Publicité
Publicité
Format du document : text/plain
Prévisualisation
ComboFix 17-08-04.01 - ChrisXav 07/08/2017 15:10:45.2.2 - x86
Microsoft® Windows Vista Édition Familiale Premium 6.0.6002.2.1252.33.1036.18.2046.762 [GMT 2:00]
Lancé depuis: c:\users\ChrisXav\Desktop\ComboFix.exe
AV: Panda Free Antivirus *Enabled/Updated* {3456760B-FDAA-FFFD-06C2-7BB528D2066C}
FW: Panda Firewall *Disabled* {0C6DF72E-B7C5-FEA5-2D9D-D280D6014117}
SP: Panda Free Antivirus *Enabled/Updated* {8F3797EF-DB90-F073-3C72-40C753554CD1}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\security\Database\tmp.edb
c:\windows\system32\DEBUG.log
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2017-07-07 au 2017-08-07 ))))))))))))))))))))))))))))))))))))
.
.
2017-08-07 13:35 . 2017-08-07 13:35 -------- d-----w- c:\users\Default\AppData\Local\temp
2017-08-07 06:40 . 2015-05-22 08:45 50832 ----a-w- c:\windows\system32\drivers\PSKMAD.sys
2017-07-29 14:27 . 2017-07-29 16:07 -------- d-----w- C:\FRST
2017-07-24 17:27 . 2012-06-02 22:19 53784 ----a-w- c:\windows\system32\wuauclt.exe
2017-07-24 17:27 . 2012-06-02 22:19 45080 ----a-w- c:\windows\system32\wups2.dll
2017-07-24 17:27 . 2012-06-02 22:12 2422272 ----a-w- c:\windows\system32\wucltux.dll
2017-07-24 17:27 . 2012-06-02 22:19 1933848 ----a-w- c:\windows\system32\wuaueng.dll
2017-07-24 17:27 . 2012-06-02 22:19 35864 ----a-w- c:\windows\system32\wups.dll
2017-07-24 17:27 . 2012-06-02 22:19 577048 ----a-w- c:\windows\system32\wuapi.dll
2017-07-24 17:27 . 2012-06-02 22:12 88576 ----a-w- c:\windows\system32\wudriver.dll
2017-07-24 17:26 . 2012-06-02 13:19 171904 ----a-w- c:\windows\system32\wuwebv.dll
2017-07-24 17:26 . 2012-06-02 13:12 33792 ----a-w- c:\windows\system32\wuapp.exe
2017-07-23 17:18 . 2017-07-23 17:18 -------- d-----w- c:\windows\system32\ca-ES
2017-07-23 17:18 . 2017-07-23 17:18 -------- d-----w- c:\windows\system32\eu-ES
2017-07-23 17:18 . 2017-07-23 17:18 -------- d-----w- c:\windows\system32\vi-VN
2017-07-22 06:56 . 2017-07-22 06:57 -------- d-----w- c:\program files\Panda Security
2017-07-22 06:54 . 2017-07-22 06:57 -------- d-----w- c:\programdata\Panda Security
2017-07-21 19:46 . 2017-07-21 20:03 -------- d-----w- C:\AdwCleaner
2017-07-21 19:24 . 2017-07-21 19:24 -------- d-----w- c:\program files\AVAST Software
2017-07-16 07:46 . 2017-07-16 07:46 -------- d-----w- c:\windows\system32\EventProviders
2017-07-16 01:59 . 2009-04-11 05:03 12240896 ----a-w- c:\windows\system32\NlsLexicons0007.dll
2017-07-16 01:59 . 2009-03-14 00:44 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
2017-07-16 01:59 . 2009-04-11 06:28 1081344 ----a-w- c:\windows\system32\SLCExt.dll
2017-07-16 01:59 . 2009-04-11 06:27 3408896 ----a-w- c:\windows\system32\SLsvc.exe
2017-07-16 01:57 . 2009-04-11 06:28 152576 ----a-w- c:\windows\system32\wbem\wmiprov.dll
2017-07-15 16:38 . 2010-09-06 16:20 125952 ----a-w- c:\windows\system32\srvsvc.dll
2017-07-15 16:38 . 2010-09-06 16:19 17920 ----a-w- c:\windows\system32\netevent.dll
2017-07-15 16:38 . 2009-08-24 11:36 377344 ----a-w- c:\windows\system32\winhttp.dll
2017-07-15 06:01 . 2017-07-15 06:01 -------- d-----w- c:\program files\Microsoft.NET
2017-07-15 06:00 . 2009-11-08 08:55 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2017-07-15 06:00 . 2009-11-08 08:55 49472 ----a-w- c:\windows\system32\netfxperf.dll
2017-07-15 06:00 . 2009-11-08 08:55 297808 ----a-w- c:\windows\system32\mscoree.dll
