cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

ComboFix 15-10-15.01 - Alberto-Admin 20/10/2015 21:04:34.6.4 - x64
Microsoft Windows 7 Édition Familiale Premium 6.1.7601.1.1252.33.1036.18.8127.5420 [GMT 2:00]
Lancé depuis: c:\users\Alberto-User\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2015-09-20 au 2015-10-20 ))))))))))))))))))))))))))))))))))))
.
.
2015-10-20 19:07 . 2015-10-20 19:07 -------- d-----w- c:\users\Public\AppData\Local\temp
2015-10-20 19:07 . 2015-10-20 19:07 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-10-20 19:07 . 2015-10-20 19:07 -------- d-----w- c:\users\Alberto-Admin\AppData\Local\temp
2015-10-20 10:45 . 2015-08-31 22:45 11062400 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{AE9CADB5-6080-4601-842E-124CB1CF966A}\mpengine.dll
2015-10-18 13:27 . 2015-10-18 13:27 -------- d-----w- c:\users\Alberto-User\AppData\Roaming\Sublime Text 2
2015-10-18 13:27 . 2015-10-18 13:27 -------- d-----w- C:\Sublime Text 2
2015-10-18 10:40 . 2015-10-20 18:53 -------- d-----w- c:\users\Alberto-User\AppData\Roaming\TS3Client
2015-10-18 10:40 . 2015-10-18 10:40 -------- d-----w- c:\users\Alberto-User\AppData\Local\TeamSpeak 3 Client
2015-10-18 10:37 . 2015-10-18 10:37 -------- d-----w- c:\windows\system32\config\systemprofile\.oracle_jre_usage
2015-10-18 10:37 . 2015-10-18 10:37 -------- d-----w- c:\windows\SysWow64\config\systemprofile\.oracle_jre_usage
2015-10-17 18:26 . 2015-10-17 18:26 110688 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2015-10-17 18:25 . 2015-10-17 18:25 -------- d-----w- c:\program files\Java
2015-10-17 18:11 . 2015-10-17 18:32 -------- d-----w- c:\users\Alberto-User\AppData\Roaming\.technic
2015-10-17 18:09 . 2015-10-17 18:26 -------- d-----w- c:\users\Alberto-User\.oracle_jre_usage
2015-10-17 18:09 . 2015-10-17 18:09 -------- d-----w- c:\program files (x86)\Common Files\Java
2015-10-17 18:09 . 2015-10-17 18:26 -------- d-----w- c:\users\Alberto-Admin\.oracle_jre_usage
2015-10-17 18:09 . 2015-10-17 18:09 -------- d-----w- c:\programdata\Oracle
2015-10-17 18:09 . 2015-10-17 18:09 -------- d-----w- c:\program files (x86)\Java
2015-10-14 21:41 . 2015-10-14 21:42 192216 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-10-14 21:41 . 2015-10-14 21:41 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2015-10-14 21:41 . 2015-10-05 07:50 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2015-10-14 21:41 . 2015-10-05 07:50 109272 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-10-14 21:41 . 2015-10-05 07:50 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2015-10-14 18:34 . 2015-09-18 19:22 25432 ----a-w- c:\windows\system32\CompatTelRunner.exe
2015-10-14 18:34 . 2015-09-18 19:19 700416 ----a-w- c:\windows\system32\invagent.dll
2015-10-14 18:34 . 2015-09-18 19:19 766464 ----a-w- c:\windows\system32\generaltel.dll
2015-10-14 18:34 . 2015-09-18 19:19 503808 ----a-w- c:\windows\system32\devinv.dll
2015-10-14 18:34 . 2015-09-18 19:19 73216 ----a-w- c:\windows\system32\acmigration.dll
2015-10-14 18:34 . 2015-09-18 19:19 1291264 ----a-w- c:\windows\system32\appraiser.dll
2015-10-14 18:34 . 2015-09-18 19:09 1163776 ----a-w- c:\windows\system32\aeinv.dll
2015-10-13 19:24 . 2015-09-18 19:31 391784 ----a-w- c:\windows\system32\iedkcs32.dll
2015-10-13 19:23 . 2015-09-25 18:07 98816 ----a-w- c:\windows\system32\wudriver.dll
2015-10-09 20:48 . 2015-10-09 20:48 -------- d-----w- c:\users\Alberto-User\AppData\Roaming\java
