Publicité
Publicité
Format du document : text/plain
Prévisualisation
ComboFix 15-12-07.01 - user 11/12/2015 10:05:53.1.2 - x86
Microsoft Windows 7 Professionnel 6.1.7601.1.1252.33.1036.18.3536.1557 [GMT 1:00]
Lancé depuis: c:\users\user\Downloads\Programs\ComboFix.exe
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
FW: avast! Antivirus *Enabled* {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Un nouveau point de restauration a été créé
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Outrageous Deal\Extensions\4e2d2bf0-159f-4257-acf0-b1f29b376fa0.dll
c:\users\user\AppData\Local\Temp\{A3696E80-9B34-4E9E-AA33-E9410BED8857}.dll
c:\users\user\AppData\Local\Temp\{CDE25716-541F-4A5C-B8AF-482BE0608E1C}.dll
c:\windows\msdownld.tmp
c:\users\user\AppData\Local\Temp\_av_iup.tm~a00868\aswOfferTool.exe . . . . impossible à supprimer
c:\users\user\AppData\Local\Temp\_av_iup.tm~a00868\avBugReport.exe . . . . impossible à supprimer
c:\users\user\AppData\Local\Temp\_av_iup.tm~a00868\HTMLayout.dll . . . . impossible à supprimer
c:\users\user\AppData\Local\Temp\_av_iup.tm~a00868\Instup.dll . . . . impossible à supprimer
c:\users\user\AppData\Local\Temp\_av_iup.tm~a00868\instup.exe . . . . impossible à supprimer
c:\users\user\AppData\Local\Temp\_av_iup.tm~a00868\svffmahu.sys . . . . impossible à supprimer
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2015-11-11 au 2015-12-11 ))))))))))))))))))))))))))))))))))))
.
.
2015-12-11 09:12 . 2015-12-11 09:12 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-12-11 02:22 . 2015-12-11 02:44 -------- d-----w- C:\AdwCleaner
2015-12-06 03:07 . 2015-12-11 09:02 -------- d-----w- c:\program files\Common Files\65ad47d7-2e27-4a5c-b238-26643fdaeb98
2015-12-06 03:07 . 2015-12-11 09:02 -------- d-----w- c:\programdata\65ad47d7-2e27-4a5c-b238-26643fdaeb98
2015-12-06 03:06 . 2015-12-06 03:07 -------- d-----w- c:\program files\Outrageous Deal
2015-12-06 03:06 . 2015-12-06 03:06 -------- d-----w- c:\users\user\AppData\Roaming\RHEng
2015-12-06 03:05 . 2015-12-06 03:08 -------- d-----w- c:\users\user\AppData\Roaming\DivX
2015-12-06 03:05 . 2015-12-06 03:16 -------- d-----w- c:\program files\Common Files\DivX Shared
2015-12-06 03:00 . 2015-12-06 03:16 -------- d-----w- c:\program files\DivX
2015-12-06 02:58 . 2015-12-06 03:16 -------- d-----w- c:\programdata\DivX
2015-12-05 22:55 . 2015-12-05 22:56 -------- d-----w- c:\users\user\AppData\Roaming\vlc
2015-12-05 22:54 . 2015-12-05 22:54 -------- d-----w- c:\program files\VideoLAN
2015-12-05 03:31 . 2015-12-05 03:31 -------- d-----w- c:\program files\Combined Community Codec Pack
2015-12-04 13:21 . 2015-12-04 13:21 -------- d-----w- c:\program files\webrec
2015-12-03 16:34 . 2015-12-03 16:34 -------- d-----w- c:\program files\Common Files\AV
2015-12-03 16:04 . 2015-12-09 00:46 -------- d-----w- c:\users\user\AppData\Local\Popcorn-Time-Community
2015-12-03 15:58 . 2015-12-03 16:03 -------- d-----w- c:\users\user\AppData\Local\Popcorn Time Community
2015-11-30 01:17 . 2015-11-30 01:17 -------- d-----w- c:\users\user\AppData\Roaming\Cybertron
2015-11-30 01:09 . 2015-11-30 01:09 -------- d-----w- c:\program files\Cybertron
2015-11-30 01:05 . 2015-11-30 01:05 -------- d-----w- c:\users\user\AppData\Roaming\Remo MORE
2015-11-30 01:05 . 2015-11-30 01:05 -------- d-----w- c:\users\user\AppData\Roaming\Remo Suite
2015-11-30 01:04 . 2015-11-30 01:04 -------- d-----w- c:\programdata\Licenses
2015-11-30 01:04 . 2015-11-30 01:04 -------- d-----w- c:\users\user\AppData\Roaming\Remo
2015-11-30 01:04 . 2015-11-30 01:31 -------- d-----w- c:\program files\Remo MORE
2015-11-30 01:04 . 2009-02-12 14:11 22312 ----a-w- c:\windows\system32\drivers\rsdrv.sys
2015-11-28 00:57 . 2015-11-28 00:57 -------- d-----w- c:\users\user\AppData\Roaming\Opera Software
2015-11-28 00:57 . 2015-11-28 00:57 -------- d-----w- c:\users\user\AppData\Local\Opera Software
2015-11-28 00:54 . 2015-12-10 00:51 -------- d-----w- c:\program files\Opera
2015-11-26 03:57 . 2015-11-27 00:37 -------- d-----w- c:\windows\system32\vbox
2015-11-26 03:43 . 2015-11-26 03:43 -------- d-----w- c:\program files\CCleaner
2015-11-26 03:25 . 2015-11-26 03:25 -------- d-----w- c:\windows\{D114D655-5413-4CDA-A105-7DC7A3473C7D}
2015-11-26 03:04 . 2013-03-07 21:06 308624 ----a-w- c:\windows\system32\brcmbsp.dll
2015-11-26 03:04 . 2013-03-07 21:06 208752 ----a-w- c:\windows\system32\bipbsp.dll
2015-11-26 03:03 . 2015-11-26 03:03 -------- d-----w- c:\programdata\Broadcom