2017-07-15 06:00 . 2009-11-08 08:55 295264 ----a-w- c:\windows\system32\PresentationHost.exe
2017-07-15 06:00 . 2009-11-08 08:55 1130824 ----a-w- c:\windows\system32\dfshim.dll
2017-07-15 05:47 . 2017-07-15 05:51 -------- d-----w- c:\windows\system32\MRT
2017-07-14 22:47 . 2008-05-27 04:59 18904 ----a-w- c:\windows\system32\StructuredQuerySchemaTrivial.bin
2017-07-14 22:25 . 2010-02-20 23:06 24064 ----a-w- c:\windows\system32\nshhttp.dll
2017-07-14 22:25 . 2010-02-20 20:53 411648 ----a-w- c:\windows\system32\drivers\http.sys
2017-07-14 22:25 . 2010-02-20 23:05 30720 ----a-w- c:\windows\system32\httpapi.dll
2017-07-14 22:24 . 2010-06-16 16:04 905088 ----a-w- c:\windows\system32\drivers\tcpip.sys
2017-07-14 22:23 . 2010-09-13 13:56 168960 ----a-w- c:\program files\Windows Media Player\wmplayer.exe
2017-07-14 22:23 . 2010-09-13 13:56 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2017-07-14 22:23 . 2009-08-14 13:48 105984 ----a-w- c:\windows\system32\netiohlp.dll
2017-07-14 22:23 . 2009-08-14 13:49 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE
2017-07-14 22:23 . 2009-08-14 13:49 17920 ----a-w- c:\windows\system32\ROUTE.EXE
2017-07-14 22:23 . 2009-08-14 13:49 11264 ----a-w- c:\windows\system32\MRINFO.EXE
2017-07-14 22:23 . 2009-08-14 13:49 27136 ----a-w- c:\windows\system32\NETSTAT.EXE
2017-07-14 22:23 . 2009-08-14 13:49 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE
2017-07-14 22:23 . 2009-08-14 13:49 19968 ----a-w- c:\windows\system32\ARP.EXE
2017-07-14 22:23 . 2009-08-14 13:49 10240 ----a-w- c:\windows\system32\finger.exe
2017-07-14 22:22 . 2008-02-29 06:35 6656 ----a-w- c:\windows\system32\kbd106n.dll
2017-07-14 22:22 . 2011-03-02 15:44 86528 ----a-w- c:\windows\system32\dnsrslvr.dll
2017-07-14 22:22 . 2009-05-04 09:59 25088 ----a-w- c:\windows\system32\dnscacheugc.exe
2017-07-14 22:22 . 2010-10-28 13:20 2048 ----a-w- c:\windows\system32\tzres.dll
2017-07-14 22:21 . 2010-12-28 15:55 413696 ----a-w- c:\windows\system32\odbc32.dll
2017-07-14 22:21 . 2010-12-28 15:53 708608 ----a-w- c:\program files\Common Files\System\ado\msado15.dll
2017-07-14 22:21 . 2010-12-28 15:53 253952 ----a-w- c:\program files\Common Files\System\ado\msadox.dll
2017-07-14 22:21 . 2010-12-28 15:53 241664 ----a-w- c:\program files\Common Files\System\ado\msadomd.dll
2017-07-14 22:21 . 2010-12-28 15:53 57344 ----a-w- c:\program files\Common Files\System\msadc\msadcs.dll
2017-07-14 22:21 . 2010-12-28 15:53 180224 ----a-w- c:\program files\Common Files\System\msadc\msadco.dll
2017-07-14 22:19 . 2009-08-01 06:27 201184 ----a-w- c:\windows\system32\winrm.vbs
2017-07-14 22:19 . 2009-10-09 21:56 214016 ----a-w- c:\windows\system32\WsmWmiPl.dll
2017-07-14 22:19 . 2009-10-09 21:56 145408 ----a-w- c:\windows\system32\WsmAuto.dll
2017-07-14 22:19 . 2009-10-09 21:56 1181696 ----a-w- c:\windows\system32\WsmSvc.dll
2017-07-14 22:19 . 2009-10-09 21:56 241152 ----a-w- c:\windows\system32\winrscmd.dll
2017-07-14 22:19 . 2009-10-09 21:56 246272 ----a-w- c:\windows\system32\WSManHTTPConfig.exe
2017-07-14 22:19 . 2009-10-09 21:55 252416 ----a-w- c:\windows\system32\WSManMigrationPlugin.dll
2017-07-14 22:18 . 2009-08-11 16:44 1401856 ----a-w- c:\windows\system32\msxml6.dll
2017-07-14 22:18 . 2011-04-14 14:59 75264 ----a-w- c:\windows\system32\drivers\dfsc.sys
2017-07-14 22:18 . 2009-07-11 19:01 513536 ----a-w- c:\windows\system32\wlansvc.dll
2017-07-14 22:18 . 2009-07-11 19:01 293376 ----a-w- c:\windows\system32\wlanmsm.dll
