braco41 a écrit:
ComboFix 13-09-06.01 - gael 07/09/2013 23:49:49.1.4 - x64
Microsoft Windows 7 Édition Familiale Premium 6.1.7601.1.1252.33.1036.18.6126.3739 [GMT 2:00]
Lancé depuis: c:\users\gael\Downloads\ComboFix.exe
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
FW: avast! Internet Security *Disabled* {131692B0-0864-D491-4E21-3A3A1D8BBB47}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\wininit.ini
D:\install.exe
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2013-08-07 au 2013-09-07 ))))))))))))))))))))))))))))))))))))
.
.
2013-09-07 21:53 . 2013-09-07 21:53 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-09-07 15:46 . 2013-09-07 21:17 -------- d-----w- C:\AdwCleaner
2013-09-07 15:42 . 2013-09-07 15:44 -------- d-----w- c:\programdata\SecTaskMan
2013-09-07 15:33 . 2013-09-07 15:33 -------- d-----w- c:\users\gael\AppData\Roaming\LavasoftStatistics
2013-09-07 15:33 . 2013-09-07 15:33 -------- d-----w- c:\programdata\Ad-Aware Antivirus
2013-09-07 15:30 . 2013-09-07 15:40 -------- d-----w- c:\program files (x86)\Ad-Aware Antivirus
2013-09-07 15:30 . 2013-09-07 15:30 -------- d-----w- c:\programdata\Lavasoft
2013-09-07 15:30 . 2013-09-07 15:30 -------- d-----w- c:\programdata\Downloaded Installations
2013-09-07 15:30 . 2013-09-07 15:30 -------- d-----w- c:\program files (x86)\Lavasoft
2013-09-07 15:30 . 2013-09-07 15:30 -------- d-----w- c:\program files (x86)\Toolbar Cleaner
2013-09-07 15:29 . 2013-09-07 15:29 14456 ----a-w- c:\windows\system32\drivers\gfibto.sys
2013-09-07 15:29 . 2013-09-07 15:36 -------- d-----w- c:\users\gael\AppData\Roaming\Ad-Aware Antivirus
2013-09-06 07:45 . 2013-08-06 08:58 9515512 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{EDC861A9-DBAA-4FF4-9700-2E65B10001B5}\mpengine.dll
2013-09-05 00:37 . 2013-09-05 00:37 -------- d-----w- c:\users\gael\AppData\Local\ElevatedDiagnostics
2013-09-05 00:16 . 2013-09-05 21:47 -------- d-----w- c:\users\gael\AppData\Roaming\vlc
2013-09-05 00:07 . 2013-09-05 00:07 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-09-05 00:07 . 2013-04-04 12:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-08-14 19:39 . 2013-07-09 05:52 224256 ----a-w- c:\windows\system32\wintrust.dll
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-08-30 07:48 . 2013-03-11 23:31 204880 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-08-30 07:48 . 2013-03-11 23:31 65336 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-08-30 07:48 . 2012-07-06 17:40 378944 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-08-30 07:48 . 2012-07-06 17:40 72016 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2013-08-30 07:48 . 2012-07-06 17:40 64288 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-08-30 07:48 . 2012-07-06 17:40 1030952 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-08-30 07:48 . 2012-07-06 17:40 33400 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-08-30 07:48 . 2012-07-06 17:40 80816 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-08-30 07:47 . 2012-07-06 17:39 41664 ----a-w- c:\windows\avastSS.scr
2013-08-30 07:47 . 2012-07-06 17:40 287840 ----a-w- c:\windows\system32\aswBoot.exe
2013-08-14 20:57 . 2012-07-07 12:44 78161360 ----a-w- c:\windows\system32\MRT.exe
2013-08-07 10:52 . 2013-08-07 10:52 82432 ----a-w- c:\users\gael\AppData\Roaming\Microsoft\MSXML2\msxml4r.dll
2013-08-07 10:52 . 2013-08-07 10:52 44544 ----a-w- c:\users\gael\AppData\Roaming\Microsoft\MSXML2\msxml4a.dll
2013-08-07 10:52 . 2013-08-07 10:52 1275392 ----a-w- c:\users\gael\AppData\Roaming\Microsoft\MSXML2\msxml4.dll
2013-07-21 13:44 . 2013-07-21 13:44 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-07-21 13:44 . 2012-07-14 20:07 867240 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-07-21 13:44 . 2012-07-14 20:07 789416 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-07-12 23:38 . 2012-07-07 12:41 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-07-12 23:38 . 2011-12-05 23:52 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-07-09 04:45 . 2013-08-14 19:39 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2013-07-04 07:11 . 2011-01-07 13:02 829264 ----a-w- c:\windows\system32\msvcr100.dll
2013-07-04 07:11 . 2011-01-07 13:02 608080 ----a-w- c:\windows\system32\msvcp100.dll
2013-06-27 12:35 . 2013-06-27 12:35 108968 ----a-w- c:\windows\system32\WindowsA
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2013-05-06 21:13 220608 ----a-w- c:\users\gael\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2013-05-06 21:13 220608 ----a-w- c:\users\gael\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2013-05-06 21:13 220608 ----a-w- c:\users\gael\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-03-09 336384]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-08-30 4858968]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0sdnclean64.exe
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 Freemake Improver;Freemake Improver;c:\programdata\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe;c:\programdata\Freemake\FreemccessBridge-64.dll
2013-06-27 12:35 . 2013-06-27 12:35 312232 ----a-w- c:\windows\system32\javaws.exe
2013-06-27 12:35 . 2013-06-27 12:35 189352 ----a-w- c:\windows\system32\javaw.exe
2013-06-27 12:35 . 2013-06-27 12:35 188840 ----a-w- c:\windows\system32\java.exe
2013-06-27 12:35 . 2012-09-10 10:45 972712 ----a-w- c:\windows\system32\deployJava1.dll
2013-06-27 12:35 . 2012-09-10 10:45 1093032 ----a-w- c:\windows\system32\npDeployJava1.dll