2015-11-26 03:03 . 2015-11-26 03:03 -------- d-----w- c:\program files\Broadcom Corporation
2015-11-26 02:57 . 2015-11-26 02:57 -------- d-----w- c:\users\user\AppData\Local\Broadcom
2015-11-26 02:56 . 2009-07-01 10:46 108072 ----a-w- c:\windows\system32\drivers\btwavdt.sys
2015-11-26 02:56 . 2009-07-01 10:46 18344 ----a-w- c:\windows\system32\drivers\btwrchid.sys
2015-11-26 02:56 . 2009-04-07 13:32 29472 ----a-w- c:\windows\system32\drivers\btwl2cap.sys
2015-11-26 02:56 . 2009-07-01 10:46 86056 ----a-w- c:\windows\system32\drivers\btwaudio.sys
2015-11-26 02:56 . 2015-11-26 02:56 -------- d-----w- c:\program files\WIDCOMM
2015-11-26 02:50 . 2009-06-25 15:58 48128 ----a-w- c:\windows\system32\drivers\rimmptsk.sys
2015-11-26 02:50 . 2015-11-26 02:50 -------- d--h--w- c:\program files\InstallShield Installation Information
2015-11-26 02:46 . 2015-11-26 02:46 -------- d-----w- c:\users\user\AppData\Roaming\WirelessManager
2015-11-26 02:46 . 2015-11-26 02:46 -------- d-----w- c:\program files\Dell
2015-11-26 02:33 . 2010-04-04 15:20 131072 ----a-w- c:\windows\system32\DellSPMsg.dll
2015-11-26 02:33 . 2015-11-26 02:44 -------- d-----w- C:\Dell
2015-11-26 02:03 . 2015-12-05 03:38 -------- d-----w- c:\users\user\AppData\Roaming\MPC-HC
2015-11-26 00:58 . 2015-11-17 06:43 8991856 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E406483C-0960-497A-8CE6-7C9108FD5F38}\mpengine.dll
2015-11-26 00:48 . 2015-11-26 00:55 -------- d-----w- c:\users\user\AppData\Local\Mozilla
2015-11-26 00:48 . 2015-11-26 00:48 -------- d-----w- c:\program files\Mozilla Maintenance Service
2015-11-25 22:55 . 2015-11-25 22:55 -------- d-----w- c:\windows\system32\wbem\en-US
2015-11-25 22:49 . 2015-11-25 22:49 69632 ----a-w- c:\windows\system32\smss.exe
2015-11-25 22:49 . 2015-11-25 22:49 640512 ----a-w- c:\windows\system32\advapi32.dll
2015-11-25 22:49 . 2015-11-25 22:49 619520 ----a-w- c:\windows\system32\tdh.dll
2015-11-25 22:49 . 2015-11-25 22:49 3969472 ----a-w- c:\windows\system32\ntkrnlpa.exe
2015-11-25 22:49 . 2015-11-25 22:49 3914176 ----a-w- c:\windows\system32\ntoskrnl.exe
2015-11-25 22:49 . 2015-11-25 22:49 38912 ----a-w- c:\windows\system32\csrsrv.dll
2015-11-25 22:49 . 2015-11-25 22:49 1289096 ----a-w- c:\windows\system32\ntdll.dll
2015-11-25 22:49 . 2015-11-25 22:48 26096 ----a-w- c:\windows\system32\drivers\aswKbd.sys
2015-11-25 22:49 . 2015-11-25 22:48 121368 ----a-w- c:\windows\system32\drivers\ngvss.sys
2015-11-25 22:49 . 2015-11-25 22:39 322760 ----a-w- c:\windows\system32\aswBoot.exe
2015-11-25 22:48 . 2015-11-25 22:48 338944 ----a-w- c:\windows\system32\drivers\afd.sys
2015-11-25 22:48 . 2015-11-25 22:48 240496 ----a-w- c:\windows\system32\drivers\netio.sys
2015-11-25 22:48 . 2015-11-25 22:48 231424 ----a-w- c:\windows\system32\mswsock.dll
2015-11-25 22:48 . 2015-11-25 22:48 187752 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2015-11-25 22:48 . 2015-11-25 22:48 1294272 ----a-w- c:\windows\system32\drivers\tcpip.sys
2015-11-25 22:48 . 2015-11-25 22:48 49152 ----a-w- c:\windows\system32\taskhost.exe
2015-11-25 22:44 . 2015-11-25 22:44 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2015-11-25 22:41 . 2015-11-25 22:41 1505280 ----a-w- c:\windows\system32\d3d11.dll
2015-11-25 22:40 . 2015-11-25 22:39 117200 ----a-w- c:\windows\system32\drivers\aswStm.sys
2015-11-25 22:40 . 2015-11-25 22:39 209432 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2015-11-25 22:40 . 2015-11-25 22:39 435464 ----a-w- c:\windows\system32\drivers\aswSP.sys
2015-11-25 22:40 . 2015-11-25 22:39 49776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2015-11-25 22:40 . 2015-11-25 22:39 81168 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2015-11-25 22:40 . 2015-11-25 22:39 24016 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2015-11-25 22:40 . 2015-11-25 22:39 81728 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2015-11-25 22:40 . 2015-11-25 22:39 794952 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2015-11-25 22:39 . 2015-11-25 22:39 43112 ----a-w- c:\windows\avastSS.scr
2015-11-25 22:39 . 2015-11-25 22:39 283072 ----a-w- c:\windows\system32\drivers\aswNdisFlt.sys
2015-11-25 22:36 . 2015-11-26 02:43 -------- d-----w- c:\users\user\AppData\Local\Deployment
2015-11-25 22:36 . 2015-11-25 22:36 -------- d-----w- c:\users\user\AppData\Local\Apps
2015-11-25 22:34 . 2015-11-25 22:48 -------- d-----w- c:\program files\AVAST Software
