cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

ComboFix 16-01-22.01 - Joachim 23/01/2016 13:36:48.3.8 - x64
Microsoft Windows 7 Édition Familiale Premium 6.1.7601.1.1252.33.1036.18.8134.5573 [GMT 1:00]
Lancé depuis: c:\users\Joachim\Desktop\ComboFix.exe
Commutateurs utilisés :: c:\users\Joachim\Downloads\CFScript.txt
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Un nouveau point de restauration a été créé
.
FILE ::
"c:\windows\system32\drivers\bsdriver.sys"
"c:\windows\system32\drivers\cherimoya.sys"
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\drivers\bsdriver.sys
c:\windows\system32\drivers\cherimoya.sys
.
.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_BSDRIVER
-------\Service_bsdriver
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2015-12-23 au 2016-01-23 ))))))))))))))))))))))))))))))))))))
.
.
2016-01-23 12:47 . 2016-01-23 12:47 -------- d-----w- c:\users\Default\AppData\Local\temp
2016-01-23 11:51 . 2016-01-23 11:51 -------- d-----w- c:\users\Joachim\AppData\Local\Adobe
2016-01-23 00:00 . 2015-09-08 07:00 4162560 ----a-w- C:\athrx.sys
2016-01-23 00:00 . 2015-09-08 07:00 3356672 ----a-w- C:\athr.sys
2016-01-22 23:57 . 2015-08-13 01:06 502256 ----a-w- c:\windows\system32\drivers\e1d62x64.sys
2016-01-22 23:57 . 2015-06-17 00:28 90608 ----a-w- c:\windows\system32\NicInstD.dll
2016-01-22 23:57 . 2014-04-19 02:18 73512 ----a-w- c:\windows\system32\e1dmsg.dll
2016-01-22 23:57 . 2014-04-18 12:17 125728 ----a-w- c:\windows\system32\NicCo4.dll
2016-01-22 23:41 . 2016-01-23 11:45 -------- d-----w- c:\users\Joachim\AppData\Roaming\TP-LINK
2016-01-22 23:41 . 2016-01-22 23:41 -------- d-----w- c:\program files (x86)\TP-LINK
2016-01-22 22:55 . 2016-01-22 22:55 -------- d-----w- C:\RegBackup
2016-01-22 22:44 . 2016-01-23 11:25 -------- d-----w- c:\users\Joachim\AppData\Roaming\ZHP
2016-01-22 22:18 . 2016-01-22 22:18 -------- d-----w- c:\windows\system32\bib
2016-01-22 22:18 . 2016-01-22 22:18 -------- d-----w- c:\users\Joachim\AppData\Local\Tempfolder
2016-01-22 22:18 . 2016-01-22 22:18 -------- d-----w- c:\users\Joachim\AppData\Roaming\LhoboAjoni
2016-01-22 22:17 . 2016-01-22 22:17 -------- d-----w- C:\uninst
2016-01-22 22:17 . 2016-01-22 22:17 -------- d-----w- c:\program files (x86)\TData
2016-01-22 22:10 . 2016-01-22 22:10 -------- d-----w- c:\users\Joachim\AppData\Local\converter
2016-01-22 22:09 . 2016-01-22 22:09 -------- d-----w- c:\users\Joachim\AppData\Local\Movavi
2016-01-22 22:09 . 2016-01-22 22:09 -------- d-----w- c:\users\Joachim\AppData\Local\Suite
2016-01-22 22:07 . 2016-01-22 22:10 -------- d-----w- c:\program files (x86)\Movavi Video Suite 15
2016-01-22 22:07 . 2016-01-22 22:07 -------- d-----w- c:\programdata\Movavi Video Suite 15
2016-01-14 23:02 . 2016-01-14 23:02 -------- d-----w- c:\users\Joachim\.dnx
2016-01-14 22:54 . 2016-01-14 22:54 -------- d-----w- c:\programdata\ATI
2016-01-14 22:50 . 2016-01-14 22:50 -------- d-----w- c:\program files (x86)\AMD
2016-01-13 19:23 . 2015-11-13 23:09 91648 ----a-w- c:\windows\system32\mapistub.dll
2016-01-13 19:23 . 2015-11-13 23:09 91648 ----a-w- c:\windows\system32\mapi32.dll
2016-01-13 19:23 . 2015-11-13 23:08 17920 ----a-w- c:\windows\system32\fixmapi.exe
2016-01-13 19:23 . 2015-11-13 22:50 76800 ----a-w- c:\windows\SysWow64\mapistub.dll
