cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

ComboFix 15-12-16.01 - FOUAD 23/12/2015 0:16.1.2 - x86
Microsoft Windows 7 Édition Intégrale 6.1.7601.1.1252.33.1036.18.3547.2591 [GMT 1:00]
Lancé depuis: c:\users\FOUAD\Desktop\ComboFix.exe
AV: ESET Smart Security 8.0 *Disabled/Updated* {19259FAE-8396-A113-46DB-15B0E7DFA289}
FW: Pare-feu personnel d'ESET *Disabled* {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}
SP: ESET Smart Security 8.0 *Disabled/Updated* {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2015-11-22 au 2015-12-22 ))))))))))))))))))))))))))))))))))))
.
.
2015-12-22 22:34 . 2015-12-22 22:36 -------- d-----w- C:\AdwCleaner
2015-12-22 22:17 . 2015-12-22 22:17 -------- d-----w- c:\users\FOUAD\AppData\Roaming\ProductData
2015-12-22 22:17 . 2015-12-22 22:17 -------- d-----w- c:\programdata\ProductData
2015-12-22 21:12 . 2015-09-18 17:44 1120768 ----a-w- c:\windows\system32\appraiser.dll
2015-12-22 21:12 . 2015-09-18 17:47 23384 ----a-w- c:\windows\system32\CompatTelRunner.exe
2015-12-22 21:12 . 2015-09-18 17:44 587776 ----a-w- c:\windows\system32\invagent.dll
2015-12-22 21:12 . 2015-09-18 17:44 615936 ----a-w- c:\windows\system32\generaltel.dll
2015-12-22 21:12 . 2015-09-18 17:44 423936 ----a-w- c:\windows\system32\devinv.dll
2015-12-22 21:12 . 2015-09-18 17:44 62976 ----a-w- c:\windows\system32\acmigration.dll
2015-12-22 21:12 . 2015-09-18 17:35 999936 ----a-w- c:\windows\system32\aeinv.dll
2015-12-22 21:12 . 2015-12-22 21:22 -------- d-----w- c:\users\FOUAD\AppData\Roaming\ZHP
2015-12-19 22:26 . 2015-12-19 22:26 2048 ----a-w- c:\windows\system32\tzres.dll
2015-12-19 22:25 . 2015-12-19 22:25 909824 ----a-w- c:\windows\system32\FntCache.dll
2015-12-19 22:25 . 2015-12-19 22:25 1251328 ----a-w- c:\windows\system32\DWrite.dll
2015-12-19 22:25 . 2015-12-19 22:25 811520 ----a-w- c:\windows\system32\user32.dll
2015-12-19 22:25 . 2015-12-19 22:25 2386944 ----a-w- c:\windows\system32\win32k.sys
2015-12-19 22:25 . 2015-12-19 22:25 179712 ----a-w- c:\windows\system32\els.dll
2015-12-19 22:24 . 2015-12-19 22:24 14848 ----a-w- c:\windows\system32\wshrm.dll
2015-12-19 22:24 . 2015-12-19 22:24 117760 ----a-w- c:\windows\system32\drivers\rmcast.sys
2015-12-19 22:24 . 2015-12-19 22:24 627712 ----a-w- c:\windows\system32\usp10.dll
2015-12-19 22:24 . 2015-12-19 22:24 1242624 ----a-w- c:\windows\system32\comsvcs.dll
2015-12-19 22:24 . 2015-12-19 22:24 487936 ----a-w- c:\windows\system32\catsrvut.dll
2015-12-19 22:24 . 2015-12-19 22:24 678912 ----a-w- c:\program files\Internet Explorer\iedvtool.dll
2015-12-19 22:24 . 2015-12-19 22:24 1129472 ----a-w- c:\windows\system32\wininet.dll
2015-12-02 14:35 . 2015-12-02 14:35 93696 ----a-w- c:\windows\system32\wudriver.dll
2015-12-02 14:35 . 2015-12-02 14:35 73728 ----a-w- c:\windows\system32\WinSetupUI.dll
2015-12-02 14:35 . 2015-12-02 14:35 573440 ----a-w- c:\windows\system32\wuapi.dll
2015-12-02 14:35 . 2015-12-02 14:35 35840 ----a-w- c:\windows\system32\wups2.dll