2017-07-14 22:18 . 2009-07-11 17:03 127488 ----a-w- c:\windows\system32\L2SecHC.dll
2017-07-14 22:18 . 2009-04-11 06:28 68096 ----a-w- c:\windows\system32\wlanhlp.dll
2017-07-14 22:18 . 2009-07-11 19:01 302592 ----a-w- c:\windows\system32\wlansec.dll
2017-07-14 22:18 . 2009-07-11 19:01 65024 ----a-w- c:\windows\system32\wlanapi.dll
2017-07-14 22:18 . 2011-02-22 13:23 69632 ----a-w- c:\windows\system32\drivers\bowser.sys
2017-07-14 22:17 . 2010-10-15 14:08 3602320 ----a-w- c:\windows\system32\ntkrnlpa.exe
2017-07-14 22:17 . 2010-10-15 14:08 3550096 ----a-w- c:\windows\system32\ntoskrnl.exe
2017-07-14 22:17 . 2010-10-15 13:48 1205080 ----a-w- c:\windows\system32\ntdll.dll
2017-07-14 22:17 . 2010-01-29 15:40 1616384 ----a-w- c:\program files\Windows Mail\msoe.dll
2017-07-14 22:17 . 2011-03-10 17:03 1162240 ----a-w- c:\windows\system32\mfc42u.dll
2017-07-14 22:17 . 2011-03-10 17:03 1136640 ----a-w- c:\windows\system32\mfc42.dll
2017-07-14 22:17 . 2009-09-10 16:48 218624 ----a-w- c:\windows\system32\msv1_0.dll
2017-07-14 22:17 . 2011-02-18 14:03 305152 ----a-w- c:\windows\system32\drivers\srv.sys
2017-07-14 22:15 . 2009-06-10 11:42 160256 ----a-w- c:\windows\system32\wkssvc.dll
2017-07-14 22:14 . 2009-04-23 12:14 623616 ----a-w- c:\windows\system32\localspl.dll
2017-07-14 22:14 . 2010-06-18 17:31 36864 ----a-w- c:\windows\system32\rtutils.dll
2017-07-14 22:13 . 2010-08-31 15:46 954752 ----a-w- c:\windows\system32\mfc40.dll
2017-07-14 22:13 . 2010-08-31 15:46 954288 ----a-w- c:\windows\system32\mfc40u.dll
2017-07-14 22:13 . 2010-12-20 16:35 563712 ----a-w- c:\windows\system32\oleaut32.dll
2017-07-14 22:12 . 2011-03-03 15:40 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2017-07-14 22:12 . 2010-08-26 16:34 1696256 ----a-w- c:\windows\system32\gameux.dll
2017-07-14 22:12 . 2011-03-03 13:35 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2017-07-14 22:12 . 2009-12-23 11:33 172032 ----a-w- c:\windows\system32\wintrust.dll
2017-07-14 22:12 . 2009-06-15 14:52 1259008 ----a-w- c:\windows\system32\lsasrv.dll
2017-07-14 22:12 . 2009-06-15 14:54 175104 ----a-w- c:\windows\system32\wdigest.dll
2017-07-14 22:12 . 2009-06-15 14:52 499712 ----a-w- c:\windows\system32\kerberos.dll
2017-07-14 22:12 . 2009-06-15 23:15 439864 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2017-07-14 22:12 . 2009-06-15 14:53 72704 ----a-w- c:\windows\system32\secur32.dll
2017-07-14 22:12 . 2009-06-15 12:48 9728 ----a-w- c:\windows\system32\lsass.exe
2017-07-14 22:12 . 2010-08-20 16:05 867328 ----a-w- c:\windows\system32\wmpmde.dll
2017-07-14 22:08 . 2010-01-21 15:05 62464 ----a-w- c:\windows\system32\l3codeca.acm
2017-07-14 22:08 . 2009-04-11 06:27 220672 ----a-w- c:\windows\system32\l3codecp.acm
2017-07-14 22:06 . 2010-01-13 17:34 98304 ----a-w- c:\windows\system32\cabview.dll
2017-07-14 22:05 . 2011-04-20 15:55 375808 ----a-w- c:\windows\system32\winsrv.dll
2017-07-14 22:05 . 2011-04-20 15:50 49152 ----a-w- c:\windows\system32\csrsrv.dll
2017-07-14 22:05 . 2009-09-04 11:41 60928 ----a-w- c:\windows\system32\msasn1.dll
2017-07-14 22:05 . 2009-04-23 12:15 784896 ----a-w- c:\windows\system32\rpcrt4.dll
2017-07-14 22:05 . 2009-12-04 18:29 1314816 ----a-w- c:\windows\system32\quartz.dll
2017-07-14 22:04 . 2009-12-04 18:30 12288 ----a-w- c:\windows\system32\tsbyuv.dll
2017-07-14 22:04 . 2009-12-04 18:28 31744 ----a-w- c:\windows\system32\msvidc32.dll
2017-07-14 22:04 . 2009-12-04 18:28 13312 ----a-w- c:\windows\system32\msrle32.dll