2015-10-09 20:48 . 2015-10-17 18:59 -------- d-----w- c:\users\Alberto-User\AppData\Roaming\.minecraft
2015-10-09 19:25 . 2015-10-09 19:25 -------- d-----w- c:\users\Alberto-User\Tracing
2015-10-09 19:24 . 2015-10-09 19:24 -------- d-----w- c:\users\Alberto-User\AppData\Local\Skype
2015-10-09 19:24 . 2015-10-20 17:33 -------- d-----w- c:\users\Alberto-User\AppData\Roaming\Skype
2015-10-09 19:22 . 2015-10-20 11:43 -------- d-----r- c:\program files (x86)\Skype
2015-10-09 19:22 . 2015-10-09 19:22 -------- d-----w- c:\program files (x86)\Common Files\Skype
2015-10-09 19:22 . 2015-10-14 18:29 -------- d-----w- c:\programdata\Skype
2015-10-08 17:15 . 2015-10-08 17:15 -------- d-----w- c:\users\Alberto-Admin\AppData\Local\CrashDumps
2015-10-08 14:57 . 2015-10-14 18:28 -------- d-----w- c:\users\Alberto-User\AppData\Roaming\HexChat
2015-10-08 14:57 . 2015-10-08 14:59 -------- d-----w- C:\HexChat
2015-10-08 12:30 . 2015-10-08 12:30 -------- d-----w- c:\programdata\Malwarebytes
2015-10-08 12:19 . 2015-10-08 12:19 -------- d-----w- c:\program files\RogueKiller
2015-10-08 11:40 . 2015-10-08 11:40 378880 ----a-w- c:\windows\system32\aswBoot.exe
2015-10-08 11:40 . 2015-10-08 11:40 43112 ----a-w- c:\windows\avastSS.scr
2015-10-08 10:21 . 2015-10-08 13:09 -------- d-----w- c:\users\Alberto-Admin\AppData\Local\Mozilla
2015-10-08 10:13 . 2015-10-08 10:13 -------- d-----w- c:\users\Alberto-User\AppData\Local\Programs
2015-10-05 19:41 . 2015-08-25 14:08 574072 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2015-10-02 21:43 . 2015-10-10 00:15 -------- d-----w- c:\users\Alberto-User\AppData\Roaming\vlc
2015-10-02 21:43 . 2015-10-02 21:43 -------- d-----w- c:\program files\VideoLAN
2015-09-27 17:42 . 2015-09-27 17:42 -------- d-----w- c:\users\Alberto-User\AppData\Roaming\mkxp
2015-09-27 17:42 . 2015-09-27 17:42 -------- d-----w- c:\users\Alberto-User\AppData\Roaming\dingaling
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-10-20 18:53 . 2015-07-28 19:12 37624 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2015-10-17 10:03 . 2015-07-17 13:33 780488 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-10-17 10:03 . 2015-07-17 13:33 142536 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-10-13 19:49 . 2015-07-01 22:52 143481208 ----a-w- c:\windows\system32\MRT.exe
2015-10-08 11:40 . 2015-08-13 15:39 93528 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2015-10-08 11:40 . 2015-08-13 15:39 90968 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2015-10-08 11:40 . 2015-08-13 15:39 65224 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2015-10-08 11:40 . 2015-08-13 15:39 448968 ----a-w- c:\windows\system32\drivers\aswSP.sys
2015-10-08 11:40 . 2015-08-13 15:39 28656 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2015-10-08 11:40 . 2015-08-13 15:39 274808 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2015-10-08 11:40 . 2015-08-13 15:39 153744 ----a-w- c:\windows\system32\drivers\aswStm.sys
2015-10-08 11:40 . 2015-08-13 15:39 1049880 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2015-09-29 02:58 . 2015-10-13 19:23 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2015-09-18 21:46 . 2015-07-01 21:54 121488 ----a-w- c:\windows\system32\OpenCL.dll
2015-09-18 21:46 . 2015-07-01 21:54 113992 ----a-w- c:\windows\SysWow64\OpenCL.dll
2015-09-18 21:45 . 2015-07-02 01:03 17091128 ----a-w- c:\windows\system32\nvwgf2umx.dll
