Publicité
Publicité
Format du document : text/plain
Prévisualisation
ComboFix 16-05-18.01 - MOHAMED 30/05/2016 9:19.2.2 - x86
Microsoft Windows 7 Professionnel 6.1.7601.1.1252.33.1036.18.3062.1974 [GMT 1:00]
Lancé depuis: c:\users\MOHAMED\Downloads\ComboFix.exe
AV: ESET Smart Security 9.0.375.1 *Disabled/Updated* {19259FAE-8396-A113-46DB-15B0E7DFA289}
SP: ESET Smart Security 9.0.375.1 *Disabled/Updated* {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\MOHAMED\AppData\Roaming\dclogs
c:\users\MOHAMED\AppData\Roaming\dclogs\2016-05-29-1.dc
c:\users\MOHAMED\ZHPDiag3.exe
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2016-04-28 au 2016-05-30 ))))))))))))))))))))))))))))))))))))
.
.
2016-05-30 08:29 . 2016-05-30 08:29 -------- d-----w- c:\users\MOHAMED\AppData\Local\temp
2016-05-30 08:29 . 2016-05-30 08:29 -------- d-----w- c:\users\Default\AppData\Local\temp
2016-05-30 08:29 . 2016-05-30 08:29 -------- d-----w- c:\users\Administrator\AppData\Local\temp
2016-05-30 07:59 . 2016-05-30 07:59 -------- d-----w- C:\found.000
2016-05-29 15:58 . 2016-05-29 15:58 62576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{353AAFFC-75B1-4263-A0BB-AA2A9E8476C3}\offreg.2300.dll
2016-05-29 15:55 . 2016-05-29 15:55 -------- d-----w- c:\users\MOHAMED\AppData\Local\Xenocode
2016-05-29 15:55 . 2016-05-29 15:55 -------- d-----w- c:\program files\Xenocode
2016-05-29 15:46 . 2016-05-29 15:46 -------- d-----w- c:\program files\FTDownloader.com
2016-05-29 15:29 . 2016-05-29 18:12 -------- d-----w- c:\users\MOHAMED\AppData\Roaming\Win Update
2016-05-29 14:16 . 2016-05-29 14:16 -------- d-----w- c:\users\MOHAMED\.objectdb
2016-05-29 14:16 . 2016-05-29 14:16 -------- d-----w- c:\users\MOHAMED\AppData\Roaming\VitySoft
2016-05-29 10:46 . 2016-05-29 10:46 -------- d-----w- c:\users\MOHAMED\AppData\Roaming\iWesoft
2016-05-29 10:46 . 2016-05-29 11:22 -------- d-----w- c:\users\MOHAMED\AppData\Local\iWesoft
2016-05-29 10:45 . 2016-05-29 10:46 -------- d-----w- c:\program files\Magic RAR Password Recovery
2016-05-28 21:52 . 2016-04-09 05:44 2973184 ----a-w- c:\windows\explorer.exe
2016-05-28 21:52 . 2016-04-09 06:54 1499648 ----a-w- c:\windows\system32\ExplorerFrame.dll
2016-05-28 21:50 . 2016-04-14 15:38 105192 ----a-w- c:\windows\system32\consent.exe
2016-05-28 21:50 . 2016-04-14 15:33 2365440 ----a-w- c:\windows\system32\msi.dll
2016-05-28 21:50 . 2016-04-14 15:33 337408 ----a-w- c:\windows\system32\msihnd.dll
2016-05-28 21:50 . 2016-04-14 15:33 25088 ----a-w- c:\windows\system32\msimsg.dll
2016-05-28 21:50 . 2016-04-14 15:33 1806848 ----a-w- c:\windows\system32\authui.dll
2016-05-28 21:50 . 2016-04-14 15:33 47104 ----a-w- c:\windows\system32\appinfo.dll
2016-05-28 21:50 . 2016-04-14 15:11 73216 ----a-w- c:\windows\system32\msiexec.exe
2016-05-28 19:36 . 2016-05-17 22:58 9466160 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{353AAFFC-75B1-4263-A0BB-AA2A9E8476C3}\mpengine.dll
2016-05-22 16:34 . 2016-05-22 16:34 -------- d-----w- c:\program files\Dev-Cpp
2016-05-20 16:15 . 2016-05-22 18:38 -------- d-----w- c:\users\MOHAMED\AppData\Roaming\Dev-Cpp
2016-05-20 16:14 . 2016-05-22 16:32 -------- d-----w- C:\Dev-Cpp
2016-05-16 09:43 . 2016-05-16 09:43 -------- d-----w- c:\program files\Common Files\Java
2016-05-15 11:32 . 2016-05-15 12:05 797376 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2016-05-15 11:32 . 2016-05-15 12:05 142528 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2016-05-15 09:39 . 2016-05-15 09:39 -------- d-----w- c:\users\MOHAMED\AppData\Local\GWX
2016-05-14 23:19 . 2016-05-14 23:19 -------- d-----w- c:\users\MOHAMED\AppData\Roaming\DonationCoder
2016-05-14 23:19 . 2016-05-14 23:29 -------- d-----w- c:\program files\URLSnooper2
2016-05-14 23:12 . 2016-05-14 23:28 -------- d-----w- c:\program files\K-Lite Codec Pack
2016-05-14 22:37 . 2016-05-14 22:38 -------- d-----w- c:\program files\DriverDoc
2016-05-14 21:00 . 2016-05-14 21:00 -------- d-----w- c:\program files\StreamingStar
2016-05-14 20:10 . 2015-12-20 16:16 221184 ----a-w- c:\windows\system32\rdpudd.dll
2016-05-14 20:10 . 2015-12-20 18:45 2745856 ----a-w- c:\windows\system32\rdpcorets.dll
2016-05-14 20:10 . 2015-12-20 18:45 13824 ----a-w- c:\windows\system32\RdpGroupPolicyExtension.dll
2016-05-14 20:10 . 2014-12-11 17:47 74240 ----a-w- c:\windows\system32\TSWbPrxy.exe
2016-05-14 20:10 . 2015-07-16 19:12 856064 ----a-w- c:\windows\system32\rdvidcrl.dll
2016-05-14 20:10 . 2015-07-16 19:12 53248 ----a-w- c:\windows\system32\tsgqec.dll
