Publicité
Publicité
Format du document : text/plain
Prévisualisation
ComboFix 14-06-27.01 - benoit 28/06/2014 23:35:03.1.2 - x86
Lanc� depuis: c:\users\benoit\Desktop\ComboFix.exe
* Un nouveau point de restauration a �t� cr��
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\version.txt
c:\windows\system32\jucheck.exe
c:\windows\system32\jusched.exe
.
.
((((((((((((((((((((((((((((( Fichiers cr��s du 2014-05-28 au 2014-06-28 ))))))))))))))))))))))))))))))))))))
.
.
2014-06-28 21:41 . 2014-06-28 21:41 -------- d-----w- c:\users\Invit�\AppData\Local\temp
2014-06-28 21:41 . 2014-06-28 21:41 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-06-28 19:57 . 2014-06-05 10:54 8140904 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{98D66EBD-F8DA-44CC-BDC4-25C109E05F27}\mpengine.dll
2014-06-28 19:24 . 2014-06-28 18:56 47560 ----a-w- c:\windows\system32\SPReview.exe
2014-06-28 19:24 . 2014-06-28 18:56 152576 ----a-w- c:\windows\system32\SPWizUI.dll
2014-06-28 18:36 . 2014-06-28 18:36 -------- d-----w- c:\windows\system32\EventProviders
2014-06-28 18:33 . 2014-06-28 18:33 -------- d-----w- c:\program files\Lavalys
2014-06-27 20:24 . 2014-06-28 21:42 -------- d-----w- c:\users\benoit\AppData\Local\Temp
2014-06-27 18:21 . 2014-06-05 10:54 8140904 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-06-27 16:29 . 2014-06-27 16:29 -------- d-----w- c:\windows\system32\SRSLabs
2014-06-27 15:34 . 2014-06-27 15:34 -------- d-----w- c:\programdata\ma-config.com
2014-06-27 15:34 . 2014-06-27 15:34 -------- d-----w- c:\program files\ma-config.com
2014-06-27 14:31 . 2014-06-28 21:09 110296 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-06-27 14:29 . 2014-06-27 14:41 -------- d-----w- C:\UsbFix
2014-06-27 12:47 . 2010-08-30 06:34 536576 ----a-w- c:\windows\system32\sqlite3.dll
2014-06-27 12:41 . 1999-11-12 03:11 183808 ----a-w- c:\windows\system32\BDEADMIN.CPL
2014-06-27 12:41 . 1999-01-20 03:01 210032 ----a-w- c:\windows\system32\DBCLIENT.DLL
2014-06-27 12:41 . 2014-06-27 12:41 -------- d-----w- c:\program files\Common Files\Borland Shared
2014-06-27 12:41 . 2014-06-27 12:56 -------- d-----w- c:\program files\ZebHelpProcess
2014-06-27 12:37 . 2014-06-28 19:53 35152 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2014-06-27 12:37 . 2014-06-27 12:37 -------- d-----w- c:\programdata\RogueKiller
2014-06-27 12:15 . 2014-06-27 16:50 512 ----a-w- C:\PhysicalDisk0_MBR.bin
2014-06-27 12:09 . 2014-05-12 05:26 51928 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-06-27 12:09 . 2014-05-12 05:25 74456 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-06-27 12:09 . 2014-05-12 05:25 23256 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-06-27 12:09 . 2014-06-27 12:09 -------- d-----w- c:\program files\Malwarebytes Anti-Malware
2014-06-27 12:09 . 2014-06-27 12:09 -------- d-----w- c:\programdata\Malwarebytes
2014-06-27 12:00 . 2014-06-27 18:54 -------- d-----w- c:\users\benoit\AppData\Roaming\ZHP
2014-06-27 12:00 . 2014-06-27 16:50 -------- d-----w- c:\program files\ZHPDiag
2014-06-04 12:08 . 2014-06-04 12:08 -------- d-----w- C:\d1fdd756feb595b9e443
2014-06-04 12:07 . 2014-06-04 12:08 -------- d-----w- c:\users\benoit\AppData\Local\yQkDNfB_06041207
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-05-14 16:02 . 2014-04-06 16:00 692400 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-05-14 16:02 . 2011-11-13 12:41 70832 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-04-09 12:34 . 2014-04-09 12:34 378368 ----a-w- c:\windows\system32\winhttp.dll
2014-04-09 12:29 . 2014-04-09 12:29 40960 ----a-w- c:\windows\system32\drivers\fr-FR\http.sys.mui