2015-11-25 22:34 . 2015-11-25 22:34 -------- d-----w- c:\program files\Intel
2015-11-25 22:34 . 2014-05-14 16:23 45536 ----a-w- c:\windows\system32\wups2.dll
2015-11-25 22:34 . 2014-05-14 16:23 54240 ----a-w- c:\windows\system32\wuauclt.exe
2015-11-25 22:34 . 2014-05-14 16:23 1973728 ----a-w- c:\windows\system32\wuaueng.dll
2015-11-25 22:34 . 2014-05-14 16:17 2425856 ----a-w- c:\windows\system32\wucltux.dll
2015-11-25 22:33 . 2014-05-14 16:23 36320 ----a-w- c:\windows\system32\wups.dll
2015-11-25 22:33 . 2014-05-14 16:23 581600 ----a-w- c:\windows\system32\wuapi.dll
2015-11-25 22:33 . 2014-05-14 16:17 92672 ----a-w- c:\windows\system32\wudriver.dll
2015-11-25 22:33 . 2014-05-14 08:23 179656 ----a-w- c:\windows\system32\wuwebv.dll
2015-11-25 22:33 . 2014-05-14 08:17 33792 ----a-w- c:\windows\system32\wuapp.exe
2015-11-25 22:21 . 2015-11-25 22:21 -------- d-----w- c:\users\user\AppData\Roaming\AVAST Software
2015-11-25 22:00 . 2015-11-25 22:00 -------- d-----w- c:\users\user\AppData\Local\Diagnostics
2015-11-25 21:32 . 2015-11-25 23:27 -------- d-----w- c:\program files\MPC-HC
2015-11-25 19:11 . 2015-11-25 19:11 -------- d-----w- c:\program files\Google
2015-11-25 19:10 . 2015-12-03 16:47 -------- d-----w- c:\users\user\AppData\Local\Google
2015-11-25 19:10 . 2015-11-26 14:23 -------- d-----w- c:\program files\Common Files\Adobe
2015-11-25 19:10 . 2015-12-07 01:30 -------- d-----w- c:\users\user\AppData\Local\Microsoft Games
2015-11-25 19:10 . 2015-12-10 17:20 -------- d-sh--w- c:\windows\Installer
2015-11-25 19:10 . 2015-11-26 14:22 -------- d-----w- c:\users\user\AppData\Local\Adobe
2015-11-25 19:07 . 2015-11-25 22:49 -------- d-----w- c:\programdata\AVAST Software
2015-11-25 19:05 . 2015-11-25 19:05 -------- d-----w- c:\program files\Microsoft Games
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-10-23 09:51 . 2015-10-23 09:51 365576 ----a-w- c:\windows\system32\DivXControlPanelApplet.cpl
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2015-11-25 22:39 749192 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IDM Shell Extension]
@="{CDC95B92-E27C-4745-A8C5-64A52A78855D}"
[HKEY_CLASSES_ROOT\CLSID\{CDC95B92-E27C-4745-A8C5-64A52A78855D}]
2015-08-14 12:52 23520 ----a-w- c:\program files\Internet Download Manager\IDMShellExt.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IDMan"="c:\program files\Internet Download Manager\IDMan.exe" [2015-11-09 3911248]
"WirelessManager"="c:\program files\Dell\Dell Mobile Broadband Manager\WirelessManager.exe" [2010-06-04 193064]
"GoogleChromeAutoLaunch_4E874A737D5662A34EBBEADB3A9C4A09"="c:\program files\Google\Chrome\Application\chrome.exe" [2015-12-04 741704]
"Privacy Eraser"="c:\program files\Cybertron\Privacy Eraser\PrivacyEraser.exe" [2015-11-15 4609208]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-11-08 138808]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-11-08 172088]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-11-08 173624]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2015-11-25 7004376]
"DivXMediaServer"="c:\program files\DivX\DivX Media Server\DivXMediaServer.exe" [2015-09-04 433160]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2015-06-26 1861640]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-8-17 795936]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 29472]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-20 62464]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2015-11-25 102912]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
S0 aswNdisFlt;Avast! Firewall Driver;c:\windows\system32\DRIVERS\aswNdisFlt.sys [2015-11-25 283072]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 ngvss;ngvss; [x]
S1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys [2015-11-25 26096]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2015-11-25 794952]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2015-11-25 435464]
S1 ElRawDisk;ElRawDisk;c:\windows\system32\drivers\rsdrv.sys [2009-02-12 22312]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys [2015-11-25 24016]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2015-11-25 81168]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys [2015-11-25 117200]
S2 avast! Firewall;Avast Firewall;c:\program files\AVAST Software\Avast\afwServ.exe [2015-11-25 109520]
S2 Credential Vault Host Control Service;Credential Vault Host Control Service;c:\program files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe [2013-03-07 827272]
