Analyse rapport CombiFix

[jlsj]

Bonjour,

 

Est-ce que quequ'un peut me décrypter le rapport CombiFix ci-dessous SVP

 

Merci par avance

 

 

ComboFix 13-04-26.01 - SAINT JALMES 26/04/2013 14:11:07.1.4 - x64

Microsoft Windows 7 Édition Familiale Premium 6.1.7601.1.1252.33.1036.18.8170.6336 [GMT 2:00]

Lancé depuis: c:\users\SAINT JALMES\Downloads\ComboFix.exe

AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}

SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}

SP: Spybot - Search and Destroy *Enabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\users\SAINT JALMES\AppData\Local\assembly\tmp

.

.

((((((((((((((((((((((((((((( Fichiers créés du 2013-03-26 au 2013-04-26 ))))))))))))))))))))))))))))))))))))

.

.

2013-04-26 12:21 . 2013-04-26 12:21 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp

2013-04-26 12:21 . 2013-04-26 12:21 -------- d-----w- c:\users\Default\AppData\Local\temp

2013-04-26 03:41 . 2013-04-26 03:41 76232 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A00A16B5-82B6-4D77-8454-894C507782AC}\offreg.dll

2013-04-25 13:00 . 2013-04-25 13:00 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware

2013-04-25 13:00 . 2013-04-04 12:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys

2013-04-23 21:30 . 2013-04-10 03:46 9317456 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A00A16B5-82B6-4D77-8454-894C507782AC}\mpengine.dll

2013-04-23 21:20 . 2013-04-12 14:45 1656680 ----a-w- c:\windows\system32\drivers\ntfs.sys

2013-04-23 15:05 . 2013-04-23 17:10 -------- d-----w- c:\programdata\Spybot - Search & Destroy

2013-04-23 15:04 . 2009-01-25 10:14 17272 ----a-w- c:\windows\system32\sdnclean64.exe

2013-04-23 15:04 . 2013-04-23 15:36 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy 2

2013-04-23 14:50 . 2013-04-23 14:50 -------- d-----w- c:\program files (x86)\Common Files\Java

2013-04-23 14:50 . 2013-04-04 03:35 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll

2013-04-23 14:26 . 2013-04-23 14:26 -------- d-----w- c:\program files\Enigma Software Group

2013-04-23 14:26 . 2013-04-23 14:45 -------- d-----w- c:\windows\6B6C4C461B7E4A419E70ACFBB22B1D81.TMP

2013-04-23 14:26 . 2013-04-23 14:26 -------- d-----w- c:\program files (x86)\Common Files\Wise Installation Wizard

2013-04-23 11:11 . 2013-04-23 11:11 -------- d-----w- c:\users\SAINT JALMES\AppData\Roaming\LavasoftStatistics

2013-04-23 09:39 . 2013-04-23 09:39 -------- d-----w- c:\programdata\Downloaded Installations

2013-04-23 09:39 . 2013-04-23 09:39 -------- d-----w- c:\programdata\blekko toolbars

2013-04-23 09:38 . 2013-04-23 09:39 -------- d-----w- c:\program files (x86)\adawaretb

2013-04-23 09:38 . 2013-04-23 09:38 -------- d-----w- c:\program files (x86)\Toolbar Cleaner

2013-04-23 09:34 . 2013-04-23 09:34 14456 ----a-w- c:\windows\system32\drivers\gfibto.sys

2013-04-20 21:10 . 2013-04-20 21:10 -------- d-----w- c:\users\SAINT JALMES\AppData\Roaming\Malwarebytes

2013-04-20 21:09 . 2013-04-20 21:09 -------- d-----w- c:\programdata\Malwarebytes

2013-04-15 12:45 . 2013-04-15 12:45 -------- d-----w- c:\program files\Creevity Mp3 Cover Downloader

2013-04-12 15:39 . 2013-04-10 06:57 263064 ----a-w- c:\program files (x86)\Mozilla Firefox\components\browsercomps.dll

2013-04-12 15:39 . 2013-04-10 06:57 26520 ----a-w- c:\program files (x86)\Mozilla Firefox\plugin-hang-ui.exe

2013-04-10 01:09 . 2013-03-01 03:36 3153408 ----a-w- c:\windows\system32\win32k.sys

2013-04-10 01:03 . 2013-01-24 06:01 223752 ----a-w- c:\windows\system32\drivers\fvevol.sys

2013-04-10 01:03 . 2013-03-19 06:04 5550424 ----a-w- c:\windows\system32\ntoskrnl.exe

2013-04-10 01:03 . 2013-03-19 05:46 43520 ----a-w- c:\windows\system32\csrsrv.dll

