Publicité
Publicité
Format du document : text/plain
Prévisualisation
ComboFix 16-04-29.01 - Antoine 11/05/2016 18:00:06.4.4 - x64
Microsoft Windows 7 Professionnel 6.1.7601.1.1252.33.1036.18.16290.14142 [GMT 2:00]
Lancé depuis: c:\users\Antoine\Desktop\ComboFix.exe
FW: ZoneAlarm Free Firewall Firewall *Disabled* {1B8D532F-88B1-B2AD-ED22-AED92687A1D2}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2016-04-11 au 2016-05-11 ))))))))))))))))))))))))))))))))))))
.
.
2016-05-11 16:02 . 2016-05-11 16:02 -------- d-----w- c:\users\Default\AppData\Local\temp
2016-05-11 14:23 . 2016-05-11 14:23 -------- d-----w- c:\programdata\pdfforge
2016-05-11 14:12 . 2016-05-11 14:12 -------- d-----w- c:\users\Antoine\AppData\Roaming\PDF Architect 4
2016-05-11 14:11 . 2016-05-11 14:23 -------- d-----w- c:\programdata\PDF Architect 4
2016-05-11 14:11 . 2016-05-11 14:11 425744 ----a-w- c:\windows\system32\LavasoftTcpService64.dll
2016-05-11 14:11 . 2016-05-11 14:11 345360 ----a-w- c:\windows\SysWow64\LavasoftTcpService.dll
2016-05-11 07:55 . 2016-05-11 09:36 -------- d-----w- c:\users\Antoine\AppData\Roaming\Foxit Software
2016-05-11 07:55 . 2016-05-11 07:55 -------- d-----w- c:\users\Public\Foxit Software
2016-05-11 07:55 . 2016-05-11 09:36 -------- d-----w- c:\programdata\Foxit ContentPlatform
2016-05-11 07:55 . 2016-05-11 07:55 -------- d-----w- c:\program files (x86)\Foxit Software
2016-05-11 03:45 . 2016-04-20 01:13 11695896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{2F358422-ED4E-48E0-8775-5E0C077869BE}\mpengine.dll
2016-04-25 14:52 . 2016-04-25 16:03 -------- d-----w- C:\FRST
2016-04-25 14:44 . 2016-04-27 07:43 -------- d-----w- c:\users\Antoine\AppData\Local\StimulsoftReportsResources
2016-04-25 12:36 . 2016-04-25 12:36 -------- d-----w- c:\users\Antoine\AppData\Roaming\Moonchild Productions
2016-04-25 12:36 . 2016-04-25 12:36 -------- d-----w- c:\users\Antoine\AppData\Local\Moonchild Productions
2016-04-25 12:36 . 2016-04-25 12:45 -------- d-----w- c:\program files\Pale Moon
2016-04-20 11:15 . 2016-04-20 11:16 -------- d-----w- c:\users\Antoine\AppData\Local\FSDART
2016-04-20 07:32 . 2016-04-20 07:32 -------- d-----w- C:\_OTL
2016-04-19 14:48 . 2016-04-19 14:53 -------- d-----w- c:\users\Invité
2016-04-18 07:05 . 2016-04-18 07:06 -------- d-----w- c:\users\Antoine\sauvegarde photos s4
2016-04-16 12:49 . 2016-04-16 12:49 -------- d-----w- c:\program files (x86)\SEAF
2016-04-16 09:56 . 2016-04-16 09:56 -------- d-----w- c:\programdata\Synology
2016-04-16 09:56 . 2016-04-16 09:56 -------- d-----w- c:\program files (x86)\Synology
2016-04-16 08:56 . 2016-04-16 08:56 -------- d-----w- c:\program files (x86)\ZHPFix
2016-04-16 07:40 . 2016-04-16 07:43 -------- d-----w- C:\AdwCleaner
2016-04-15 18:06 . 2009-09-27 07:39 415744 --sh--w- c:\windows\SysWow64\avisynth.dll
2016-04-15 18:06 . 2004-02-22 08:11 764416 --sh--w- c:\windows\SysWow64\devil.dll
2016-04-15 18:06 . 2005-07-14 10:31 32256 --sh--w- c:\windows\SysWow64\AVSredirect.dll
2016-04-15 18:06 . 2004-01-24 22:00 70656 --sh--w- c:\windows\SysWow64\yv12vfw.dll
2016-04-15 18:06 . 2004-01-24 22:00 70656 --sh--w- c:\windows\SysWow64\i420vfw.dll
2016-04-15 18:03 . 2016-04-15 19:35 -------- d-----w- c:\program files (x86)\Jejochclipasp
2016-04-15 18:03 . 2004-07-02 16:33 327749 ----a-w- c:\windows\SysWow64\drvc.dll
2016-04-15 18:03 . 2016-04-16 10:12 -------- d-----w- c:\program files (x86)\eRightSoft
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-05-10 12:30 . 2016-04-07 16:11 884 ----a-w- c:\users\Antoine\advanced_ip_scanner_MAC.bin
2016-04-27 12:50 . 2015-09-23 12:28 542456 ------w- c:\windows\SysWow64\MC21.exe