2016-01-13 19:23 . 2015-11-13 22:49 14336 ----a-w- c:\windows\SysWow64\fixmapi.exe
2016-01-13 19:23 . 2015-12-11 18:57 1164800 ----a-w- c:\windows\system32\aeinv.dll
2016-01-13 19:23 . 2015-12-08 19:07 624640 ----a-w- c:\windows\system32\qedit.dll
2016-01-13 19:23 . 2015-12-08 21:53 509952 ----a-w- c:\windows\SysWow64\qedit.dll
2016-01-13 19:21 . 2015-12-08 17:58 3211264 ----a-w- c:\windows\system32\win32k.sys
2016-01-12 23:21 . 2015-12-08 21:53 641536 ----a-w- c:\windows\SysWow64\advapi32.dll
2016-01-12 23:21 . 2015-12-08 19:07 879104 ----a-w- c:\windows\system32\advapi32.dll
2016-01-12 23:21 . 2015-11-17 01:11 25024 ----a-w- c:\windows\system32\CompatTelRunner.exe
2016-01-12 23:21 . 2015-11-17 01:08 705536 ----a-w- c:\windows\system32\invagent.dll
2016-01-12 23:21 . 2015-11-17 01:08 792064 ----a-w- c:\windows\system32\generaltel.dll
2016-01-12 23:21 . 2015-11-17 01:08 505856 ----a-w- c:\windows\system32\devinv.dll
2016-01-12 23:21 . 2015-11-17 01:08 76800 ----a-w- c:\windows\system32\acmigration.dll
2016-01-12 23:21 . 2015-11-17 01:08 1381376 ----a-w- c:\windows\system32\appraiser.dll
2016-01-12 23:21 . 2015-11-16 20:17 210432 ----a-w- c:\windows\system32\aepic.dll
2016-01-12 23:21 . 2015-12-08 21:52 312320 ----a-w- c:\windows\SysWow64\gdi32.dll
2016-01-12 23:21 . 2015-12-08 19:07 405504 ----a-w- c:\windows\system32\gdi32.dll
2016-01-04 20:01 . 2016-01-04 23:50 -------- d-----w- c:\program files (x86)\adslTV
2016-01-02 00:37 . 2016-01-02 00:37 -------- d-----w- c:\program files (x86)\Cheat Engine 6.3
2016-01-02 00:14 . 2016-01-06 21:27 -------- d-----w- c:\program files (x86)\Euro Truck Simulator 2 Multiplayer
2015-12-27 22:12 . 2015-12-27 22:12 -------- d-----w- c:\users\Joachim\AppData\Roaming\OpenOffice
2015-12-27 22:02 . 2015-12-27 22:03 -------- d-----w- c:\program files (x86)\OpenOffice 4
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-01-23 12:47 . 2015-11-02 10:02 65536 ----a-w- c:\windows\system32\spu_storage.bin
2015-12-30 18:41 . 2016-01-12 23:20 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2015-12-30 18:41 . 2016-01-12 23:20 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2015-12-30 18:41 . 2016-01-12 23:20 665088 ----a-w- c:\windows\SysWow64\rpcrt4.dll
2015-12-30 18:41 . 2016-01-12 23:20 171520 ----a-w- c:\windows\SysWow64\wdigest.dll
2015-12-30 18:41 . 2016-01-12 23:20 65536 ----a-w- c:\windows\SysWow64\TSpkg.dll
2015-12-30 18:41 . 2016-01-12 23:20 43008 ----a-w- c:\windows\SysWow64\srclient.dll
2015-12-30 18:40 . 2016-01-12 23:20 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2015-12-30 18:40 . 2016-01-12 23:20 251392 ----a-w- c:\windows\SysWow64\schannel.dll
2015-12-30 18:37 . 2016-01-12 23:20 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2015-12-30 17:32 . 2016-01-12 23:20 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2015-12-30 17:32 . 2016-01-12 23:20 2048 ----a-w- c:\windows\SysWow64\user.exe
2015-12-17 19:08 . 2015-12-17 19:08 144 ----a-w- c:\windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2015-12-12 17:37 . 2016-01-13 19:21 496640 ----a-w- c:\windows\SysWow64\vbscript.dll
2015-12-12 16:41 . 2016-01-13 19:21 2011136 ----a-w- c:\windows\SysWow64\wininet.dll
2015-12-08 21:54 . 2016-01-13 19:22 1620992 ----a-w- c:\windows\SysWow64\WMVDECOD.DLL
