Se connecter / S'enregistrer
Votre question

Rapport combo fix

Tags :
  • Restauration système
  • Sécurité
Dernière réponse : dans Sécurité et virus
29 Juin 2011 23:38:55

Voila mon rapport combo fix a analyser suite a mon sujet mivolo.

Par contre quand combo fix a eut terminer j'ai ete obliger de faire une restauration systeme car aucun programme voulais se lancer.


ComboFix 11-06-29.06 - JAUZE 29/06/2011 23:11:23.1.4 - x64
Microsoft Windows 7 Édition Familiale Premium 6.1.7601.1.1252.33.1036.18.3894.2325 [GMT 2:00]
Lancé depuis: c:\users\JAUZE\Downloads\ComboFix_001.exe
AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Un nouveau point de restauration a été créé
.
/wow section - STAGE 50
Le processus ne peut pas accéder au fichier car ce fichier est utilisé par un autre processus.
Le processus ne peut pas accéder au fichier car ce fichier est utilisé par un autre processus.
Le processus ne peut pas accéder au fichier car ce fichier est utilisé par un autre processus.
Le processus ne peut pas accéder au fichier car ce fichier est utilisé par un autre processus.
Le processus ne peut pas accéder au fichier car ce fichier est utilisé par un autre processus.
Le processus ne peut pas accéder au fichier car ce fichier est utilisé par un autre processus.
Le système ne peut trouver le fichier LockedB.
Le système ne peut trouver le fichier lockedB.
'.d.a.1.a.3.f.f.' n’est pas reconnu en tant que commande interne
ou externe, un programme exécutable ou un fichier de commandes.
'.0.\\.' n’est pas reconnu en tant que commande interne
ou externe, un programme exécutable ou un fichier de commandes.
Le système ne peut trouver le fichier LockedB.
Le système ne peut trouver le fichier LockedB.
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\users\JAUZE\Documents\cc_20110623_221956.reg
c:\windows\security\Database\tmp.edb
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2011-05-28 au 2011-06-29 ))))))))))))))))))))))))))))))))))))
.
.
2011-06-29 21:18 . 2011-06-29 21:18 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-06-29 21:09 . 2011-06-29 21:09 -------- d-----w- C:\ComboFix_001
2011-06-29 17:18 . 2011-06-29 17:18 -------- d-----w- c:\users\JAUZE\AppData\Local\{40A61231-C2F4-42CA-ADE2-1D284AD3FF47}
2011-06-28 20:31 . 2011-06-07 17:10 8873296 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{03972400-C856-4AA8-BFE3-FC28F4E92BC5}\mpengine.dll
2011-06-28 20:18 . 2011-06-28 20:19 -------- d-----w- c:\users\JAUZE\AppData\Local\{B365CF6C-CFB3-416E-A5D2-26D5B9F22636}
2011-06-27 20:43 . 2011-06-28 20:26 -------- d-----w- C:\Ad-Remover
2011-06-27 20:31 . 2011-06-27 20:31 512 ----a-w- C:\PhysicalDisk0_MBR.bin
2011-06-27 20:29 . 2011-06-27 20:31 -------- d-----w- c:\program files (x86)\ZHPDiag
2011-06-27 17:57 . 2011-06-27 17:57 -------- d-----w- c:\users\JAUZE\AppData\Local\{474D3E82-77CC-4354-A66F-E9BE534FBB4F}
2011-06-27 17:56 . 2011-06-27 17:56 -------- d-----w- c:\users\JAUZE\AppData\Local\{187139D5-1A60-4098-9F43-1D4563726EFF}
2011-06-26 19:27 . 2011-06-26 19:27 -------- d-----w- c:\users\JAUZE\AppData\Local\{4ADEF6BE-034B-40DD-A116-FA3FEA82F6FD}
2011-06-25 23:13 . 2011-06-25 23:14 -------- d-----w- c:\users\JAUZE\AppData\Local\{D497674B-5B69-4836-BCCB-B67DBD284E6E}
2011-06-25 10:56 . 2011-06-25 10:57 -------- d-----w- c:\users\JAUZE\AppData\Local\{8AE9A0FF-09EB-43D6-8BE4-31206E0DA652}
2011-06-24 20:23 . 2011-06-24 20:23 -------- d-----w- c:\users\JAUZE\AppData\Roaming\QuickScan
