Publicité
Publicité
Format du document : text/plain
Prévisualisation
ComboFix 14-03-16.01 - Fredator 17/03/2014 20:32:44.2.8 - x64
Microsoft Windows�7 �dition Familiale Premium 6.1.7601.1.1252.33.1036.18.16354.14874 [GMT 1:00]
Lanc� depuis: c:\users\Fredator\Desktop\ComboFix.exe
Commutateurs utilis�s :: c:\users\Fredator\Desktop\CFScript.txt
AV: ESET NOD32 Antivirus 7.0 *Disabled/Updated* {19259FAE-8396-A113-46DB-15B0E7DFA289}
SP: ESET NOD32 Antivirus 7.0 *Disabled/Updated* {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((( Fichiers cr��s du 2014-02-17 au 2014-03-17 ))))))))))))))))))))))))))))))))))))
.
.
2014-03-17 19:34 . 2014-03-17 19:34 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-03-17 13:45 . 2014-03-17 13:46 -------- d-----w- C:\FRST
2014-03-16 14:17 . 2014-03-16 14:17 -------- d-----w- c:\program files (x86)\Common Files\Java
2014-03-16 14:17 . 2014-03-16 14:17 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-03-16 14:17 . 2014-03-16 14:17 -------- d-----w- c:\program files (x86)\Java
2014-03-16 12:39 . 2014-03-16 12:55 -------- d-----w- C:\Shortcut_Module
2014-03-12 15:22 . 2014-02-07 01:23 3156480 ----a-w- c:\windows\system32\win32k.sys
2014-03-12 15:22 . 2014-02-04 02:32 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll
2014-03-12 15:22 . 2014-02-04 02:32 624128 ----a-w- c:\windows\system32\qedit.dll
2014-03-12 15:22 . 2014-02-04 02:04 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
2014-03-12 15:22 . 2014-02-04 02:04 509440 ----a-w- c:\windows\SysWow64\qedit.dll
2014-03-12 15:22 . 2014-01-29 02:32 484864 ----a-w- c:\windows\system32\wer.dll
2014-03-12 15:22 . 2014-01-29 02:06 381440 ----a-w- c:\windows\SysWow64\wer.dll
2014-03-12 15:22 . 2014-01-28 02:32 228864 ----a-w- c:\windows\system32\wwansvc.dll
2014-03-11 00:11 . 2014-03-12 15:28 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-03-11 00:11 . 2014-03-12 15:28 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-03-07 14:45 . 2014-03-07 14:48 -------- d-----w- c:\program files (x86)\ReNamer
2014-03-06 16:43 . 1999-12-01 09:40 401462 ----a-w- c:\windows\SysWow64\temp.001
2014-03-05 11:08 . 2014-03-05 11:08 -------- d-----w- c:\program files\Classic Shell
2014-02-27 10:53 . 2014-01-09 02:22 5694464 ----a-w- c:\windows\SysWow64\mstscax.dll
2014-02-27 10:53 . 2014-01-03 22:44 6574592 ----a-w- c:\windows\system32\mstscax.dll
2014-02-26 12:05 . 2014-02-26 12:05 -------- d-----w- c:\users\Fredator\AppData\Roaming\.mono
2014-02-26 12:05 . 2014-02-26 12:05 -------- d-----w- c:\programdata\.mono
2014-02-26 12:05 . 2014-03-16 21:55 -------- d-----w- c:\users\Fredator\AppData\Roaming\Unity
2014-02-26 12:04 . 2014-03-16 13:52 -------- d-----w- c:\users\Fredator\AppData\Local\Unity
2014-02-22 01:25 . 2014-03-15 16:47 -------- d-----w- C:\AdwCleaner
2014-02-19 02:39 . 2014-02-19 02:39 -------- d-----w- C:\DownloadFolder
2014-02-16 13:14 . 2014-02-16 13:14 -------- d-----w- c:\users\Fredator\AppData\Local\FastStone
2014-02-16 10:58 . 2010-05-26 10:41 511328 ----a-w- c:\windows\system32\d3dx10_43.dll
2014-02-16 10:58 . 2010-05-26 10:41 470880 ----a-w- c:\windows\SysWow64\d3dx10_43.dll
2014-02-16 10:58 . 2010-05-26 10:41 276832 ----a-w- c:\windows\system32\d3dx11_43.dll
2014-02-16 10:58 . 2010-05-26 10:41 248672 ----a-w- c:\windows\SysWow64\d3dx11_43.dll
2014-02-16 10:58 . 2010-05-26 10:41 1998168 ----a-w- c:\windows\SysWow64\D3DX9_43.dll
2014-02-16 10:58 . 2010-05-26 10:41 2401112 ----a-w- c:\windows\system32\D3DX9_43.dll