2013-04-01 17:30 . 2013-04-01 17:28 10 ----a-w- c:\program files\CC.BIN
2011-11-05 07:18 . 2011-11-12 12:10 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les �l�ments vides & les �l�ments initiaux l�gitimes ne sont pas list�s
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-02-23 1232896]
"HPAdvisor"="c:\program files\Hewlett-Packard\HP Advisor\HPAdvisor.exe" [2008-01-18 942080]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2006-11-02 125440]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 201728]
"GoogleChromeAutoLaunch_DA14B84B27A42670C21FA06E4FDB607D"="c:\program files\Google\Chrome\Application\chrome.exe" [2014-06-05 860488]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2014-05-09 12021464]
"hpsysdrv"="c:\hp\support\hpsysdrv.exe" [2007-04-18 65536]
"KBD"="c:\hp\KBD\KbdStub.EXE" [2006-12-08 65536]
"OsdMaestro"="c:\program files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe" [2007-02-15 118784]
"NvSvc"="c:\windows\system32\nvsvc.dll" [2007-12-13 86016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-12-13 8530464]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-12-13 81920]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 40048]
"SunJavaUpdateReg"="c:\windows\system32\jureg.exe" [2007-04-07 54936]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-10-23 948440]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-06-13 15:26 1091912 ----a-w- c:\program files\Google\Chrome\Application\35.0.1916.153\Installer\chrmstp.exe
.
Contenu du dossier 'T�ches planifi�es'
.
2014-06-28 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-06 16:02]
.
2014-06-04 c:\windows\Tasks\GlaryInitialize 4.job
- c:\program files\Glary Utilities 4\Initialize.exe [2014-02-28 08:23]
.
2014-06-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-11-12 13:39]
.
2014-06-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-11-12 13:39]
.
2011-09-08 c:\windows\Tasks\HPCeeScheduleForbenoit.job
- c:\program files\Hewlett-Packard\SDP\Ceement\HPCEE.exe [2008-02-23 11:10]
.
2014-06-28 c:\windows\Tasks\User_Feed_Synchronization-{8321E8BB-8682-4779-8BCD-A5C0A17DCC0C}.job
- c:\windows\system32\msfeedssync.exe [2006-11-02 09:45]
.
.
------- Examen suppl�mentaire -------
.
uStart Page = about:newtab
uDefault_Search_URL = hxxp://www.google.com
mStart Page = about:newtab
mSearch Bar = hxxp://www.google.com
uSearchURL,(Default) = hxxp://www.google.com
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
DPF: Microsoft XML Parser for Java - file:///C:/Windows/Java/classes/xmldso.cab
FF - ProfilePath - c:\users\benoit\AppData\Roaming\Mozilla\Firefox\Profiles\gcho6lra.default\
FF - prefs.js: browser.startup.homepage - about:home
FF - ExtSQL: 2014-05-25 15:14; {d09eec19-10f5-44bd-a92a-cdd3ee45f8a8}; c:\users\benoit\AppData\Roaming\Mozilla\Firefox\Profiles\gcho6lra.default\{d09eec19-10f5-44bd-a92a-cdd3ee45f8a8}
.
- - - - ORPHELINS SUPPRIMES - - - -
.
Toolbar-10 - (no file)
AddRemove-Activeris AntiMalware_is1 - c:\program files\Activeris AntiMalware\unins000.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2014-06-28 23:42
Windows 6.0.6000 NTFS
.
Recherche de processus cach�s ...
.
Recherche d'�l�ments en d�marrage automatique cach�s ...
.
Recherche de fichiers cach�s ...
.
.
c:\users\benoit\AppData\Local\Temp\catchme.dll 53248 bytes executable
.
Scan termin� avec succ�s
Fichiers cach�s: 1
.
**************************************************************************
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Heure de fin: 2014-06-28 23:46:43
ComboFix-quarantined-files.txt 2014-06-28 21:46
.
Avant-CF: 451�201�363�968 octets libres
Apr�s-CF: 451�181�223�936 octets libres
.