2011-06-24 09:43 . 2011-06-24 09:43 2106216 ----a-w- c:\program files (x86)\Mozilla Firefox\D3DCompiler_43.dll
2011-06-24 09:43 . 2011-06-24 09:43 1998168 ----a-w- c:\program files (x86)\Mozilla Firefox\d3dx9_43.dll
2011-06-24 09:40 . 2011-06-24 09:40 -------- d-----w- c:\users\JAUZE\AppData\Local\{E105AE50-A3A9-4445-8FBD-029DBBC0AD6E}
2011-06-23 20:11 . 2011-06-23 20:11 -------- d-----w- c:\program files\CCleaner
2011-06-23 20:09 . 2011-06-23 21:14 -------- d-----w- c:\program files (x86)\Google
2011-06-23 19:31 . 2011-06-23 19:31 -------- d-----w- c:\users\JAUZE\AppData\Local\{E2F6D292-BAEA-4A80-A603-575FC201E854}
2011-06-22 21:09 . 2011-06-22 21:09 -------- d-----w- c:\users\JAUZE\AppData\Local\{2C28DDCC-33F4-4679-ABC0-09C56AF3ED0E}
2011-06-22 21:09 . 2011-06-22 21:09 -------- d-----w- c:\users\JAUZE\AppData\Local\{6E9D7BE9-854A-4FEA-8510-42821A4D5581}
2011-06-21 18:42 . 2011-06-21 18:42 -------- d-----w- c:\program files (x86)\ESET
2011-06-21 18:27 . 2011-06-21 18:27 -------- d-----w- c:\users\JAUZE\AppData\Local\{9ACB12CF-5100-4012-89A9-C68E425D02B3}
2011-06-21 18:27 . 2011-06-21 18:27 -------- d-----w- c:\users\JAUZE\AppData\Local\{0F7CE966-3E35-4C53-80E5-F8915BFC301F}
2011-06-20 20:53 . 2011-06-20 20:53 -------- d-----w- c:\users\JAUZE\AppData\Roaming\Malwarebytes
2011-06-20 20:52 . 2011-05-29 07:11 39984 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
2011-06-20 20:52 . 2011-06-20 20:52 -------- d-----w- c:\programdata\Malwarebytes
2011-06-20 20:51 . 2011-05-29 07:11 25912 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-06-20 20:51 . 2011-06-20 20:52 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2011-06-20 20:46 . 2011-06-20 20:46 -------- d-----w- c:\users\JAUZE\AppData\Local\{EC255602-DEF2-4136-A32E-0B495CE558BD}
2011-06-19 16:08 . 2011-06-19 16:08 -------- d-----w- c:\program files (x86)\Ad-Remover
2011-06-19 16:03 . 2011-06-19 16:03 -------- d-----w- c:\users\JAUZE\AppData\Local\{DB06E3AB-FA24-4CE7-A009-9C7FBDAABD72}
2011-06-18 20:24 . 2011-06-27 20:38 -------- d-----w- c:\program files (x86)\trend micro
2011-06-18 20:24 . 2011-06-18 20:24 -------- d-----w- C:\rsit
2011-06-18 19:48 . 2011-06-18 19:48 -------- d-----w- c:\users\JAUZE\AppData\Local\{F9F832B2-6EF6-480B-9C16-9413739FEE2E}
2011-06-17 18:48 . 2011-06-17 18:48 -------- d-----w- c:\users\JAUZE\AppData\Local\{C129A61D-2BBB-4C16-A4F4-B4135AD97DF9}
2011-06-17 10:19 . 2011-06-17 10:19 -------- d-----w- c:\program files (x86)\Common Files\Adobe
2011-06-17 02:48 . 2011-06-17 02:48 -------- d--h--w- c:\windows\msdownld.tmp
2011-06-17 02:31 . 2011-06-17 02:32 -------- d-----w- c:\users\JAUZE\AppData\Local\{E7E6E131-1EDF-4986-A73B-C1D036D01F24}
2011-06-16 17:51 . 2011-06-16 17:51 -------- d-----w- c:\program files (x86)\Common Files\Java
2011-06-16 10:28 . 2011-06-16 10:28 -------- d-----w- c:\users\JAUZE\AppData\Local\{2D9E14AC-D9DA-4FAE-8F3D-632EF692EEC8}
2011-06-15 21:47 . 2011-06-15 21:47 -------- d-----w- c:\users\JAUZE\AppData\Local\{E0340786-299B-4D3B-BF4A-3E2FFE5CEE0E}
2011-06-15 21:43 . 2011-06-15 21:43 -------- d-----w- c:\users\JAUZE\AppData\Local\{B4581FCF-12A2-4F7D-9F1E-81C8DFE7DF12}
2011-06-15 09:42 . 2011-06-15 09:42 -------- d-----w- c:\users\JAUZE\AppData\Local\{75BDAC66-A33D-4806-96C3-9623FFF3B07B}
2011-06-15 00:12 . 2011-06-15 00:12 404640 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-06-15 00:00 . 2011-06-15 00:00 -------- d-----w- c:\windows\SysWow64\wbem\en-US