2014-02-16 10:58 . 2014-02-16 13:17 -------- d-----w- c:\users\Fredator\AppData\Local\NVIDIA Corporation
2014-02-16 10:57 . 2013-12-19 20:33 1884448 ----a-w- c:\windows\system32\nvdispco6433221.dll
2014-02-16 10:57 . 2013-12-19 20:33 1511712 ----a-w- c:\windows\system32\nvdispgenco6433221.dll
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-03-12 15:23 . 2011-12-10 23:09 90015360 ----a-w- c:\windows\system32\MRT.exe
2014-02-08 18:34 . 2012-04-12 13:32 947296 ----a-w- c:\windows\system32\nvumdshimx.dll
2014-02-08 18:34 . 2011-12-11 04:09 3090184 ----a-w- c:\windows\system32\nvapi64.dll
2014-02-08 17:42 . 2010-10-19 01:25 6712608 ----a-w- c:\windows\system32\nvcpl.dll
2014-02-08 17:42 . 2010-10-19 01:25 3498272 ----a-w- c:\windows\system32\nvsvc64.dll
2014-02-08 17:42 . 2010-10-19 01:25 923936 ----a-w- c:\windows\system32\nvvsvc.exe
2014-02-08 17:42 . 2010-10-19 01:25 63776 ----a-w- c:\windows\system32\nvshext.dll
2014-02-08 17:42 . 2010-10-19 01:25 386336 ----a-w- c:\windows\system32\nvmctray.dll
2014-02-08 17:42 . 2010-10-19 01:25 2559776 ----a-w- c:\windows\system32\nvsvcr.dll
2014-02-05 17:52 . 2012-04-12 13:32 3573739 ----a-w- c:\windows\system32\nvcoproc.bin
2014-01-18 16:12 . 2014-01-18 16:12 283840 ----a-w- c:\windows\system32\StartMenuHelper64.dll
2014-01-18 16:12 . 2014-01-18 16:12 243904 ----a-w- c:\windows\SysWow64\StartMenuHelper32.dll
2014-01-11 00:14 . 2014-01-11 00:14 283064 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2014-01-10 23:46 . 2014-01-10 23:46 381440 ----a-w- c:\windows\system32\drivers\sptd.sys
2014-01-06 08:38 . 2014-01-10 19:09 117024 ----a-w- c:\windows\system32\BootDefrag.exe
2014-01-06 03:28 . 2014-01-10 19:09 17088 ----a-w- c:\windows\system32\drivers\BootDefragDriver.sys
2013-12-24 23:09 . 2014-02-12 11:34 1987584 ----a-w- c:\windows\SysWow64\d3d10warp.dll
2013-12-24 22:48 . 2014-02-12 11:34 2565120 ----a-w- c:\windows\system32\d3d10warp.dll
2013-12-21 09:53 . 2014-02-12 11:36 548864 ----a-w- c:\windows\system32\vbscript.dll
2013-12-21 08:56 . 2014-02-12 11:36 454656 ----a-w- c:\windows\SysWow64\vbscript.dll
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les �l�ments vides & les �l�ments initiaux l�gitimes ne sont pas list�s
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ShareOverlay]
@="{594D4122-1F87-41E2-96C7-825FB4796516}"
[HKEY_CLASSES_ROOT\CLSID\{594D4122-1F87-41E2-96C7-825FB4796516}]
2014-01-18 16:11 674496 ----a-w- c:\program files\Classic Shell\ClassicExplorer32.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-11-17 113288]
"TrueImageMonitor.exe"="c:\program files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe" [2007-10-22 2616288]
"AcronisTimounterMonitor"="c:\program files (x86)\Acronis\TrueImageHome\TimounterMonitor.exe" [2007-10-22 905000]
"WZCSLDR2"="c:\program files (x86)\D-Link\DWA-525 revA\WZCSLDR2.exe" [2009-11-03 122880]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLUA"= 0 (0x0)
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)
"NoFileAssociate"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Super-Charger"=c:\program files (x86)\MSI\Super-Charger\StartSuperCharger.exe
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 D_Link_DWA-525;D_Link_DWA-525 Service;c:\program files (x86)\D-Link\DWA-525 revA\ANIWZCSdS.exe;c:\program files (x86)\D-Link\DWA-525 revA\ANIWZCSdS.exe [x]
R3 D_Link_DWA-525_WPS;D_Link_DWA-525_WPS Service;c:\program files (x86)\D-Link\DWA-525 revA\ANIWConnService.exe;c:\program files (x86)\D-Link\DWA-525 revA\ANIWConnService.exe [x]