2015-12-08 21:54 . 2016-01-13 19:22 902144 ----a-w- c:\windows\SysWow64\WMADMOD.DLL
2015-12-08 21:54 . 2016-01-13 19:22 739328 ----a-w- c:\windows\SysWow64\WMSPDMOD.DLL
2015-12-08 21:54 . 2016-01-13 19:22 815616 ----a-w- c:\windows\SysWow64\WMADMOE.DLL
2015-12-08 21:54 . 2016-01-13 19:22 541184 ----a-w- c:\windows\SysWow64\WMVSDECD.DLL
2015-12-08 21:54 . 2016-01-13 19:22 740352 ----a-w- c:\windows\SysWow64\wmpmde.dll
2015-12-08 21:54 . 2016-01-13 19:22 1568768 ----a-w- c:\windows\SysWow64\WMVENCOD.DLL
2015-12-08 21:54 . 2016-01-13 19:22 665088 ----a-w- c:\windows\SysWow64\WMVXENCD.DLL
2015-12-08 21:54 . 2016-01-13 19:22 358400 ----a-w- c:\windows\SysWow64\WMVSENCD.DLL
2015-12-08 21:54 . 2016-01-13 19:22 1325056 ----a-w- c:\windows\SysWow64\WMSPDMOE.DLL
2015-12-08 21:54 . 2016-01-13 19:22 154112 ----a-w- c:\windows\SysWow64\VIDRESZR.DLL
2015-12-08 21:53 . 2016-01-13 19:22 50176 ----a-w- c:\windows\SysWow64\rrinstaller.exe
2015-12-08 19:07 . 2009-07-14 00:22 1393152 ----a-w- c:\windows\system32\WMALFXGFXDSP.dll
2015-12-05 02:19 . 2015-12-05 02:19 432864 ----a-w- c:\programdata\Microsoft\Blend\14.0\1036\ResourceCache.dll
2015-12-05 02:19 . 2015-12-05 02:19 1831840 ----a-w- c:\programdata\Microsoft\VisualStudio\14.0\1036\ResourceCache.dll
2015-11-20 18:54 . 2015-12-08 19:15 98816 ----a-w- c:\windows\system32\wudriver.dll
2015-11-20 18:54 . 2015-12-08 19:15 37888 ----a-w- c:\windows\system32\wups2.dll
2015-11-20 18:54 . 2015-12-08 19:15 36864 ----a-w- c:\windows\system32\wups.dll
2015-11-20 18:54 . 2015-12-08 19:15 3170304 ----a-w- c:\windows\system32\wucltux.dll
2015-11-20 18:54 . 2015-12-08 19:15 2609152 ----a-w- c:\windows\system32\wuaueng.dll
2015-11-20 18:54 . 2015-12-08 19:15 192512 ----a-w- c:\windows\system32\wuwebv.dll
2015-11-20 18:54 . 2015-12-08 19:15 709632 ----a-w- c:\windows\system32\wuapi.dll
2015-11-20 18:54 . 2015-12-08 19:15 91136 ----a-w- c:\windows\system32\WinSetupUI.dll
2015-11-20 18:54 . 2015-12-08 19:15 12288 ----a-w- c:\windows\system32\wu.upgrade.ps.dll
2015-11-20 18:54 . 2015-12-08 19:15 37888 ----a-w- c:\windows\system32\wuapp.exe
2015-11-20 18:54 . 2015-12-08 19:15 140288 ----a-w- c:\windows\system32\wuauclt.exe
2015-11-20 18:34 . 2015-12-08 19:15 93696 ----a-w- c:\windows\SysWow64\wudriver.dll
2015-11-20 18:34 . 2015-12-08 19:15 30208 ----a-w- c:\windows\SysWow64\wups.dll
2015-11-20 18:34 . 2015-12-08 19:15 174080 ----a-w- c:\windows\SysWow64\wuwebv.dll
2015-11-20 18:34 . 2015-12-08 19:15 573440 ----a-w- c:\windows\SysWow64\wuapi.dll
2015-11-20 18:33 . 2015-12-08 19:15 35328 ----a-w- c:\windows\SysWow64\wuapp.exe
2015-11-20 09:03 . 2015-11-20 09:03 12357200 ----a-w- c:\programdata\Microsoft\VisualStudioSecondaryInstaller\14.0\installers\TypeScriptV5\en\0\TypeScript_Full.exe
2015-11-19 20:31 . 2015-11-19 20:31 222376 ----a-w- c:\windows\SysWow64\VSPerf140.dll
2015-11-19 20:31 . 2015-11-19 20:31 19136 ----a-w- c:\programdata\Microsoft\Phone Tools\CoreCon\12.0\SDKFilesVer.dll
2015-11-19 20:31 . 2015-11-19 20:31 19136 ----a-w- c:\programdata\Microsoft\Phone Tools\CoreCon\12.0\addons\NonSDKAddonVer.dll
2015-11-19 20:31 . 2015-11-19 20:31 19136 ----a-w- c:\programdata\Microsoft\Phone Tools\CoreCon\12.0\3082\NonSDKAddonLangVer.dll