2011-06-15 00:00 . 2011-06-15 00:00 -------- d-----w- c:\windows\system32\wbem\en-US
2011-06-14 20:00 . 2011-06-14 20:00 -------- d-----w- c:\users\JAUZE\AppData\Local\{C6409D8C-88F9-480B-AB1E-CFF10AE5671D}
2011-06-14 19:59 . 2011-06-14 20:00 -------- d-----w- c:\users\JAUZE\AppData\Local\{FF94E10D-9BA4-4978-A0E6-7BC1B2F9AD99}
2011-06-14 07:59 . 2011-06-14 07:59 -------- d-----w- c:\users\JAUZE\AppData\Local\{4C3BAD3F-CBEF-48FA-B48F-FB6C073590B2}
2011-06-13 19:33 . 2011-06-13 19:33 -------- d-----w- c:\users\JAUZE\AppData\Local\{01C11DC6-D813-40C8-966A-5A91ABF3BF25}
2011-06-13 02:57 . 2011-06-13 02:57 -------- d-----w- c:\users\JAUZE\AppData\Local\{7CA8D554-5DE8-47E2-B297-C3F05BABD47D}
2011-06-12 13:18 . 2011-06-12 13:18 -------- d-----w- c:\users\JAUZE\AppData\Local\{F45962C5-13AF-4C17-A6B8-E659837E51FC}
2011-06-11 15:53 . 2011-06-11 15:53 -------- d-----w- c:\users\JAUZE\AppData\Local\{E02F60EA-BB1E-4F48-915C-144ECD21361E}
2011-06-10 17:59 . 2011-06-10 17:59 -------- d-----w- c:\users\JAUZE\AppData\Local\{434D8E15-0C8D-4F19-B4C5-0AF4C807E3DE}
2011-06-09 10:41 . 2011-06-09 10:41 -------- d-----w- c:\users\JAUZE\AppData\Local\{3A1B4B6F-D7AC-46ED-B892-74251B45960D}
2011-06-07 19:26 . 2011-06-07 19:27 -------- d-----w- c:\users\JAUZE\AppData\Local\{909693E1-A0B0-464A-BBB3-BDCD816AE4EB}
2011-06-06 10:55 . 2011-06-06 10:55 183696 ----a-w- c:\program files (x86)\Mozilla Firefox\plugins\nppdf32.dll
2011-06-06 10:55 . 2011-06-06 10:55 183696 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\nppdf32.dll
2011-06-05 20:46 . 2011-06-05 20:46 -------- d-----w- c:\users\JAUZE\AppData\Local\{53D709AE-CE7F-4971-B84F-E7BD0024844E}
2011-06-05 00:02 . 2011-06-05 00:02 -------- d-----w- c:\users\JAUZE\AppData\Local\{23F2AA8D-0A1E-4B4D-804B-65CC50944F72}
2011-06-05 00:01 . 2011-06-05 00:01 -------- d-----w- c:\users\JAUZE\AppData\Local\{26721593-4193-475F-8CBC-0A81481A4404}
2011-06-04 12:01 . 2011-06-04 12:01 -------- d-----w- c:\users\JAUZE\AppData\Local\{B54F0C75-F403-458F-A3BA-1C602C4E078F}
2011-06-03 10:14 . 2011-06-03 10:14 -------- d-----w- c:\users\JAUZE\AppData\Local\{F3888F89-7DEE-40AB-B9FB-328CB6E924C9}
2011-06-01 01:08 . 2011-06-01 01:08 -------- d-----w- c:\users\JAUZE\AppData\Local\{001416B1-742C-429D-B137-63D8C4443F2A}
2011-05-31 13:07 . 2011-05-31 13:07 -------- d-----w- c:\users\JAUZE\AppData\Local\{C92B9EE3-A958-4E30-90BA-6BCA58EBE10F}
2011-05-31 00:29 . 2011-05-31 00:29 -------- d-----w- c:\users\JAUZE\AppData\Local\{1AED878B-2168-443F-A27F-1B28EF50EC34}
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-06-10 21:36 . 2011-01-07 13:48 2306328 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
2011-06-10 21:36 . 2011-01-07 13:37 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2011-06-07 17:10 . 2011-01-07 16:48 8873296 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2011-05-04 02:52 . 2010-12-25 21:42 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2011-05-03 21:13 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2011-05-03 21:12 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2011-04-22 22:15 . 2011-05-25 08:40 27520 ----a-w- c:\windows\system32\drivers\Diskdump.sys
2011-04-20 22:03 . 2011-04-20 22:03 2306328 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll
2011-04-20 22:03 . 2011-04-20 22:03 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll
2011-04-09 07:02 . 2011-05-12 09:55 5562240 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-04-09 06:58 . 2011-05-24 14:48 142336 ----a-w- c:\windows\system32\poqexec.exe