- - End Of File - - E813F2FC0474EE699E9D6BA84070C075
03BA8F890B47C0BE359A4D5A636D214D
Lanc� depuis: c:\users\benoit\Desktop\ComboFix.exe
* Un nouveau point de restauration a �t� cr��
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\version.txt
c:\windows\system32\jucheck.exe
c:\windows\system32\jusched.exe
.
.
((((((((((((((((((((((((((((( Fichiers cr��s du 2014-05-28 au 2014-06-28 ))))))))))))))))))))))))))))))))))))
.
.
2014-06-28 21:41 . 2014-06-28 21:41 -------- d-----w- c:\users\Invit�\AppData\Local\temp
2014-06-28 21:41 . 2014-06-28 21:41 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-06-28 19:57 . 2014-06-05 10:54 8140904 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{98D66EBD-F8DA-44CC-BDC4-25C109E05F27}\mpengine.dll
2014-06-28 19:24 . 2014-06-28 18:56 47560 ----a-w- c:\windows\system32\SPReview.exe
2014-06-28 19:24 . 2014-06-28 18:56 152576 ----a-w- c:\windows\system32\SPWizUI.dll
2014-06-28 18:36 . 2014-06-28 18:36 -------- d-----w- c:\windows\system32\EventProviders
2014-06-28 18:33 . 2014-06-28 18:33 -------- d-----w- c:\program files\Lavalys
2014-06-27 20:24 . 2014-06-28 21:42 -------- d-----w- c:\users\benoit\AppData\Local\Temp
2014-06-27 18:21 . 2014-06-05 10:54 8140904 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-06-27 16:29 . 2014-06-27 16:29 -------- d-----w- c:\windows\system32\SRSLabs
2014-06-27 15:34 . 2014-06-27 15:34 -------- d-----w- c:\programdata\ma-config.com
2014-06-27 15:34 . 2014-06-27 15:34 -------- d-----w- c:\program files\ma-config.com
2014-06-27 14:31 . 2014-06-28 21:09 110296 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-06-27 14:29 . 2014-06-27 14:41 -------- d-----w- C:\UsbFix
2014-06-27 12:47 . 2010-08-30 06:34 536576 ----a-w- c:\windows\system32\sqlite3.dll
2014-06-27 12:41 . 1999-11-12 03:11 183808 ----a-w- c:\windows\system32\BDEADMIN.CPL
2014-06-27 12:41 . 1999-01-20 03:01 210032 ----a-w- c:\windows\system32\DBCLIENT.DLL
2014-06-27 12:41 . 2014-06-27 12:41 -------- d-----w- c:\program files\Common Files\Borland Shared
2014-06-27 12:41 . 2014-06-27 12:56 -------- d-----w- c:\program files\ZebHelpProcess
2014-06-27 12:37 . 2014-06-28 19:53 35152 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2014-06-27 12:37 . 2014-06-27 12:37 -------- d-----w- c:\programdata\RogueKiller
2014-06-27 12:15 . 2014-06-27 16:50 512 ----a-w- C:\PhysicalDisk0_MBR.bin
2014-06-27 12:09 . 2014-05-12 05:26 51928 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-06-27 12:09 . 2014-05-12 05:25 74456 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-06-27 12:09 . 2014-05-12 05:25 23256 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-06-27 12:09 . 2014-06-27 12:09 -------- d-----w- c:\program files\Malwarebytes Anti-Malware
2014-06-27 12:09 . 2014-06-27 12:09 -------- d-----w- c:\programdata\Malwarebytes
2014-06-27 12:00 . 2014-06-27 18:54 -------- d-----w- c:\users\benoit\AppData\Roaming\ZHP
2014-06-27 12:00 . 2014-06-27 16:50 -------- d-----w- c:\program files\ZHPDiag
2014-06-04 12:08 . 2014-06-04 12:08 -------- d-----w- C:\d1fdd756feb595b9e443
2014-06-04 12:07 . 2014-06-04 12:08 -------- d-----w- c:\users\benoit\AppData\Local\yQkDNfB_06041207
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-05-14 16:02 . 2014-04-06 16:00 692400 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-05-14 16:02 . 2011-11-13 12:41 70832 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-04-09 12:34 . 2014-04-09 12:34 378368 ----a-w- c:\windows\system32\winhttp.dll
2014-04-09 12:29 . 2014-04-09 12:29 40960 ----a-w- c:\windows\system32\drivers\fr-FR\http.sys.mui
2013-04-01 17:30 . 2013-04-01 17:28 10 ----a-w- c:\program files\CC.BIN