R3 DragonUpdater;COMODO Dragon Update Service;c:\program files (x86)\Comodo\Dragon\dragon_updater.exe;c:\program files (x86)\Comodo\Dragon\dragon_updater.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MSI_MSIBIOS_010507;MSI_MSIBIOS_010507;c:\program files (x86)\MSI\Live Update 5\msibios64_100507.sys;c:\program files (x86)\MSI\Live Update 5\msibios64_100507.sys [x]
R3 NTIOLib_1_0_4;NTIOLib_1_0_4;c:\program files (x86)\MSI\Live Update 5\NTIOLib_X64.sys;c:\program files (x86)\MSI\Live Update 5\NTIOLib_X64.sys [x]
R3 NTIOLib_1_0_6;NTIOLib_1_0_6;c:\program files (x86)\Setup Files\Ms7673v1E0\NTIOLib_X64.sys;c:\program files (x86)\Setup Files\Ms7673v1E0\NTIOLib_X64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TeamViewer9;TeamViewer 9;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys;c:\program files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys [x]
R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S0 BootDefragDriver;BootDefragDriver;c:\windows\System32\drivers\BootDefragDriver.sys;c:\windows\SYSNATIVE\drivers\BootDefragDriver.sys [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 anodlwf;ANOD Network Security Filter driver;c:\windows\system32\DRIVERS\anodlwfx.sys;c:\windows\SYSNATIVE\DRIVERS\anodlwfx.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [x]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfpr.sys [x]
S3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys;c:\windows\SYSNATIVE\drivers\MBfilt64.sys [x]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys;c:\windows\SYSNATIVE\DRIVERS\netr28x.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 SaiK0728;SaiK0728;c:\windows\system32\DRIVERS\SaiK0728.sys;c:\windows\SYSNATIVE\DRIVERS\SaiK0728.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-03-15 10:28 1150280 ----a-w- c:\program files (x86)\Google\Chrome\Application\33.0.1750.154\Installer\chrmstp.exe
.
Contenu du dossier 'T�ches planifi�es'
.
2014-03-17 c:\windows\Tasks\GlaryInitialize 4.job
- c:\program files (x86)\Glary Utilities 4\Initialize.exe [2014-01-06 08:37]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ShareOverlay]
@="{594D4122-1F87-41E2-96C7-825FB4796516}"
[HKEY_CLASSES_ROOT\CLSID\{594D4122-1F87-41E2-96C7-825FB4796516}]
2014-01-18 16:12 796352 ----a-w- c:\program files\Classic Shell\ClassicExplorer64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Acronis Scheduler2 Service"="c:\program files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe" [2007-10-20 140568]
"TNOD UP"="c:\program files (x86)\TNod User & Password Finder\TNODUP.exe" [BU]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2013-09-12 5618456]
"Classic Start Menu"="c:\program files\Classic Shell\ClassicStartMenu.exe" [2014-01-18 161984]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
------- Examen suppl�mentaire -------
.
uLocal Page = c:\windows\SysWOW64\blank.htm
uStart Page = hxxp://www.google.com/
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\Fredator\AppData\Roaming\Mozilla\Firefox\Profiles\FredFF\
FF - prefs.js: browser.startup.homepage - chrome://fastdial/content/fastdial.html
.
- - - - ORPHELINS SUPPRIMES - - - -
.
Toolbar-Locked - (no file)
.
.
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_77_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_77_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Heure de fin: 2014-03-17 20:35:52
ComboFix-quarantined-files.txt 2014-03-17 19:35
ComboFix2.txt 2014-03-17 17:48
.
Avant-CF: 51�425�431�552 octets libres
Apr�s-CF: 51�351�494�656 octets libres
.
