cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

ComboFix 16-06-01.01 - Nicolas 19/06/2016 23:16:19.1.8 - x64
Microsoft Windows 7 Édition Familiale Premium 6.1.7601.1.1252.33.1036.18.8116.4729 [GMT 2:00]
Lancé depuis: c:\users\Nicolas\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
FW: avast! Antivirus *Disabled* {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Un nouveau point de restauration a été créé
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\esupport\eDriver\Software\ASUS\MultiFrame\XP32_Vista32_Vista64_Win7_32_Win7_64_1.0.0021\Desktop_.ini
c:\windows\SysWow64\DEBUG.log
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2016-05-19 au 2016-06-19 ))))))))))))))))))))))))))))))))))))
.
.
2016-06-19 21:36 . 2016-06-19 21:36 -------- d-----w- c:\users\Default\AppData\Local\temp
2016-06-18 12:14 . 2016-06-18 12:14 9717952 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2016-06-16 16:59 . 2016-06-17 07:55 -------- d-----w- C:\FRST
2016-06-16 14:35 . 2016-06-16 14:36 -------- d-----w- c:\program files (x86)\ZHPFix
2016-06-16 09:48 . 2016-06-16 15:41 -------- d-----w- c:\users\Nicolas\AppData\Roaming\ZHP
2016-06-15 06:47 . 2016-06-15 06:47 398152 ----a-w- c:\windows\system32\aswBoot.exe
2016-06-15 06:47 . 2016-06-15 06:47 52184 ----a-w- c:\windows\avastSS.scr
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-06-19 16:13 . 2014-08-08 16:41 45056 ----a-w- c:\windows\system32\acovcnt.exe
2016-06-18 12:14 . 2014-08-08 18:26 796352 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2016-06-18 12:14 . 2014-08-08 18:26 142528 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2016-06-15 11:09 . 2014-08-09 11:26 192216 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2016-06-15 06:47 . 2014-08-09 11:46 166432 ----a-w- c:\windows\system32\drivers\aswStm.sys
2016-06-15 06:47 . 2014-08-09 11:46 74544 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2016-06-15 06:47 . 2014-08-09 11:46 465792 ----a-w- c:\windows\system32\drivers\aswSP.sys
2016-06-15 06:47 . 2014-08-09 11:46 37656 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2016-06-15 06:47 . 2014-08-09 11:46 287528 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2016-06-15 06:47 . 2014-08-09 11:46 107792 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2016-06-15 06:47 . 2014-08-09 11:46 103064 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2016-06-15 06:46 . 2014-08-09 11:46 1070904 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2016-06-15 06:46 . 2016-03-23 12:49 37144 ----a-w- c:\windows\system32\drivers\aswKbd.sys
2016-05-17 11:43 . 2014-08-11 14:54 139319312 ----a-w- c:\windows\system32\MRT.exe
2016-04-23 17:08 . 2016-05-16 14:55 394960 ----a-w- c:\windows\system32\iedkcs32.dll
2016-04-23 05:25 . 2016-05-16 14:55 25816064 ----a-w- c:\windows\system32\mshtml.dll
2016-04-23 05:16 . 2016-05-16 14:55 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2016-04-23 05:16 . 2016-05-16 14:55 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2016-04-23 05:01 . 2016-05-16 14:55 66560 ----a-w- c:\windows\system32\iesetup.dll
2016-04-23 05:00 . 2016-05-16 14:55 48640 ----a-w- c:\windows\system32\ieetwproxystub.dll
2016-04-23 05:00 . 2016-05-16 14:55 417792 ----a-w- c:\windows\system32\html.iec
2016-04-23 05:00 . 2016-05-16 14:55 2893312 ----a-w- c:\windows\system32\iertutil.dll
2016-04-23 05:00 . 2016-05-16 14:55 571904 ----a-w- c:\windows\system32\vbscript.dll
2016-04-23 05:00 . 2016-05-16 14:55 88064 ----a-w- c:\windows\system32\MshtmlDac.dll
2016-04-23 04:52 . 2016-05-16 14:55 54784 ----a-w- c:\windows\system32\jsproxy.dll
2016-04-23 04:51 . 2016-05-16 14:55 34304 ----a-w- c:\windows\system32\iernonce.dll
2016-04-23 04:48 . 2016-05-16 14:55 615936 ----a-w- c:\windows\system32\ieui.dll
2016-04-23 04:47 . 2016-05-16 14:55 114688 ----a-w- c:\windows\system32\ieetwcollector.exe
2016-04-23 04:47 . 2016-05-16 14:55 144384 ----a-w- c:\windows\system32\ieUnatt.exe