2016-05-14 20:10 . 2015-07-16 19:12 6131200 ----a-w- c:\windows\system32\mstscax.dll
2016-05-14 20:10 . 2015-07-16 15:14 355840 ----a-w- c:\windows\system32\wksprt.exe
2016-05-14 15:52 . 2012-08-23 14:44 14848 ----a-w- c:\windows\system32\drivers\rdpvideominiport.sys
2016-05-14 15:51 . 2016-05-14 15:51 -------- d-----w- c:\users\MOHAMED\AppData\Local\Skype
2016-05-14 15:51 . 2012-08-23 11:12 192000 ----a-w- c:\windows\system32\rdpendp_winip.dll
2016-05-14 15:51 . 2016-05-15 20:48 -------- d-----w- c:\users\MOHAMED\AppData\Roaming\Skype
2016-05-14 15:51 . 2016-05-14 15:51 -------- d-----w- c:\program files\Common Files\Skype
2016-05-14 15:51 . 2016-05-14 15:51 -------- d-----r- c:\program files\Skype
2016-05-14 15:51 . 2016-05-14 15:51 -------- d-----w- c:\programdata\Skype
2016-05-14 15:50 . 2013-10-01 23:45 32256 ----a-w- c:\windows\system32\TsUsbGDCoInstaller.dll
2016-05-14 15:50 . 2013-10-02 00:32 12800 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2016-05-14 15:50 . 2013-10-02 00:42 49152 ----a-w- c:\windows\system32\drivers\TsUsbFlt.sys
2016-05-14 15:50 . 2013-10-02 00:30 14336 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2016-05-14 15:50 . 2013-10-02 00:14 50176 ----a-w- c:\windows\system32\MsRdpWebAccess.dll
2016-05-14 15:50 . 2013-10-02 00:14 17920 ----a-w- c:\windows\system32\wksprtPS.dll
2016-05-14 15:50 . 2013-10-01 22:34 1068544 ----a-w- c:\windows\system32\mstsc.exe
2016-05-14 15:47 . 2016-05-14 15:47 -------- d-----w- c:\program files\Microsoft Silverlight
2016-05-14 15:46 . 2016-03-09 18:40 351744 ----a-w- c:\windows\system32\winhttp.dll
2016-05-14 15:46 . 2016-03-09 18:40 316416 ----a-w- c:\windows\system32\webio.dll
2016-05-14 15:46 . 2015-08-05 17:40 15872 ----a-w- c:\windows\system32\icaapi.dll
2016-05-14 15:46 . 2015-08-05 16:58 31232 ----a-w- c:\windows\system32\drivers\tssecsrv.sys
2016-05-14 15:45 . 2015-12-16 18:47 69120 ----a-w- c:\windows\system32\nlsbres.dll
2016-05-14 15:45 . 2015-12-16 18:43 6144 ----a-w- c:\windows\system32\KBDAZEL.DLL
2016-05-14 15:45 . 2015-12-16 18:43 6144 ----a-w- c:\windows\system32\kbdgeoqw.dll
2016-05-14 15:28 . 2016-05-28 21:46 -------- d-s---w- c:\windows\system32\GWX
2016-05-14 14:28 . 2012-02-11 05:37 317440 ----a-w- c:\windows\system32\spoolsv.exe
2016-05-14 14:27 . 2011-03-11 05:33 1699328 ----a-w- c:\windows\system32\esent.dll
2016-05-14 14:27 . 2011-03-11 05:38 332160 ----a-w- c:\windows\system32\drivers\iaStorV.sys
2016-05-14 14:27 . 2011-03-11 05:38 80256 ----a-w- c:\windows\system32\drivers\amdsata.sys
2016-05-14 14:27 . 2011-03-11 05:39 143744 ----a-w- c:\windows\system32\drivers\nvstor.sys
2016-05-14 14:27 . 2011-03-11 05:39 117120 ----a-w- c:\windows\system32\drivers\nvraid.sys
2016-05-14 14:27 . 2011-03-11 05:38 22400 ----a-w- c:\windows\system32\drivers\amdxata.sys
2016-05-14 14:27 . 2011-03-11 05:31 74240 ----a-w- c:\windows\system32\fsutil.exe
2016-05-14 14:26 . 2014-07-09 01:29 6144 ----a-w- c:\windows\system32\KBDYAK.DLL
2016-05-14 14:26 . 2014-07-09 01:29 6144 ----a-w- c:\windows\system32\KBDBASH.DLL
2016-05-14 14:26 . 2012-07-06 19:23 393728 ----a-w- c:\windows\system32\drivers\bthport.sys
2016-05-14 14:26 . 2011-04-28 03:15 60416 ----a-w- c:\windows\system32\drivers\BTHUSB.SYS
2016-05-14 14:25 . 2014-08-12 01:36 701440 ----a-w- c:\windows\system32\IMJP10K.DLL
2016-05-14 14:25 . 2015-07-01 20:30 206848 ----a-w- c:\windows\system32\WebClnt.dll
2016-05-14 14:25 . 2015-07-01 20:30 82432 ----a-w- c:\windows\system32\davclnt.dll
2016-05-14 14:25 . 2015-01-29 03:02 844288 ----a-w- c:\windows\system32\drivers\UMDF\WpdMtpDr.dll
2016-05-14 14:25 . 2015-01-29 03:02 2311168 ----a-w- c:\windows\system32\wpdshext.dll
2016-05-14 14:25 . 2012-11-02 05:11 376832 ----a-w- c:\windows\system32\dpnet.dll
2016-05-14 14:25 . 2015-11-10 18:39 909824 ----a-w- c:\windows\system32\FntCache.dll
2016-05-14 14:25 . 2015-11-10 18:39 1251328 ----a-w- c:\windows\system32\DWrite.dll
2016-05-14 14:25 . 2015-11-10 18:39 811520 ----a-w- c:\windows\system32\user32.dll
2016-05-14 14:25 . 2016-04-09 06:54 306176 ----a-w- c:\windows\system32\gdi32.dll
2016-05-14 14:25 . 2013-02-12 03:32 15872 ----a-w- c:\windows\system32\drivers\usb8023.sys
2016-05-14 14:23 . 2016-04-09 04:20 1230848 ----a-w- c:\windows\system32\WindowsCodecs.dll
2016-05-14 14:23 . 2015-11-11 18:39 1242624 ----a-w- c:\windows\system32\comsvcs.dll
2016-05-14 14:23 . 2015-11-11 18:39 487936 ----a-w- c:\windows\system32\catsrvut.dll