2015-12-02 14:35 . 2015-12-02 14:35 35328 ----a-w- c:\windows\system32\wuapp.exe
2015-12-02 14:35 . 2015-12-02 14:35 30208 ----a-w- c:\windows\system32\wups.dll
2015-12-02 14:35 . 2015-12-02 14:35 2956800 ----a-w- c:\windows\system32\wucltux.dll
2015-12-02 14:35 . 2015-12-02 14:35 2062848 ----a-w- c:\windows\system32\wuaueng.dll
2015-12-02 14:35 . 2015-12-02 14:35 174080 ----a-w- c:\windows\system32\wuwebv.dll
2015-12-02 14:35 . 2015-12-02 14:35 136192 ----a-w- c:\windows\system32\wuauclt.exe
2015-12-02 14:35 . 2015-12-02 14:35 11776 ----a-w- c:\windows\system32\wu.upgrade.ps.dll
2015-11-27 09:29 . 2015-11-27 09:29 -------- d-----w- c:\program files\Common Files\Java
2015-11-26 23:34 . 2015-11-26 23:34 69120 ----a-w- c:\windows\system32\nlsbres.dll
2015-11-26 23:34 . 2015-11-26 23:34 6144 ----a-w- c:\windows\system32\kbdgeoqw.dll
2015-11-26 23:34 . 2015-11-26 23:34 6144 ----a-w- c:\windows\system32\KBDAZEL.DLL
2015-11-26 23:30 . 2015-11-26 23:30 74752 ----a-w- c:\windows\system32\drivers\tdx.sys
2015-11-26 23:30 . 2015-11-26 23:30 338944 ----a-w- c:\windows\system32\drivers\afd.sys
2015-11-26 23:30 . 2015-11-26 23:30 712640 ----a-w- c:\windows\system32\drivers\ndis.sys
2015-11-26 23:28 . 2015-11-26 23:28 371920 ----a-w- c:\windows\system32\drivers\cng.sys
2015-11-26 23:28 . 2015-11-26 23:28 251000 ----a-w- c:\windows\system32\bcryptprimitives.dll
2015-11-26 23:28 . 2015-11-26 23:28 62464 ----a-w- c:\windows\system32\aelupsvc.dll
2015-11-26 23:28 . 2015-11-26 23:28 5120 ----a-w- c:\windows\system32\shimeng.dll
2015-11-26 23:28 . 2015-11-26 23:28 295936 ----a-w- c:\windows\system32\apphelp.dll
2015-11-26 23:28 . 2015-11-26 23:28 20992 ----a-w- c:\windows\system32\sdbinst.exe
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-12-22 23:06 . 2015-08-26 21:21 119512 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-12-22 22:19 . 2015-09-12 22:49 35064 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2015-12-19 12:02 . 2015-08-27 20:55 796864 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2015-12-19 12:02 . 2015-08-27 20:55 142528 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2015-11-27 09:29 . 2015-09-09 16:26 95840 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2015-11-26 23:28 . 2015-11-26 23:28 562176 ----a-w- c:\windows\apppatch\AcLayers.dll
2015-11-26 23:28 . 2015-11-26 23:28 470528 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2015-11-26 23:28 . 2015-11-26 23:28 2560 ----a-w- c:\windows\apppatch\AcRes.dll
2015-11-26 23:28 . 2015-11-26 23:28 2178560 ----a-w- c:\windows\apppatch\AcGenral.dll
2015-11-26 23:28 . 2015-11-26 23:28 211968 ----a-w- c:\windows\apppatch\AcXtrnal.dll
2015-11-02 01:14 . 2015-11-02 01:14 863608 ----a-w- c:\windows\system32\tossaeapo32.dll
2015-11-02 01:14 . 2015-11-02 01:14 860528 ----a-w- c:\windows\system32\tadefxapo2.dll
2015-11-02 01:14 . 2015-11-02 01:14 67752 ----a-w- c:\windows\system32\TepeqAPO.dll
