cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

ComboFix 16-02-23.01 - Colette-Christian 25/02/2016 12:45:56.1.2 - x86
Microsoft Windows 7 Édition Intégrale 6.1.7601.1.1252.33.1036.18.3582.2269 [GMT 1:00]
Lancé depuis: c:\users\Colette-Christian\Downloads\ComboFix.exe
AV: Microsoft Security Essentials *Enabled/Updated* {768124D7-F5F7-6D2F-DDC2-94DFA4017C95}
SP: Microsoft Security Essentials *Enabled/Updated* {CDE0C533-D3CD-62A1-E772-AFADDF863628}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\ntuser.pol
c:\users\Colette-Christian\ZHPCleaner.exe
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\security\logs\scecomp.log
c:\windows\system32\settings.ini
c:\windows\system64
c:\windows\system64\msvcp100.dll
c:\windows\system64\msvcr100.dll
c:\windows\system64\vcomp100.dll
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2016-01-25 au 2016-02-25 ))))))))))))))))))))))))))))))))))))
.
.
2016-02-25 11:51 . 2016-02-25 11:51 -------- d-----w- c:\users\Default\AppData\Local\temp
2016-02-23 17:17 . 2016-02-24 14:28 -------- d-----w- C:\FRST
2016-02-23 11:44 . 2016-02-23 11:44 512 ----a-w- C:\PhysicalDisk0_MBR.bin
2016-02-10 16:28 . 2016-01-17 00:15 1414144 ----a-w- c:\windows\system32\ole32.dll
2016-02-10 16:27 . 2016-02-07 21:03 235216 ----a-w- c:\program files\Internet Explorer\sqmapi.dll
2016-02-10 16:27 . 2016-02-06 09:54 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2016-02-10 16:27 . 2016-02-06 08:49 285696 ----a-w- c:\program files\Internet Explorer\ieproxy.dll
2016-02-10 16:25 . 2016-01-11 18:47 2956288 ----a-w- c:\windows\system32\wucltux.dll
2016-02-10 16:25 . 2016-01-11 18:17 2062848 ----a-w- c:\windows\system32\wuaueng.dll
2016-02-10 16:25 . 2016-01-11 18:14 573440 ----a-w- c:\windows\system32\wuapi.dll
2016-02-10 16:25 . 2016-01-11 18:47 174080 ----a-w- c:\windows\system32\wuwebv.dll
2016-02-10 16:25 . 2016-01-11 18:35 73728 ----a-w- c:\windows\system32\WinSetupUI.dll
2016-02-10 16:25 . 2016-01-11 18:14 93696 ----a-w- c:\windows\system32\wudriver.dll
2016-02-10 16:25 . 2016-01-11 18:14 30208 ----a-w- c:\windows\system32\wups.dll
2016-02-10 16:25 . 2016-01-11 18:14 35840 ----a-w- c:\windows\system32\wups2.dll
2016-02-10 16:25 . 2016-01-11 18:14 136192 ----a-w- c:\windows\system32\wuauclt.exe
2016-02-10 16:25 . 2016-01-11 18:14 35328 ----a-w- c:\windows\system32\wuapp.exe
2016-02-10 16:25 . 2016-01-11 18:14 11776 ----a-w- c:\windows\system32\wu.upgrade.ps.dll
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-12-09 21:39 . 2015-12-09 21:39 1070232 ----a-w- c:\windows\system32\MSCOMCTL.OCX
2015-12-09 03:39 . 2014-07-06 09:07 247976 ------w- c:\windows\system32\MpSigStub.exe
2015-12-08 21:54 . 2016-01-13 15:22 902144 ----a-w- c:\windows\system32\WMADMOD.DLL
2015-12-08 21:54 . 2016-01-13 15:22 815616 ----a-w- c:\windows\system32\WMADMOE.DLL
2015-12-08 21:54 . 2016-01-13 15:22 739328 ----a-w- c:\windows\system32\WMSPDMOD.DLL
2015-12-08 21:54 . 2016-01-13 15:22 541184 ----a-w- c:\windows\system32\WMVSDECD.DLL
2015-12-08 21:54 . 2016-01-13 15:22 1325056 ----a-w- c:\windows\system32\WMSPDMOE.DLL
2015-12-08 21:54 . 2016-01-13 15:22 2285056 ----a-w- c:\windows\system32\msmpeg2vdec.dll
2015-12-08 21:54 . 2016-01-13 15:22 154112 ----a-w- c:\windows\system32\VIDRESZR.DLL
2015-12-08 21:53 . 2016-01-13 15:22 206848 ----a-w- c:\windows\system32\RESAMPLEDMO.DLL
2015-12-08 21:53 . 2016-01-13 15:22 206848 ----a-w- c:\windows\system32\qasf.dll