2016-04-27 12:50 . 2015-09-23 12:28 542456 ------w- c:\windows\system32\MC21.exe
2016-04-21 13:05 . 2010-11-21 03:27 453288 ------w- c:\windows\system32\MpSigStub.exe
2016-04-21 08:19 . 2014-05-27 11:30 135176864 ----a-w- c:\windows\system32\MRT.exe
2016-04-15 19:25 . 2015-11-24 21:45 192216 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2016-04-08 03:29 . 2014-05-26 15:47 797376 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2016-04-08 03:29 . 2014-05-26 15:47 142528 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2016-04-04 16:32 . 2016-04-04 12:48 165232 ---ha-w- c:\users\Antoine\AppData\Roaming\Microsoft\Virtual PC\VPCKeyboard.dll
2016-04-03 20:20 . 2016-04-03 20:20 53248 ----a-w- c:\windows\SysWow64\unrar.dll
2016-03-17 22:24 . 2016-04-13 08:28 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2016-03-16 16:06 . 2016-03-16 16:07 110176 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-64.dll
2016-03-16 16:06 . 2016-03-16 16:06 110176 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2016-03-10 12:09 . 2015-11-24 21:44 64896 ----a-w- c:\windows\system32\drivers\mwac.sys
2016-03-10 12:08 . 2015-11-24 21:44 140672 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2016-03-10 12:08 . 2015-11-24 21:44 27008 ----a-w- c:\windows\system32\drivers\mbam.sys
2016-03-04 15:29 . 2016-04-04 16:34 982504 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys
2016-03-04 15:29 . 2016-04-04 16:34 148808 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys
2016-03-04 15:29 . 2016-03-04 15:29 205784 ----a-w- c:\windows\system32\drivers\VBoxNetLwf.sys
2016-03-04 15:29 . 2016-03-04 15:29 127456 ----a-w- c:\windows\system32\drivers\VBoxNetAdp6.sys
2016-02-13 01:46 . 2016-02-13 01:46 461792 ----a-w- c:\windows\system32\drivers\vsdatant.sys
2016-02-12 18:52 . 2016-03-09 10:05 98816 ----a-w- c:\windows\system32\wudriver.dll
2016-02-12 18:52 . 2016-03-09 10:05 3169792 ----a-w- c:\windows\system32\wucltux.dll
2016-02-12 18:52 . 2016-03-09 10:05 192512 ----a-w- c:\windows\system32\wuwebv.dll
2016-02-12 18:44 . 2016-03-09 10:05 91136 ----a-w- c:\windows\system32\WinSetupUI.dll
2016-02-12 18:39 . 2016-03-09 10:05 174080 ----a-w- c:\windows\SysWow64\wuwebv.dll
2016-02-12 18:22 . 2016-03-09 10:05 2610688 ----a-w- c:\windows\system32\wuaueng.dll
2016-02-12 18:19 . 2016-03-09 10:05 709120 ----a-w- c:\windows\system32\wuapi.dll
2016-02-12 18:18 . 2016-03-09 10:05 37888 ----a-w- c:\windows\system32\wuapp.exe
2016-02-12 18:18 . 2016-03-09 10:05 140288 ----a-w- c:\windows\system32\wuauclt.exe
2016-02-12 18:18 . 2016-03-09 10:05 36864 ----a-w- c:\windows\system32\wups.dll
2016-02-12 18:18 . 2016-03-09 10:05 37888 ----a-w- c:\windows\system32\wups2.dll
2016-02-12 18:18 . 2016-03-09 10:05 12288 ----a-w- c:\windows\system32\wu.upgrade.ps.dll
2016-02-12 18:06 . 2016-03-09 10:05 573440 ----a-w- c:\windows\SysWow64\wuapi.dll
2016-02-12 18:05 . 2016-03-09 10:05 93696 ----a-w- c:\windows\SysWow64\wudriver.dll
2016-02-12 18:05 . 2016-03-09 10:05 30208 ----a-w- c:\windows\SysWow64\wups.dll
2016-02-12 18:05 . 2016-03-09 10:05 35328 ----a-w- c:\windows\SysWow64\wuapp.exe
2009-09-27 07:39 415744 --sh--w- c:\windows\SysWOW64\avisynth.dll
2005-07-14 10:31 32256 --sh--w- c:\windows\SysWOW64\AVSredirect.dll
2004-02-22 08:11 764416 --sh--w- c:\windows\SysWOW64\devil.dll
2004-01-24 22:00 70656 --sh--w- c:\windows\SysWOW64\i420vfw.dll
2004-01-24 22:00 70656 --sh--w- c:\windows\SysWOW64\yv12vfw.dll
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2015-12-08 8590760]
"Media Center 21"="c:\program files (x86)\J River\Media Center 21\Media Center 21.exe" [2016-04-27 16275456]