2016-04-23 04:47 . 2016-05-16 14:55 814080 ----a-w- c:\windows\system32\jscript9diag.dll
2016-04-23 04:47 . 2016-05-16 14:55 817664 ----a-w- c:\windows\system32\jscript.dll
2016-04-23 04:46 . 2016-05-16 14:55 6052352 ----a-w- c:\windows\system32\jscript9.dll
2016-04-23 04:40 . 2016-05-16 14:55 968704 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2016-04-23 04:36 . 2016-05-16 14:55 489984 ----a-w- c:\windows\system32\dxtmsft.dll
2016-04-23 04:29 . 2016-05-16 14:55 77824 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2016-04-23 04:27 . 2016-05-16 14:55 107520 ----a-w- c:\windows\system32\inseng.dll
2016-04-23 04:25 . 2016-05-16 14:55 199680 ----a-w- c:\windows\system32\msrating.dll
2016-04-23 04:24 . 2016-05-16 14:55 92160 ----a-w- c:\windows\system32\mshtmled.dll
2016-04-23 04:21 . 2016-05-16 14:55 315392 ----a-w- c:\windows\system32\dxtrans.dll
2016-04-23 04:20 . 2016-05-16 14:55 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb
2016-04-23 04:20 . 2016-05-16 14:55 152064 ----a-w- c:\windows\system32\occache.dll
2016-04-23 04:09 . 2016-05-16 14:55 262144 ----a-w- c:\windows\system32\webcheck.dll
2016-04-23 04:08 . 2016-05-16 14:55 497152 ----a-w- c:\windows\SysWow64\vbscript.dll
2016-04-23 04:08 . 2016-05-16 14:55 62464 ----a-w- c:\windows\SysWow64\iesetup.dll
2016-04-23 04:08 . 2016-05-16 14:55 47616 ----a-w- c:\windows\SysWow64\ieetwproxystub.dll
2016-04-23 04:07 . 2016-05-16 14:55 341504 ----a-w- c:\windows\SysWow64\html.iec
2016-04-23 04:07 . 2016-05-16 14:55 725504 ----a-w- c:\windows\system32\ie4uinit.exe
2016-04-23 04:07 . 2016-05-16 14:55 64000 ----a-w- c:\windows\SysWow64\MshtmlDac.dll
2016-04-23 04:06 . 2016-05-16 14:55 806400 ----a-w- c:\windows\system32\msfeeds.dll
2016-04-23 04:06 . 2016-05-16 14:55 1359360 ----a-w- c:\windows\system32\mshtmlmedia.dll
2016-04-23 04:05 . 2016-05-16 14:55 2131968 ----a-w- c:\windows\system32\inetcpl.cpl
2016-04-23 04:00 . 2016-05-16 14:55 15415808 ----a-w- c:\windows\system32\ieframe.dll
2016-04-23 03:58 . 2016-05-16 14:55 115712 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2016-04-23 03:58 . 2016-05-16 14:55 620032 ----a-w- c:\windows\SysWow64\jscript9diag.dll
2016-04-23 03:51 . 2016-05-16 14:55 2596864 ----a-w- c:\windows\system32\wininet.dll
2016-04-23 03:45 . 2016-05-16 14:55 60416 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2016-04-23 03:39 . 2016-05-16 14:55 1547776 ----a-w- c:\windows\system32\urlmon.dll
2016-04-23 03:36 . 2016-05-16 14:55 4611072 ----a-w- c:\windows\SysWow64\jscript9.dll
2016-04-23 03:30 . 2016-05-16 14:55 2056192 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2016-04-23 03:30 . 2016-05-16 14:55 1155072 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2016-04-23 03:28 . 2016-05-16 14:55 800768 ----a-w- c:\windows\system32\ieapfltr.dll
2016-04-23 03:12 . 2016-05-16 14:55 2121216 ----a-w- c:\windows\SysWow64\wininet.dll
2016-04-14 13:49 . 2016-05-16 14:54 603648 ----a-w- c:\windows\SysWow64\d3d10level9.dll
2016-04-14 13:21 . 2016-05-16 14:54 647680 ----a-w- c:\windows\system32\d3d10level9.dll
2016-04-09 07:02 . 2016-05-16 14:44 631176 ----a-w- c:\windows\system32\winresume.efi
2016-04-09 07:01 . 2016-05-16 14:44 706280 ----a-w- c:\windows\system32\winload.efi
2016-04-09 07:01 . 2016-05-16 14:44 5546216 ----a-w- c:\windows\system32\ntoskrnl.exe
2016-04-09 07:01 . 2016-05-16 14:44 95464 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2016-04-09 07:01 . 2016-05-16 14:44 154344 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2016-04-09 07:01 . 2016-05-16 14:54 986344 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2016-04-09 07:01 . 2016-05-16 14:54 264936 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2016-04-09 06:59 . 2016-05-16 14:44 3998952 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2016-04-09 06:59 . 2016-05-16 14:44 3943144 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2016-04-09 06:59 . 2016-05-16 14:44 1732864 ----a-w- c:\windows\system32\ntdll.dll