2017-07-14 22:04 . 2009-12-04 18:28 22528 ----a-w- c:\windows\system32\msyuv.dll
2017-07-14 22:04 . 2009-12-04 18:28 50176 ----a-w- c:\windows\system32\iyuv_32.dll
2017-07-14 22:04 . 2009-12-04 18:28 82944 ----a-w- c:\windows\system32\mciavi32.dll
2017-07-14 22:04 . 2009-12-04 18:27 91136 ----a-w- c:\windows\system32\avifil32.dll
2017-07-14 22:04 . 2009-12-04 18:28 123904 ----a-w- c:\windows\system32\msvfw32.dll
2017-07-14 22:04 . 2010-08-31 15:44 531968 ----a-w- c:\windows\system32\comctl32.dll
2017-07-14 22:04 . 2009-08-10 12:35 355328 ----a-w- c:\windows\system32\WSDApi.dll
2017-07-14 22:04 . 2011-04-29 15:59 276992 ----a-w- c:\windows\system32\schannel.dll
2017-07-14 22:03 . 2009-05-08 12:53 604672 ----a-w- c:\windows\system32\WMSPDMOD.DLL
2017-07-14 22:02 . 2009-09-10 14:58 1418752 ----a-w- c:\program files\Windows Media Player\setup_wm.exe
2017-07-14 22:02 . 2009-09-10 14:58 310784 ----a-w- c:\windows\system32\unregmp2.exe
2017-07-14 22:02 . 2009-07-15 12:39 107520 ----a-w- c:\program files\Windows Media Player\wmpconfig.exe
2017-07-14 22:02 . 2009-07-15 12:39 4096 ----a-w- c:\windows\system32\msdxm.ocx
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 132496]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 40048]
"toolbar_eula_launcher"="c:\tb_eula\EULALauncher.exe" [2008-02-20 21504]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-11-29 1029416]
"HDMICtrlMan"="c:\program files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe" [2008-01-25 716800]
"TPwrMain"="c:\program files\TOSHIBA\Power Saver\TPwrMain.EXE" [2008-01-17 431456]
"HSON"="c:\program files\TOSHIBA\TBS\HSON.exe" [2007-10-31 54608]
"SmoothView"="c:\program files\Toshiba\SmoothView\SmoothView.exe" [2008-01-25 509816]
"00TCrdMain"="c:\program files\TOSHIBA\FlashCards\TCrdMain.exe" [2008-01-22 712704]
"Toshiba Registration"="c:\program files\Toshiba\Registration\ToshibaRegistration.exe" [2007-05-04 571024]
"PSUAMain"="c:\program files\Panda Security\Panda Security Protection\PSUAMain.exe" [2015-10-22 54520]
"NDSTray.exe"="NDSTray.exe" [BU]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
"MaxGPOScriptWait"= 600 (0x258)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NanoServiceMain]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSUAService]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000001
.
--- Autres Services/Pilotes en mémoire ---
.
*NewlyCreated* - WS2IFSL
.
.
------- Examen supplémentaire -------
.
uStart Page = https://www.google.com/?bcutc=sp-006
mStart Page = https://www.google.com/?bcutc=sp-006
mSearch Bar = https://www.google.com/?bcutc=sp-006
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\ChrisXav\AppData\Roaming\Mozilla\Firefox\Profiles\ip7yyp0o.default-1501172050055\
.
- - - - ORPHELINS SUPPRIMES - - - -
.
HKLM-Run-ITSecMng - c:\program files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2017-08-07 15:36
Windows 6.0.6002 Service Pack 2 NTFS
.
Recherche de processus cachés ...
.
Recherche d'éléments en démarrage automatique cachés ...
.
Recherche de fichiers cachés ...
.
Scan terminé avec succès
Fichiers cachés: 0
.
**************************************************************************
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Heure de fin: 2017-08-07 15:42:48
ComboFix-quarantined-files.txt 2017-08-07 13:42
.
Avant-CF: 98 868 576 256 octets libres
Après-CF: 98 602 676 224 octets libres
.