"DAEMON Tools Lite Automount"="c:\program files (x86)\DAEMON Tools Lite\DTAgent.exe" [2015-11-30 4179288]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2013-04-26 292848]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"PopUp Destroy"="c:\program files (x86)\PopUp Destroy\Popup-Destroy.exe" [2003-04-22 1806336]
"CloneCDTray"="c:\program files (x86)\SlySoft\CloneCD\CloneCDTray.exe" [2009-01-29 57344]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2016-01-29 596016]
"ZoneAlarm"="c:\program files (x86)\CheckPoint\ZoneAlarm\zatray.exe" [2016-02-13 134480]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"EnableSecureUIAPath"= 1 (0x1)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux2"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 IntcDAud;Son Intel(R) pour écrans;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
R3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\SocketHeciServer.exe;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [x]
R3 ma-config_amd64;ma-config_amd64;c:\program files\ma-config.com\Drivers\ma-config_amd64.sys;c:\program files\ma-config.com\Drivers\ma-config_amd64.sys [x]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 MSSQLServerADHelper100;Service SQL Active Directory Helper;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [x]
R4 RsFx0153;RsFx0153 Driver;c:\windows\system32\DRIVERS\RsFx0153.sys;c:\windows\SYSNATIVE\DRIVERS\RsFx0153.sys [x]
R4 SQLAgent$EBP;Agent SQL Server (EBP);c:\program files\Microsoft SQL Server\MSSQL10_50.EBP\MSSQL\Binn\SQLAGENT.EXE;c:\program files\Microsoft SQL Server\MSSQL10_50.EBP\MSSQL\Binn\SQLAGENT.EXE [x]
S0 iaStorA;iaStorA;c:\windows\system32\DRIVERS\iaStorA.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorA.sys [x]
S0 iaStorF;iaStorF;c:\windows\system32\DRIVERS\iaStorF.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorF.sys [x]
S0 iusb3hcs;Pilote de commutateur de contrôleur d'hôte Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\drivers\PxHlpa64.sys [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxDrv.sys [x]
S1 VBoxNetAdp;VirtualBox NDIS 6.0 Miniport Service;c:\windows\system32\DRIVERS\VBoxNetAdp6.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetAdp6.sys [x]
S1 VBoxNetLwf;VirtualBox NDIS6 Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetLwf.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetLwf.sys [x]
S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxUSBMon.sys [x]
S2 AdobeActiveFileMonitor12.0;Adobe Active File Monitor V12;c:\program files (x86)\Adobe\Elements 12 Organizer\PhotoshopElementsFileAgent.exe;c:\program files (x86)\Adobe\Elements 12 Organizer\PhotoshopElementsFileAgent.exe [x]
S2 asComSvc;ASUS Com Service;c:\program files (x86)\ASUS\AXSP\1.01.01\atkexComSvc.exe;c:\program files (x86)\ASUS\AXSP\1.01.01\atkexComSvc.exe [x]
S2 DevoloNetworkService;devolo Network Service;c:\program files (x86)\devolo\dlan\devolonetsvc.exe;c:\program files (x86)\devolo\dlan\devolonetsvc.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service;c:\windows\system32\igfxCUIService.exe;c:\windows\SYSNATIVE\igfxCUIService.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 MaConfigAgent;Ma-Config Agent;c:\program files\ma-config.com\MaConfigAgent.exe;c:\program files\ma-config.com\MaConfigAgent.exe [x]
S2 MSSQL$EBP;SQL Server (EBP);c:\program files\Microsoft SQL Server\MSSQL10_50.EBP\MSSQL\Binn\sqlservr.exe;c:\program files\Microsoft SQL Server\MSSQL10_50.EBP\MSSQL\Binn\sqlservr.exe [x]