2015-11-02 01:14 . 2015-11-02 01:14 575936 ----a-w- c:\windows\system32\tosasfapo32.dll
2015-11-02 01:14 . 2015-11-02 01:14 401048 ----a-w- c:\windows\system32\SRAPO.dll
2015-11-02 01:14 . 2015-11-02 01:14 357160 ----a-w- c:\windows\system32\SRSTSXT.dll
2015-11-02 01:14 . 2015-11-02 01:14 341160 ----a-w- c:\windows\system32\SRCOM.dll
2015-11-02 01:14 . 2015-11-02 01:14 230920 ----a-w- c:\windows\system32\tossaemaxapo32.dll
2015-11-02 01:14 . 2015-11-02 01:14 196008 ----a-w- c:\windows\system32\SRSTSHD.dll
2015-11-02 01:14 . 2015-11-02 01:14 183616 ----a-w- c:\windows\system32\SRSHP360.dll
2015-11-02 01:14 . 2015-11-02 01:14 1832072 ----a-w- c:\windows\system32\WavesGUILib.dll
2015-11-02 01:14 . 2015-11-02 01:14 1791808 ----a-w- c:\windows\system32\WavesLib.dll
2015-11-02 01:14 . 2015-11-02 01:14 151920 ----a-w- c:\windows\system32\toseaeapo32.dll
2015-11-02 01:14 . 2015-11-02 01:14 150560 ----a-w- c:\windows\system32\SRSWOW.dll
2015-11-02 01:14 . 2015-11-02 01:14 144688 ----a-w- c:\windows\system32\tadefxapo.dll
2015-11-02 01:14 . 2015-11-02 01:14 1400808 ----a-w- c:\windows\system32\tosade.dll
2015-11-02 01:14 . 2015-11-02 01:14 1074056 ----a-w- c:\windows\system32\SRRPTR.dll
2015-11-02 01:14 . 2015-11-02 01:14 625000 ----a-w- c:\windows\system32\sltech32.dll
2015-11-02 01:14 . 2015-11-02 01:14 231880 ----a-w- c:\windows\system32\slprp32.dll
2015-11-02 01:14 . 2015-11-02 01:14 1039224 ----a-w- c:\windows\system32\slcnt32.dll
2015-11-02 01:14 . 2015-11-02 01:14 936616 ----a-w- c:\windows\system32\SFSS_APO.dll
2015-11-02 01:14 . 2015-11-02 01:14 883376 ----a-w- c:\windows\system32\sl3apo32.dll
2015-11-02 01:14 . 2015-11-02 01:14 83648 ----a-w- c:\windows\system32\SFCOM.dll
2015-11-02 01:14 . 2015-11-02 01:14 786352 ----a-w- c:\windows\system32\SEHDRA32.dll
2015-11-02 01:14 . 2015-11-02 01:14 78488 ----a-w- c:\windows\system32\SFAPO.dll
2015-11-02 01:14 . 2015-11-02 01:14 589080 ----a-w- c:\windows\system32\SECOMN32.dll
2015-11-02 01:14 . 2015-11-02 01:14 384520 ----a-w- c:\windows\system32\SEAPO32.dll
2015-11-02 01:14 . 2015-11-02 01:14 3616000 ----a-w- c:\windows\system32\drivers\RTKVHDA.sys
2015-11-02 01:14 . 2015-11-02 01:14 2826496 ----a-w- c:\windows\system32\RTSndMgr.cpl
2015-11-02 01:14 . 2015-11-02 01:14 2702592 ----a-w- c:\windows\system32\RtkPgExt.dll
2015-11-02 01:14 . 2015-11-02 01:14 225048 ----a-w- c:\windows\system32\SFNHK.dll
2015-11-02 01:14 . 2015-11-02 01:14 88280 ----a-w- c:\windows\system32\RTEEL32A.dll
2015-11-02 01:14 . 2015-11-02 01:14 74384 ----a-w- c:\windows\system32\RTEEG32A.dll
2015-11-02 01:14 . 2015-11-02 01:14 371816 ----a-w- c:\windows\system32\RTEEP32A.dll
2015-11-02 01:14 . 2015-11-02 01:14 307240 ----a-w- c:\windows\system32\RP3DHT32.dll
2015-11-02 01:14 . 2015-11-02 01:14 307240 ----a-w- c:\windows\system32\RP3DAA32.dll
2015-11-02 01:14 . 2015-11-02 01:14 2605048 ----a-w- c:\windows\system32\RltkAPO.dll
2015-11-02 01:14 . 2015-11-02 01:14 2424272 ----a-w- c:\windows\system32\RtkApoApi.dll