2016-05-14 14:23 . 2016-02-09 09:50 21504 ----a-w- c:\windows\system32\seclogon.dll
2016-05-14 14:23 . 2016-02-03 18:49 90624 ----a-w- c:\windows\system32\olepro32.dll
2016-05-14 14:23 . 2016-02-03 18:49 572416 ----a-w- c:\windows\system32\oleaut32.dll
2016-05-14 14:23 . 2016-02-03 18:43 67584 ----a-w- c:\windows\system32\asycfilt.dll
2016-05-14 14:23 . 2016-02-02 18:48 376320 ----a-w- c:\windows\system32\rpcss.dll
2016-05-14 14:23 . 2015-08-27 17:58 1391104 ----a-w- c:\windows\system32\msxml6.dll
2016-05-14 14:23 . 2015-08-27 17:51 2048 ----a-w- c:\windows\system32\msxml6r.dll
2016-05-14 14:21 . 2015-07-15 17:55 1159168 ----a-w- c:\windows\system32\sysmain.dll
2016-05-14 14:21 . 2015-07-15 17:59 78784 ----a-w- c:\windows\system32\drivers\mountmgr.sys
2016-05-14 14:21 . 2015-07-15 17:54 10752 ----a-w- c:\windows\system32\msmmsp.dll
2016-05-14 14:19 . 2014-03-04 09:17 538112 ----a-w- c:\windows\system32\objsel.dll
2016-05-14 14:19 . 2014-03-04 09:17 35328 ----a-w- c:\windows\system32\wincredprovider.dll
2016-05-14 14:19 . 2014-03-04 09:17 47616 ----a-w- c:\windows\system32\dpapiprovider.dll
2016-05-14 14:19 . 2014-03-04 09:17 36864 ----a-w- c:\windows\system32\dimsroam.dll
2016-05-14 14:19 . 2014-03-04 09:17 51200 ----a-w- c:\windows\system32\cngprovider.dll
2016-05-14 14:19 . 2014-03-04 09:17 48128 ----a-w- c:\windows\system32\capiprovider.dll
2016-05-14 14:19 . 2014-03-04 09:17 49664 ----a-w- c:\windows\system32\adprovider.dll
2016-05-14 14:19 . 2015-01-09 02:48 76800 ----a-w- c:\windows\system32\wdi.dll
2016-05-14 14:19 . 2015-01-09 02:48 635904 ----a-w- c:\windows\system32\perftrack.dll
2016-05-14 14:19 . 2015-01-09 02:48 27136 ----a-w- c:\windows\system32\powertracker.dll
2016-05-14 14:19 . 2013-10-30 02:19 301568 ----a-w- c:\windows\system32\msieftp.dll
2016-05-14 14:18 . 2016-03-16 18:28 176128 ----a-w- c:\windows\system32\msorcl32.dll
2016-05-14 14:18 . 2016-03-16 18:27 286720 ----a-w- c:\program files\Common Files\System\Ole DB\msdaora.dll
2016-05-14 14:18 . 2016-03-16 18:28 111616 ----a-w- c:\windows\system32\mtxoci.dll
2016-05-14 14:18 . 2012-08-21 20:12 245760 ----a-w- c:\windows\system32\OxpsConverter.exe
2016-05-14 14:18 . 2012-07-04 19:45 33280 ----a-w- c:\windows\system32\drivers\RNDISMP.sys
2016-05-14 14:18 . 2015-10-29 17:50 5120 ----a-w- c:\windows\system32\shimeng.dll
2016-05-14 14:18 . 2015-10-29 17:49 295936 ----a-w- c:\windows\system32\apphelp.dll
2016-05-14 14:18 . 2015-10-29 17:49 62464 ----a-w- c:\windows\system32\aelupsvc.dll
2016-05-14 14:18 . 2015-10-29 17:49 20992 ----a-w- c:\windows\system32\sdbinst.exe
2016-05-14 14:17 . 2011-03-03 05:38 132608 ----a-w- c:\windows\system32\dnsrslvr.dll
2016-05-14 14:17 . 2011-03-03 05:36 28672 ----a-w- c:\windows\system32\dnscacheugc.exe
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-05-16 09:42 . 2016-03-31 21:42 95808 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2016-05-06 23:01 . 2016-04-01 15:21 1112288 ----a-w- c:\windows\system32\WdfCoInstaller01007.dll
2016-05-06 23:01 . 2016-04-01 15:21 1112288 ----a-w- c:\windows\system32\drivers\WdfCoInstaller01007.dll
2016-04-21 14:05 . 2016-03-31 18:54 374944 ------w- c:\windows\system32\MpSigStub.exe
2016-04-16 10:12 . 2016-04-16 10:12 31616 ----a-w- c:\windows\system32\drivers\cfywlan1.sys
2016-04-13 19:29 . 2012-07-17 14:37 24288 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2016-03-31 20:39 . 2009-07-14 02:05 152576 ----a-w- c:\windows\system32\msclmd.dll
2016-03-23 18:20 . 2016-04-13 18:47 88376 ----a-w- c:\windows\system32\mslvddsfilter2.ax
2016-03-04 17:52 . 2016-03-04 17:52 174192 ----a-w- c:\windows\system32\drivers\VBoxNetLwf.sys
2016-03-04 17:52 . 2016-03-04 17:52 108208 ----a-w- c:\windows\system32\drivers\VBoxNetAdp6.sys
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner.exe" [2016-04-15 6675672]
"CCleaner"="c:\program files\CCleaner\CCleaner.exe" [2016-04-15 6675672]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-23 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-23 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-23 150552]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2016-04-01 596504]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SPReview"="c:\windows\System32\SPReview\SPReview.exe" [2016-03-31 280576]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\jswtrayutil]
2008-09-26 19:03 528384 ----a-w- c:\program files\Jumpstart\jswtrayutil.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2015-03-25 13:20 31682144 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2016-04-01 01:16 596504 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