- - End Of File - - 2386DC366B2230BF8DE09C0B7CF95C44
5C616939100B85E558DA92B899A0FC36
Microsoft® Windows Vista Édition Familiale Premium 6.0.6002.2.1252.33.1036.18.2046.762 [GMT 2:00]
Lancé depuis: c:\users\ChrisXav\Desktop\ComboFix.exe
AV: Panda Free Antivirus *Enabled/Updated* {3456760B-FDAA-FFFD-06C2-7BB528D2066C}
FW: Panda Firewall *Disabled* {0C6DF72E-B7C5-FEA5-2D9D-D280D6014117}
SP: Panda Free Antivirus *Enabled/Updated* {8F3797EF-DB90-F073-3C72-40C753554CD1}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\security\Database\tmp.edb
c:\windows\system32\DEBUG.log
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2017-07-07 au 2017-08-07 ))))))))))))))))))))))))))))))))))))
.
.
2017-08-07 13:35 . 2017-08-07 13:35 -------- d-----w- c:\users\Default\AppData\Local\temp
2017-08-07 06:40 . 2015-05-22 08:45 50832 ----a-w- c:\windows\system32\drivers\PSKMAD.sys
2017-07-29 14:27 . 2017-07-29 16:07 -------- d-----w- C:\FRST
2017-07-24 17:27 . 2012-06-02 22:19 53784 ----a-w- c:\windows\system32\wuauclt.exe
2017-07-24 17:27 . 2012-06-02 22:19 45080 ----a-w- c:\windows\system32\wups2.dll
2017-07-24 17:27 . 2012-06-02 22:12 2422272 ----a-w- c:\windows\system32\wucltux.dll
2017-07-24 17:27 . 2012-06-02 22:19 1933848 ----a-w- c:\windows\system32\wuaueng.dll
2017-07-24 17:27 . 2012-06-02 22:19 35864 ----a-w- c:\windows\system32\wups.dll
2017-07-24 17:27 . 2012-06-02 22:19 577048 ----a-w- c:\windows\system32\wuapi.dll
2017-07-24 17:27 . 2012-06-02 22:12 88576 ----a-w- c:\windows\system32\wudriver.dll
2017-07-24 17:26 . 2012-06-02 13:19 171904 ----a-w- c:\windows\system32\wuwebv.dll
2017-07-24 17:26 . 2012-06-02 13:12 33792 ----a-w- c:\windows\system32\wuapp.exe
2017-07-23 17:18 . 2017-07-23 17:18 -------- d-----w- c:\windows\system32\ca-ES
2017-07-23 17:18 . 2017-07-23 17:18 -------- d-----w- c:\windows\system32\eu-ES
2017-07-23 17:18 . 2017-07-23 17:18 -------- d-----w- c:\windows\system32\vi-VN
2017-07-22 06:56 . 2017-07-22 06:57 -------- d-----w- c:\program files\Panda Security
2017-07-22 06:54 . 2017-07-22 06:57 -------- d-----w- c:\programdata\Panda Security
2017-07-21 19:46 . 2017-07-21 20:03 -------- d-----w- C:\AdwCleaner
2017-07-21 19:24 . 2017-07-21 19:24 -------- d-----w- c:\program files\AVAST Software
2017-07-16 07:46 . 2017-07-16 07:46 -------- d-----w- c:\windows\system32\EventProviders
2017-07-16 01:59 . 2009-04-11 05:03 12240896 ----a-w- c:\windows\system32\NlsLexicons0007.dll
2017-07-16 01:59 . 2009-03-14 00:44 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
2017-07-16 01:59 . 2009-04-11 06:28 1081344 ----a-w- c:\windows\system32\SLCExt.dll
2017-07-16 01:59 . 2009-04-11 06:27 3408896 ----a-w- c:\windows\system32\SLsvc.exe
2017-07-16 01:57 . 2009-04-11 06:28 152576 ----a-w- c:\windows\system32\wbem\wmiprov.dll
2017-07-15 16:38 . 2010-09-06 16:20 125952 ----a-w- c:\windows\system32\srvsvc.dll
2017-07-15 16:38 . 2010-09-06 16:19 17920 ----a-w- c:\windows\system32\netevent.dll
2017-07-15 16:38 . 2009-08-24 11:36 377344 ----a-w- c:\windows\system32\winhttp.dll
2017-07-15 06:01 . 2017-07-15 06:01 -------- d-----w- c:\program files\Microsoft.NET
2017-07-15 06:00 . 2009-11-08 08:55 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2017-07-15 06:00 . 2009-11-08 08:55 49472 ----a-w- c:\windows\system32\netfxperf.dll
2017-07-15 06:00 . 2009-11-08 08:55 297808 ----a-w- c:\windows\system32\mscoree.dll
2017-07-15 06:00 . 2009-11-08 08:55 295264 ----a-w- c:\windows\system32\PresentationHost.exe