S2 Credential Vault Host Storage;Credential Vault Host Storage;c:\program files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe [2013-03-07 32648]
S2 IDMWFP;IDMWFP;c:\windows\system32\DRIVERS\idmwfp.sys [2015-06-12 123968]
S2 Service Mgr OutrageousDeal;Service Mgr OutrageousDeal;c:\programdata\65ad47d7-2e27-4a5c-b238-26643fdaeb98\plugincontainer.exe [2015-12-11 823008]
S2 Update Mgr OutrageousDeal;Update Mgr OutrageousDeal;c:\program files\Common Files\65ad47d7-2e27-4a5c-b238-26643fdaeb98\updater.exe [2015-12-11 677600]
S2 VBoxAswDrv;VBoxAsw Support Driver;c:\program files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [2015-11-25 252152]
S3 AvastVBoxSvc;AvastVBox COM Service;c:\program files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [2015-11-25 4390776]
S3 CFcatchme;CFcatchme;c:\users\user\AppData\Local\Temp\CFcatchme.sys [x]
S3 cvusbdrv;Dell ControlVault;c:\windows\system32\Drivers\cvusbdrv.sys [2013-03-07 41480]
S3 e1yexpress;Pilote de connexions réseau Intel(R) Gigabit;c:\windows\system32\DRIVERS\e1y6032.sys [2009-07-13 214016]
S3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2010-03-15 127488]
S3 netw5v32;Pilote de carte de liaison WiFi sans fil Intel(R) 5000 Series pour Windows Vista 32 bits;c:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
.
.
--- Autres Services/Pilotes en mémoire ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-12-10 15:18 1000264 ----a-w- c:\program files\Google\Chrome\Application\47.0.2526.80\Installer\chrmstp.exe
.
Contenu du dossier 'Tâches planifiées'
.
2015-12-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2015-11-25 22:36]
.
2015-12-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2015-11-25 22:36]
.
.
------- Examen supplémentaire -------
.
uStart Page = https://www.google.com/?gws_rd=ssl
IE: Envoyer au périphérique &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: Envoyer l'&image au périphérique Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Télécharger avec IDM - c:\program files\Internet Download Manager\IEExt.htm
IE: Télécharger tous les liens avec Internet Download Manager - c:\program files\Internet Download Manager\IEGetAll.htm
FF - ProfilePath - c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\95am75f9.default\
FF - user.js: extensions.autoDisableScopes - 14
FF - user.js: xpinstall.signatures.required - false
.
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_USERS\S-1-5-21-4171588529-3573828259-1396250965-1000_Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"scansk"=hex(0):45,84,6a,cc,ea,e3,f2,7e,ee,1b,99,8a,01,16,86,19,16,be,77,4d,ad,
2a,37,82,d7,9b,b5,8e,c3,ee,aa,de,68,41,73,42,a2,ff,08,cb,00,00,00,00,00,00,\
.
[HKEY_USERS\S-1-5-21-4171588529-3573828259-1396250965-1000_Classes\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):b5,46,80,d4,ee,6a,93,28,b6,31,d8,ae,9e,fe,07,77,5a,96,b3,c3,90,
1e,97,7e,da,fb,d7,f7,83,a9,df,6f,22,65,b6,9e,97,2d,bb,ab,00,00,00,00,00,00,\
.
[HKEY_USERS\S-1-5-21-4171588529-3573828259-1396250965-1000_Classes\CLSID\{caec61f4-c650-4ae5-9279-fb7463f1a48a}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"Model"=dword:00000158
"Therad"=dword:00000007
.
[HKEY_USERS\S-1-5-21-4171588529-3573828259-1396250965-1000_Classes\CLSID\{ce6a34c9-f54b-42f5-9f7a-231f9b09e1b0}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"Model"=dword:00000151
"Therad"=dword:0000001e
"MData"=hex(0):2b,8f,78,29,5a,0c,ce,ec,48,d4,68,e5,9f,6a,96,3e,ab,de,c5,81,26,
38,95,44,85,b1,12,f9,90,dd,23,a1,17,aa,c8,7c,22,be,bc,83,a6,45,75,62,00,bd,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- DLLs chargées dans les processus actifs ---------------------
.
- - - - - - - > 'Explorer.exe'(968)
c:\program files\WIDCOMM\Bluetooth Software\btmmhook.dll
c:\program files\WIDCOMM\Bluetooth Software\btncopy.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\windows\system32\WUDFHost.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\system32\taskhost.exe
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files\WIDCOMM\Bluetooth Software\btwdins.exe
c:\windows\system32\conhost.exe
c:\windows\system32\wbem\unsecapp.exe
c:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
c:\windows\system32\sppsvc.exe
.
**************************************************************************
.
Heure de fin: 2015-12-11 10:16:44 - La machine a redémarré
ComboFix-quarantined-files.txt 2015-12-11 09:16
.
Avant-CF: 114 619 396 096 octets libres
Après-CF: 114 317 312 000 octets libres
.