S2 NPF_devolo;NetGroup Packet Filter Driver (devolo);c:\windows\sysWOW64\drivers\npf_devolo.sys;c:\windows\sysWOW64\drivers\npf_devolo.sys [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 ss_conn_service;SAMSUNG Mobile Connectivity Service;c:\program files\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe;c:\program files\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 UsbClientService;UsbClientService;c:\program files (x86)\Synology\Assistant\UsbClientService.exe;c:\program files (x86)\Synology\Assistant\UsbClientService.exe [x]
S2 ZAPrivacyService;ZoneAlarm Privacy Service;c:\program files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe;c:\program files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe [x]
S3 busenum;Synology Virtual USB Hub;c:\windows\system32\DRIVERS\busenum.sys;c:\windows\SYSNATIVE\DRIVERS\busenum.sys [x]
S3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service;c:\program files (x86)\DAEMON Tools Lite\DiscSoftBusService.exe;c:\program files (x86)\DAEMON Tools Lite\DiscSoftBusService.exe [x]
S3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus;c:\windows\system32\DRIVERS\dtlitescsibus.sys;c:\windows\SYSNATIVE\DRIVERS\dtlitescsibus.sys [x]
S3 dtliteusbbus;DAEMON Tools Lite Virtual USB Bus;c:\windows\system32\DRIVERS\dtliteusbbus.sys;c:\windows\SYSNATIVE\DRIVERS\dtliteusbbus.sys [x]
S3 iusb3hub;Pilote de concentrateur Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Pilote du contrôleur d'hôte extensible Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 Media Center 21 Service;JRiver Media Center 21 Service;c:\program files (x86)\J River\Media Center 21\JRService.exe;c:\program files (x86)\J River\Media Center 21\JRService.exe [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr QWAVE wcncsvc
.
Contenu du dossier 'Tâches planifiées'
.
2016-05-11 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-26 03:29]
.
2016-05-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-05-26 08:26]
.
2016-05-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-05-26 08:26]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2012-11-19 6846096]
"IAStorIcon"="c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" [2013-11-21 36352]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-04-30 2199840]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-04-30 1225920]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2013-06-03 472984]
.
------- Examen supplémentaire -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
Trusted Zone: localhost
Trusted Zone: webcompanion.com
TCP: Interfaces\{C511991C-D589-4C02-A213-40A3C690FA87}: NameServer = 192.168.0.254
FF - ProfilePath - c:\users\Antoine\AppData\Roaming\Mozilla\Firefox\Profiles\5s70e93l.default-1448444665585\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - about:home
.
- - - - ORPHELINS SUPPRIMES - - - -
.
Toolbar-10 - (no file)
AddRemove-ANNO1602 - c:\windows\system32\1602Unst.exe
AddRemove-FileHippo.com - c:\program files (x86)\FileHippo.com\uninstall.exe
AddRemove-{5E39F2FB-0D5B-413E-903C-3F495017109C} - c:\programdata\{DF556234-0223-4663-A9AD-8FEFE5B9EE69}\setup.exe
AddRemove-{8e70e4e1-06d7-470b-9f74-a51bef21088e} - c:\programdata\Package Cache\{8e70e4e1-06d7-470b-9f74-a51bef21088e}\vcredist_x86.exe
.
.
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,88,e9,a2,13,3f,5b,b1,4e,9d,94,64,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,88,e9,a2,13,3f,5b,b1,4e,9d,94,64,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Heure de fin: 2016-05-11 18:03:38
ComboFix-quarantined-files.txt 2016-05-11 16:03
ComboFix2.txt 2016-05-11 13:25
.
Avant-CF: 67 649 773 568 octets libres
Après-CF: 67 309 420 544 octets libres
.