2017-07-15 06:00 . 2009-11-08 08:55 1130824 ----a-w- c:\windows\system32\dfshim.dll
2017-07-15 05:47 . 2017-07-15 05:51 -------- d-----w- c:\windows\system32\MRT
2017-07-14 22:47 . 2008-05-27 04:59 18904 ----a-w- c:\windows\system32\StructuredQuerySchemaTrivial.bin
2017-07-14 22:25 . 2010-02-20 23:06 24064 ----a-w- c:\windows\system32\nshhttp.dll
2017-07-14 22:25 . 2010-02-20 20:53 411648 ----a-w- c:\windows\system32\drivers\http.sys
2017-07-14 22:25 . 2010-02-20 23:05 30720 ----a-w- c:\windows\system32\httpapi.dll
2017-07-14 22:24 . 2010-06-16 16:04 905088 ----a-w- c:\windows\system32\drivers\tcpip.sys
2017-07-14 22:23 . 2010-09-13 13:56 168960 ----a-w- c:\program files\Windows Media Player\wmplayer.exe
2017-07-14 22:23 . 2010-09-13 13:56 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2017-07-14 22:23 . 2009-08-14 13:48 105984 ----a-w- c:\windows\system32\netiohlp.dll
2017-07-14 22:23 . 2009-08-14 13:49 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE
2017-07-14 22:23 . 2009-08-14 13:49 17920 ----a-w- c:\windows\system32\ROUTE.EXE
2017-07-14 22:23 . 2009-08-14 13:49 11264 ----a-w- c:\windows\system32\MRINFO.EXE
2017-07-14 22:23 . 2009-08-14 13:49 27136 ----a-w- c:\windows\system32\NETSTAT.EXE
2017-07-14 22:23 . 2009-08-14 13:49 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE
2017-07-14 22:23 . 2009-08-14 13:49 19968 ----a-w- c:\windows\system32\ARP.EXE
2017-07-14 22:23 . 2009-08-14 13:49 10240 ----a-w- c:\windows\system32\finger.exe
2017-07-14 22:22 . 2008-02-29 06:35 6656 ----a-w- c:\windows\system32\kbd106n.dll
2017-07-14 22:22 . 2011-03-02 15:44 86528 ----a-w- c:\windows\system32\dnsrslvr.dll
2017-07-14 22:22 . 2009-05-04 09:59 25088 ----a-w- c:\windows\system32\dnscacheugc.exe
2017-07-14 22:22 . 2010-10-28 13:20 2048 ----a-w- c:\windows\system32\tzres.dll
2017-07-14 22:21 . 2010-12-28 15:55 413696 ----a-w- c:\windows\system32\odbc32.dll
2017-07-14 22:21 . 2010-12-28 15:53 708608 ----a-w- c:\program files\Common Files\System\ado\msado15.dll
2017-07-14 22:21 . 2010-12-28 15:53 253952 ----a-w- c:\program files\Common Files\System\ado\msadox.dll
2017-07-14 22:21 . 2010-12-28 15:53 241664 ----a-w- c:\program files\Common Files\System\ado\msadomd.dll
2017-07-14 22:21 . 2010-12-28 15:53 57344 ----a-w- c:\program files\Common Files\System\msadc\msadcs.dll
2017-07-14 22:21 . 2010-12-28 15:53 180224 ----a-w- c:\program files\Common Files\System\msadc\msadco.dll
2017-07-14 22:19 . 2009-08-01 06:27 201184 ----a-w- c:\windows\system32\winrm.vbs
2017-07-14 22:19 . 2009-10-09 21:56 214016 ----a-w- c:\windows\system32\WsmWmiPl.dll
2017-07-14 22:19 . 2009-10-09 21:56 145408 ----a-w- c:\windows\system32\WsmAuto.dll
2017-07-14 22:19 . 2009-10-09 21:56 1181696 ----a-w- c:\windows\system32\WsmSvc.dll
2017-07-14 22:19 . 2009-10-09 21:56 241152 ----a-w- c:\windows\system32\winrscmd.dll
2017-07-14 22:19 . 2009-10-09 21:56 246272 ----a-w- c:\windows\system32\WSManHTTPConfig.exe
2017-07-14 22:19 . 2009-10-09 21:55 252416 ----a-w- c:\windows\system32\WSManMigrationPlugin.dll
2017-07-14 22:18 . 2009-08-11 16:44 1401856 ----a-w- c:\windows\system32\msxml6.dll
2017-07-14 22:18 . 2011-04-14 14:59 75264 ----a-w- c:\windows\system32\drivers\dfsc.sys
2017-07-14 22:18 . 2009-07-11 19:01 513536 ----a-w- c:\windows\system32\wlansvc.dll
2017-07-14 22:18 . 2009-07-11 19:01 293376 ----a-w- c:\windows\system32\wlanmsm.dll
2017-07-14 22:18 . 2009-07-11 17:03 127488 ----a-w- c:\windows\system32\L2SecHC.dll