R1 VBoxNetAdp;VirtualBox NDIS 6.0 Miniport Service;c:\windows\system32\DRIVERS\VBoxNetAdp6.sys [2016-03-04 108208]
R2 HWDeviceService.exe;HWDeviceService.exe;c:\programdata\DatacardService\HWDeviceService.exe [2011-03-14 271712]
R2 Modem HDM EC156. RunOuc;Modem HDM EC156. OUC;c:\program files\Modem HDM EC156\UpdateDog\ouc.exe [2016-05-06 655712]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2015-02-18 315488]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys [2016-05-06 102784]
R3 ew_usbenumfilter;huawei_CompositeFilter;c:\windows\system32\DRIVERS\ew_usbenumfilter.sys [2016-05-06 11136]
R3 ewusbmbb;HUAWEI USB-WWAN miniport;c:\windows\system32\DRIVERS\ewusbwwan.sys [2016-05-06 369152]
R3 huawei_cdcacm;huawei_cdcacm;c:\windows\system32\DRIVERS\ew_jucdcacm.sys [2016-05-06 95616]
R3 huawei_ext_ctrl;huawei_ext_ctrl;c:\windows\system32\DRIVERS\ew_juextctrl.sys [2016-05-06 27520]
R3 huawei_wwanecm;huawei_wwanecm;c:\windows\system32\DRIVERS\ew_juwwanecm.sys [2016-05-06 195072]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2016-04-23 102912]
R3 jswpsapi;JumpStart Wi-Fi Protected Setup;c:\program files\Jumpstart\jswpsapi.exe [2008-09-26 954368]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 14848]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2013-10-02 49152]
S0 edevmon;edevmon;c:\windows\system32\DRIVERS\edevmon.sys [2016-02-23 154288]
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [2016-02-23 71488]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2016-02-23 206312]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2016-02-23 146024]
S1 EpfwLWF;ESET Personal Firewall;c:\windows\system32\DRIVERS\EpfwLWF.sys [2016-02-23 44608]
S1 jswpslwf;JumpStart Wireless Filter Driver;c:\windows\system32\DRIVERS\jswpslwf.sys [2008-05-15 20384]
S1 ndisrd;WinpkFilter LightWeight Filter;c:\windows\system32\DRIVERS\ndisrd.sys [2014-08-14 37408]
S1 XQHDrv;BigNox Service;c:\windows\system32\DRIVERS\XQHDrv.sys [2015-09-08 203424]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe [2009-07-14 20992]
S2 ekbdflt;ekbdflt;c:\windows\system32\DRIVERS\ekbdflt.sys [2016-02-23 111040]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [2016-02-23 1982752]
S2 jswpbapi;JumpStart Push-Button Service;c:\program files\Jumpstart\jswpbapi.exe [2008-09-26 188416]
S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2013-03-01 36600]
S3 BthAvrcp;Profil AVRCP Bluetooth;c:\windows\system32\DRIVERS\BthAvrcp.sys [2009-08-13 22528]
S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys [2016-05-06 76544]
S3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\netw5v32.sys [2009-05-28 4233728]
S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr fdrespub AppIDSvc QWAVE wcncsvc Mcx2Svc SensrSvc
utcsvc REG_MULTI_SZ DiagTrack
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2016-05-13 08:11 1186968 ----a-w- c:\program files\Google\Chrome\Application\50.0.2661.102\Installer\chrmstp.exe
.
Contenu du dossier 'Tâches planifiées'
.
2016-05-28 c:\windows\Tasks\Adobe Flash Player PPAPI Notifier.job
- c:\windows\system32\Macromed\Flash\FlashUtil32_21_0_0_242_pepper.exe [2016-05-15 11:32]
.
2016-05-29 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-05-15 12:05]
.
2016-05-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2016-04-26 14:59]
.
2016-05-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2016-04-26 14:59]
.
2016-05-12 c:\windows\Tasks\Opera scheduled Autoupdate 1459459833.job
- c:\program files\Opera\launcher.exe [2016-03-31 08:36]
.
.
------- Examen supplémentaire -------
.
Trusted Zone: dell.com
Trusted Zone: eset.com\help
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{A195F425-92B8-4C62-854A-E8700FCC0362}: NameServer = 192.168.50.58 192.168.60.55
TCP: Interfaces\{A43C1AA3-645D-4028-ABB1-83EFBBC2CB12}: NameServer = 192.168.50.58 192.168.60.55
FF - ProfilePath - c:\users\MOHAMED\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\
.
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_USERS\S-1-5-21-998902749-2816007284-3194843033-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-998902749-2816007284-3194843033-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Heure de fin: 2016-05-30 09:31:11
ComboFix-quarantined-files.txt 2016-05-30 08:31
ComboFix2.txt 2016-05-09 18:19
.
Avant-CF: 150 563 094 528 octets libres
Après-CF: 150 262 456 320 octets libres
.