- - End Of File - - BF20E9B1BE30400928A42206B36CF444
A36C5E4F47E84449FF07ED3517B43A31
Microsoft Windows 7 Professionnel 6.1.7601.1.1252.33.1036.18.3536.1557 [GMT 1:00]
Lancé depuis: c:\users\user\Downloads\Programs\ComboFix.exe
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
FW: avast! Antivirus *Enabled* {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Un nouveau point de restauration a été créé
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Outrageous Deal\Extensions\4e2d2bf0-159f-4257-acf0-b1f29b376fa0.dll
c:\users\user\AppData\Local\Temp\{A3696E80-9B34-4E9E-AA33-E9410BED8857}.dll
c:\users\user\AppData\Local\Temp\{CDE25716-541F-4A5C-B8AF-482BE0608E1C}.dll
c:\windows\msdownld.tmp
c:\users\user\AppData\Local\Temp\_av_iup.tm~a00868\aswOfferTool.exe . . . . impossible à supprimer
c:\users\user\AppData\Local\Temp\_av_iup.tm~a00868\avBugReport.exe . . . . impossible à supprimer
c:\users\user\AppData\Local\Temp\_av_iup.tm~a00868\HTMLayout.dll . . . . impossible à supprimer
c:\users\user\AppData\Local\Temp\_av_iup.tm~a00868\Instup.dll . . . . impossible à supprimer
c:\users\user\AppData\Local\Temp\_av_iup.tm~a00868\instup.exe . . . . impossible à supprimer
c:\users\user\AppData\Local\Temp\_av_iup.tm~a00868\svffmahu.sys . . . . impossible à supprimer
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2015-11-11 au 2015-12-11 ))))))))))))))))))))))))))))))))))))
.
.
2015-12-11 09:12 . 2015-12-11 09:12 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-12-11 02:22 . 2015-12-11 02:44 -------- d-----w- C:\AdwCleaner
2015-12-06 03:07 . 2015-12-11 09:02 -------- d-----w- c:\program files\Common Files\65ad47d7-2e27-4a5c-b238-26643fdaeb98
2015-12-06 03:07 . 2015-12-11 09:02 -------- d-----w- c:\programdata\65ad47d7-2e27-4a5c-b238-26643fdaeb98
2015-12-06 03:06 . 2015-12-06 03:07 -------- d-----w- c:\program files\Outrageous Deal
2015-12-06 03:06 . 2015-12-06 03:06 -------- d-----w- c:\users\user\AppData\Roaming\RHEng
2015-12-06 03:05 . 2015-12-06 03:08 -------- d-----w- c:\users\user\AppData\Roaming\DivX
2015-12-06 03:05 . 2015-12-06 03:16 -------- d-----w- c:\program files\Common Files\DivX Shared
2015-12-06 03:00 . 2015-12-06 03:16 -------- d-----w- c:\program files\DivX
2015-12-06 02:58 . 2015-12-06 03:16 -------- d-----w- c:\programdata\DivX
2015-12-05 22:55 . 2015-12-05 22:56 -------- d-----w- c:\users\user\AppData\Roaming\vlc
2015-12-05 22:54 . 2015-12-05 22:54 -------- d-----w- c:\program files\VideoLAN
2015-12-05 03:31 . 2015-12-05 03:31 -------- d-----w- c:\program files\Combined Community Codec Pack
2015-12-04 13:21 . 2015-12-04 13:21 -------- d-----w- c:\program files\webrec
2015-12-03 16:34 . 2015-12-03 16:34 -------- d-----w- c:\program files\Common Files\AV
2015-12-03 16:04 . 2015-12-09 00:46 -------- d-----w- c:\users\user\AppData\Local\Popcorn-Time-Community
2015-12-03 15:58 . 2015-12-03 16:03 -------- d-----w- c:\users\user\AppData\Local\Popcorn Time Community
2015-11-30 01:17 . 2015-11-30 01:17 -------- d-----w- c:\users\user\AppData\Roaming\Cybertron
2015-11-30 01:09 . 2015-11-30 01:09 -------- d-----w- c:\program files\Cybertron
2015-11-30 01:05 . 2015-11-30 01:05 -------- d-----w- c:\users\user\AppData\Roaming\Remo MORE
2015-11-30 01:05 . 2015-11-30 01:05 -------- d-----w- c:\users\user\AppData\Roaming\Remo Suite
2015-11-30 01:04 . 2015-11-30 01:04 -------- d-----w- c:\programdata\Licenses
2015-11-30 01:04 . 2015-11-30 01:04 -------- d-----w- c:\users\user\AppData\Roaming\Remo
2015-11-30 01:04 . 2015-11-30 01:31 -------- d-----w- c:\program files\Remo MORE
2015-11-30 01:04 . 2009-02-12 14:11 22312 ----a-w- c:\windows\system32\drivers\rsdrv.sys
2015-11-28 00:57 . 2015-11-28 00:57 -------- d-----w- c:\users\user\AppData\Roaming\Opera Software
2015-11-28 00:57 . 2015-11-28 00:57 -------- d-----w- c:\users\user\AppData\Local\Opera Software
2015-11-28 00:54 . 2015-12-10 00:51 -------- d-----w- c:\program files\Opera
2015-11-26 03:57 . 2015-11-27 00:37 -------- d-----w- c:\windows\system32\vbox
2015-11-26 03:43 . 2015-11-26 03:43 -------- d-----w- c:\program files\CCleaner
2015-11-26 03:25 . 2015-11-26 03:25 -------- d-----w- c:\windows\{D114D655-5413-4CDA-A105-7DC7A3473C7D}
2015-11-26 03:04 . 2013-03-07 21:06 308624 ----a-w- c:\windows\system32\brcmbsp.dll
2015-11-26 03:04 . 2013-03-07 21:06 208752 ----a-w- c:\windows\system32\bipbsp.dll
2015-11-26 03:03 . 2015-11-26 03:03 -------- d-----w- c:\programdata\Broadcom
