Fichiers de windows infecté

ComboFix 15-06-30.01 - Pacome 02/07/2015 12:22:35.3.2 - x86
Microsoft Windows 7 Professionnel 6.1.7601.1.1252.33.1036.18.3070.2059 [GMT 2:00]
Lancé depuis: c:\users\Pacome\Downloads\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\System32\iscsicli.exe . . . est infecté!!
.
c:\windows\System32\Speech\SpeechUX\SpeechUXTutorial.exe . . . est infecté!!
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2015-06-02 au 2015-07-02 ))))))))))))))))))))))))))))))))))))
.
.
2015-07-02 10:44 . 2015-07-02 10:44 -------- d-----w- c:\users\Public\AppData\Local\temp
2015-07-02 10:44 . 2015-07-02 10:44 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-07-01 23:23 . 2015-07-02 10:04 -------- d-----w- c:\users\Pacome\AppData\Local\CrashDumps
2015-07-01 22:42 . 2015-07-01 22:42 -------- d-----w- c:\users\Pacome\AppData\Local\openvr
2015-07-01 18:36 . 2015-07-01 18:36 35064 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2015-07-01 18:35 . 2015-07-01 18:47 -------- d-----w- c:\programdata\RogueKiller
2015-07-01 18:27 . 2015-07-02 10:44 -------- d-----w- c:\users\Pacome\AppData\Local\Temp
2015-06-30 19:29 . 2015-06-30 19:29 62576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{AB754B17-EF1D-4E0D-B345-BC1EDFD71A67}\offreg.2448.dll
2015-06-30 16:28 . 2015-06-30 16:28 -------- d-----w- c:\program files\VirtualDJ
2015-06-30 15:38 . 2015-06-12 07:54 9252600 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{AB754B17-EF1D-4E0D-B345-BC1EDFD71A67}\mpengine.dll
2015-06-28 20:50 . 2015-07-01 18:30 -------- d-----w- c:\users\Pacome\AppData\Roaming\BitTorrent
2015-06-23 20:30 . 2015-06-23 20:30 -------- d-----w- c:\users\Pacome\AppData\Roaming\TERA
2015-06-23 20:28 . 2015-06-23 20:28 -------- d-----w- c:\users\Pacome\AppData\Local\Gameforge4d
2015-06-23 20:27 . 2015-06-23 20:28 -------- d-----w- c:\program files\GameforgeLive
2015-06-22 22:49 . 2015-06-22 22:49 -------- d-----w- c:\users\Pacome\AppData\Roaming\MAXON
2015-06-22 22:46 . 2015-06-23 10:22 -------- d-----w- c:\program files\Cinema 4D R12
2015-06-18 14:37 . 2008-10-15 04:22 452440 ----a-w- c:\windows\system32\d3dx10_40.dll
2015-06-18 14:37 . 2008-10-15 04:22 4379984 ----a-w- c:\windows\system32\D3DX9_40.dll
2015-06-18 14:37 . 2008-10-15 04:22 2036576 ----a-w- c:\windows\system32\D3DCompiler_40.dll
2015-06-13 08:17 . 2015-06-13 08:17 -------- d-----w- c:\program files\ADVANCE
2015-06-13 08:17 . 2001-09-06 09:18 225280 ------w- c:\program files\Common Files\InstallShield\IScript\iscript.dll
2015-06-13 08:17 . 2001-09-05 02:14 176128 ----a-w- c:\program files\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll
2015-06-13 08:17 . 2001-09-05 02:13 32768 ----a-w- c:\program files\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll
2015-06-13 08:17 . 2001-09-05 02:18 77824 ----a-w- c:\program files\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll
2015-06-11 20:11 . 2015-06-11 20:11 -------- d-----w- C:\found.000
2015-06-11 19:43 . 2015-06-11 19:49 -------- d-----w- c:\programdata\inf
2015-06-11 10:35 . 2015-05-25 17:00 2384384 ----a-w- c:\windows\system32\win32k.sys
2015-06-05 17:06 . 2015-07-02 10:02 -------- d-----w- c:\users\Pacome\AppData\Roaming\vlc
2015-06-05 17:05 . 2015-06-05 17:05 -------- d-----w- c:\program files\VideoLAN
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-07-01 10:19 . 2015-04-04 20:03 778416 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2015-07-01 10:19 . 2015-04-04 20:03 142512 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2015-05-30 19:34 . 2015-05-30 19:34 23456 ----a-w- c:\windows\system32\drivers\DrvAgent32.sys
2015-05-07 15:51 . 2015-05-07 15:51 96352 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2015-05-05 01:12 . 2015-05-17 19:23 248832 ----a-w- c:\windows\system32\schannel.dll
2015-05-01 13:16 . 2015-05-19 19:18 102608 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-04-20 02:56 . 2015-05-17 19:23 909312 ----a-w- c:\windows\system32\FntCache.dll
2015-04-20 02:56 . 2015-05-17 19:23 1250816 ----a-w- c:\windows\system32\DWrite.dll
2015-04-18 02:56 . 2015-05-17 19:23 342016 ----a-w- c:\windows\system32\certcli.dll
2015-04-13 03:19 . 2015-05-17 19:23 259072 ----a-w- c:\windows\system32\services.exe
2015-04-08 03:14 . 2015-05-17 19:23 22528 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\jnwppr.dll
2015-04-08 03:14 . 2015-05-17 19:23 216064 ----a-w- c:\windows\system32\InkEd.dll
2015-04-08 03:14 . 2015-05-17 19:23 19968 ----a-w- c:\windows\system32\jnwmon.dll