2015-11-19 20:31 . 2015-11-19 20:31 19136 ----a-w- c:\programdata\Microsoft\Phone Tools\CoreCon\12.0\2052\NonSDKAddonLangVer.dll
2015-11-19 20:31 . 2015-11-19 20:31 19136 ----a-w- c:\programdata\Microsoft\Phone Tools\CoreCon\12.0\1049\NonSDKAddonLangVer.dll
2015-11-19 20:31 . 2015-11-19 20:31 19136 ----a-w- c:\programdata\Microsoft\Phone Tools\CoreCon\12.0\1042\NonSDKAddonLangVer.dll
2015-11-19 20:31 . 2015-11-19 20:31 19136 ----a-w- c:\programdata\Microsoft\Phone Tools\CoreCon\12.0\1041\NonSDKAddonLangVer.dll
2015-11-19 20:31 . 2015-11-19 20:31 19136 ----a-w- c:\programdata\Microsoft\Phone Tools\CoreCon\12.0\1040\NonSDKAddonLangVer.dll
2015-11-19 20:31 . 2015-11-19 20:31 19136 ----a-w- c:\programdata\Microsoft\Phone Tools\CoreCon\12.0\1036\NonSDKAddonLangVer.dll
2015-11-19 20:31 . 2015-11-19 20:31 19136 ----a-w- c:\programdata\Microsoft\Phone Tools\CoreCon\12.0\1033\NonSDKAddonLangVer.dll
2015-11-19 20:31 . 2015-11-19 20:31 19136 ----a-w- c:\programdata\Microsoft\Phone Tools\CoreCon\12.0\1031\NonSDKAddonLangVer.dll
2015-11-19 20:31 . 2015-11-19 20:31 19136 ----a-w- c:\programdata\Microsoft\Phone Tools\CoreCon\12.0\1028\NonSDKAddonLangVer.dll
2015-11-19 20:31 . 2015-11-19 20:31 1825984 ----a-w- c:\windows\SysWow64\VsGraphicsHelper.dll
2015-11-19 19:02 . 2015-11-19 19:02 3189960 ----a-w- c:\windows\system32\VSGraphicsHelper.dll
2015-11-18 07:55 . 2015-11-18 07:55 107784 ----a-w- c:\windows\system32\amdave64.dll
2015-11-18 07:55 . 2015-11-18 07:55 100568 ----a-w- c:\windows\SysWow64\amdave32.dll
2015-11-18 07:55 . 2015-11-18 07:55 141792 ----a-w- c:\windows\system32\amdhcp64.dll
2015-11-18 07:55 . 2015-11-18 07:55 128384 ----a-w- c:\windows\SysWow64\amdhcp32.dll
2015-11-18 07:55 . 2015-11-18 07:55 78432 ----a-w- c:\windows\system32\atimpc64.dll
2015-11-18 07:55 . 2015-11-18 07:55 78432 ----a-w- c:\windows\system32\amdpcom64.dll
2015-11-18 07:55 . 2015-11-18 07:55 71704 ----a-w- c:\windows\SysWow64\atimpc32.dll
2015-11-18 07:55 . 2015-11-18 07:55 71704 ----a-w- c:\windows\SysWow64\amdpcom32.dll
2015-11-18 07:55 . 2015-08-28 03:04 152056 ----a-w- c:\windows\system32\atiuxp64.dll
2015-11-18 07:55 . 2015-11-18 07:55 133016 ----a-w- c:\windows\SysWow64\atiuxpag.dll
2015-11-18 07:55 . 2015-11-18 07:55 120656 ----a-w- c:\windows\system32\atiu9p64.dll
2015-11-18 07:55 . 2015-11-18 07:55 102616 ----a-w- c:\windows\SysWow64\atiu9pag.dll
2015-11-18 07:55 . 2015-08-28 03:04 1479768 ----a-w- c:\windows\system32\aticfx64.dll
2015-11-18 07:55 . 2015-11-18 07:55 1217576 ----a-w- c:\windows\SysWow64\aticfx32.dll
2015-11-18 07:54 . 2015-08-28 03:04 12101120 ----a-w- c:\windows\system32\atidxx64.dll
2015-11-18 07:54 . 2015-11-18 07:54 10226528 ----a-w- c:\windows\SysWow64\atidxx32.dll
2015-11-18 07:54 . 2015-11-18 07:54 7931152 ----a-w- c:\windows\SysWow64\atiumdva.dll
2015-11-18 07:54 . 2015-11-18 07:54 7408936 ----a-w- c:\windows\SysWow64\atiumdag.dll
2015-11-18 07:54 . 2015-11-18 07:54 8895768 ----a-w- c:\windows\system32\atiumd6a.dll
2015-11-18 07:54 . 2015-11-18 07:54 8779872 ----a-w- c:\windows\system32\atiumd64.dll
2015-11-18 07:52 . 2015-11-18 07:52 297672 ----a-w- c:\windows\system32\drivers\amdacpksd.sys
2015-11-18 07:49 . 2015-11-18 07:49 21661696 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2015-11-18 07:44 . 2015-11-18 07:44 235008 ----a-w- c:\windows\system32\clinfo.exe