- - End Of File - - 04A85E9AE1649E73208EEF7E43E756F2
A36C5E4F47E84449FF07ED3517B43A31
Microsoft Windows�7 �dition Familiale Premium 6.1.7601.1.1252.33.1036.18.16354.14874 [GMT 1:00]
Lanc� depuis: c:\users\Fredator\Desktop\ComboFix.exe
Commutateurs utilis�s :: c:\users\Fredator\Desktop\CFScript.txt
AV: ESET NOD32 Antivirus 7.0 *Disabled/Updated* {19259FAE-8396-A113-46DB-15B0E7DFA289}
SP: ESET NOD32 Antivirus 7.0 *Disabled/Updated* {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((( Fichiers cr��s du 2014-02-17 au 2014-03-17 ))))))))))))))))))))))))))))))))))))
.
.
2014-03-17 19:34 . 2014-03-17 19:34 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-03-17 13:45 . 2014-03-17 13:46 -------- d-----w- C:\FRST
2014-03-16 14:17 . 2014-03-16 14:17 -------- d-----w- c:\program files (x86)\Common Files\Java
2014-03-16 14:17 . 2014-03-16 14:17 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-03-16 14:17 . 2014-03-16 14:17 -------- d-----w- c:\program files (x86)\Java
2014-03-16 12:39 . 2014-03-16 12:55 -------- d-----w- C:\Shortcut_Module
2014-03-12 15:22 . 2014-02-07 01:23 3156480 ----a-w- c:\windows\system32\win32k.sys
2014-03-12 15:22 . 2014-02-04 02:32 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll
2014-03-12 15:22 . 2014-02-04 02:32 624128 ----a-w- c:\windows\system32\qedit.dll
2014-03-12 15:22 . 2014-02-04 02:04 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
2014-03-12 15:22 . 2014-02-04 02:04 509440 ----a-w- c:\windows\SysWow64\qedit.dll
2014-03-12 15:22 . 2014-01-29 02:32 484864 ----a-w- c:\windows\system32\wer.dll
2014-03-12 15:22 . 2014-01-29 02:06 381440 ----a-w- c:\windows\SysWow64\wer.dll
2014-03-12 15:22 . 2014-01-28 02:32 228864 ----a-w- c:\windows\system32\wwansvc.dll
2014-03-11 00:11 . 2014-03-12 15:28 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-03-11 00:11 . 2014-03-12 15:28 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-03-07 14:45 . 2014-03-07 14:48 -------- d-----w- c:\program files (x86)\ReNamer
2014-03-06 16:43 . 1999-12-01 09:40 401462 ----a-w- c:\windows\SysWow64\temp.001
2014-03-05 11:08 . 2014-03-05 11:08 -------- d-----w- c:\program files\Classic Shell
2014-02-27 10:53 . 2014-01-09 02:22 5694464 ----a-w- c:\windows\SysWow64\mstscax.dll
2014-02-27 10:53 . 2014-01-03 22:44 6574592 ----a-w- c:\windows\system32\mstscax.dll
2014-02-26 12:05 . 2014-02-26 12:05 -------- d-----w- c:\users\Fredator\AppData\Roaming\.mono
2014-02-26 12:05 . 2014-02-26 12:05 -------- d-----w- c:\programdata\.mono
2014-02-26 12:05 . 2014-03-16 21:55 -------- d-----w- c:\users\Fredator\AppData\Roaming\Unity
2014-02-26 12:04 . 2014-03-16 13:52 -------- d-----w- c:\users\Fredator\AppData\Local\Unity
2014-02-22 01:25 . 2014-03-15 16:47 -------- d-----w- C:\AdwCleaner
2014-02-19 02:39 . 2014-02-19 02:39 -------- d-----w- C:\DownloadFolder
2014-02-16 13:14 . 2014-02-16 13:14 -------- d-----w- c:\users\Fredator\AppData\Local\FastStone
2014-02-16 10:58 . 2010-05-26 10:41 511328 ----a-w- c:\windows\system32\d3dx10_43.dll
2014-02-16 10:58 . 2010-05-26 10:41 470880 ----a-w- c:\windows\SysWow64\d3dx10_43.dll
2014-02-16 10:58 . 2010-05-26 10:41 276832 ----a-w- c:\windows\system32\d3dx11_43.dll
2014-02-16 10:58 . 2010-05-26 10:41 248672 ----a-w- c:\windows\SysWow64\d3dx11_43.dll
2014-02-16 10:58 . 2010-05-26 10:41 1998168 ----a-w- c:\windows\SysWow64\D3DX9_43.dll
2014-02-16 10:58 . 2010-05-26 10:41 2401112 ----a-w- c:\windows\system32\D3DX9_43.dll
2014-02-16 10:58 . 2014-02-16 13:17 -------- d-----w- c:\users\Fredator\AppData\Local\NVIDIA Corporation
