system32\amdocl_as32.exe
2016-01-24 18:53 . 2016-01-24 18:53 -------- d-----w- c:\program files\Elaborate Bytes
2016-01-24 18:51 . 2016-01-26 18:16 -------- d-----w- c:\windows\system32\wbem\Performance
2016-01-24 17:42 . 2016-01-25 17:39 -------- d-----w- c:\windows\Panther
2015-12-29 12:23 . 2015-12-29 12:18 124992 ----a-w- c:\windows\system32\drivers\idmwfp.sys
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-12-23 16:13 . 2015-12-23 16:13 22348288 ----a-w- c:\windows\system32\amdocl12cl.dll
2015-12-23 15:52 . 2015-12-23 15:52 562688 ----a-w- c:\windows\system32\amdlvr32.dll
2015-12-23 15:31 . 2015-12-23 15:31 198656 ----a-w- c:\windows\system32\dgtrayicon.exe
2015-12-23 15:31 . 2015-12-23 15:31 186368 ----a-w- c:\windows\system32\GameManager32.dll
2015-12-23 15:31 . 2015-12-23 15:31 145408 ----a-w- c:\windows\system32\atieah32.exe
2015-12-23 15:31 . 2015-12-23 15:31 189952 ----a-w- c:\windows\system32\amdgfxinfo32.dll
2015-12-23 15:26 . 2015-12-23 15:26 174592 ----a-w- c:\windows\system32\hsa-thunk.dll
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ IDM Shell Extension]
@="{CDC95B92-E27C-4745-A8C5-64A52A78855D}"
[HKEY_CLASSES_ROOT\CLSID\{CDC95B92-E27C-4745-A8C5-64A52A78855D}]
2015-08-14 10:52 23520 ----a-w- c:\program files\Internet Download Manager\IDMShellExt.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2016-01-24 20:51 750216 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner.exe" [2014-01-21 4455704]
"TVRomote"="c:\program files\DVB\DVBPlayer\TVRomote.exe" [2007-08-03 57344]
"DvbRec"="c:\program files\DVB\DVBPlayer\IPReceiver.exe" [2007-08-03 1957888]
"IDMan"="c:\program files\Internet Download Manager\IDMan.exe" [2015-12-18 3931728]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"VirtualCloneDrive"="c:\program files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2013-03-10 88984]
"USB Security"="c:\program files\USB Disk Security\USBGuard.exe" [2013-06-20 687336]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2016-01-24 7021880]
"Raptr"="c:\progra~1\Raptr\raptrstub.exe" [2015-12-11 56080]
"QQPCTray"="c:\program files\Tencent\QQPCMgr\11.2.17058.221\QQPCTRAY.EXE" [2016-01-26 355296]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
R2 LiveUpdateSvc;LiveUpdate;c:\program files\IObit\LiveUpdate\LiveUpdate.exe [2016-01-15 2945312]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 TsFltMgr;tencent TsFltMgr;c:\windows\system32\drivers\TsFltMgr.sys [2016-01-14 128280]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2016-01-24 812208]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2016-01-24 449384]
S1 DVBNet;DVB Net Adaptor;c:\windows\system32\DRIVERS\VirtualNet.sys [2007-03-23 23040]
S1 IPRouter;IpRouter Protocol Driver;c:\windows\system32\DRIVERS\IpRouterDr.sys [2007-01-09 9856]
S1 QMIEProtect;QMIEProtect;c:\program files\Tencent\QQPCMgr\11.2.17058.221\QMIEProtect.sys [2016-01-12 50488]
S1 QMUdisk;tencent QMUdisk;c:\program files\Tencent\QQPCMgr\11.2.17058.221\QMUdisk.sys [2016-01-13 86328]
S1 softaal;softaal;c:\program files\Tencent\QQPCMgr\11.2.17058.221\softaal.sys [2016-01-26 36280]
S1 TAOKernelDriver;Tencent Auto Optimize Platform.;c:\windows\system32\Drivers\TAOKernel.sys [2016-01-26 94520]