2015-11-26 03:03 . 2015-11-26 03:03 -------- d-----w- c:\program files\Broadcom Corporation
2015-11-26 02:57 . 2015-11-26 02:57 -------- d-----w- c:\users\user\AppData\Local\Broadcom
2015-11-26 02:56 . 2009-07-01 10:46 108072 ----a-w- c:\windows\system32\drivers\btwavdt.sys
2015-11-26 02:56 . 2009-07-01 10:46 18344 ----a-w- c:\windows\system32\drivers\btwrchid.sys
2015-11-26 02:56 . 2009-04-07 13:32 29472 ----a-w- c:\windows\system32\drivers\btwl2cap.sys
2015-11-26 02:56 . 2009-07-01 10:46 86056 ----a-w- c:\windows\system32\drivers\btwaudio.sys
2015-11-26 02:56 . 2015-11-26 02:56 -------- d-----w- c:\program files\WIDCOMM
2015-11-26 02:50 . 2009-06-25 15:58 48128 ----a-w- c:\windows\system32\drivers\rimmptsk.sys
2015-11-26 02:50 . 2015-11-26 02:50 -------- d--h--w- c:\program files\InstallShield Installation Information
2015-11-26 02:46 . 2015-11-26 02:46 -------- d-----w- c:\users\user\AppData\Roaming\WirelessManager
2015-11-26 02:46 . 2015-11-26 02:46 -------- d-----w- c:\program files\Dell
2015-11-26 02:33 . 2010-04-04 15:20 131072 ----a-w- c:\windows\system32\DellSPMsg.dll
2015-11-26 02:33 . 2015-11-26 02:44 -------- d-----w- C:\Dell
2015-11-26 02:03 . 2015-12-05 03:38 -------- d-----w- c:\users\user\AppData\Roaming\MPC-HC
2015-11-26 00:58 . 2015-11-17 06:43 8991856 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E406483C-0960-497A-8CE6-7C9108FD5F38}\mpengine.dll
2015-11-26 00:48 . 2015-11-26 00:55 -------- d-----w- c:\users\user\AppData\Local\Mozilla
2015-11-26 00:48 . 2015-11-26 00:48 -------- d-----w- c:\program files\Mozilla Maintenance Service
2015-11-25 22:55 . 2015-11-25 22:55 -------- d-----w- c:\windows\system32\wbem\en-US
2015-11-25 22:49 . 2015-11-25 22:49 69632 ----a-w- c:\windows\system32\smss.exe
2015-11-25 22:49 . 2015-11-25 22:49 640512 ----a-w- c:\windows\system32\advapi32.dll
2015-11-25 22:49 . 2015-11-25 22:49 619520 ----a-w- c:\windows\system32\tdh.dll
2015-11-25 22:49 . 2015-11-25 22:49 3969472 ----a-w- c:\windows\system32\ntkrnlpa.exe
2015-11-25 22:49 . 2015-11-25 22:49 3914176 ----a-w- c:\windows\system32\ntoskrnl.exe
2015-11-25 22:49 . 2015-11-25 22:49 38912 ----a-w- c:\windows\system32\csrsrv.dll
2015-11-25 22:49 . 2015-11-25 22:49 1289096 ----a-w- c:\windows\system32\ntdll.dll
2015-11-25 22:49 . 2015-11-25 22:48 26096 ----a-w- c:\windows\system32\drivers\aswKbd.sys
2015-11-25 22:49 . 2015-11-25 22:48 121368 ----a-w- c:\windows\system32\drivers\ngvss.sys
2015-11-25 22:49 . 2015-11-25 22:39 322760 ----a-w- c:\windows\system32\aswBoot.exe
2015-11-25 22:48 . 2015-11-25 22:48 338944 ----a-w- c:\windows\system32\drivers\afd.sys
2015-11-25 22:48 . 2015-11-25 22:48 240496 ----a-w- c:\windows\system32\drivers\netio.sys
2015-11-25 22:48 . 2015-11-25 22:48 231424 ----a-w- c:\windows\system32\mswsock.dll
2015-11-25 22:48 . 2015-11-25 22:48 187752 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2015-11-25 22:48 . 2015-11-25 22:48 1294272 ----a-w- c:\windows\system32\drivers\tcpip.sys
2015-11-25 22:48 . 2015-11-25 22:48 49152 ----a-w- c:\windows\system32\taskhost.exe
2015-11-25 22:44 . 2015-11-25 22:44 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2015-11-25 22:41 . 2015-11-25 22:41 1505280 ----a-w- c:\windows\system32\d3d11.dll
2015-11-25 22:40 . 2015-11-25 22:39 117200 ----a-w- c:\windows\system32\drivers\aswStm.sys
2015-11-25 22:40 . 2015-11-25 22:39 209432 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2015-11-25 22:40 . 2015-11-25 22:39 435464 ----a-w- c:\windows\system32\drivers\aswSP.sys
2015-11-25 22:40 . 2015-11-25 22:39 49776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2015-11-25 22:40 . 2015-11-25 22:39 81168 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2015-11-25 22:40 . 2015-11-25 22:39 24016 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2015-11-25 22:40 . 2015-11-25 22:39 81728 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2015-11-25 22:40 . 2015-11-25 22:39 794952 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2015-11-25 22:39 . 2015-11-25 22:39 43112 ----a-w- c:\windows\avastSS.scr
2015-11-25 22:39 . 2015-11-25 22:39 283072 ----a-w- c:\windows\system32\drivers\aswNdisFlt.sys
2015-11-25 22:36 . 2015-11-26 02:43 -------- d-----w- c:\users\user\AppData\Local\Deployment
2015-11-25 22:36 . 2015-11-25 22:36 -------- d-----w- c:\users\user\AppData\Local\Apps
2015-11-25 22:34 . 2015-11-25 22:48 -------- d-----w- c:\program files\AVAST Software
2015-11-25 22:34 . 2015-11-25 22:34 -------- d-----w- c:\program files\Intel