2015-11-18 07:44 . 2015-11-18 07:44 995342 ----a-w- c:\windows\SysWow64\amdocl_as32.exe
2015-11-18 07:44 . 2015-11-18 07:44 798734 ----a-w- c:\windows\SysWow64\amdocl_ld32.exe
2015-11-18 07:44 . 2015-11-18 07:44 47785472 ----a-w- c:\windows\system32\amdocl64.dll
2015-11-18 07:44 . 2015-11-18 07:44 1187342 ----a-w- c:\windows\system32\amdocl_as64.exe
2015-11-18 07:44 . 2015-11-18 07:44 1061902 ----a-w- c:\windows\system32\amdocl_ld64.exe
2015-11-18 07:43 . 2015-11-18 07:43 39712768 ----a-w- c:\windows\SysWow64\amdocl.dll
2015-11-18 07:42 . 2015-11-18 07:42 65024 ----a-w- c:\windows\system32\OpenCL.dll
2015-11-18 07:42 . 2015-11-18 07:42 59392 ----a-w- c:\windows\SysWow64\OpenCL.dll
2015-11-18 07:40 . 2015-11-18 07:40 27535872 ----a-w- c:\windows\system32\amdocl12cl64.dll
2015-11-18 07:40 . 2015-11-18 07:40 22318592 ----a-w- c:\windows\SysWow64\amdocl12cl.dll
2015-11-18 07:20 . 2015-11-18 07:20 675328 ----a-w- c:\windows\system32\amdlvr64.dll
2015-11-18 07:19 . 2015-11-18 07:19 560640 ----a-w- c:\windows\SysWow64\amdlvr32.dll
2015-11-18 07:19 . 2015-11-18 07:19 127488 ----a-w- c:\windows\system32\mantle64.dll
2015-11-18 07:19 . 2015-11-18 07:19 113664 ----a-w- c:\windows\SysWow64\mantle32.dll
2015-11-18 07:19 . 2015-11-18 07:19 6728192 ----a-w- c:\windows\system32\amdmantle64.dll
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\program files (x86)\Steam\steam.exe" [2015-12-14 3013712]
"OneSwarm"="c:\program files (x86)\OneSwarm\OneSwarm.exe" [2011-05-23 510976]
"DAEMON Tools Lite Automount"="c:\program files\DAEMON Tools Lite\DTAgent.exe" [2015-06-18 4468056]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2015-10-19 8551848]
"AlcoholAutomount"="c:\program files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" [2015-03-12 39376]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2014-08-25 293872]
"StartCCC"="c:\program files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" [2015-11-18 767176]
"Razer Synapse"="c:\program files (x86)\Razer\Synapse\RzSynapse.exe" [2015-09-29 592704]
"Raptr"="c:\program files (x86)\Raptr\raptrstub.exe" [2015-12-11 56080]
"Live Update"="c:\program files (x86)\MSI\Live Update\Live Update.exe" [2015-10-07 11324368]
"EaseUS EPM tray"="c:\program files (x86)\EaseUS\EaseUS Partition Master 10.8\bin\EpmNews.exe" [2015-09-16 2089056]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
TP-LINK Wireless Configuration Utility.lnk - c:\program files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe -nogui [2016-1-23 846848]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
R2 AxAutoMntSrv;Alcohol Virtual Drive Auto-mount Service;c:\program files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe;c:\program files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service;c:\windows\system32\igfxCUIService.exe;c:\windows\SYSNATIVE\igfxCUIService.exe [x]
R3 cpuz137;cpuz137;c:\users\Joachim\AppData\Local\Temp\cpuz137\cpuz137_x64.sys;c:\users\Joachim\AppData\Local\Temp\cpuz137\cpuz137_x64.sys [x]
R3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys;c:\windows\SYSNATIVE\epmntdrv.sys [x]
R3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys;c:\windows\SYSNATIVE\EuGdiDrv.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 IntcDAud;Son Intel(R) pour écrans;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