S1 TFsFlt;TFsFlt;c:\windows\system32\Drivers\TFsFlt.sys [2016-01-26 150072]
S1 TSDefenseBt;TSDefenseBt;c:\windows\system32\DRIVERS\TSDefenseBt.sys [2016-01-26 14008]
S1 TSKSP;TSKSP;c:\program files\Tencent\QQPCMgr\11.2.17058.221\TSKsp.sys [2016-01-26 210072]
S1 TSSysKit;TSSysKit;c:\program files\Tencent\QQPCMgr\11.2.17058.221\TSSysKit.sys [2016-01-26 102200]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2013-11-17 209408]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys [2016-01-24 24016]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2016-01-24 81168]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys [2016-01-24 117712]
S2 DM1105CAP;Advanced PCI DVB-S TV Card;c:\windows\system32\DRIVERS\DM1105Cap.sys [2008-05-26 22400]
S2 IDMWFP;IDMWFP;c:\windows\system32\DRIVERS\idmwfp.sys [2015-12-29 124992]
S2 QQPCRTP;QQPCMgr RTP Service;c:\program files\Tencent\QQPCMgr\11.2.17058.221\QQPCRTP.exe [2016-01-26 301728]
S2 QQSysMon;QQSysMon;c:\program files\Tencent\QQPCMgr\11.2.17058.221\QQSysMon.sys [2016-01-26 108984]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [2013-09-24 77312]
S3 DFX11_1;DFX Audio Enhancer 11.1;c:\windows\system32\drivers\dfx11_1.sys [2012-12-13 24424]
S3 RTL8167;Pilote Realtek 8167 NT;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-07-13 139776]
S3 TAOAccelerator;Tencent TAOAccelerator driver.;c:\windows\system32\Drivers\TAOAccelerator.sys [2016-01-26 114616]
S3 TS888;TS888;c:\program files\Tencent\QQPCMgr\11.2.17058.221\TS888.sys [2016-01-26 30392]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2016-01-24 20:35 1090376 ----a-w- c:\program files\Google\Chrome\Application\48.0.2564.82\Installer\chrmstp.exe
.
Contenu du dossier 'Tâches planifiées'
.
2016-01-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2016-01-24 20:33]
.
2016-01-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2016-01-24 20:33]
.
.
------- Examen supplémentaire -------
.
uDefault_Search_URL = hxxp://www.google.com
uStart Page = hxxp://www.hao123.com/?tn=90340616_hao_pg
mStart Page = hxxp://www.hao123.com/?tn=90340616_hao_pg
IE: Télécharger avec IDM - c:\program files\Internet Download Manager\IEExt.htm
IE: Télécharger tous les liens avec Internet Download Manager - c:\program files\Internet Download Manager\IEGetAll.htm
TCP: DhcpNameServer = 192.168.1.1 212.217.1.1
FF - ProfilePath - c:\users\rihaminhouss\AppData\Roaming\Mozilla\Firefox\Profiles\z7vqbnk5.default\
.
- - - - ORPHELINS SUPPRIMES - - - -
.
HKLM-Run-DFX - c:\program files\DFX\DFX.exe
AddRemove-HD Pack - c:\windows\system32\Codec\HD Pack Uninstall.exe
AddRemove-QQPCMgr - c:\program files\Tencent\QQPCMgr\11.2.17058.221\Uninst.exe
.
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
" QQPCTray"="\"c:\\Program Files\\Tencent\\QQPCMgr\\11.2.17058.221\\QQPCTRAY.EXE\" /regrun /qqrepair"
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Heure de fin: 2016-01-26 20:12:28
ComboFix-quarantined-files.txt 2016-01-26 20:12
.
Avant-CF: 38 718 312 448 octets libres
Après-CF: 38 714 703 872 octets libres
.
- - End Of File - - EDC5027EEDF8E620E7B289DD0F9D8DE5
A36C5E4F47E84449FF07ED3517B43A31

Publicité


Signaler le contenu de ce document

Publicité