2015-11-02 01:14 . 2015-11-02 01:14 22160 ----a-w- c:\windows\system32\RtkCoLDR.dll
2015-11-02 01:14 . 2015-11-02 01:14 1983104 ----a-w- c:\windows\system32\RtkCoInstII.dll
2015-11-02 01:14 . 2015-11-02 01:14 181232 ----a-w- c:\windows\system32\RTEED32A.dll
2015-11-02 01:14 . 2015-11-02 01:14 72203792 ----a-w- c:\windows\system32\RCoRes.dat
2015-11-02 01:14 . 2015-11-02 01:14 71712 ----a-w- c:\windows\system32\R4EEG32A.dll
2015-11-02 01:14 . 2015-11-02 01:14 7170872 ----a-w- c:\windows\system32\R4EEP32A.dll
2015-11-02 01:14 . 2015-11-02 01:14 5132496 ----a-w- c:\windows\system32\NAHIMICV2apo.dll
2015-11-02 01:14 . 2015-11-02 01:14 364024 ----a-w- c:\windows\system32\R4EED32A.dll
2015-11-02 01:14 . 2015-11-02 01:14 116648 ----a-w- c:\windows\system32\R4EEL32A.dll
2015-11-02 01:14 . 2015-11-02 01:14 101624 ----a-w- c:\windows\system32\R4EEA32A.dll
2015-11-02 01:14 . 2015-11-02 01:14 954200 ----a-w- c:\windows\system32\NahimicAPONSControl.dll
2015-11-02 01:14 . 2015-11-02 01:14 868464 ----a-w- c:\windows\system32\MISS_APO.dll
2015-11-02 01:14 . 2015-11-02 01:14 522712 ----a-w- c:\windows\system32\MaxxVolumeSDAPO.dll
2015-11-02 01:14 . 2015-11-02 01:14 4763576 ----a-w- c:\windows\system32\NAHIMICAPOlfx.dll
2015-11-02 01:14 . 2015-11-02 01:14 11922520 ----a-w- c:\windows\system32\MaxxVoiceAPO40.dll
2015-11-02 01:14 . 2015-11-02 01:14 965688 ----a-w- c:\windows\system32\MaxxSpeechAPO.dll
2015-11-02 01:14 . 2015-11-02 01:14 834328 ----a-w- c:\windows\system32\MaxxVoiceAPO20.dll
2015-11-02 01:14 . 2015-11-02 01:14 12014448 ----a-w- c:\windows\system32\MaxxVoiceAPO30.dll
2015-11-02 01:14 . 2015-11-02 01:14 13798184 ----a-w- c:\windows\system32\MaxxAudioRealtek.dll
2015-11-02 01:14 . 2015-11-02 01:14 990792 ----a-w- c:\windows\system32\MaxxAudioAPO40.dll
2015-11-02 01:14 . 2015-11-02 01:14 799016 ----a-w- c:\windows\system32\MaxxAudioAPOShell.dll
2015-11-02 01:14 . 2015-11-02 01:14 522712 ----a-w- c:\windows\system32\MaxxAudioAPO30.dll
2015-11-02 01:14 . 2015-11-02 01:14 243864 ----a-w- c:\windows\system32\MaxxAudioAPO20.dll
2015-11-02 01:14 . 2015-11-02 01:14 2400320 ----a-w- c:\windows\system32\MaxxAudioAPO70.dll
2015-11-02 01:14 . 2015-11-02 01:14 1948808 ----a-w- c:\windows\system32\MaxxAudioEQ.dll
2015-11-02 01:14 . 2015-11-02 01:14 1180352 ----a-w- c:\windows\system32\MaxxAudioAPO60.dll
2015-11-02 01:14 . 2015-11-02 01:14 1028016 ----a-w- c:\windows\system32\MaxxAudioAPO50.dll
2015-11-02 01:14 . 2015-11-02 01:14 369792 ----a-w- c:\windows\system32\KAAPORT.dll
2015-11-02 01:14 . 2015-11-02 01:14 308072 ----a-w- c:\windows\system32\ICEsoundAPO.dll
2015-11-02 01:14 . 2015-11-02 01:14 302744 ----a-w- c:\windows\system32\HiFiDAX2API.dll
2015-11-02 01:14 . 2015-11-02 01:14 142328 ----a-w- c:\windows\system32\MaxxAudioAPO.dll
2015-11-02 01:14 . 2015-11-02 01:14 858264 ----a-w- c:\windows\system32\DolbyDAX2APOProp.dll
2015-11-02 01:14 . 2015-11-02 01:14 669592 ----a-w- c:\windows\system32\DTSBassEnhancementDLL.dll