2015-11-25 22:34 . 2014-05-14 16:23 45536 ----a-w- c:\windows\system32\wups2.dll
2015-11-25 22:34 . 2014-05-14 16:23 54240 ----a-w- c:\windows\system32\wuauclt.exe
2015-11-25 22:34 . 2014-05-14 16:23 1973728 ----a-w- c:\windows\system32\wuaueng.dll
2015-11-25 22:34 . 2014-05-14 16:17 2425856 ----a-w- c:\windows\system32\wucltux.dll
2015-11-25 22:33 . 2014-05-14 16:23 36320 ----a-w- c:\windows\system32\wups.dll
2015-11-25 22:33 . 2014-05-14 16:23 581600 ----a-w- c:\windows\system32\wuapi.dll
2015-11-25 22:33 . 2014-05-14 16:17 92672 ----a-w- c:\windows\system32\wudriver.dll
2015-11-25 22:33 . 2014-05-14 08:23 179656 ----a-w- c:\windows\system32\wuwebv.dll
2015-11-25 22:33 . 2014-05-14 08:17 33792 ----a-w- c:\windows\system32\wuapp.exe
2015-11-25 22:21 . 2015-11-25 22:21 -------- d-----w- c:\users\user\AppData\Roaming\AVAST Software
2015-11-25 22:00 . 2015-11-25 22:00 -------- d-----w- c:\users\user\AppData\Local\Diagnostics
2015-11-25 21:32 . 2015-11-25 23:27 -------- d-----w- c:\program files\MPC-HC
2015-11-25 19:11 . 2015-11-25 19:11 -------- d-----w- c:\program files\Google
2015-11-25 19:10 . 2015-12-03 16:47 -------- d-----w- c:\users\user\AppData\Local\Google
2015-11-25 19:10 . 2015-11-26 14:23 -------- d-----w- c:\program files\Common Files\Adobe
2015-11-25 19:10 . 2015-12-07 01:30 -------- d-----w- c:\users\user\AppData\Local\Microsoft Games
2015-11-25 19:10 . 2015-12-10 17:20 -------- d-sh--w- c:\windows\Installer
2015-11-25 19:10 . 2015-11-26 14:22 -------- d-----w- c:\users\user\AppData\Local\Adobe
2015-11-25 19:07 . 2015-11-25 22:49 -------- d-----w- c:\programdata\AVAST Software
2015-11-25 19:05 . 2015-11-25 19:05 -------- d-----w- c:\program files\Microsoft Games
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-10-23 09:51 . 2015-10-23 09:51 365576 ----a-w- c:\windows\system32\DivXControlPanelApplet.cpl
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2015-11-25 22:39 749192 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IDM Shell Extension]
@="{CDC95B92-E27C-4745-A8C5-64A52A78855D}"
[HKEY_CLASSES_ROOT\CLSID\{CDC95B92-E27C-4745-A8C5-64A52A78855D}]
2015-08-14 12:52 23520 ----a-w- c:\program files\Internet Download Manager\IDMShellExt.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IDMan"="c:\program files\Internet Download Manager\IDMan.exe" [2015-11-09 3911248]
"WirelessManager"="c:\program files\Dell\Dell Mobile Broadband Manager\WirelessManager.exe" [2010-06-04 193064]
"GoogleChromeAutoLaunch_4E874A737D5662A34EBBEADB3A9C4A09"="c:\program files\Google\Chrome\Application\chrome.exe" [2015-12-04 741704]
"Privacy Eraser"="c:\program files\Cybertron\Privacy Eraser\PrivacyEraser.exe" [2015-11-15 4609208]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-11-08 138808]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-11-08 172088]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-11-08 173624]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2015-11-25 7004376]
"DivXMediaServer"="c:\program files\DivX\DivX Media Server\DivXMediaServer.exe" [2015-09-04 433160]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2015-06-26 1861640]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-8-17 795936]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 29472]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-20 62464]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2015-11-25 102912]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
S0 aswNdisFlt;Avast! Firewall Driver;c:\windows\system32\DRIVERS\aswNdisFlt.sys [2015-11-25 283072]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 ngvss;ngvss; [x]
S1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys [2015-11-25 26096]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2015-11-25 794952]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2015-11-25 435464]
S1 ElRawDisk;ElRawDisk;c:\windows\system32\drivers\rsdrv.sys [2009-02-12 22312]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys [2015-11-25 24016]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2015-11-25 81168]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys [2015-11-25 117200]
S2 avast! Firewall;Avast Firewall;c:\program files\AVAST Software\Avast\afwServ.exe [2015-11-25 109520]
S2 Credential Vault Host Control Service;Credential Vault Host Control Service;c:\program files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe [2013-03-07 827272]
S2 Credential Vault Host Storage;Credential Vault Host Storage;c:\program files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe [2013-03-07 32648]