- - End Of File - - 326EC6258F6F1C89FD54B3B9A0CD96E0
A36C5E4F47E84449FF07ED3517B43A31
Microsoft Windows 7 Professionnel 6.1.7601.1.1252.33.1036.18.16290.14142 [GMT 2:00]
Lancé depuis: c:\users\Antoine\Desktop\ComboFix.exe
FW: ZoneAlarm Free Firewall Firewall *Disabled* {1B8D532F-88B1-B2AD-ED22-AED92687A1D2}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2016-04-11 au 2016-05-11 ))))))))))))))))))))))))))))))))))))
.
.
2016-05-11 16:02 . 2016-05-11 16:02 -------- d-----w- c:\users\Default\AppData\Local\temp
2016-05-11 14:23 . 2016-05-11 14:23 -------- d-----w- c:\programdata\pdfforge
2016-05-11 14:12 . 2016-05-11 14:12 -------- d-----w- c:\users\Antoine\AppData\Roaming\PDF Architect 4
2016-05-11 14:11 . 2016-05-11 14:23 -------- d-----w- c:\programdata\PDF Architect 4
2016-05-11 14:11 . 2016-05-11 14:11 425744 ----a-w- c:\windows\system32\LavasoftTcpService64.dll
2016-05-11 14:11 . 2016-05-11 14:11 345360 ----a-w- c:\windows\SysWow64\LavasoftTcpService.dll
2016-05-11 07:55 . 2016-05-11 09:36 -------- d-----w- c:\users\Antoine\AppData\Roaming\Foxit Software
2016-05-11 07:55 . 2016-05-11 07:55 -------- d-----w- c:\users\Public\Foxit Software
2016-05-11 07:55 . 2016-05-11 09:36 -------- d-----w- c:\programdata\Foxit ContentPlatform
2016-05-11 07:55 . 2016-05-11 07:55 -------- d-----w- c:\program files (x86)\Foxit Software
2016-05-11 03:45 . 2016-04-20 01:13 11695896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{2F358422-ED4E-48E0-8775-5E0C077869BE}\mpengine.dll
2016-04-25 14:52 . 2016-04-25 16:03 -------- d-----w- C:\FRST
2016-04-25 14:44 . 2016-04-27 07:43 -------- d-----w- c:\users\Antoine\AppData\Local\StimulsoftReportsResources
2016-04-25 12:36 . 2016-04-25 12:36 -------- d-----w- c:\users\Antoine\AppData\Roaming\Moonchild Productions
2016-04-25 12:36 . 2016-04-25 12:36 -------- d-----w- c:\users\Antoine\AppData\Local\Moonchild Productions
2016-04-25 12:36 . 2016-04-25 12:45 -------- d-----w- c:\program files\Pale Moon
2016-04-20 11:15 . 2016-04-20 11:16 -------- d-----w- c:\users\Antoine\AppData\Local\FSDART
2016-04-20 07:32 . 2016-04-20 07:32 -------- d-----w- C:\_OTL
2016-04-19 14:48 . 2016-04-19 14:53 -------- d-----w- c:\users\Invité
2016-04-18 07:05 . 2016-04-18 07:06 -------- d-----w- c:\users\Antoine\sauvegarde photos s4
2016-04-16 12:49 . 2016-04-16 12:49 -------- d-----w- c:\program files (x86)\SEAF
2016-04-16 09:56 . 2016-04-16 09:56 -------- d-----w- c:\programdata\Synology
2016-04-16 09:56 . 2016-04-16 09:56 -------- d-----w- c:\program files (x86)\Synology
2016-04-16 08:56 . 2016-04-16 08:56 -------- d-----w- c:\program files (x86)\ZHPFix
2016-04-16 07:40 . 2016-04-16 07:43 -------- d-----w- C:\AdwCleaner
2016-04-15 18:06 . 2009-09-27 07:39 415744 --sh--w- c:\windows\SysWow64\avisynth.dll
2016-04-15 18:06 . 2004-02-22 08:11 764416 --sh--w- c:\windows\SysWow64\devil.dll
2016-04-15 18:06 . 2005-07-14 10:31 32256 --sh--w- c:\windows\SysWow64\AVSredirect.dll
2016-04-15 18:06 . 2004-01-24 22:00 70656 --sh--w- c:\windows\SysWow64\yv12vfw.dll
2016-04-15 18:06 . 2004-01-24 22:00 70656 --sh--w- c:\windows\SysWow64\i420vfw.dll
2016-04-15 18:03 . 2016-04-15 19:35 -------- d-----w- c:\program files (x86)\Jejochclipasp
2016-04-15 18:03 . 2004-07-02 16:33 327749 ----a-w- c:\windows\SysWow64\drvc.dll
2016-04-15 18:03 . 2016-04-16 10:12 -------- d-----w- c:\program files (x86)\eRightSoft
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-05-10 12:30 . 2016-04-07 16:11 884 ----a-w- c:\users\Antoine\advanced_ip_scanner_MAC.bin
2016-04-27 12:50 . 2015-09-23 12:28 542456 ------w- c:\windows\SysWow64\MC21.exe