2013-04-10 01:03 . 2013-03-19 05:04 3968856 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe

2013-04-10 01:03 . 2013-03-19 05:04 3913560 ----a-w- c:\windows\SysWow64\ntoskrnl.exe

2013-04-10 01:03 . 2013-03-19 04:47 6656 ----a-w- c:\windows\SysWow64\apisetschema.dll

2013-04-10 01:03 . 2013-03-19 03:06 112640 ----a-w- c:\windows\system32\smss.exe

2013-04-03 20:05 . 2013-04-03 20:05 -------- d-----w- c:\program files (x86)\e-Carte Bleue Caisse d'Epargne

2013-03-28 11:28 . 2013-03-28 11:28 -------- d-----w- c:\program files\Western Digital Corp

2013-03-28 11:28 . 2013-03-28 11:28 -------- d-----w- c:\program files (x86)\Western Digital Corp

.

.

.

(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))

.

2013-04-12 15:34 . 2013-02-28 15:14 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2013-04-12 15:34 . 2013-02-28 15:14 691592 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe

2013-04-10 07:58 . 2013-02-26 16:44 72702784 ----a-w- c:\windows\system32\MRT.exe

2013-03-15 09:44 . 2013-03-15 09:44 53248 ----a-r- c:\users\SAINT JALMES\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe

2013-03-15 09:44 . 2013-02-27 14:24 18960 ----a-w- c:\windows\system32\drivers\LNonPnP.sys

2013-03-11 23:10 . 2010-11-21 03:27 282744 ------w- c:\windows\system32\MpSigStub.exe

2013-03-06 23:33 . 2013-03-01 07:50 178624 ----a-w- c:\windows\system32\drivers\aswVmm.sys

2013-03-06 23:33 . 2013-03-01 07:50 65336 ----a-w- c:\windows\system32\drivers\aswRvrt.sys

2013-03-06 23:33 . 2013-02-27 11:01 377920 ----a-w- c:\windows\system32\drivers\aswSP.sys

2013-03-06 23:33 . 2013-02-27 11:01 70992 ----a-w- c:\windows\system32\drivers\aswRdr2.sys

2013-03-06 23:33 . 2013-02-27 11:01 68920 ----a-w- c:\windows\system32\drivers\aswTdi.sys

2013-03-06 23:33 . 2013-02-27 11:01 1025808 ----a-w- c:\windows\system32\drivers\aswSnx.sys

2013-03-06 23:33 . 2013-03-13 13:17 22600 ----a-w- c:\windows\system32\drivers\aswKbd.sys

2013-03-06 23:33 . 2013-02-27 11:01 33400 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys

2013-03-06 23:33 . 2013-02-27 11:01 80816 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys

2013-03-06 23:32 . 2013-02-27 11:00 41664 ----a-w- c:\windows\avastSS.scr

2013-03-06 23:32 . 2013-02-27 11:01 287840 ----a-w- c:\windows\system32\aswBoot.exe

2013-03-06 06:29 . 2013-03-01 10:58 861088 ----a-w- c:\windows\SysWow64\npDeployJava1.dll

2013-03-06 06:29 . 2013-03-01 10:58 782240 ----a-w- c:\windows\SysWow64\deployJava1.dll

2013-02-28 22:31 . 2013-02-28 22:27 963488 ----a-w- c:\windows\system32\deployJava1.dll

2013-02-28 22:31 . 2013-02-28 22:27 1085344 ----a-w- c:\windows\system32\npDeployJava1.dll

2013-02-26 16:29 . 2013-02-26 16:29 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe

2013-02-26 16:29 . 2013-02-26 16:29 89088 ----a-w- c:\windows\system32\ie4uinit.exe

2013-02-26 16:29 . 2013-02-26 16:29 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll

2013-02-26 16:29 . 2013-02-26 16:29 85504 ----a-w- c:\windows\system32\iesetup.dll

2013-02-26 16:29 . 2013-02-26 16:29 82432 ----a-w- c:\windows\system32\icardie.dll

2013-02-26 16:29 . 2013-02-26 16:29 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe

2013-02-26 16:29 . 2013-02-26 16:29 76800 ----a-w- c:\windows\system32\tdc.ocx

2013-02-26 16:29 . 2013-02-26 16:29 74752 ----a-w- c:\windows\SysWow64\iesetup.dll

2013-02-26 16:29 . 2013-02-26 16:29 65024 ----a-w- c:\windows\system32\pngfilt.dll