2011-04-09 06:02 . 2011-05-12 09:55 3967872 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2011-04-09 06:02 . 2011-05-12 09:55 3912576 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2011-04-09 05:56 . 2011-05-24 14:48 123904 ----a-w- c:\windows\SysWow64\poqexec.exe
2011-04-08 21:00 . 2011-04-08 21:00 464896 ----a-w- c:\windows\system32\ipcoin815.dll
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HPAdvisorDock"="c:\program files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe" [2010-01-27 1712184]
"LightScribe Control Panel"="c:\program files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" [2010-01-22 2363392]
"msnmsgr"="c:\program files (x86)\Windows Live\Messenger\msnmsgr.exe" [2010-11-10 4240760]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2011-06-17 2988928]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-01-22 98304]
"HP Envy Guides AutoPlay"="c:\program files (x86)\Hewlett-Packard\HP ENVY Document Card Utilities\hpdocstart.exe" [2010-03-24 76584]
"Easybits Recovery"="c:\program files (x86)\EasyBits For Kids\ezRecover.exe" [2010-01-25 61112]
"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-29 421888]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-12-29 1082656]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"HideFastUserSwitching"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"EnableShellExecuteHooks"= 1 (0x1)
.
[hkey_local_machine\software\Wow6432Node\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 HP Wireless Assistant Service;HP Wireless Assistant Service;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2009-12-16 102968]
R3 hpdoccardsvc;HP Documention Flash Card Detection Service;c:\program files (x86)\Hewlett-Packard\HP ENVY Document Card Utilities\doccardsvc.exe [2010-03-24 83240]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [x]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Inspection réseau Microsoft;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2010-11-11 282616]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S1 DVMIO;DeviceVM IO Service;c:\windows\system32\DRIVERS\dvmio.sys [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2010-02-17 14920]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2010-02-17 12360]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2010-06-29 128752]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_1c0e2d1db9f5b08e\AESTSr64.exe [2009-03-03 89600]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 DvmMDES;DeviceVM Meta Data Export Service;c:\swsetup\QuickWeb\QW.SYS\config\DVMExportService.exe [2010-02-08 338168]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-03-28 94264]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [x]
S2 HPWMISVC;HPWMISVC;c:\program files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-01-18 20480]
S2 IDMWFP;IDMWFP;c:\windows\system32\DRIVERS\idmwfp.sys [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-05-01 2533400]
S2 vcsFPService;Validity VCS Fingerprint Service;c:\windows\system32\vcsFPService.exe [2010-01-05 2184496]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atipmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [x]
S3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys [x]
S3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2010-01-22 09:06 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
Contenu du dossier 'Tâches planifiées'
.