2015-04-07 20:29 . 2015-04-07 20:29 745472 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2015-04-07 20:29 . 2015-04-07 20:29 73728 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2015-04-07 20:29 . 2015-04-07 20:29 719360 ----a-w- c:\windows\system32\mshtmlmedia.dll
2015-04-07 20:29 . 2015-04-07 20:29 61952 ----a-w- c:\windows\system32\tdc.ocx
2015-04-07 20:29 . 2015-04-07 20:29 48640 ----a-w- c:\windows\system32\mshtmler.dll
2015-04-07 20:29 . 2015-04-07 20:29 38400 ----a-w- c:\windows\system32\imgutil.dll
2015-04-07 20:29 . 2015-04-07 20:29 185344 ----a-w- c:\windows\system32\elshyph.dll
2015-04-07 20:29 . 2015-04-07 20:29 158720 ----a-w- c:\windows\system32\msls31.dll
2015-04-07 20:29 . 2015-04-07 20:29 150528 ----a-w- c:\windows\system32\iexpress.exe
2015-04-07 20:29 . 2015-04-07 20:29 138752 ----a-w- c:\windows\system32\wextract.exe
2015-04-07 20:29 . 2015-04-07 20:29 137216 ----a-w- c:\windows\system32\ieUnatt.exe
2015-04-07 20:29 . 2015-04-07 20:29 12800 ----a-w- c:\windows\system32\mshta.exe
2015-04-07 20:29 . 2015-04-07 20:29 110592 ----a-w- c:\windows\system32\IEAdvpack.dll
2015-04-07 20:29 . 2015-04-07 20:29 23040 ----a-w- c:\windows\system32\licmgr10.dll
2015-04-07 20:28 . 2015-04-07 20:28 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2015-04-07 20:28 . 2015-04-07 20:28 604160 ----a-w- c:\windows\system32\d3d10level9.dll
2015-04-07 20:28 . 2015-04-07 20:28 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2015-04-07 20:28 . 2015-04-07 20:28 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2015-04-07 20:28 . 2015-04-07 20:28 4096 ---ha-w- c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2015-04-07 20:28 . 2015-04-07 20:28 364544 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2015-04-07 20:28 . 2015-04-07 20:28 3584 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2015-04-07 20:28 . 2015-04-07 20:28 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2015-04-07 20:28 . 2015-04-07 20:28 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2015-04-07 20:28 . 2015-04-07 20:28 293376 ----a-w- c:\windows\system32\dxgi.dll
2015-04-07 20:28 . 2015-04-07 20:28 2560 ---ha-w- c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2015-04-07 20:28 . 2015-04-07 20:28 249856 ----a-w- c:\windows\system32\d3d10_1core.dll
2015-04-07 20:28 . 2015-04-07 20:28 2284544 ----a-w- c:\windows\system32\msmpeg2vdec.dll
2015-04-07 20:28 . 2015-04-07 20:28 220160 ----a-w- c:\windows\system32\d3d10core.dll
2015-04-07 20:28 . 2015-04-07 20:28 207872 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2015-04-07 20:28 . 2015-04-07 20:28 187392 ----a-w- c:\windows\system32\UIAnimation.dll
2015-04-07 20:28 . 2015-04-07 20:28 161792 ----a-w- c:\windows\system32\d3d10_1.dll
2015-04-07 20:28 . 2015-04-07 20:28 1158144 ----a-w- c:\windows\system32\XpsPrint.dll
2015-04-07 20:28 . 2015-04-07 20:28 1080832 ----a-w- c:\windows\system32\d3d10.dll
2015-04-07 20:28 . 2015-04-07 20:28 10752 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2015-04-05 14:55 . 2015-04-05 14:55 49152 ----a-w- c:\windows\system32\taskhost.exe
2015-04-05 14:51 . 2015-04-05 14:51 1505280 ----a-w- c:\windows\system32\d3d11.dll
2015-04-04 03:10 . 2015-05-17 19:23 67512 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2015-04-04 03:10 . 2015-05-17 19:23 137656 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2015-04-04 03:05 . 2015-05-17 19:23 172032 ----a-w- c:\windows\system32\wdigest.dll
2015-04-04 03:05 . 2015-05-17 19:23 65536 ----a-w- c:\windows\system32\TSpkg.dll
2015-04-04 03:05 . 2015-05-17 19:23 15872 ----a-w- c:\windows\system32\sspisrv.dll
2015-04-04 03:05 . 2015-05-17 19:23 100352 ----a-w- c:\windows\system32\sspicli.dll
2015-04-04 03:05 . 2015-05-17 19:23 22016 ----a-w- c:\windows\system32\secur32.dll
2015-04-04 03:05 . 2015-05-17 19:23 221184 ----a-w- c:\windows\system32\ncrypt.dll
2015-04-04 03:05 . 2015-05-17 19:23 259584 ----a-w- c:\windows\system32\msv1_0.dll
2015-04-04 03:05 . 2015-05-17 19:23 1061376 ----a-w- c:\windows\system32\lsasrv.dll
2015-04-04 03:05 . 2015-05-17 19:23 550912 ----a-w- c:\windows\system32\kerberos.dll
2015-04-04 03:05 . 2015-05-17 19:23 17408 ----a-w- c:\windows\system32\credssp.dll
2015-04-04 03:04 . 2015-05-17 19:23 22528 ----a-w- c:\windows\system32\lsass.exe
2015-04-04 03:04 . 2015-05-17 19:23 50176 ----a-w- c:\windows\system32\auditpol.exe
2015-04-04 03:01 . 2015-05-17 19:23 60416 ----a-w- c:\windows\system32\msobjs.dll
2015-04-04 03:01 . 2015-05-17 19:23 146432 ----a-w- c:\windows\system32\msaudite.dll
2015-04-04 02:59 . 2015-05-17 19:23 686080 ----a-w- c:\windows\system32\adtschema.dll
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.

• Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Spotify Web Helper"="c:\users\Pacome\AppData\Roaming\Spotify\SpotifyWebHelper.exe" [2015-06-19 2023480]
"BitTorrent"="c:\users\Pacome\AppData\Roaming\BitTorrent\BitTorrent.exe" [2015-06-28 1999976]
"Steam"="c:\program files\Steam\steam.exe" [2015-06-04 2892992]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Raptr"="c:\program files\Raptr\raptrstub.exe" [2015-05-15 55568]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-02-26 1713448]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2015-04-30 334896]
"StartCCC"="c:\program files\AMD\ATI.ACE\Core-Static\x86\CLIStart.exe" [2015-03-17 748232]
"Spirit of Gamer Mouse"="c:\program files\ADVANCE\Spirit of Gamer Mouse\Monitor.exe" [2013-09-23 499712]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 SetupARService;SetupARService;c:\program files\Realtek\Audio\SetupAfterRebootService.exe [2015-05-30 24576]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2015-02-18 315488]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-20 62464]
R3 DrvAgent32;DrvAgent32;c:\windows\system32\Drivers\DrvAgent32.sys [2015-05-30 23456]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
S1 SABI;SAMSUNG Kernel Driver For Windows 7;c:\windows\system32\Drivers\SABI.sys [2009-05-28 10752]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2014-11-21 212992]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [2015-03-17 276992]
S2 AODDriver4.3;AODDriver4.3;c:\program files\AMD\ATI.ACE\Fuel\i386\AODDriver2.sys [2014-02-11 50400]
S2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2015-05-01 1394816]
S2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2015-05-01 1772672]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [2014-12-21 77824]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x86.sys [2012-03-27 319264]
.
.
--- Autres Services/Pilotes en mémoire ---
.

• NewlyCreated* - TRUESIGHT
• Deregistered* - TrueSight

.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-06-23 02:51 990024 ----a-w- c:\program files\Google\Chrome\Application\43.0.2357.130\Installer\chrmstp.exe
.
Contenu du dossier 'Tâches planifiées'
.
2015-07-02 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-04 10:19]
.
2015-07-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2015-04-04 18:56]
.
2015-07-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2015-04-04 18:56]
.
.
------- Examen supplémentaire -------
.
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Pacome\AppData\Roaming\Mozilla\Firefox\Profiles\8yixku3x.default\
.
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Heure de fin: 2015-07-02 12:46:18
ComboFix-quarantined-files.txt 2015-07-02 10:46
ComboFix2.txt 2015-07-01 18:33
ComboFix3.txt 2015-05-23 20:51
.
Avant-CF: 205 689 962 496 octets libres
Après-CF: 205 411 389 440 octets libres
.
- - End Of File - - 3F1E292F35DCB8F10610F1E4B297B43A
A36C5E4F47E84449FF07ED3517B43A31

Je n'ai pas d'autorisation pour déplacer ou renommer le fichier

Sans autorisation, impossible d'effectué votre manipulation

Hey! S'il te plait j'ai encore besoin de toi