2016-04-09 06:58 . 2016-05-16 14:44 362496 ----a-w- c:\windows\system32\wow64win.dll
2016-04-09 06:58 . 2016-05-16 14:44 243712 ----a-w- c:\windows\system32\wow64.dll
2016-04-09 06:58 . 2016-05-16 14:44 215552 ----a-w- c:\windows\system32\winsrv.dll
2016-04-09 06:58 . 2016-05-16 14:44 210432 ----a-w- c:\windows\system32\wdigest.dll
2016-04-09 06:58 . 2016-05-16 14:44 13312 ----a-w- c:\windows\system32\wow64cpu.dll
2016-04-09 06:58 . 2016-05-16 14:55 2048 ----a-w- c:\windows\system32\tzres.dll
2016-04-09 06:58 . 2016-05-16 14:44 86528 ----a-w- c:\windows\system32\TSpkg.dll
2016-04-09 06:58 . 2016-05-16 14:44 503808 ----a-w- c:\windows\system32\srcore.dll
2016-04-09 06:58 . 2016-05-16 14:44 135680 ----a-w- c:\windows\system32\sspicli.dll
2016-04-09 06:58 . 2016-05-16 14:44 28672 ----a-w- c:\windows\system32\sspisrv.dll
2016-04-09 06:58 . 2016-05-16 14:44 50176 ----a-w- c:\windows\system32\srclient.dll
2016-04-09 06:58 . 2016-05-16 14:44 63488 ----a-w- c:\windows\system32\setbcdlocale.dll
2016-04-09 06:58 . 2016-05-16 14:44 1212928 ----a-w- c:\windows\system32\rpcrt4.dll
2016-04-09 06:58 . 2016-05-16 14:44 344064 ----a-w- c:\windows\system32\schannel.dll
2016-04-09 06:58 . 2016-05-16 14:44 190464 ----a-w- c:\windows\system32\rpchttp.dll
2016-04-09 06:58 . 2016-05-16 14:44 28160 ----a-w- c:\windows\system32\secur32.dll
2016-04-09 06:57 . 2016-05-16 14:44 16384 ----a-w- c:\windows\system32\ntvdm64.dll
2016-04-09 06:57 . 2016-05-16 14:44 312320 ----a-w- c:\windows\system32\ncrypt.dll
2016-04-09 06:57 . 2016-05-16 14:44 316416 ----a-w- c:\windows\system32\msv1_0.dll
2016-04-09 06:57 . 2016-05-16 14:44 60416 ----a-w- c:\windows\system32\msobjs.dll
2016-04-09 06:57 . 2016-05-16 14:44 146432 ----a-w- c:\windows\system32\msaudite.dll
2016-04-09 06:57 . 2016-05-16 14:44 1464320 ----a-w- c:\windows\system32\lsasrv.dll
2016-04-09 06:57 . 2016-05-16 14:44 730624 ----a-w- c:\windows\system32\kerberos.dll
2016-04-09 06:57 . 2016-05-16 14:44 419840 ----a-w- c:\windows\system32\KernelBase.dll
2016-04-09 06:57 . 2016-05-16 14:44 1163264 ----a-w- c:\windows\system32\kernel32.dll
2016-04-09 06:57 . 2016-05-16 14:54 405504 ----a-w- c:\windows\system32\gdi32.dll
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2016-05-17 20:06 1741096 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2016-05-17 20:06 1741096 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2016-05-17 20:06 1741096 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Scan Buttons"="c:\program files (x86)\NewSoft\Presto! PageManager 9.03\PMSB.EXE" [2011-01-21 214360]
"iCloudServices"="c:\program files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" [2015-11-30 60688]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"Boingo Wi-Fi"="c:\program files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk" [2010-10-21 2429]
"ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2010-06-25 6806144]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2010-05-03 170624]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"Wireless Console 3"="c:\program files (x86)\ASUS\Wireless Console 3\wcourier.exe" [2010-04-26 1597440]
"THX TruStudio NB Settings"="c:\program files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exe" [2010-03-24 899072]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112]
"ASUS VIBE"="c:\program files (x86)\ASUS\ASUS VIBE\ASUS VIBE.exe" [2010-03-02 102400]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2016-06-15 7405752]
"PMSpeed"="c:\program files (x86)\NewSoft\Presto! PageManager 9.03\PMSpeed.EXE" [2010-07-29 116632]
"FUFAXRCV"="c:\program files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe" [2012-07-09 502952]
"FUFAXSTM"="c:\program files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe" [2012-07-09 863400]
"EEventManager"="c:\program files (x86)\Epson Software\Event Manager\EEventManager.exe" [2012-04-02 1058912]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-07-22 402432]
.