2015-09-18 21:44 . 2015-08-25 16:00 14644520 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2015-09-18 21:44 . 2015-08-25 16:00 1116920 ----a-w- c:\windows\system32\nvumdshimx.dll
2015-09-18 21:44 . 2015-09-18 21:44 954976 ----a-w- c:\windows\SysWow64\nvumdshim.dll
2015-09-18 21:43 . 2015-09-18 21:43 16646072 ----a-w- c:\windows\system32\nvopencl.dll
2015-09-18 21:43 . 2015-09-18 21:43 13669896 ----a-w- c:\windows\SysWow64\nvopencl.dll
2015-09-18 21:43 . 2015-09-18 21:43 22534288 ----a-w- c:\windows\system32\nvoglv64.dll
2015-09-18 21:42 . 2015-09-18 21:42 18553984 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2015-09-18 21:42 . 2015-09-18 21:42 159560 ----a-w- c:\windows\system32\nvoglshim64.dll
2015-09-18 21:42 . 2015-09-18 21:42 137240 ----a-w- c:\windows\SysWow64\nvoglshim32.dll
2015-09-18 21:42 . 2015-09-18 21:42 11097928 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2015-09-18 21:41 . 2015-09-18 21:41 187152 ----a-w- c:\windows\system32\nvinitx.dll
2015-09-18 21:41 . 2015-09-18 21:41 164520 ----a-w- c:\windows\SysWow64\nvinit.dll
2015-09-18 21:41 . 2015-09-18 21:41 416912 ----a-w- c:\windows\system32\NvIFROpenGL.dll
2015-09-18 21:41 . 2015-09-18 21:41 373064 ----a-w- c:\windows\SysWow64\NvIFROpenGL.dll
2015-09-18 21:41 . 2015-09-18 21:41 1075000 ----a-w- c:\windows\system32\NvIFR64.dll
2015-09-18 21:41 . 2015-09-18 21:41 994960 ----a-w- c:\windows\SysWow64\NvIFR.dll
2015-09-18 21:41 . 2015-09-18 21:41 48992 ----a-w- c:\windows\system32\nvhdap64.dll
2015-09-18 21:41 . 2015-09-18 21:41 1576288 ----a-w- c:\windows\system32\nvhdagenco6420103.dll
2015-09-18 21:40 . 2015-09-18 21:40 213360 ----a-w- c:\windows\system32\drivers\nvhda64v.sys
2015-09-18 21:40 . 2015-09-18 21:40 954184 ----a-w- c:\windows\SysWow64\NvFBC.dll
2015-09-18 21:40 . 2015-09-18 21:40 1084048 ----a-w- c:\windows\system32\NvFBC64.dll
2015-09-18 21:40 . 2015-09-18 21:40 523152 ----a-w- c:\windows\system32\nvEncodeAPI64.dll
2015-09-18 21:40 . 2015-09-18 21:40 431792 ----a-w- c:\windows\SysWow64\nvEncodeAPI.dll
2015-09-18 21:40 . 2015-09-18 21:40 1567376 ----a-w- c:\windows\system32\nvdispgenco6435582.dll
2015-09-18 21:40 . 2015-09-18 21:40 1907016 ----a-w- c:\windows\system32\nvdispco6435582.dll
2015-09-18 21:40 . 2015-09-18 21:40 15523136 ----a-w- c:\windows\system32\nvd3dumx.dll
2015-09-18 21:40 . 2015-09-18 21:40 12525264 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2015-09-18 21:40 . 2015-09-18 21:40 2949448 ----a-w- c:\windows\system32\nvcuvid.dll
2015-09-18 21:40 . 2015-09-18 21:40 2636432 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2015-09-18 21:39 . 2015-09-18 21:39 14946520 ----a-w- c:\windows\system32\nvcuda.dll
2015-09-18 21:39 . 2015-09-18 21:39 12193888 ----a-w- c:\windows\SysWow64\nvcuda.dll
2015-09-18 21:37 . 2015-09-18 21:37 42850616 ----a-w- c:\windows\system32\nvcompiler.dll
2015-09-18 21:36 . 2015-09-18 21:36 37829432 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2015-09-18 21:36 . 2015-07-01 21:53 3537944 ----a-w- c:\windows\system32\nvapi64.dll
2015-09-18 21:36 . 2015-07-01 21:53 3123152 ----a-w- c:\windows\SysWow64\nvapi.dll
2015-09-02 03:04 . 2015-09-09 07:30 41984 ----a-w- c:\windows\system32\lpk.dll
2015-09-02 03:04 . 2015-09-09 07:30 100864 ----a-w- c:\windows\system32\fontsub.dll
2015-09-02 03:04 . 2015-09-09 07:30 14336 ----a-w- c:\windows\system32\dciman32.dll
2015-09-02 03:04 . 2015-09-09 07:30 46080 ----a-w- c:\windows\system32\atmlib.dll
2015-09-02 02:48 . 2015-09-09 07:30 70656 ----a-w- c:\windows\SysWow64\fontsub.dll