2015-12-08 21:53 . 2016-01-13 15:22 829952 ----a-w- c:\windows\system32\MSMPEG2ENC.DLL
2015-12-08 21:53 . 2016-01-13 15:22 241152 ----a-w- c:\windows\system32\MPG4DECD.DLL
2015-12-08 21:53 . 2016-01-13 15:22 241152 ----a-w- c:\windows\system32\MP43DECD.DLL
2015-12-08 21:53 . 2016-01-13 15:22 79872 ----a-w- c:\windows\system32\MP3DMOD.DLL
2015-12-08 21:53 . 2016-01-13 15:22 415744 ----a-w- c:\windows\system32\MP4SDECD.DLL
2015-12-08 21:53 . 2016-01-13 15:22 354816 ----a-w- c:\windows\system32\mfplat.dll
2015-12-08 21:53 . 2016-01-13 15:22 609280 ----a-w- c:\windows\system32\MFWMAAEC.DLL
2015-12-08 21:53 . 2016-01-13 15:22 53248 ----a-w- c:\windows\system32\mfvdsp.dll
2015-12-08 21:53 . 2016-01-13 15:22 4608 ----a-w- c:\windows\system32\ksuser.dll
2015-12-08 21:53 . 2016-01-13 15:22 67584 ----a-w- c:\windows\system32\devenum.dll
2015-12-08 21:53 . 2016-01-13 15:22 153600 ----a-w- c:\windows\system32\COLORCNV.DLL
2015-12-08 21:53 . 2016-01-13 15:22 193536 ----a-w- c:\windows\system32\ksproxy.ax
2015-12-08 18:32 . 2016-01-13 15:22 1620992 ----a-w- c:\windows\system32\WMVDECOD.DLL
2015-12-08 18:32 . 2016-01-13 15:22 740352 ----a-w- c:\windows\system32\wmpmde.dll
2015-12-08 18:32 . 2016-01-13 15:22 1568768 ----a-w- c:\windows\system32\WMVENCOD.DLL
2015-12-08 18:32 . 2016-01-13 15:22 665088 ----a-w- c:\windows\system32\WMVXENCD.DLL
2015-12-08 18:32 . 2016-01-13 15:22 358400 ----a-w- c:\windows\system32\WMVSENCD.DLL
2015-12-08 18:32 . 2009-07-14 00:07 1202688 ----a-w- c:\windows\system32\WMALFXGFXDSP.dll
2015-12-08 18:32 . 2016-01-13 15:22 338944 ----a-w- c:\windows\system32\SysFxUI.dll
2015-12-08 18:32 . 2016-01-13 15:27 509952 ----a-w- c:\windows\system32\qedit.dll
2015-12-08 18:32 . 2016-01-13 15:22 519680 ----a-w- c:\windows\system32\qdvd.dll
2015-12-08 18:32 . 2016-01-13 15:22 1329664 ----a-w- c:\windows\system32\quartz.dll
2015-12-08 18:32 . 2016-01-13 15:22 970240 ----a-w- c:\windows\system32\msmpeg2adec.dll
2015-12-08 18:32 . 2016-01-13 15:22 3209728 ----a-w- c:\windows\system32\mf.dll
2015-12-08 18:32 . 2016-01-13 15:22 103424 ----a-w- c:\windows\system32\mfps.dll
2015-12-08 18:32 . 2016-01-13 15:22 728576 ----a-w- c:\windows\system32\mcmde.dll
2015-12-08 18:32 . 2016-01-13 15:27 305664 ----a-w- c:\windows\system32\gdi32.dll
2015-12-08 18:31 . 2016-01-13 15:22 489984 ----a-w- c:\windows\system32\evr.dll
2015-12-08 18:31 . 2016-01-13 15:22 50176 ----a-w- c:\windows\system32\rrinstaller.exe
2015-12-08 18:31 . 2016-01-13 15:22 23040 ----a-w- c:\windows\system32\mfpmp.exe
2015-12-08 18:29 . 2016-01-13 15:22 2048 ----a-w- c:\windows\system32\mferror.dll
2015-12-08 18:22 . 2016-01-13 15:22 81408 ----a-w- c:\windows\system32\drivers\drmk.sys
2015-12-08 17:51 . 2016-01-13 15:22 177152 ----a-w- c:\windows\system32\drivers\portcls.sys
2015-12-08 17:51 . 2016-01-13 15:22 5120 ----a-w- c:\windows\system32\drivers\drmkaud.sys
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2015-10-17 282624]
"Logitech Download Assistant"="c:\windows\System32\LogiLDA.dll" [2012-09-20 1425208]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2015-12-13 1085656]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKLM\~\startupfolder\C:^Users^Colette-Christian^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^hqghumeaylnlf.lnk]
path=c:\users\Colette-Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\hqghumeaylnlf.lnk
backup=c:\windows\pss\hqghumeaylnlf.lnk.Startup
backupExtension=.Startup
.