R3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\SocketHeciServer.exe;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [x]
R3 MSICDSetup;MSICDSetup;d:\cdriver64.sys;d:\CDriver64.sys [x]
R3 NTIOLib_1_0_C;NTIOLib_1_0_C;d:\ntiolib_x64.sys;d:\NTIOLib_X64.sys [x]
R3 RTCore64;RTCore64;c:\program files (x86)\MSI Afterburner\RTCore64.sys;c:\program files (x86)\MSI Afterburner\RTCore64.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 VSStandardCollectorService140;Visual Studio Standard Collector Service;c:\program files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe;c:\program files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [x]
R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 TunngleService;TunngleService;c:\program files (x86)\Tunngle\TnglCtrl.exe;c:\program files (x86)\Tunngle\TnglCtrl.exe [x]
S0 iaStorA;iaStorA;c:\windows\system32\DRIVERS\iaStorA.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorA.sys [x]
S0 iaStorF;iaStorF;c:\windows\system32\DRIVERS\iaStorF.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorF.sys [x]
S0 iusb3hcs;Pilote de commutateur de contrôleur d'hôte Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 amdacpksd;ACP Kernel Service Driver;c:\windows\system32\drivers\amdacpksd.sys;c:\windows\SYSNATIVE\drivers\amdacpksd.sys [x]
S2 amdacpusrsvc;ACP User Service;c:\program files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe;c:\program files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [x]
S2 asComSvc;ASUS Com Service;c:\program files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe;c:\program files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [x]
S2 AsSysCtrlService;ASUS System Control Service;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;c:\windows\system32\IProsetMonitor.exe;c:\windows\SYSNATIVE\IProsetMonitor.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 MSI_LiveUpdate_Service;MSI_LiveUpdate_Service;c:\program files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe;c:\program files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [x]
S2 RadeonPro Support Service;RadeonPro Support Service;c:\program files (x86)\RadeonPro\RadeonProSupport.exe;c:\program files (x86)\RadeonPro\RadeonProSupport.exe [x]
S2 Razer Chroma SDK Service;Razer Chroma SDK Service;c:\program files (x86)\Razer Chroma SDK\bin\RzSDKService.exe;c:\program files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [x]
S2 Razer Game Scanner Service;Razer Game Scanner;c:\program files (x86)\Razer\Razer Services\GSS\GameScannerService.exe;c:\program files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [x]
S2 rzpmgrk;rzpmgrk;c:\windows\system32\drivers\rzpmgrk.sys;c:\windows\SYSNATIVE\drivers\rzpmgrk.sys [x]
S2 rzpnk;rzpnk;c:\windows\system32\drivers\rzpnk.sys;c:\windows\SYSNATIVE\drivers\rzpnk.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service;c:\program files\DAEMON Tools Lite\DiscSoftBusService.exe;c:\program files\DAEMON Tools Lite\DiscSoftBusService.exe [x]
S3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus;c:\windows\system32\DRIVERS\dtlitescsibus.sys;c:\windows\SYSNATIVE\DRIVERS\dtlitescsibus.sys [x]