2013-02-26 16:29 . 2013-02-26 16:29 63488 ----a-w- c:\windows\SysWow64\tdc.ocx

2013-02-26 16:29 . 2013-02-26 16:29 55296 ----a-w- c:\windows\system32\msfeedsbs.dll

2013-02-26 16:29 . 2013-02-26 16:29 534528 ----a-w- c:\windows\system32\ieapfltr.dll

2013-02-26 16:29 . 2013-02-26 16:29 49664 ----a-w- c:\windows\system32\imgutil.dll

2013-02-26 16:29 . 2013-02-26 16:29 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll

2013-02-26 16:29 . 2013-02-26 16:29 48640 ----a-w- c:\windows\system32\mshtmler.dll

2013-02-26 16:29 . 2013-02-26 16:29 452608 ----a-w- c:\windows\system32\dxtmsft.dll

2013-02-26 16:29 . 2013-02-26 16:29 448512 ----a-w- c:\windows\system32\html.iec

2013-02-26 16:29 . 2013-02-26 16:29 403248 ----a-w- c:\windows\system32\iedkcs32.dll

2013-02-26 16:29 . 2013-02-26 16:29 39936 ----a-w- c:\windows\system32\iernonce.dll

2013-02-26 16:29 . 2013-02-26 16:29 3695416 ----a-w- c:\windows\system32\ieapfltr.dat

2013-02-26 16:29 . 2013-02-26 16:29 367104 ----a-w- c:\windows\SysWow64\html.iec

2013-02-26 16:29 . 2013-02-26 16:29 35840 ----a-w- c:\windows\SysWow64\imgutil.dll

2013-02-26 16:29 . 2013-02-26 16:29 30720 ----a-w- c:\windows\system32\licmgr10.dll

2013-02-26 16:29 . 2013-02-26 16:29 282112 ----a-w- c:\windows\system32\dxtrans.dll

2013-02-26 16:29 . 2013-02-26 16:29 267776 ----a-w- c:\windows\system32\ieaksie.dll

2013-02-26 16:29 . 2013-02-26 16:29 249344 ----a-w- c:\windows\system32\webcheck.dll

2013-02-26 16:29 . 2013-02-26 16:29 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll

2013-02-26 16:29 . 2013-02-26 16:29 222208 ----a-w- c:\windows\system32\msls31.dll

2013-02-26 16:29 . 2013-02-26 16:29 197120 ----a-w- c:\windows\system32\msrating.dll

2013-02-26 16:29 . 2013-02-26 16:29 165888 ----a-w- c:\windows\system32\iexpress.exe

2013-02-26 16:29 . 2013-02-26 16:29 163840 ----a-w- c:\windows\system32\ieakui.dll

2013-02-26 16:29 . 2013-02-26 16:29 161792 ----a-w- c:\windows\SysWow64\msls31.dll

2013-02-26 16:29 . 2013-02-26 16:29 160256 ----a-w- c:\windows\system32\wextract.exe

2013-02-26 16:29 . 2013-02-26 16:29 160256 ----a-w- c:\windows\system32\ieakeng.dll

2013-02-26 16:29 . 2013-02-26 16:29 152064 ----a-w- c:\windows\SysWow64\wextract.exe

2013-02-26 16:29 . 2013-02-26 16:29 150528 ----a-w- c:\windows\SysWow64\iexpress.exe

2013-02-26 16:29 . 2013-02-26 16:29 149504 ----a-w- c:\windows\system32\occache.dll

2013-02-26 16:29 . 2013-02-26 16:29 145920 ----a-w- c:\windows\system32\iepeers.dll

2013-02-26 16:29 . 2013-02-26 16:29 135168 ----a-w- c:\windows\system32\IEAdvpack.dll

2013-02-26 16:29 . 2013-02-26 16:29 12288 ----a-w- c:\windows\system32\mshta.exe

2013-02-26 16:29 . 2013-02-26 16:29 11776 ----a-w- c:\windows\SysWow64\mshta.exe

2013-02-26 16:29 . 2013-02-26 16:29 114176 ----a-w- c:\windows\system32\admparse.dll

2013-02-26 16:29 . 2013-02-26 16:29 111616 ----a-w- c:\windows\system32\iesysprep.dll

2013-02-26 16:29 . 2013-02-26 16:29 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll

2013-02-26 16:29 . 2013-02-26 16:29 10752 ----a-w- c:\windows\system32\msfeedssync.exe

2013-02-26 16:29 . 2013-02-26 16:29 103936 ----a-w- c:\windows\system32\inseng.dll

2013-02-26 16:29 . 2013-02-26 16:29 101888 ----a-w- c:\windows\SysWow64\admparse.dll