2015-09-02 02:48 . 2015-09-09 07:30 10240 ----a-w- c:\windows\SysWow64\dciman32.dll
2015-09-02 02:48 . 2015-09-09 07:30 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2015-09-02 02:47 . 2015-09-09 07:30 25600 ----a-w- c:\windows\SysWow64\lpk.dll
2015-09-02 01:51 . 2015-09-09 07:30 3209216 ----a-w- c:\windows\system32\win32k.sys
2015-09-02 01:47 . 2015-09-09 07:30 372736 ----a-w- c:\windows\system32\atmfd.dll
2015-09-02 01:33 . 2015-09-09 07:30 299520 ----a-w- c:\windows\SysWow64\atmfd.dll
2015-08-27 18:18 . 2015-09-09 07:30 2004480 ----a-w- c:\windows\system32\msxml6.dll
2015-08-27 18:18 . 2015-09-09 07:30 1887232 ----a-w- c:\windows\system32\msxml3.dll
2015-08-27 18:13 . 2015-09-09 07:30 2048 ----a-w- c:\windows\system32\msxml6r.dll
2015-08-27 18:13 . 2015-09-09 07:30 2048 ----a-w- c:\windows\system32\msxml3r.dll
2015-08-27 17:58 . 2015-09-09 07:30 1391104 ----a-w- c:\windows\SysWow64\msxml6.dll
2015-08-27 17:58 . 2015-09-09 07:30 1241088 ----a-w- c:\windows\SysWow64\msxml3.dll
2015-08-27 17:51 . 2015-09-09 07:30 2048 ----a-w- c:\windows\SysWow64\msxml6r.dll
2015-08-27 17:51 . 2015-09-09 07:30 2048 ----a-w- c:\windows\SysWow64\msxml3r.dll
2015-08-25 14:24 . 2015-07-01 21:54 937776 ----a-w- c:\windows\system32\nvvsvc.exe
2015-08-25 14:24 . 2015-07-01 21:54 62584 ----a-w- c:\windows\system32\nvshext.dll
2015-08-25 14:24 . 2015-07-01 21:54 385144 ----a-w- c:\windows\system32\nvmctray.dll
2015-08-25 14:24 . 2015-07-01 21:54 3496752 ----a-w- c:\windows\system32\nvsvc64.dll
2015-08-25 14:24 . 2015-07-01 21:54 2558584 ----a-w- c:\windows\system32\nvsvcr.dll
2015-08-25 14:24 . 2015-07-01 21:54 6884984 ----a-w- c:\windows\system32\nvcpl.dll
2015-08-25 12:35 . 2015-07-01 21:54 5165808 ----a-w- c:\windows\system32\nvcoproc.bin
2015-08-17 23:30 . 2015-07-02 00:57 1423120 ----a-w- c:\windows\SysWow64\nvspcap.dll
2015-08-17 23:30 . 2015-07-02 00:57 1316184 ----a-w- c:\windows\SysWow64\nvspbridge.dll
2015-08-17 23:29 . 2015-07-02 00:57 1756608 ----a-w- c:\windows\system32\nvspbridge64.dll
2015-08-17 23:29 . 2015-07-02 00:57 1710568 ----a-w- c:\windows\system32\nvspcap64.dll
2015-08-11 04:52 . 2015-08-25 15:53 69416 ----a-w- c:\windows\SysWow64\nvaudcap32v.dll
2015-08-11 04:52 . 2015-08-25 15:53 50472 ----a-w- c:\windows\system32\drivers\nvvad64v.sys
2015-08-11 04:52 . 2015-07-02 00:57 72504 ----a-w- c:\windows\system32\nvaudcap64v.dll
2015-08-07 11:06 . 2015-08-25 16:00 1558832 ----a-w- c:\windows\system32\nvdispgenco6435560.dll
2015-08-07 11:06 . 2015-08-25 16:00 1898104 ----a-w- c:\windows\system32\nvdispco6435560.dll
2015-08-05 17:56 . 2015-09-09 07:32 1110016 ----a-w- c:\windows\system32\schedsvc.dll
2015-08-05 17:56 . 2015-09-09 07:32 24576 ----a-w- c:\windows\system32\jnwmon.dll
2015-08-05 17:56 . 2015-09-09 07:32 275456 ----a-w- c:\windows\system32\InkEd.dll
2015-08-05 17:40 . 2015-09-09 07:32 216064 ----a-w- c:\windows\SysWow64\InkEd.dll
2015-07-30 18:06 . 2015-08-12 12:11 2565120 ----a-w- c:\windows\system32\d3d10warp.dll
2015-07-30 18:06 . 2015-08-12 12:11 1648128 ----a-w- c:\windows\system32\DWrite.dll
2015-07-30 18:06 . 2015-08-12 12:11 1180160 ----a-w- c:\windows\system32\FntCache.dll
2015-07-30 17:57 . 2015-08-12 12:11 1987584 ----a-w- c:\windows\SysWow64\d3d10warp.dll
2015-07-30 17:57 . 2015-08-12 12:11 1251328 ----a-w- c:\windows\SysWow64\DWrite.dll