2011-11-05 07:18 . 2011-11-12 12:10 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les �l�ments vides & les �l�ments initiaux l�gitimes ne sont pas list�s
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-02-23 1232896]
"HPAdvisor"="c:\program files\Hewlett-Packard\HP Advisor\HPAdvisor.exe" [2008-01-18 942080]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2006-11-02 125440]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 201728]
"GoogleChromeAutoLaunch_DA14B84B27A42670C21FA06E4FDB607D"="c:\program files\Google\Chrome\Application\chrome.exe" [2014-06-05 860488]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2014-05-09 12021464]
"hpsysdrv"="c:\hp\support\hpsysdrv.exe" [2007-04-18 65536]
"KBD"="c:\hp\KBD\KbdStub.EXE" [2006-12-08 65536]
"OsdMaestro"="c:\program files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe" [2007-02-15 118784]
"NvSvc"="c:\windows\system32\nvsvc.dll" [2007-12-13 86016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-12-13 8530464]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-12-13 81920]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 40048]
"SunJavaUpdateReg"="c:\windows\system32\jureg.exe" [2007-04-07 54936]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-10-23 948440]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-06-13 15:26 1091912 ----a-w- c:\program files\Google\Chrome\Application\35.0.1916.153\Installer\chrmstp.exe
.
Contenu du dossier 'T�ches planifi�es'
.
2014-06-28 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-06 16:02]
.
2014-06-04 c:\windows\Tasks\GlaryInitialize 4.job
- c:\program files\Glary Utilities 4\Initialize.exe [2014-02-28 08:23]
.
2014-06-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-11-12 13:39]
.
2014-06-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-11-12 13:39]
.
2011-09-08 c:\windows\Tasks\HPCeeScheduleForbenoit.job
- c:\program files\Hewlett-Packard\SDP\Ceement\HPCEE.exe [2008-02-23 11:10]
.
2014-06-28 c:\windows\Tasks\User_Feed_Synchronization-{8321E8BB-8682-4779-8BCD-A5C0A17DCC0C}.job
- c:\windows\system32\msfeedssync.exe [2006-11-02 09:45]
.
.
------- Examen suppl�mentaire -------
.
uStart Page = about:newtab
uDefault_Search_URL = hxxp://www.google.com
mStart Page = about:newtab
mSearch Bar = hxxp://www.google.com
uSearchURL,(Default) = hxxp://www.google.com
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
DPF: Microsoft XML Parser for Java - file:///C:/Windows/Java/classes/xmldso.cab
FF - ProfilePath - c:\users\benoit\AppData\Roaming\Mozilla\Firefox\Profiles\gcho6lra.default\
FF - prefs.js: browser.startup.homepage - about:home
FF - ExtSQL: 2014-05-25 15:14; {d09eec19-10f5-44bd-a92a-cdd3ee45f8a8}; c:\users\benoit\AppData\Roaming\Mozilla\Firefox\Profiles\gcho6lra.default\{d09eec19-10f5-44bd-a92a-cdd3ee45f8a8}
.
- - - - ORPHELINS SUPPRIMES - - - -
.
Toolbar-10 - (no file)
AddRemove-Activeris AntiMalware_is1 - c:\program files\Activeris AntiMalware\unins000.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2014-06-28 23:42
Windows 6.0.6000 NTFS
.
Recherche de processus cach�s ...
.
Recherche d'�l�ments en d�marrage automatique cach�s ...
.
Recherche de fichiers cach�s ...
.
.
c:\users\benoit\AppData\Local\Temp\catchme.dll 53248 bytes executable
.
Scan termin� avec succ�s
Fichiers cach�s: 1
.
**************************************************************************
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Heure de fin: 2014-06-28 23:46:43
ComboFix-quarantined-files.txt 2014-06-28 21:46
.
Avant-CF: 451�201�363�968 octets libres
Apr�s-CF: 451�181�223�936 octets libres
.
- - End Of File - - E813F2FC0474EE699E9D6BA84070C075
03BA8F890B47C0BE359A4D5A636D214D