- - End Of File - - F431321F3C3CD7D01F86B0DF3F4CCA5B
A36C5E4F47E84449FF07ED3517B43A31
Microsoft Windows 7 Professionnel 6.1.7601.1.1252.33.1036.18.3062.1974 [GMT 1:00]
Lancé depuis: c:\users\MOHAMED\Downloads\ComboFix.exe
AV: ESET Smart Security 9.0.375.1 *Disabled/Updated* {19259FAE-8396-A113-46DB-15B0E7DFA289}
SP: ESET Smart Security 9.0.375.1 *Disabled/Updated* {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\MOHAMED\AppData\Roaming\dclogs
c:\users\MOHAMED\AppData\Roaming\dclogs\2016-05-29-1.dc
c:\users\MOHAMED\ZHPDiag3.exe
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2016-04-28 au 2016-05-30 ))))))))))))))))))))))))))))))))))))
.
.
2016-05-30 08:29 . 2016-05-30 08:29 -------- d-----w- c:\users\MOHAMED\AppData\Local\temp
2016-05-30 08:29 . 2016-05-30 08:29 -------- d-----w- c:\users\Default\AppData\Local\temp
2016-05-30 08:29 . 2016-05-30 08:29 -------- d-----w- c:\users\Administrator\AppData\Local\temp
2016-05-30 07:59 . 2016-05-30 07:59 -------- d-----w- C:\found.000
2016-05-29 15:58 . 2016-05-29 15:58 62576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{353AAFFC-75B1-4263-A0BB-AA2A9E8476C3}\offreg.2300.dll
2016-05-29 15:55 . 2016-05-29 15:55 -------- d-----w- c:\users\MOHAMED\AppData\Local\Xenocode
2016-05-29 15:55 . 2016-05-29 15:55 -------- d-----w- c:\program files\Xenocode
2016-05-29 15:46 . 2016-05-29 15:46 -------- d-----w- c:\program files\FTDownloader.com
2016-05-29 15:29 . 2016-05-29 18:12 -------- d-----w- c:\users\MOHAMED\AppData\Roaming\Win Update
2016-05-29 14:16 . 2016-05-29 14:16 -------- d-----w- c:\users\MOHAMED\.objectdb
2016-05-29 14:16 . 2016-05-29 14:16 -------- d-----w- c:\users\MOHAMED\AppData\Roaming\VitySoft
2016-05-29 10:46 . 2016-05-29 10:46 -------- d-----w- c:\users\MOHAMED\AppData\Roaming\iWesoft
2016-05-29 10:46 . 2016-05-29 11:22 -------- d-----w- c:\users\MOHAMED\AppData\Local\iWesoft
2016-05-29 10:45 . 2016-05-29 10:46 -------- d-----w- c:\program files\Magic RAR Password Recovery
2016-05-28 21:52 . 2016-04-09 05:44 2973184 ----a-w- c:\windows\explorer.exe
2016-05-28 21:52 . 2016-04-09 06:54 1499648 ----a-w- c:\windows\system32\ExplorerFrame.dll
2016-05-28 21:50 . 2016-04-14 15:38 105192 ----a-w- c:\windows\system32\consent.exe
2016-05-28 21:50 . 2016-04-14 15:33 2365440 ----a-w- c:\windows\system32\msi.dll
2016-05-28 21:50 . 2016-04-14 15:33 337408 ----a-w- c:\windows\system32\msihnd.dll
2016-05-28 21:50 . 2016-04-14 15:33 25088 ----a-w- c:\windows\system32\msimsg.dll
2016-05-28 21:50 . 2016-04-14 15:33 1806848 ----a-w- c:\windows\system32\authui.dll
2016-05-28 21:50 . 2016-04-14 15:33 47104 ----a-w- c:\windows\system32\appinfo.dll
2016-05-28 21:50 . 2016-04-14 15:11 73216 ----a-w- c:\windows\system32\msiexec.exe
2016-05-28 19:36 . 2016-05-17 22:58 9466160 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{353AAFFC-75B1-4263-A0BB-AA2A9E8476C3}\mpengine.dll
2016-05-22 16:34 . 2016-05-22 16:34 -------- d-----w- c:\program files\Dev-Cpp
2016-05-20 16:15 . 2016-05-22 18:38 -------- d-----w- c:\users\MOHAMED\AppData\Roaming\Dev-Cpp
2016-05-20 16:14 . 2016-05-22 16:32 -------- d-----w- C:\Dev-Cpp
2016-05-16 09:43 . 2016-05-16 09:43 -------- d-----w- c:\program files\Common Files\Java
2016-05-15 11:32 . 2016-05-15 12:05 797376 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2016-05-15 11:32 . 2016-05-15 12:05 142528 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2016-05-15 09:39 . 2016-05-15 09:39 -------- d-----w- c:\users\MOHAMED\AppData\Local\GWX
2016-05-14 23:19 . 2016-05-14 23:19 -------- d-----w- c:\users\MOHAMED\AppData\Roaming\DonationCoder
2016-05-14 23:19 . 2016-05-14 23:29 -------- d-----w- c:\program files\URLSnooper2
2016-05-14 23:12 . 2016-05-14 23:28 -------- d-----w- c:\program files\K-Lite Codec Pack
2016-05-14 22:37 . 2016-05-14 22:38 -------- d-----w- c:\program files\DriverDoc
2016-05-14 21:00 . 2016-05-14 21:00 -------- d-----w- c:\program files\StreamingStar
2016-05-14 20:10 . 2015-12-20 16:16 221184 ----a-w- c:\windows\system32\rdpudd.dll
2016-05-14 20:10 . 2015-12-20 18:45 2745856 ----a-w- c:\windows\system32\rdpcorets.dll
2016-05-14 20:10 . 2015-12-20 18:45 13824 ----a-w- c:\windows\system32\RdpGroupPolicyExtension.dll
2016-05-14 20:10 . 2014-12-11 17:47 74240 ----a-w- c:\windows\system32\TSWbPrxy.exe
2016-05-14 20:10 . 2015-07-16 19:12 856064 ----a-w- c:\windows\system32\rdvidcrl.dll
2016-05-14 20:10 . 2015-07-16 19:12 53248 ----a-w- c:\windows\system32\tsgqec.dll