2013-02-25 23:32 . 2013-02-25 23:32 25256224 ----a-w- c:\windows\system32\nvcompiler.dll

2013-02-25 23:32 . 2013-02-25 23:32 2505144 ----a-w- c:\windows\SysWow64\nvapi.dll

2013-02-25 23:32 . 2013-02-25 23:32 15129960 ----a-w- c:\windows\SysWow64\nvd3dum.dll

2013-02-25 23:32 . 2013-02-25 23:32 6262608 ----a-w- c:\windows\SysWow64\nvopencl.dll

2013-02-25 23:32 . 2012-10-10 20:23 2826040 ----a-w- c:\windows\system32\nvapi64.dll

2013-02-25 23:32 . 2012-10-10 20:23 18055184 ----a-w- c:\windows\system32\nvd3dumx.dll

2013-02-25 23:32 . 2012-10-10 20:22 1814304 ----a-w- c:\windows\system32\nvdispco64.dll

2013-02-25 23:32 . 2013-02-25 23:32 2720544 ----a-w- c:\windows\SysWow64\nvcuvid.dll

2013-02-25 23:32 . 2013-02-25 23:32 26929440 ----a-w- c:\windows\system32\nvoglv64.dll

2013-02-25 23:32 . 2013-02-25 23:32 7932256 ----a-w- c:\windows\SysWow64\nvcuda.dll

2013-02-25 23:32 . 2013-02-25 23:32 2346784 ----a-w- c:\windows\system32\nvcuvenc.dll

2013-02-25 23:32 . 2013-02-25 23:32 11036448 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys

2013-02-25 23:32 . 2012-10-10 20:23 1510176 ----a-w- c:\windows\system32\nvdispgenco64.dll

2013-02-25 23:32 . 2013-02-25 23:32 2904352 ----a-w- c:\windows\system32\nvcuvid.dll

2013-02-25 23:32 . 2013-02-25 23:32 20449056 ----a-w- c:\windows\SysWow64\nvoglv32.dll

2013-02-25 23:32 . 2009-07-13 21:59 15053264 ----a-w- c:\windows\system32\nvwgf2umx.dll

2013-02-25 23:32 . 2013-02-25 23:32 17560352 ----a-w- c:\windows\SysWow64\nvcompiler.dll

2013-02-25 23:32 . 2013-02-25 23:32 7564040 ----a-w- c:\windows\system32\nvopencl.dll

2013-02-25 23:32 . 2013-02-25 23:32 1985824 ----a-w- c:\windows\SysWow64\nvcuvenc.dll

2013-02-25 23:32 . 2013-02-25 23:32 12641992 ----a-w- c:\windows\SysWow64\nvwgf2um.dll

2013-02-25 23:32 . 2013-02-25 23:32 9390760 ----a-w- c:\windows\system32\nvcuda.dll

2013-02-12 05:45 . 2013-03-13 04:15 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll

2013-02-12 05:45 . 2013-03-13 04:15 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll

2013-02-12 05:45 . 2013-03-13 04:15 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll

2013-02-12 05:45 . 2013-03-13 04:15 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll

2013-02-12 04:48 . 2013-03-13 04:15 474112 ----a-w- c:\windows\apppatch\AcSpecfc.dll

2013-02-12 04:48 . 2013-03-13 04:15 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll

2013-02-12 04:12 . 2013-03-15 09:56 19968 ----a-w- c:\windows\system32\drivers\usb8023.sys

2012-07-12 08:19 . 2012-07-12 08:19 2174976 ----a-w- c:\program files (x86)\Common Files\atimpenc.dll

.

.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]

"iCloudServices"="c:\program files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" [2012-12-17 59872]

"ApplePhotoStreams"="c:\program files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe" [2012-12-17 59872]

"com.apple.dav.bookmarks.daemon"="c:\program files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe" [2012-12-17 59872]

"Spybot-S&D Cleaning"="c:\program files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" [2012-11-13 3713032]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-03-06 4767304]

"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-01-28 59720]

"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-02-20 152392]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]

"SDTray"="c:\program files (x86)\Spybot - Search & Destroy 2\SDTray.exe" [2012-11-13 3825176]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]

"Malwarebytes Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2013-04-04 532040]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

"PromptOnSecureDesktop"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean64.exe

.