S2 IDMWFP;IDMWFP;c:\windows\system32\DRIVERS\idmwfp.sys [2015-06-12 123968]
S2 Service Mgr OutrageousDeal;Service Mgr OutrageousDeal;c:\programdata\65ad47d7-2e27-4a5c-b238-26643fdaeb98\plugincontainer.exe [2015-12-11 823008]
S2 Update Mgr OutrageousDeal;Update Mgr OutrageousDeal;c:\program files\Common Files\65ad47d7-2e27-4a5c-b238-26643fdaeb98\updater.exe [2015-12-11 677600]
S2 VBoxAswDrv;VBoxAsw Support Driver;c:\program files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [2015-11-25 252152]
S3 AvastVBoxSvc;AvastVBox COM Service;c:\program files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [2015-11-25 4390776]
S3 CFcatchme;CFcatchme;c:\users\user\AppData\Local\Temp\CFcatchme.sys [x]
S3 cvusbdrv;Dell ControlVault;c:\windows\system32\Drivers\cvusbdrv.sys [2013-03-07 41480]
S3 e1yexpress;Pilote de connexions réseau Intel(R) Gigabit;c:\windows\system32\DRIVERS\e1y6032.sys [2009-07-13 214016]
S3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2010-03-15 127488]
S3 netw5v32;Pilote de carte de liaison WiFi sans fil Intel(R) 5000 Series pour Windows Vista 32 bits;c:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
.
.
--- Autres Services/Pilotes en mémoire ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-12-10 15:18 1000264 ----a-w- c:\program files\Google\Chrome\Application\47.0.2526.80\Installer\chrmstp.exe
.
Contenu du dossier 'Tâches planifiées'
.
2015-12-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2015-11-25 22:36]
.
2015-12-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2015-11-25 22:36]
.
.
------- Examen supplémentaire -------
.
uStart Page = https://www.google.com/?gws_rd=ssl
IE: Envoyer au périphérique &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: Envoyer l'&image au périphérique Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Télécharger avec IDM - c:\program files\Internet Download Manager\IEExt.htm
IE: Télécharger tous les liens avec Internet Download Manager - c:\program files\Internet Download Manager\IEGetAll.htm
FF - ProfilePath - c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\95am75f9.default\
FF - user.js: extensions.autoDisableScopes - 14
FF - user.js: xpinstall.signatures.required - false
.
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_USERS\S-1-5-21-4171588529-3573828259-1396250965-1000_Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"scansk"=hex(0):45,84,6a,cc,ea,e3,f2,7e,ee,1b,99,8a,01,16,86,19,16,be,77,4d,ad,
2a,37,82,d7,9b,b5,8e,c3,ee,aa,de,68,41,73,42,a2,ff,08,cb,00,00,00,00,00,00,\
.
[HKEY_USERS\S-1-5-21-4171588529-3573828259-1396250965-1000_Classes\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):b5,46,80,d4,ee,6a,93,28,b6,31,d8,ae,9e,fe,07,77,5a,96,b3,c3,90,
1e,97,7e,da,fb,d7,f7,83,a9,df,6f,22,65,b6,9e,97,2d,bb,ab,00,00,00,00,00,00,\
.
[HKEY_USERS\S-1-5-21-4171588529-3573828259-1396250965-1000_Classes\CLSID\{caec61f4-c650-4ae5-9279-fb7463f1a48a}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"Model"=dword:00000158
"Therad"=dword:00000007
.
[HKEY_USERS\S-1-5-21-4171588529-3573828259-1396250965-1000_Classes\CLSID\{ce6a34c9-f54b-42f5-9f7a-231f9b09e1b0}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"Model"=dword:00000151
"Therad"=dword:0000001e
"MData"=hex(0):2b,8f,78,29,5a,0c,ce,ec,48,d4,68,e5,9f,6a,96,3e,ab,de,c5,81,26,
38,95,44,85,b1,12,f9,90,dd,23,a1,17,aa,c8,7c,22,be,bc,83,a6,45,75,62,00,bd,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- DLLs chargées dans les processus actifs ---------------------
.
- - - - - - - > 'Explorer.exe'(968)
c:\program files\WIDCOMM\Bluetooth Software\btmmhook.dll
c:\program files\WIDCOMM\Bluetooth Software\btncopy.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\windows\system32\WUDFHost.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\system32\taskhost.exe
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files\WIDCOMM\Bluetooth Software\btwdins.exe
c:\windows\system32\conhost.exe
c:\windows\system32\wbem\unsecapp.exe
c:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
c:\windows\system32\sppsvc.exe
.
**************************************************************************
.
Heure de fin: 2015-12-11 10:16:44 - La machine a redémarré
ComboFix-quarantined-files.txt 2015-12-11 09:16
.
Avant-CF: 114 619 396 096 octets libres
Après-CF: 114 317 312 000 octets libres
.
- - End Of File - - BF20E9B1BE30400928A42206B36CF444
A36C5E4F47E84449FF07ED3517B43A31