2016-05-14 20:10 . 2015-07-16 19:12 6131200 ----a-w- c:\windows\system32\mstscax.dll
2016-05-14 20:10 . 2015-07-16 15:14 355840 ----a-w- c:\windows\system32\wksprt.exe
2016-05-14 15:52 . 2012-08-23 14:44 14848 ----a-w- c:\windows\system32\drivers\rdpvideominiport.sys
2016-05-14 15:51 . 2016-05-14 15:51 -------- d-----w- c:\users\MOHAMED\AppData\Local\Skype
2016-05-14 15:51 . 2012-08-23 11:12 192000 ----a-w- c:\windows\system32\rdpendp_winip.dll
2016-05-14 15:51 . 2016-05-15 20:48 -------- d-----w- c:\users\MOHAMED\AppData\Roaming\Skype
2016-05-14 15:51 . 2016-05-14 15:51 -------- d-----w- c:\program files\Common Files\Skype
2016-05-14 15:51 . 2016-05-14 15:51 -------- d-----r- c:\program files\Skype
2016-05-14 15:51 . 2016-05-14 15:51 -------- d-----w- c:\programdata\Skype
2016-05-14 15:50 . 2013-10-01 23:45 32256 ----a-w- c:\windows\system32\TsUsbGDCoInstaller.dll
2016-05-14 15:50 . 2013-10-02 00:32 12800 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2016-05-14 15:50 . 2013-10-02 00:42 49152 ----a-w- c:\windows\system32\drivers\TsUsbFlt.sys
2016-05-14 15:50 . 2013-10-02 00:30 14336 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2016-05-14 15:50 . 2013-10-02 00:14 50176 ----a-w- c:\windows\system32\MsRdpWebAccess.dll
2016-05-14 15:50 . 2013-10-02 00:14 17920 ----a-w- c:\windows\system32\wksprtPS.dll
2016-05-14 15:50 . 2013-10-01 22:34 1068544 ----a-w- c:\windows\system32\mstsc.exe
2016-05-14 15:47 . 2016-05-14 15:47 -------- d-----w- c:\program files\Microsoft Silverlight
2016-05-14 15:46 . 2016-03-09 18:40 351744 ----a-w- c:\windows\system32\winhttp.dll
2016-05-14 15:46 . 2016-03-09 18:40 316416 ----a-w- c:\windows\system32\webio.dll
2016-05-14 15:46 . 2015-08-05 17:40 15872 ----a-w- c:\windows\system32\icaapi.dll
2016-05-14 15:46 . 2015-08-05 16:58 31232 ----a-w- c:\windows\system32\drivers\tssecsrv.sys
2016-05-14 15:45 . 2015-12-16 18:47 69120 ----a-w- c:\windows\system32\nlsbres.dll
2016-05-14 15:45 . 2015-12-16 18:43 6144 ----a-w- c:\windows\system32\KBDAZEL.DLL
2016-05-14 15:45 . 2015-12-16 18:43 6144 ----a-w- c:\windows\system32\kbdgeoqw.dll
2016-05-14 15:28 . 2016-05-28 21:46 -------- d-s---w- c:\windows\system32\GWX
2016-05-14 14:28 . 2012-02-11 05:37 317440 ----a-w- c:\windows\system32\spoolsv.exe
2016-05-14 14:27 . 2011-03-11 05:33 1699328 ----a-w- c:\windows\system32\esent.dll
2016-05-14 14:27 . 2011-03-11 05:38 332160 ----a-w- c:\windows\system32\drivers\iaStorV.sys
2016-05-14 14:27 . 2011-03-11 05:38 80256 ----a-w- c:\windows\system32\drivers\amdsata.sys
2016-05-14 14:27 . 2011-03-11 05:39 143744 ----a-w- c:\windows\system32\drivers\nvstor.sys
2016-05-14 14:27 . 2011-03-11 05:39 117120 ----a-w- c:\windows\system32\drivers\nvraid.sys
2016-05-14 14:27 . 2011-03-11 05:38 22400 ----a-w- c:\windows\system32\drivers\amdxata.sys
2016-05-14 14:27 . 2011-03-11 05:31 74240 ----a-w- c:\windows\system32\fsutil.exe
2016-05-14 14:26 . 2014-07-09 01:29 6144 ----a-w- c:\windows\system32\KBDYAK.DLL
2016-05-14 14:26 . 2014-07-09 01:29 6144 ----a-w- c:\windows\system32\KBDBASH.DLL
2016-05-14 14:26 . 2012-07-06 19:23 393728 ----a-w- c:\windows\system32\drivers\bthport.sys
2016-05-14 14:26 . 2011-04-28 03:15 60416 ----a-w- c:\windows\system32\drivers\BTHUSB.SYS
2016-05-14 14:25 . 2014-08-12 01:36 701440 ----a-w- c:\windows\system32\IMJP10K.DLL
2016-05-14 14:25 . 2015-07-01 20:30 206848 ----a-w- c:\windows\system32\WebClnt.dll
2016-05-14 14:25 . 2015-07-01 20:30 82432 ----a-w- c:\windows\system32\davclnt.dll
2016-05-14 14:25 . 2015-01-29 03:02 844288 ----a-w- c:\windows\system32\drivers\UMDF\WpdMtpDr.dll
2016-05-14 14:25 . 2015-01-29 03:02 2311168 ----a-w- c:\windows\system32\wpdshext.dll
2016-05-14 14:25 . 2012-11-02 05:11 376832 ----a-w- c:\windows\system32\dpnet.dll
2016-05-14 14:25 . 2015-11-10 18:39 909824 ----a-w- c:\windows\system32\FntCache.dll
2016-05-14 14:25 . 2015-11-10 18:39 1251328 ----a-w- c:\windows\system32\DWrite.dll
2016-05-14 14:25 . 2015-11-10 18:39 811520 ----a-w- c:\windows\system32\user32.dll
2016-05-14 14:25 . 2016-04-09 06:54 306176 ----a-w- c:\windows\system32\gdi32.dll
2016-05-14 14:25 . 2013-02-12 03:32 15872 ----a-w- c:\windows\system32\drivers\usb8023.sys
2016-05-14 14:23 . 2016-04-09 04:20 1230848 ----a-w- c:\windows\system32\WindowsCodecs.dll
2016-05-14 14:23 . 2015-11-11 18:39 1242624 ----a-w- c:\windows\system32\comsvcs.dll
2016-05-14 14:23 . 2015-11-11 18:39 487936 ----a-w- c:\windows\system32\catsrvut.dll
2016-05-14 14:23 . 2016-02-09 09:50 21504 ----a-w- c:\windows\system32\seclogon.dll