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376]

R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]

R3 AsrCDDrv;AsrCDDrv;c:\windows\SysWOW64\Drivers\AsrCDDrv.sys [x]

R3 driverhardwarev2x64;driverhardwarev2x64;c:\program files\ma-config.com\Drivers\driverhardwarev2x64.sys [2011-07-21 16640]

R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [x]

R3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\x64\maconfservice.exe [2013-02-05 428928]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-04-04 25928]

R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]

R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]

R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-12-13 54784]

R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2013-02-26 1255736]

S0 aswRvrt;aswRvrt; [x]

S0 aswVmm;aswVmm; [x]

S0 gfibto;gfibto;c:\windows\system32\drivers\gfibto.sys [2013-04-23 14456]

S1 AsrAppCharger;AsrAppCharger;c:\windows\system32\DRIVERS\AsrAppCharger.sys [2011-05-10 17192]

S1 aswKbd;aswKbd; [x]

S1 aswSnx;aswSnx; [x]

S1 aswSP;aswSP; [x]

S2 aswFsBlk;aswFsBlk; [x]

S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-03-06 80816]

S2 Dokan;Dokan;c:\windows\system32\drivers\dokan.sys [2012-07-18 112296]

S2 DokanMounter;DokanMounter;c:\program files\Orange\mes contenus - mon disque\mounter.exe [2012-07-20 64384]

S2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2012-11-13 1103392]

S2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2012-11-13 1369624]

S2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2012-11-13 168384]

S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-01-18 383264]

S2 UMVPFSrv;UMVPFSrv;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2012-01-18 450848]

S3 amdhub30;AMD USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\amdhub30.sys [2011-03-18 87168]

S3 amdxhc;AMD USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\amdxhc.sys [2011-03-18 188544]

S3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys [2012-01-18 351136]

S3 LVUVC64;Logitech Webcam 500(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys [2012-01-18 4865568]

S3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys [2009-11-17 32344]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-04-21 471144]

.

.

--- Autres Services/Pilotes en mémoire ---

.

*NewlyCreated* - MBAMPROTECTOR

.

Contenu du dossier 'Tâches planifiées'

.

2013-04-26 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-02-28 15:34]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]

@="{472083B0-C522-11CF-8763-00608CC02F24}"

[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]

2013-03-06 23:32 133840 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-06-09 11860072]

"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2013-02-21 2991856]

.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService

FontCache

.

------- Examen supplémentaire -------

.

uLocal Page = c:\windows\system32\blank.htm

uStart Page = hxxp://www.mystart.com/?pr=vmn&id=vmn_ada&v=1_2

uInternet Settings,ProxyOverride = *.local

IE: E&xporter vers Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000

TCP: DhcpNameServer = 192.168.1.1

FF - ProfilePath - c:\users\SAINT JALMES\AppData\Roaming\Mozilla\Firefox\Profiles\fubatsbt.default\

FF - prefs.js: browser.search.selectedEngine - Google

FF - prefs.js: browser.startup.homepage - hxxp://www.orange.fr

FF - prefs.js: keyword.URL - hxxp://www.mystart.com/results.php?pr=vmn&id=vmn_ada&v=1_2&ent=ch&q=

FF - ExtSQL: 2013-02-27 12:05; wrc@avast.com; c:\program files\AVAST Software\Avast\WebRep\FF

FF - ExtSQL: 2013-02-27 15:24; {F003DA68-8256-4b37-A6C4-350FA04494DF}; c:\program files\Logitech\SetPointP\LogiSmoothFirefoxExt

FF - ExtSQL: 2013-03-14 15:35; {195A3098-0BD5-4e90-AE22-BA1C540AFD1E}; c:\users\SAINT JALMES\AppData\Roaming\Mozilla\Firefox\Profiles\fubatsbt.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}

FF - ExtSQL: 2013-03-25 22:33; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; c:\users\SAINT JALMES\AppData\Roaming\Mozilla\Firefox\Profiles\fubatsbt.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

FF - ExtSQL: 2013-04-23 11:38; jid1-yZwVFzbsyfMrqQ@jetpack; c:\users\SAINT JALMES\AppData\Roaming\Mozilla\Firefox\Profiles\fubatsbt.default\extensions\jid1-yZwVFzbsyfMrqQ@jetpack

.

- - - - ORPHELINS SUPPRIMES - - - -

.

Notify-SDWinLogon - SDWinLogon.dll

.

.

.

--------------------- CLES DE REGISTRE BLOQUEES ---------------------

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_169_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_169_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_169_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_169_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_169.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.11"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_169.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_169.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_169.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Heure de fin: 2013-04-26 14:42:31

ComboFix-quarantined-files.txt 2013-04-26 12:42

.

Avant-CF: 152 913 117 184 octets libres

Après-CF: 152 375 672 832 octets libres

.

- - End Of File - - B0614FCCC71055E525A393783ACB2D3E

[pear]

Répondez d'abord à ce sujet

malware - Forums Zebulon.fr