c:\users\Nicolas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Envoyer à OneNote.lnk - c:\program files\Microsoft Office\Office15\ONENOTEM.EXE /tsr [2015-12-8 222384]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2010-3-12 1083680]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R2 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 EpsonScanSvc;Epson Scanner Service;c:\windows\system32\EscSvc64.exe;c:\windows\SYSNATIVE\EscSvc64.exe [x]
R3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe;c:\program files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [x]
R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys;c:\windows\SYSNATIVE\DRIVERS\SiSG664.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys;c:\windows\SYSNATIVE\drivers\aswKbd.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe;c:\windows\SYSNATIVE\FBAgent.exe [x]
S2 Apple Mobile Device Service;Apple Mobile Device Service;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [x]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys;c:\windows\SYSNATIVE\DRIVERS\TurboB.sys [x]
S2 TurboBoost;Intel(R) Turbo Boost Technology Monitor;c:\program files\Intel\TurboBoost\TurboBoost.exe;c:\program files\Intel\TurboBoost\TurboBoost.exe [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys;c:\windows\SYSNATIVE\drivers\btusbflt.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
S3 FLxHCIc;Fresco Logic xHCI (USB3) Device Driver;c:\windows\system32\DRIVERS\FLxHCIc.sys;c:\windows\SYSNATIVE\DRIVERS\FLxHCIc.sys [x]
S3 FLxHCIh;Fresco Logic xHCI (USB3) Hub Device Driver;c:\windows\system32\DRIVERS\FLxHCIh.sys;c:\windows\SYSNATIVE\DRIVERS\FLxHCIh.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys;c:\windows\SYSNATIVE\drivers\MBfilt64.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys;c:\windows\SYSNATIVE\DRIVERS\RtsPStor.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr QWAVE wcncsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2016-06-18 12:55 1245848 ----a-w- c:\program files (x86)\Google\Chrome\Application\51.0.2704.103\Installer\chrmstp.exe
.
Contenu du dossier 'Tâches planifiées'
.
2016-06-19 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-08-08 12:14]
.
2016-06-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-21 19:32]
.
2016-06-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-21 19:32]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2016-05-17 20:02 2348848 ----a-w- c:\progra~1\MICROS~3\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2016-05-17 20:02 2348848 ----a-w- c:\progra~1\MICROS~3\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2016-05-17 20:02 2348848 ----a-w- c:\progra~1\MICROS~3\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2016-06-15 06:47 920784 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ASUS WebStorage"="c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe" [2010-03-16 1754448]
"IntelTBRunOnce"="wscript.exe" [2013-10-12 168960]
"THXCfg64"="c:\windows\system32\THXCfg64.dll" [2009-10-15 17920]
"WrtMon.exe"="c:\windows\system32\spool\drivers\x64\3\WrtMon.exe" [2008-05-24 26448]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-10-16 2462536]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-10-16 2800296]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2016-03-19 176952]
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.google.com
uLocal Page = c:\windows\system32\blank.htm
mDefault_Search_URL = hxxp://www.google.com
mDefault_Page_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://www.google.com
uInternet Settings,ProxyOverride = *.local
IE: &Envoyer à OneNote - c:\progra~1\MICROS~3\Office15\ONBttnIE.dll/105
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~3\Office15\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.254
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL
FF - ProfilePath - c:\users\Nicolas\AppData\Roaming\Mozilla\Firefox\Profiles\tpdnbptg.default\
.
- - - - ORPHELINS SUPPRIMES - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
Wow6432Node-HKLM-Run-SessionLogon - c:\expressgateutil\SessionLogon.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
HKLM-Run-Setwallpaper - c:\programdata\SetWallpaper.cmd
.
.
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Heure de fin: 2016-06-19 23:41:07
ComboFix-quarantined-files.txt 2016-06-19 21:41
.
Avant-CF: 30 014 971 904 octets libres
Après-CF: 29 834 461 184 octets libres
.
- - End Of File - - 09DE54BA265DFCF03484EE1F596598A1

Publicité


Signaler le contenu de ce document

Publicité