2016-05-14 14:23 . 2016-02-03 18:49 90624 ----a-w- c:\windows\system32\olepro32.dll
2016-05-14 14:23 . 2016-02-03 18:49 572416 ----a-w- c:\windows\system32\oleaut32.dll
2016-05-14 14:23 . 2016-02-03 18:43 67584 ----a-w- c:\windows\system32\asycfilt.dll
2016-05-14 14:23 . 2016-02-02 18:48 376320 ----a-w- c:\windows\system32\rpcss.dll
2016-05-14 14:23 . 2015-08-27 17:58 1391104 ----a-w- c:\windows\system32\msxml6.dll
2016-05-14 14:23 . 2015-08-27 17:51 2048 ----a-w- c:\windows\system32\msxml6r.dll
2016-05-14 14:21 . 2015-07-15 17:55 1159168 ----a-w- c:\windows\system32\sysmain.dll
2016-05-14 14:21 . 2015-07-15 17:59 78784 ----a-w- c:\windows\system32\drivers\mountmgr.sys
2016-05-14 14:21 . 2015-07-15 17:54 10752 ----a-w- c:\windows\system32\msmmsp.dll
2016-05-14 14:19 . 2014-03-04 09:17 538112 ----a-w- c:\windows\system32\objsel.dll
2016-05-14 14:19 . 2014-03-04 09:17 35328 ----a-w- c:\windows\system32\wincredprovider.dll
2016-05-14 14:19 . 2014-03-04 09:17 47616 ----a-w- c:\windows\system32\dpapiprovider.dll
2016-05-14 14:19 . 2014-03-04 09:17 36864 ----a-w- c:\windows\system32\dimsroam.dll
2016-05-14 14:19 . 2014-03-04 09:17 51200 ----a-w- c:\windows\system32\cngprovider.dll
2016-05-14 14:19 . 2014-03-04 09:17 48128 ----a-w- c:\windows\system32\capiprovider.dll
2016-05-14 14:19 . 2014-03-04 09:17 49664 ----a-w- c:\windows\system32\adprovider.dll
2016-05-14 14:19 . 2015-01-09 02:48 76800 ----a-w- c:\windows\system32\wdi.dll
2016-05-14 14:19 . 2015-01-09 02:48 635904 ----a-w- c:\windows\system32\perftrack.dll
2016-05-14 14:19 . 2015-01-09 02:48 27136 ----a-w- c:\windows\system32\powertracker.dll
2016-05-14 14:19 . 2013-10-30 02:19 301568 ----a-w- c:\windows\system32\msieftp.dll
2016-05-14 14:18 . 2016-03-16 18:28 176128 ----a-w- c:\windows\system32\msorcl32.dll
2016-05-14 14:18 . 2016-03-16 18:27 286720 ----a-w- c:\program files\Common Files\System\Ole DB\msdaora.dll
2016-05-14 14:18 . 2016-03-16 18:28 111616 ----a-w- c:\windows\system32\mtxoci.dll
2016-05-14 14:18 . 2012-08-21 20:12 245760 ----a-w- c:\windows\system32\OxpsConverter.exe
2016-05-14 14:18 . 2012-07-04 19:45 33280 ----a-w- c:\windows\system32\drivers\RNDISMP.sys
2016-05-14 14:18 . 2015-10-29 17:50 5120 ----a-w- c:\windows\system32\shimeng.dll
2016-05-14 14:18 . 2015-10-29 17:49 295936 ----a-w- c:\windows\system32\apphelp.dll
2016-05-14 14:18 . 2015-10-29 17:49 62464 ----a-w- c:\windows\system32\aelupsvc.dll
2016-05-14 14:18 . 2015-10-29 17:49 20992 ----a-w- c:\windows\system32\sdbinst.exe
2016-05-14 14:17 . 2011-03-03 05:38 132608 ----a-w- c:\windows\system32\dnsrslvr.dll
2016-05-14 14:17 . 2011-03-03 05:36 28672 ----a-w- c:\windows\system32\dnscacheugc.exe
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-05-16 09:42 . 2016-03-31 21:42 95808 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2016-05-06 23:01 . 2016-04-01 15:21 1112288 ----a-w- c:\windows\system32\WdfCoInstaller01007.dll
2016-05-06 23:01 . 2016-04-01 15:21 1112288 ----a-w- c:\windows\system32\drivers\WdfCoInstaller01007.dll
2016-04-21 14:05 . 2016-03-31 18:54 374944 ------w- c:\windows\system32\MpSigStub.exe
2016-04-16 10:12 . 2016-04-16 10:12 31616 ----a-w- c:\windows\system32\drivers\cfywlan1.sys
2016-04-13 19:29 . 2012-07-17 14:37 24288 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2016-03-31 20:39 . 2009-07-14 02:05 152576 ----a-w- c:\windows\system32\msclmd.dll
2016-03-23 18:20 . 2016-04-13 18:47 88376 ----a-w- c:\windows\system32\mslvddsfilter2.ax
2016-03-04 17:52 . 2016-03-04 17:52 174192 ----a-w- c:\windows\system32\drivers\VBoxNetLwf.sys
2016-03-04 17:52 . 2016-03-04 17:52 108208 ----a-w- c:\windows\system32\drivers\VBoxNetAdp6.sys
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner.exe" [2016-04-15 6675672]
"CCleaner"="c:\program files\CCleaner\CCleaner.exe" [2016-04-15 6675672]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-23 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-23 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-23 150552]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2016-04-01 596504]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SPReview"="c:\windows\System32\SPReview\SPReview.exe" [2016-03-31 280576]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\jswtrayutil]
2008-09-26 19:03 528384 ----a-w- c:\program files\Jumpstart\jswtrayutil.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2015-03-25 13:20 31682144 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2016-04-01 01:16 596504 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