2015-11-02 01:14 . 2015-11-02 01:14 645824 ----a-w- c:\windows\system32\DTSSymmetryDLL.dll
2015-11-02 01:14 . 2015-11-02 01:14 615880 ----a-w- c:\windows\system32\DTSVoiceClarityDLL.dll
2015-11-02 01:14 . 2015-11-02 01:14 471296 ----a-w- c:\windows\system32\DTSNeoPCDLL.dll
2015-11-02 01:14 . 2015-11-02 01:14 439608 ----a-w- c:\windows\system32\DTSU2PLFX32.dll
2015-11-02 01:14 . 2015-11-02 01:14 4236168 ----a-w- c:\windows\system32\DolbyDAX2APOv211.dll
2015-11-02 01:14 . 2015-11-02 01:14 415872 ----a-w- c:\windows\system32\DTSU2PGFX32.dll
2015-11-02 01:14 . 2015-11-02 01:14 402072 ----a-w- c:\windows\system32\DTSGainCompensatorDLL.dll
2015-11-02 01:14 . 2015-11-02 01:14 387632 ----a-w- c:\windows\system32\DTSLimiterDLL.dll
2015-11-02 01:14 . 2015-11-02 01:14 357992 ----a-w- c:\windows\system32\DTSU2PREC32.dll
2015-11-02 01:14 . 2015-11-02 01:14 2895632 ----a-w- c:\windows\system32\FMAPO.dll
2015-11-02 01:14 . 2015-11-02 01:14 229592 ----a-w- c:\windows\system32\DTSGFXAPONS.dll
2015-11-02 01:14 . 2015-11-02 01:14 229584 ----a-w- c:\windows\system32\DTSGFXAPO.dll
2015-11-02 01:14 . 2015-11-02 01:14 229040 ----a-w- c:\windows\system32\DTSLFXAPO.dll
2015-11-02 01:14 . 2015-11-02 01:14 1816352 ----a-w- c:\windows\system32\DolbyDAX2APOv201.dll
2015-11-02 01:14 . 2015-11-02 01:14 1531680 ----a-w- c:\windows\system32\DTSS2SpeakerDLL.dll
2015-11-02 01:14 . 2015-11-02 01:14 1313120 ----a-w- c:\windows\system32\DTSS2HeadphoneDLL.dll
2015-11-02 01:14 . 2015-11-02 01:14 1239808 ----a-w- c:\windows\system32\DTSBoostDLL.dll
2015-11-02 01:14 . 2015-11-02 01:14 96608 ----a-w- c:\windows\system32\audioLibVc.dll
2015-11-02 01:14 . 2015-11-02 01:14 7053696 ----a-w- c:\windows\system32\DDPP32A.dll
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ IDM Shell Extension]
@="{CDC95B92-E27C-4745-A8C5-64A52A78855D}"
[HKEY_CLASSES_ROOT\CLSID\{CDC95B92-E27C-4745-A8C5-64A52A78855D}]
2015-08-14 10:52 23520 ----a-w- c:\program files\Internet Download Manager\IDMShellExt.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IDMan"="c:\program files\Internet Download Manager\IDMan.exe" [2015-08-29 3907152]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner.exe" [2015-08-19 6490904]
"Advanced SystemCare 8"="c:\program files\IObit\Advanced SystemCare 8\ASCTray.exe" [2015-04-08 2429728]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2015-07-08 5089480]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI.exe" [2015-11-02 7745792]
"NvBackend"="c:\program files\NVIDIA Corporation\Update Core\NvBackend.exe" [2015-10-13 2585744]
"ShadowPlay"="c:\windows\system32\nvspcap.dll" [2015-10-13 1278920]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2015-11-09 596528]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
R2 LiveUpdateSvc;LiveUpdate;c:\program files\IObit\LiveUpdate\LiveUpdate.exe [2015-08-27 2909472]