2016-04-27 12:50 . 2015-09-23 12:28 542456 ------w- c:\windows\system32\MC21.exe
2016-04-21 13:05 . 2010-11-21 03:27 453288 ------w- c:\windows\system32\MpSigStub.exe
2016-04-21 08:19 . 2014-05-27 11:30 135176864 ----a-w- c:\windows\system32\MRT.exe
2016-04-15 19:25 . 2015-11-24 21:45 192216 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2016-04-08 03:29 . 2014-05-26 15:47 797376 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2016-04-08 03:29 . 2014-05-26 15:47 142528 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2016-04-04 16:32 . 2016-04-04 12:48 165232 ---ha-w- c:\users\Antoine\AppData\Roaming\Microsoft\Virtual PC\VPCKeyboard.dll
2016-04-03 20:20 . 2016-04-03 20:20 53248 ----a-w- c:\windows\SysWow64\unrar.dll
2016-03-17 22:24 . 2016-04-13 08:28 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2016-03-16 16:06 . 2016-03-16 16:07 110176 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-64.dll
2016-03-16 16:06 . 2016-03-16 16:06 110176 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2016-03-10 12:09 . 2015-11-24 21:44 64896 ----a-w- c:\windows\system32\drivers\mwac.sys
2016-03-10 12:08 . 2015-11-24 21:44 140672 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2016-03-10 12:08 . 2015-11-24 21:44 27008 ----a-w- c:\windows\system32\drivers\mbam.sys
2016-03-04 15:29 . 2016-04-04 16:34 982504 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys
2016-03-04 15:29 . 2016-04-04 16:34 148808 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys
2016-03-04 15:29 . 2016-03-04 15:29 205784 ----a-w- c:\windows\system32\drivers\VBoxNetLwf.sys
2016-03-04 15:29 . 2016-03-04 15:29 127456 ----a-w- c:\windows\system32\drivers\VBoxNetAdp6.sys
2016-02-13 01:46 . 2016-02-13 01:46 461792 ----a-w- c:\windows\system32\drivers\vsdatant.sys
2016-02-12 18:52 . 2016-03-09 10:05 98816 ----a-w- c:\windows\system32\wudriver.dll
2016-02-12 18:52 . 2016-03-09 10:05 3169792 ----a-w- c:\windows\system32\wucltux.dll
2016-02-12 18:52 . 2016-03-09 10:05 192512 ----a-w- c:\windows\system32\wuwebv.dll
2016-02-12 18:44 . 2016-03-09 10:05 91136 ----a-w- c:\windows\system32\WinSetupUI.dll
2016-02-12 18:39 . 2016-03-09 10:05 174080 ----a-w- c:\windows\SysWow64\wuwebv.dll
2016-02-12 18:22 . 2016-03-09 10:05 2610688 ----a-w- c:\windows\system32\wuaueng.dll
2016-02-12 18:19 . 2016-03-09 10:05 709120 ----a-w- c:\windows\system32\wuapi.dll
2016-02-12 18:18 . 2016-03-09 10:05 37888 ----a-w- c:\windows\system32\wuapp.exe
2016-02-12 18:18 . 2016-03-09 10:05 140288 ----a-w- c:\windows\system32\wuauclt.exe
2016-02-12 18:18 . 2016-03-09 10:05 36864 ----a-w- c:\windows\system32\wups.dll
2016-02-12 18:18 . 2016-03-09 10:05 37888 ----a-w- c:\windows\system32\wups2.dll
2016-02-12 18:18 . 2016-03-09 10:05 12288 ----a-w- c:\windows\system32\wu.upgrade.ps.dll
2016-02-12 18:06 . 2016-03-09 10:05 573440 ----a-w- c:\windows\SysWow64\wuapi.dll
2016-02-12 18:05 . 2016-03-09 10:05 93696 ----a-w- c:\windows\SysWow64\wudriver.dll
2016-02-12 18:05 . 2016-03-09 10:05 30208 ----a-w- c:\windows\SysWow64\wups.dll
2016-02-12 18:05 . 2016-03-09 10:05 35328 ----a-w- c:\windows\SysWow64\wuapp.exe
2009-09-27 07:39 415744 --sh--w- c:\windows\SysWOW64\avisynth.dll
2005-07-14 10:31 32256 --sh--w- c:\windows\SysWOW64\AVSredirect.dll
2004-02-22 08:11 764416 --sh--w- c:\windows\SysWOW64\devil.dll
2004-01-24 22:00 70656 --sh--w- c:\windows\SysWOW64\i420vfw.dll
2004-01-24 22:00 70656 --sh--w- c:\windows\SysWOW64\yv12vfw.dll
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2015-12-08 8590760]
"Media Center 21"="c:\program files (x86)\J River\Media Center 21\Media Center 21.exe" [2016-04-27 16275456]