R1 VBoxNetAdp;VirtualBox NDIS 6.0 Miniport Service;c:\windows\system32\DRIVERS\VBoxNetAdp6.sys [2016-03-04 108208]
R2 HWDeviceService.exe;HWDeviceService.exe;c:\programdata\DatacardService\HWDeviceService.exe [2011-03-14 271712]
R2 Modem HDM EC156. RunOuc;Modem HDM EC156. OUC;c:\program files\Modem HDM EC156\UpdateDog\ouc.exe [2016-05-06 655712]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2015-02-18 315488]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys [2016-05-06 102784]
R3 ew_usbenumfilter;huawei_CompositeFilter;c:\windows\system32\DRIVERS\ew_usbenumfilter.sys [2016-05-06 11136]
R3 ewusbmbb;HUAWEI USB-WWAN miniport;c:\windows\system32\DRIVERS\ewusbwwan.sys [2016-05-06 369152]
R3 huawei_cdcacm;huawei_cdcacm;c:\windows\system32\DRIVERS\ew_jucdcacm.sys [2016-05-06 95616]
R3 huawei_ext_ctrl;huawei_ext_ctrl;c:\windows\system32\DRIVERS\ew_juextctrl.sys [2016-05-06 27520]
R3 huawei_wwanecm;huawei_wwanecm;c:\windows\system32\DRIVERS\ew_juwwanecm.sys [2016-05-06 195072]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2016-04-23 102912]
R3 jswpsapi;JumpStart Wi-Fi Protected Setup;c:\program files\Jumpstart\jswpsapi.exe [2008-09-26 954368]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 14848]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2013-10-02 49152]
S0 edevmon;edevmon;c:\windows\system32\DRIVERS\edevmon.sys [2016-02-23 154288]
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [2016-02-23 71488]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2016-02-23 206312]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2016-02-23 146024]
S1 EpfwLWF;ESET Personal Firewall;c:\windows\system32\DRIVERS\EpfwLWF.sys [2016-02-23 44608]
S1 jswpslwf;JumpStart Wireless Filter Driver;c:\windows\system32\DRIVERS\jswpslwf.sys [2008-05-15 20384]
S1 ndisrd;WinpkFilter LightWeight Filter;c:\windows\system32\DRIVERS\ndisrd.sys [2014-08-14 37408]
S1 XQHDrv;BigNox Service;c:\windows\system32\DRIVERS\XQHDrv.sys [2015-09-08 203424]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe [2009-07-14 20992]
S2 ekbdflt;ekbdflt;c:\windows\system32\DRIVERS\ekbdflt.sys [2016-02-23 111040]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [2016-02-23 1982752]
S2 jswpbapi;JumpStart Push-Button Service;c:\program files\Jumpstart\jswpbapi.exe [2008-09-26 188416]
S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2013-03-01 36600]
S3 BthAvrcp;Profil AVRCP Bluetooth;c:\windows\system32\DRIVERS\BthAvrcp.sys [2009-08-13 22528]
S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys [2016-05-06 76544]
S3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\netw5v32.sys [2009-05-28 4233728]
S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr fdrespub AppIDSvc QWAVE wcncsvc Mcx2Svc SensrSvc
utcsvc REG_MULTI_SZ DiagTrack
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2016-05-13 08:11 1186968 ----a-w- c:\program files\Google\Chrome\Application\50.0.2661.102\Installer\chrmstp.exe
.
Contenu du dossier 'Tâches planifiées'
.
2016-05-28 c:\windows\Tasks\Adobe Flash Player PPAPI Notifier.job
- c:\windows\system32\Macromed\Flash\FlashUtil32_21_0_0_242_pepper.exe [2016-05-15 11:32]
.
2016-05-29 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-05-15 12:05]
.
2016-05-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2016-04-26 14:59]
.
2016-05-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2016-04-26 14:59]
.
2016-05-12 c:\windows\Tasks\Opera scheduled Autoupdate 1459459833.job
- c:\program files\Opera\launcher.exe [2016-03-31 08:36]
.
.
------- Examen supplémentaire -------
.
Trusted Zone: dell.com
Trusted Zone: eset.com\help
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{A195F425-92B8-4C62-854A-E8700FCC0362}: NameServer = 192.168.50.58 192.168.60.55
TCP: Interfaces\{A43C1AA3-645D-4028-ABB1-83EFBBC2CB12}: NameServer = 192.168.50.58 192.168.60.55
FF - ProfilePath - c:\users\MOHAMED\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\
.
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_USERS\S-1-5-21-998902749-2816007284-3194843033-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-998902749-2816007284-3194843033-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Heure de fin: 2016-05-30 09:31:11
ComboFix-quarantined-files.txt 2016-05-30 08:31
ComboFix2.txt 2016-05-09 18:19
.
Avant-CF: 150 563 094 528 octets libres
Après-CF: 150 262 456 320 octets libres
.
- - End Of File - - F431321F3C3CD7D01F86B0DF3F4CCA5B
A36C5E4F47E84449FF07ED3517B43A31