2017-07-14 22:18 . 2009-04-11 06:28 68096 ----a-w- c:\windows\system32\wlanhlp.dll
2017-07-14 22:18 . 2009-07-11 19:01 302592 ----a-w- c:\windows\system32\wlansec.dll
2017-07-14 22:18 . 2009-07-11 19:01 65024 ----a-w- c:\windows\system32\wlanapi.dll
2017-07-14 22:18 . 2011-02-22 13:23 69632 ----a-w- c:\windows\system32\drivers\bowser.sys
2017-07-14 22:17 . 2010-10-15 14:08 3602320 ----a-w- c:\windows\system32\ntkrnlpa.exe
2017-07-14 22:17 . 2010-10-15 14:08 3550096 ----a-w- c:\windows\system32\ntoskrnl.exe
2017-07-14 22:17 . 2010-10-15 13:48 1205080 ----a-w- c:\windows\system32\ntdll.dll
2017-07-14 22:17 . 2010-01-29 15:40 1616384 ----a-w- c:\program files\Windows Mail\msoe.dll
2017-07-14 22:17 . 2011-03-10 17:03 1162240 ----a-w- c:\windows\system32\mfc42u.dll
2017-07-14 22:17 . 2011-03-10 17:03 1136640 ----a-w- c:\windows\system32\mfc42.dll
2017-07-14 22:17 . 2009-09-10 16:48 218624 ----a-w- c:\windows\system32\msv1_0.dll
2017-07-14 22:17 . 2011-02-18 14:03 305152 ----a-w- c:\windows\system32\drivers\srv.sys
2017-07-14 22:15 . 2009-06-10 11:42 160256 ----a-w- c:\windows\system32\wkssvc.dll
2017-07-14 22:14 . 2009-04-23 12:14 623616 ----a-w- c:\windows\system32\localspl.dll
2017-07-14 22:14 . 2010-06-18 17:31 36864 ----a-w- c:\windows\system32\rtutils.dll
2017-07-14 22:13 . 2010-08-31 15:46 954752 ----a-w- c:\windows\system32\mfc40.dll
2017-07-14 22:13 . 2010-08-31 15:46 954288 ----a-w- c:\windows\system32\mfc40u.dll
2017-07-14 22:13 . 2010-12-20 16:35 563712 ----a-w- c:\windows\system32\oleaut32.dll
2017-07-14 22:12 . 2011-03-03 15:40 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2017-07-14 22:12 . 2010-08-26 16:34 1696256 ----a-w- c:\windows\system32\gameux.dll
2017-07-14 22:12 . 2011-03-03 13:35 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2017-07-14 22:12 . 2009-12-23 11:33 172032 ----a-w- c:\windows\system32\wintrust.dll
2017-07-14 22:12 . 2009-06-15 14:52 1259008 ----a-w- c:\windows\system32\lsasrv.dll
2017-07-14 22:12 . 2009-06-15 14:54 175104 ----a-w- c:\windows\system32\wdigest.dll
2017-07-14 22:12 . 2009-06-15 14:52 499712 ----a-w- c:\windows\system32\kerberos.dll
2017-07-14 22:12 . 2009-06-15 23:15 439864 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2017-07-14 22:12 . 2009-06-15 14:53 72704 ----a-w- c:\windows\system32\secur32.dll
2017-07-14 22:12 . 2009-06-15 12:48 9728 ----a-w- c:\windows\system32\lsass.exe
2017-07-14 22:12 . 2010-08-20 16:05 867328 ----a-w- c:\windows\system32\wmpmde.dll
2017-07-14 22:08 . 2010-01-21 15:05 62464 ----a-w- c:\windows\system32\l3codeca.acm
2017-07-14 22:08 . 2009-04-11 06:27 220672 ----a-w- c:\windows\system32\l3codecp.acm
2017-07-14 22:06 . 2010-01-13 17:34 98304 ----a-w- c:\windows\system32\cabview.dll
2017-07-14 22:05 . 2011-04-20 15:55 375808 ----a-w- c:\windows\system32\winsrv.dll
2017-07-14 22:05 . 2011-04-20 15:50 49152 ----a-w- c:\windows\system32\csrsrv.dll
2017-07-14 22:05 . 2009-09-04 11:41 60928 ----a-w- c:\windows\system32\msasn1.dll
2017-07-14 22:05 . 2009-04-23 12:15 784896 ----a-w- c:\windows\system32\rpcrt4.dll
2017-07-14 22:05 . 2009-12-04 18:29 1314816 ----a-w- c:\windows\system32\quartz.dll
2017-07-14 22:04 . 2009-12-04 18:30 12288 ----a-w- c:\windows\system32\tsbyuv.dll
2017-07-14 22:04 . 2009-12-04 18:28 31744 ----a-w- c:\windows\system32\msvidc32.dll
2017-07-14 22:04 . 2009-12-04 18:28 13312 ----a-w- c:\windows\system32\msrle32.dll