2011-06-14 c:\windows\Tasks\HPCeeScheduleForJAUZE.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-01-05 01:53]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IDM Shell Extension]
@="{CDC95B92-E27C-4745-A8C5-64A52A78855D}"
[HKEY_CLASSES_ROOT\CLSID\{CDC95B92-E27C-4745-A8C5-64A52A78855D}]
2010-09-29 20:53 99128 ----a-w- c:\program files (x86)\Internet Download Manager\IDMShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"combofix"="c:\combofix_0013833c\CF26498.cfxxe" [X]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-01-22 166424]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-01-22 390680]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-01-22 410136]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2010-01-14 487424]
"HP Quick Launch"="c:\program files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" [2010-01-18 451072]
"SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2010-01-20 611896]
"HPToneControl"="c:\program files\Hewlett-Packard\HPToneControl\HPTonectl.exe" [2009-08-19 107832]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2010-05-18 172032]
"HPWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe" [2009-12-16 8192]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2010-11-30 1436224]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2010-07-21 2327952]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Examen supplémentaire -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Envoyer au périphérique &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: Envoyer l'&image au périphérique Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Télécharger avec IDM - c:\program files (x86)\Internet Download Manager\IEExt.htm
IE: Télécharger le contenu de video FLV avec IDM - c:\program files (x86)\Internet Download Manager\IEGetVL.htm
IE: Télécharger tous les liens avec IDM - c:\program files (x86)\Internet Download Manager\IEGetAll.htm
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\JAUZE\AppData\Roaming\Mozilla\Firefox\Profiles\o7gvq566.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2465030&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - www.aliceadsl.fr
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2465030&q=
FF - user.js: yahoo.homepage.dontask - true
.
- - - - ORPHELINS SUPPRIMES - - - -
.
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-EasyBits Magic Desktop - c:\windows\system32\ezMDUninstall.exe
AddRemove-{08DB3902-2CE0-474D-BCE3-0177766CE9F1} - c:\program files (x86)\InstallShield Installation Information\{08DB3902-2CE0-474D-BCE3-0177766CE9F1}\setup.exe
.
.
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_USERS\S-1-5-21-1208545177-2458381507-1022432816-1001_Classes\Wow6432Node\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):88,ae,8d,4c,99,d2,3f,75,d1,88,da,a6,b2,c7,16,04,cb,ee,7c,c6,ff,
57,7e,9c,57,fb,0e,a9,00,02,58,36,a9,40,c5,c7,0d,d1,c7,cc,00,00,00,00,00,00,\
.
[HKEY_USERS\S-1-5-21-1208545177-2458381507-1022432816-1001_Classes\Wow6432Node\CLSID\{d65ef4c9-3cbc-4d5f-9341-d21c45e0165b}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"MData"=hex(0):73,d5,cf,b8,a4,07,89,80,31,e4,35,6b,2a,ca,fe,43,b6,1f,81,1f,5a,
1b,4d,36,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10d.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10d.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Autres processus actifs ------------------------
.
c:\program files (x86)\DigitalPersona\Bin\DPAgent.exe
c:\windows\SysWOW64\ezSharedSvcHost.exe
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Heure de fin: 2011-06-29 23:24:38 - La machine a redémarré
ComboFix-quarantined-files.txt 2011-06-29 21:24
.
Avant-CF: 408 913 743 872 octets libres
Après-CF: 408 239 353 856 octets libres
.
- - End Of File - - 0ED98EBB21E85F66D67FEA91188FAF68

Merci pour votre aide.
a+

Autres pages sur : rapport combo fix

Tom's guide dans le monde
  • Allemagne
  • Italie
  • Irlande
  • Royaume Uni
  • Etats Unis
Suivre Tom's Guide
Inscrivez-vous à la Newsletter
  • ajouter à twitter
  • ajouter à facebook
  • ajouter un flux RSS