R3 cpuz134;cpuz134;c:\users\FOUAD\AppData\Local\Temp\cpuz134\cpuz134_x32.sys [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [2014-01-22 88576]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-20 62464]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys [2015-10-05 51928]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 14848]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [2014-01-22 184192]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [2010-11-20 77184]
R3 taphss6;Anchorfree HSS VPN Adapter;c:\windows\system32\DRIVERS\taphss6.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [2012-08-23 24064]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2013-10-02 49152]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 27136]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [2010-11-20 112640]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R4 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe [2009-07-14 20992]
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [2015-07-14 60552]
S0 SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.sys [2014-06-04 18624]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2015-07-14 202704]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2015-07-14 144536]
S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys [2015-07-14 46656]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\system32\drivers\HWiNFO32.SYS [2015-11-02 23840]
S2 AdvancedSystemCareService8;Advanced SystemCare Service 8;c:\program files\IObit\Advanced SystemCare 8\ASCService.exe [2015-04-03 814880]
S2 ekbdflt;ekbdflt;c:\windows\system32\DRIVERS\ekbdflt.sys [2015-10-07 111040]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [2015-07-08 1353720]
S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-10-13 915600]
S2 IDMWFP;IDMWFP;c:\windows\system32\DRIVERS\idmwfp.sys [2015-06-12 123968]
S2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes Anti-Malware\mbamscheduler.exe [2015-03-17 1871160]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes Anti-Malware\mbamservice.exe [2015-03-17 1080120]
S2 NvNetworkService;NVIDIA Network Service;c:\program files\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-10-13 1706128]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2015-10-13 19775632]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2015-10-13 416432]
S3 CX88VID;Conexant 2388x AvStream Video Capture;c:\windows\system32\drivers\cxavsvid.sys [2015-06-08 301104]
S3 ISCT;Intel(R) Smart Connect Technology Device Driver;c:\windows\system32\DRIVERS\ISCTD.sys [2015-06-08 37576]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2015-10-05 23256]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys [2015-12-22 119512]
S3 MEI;Intel(R) Management Engine Interface ;c:\windows\system32\DRIVERS\TeeDriver.sys [2015-11-02 155424]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-10-13 18576]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad32v.sys [2015-10-13 32912]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2015-11-02 730352]
.