2015-07-30 13:13 . 2015-08-13 01:03 103120 ----a-w- c:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2015-07-30 13:13 . 2015-08-13 01:03 124624 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-07-23 00:02 . 2015-09-09 07:30 1390592 ----a-w- c:\windows\system32\diagtrack.dll
2015-07-23 00:02 . 2015-09-09 07:30 879104 ----a-w- c:\windows\system32\tdh.dll
2015-07-23 00:02 . 2015-09-09 07:30 879104 ----a-w- c:\windows\system32\advapi32.dll
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\steam\steam.exe" [2015-10-14 2901584]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2015-09-16 8461224]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2015-09-27 57981568]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2013-04-26 292848]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2015-10-08 6134544]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2015-08-04 597552]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\SocketHeciServer.exe;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [x]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
R3 MSICDSetup;MSICDSetup;f:\cdriver64.sys;f:\CDriver64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 iaStorA;iaStorA;c:\windows\system32\DRIVERS\iaStorA.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorA.sys [x]
S0 iaStorF;iaStorF;c:\windows\system32\DRIVERS\iaStorF.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorF.sys [x]
S0 iusb3hcs;Pilote de commutateur de contrôleur d'hôte Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S2 asComSvc;ASUS Com Service;c:\program files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe;c:\program files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 DTSAudioSvc;DTSAudioSvc;c:\program files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe;c:\program files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [x]
S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S3 iusb3hub;Pilote de concentrateur Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Pilote du contrôleur d'hôte extensible Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 RtlWlanu;Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\rtwlanu.sys;c:\windows\SYSNATIVE\DRIVERS\rtwlanu.sys [x]
.
.
--- Autres Services/Pilotes en mémoire ---
.
*Deregistered* - TrueSight
.
Contenu du dossier 'Tâches planifiées'
.
2015-10-20 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-17 10:03]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2015-10-08 11:40 780616 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2013-08-19 7202520]
"RtHDVBg_DTS"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2013-08-07 1321688]
"IAStorIcon"="c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" [2013-08-07 36352]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2015-08-17 2634872]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2015-08-17 1710568]
.
------- Examen supplémentaire -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Alberto-Admin\AppData\Roaming\Mozilla\Firefox\Profiles\vfwuifpx.default-1444309789816\
.
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Heure de fin: 2015-10-20 21:08:11
ComboFix-quarantined-files.txt 2015-10-20 19:08
ComboFix2.txt 2015-10-20 12:22
ComboFix3.txt 2015-10-08 13:05
ComboFix4.txt 2015-09-07 08:05
ComboFix5.txt 2015-10-20 19:03
.
Avant-CF: 62 316 105 728 octets libres
Après-CF: 62 260 224 000 octets libres
.
- - End Of File - - 42083FDF57FBCB8FF73CDD6AB4344CEA
EA923EB0EC0060F1451E9AD7B5762CFE

Publicité


Signaler le contenu de ce document

Publicité