[HKLM\~\startupfolder\C:^Users^Colette-Christian^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MyPC Backup.lnk]
path=c:\users\Colette-Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
backup=c:\windows\pss\MyPC Backup.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2015-12-13 22:48 1085656 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HomePlayer]
2007-11-06 20:58 294912 ----a-w- c:\program files\HomePlayer\HomePlayer.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HTC Sync Loader]
2013-09-03 09:58 659456 ----a-w- c:\program files\HTC\HTC Sync 3.0\htcUPCTLoader.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PinnacleDriverCheck]
2004-03-10 23:26 406016 ----a-w- c:\windows\System32\PSDrvCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2014-05-07 12:44 256896 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
R2 WaNetEnhance Service;WaNetEnhance Service;c:\program files\WaNetEnhance\WaNetEnhance Internet Enhancer\InternetEnhancerService.exe [x]
R3 cpuz134;cpuz134;c:\users\COLETT~1\AppData\Local\Temp\cpuz134\cpuz134_x32.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-20 62464]
R3 HTCAND32;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys [x]
R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys [2012-12-07 23040]
R3 HtcVCom32;HTC Diagnostic Port;c:\windows\system32\DRIVERS\HtcVComV32.sys [2009-10-27 105984]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2016-01-22 102912]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2014-06-17 14848]
R3 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-08-29 414496]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [2010-11-20 77184]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [2014-06-17 24064]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2014-06-17 49152]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2014-06-17 26880]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [2010-11-20 112640]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2014-06-17 1343400]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe [2014-06-17 21504]
S2 HTCMonitorService;HTCMonitorService;c:\program files\HTC\HTC Sync Manager\HSMServiceEntry.exe [2014-06-27 87368]
S2 NVWMI;NVIDIA WMI Provider;c:\windows\system32\nvwmi.exe [2013-09-05 1027872]
S2 PassThru Service;Internet Pass-Through Service;c:\program files\HTC\Internet Pass-Through\PassThruSvr.exe [2013-10-17 166912]
S3 BthAvrcp;Profil AVRCP Bluetooth;c:\windows\system32\DRIVERS\BthAvrcp.sys [2009-08-13 22528]
S3 netw5v32;Pilote de carte de liaison WiFi sans fil Intel(R) 5000 Series pour Windows Vista 32 bits;c:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
.
.
--- Autres Services/Pilotes en mémoire ---
.
*Deregistered* - NisDrv
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
utcsvc REG_MULTI_SZ DiagTrack
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2016-02-19 18:52 1088664 ----a-w- c:\program files\Google\Chrome\Application\48.0.2564.116\Installer\chrmstp.exe
.
Contenu du dossier 'Tâches planifiées'
.
2016-02-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2014-07-06 07:25]
.
2016-02-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2014-07-06 07:25]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.lemonde.fr/
TCP: DhcpNameServer = 192.168.1.254
.
- - - - ORPHELINS SUPPRIMES - - - -
.
Toolbar-Locked - (no file)
MSConfigStartUp-DAEMON Tools Lite - c:\program files\DAEMON Tools Lite\DTLite.exe
MSConfigStartUp-LaunchList - c:\program files\Pinnacle\Studio 10\LaunchList.exe
MSConfigStartUp-MSC - c:\program files\Microsoft Security Client\msseces.exe
MSConfigStartUp-SDTray - c:\program files\Spybot - Search & Destroy 2\SDTray.exe
MSConfigStartUp-Spybot-S&D Cleaning - c:\program files\Spybot - Search & Destroy 2\SDCleaner.exe
HKLM_ActiveSetup-installed components - c:\program files\Crossbrowse\Crossbrowse\Application\39.4.2171.95\Installer\chrmstp.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033 - c:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\v4.5.52213\\Setup.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB2954853 - c:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\v4.5.52213\setup.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB2972107 - c:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\v4.5.52213\setup.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB2972216 - c:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\v4.5.52213\setup.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB2978128 - c:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\v4.5.52213\setup.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB2979578v2 - c:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\v4.5.52213\setup.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB3023224 - c:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\v4.5.52213\setup.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB3035490 - c:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\v4.5.52213\setup.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB3037581 - c:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\v4.5.52213\setup.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB3074230 - c:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\v4.5.52213\setup.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB3074550 - c:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\v4.5.52213\setup.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB3097996 - c:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\v4.5.52213\setup.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB3098781 - c:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\v4.5.52213\setup.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB3122656 - c:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\v4.5.52213\setup.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB3127229 - c:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\v4.5.52213\setup.exe
.
.
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Heure de fin: 2016-02-25 12:54:35
ComboFix-quarantined-files.txt 2016-02-25 11:54
.
Avant-CF: 587 450 540 032 octets libres
Après-CF: 587 102 056 448 octets libres
.
- - End Of File - - C21ADD5EF2AB3606AFED677699B253BA
A36C5E4F47E84449FF07ED3517B43A31

Publicité


Signaler le contenu de ce document

Publicité