.
--- Autres Services/Pilotes en mémoire ---
.
*NewlyCreated* - MBAMSWISSARMY
*NewlyCreated* - NVSTREAMKMS
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
utcsvc REG_MULTI_SZ DiagTrack
.
Contenu du dossier 'Tâches planifiées'
.
2015-12-22 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-27 12:02]
.
.
------- Examen supplémentaire -------
.
IE: Télécharger avec IDM - c:\program files\Internet Download Manager\IEExt.htm
IE: Télécharger tous les liens avec Internet Download Manager - c:\program files\Internet Download Manager\IEGetAll.htm
Trusted Zone: eset.com\help
TCP: Interfaces\{4DDF5117-AC54-48CA-9B0C-CF6A5514A669}: NameServer = 4.2.2.1,4.2.2.2
FF - ProfilePath - c:\users\FOUAD\AppData\Roaming\Mozilla\Firefox\Profiles\2zejm0ob.default\
FF - prefs.js: browser.startup.homepage - hxxps://www.google.fr/
.
- - - - ORPHELINS SUPPRIMES - - - -
.
SafeBoot-PAexec
.
.
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_USERS\S-1-5-21-4156392896-52595080-1808438423-1000_Classes\CLSID\{2230a7ce-ef5f-4895-9787-70cf84e49120}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"Model"=dword:00000134
"Therad"=dword:0000000f
.
[HKEY_USERS\S-1-5-21-4156392896-52595080-1808438423-1000_Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"scansk"=hex(0):f0,f7,30,e5,e3,0f,7d,28,6a,e8,66,c8,fd,d6,6b,15,e7,02,3d,e9,8a,
7c,d1,9b,75,5a,34,d5,bc,c3,16,bb,67,22,80,58,dc,de,cf,59,00,00,00,00,00,00,\
.
[HKEY_USERS\S-1-5-21-4156392896-52595080-1808438423-1000_Classes\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):7d,28,ac,64,1b,29,4c,d7,d5,a9,f3,ee,a6,d8,bc,8c,aa,d5,cb,94,a0,
53,1f,96,94,2a,0e,17,c2,04,95,ee,e0,b6,51,78,13,02,89,a4,00,00,00,00,00,00,\
.
[HKEY_USERS\S-1-5-21-4156392896-52595080-1808438423-1000_Classes\CLSID\{f9bade4b-71f5-49cf-a2c5-d623aab9a67c}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"Model"=dword:00000109
"Therad"=dword:0000001d
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_20_0_0_228_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_20_0_0_228_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Autres processus actifs ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\program files\NVIDIA Corporation\Display\nvxdsync.exe
c:\windows\system32\nvvsvc.exe
c:\windows\system32\taskhost.exe
c:\program files\IObit\Advanced SystemCare 8\Monitor.exe
c:\windows\system32\conhost.exe
c:\program files\NVIDIA Corporation\Display\nvtray.exe
c:\program files\Internet Download Manager\IEMonitor.exe
c:\windows\system32\conhost.exe
c:\windows\system32\conhost.exe
c:\program files\Malwarebytes Anti-Malware\mbam.exe
c:\windows\system32\wbem\unsecapp.exe
c:\windows\servicing\TrustedInstaller.exe
c:\windows\system32\sppsvc.exe
c:\program files\Windows Media Player\wmpnetwk.exe
.
**************************************************************************
.
Heure de fin: 2015-12-23 00:29:19 - La machine a redémarré
ComboFix-quarantined-files.txt 2015-12-22 23:29
.
Avant-CF: 21 668 823 040 octets libres
Après-CF: 21 328 035 840 octets libres
.
- - End Of File - - 938730E839D75ABA2976E47FD261A226
A36C5E4F47E84449FF07ED3517B43A31

Publicité


Signaler le contenu de ce document

Publicité