2014-02-16 10:57 . 2013-12-19 20:33 1884448 ----a-w- c:\windows\system32\nvdispco6433221.dll
2014-02-16 10:57 . 2013-12-19 20:33 1511712 ----a-w- c:\windows\system32\nvdispgenco6433221.dll
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-03-12 15:23 . 2011-12-10 23:09 90015360 ----a-w- c:\windows\system32\MRT.exe
2014-02-08 18:34 . 2012-04-12 13:32 947296 ----a-w- c:\windows\system32\nvumdshimx.dll
2014-02-08 18:34 . 2011-12-11 04:09 3090184 ----a-w- c:\windows\system32\nvapi64.dll
2014-02-08 17:42 . 2010-10-19 01:25 6712608 ----a-w- c:\windows\system32\nvcpl.dll
2014-02-08 17:42 . 2010-10-19 01:25 3498272 ----a-w- c:\windows\system32\nvsvc64.dll
2014-02-08 17:42 . 2010-10-19 01:25 923936 ----a-w- c:\windows\system32\nvvsvc.exe
2014-02-08 17:42 . 2010-10-19 01:25 63776 ----a-w- c:\windows\system32\nvshext.dll
2014-02-08 17:42 . 2010-10-19 01:25 386336 ----a-w- c:\windows\system32\nvmctray.dll
2014-02-08 17:42 . 2010-10-19 01:25 2559776 ----a-w- c:\windows\system32\nvsvcr.dll
2014-02-05 17:52 . 2012-04-12 13:32 3573739 ----a-w- c:\windows\system32\nvcoproc.bin
2014-01-18 16:12 . 2014-01-18 16:12 283840 ----a-w- c:\windows\system32\StartMenuHelper64.dll
2014-01-18 16:12 . 2014-01-18 16:12 243904 ----a-w- c:\windows\SysWow64\StartMenuHelper32.dll
2014-01-11 00:14 . 2014-01-11 00:14 283064 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2014-01-10 23:46 . 2014-01-10 23:46 381440 ----a-w- c:\windows\system32\drivers\sptd.sys
2014-01-06 08:38 . 2014-01-10 19:09 117024 ----a-w- c:\windows\system32\BootDefrag.exe
2014-01-06 03:28 . 2014-01-10 19:09 17088 ----a-w- c:\windows\system32\drivers\BootDefragDriver.sys
2013-12-24 23:09 . 2014-02-12 11:34 1987584 ----a-w- c:\windows\SysWow64\d3d10warp.dll
2013-12-24 22:48 . 2014-02-12 11:34 2565120 ----a-w- c:\windows\system32\d3d10warp.dll
2013-12-21 09:53 . 2014-02-12 11:36 548864 ----a-w- c:\windows\system32\vbscript.dll
2013-12-21 08:56 . 2014-02-12 11:36 454656 ----a-w- c:\windows\SysWow64\vbscript.dll
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les �l�ments vides & les �l�ments initiaux l�gitimes ne sont pas list�s
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ShareOverlay]
@="{594D4122-1F87-41E2-96C7-825FB4796516}"
[HKEY_CLASSES_ROOT\CLSID\{594D4122-1F87-41E2-96C7-825FB4796516}]
2014-01-18 16:11 674496 ----a-w- c:\program files\Classic Shell\ClassicExplorer32.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-11-17 113288]
"TrueImageMonitor.exe"="c:\program files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe" [2007-10-22 2616288]
"AcronisTimounterMonitor"="c:\program files (x86)\Acronis\TrueImageHome\TimounterMonitor.exe" [2007-10-22 905000]
"WZCSLDR2"="c:\program files (x86)\D-Link\DWA-525 revA\WZCSLDR2.exe" [2009-11-03 122880]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLUA"= 0 (0x0)
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)
"NoFileAssociate"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Super-Charger"=c:\program files (x86)\MSI\Super-Charger\StartSuperCharger.exe
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 D_Link_DWA-525;D_Link_DWA-525 Service;c:\program files (x86)\D-Link\DWA-525 revA\ANIWZCSdS.exe;c:\program files (x86)\D-Link\DWA-525 revA\ANIWZCSdS.exe [x]
R3 D_Link_DWA-525_WPS;D_Link_DWA-525_WPS Service;c:\program files (x86)\D-Link\DWA-525 revA\ANIWConnService.exe;c:\program files (x86)\D-Link\DWA-525 revA\ANIWConnService.exe [x]