"DAEMON Tools Lite Automount"="c:\program files (x86)\DAEMON Tools Lite\DTAgent.exe" [2015-11-30 4179288]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2013-04-26 292848]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"PopUp Destroy"="c:\program files (x86)\PopUp Destroy\Popup-Destroy.exe" [2003-04-22 1806336]
"CloneCDTray"="c:\program files (x86)\SlySoft\CloneCD\CloneCDTray.exe" [2009-01-29 57344]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2016-01-29 596016]
"ZoneAlarm"="c:\program files (x86)\CheckPoint\ZoneAlarm\zatray.exe" [2016-02-13 134480]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"EnableSecureUIAPath"= 1 (0x1)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux2"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 IntcDAud;Son Intel(R) pour écrans;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
R3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\SocketHeciServer.exe;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [x]
R3 ma-config_amd64;ma-config_amd64;c:\program files\ma-config.com\Drivers\ma-config_amd64.sys;c:\program files\ma-config.com\Drivers\ma-config_amd64.sys [x]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 MSSQLServerADHelper100;Service SQL Active Directory Helper;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [x]
R4 RsFx0153;RsFx0153 Driver;c:\windows\system32\DRIVERS\RsFx0153.sys;c:\windows\SYSNATIVE\DRIVERS\RsFx0153.sys [x]
R4 SQLAgent$EBP;Agent SQL Server (EBP);c:\program files\Microsoft SQL Server\MSSQL10_50.EBP\MSSQL\Binn\SQLAGENT.EXE;c:\program files\Microsoft SQL Server\MSSQL10_50.EBP\MSSQL\Binn\SQLAGENT.EXE [x]
S0 iaStorA;iaStorA;c:\windows\system32\DRIVERS\iaStorA.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorA.sys [x]
S0 iaStorF;iaStorF;c:\windows\system32\DRIVERS\iaStorF.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorF.sys [x]
S0 iusb3hcs;Pilote de commutateur de contrôleur d'hôte Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\drivers\PxHlpa64.sys [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxDrv.sys [x]
S1 VBoxNetAdp;VirtualBox NDIS 6.0 Miniport Service;c:\windows\system32\DRIVERS\VBoxNetAdp6.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetAdp6.sys [x]
S1 VBoxNetLwf;VirtualBox NDIS6 Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetLwf.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetLwf.sys [x]
S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxUSBMon.sys [x]
S2 AdobeActiveFileMonitor12.0;Adobe Active File Monitor V12;c:\program files (x86)\Adobe\Elements 12 Organizer\PhotoshopElementsFileAgent.exe;c:\program files (x86)\Adobe\Elements 12 Organizer\PhotoshopElementsFileAgent.exe [x]
S2 asComSvc;ASUS Com Service;c:\program files (x86)\ASUS\AXSP\1.01.01\atkexComSvc.exe;c:\program files (x86)\ASUS\AXSP\1.01.01\atkexComSvc.exe [x]
S2 DevoloNetworkService;devolo Network Service;c:\program files (x86)\devolo\dlan\devolonetsvc.exe;c:\program files (x86)\devolo\dlan\devolonetsvc.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service;c:\windows\system32\igfxCUIService.exe;c:\windows\SYSNATIVE\igfxCUIService.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 MaConfigAgent;Ma-Config Agent;c:\program files\ma-config.com\MaConfigAgent.exe;c:\program files\ma-config.com\MaConfigAgent.exe [x]
S2 MSSQL$EBP;SQL Server (EBP);c:\program files\Microsoft SQL Server\MSSQL10_50.EBP\MSSQL\Binn\sqlservr.exe;c:\program files\Microsoft SQL Server\MSSQL10_50.EBP\MSSQL\Binn\sqlservr.exe [x]