S3 e1dexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver D;c:\windows\system32\DRIVERS\e1d62x64.sys;c:\windows\SYSNATIVE\DRIVERS\e1d62x64.sys [x]
S3 iusb3hub;Pilote de concentrateur Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Pilote du contrôleur d'hôte extensible Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 rzendpt;rzendpt;c:\windows\system32\DRIVERS\rzendpt.sys;c:\windows\SYSNATIVE\DRIVERS\rzendpt.sys [x]
S3 rzudd;Razer Keyboard Driver;c:\windows\system32\DRIVERS\rzudd.sys;c:\windows\SYSNATIVE\DRIVERS\rzudd.sys [x]
S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\DRIVERS\tap0901t.sys;c:\windows\SYSNATIVE\DRIVERS\tap0901t.sys [x]
S4 IOMap;IOMap;c:\windows\system32\drivers\IOMap64.sys;c:\windows\SYSNATIVE\drivers\IOMap64.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2016-01-15 01:07 1006920 ----a-w- c:\program files (x86)\Google\Chrome\Application\47.0.2526.111\Installer\chrmstp.exe
.
Contenu du dossier 'Tâches planifiées'
.
2016-01-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2015-11-01 18:51]
.
2016-01-23 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2015-11-01 18:51]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sound+"="c:\program files\Sound+\Sound+.exe" [BU]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2014-09-02 7636696]
"IAStorIcon"="c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" [2014-05-28 36352]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [BU]
.
------- Examen supplémentaire -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
mDefault_Search_URL = hxxp://www.google.com
mDefault_Page_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mSearch Page = hxxp://www.google.com
TCP: DhcpNameServer = 192.168.0.254
FF - ProfilePath - c:\users\Joachim\AppData\Roaming\Mozilla\Firefox\Profiles\xclcfvsu.default\
.
- - - - ORPHELINS SUPPRIMES - - - -
.
Wow6432Node-HKLM-Run- - (no file)
AddRemove-{8048A5DF-8A70-5BE1-954B-E0FDE1BD0D0D} - c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe
.
.
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_USERS\S-1-5-21-2771695186-3722811097-3333097191-1000\Software\SecuROM\License information*]
@Allowed: (Read) (RestrictedCode)
"datasecu"=hex:a4,9e,de,16,0f,f6,41,dc,87,dc,87,76,83,76,53,98,27,1a,6d,cc,f8,
d1,f8,6a,1f,97,d5,80,e4,c3,53,2d,ff,8e,f9,3c,1b,e3,08,d5,c1,7f,bf,49,f3,ba,\
"rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Autres processus actifs ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
c:\progra~2\Raptr\raptr.exe
c:\progra~2\Raptr\raptr_im.exe
c:\program files (x86)\Steam\bin\steamwebhelper.exe
c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
c:\programdata\Razer\Synapse\RzStats\RzStats.Manager.exe
c:\program files (x86)\Razer\InGameEngine\32bit\RazerIngameEngine.exe
c:\users\Joachim\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\RzCefRenderProcess.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Heure de fin: 2016-01-23 13:58:33 - La machine a redémarré
ComboFix-quarantined-files.txt 2016-01-23 12:58
ComboFix2.txt 2016-01-23 10:20
ComboFix3.txt 2016-01-22 23:33
.
Avant-CF: 88 241 270 784 octets libres
Après-CF: 87 573 798 912 octets libres
.
- - End Of File - - 493421C748B6FF35B905EA811BC23307
5FB38429D5D77768867C76DCBDB35194

Publicité


Signaler le contenu de ce document

Publicité