R3 DragonUpdater;COMODO Dragon Update Service;c:\program files (x86)\Comodo\Dragon\dragon_updater.exe;c:\program files (x86)\Comodo\Dragon\dragon_updater.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MSI_MSIBIOS_010507;MSI_MSIBIOS_010507;c:\program files (x86)\MSI\Live Update 5\msibios64_100507.sys;c:\program files (x86)\MSI\Live Update 5\msibios64_100507.sys [x]
R3 NTIOLib_1_0_4;NTIOLib_1_0_4;c:\program files (x86)\MSI\Live Update 5\NTIOLib_X64.sys;c:\program files (x86)\MSI\Live Update 5\NTIOLib_X64.sys [x]
R3 NTIOLib_1_0_6;NTIOLib_1_0_6;c:\program files (x86)\Setup Files\Ms7673v1E0\NTIOLib_X64.sys;c:\program files (x86)\Setup Files\Ms7673v1E0\NTIOLib_X64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TeamViewer9;TeamViewer 9;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys;c:\program files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys [x]
R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S0 BootDefragDriver;BootDefragDriver;c:\windows\System32\drivers\BootDefragDriver.sys;c:\windows\SYSNATIVE\drivers\BootDefragDriver.sys [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 anodlwf;ANOD Network Security Filter driver;c:\windows\system32\DRIVERS\anodlwfx.sys;c:\windows\SYSNATIVE\DRIVERS\anodlwfx.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [x]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfpr.sys [x]
S3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys;c:\windows\SYSNATIVE\drivers\MBfilt64.sys [x]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys;c:\windows\SYSNATIVE\DRIVERS\netr28x.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 SaiK0728;SaiK0728;c:\windows\system32\DRIVERS\SaiK0728.sys;c:\windows\SYSNATIVE\DRIVERS\SaiK0728.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-03-15 10:28 1150280 ----a-w- c:\program files (x86)\Google\Chrome\Application\33.0.1750.154\Installer\chrmstp.exe
.
Contenu du dossier 'T�ches planifi�es'
.
2014-03-17 c:\windows\Tasks\GlaryInitialize 4.job
- c:\program files (x86)\Glary Utilities 4\Initialize.exe [2014-01-06 08:37]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ShareOverlay]
@="{594D4122-1F87-41E2-96C7-825FB4796516}"
[HKEY_CLASSES_ROOT\CLSID\{594D4122-1F87-41E2-96C7-825FB4796516}]
2014-01-18 16:12 796352 ----a-w- c:\program files\Classic Shell\ClassicExplorer64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Acronis Scheduler2 Service"="c:\program files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe" [2007-10-20 140568]
"TNOD UP"="c:\program files (x86)\TNod User & Password Finder\TNODUP.exe" [BU]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2013-09-12 5618456]
"Classic Start Menu"="c:\program files\Classic Shell\ClassicStartMenu.exe" [2014-01-18 161984]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
------- Examen suppl�mentaire -------
.
uLocal Page = c:\windows\SysWOW64\blank.htm
uStart Page = hxxp://www.google.com/
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\Fredator\AppData\Roaming\Mozilla\Firefox\Profiles\FredFF\
FF - prefs.js: browser.startup.homepage - chrome://fastdial/content/fastdial.html
.
- - - - ORPHELINS SUPPRIMES - - - -
.
Toolbar-Locked - (no file)
.
.
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_77_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_77_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Heure de fin: 2014-03-17 20:35:52
ComboFix-quarantined-files.txt 2014-03-17 19:35
ComboFix2.txt 2014-03-17 17:48
.
Avant-CF: 51�425�431�552 octets libres
Apr�s-CF: 51�351�494�656 octets libres
.
- - End Of File - - 04A85E9AE1649E73208EEF7E43E756F2
A36C5E4F47E84449FF07ED3517B43A31