S2 NPF_devolo;NetGroup Packet Filter Driver (devolo);c:\windows\sysWOW64\drivers\npf_devolo.sys;c:\windows\sysWOW64\drivers\npf_devolo.sys [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 ss_conn_service;SAMSUNG Mobile Connectivity Service;c:\program files\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe;c:\program files\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 UsbClientService;UsbClientService;c:\program files (x86)\Synology\Assistant\UsbClientService.exe;c:\program files (x86)\Synology\Assistant\UsbClientService.exe [x]
S2 ZAPrivacyService;ZoneAlarm Privacy Service;c:\program files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe;c:\program files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe [x]
S3 busenum;Synology Virtual USB Hub;c:\windows\system32\DRIVERS\busenum.sys;c:\windows\SYSNATIVE\DRIVERS\busenum.sys [x]
S3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service;c:\program files (x86)\DAEMON Tools Lite\DiscSoftBusService.exe;c:\program files (x86)\DAEMON Tools Lite\DiscSoftBusService.exe [x]
S3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus;c:\windows\system32\DRIVERS\dtlitescsibus.sys;c:\windows\SYSNATIVE\DRIVERS\dtlitescsibus.sys [x]
S3 dtliteusbbus;DAEMON Tools Lite Virtual USB Bus;c:\windows\system32\DRIVERS\dtliteusbbus.sys;c:\windows\SYSNATIVE\DRIVERS\dtliteusbbus.sys [x]
S3 iusb3hub;Pilote de concentrateur Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Pilote du contrôleur d'hôte extensible Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 Media Center 21 Service;JRiver Media Center 21 Service;c:\program files (x86)\J River\Media Center 21\JRService.exe;c:\program files (x86)\J River\Media Center 21\JRService.exe [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr QWAVE wcncsvc
.
Contenu du dossier 'Tâches planifiées'
.
2016-05-11 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-26 03:29]
.
2016-05-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-05-26 08:26]
.
2016-05-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-05-26 08:26]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2012-11-19 6846096]
"IAStorIcon"="c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" [2013-11-21 36352]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-04-30 2199840]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-04-30 1225920]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2013-06-03 472984]
.
------- Examen supplémentaire -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
Trusted Zone: localhost
Trusted Zone: webcompanion.com
TCP: Interfaces\{C511991C-D589-4C02-A213-40A3C690FA87}: NameServer = 192.168.0.254
FF - ProfilePath - c:\users\Antoine\AppData\Roaming\Mozilla\Firefox\Profiles\5s70e93l.default-1448444665585\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - about:home
.
- - - - ORPHELINS SUPPRIMES - - - -
.
Toolbar-10 - (no file)
AddRemove-ANNO1602 - c:\windows\system32\1602Unst.exe
AddRemove-FileHippo.com - c:\program files (x86)\FileHippo.com\uninstall.exe
AddRemove-{5E39F2FB-0D5B-413E-903C-3F495017109C} - c:\programdata\{DF556234-0223-4663-A9AD-8FEFE5B9EE69}\setup.exe
AddRemove-{8e70e4e1-06d7-470b-9f74-a51bef21088e} - c:\programdata\Package Cache\{8e70e4e1-06d7-470b-9f74-a51bef21088e}\vcredist_x86.exe
.
.
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,88,e9,a2,13,3f,5b,b1,4e,9d,94,64,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,88,e9,a2,13,3f,5b,b1,4e,9d,94,64,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Heure de fin: 2016-05-11 18:03:38
ComboFix-quarantined-files.txt 2016-05-11 16:03
ComboFix2.txt 2016-05-11 13:25
.
Avant-CF: 67 649 773 568 octets libres
Après-CF: 67 309 420 544 octets libres
.
- - End Of File - - 326EC6258F6F1C89FD54B3B9A0CD96E0
A36C5E4F47E84449FF07ED3517B43A31