2017-07-14 22:04 . 2009-12-04 18:28 22528 ----a-w- c:\windows\system32\msyuv.dll
2017-07-14 22:04 . 2009-12-04 18:28 50176 ----a-w- c:\windows\system32\iyuv_32.dll
2017-07-14 22:04 . 2009-12-04 18:28 82944 ----a-w- c:\windows\system32\mciavi32.dll
2017-07-14 22:04 . 2009-12-04 18:27 91136 ----a-w- c:\windows\system32\avifil32.dll
2017-07-14 22:04 . 2009-12-04 18:28 123904 ----a-w- c:\windows\system32\msvfw32.dll
2017-07-14 22:04 . 2010-08-31 15:44 531968 ----a-w- c:\windows\system32\comctl32.dll
2017-07-14 22:04 . 2009-08-10 12:35 355328 ----a-w- c:\windows\system32\WSDApi.dll
2017-07-14 22:04 . 2011-04-29 15:59 276992 ----a-w- c:\windows\system32\schannel.dll
2017-07-14 22:03 . 2009-05-08 12:53 604672 ----a-w- c:\windows\system32\WMSPDMOD.DLL
2017-07-14 22:02 . 2009-09-10 14:58 1418752 ----a-w- c:\program files\Windows Media Player\setup_wm.exe
2017-07-14 22:02 . 2009-09-10 14:58 310784 ----a-w- c:\windows\system32\unregmp2.exe
2017-07-14 22:02 . 2009-07-15 12:39 107520 ----a-w- c:\program files\Windows Media Player\wmpconfig.exe
2017-07-14 22:02 . 2009-07-15 12:39 4096 ----a-w- c:\windows\system32\msdxm.ocx
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 132496]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 40048]
"toolbar_eula_launcher"="c:\tb_eula\EULALauncher.exe" [2008-02-20 21504]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-11-29 1029416]
"HDMICtrlMan"="c:\program files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe" [2008-01-25 716800]
"TPwrMain"="c:\program files\TOSHIBA\Power Saver\TPwrMain.EXE" [2008-01-17 431456]
"HSON"="c:\program files\TOSHIBA\TBS\HSON.exe" [2007-10-31 54608]
"SmoothView"="c:\program files\Toshiba\SmoothView\SmoothView.exe" [2008-01-25 509816]
"00TCrdMain"="c:\program files\TOSHIBA\FlashCards\TCrdMain.exe" [2008-01-22 712704]
"Toshiba Registration"="c:\program files\Toshiba\Registration\ToshibaRegistration.exe" [2007-05-04 571024]
"PSUAMain"="c:\program files\Panda Security\Panda Security Protection\PSUAMain.exe" [2015-10-22 54520]
"NDSTray.exe"="NDSTray.exe" [BU]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
"MaxGPOScriptWait"= 600 (0x258)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NanoServiceMain]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSUAService]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000001
.
--- Autres Services/Pilotes en mémoire ---
.
*NewlyCreated* - WS2IFSL
.
.
------- Examen supplémentaire -------
.
uStart Page = https://www.google.com/?bcutc=sp-006
mStart Page = https://www.google.com/?bcutc=sp-006
mSearch Bar = https://www.google.com/?bcutc=sp-006
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\ChrisXav\AppData\Roaming\Mozilla\Firefox\Profiles\ip7yyp0o.default-1501172050055\
.
- - - - ORPHELINS SUPPRIMES - - - -
.
HKLM-Run-ITSecMng - c:\program files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2017-08-07 15:36
Windows 6.0.6002 Service Pack 2 NTFS
.
Recherche de processus cachés ...
.
Recherche d'éléments en démarrage automatique cachés ...
.
Recherche de fichiers cachés ...
.
Scan terminé avec succès
Fichiers cachés: 0
.
**************************************************************************
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Heure de fin: 2017-08-07 15:42:48
ComboFix-quarantined-files.txt 2017-08-07 13:42
.
Avant-CF: 98 868 576 256 octets libres
Après-CF: 98 602 676 224 octets libres
.
- - End Of File - - 2386DC366B2230BF8DE09C0B7CF95C44
5C616939100B85E558DA92B899A0FC36