cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

ComboFix 16-08-21.02 - P 30/08/2016 14:44:27.1.8 - x64
Microsoft Windows 7 Édition Familiale Premium 6.1.7601.1.1252.32.1036.18.6135.3828 [GMT 2:00]
Lancé depuis: c:\users\P\Desktop\ComboFix.exe
AV: Avira Antivirus *Disabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
SP: Avira Antivirus *Disabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\Install.exe
c:\users\P\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
c:\users\P\videos\hjsplit.exe
c:\users\P\videos\MPC-HomeCinema.exe
c:\users\P\videos\Xtremsplit.exe
c:\windows\msdownld.tmp
c:\windows\wininit.ini
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2016-07-28 au 2016-08-30 ))))))))))))))))))))))))))))))))))))
.
.
2016-08-30 12:40 . 2016-08-02 22:36 11847048 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{05E02D25-3A47-4251-A8FA-7525272BCB86}\mpengine.dll
2016-08-29 14:24 . 2016-08-29 17:24 -------- d-----w- C:\FRST
2016-08-29 12:54 . 2016-08-29 12:55 -------- d-----w- c:\program files (x86)\ZHPFix
2016-08-28 14:08 . 2016-08-29 13:02 -------- d-----w- c:\users\P\AppData\Roaming\ZHP
2016-08-10 10:46 . 2016-07-08 15:37 95464 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2016-07-31 15:56 . 2016-06-03 03:19 113208 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2016-07-31 15:56 . 2016-05-04 02:23 129824 ----a-w- c:\windows\SysWow64\vulkan-1.dll
2016-07-31 15:56 . 2016-05-04 02:22 40224 ----a-w- c:\windows\SysWow64\vulkaninfo.exe
2016-07-31 15:56 . 2016-05-04 02:22 130848 ----a-w- c:\windows\system32\vulkan-1.dll
2016-07-31 15:56 . 2016-05-04 02:22 45344 ----a-w- c:\windows\system32\vulkaninfo.exe
2016-07-31 15:56 . 2016-07-31 15:56 -------- d-----w- c:\program files (x86)\VulkanRT
2016-07-31 15:56 . 2016-06-03 03:26 81856 ----a-w- c:\windows\system32\nv3dappshextr.dll
2016-07-31 15:56 . 2016-06-03 03:26 534072 ----a-w- c:\windows\system32\nv3dappshext.dll
2016-07-31 14:26 . 2016-06-06 16:50 228864 ----a-w- c:\windows\system32\wintrust.dll
2016-07-31 14:26 . 2016-06-06 16:50 190976 ----a-w- c:\windows\system32\cryptsvc.dll
2016-07-31 14:26 . 2016-06-06 16:50 1483264 ----a-w- c:\windows\system32\crypt32.dll
2016-07-31 14:26 . 2016-06-06 16:50 141824 ----a-w- c:\windows\system32\cryptnet.dll
2016-07-31 14:26 . 2016-06-06 15:23 179200 ----a-w- c:\windows\SysWow64\wintrust.dll
2016-07-31 14:26 . 2016-06-06 15:23 145920 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2016-07-31 14:26 . 2016-06-06 15:23 1176064 ----a-w- c:\windows\SysWow64\crypt32.dll
2016-07-31 14:26 . 2016-06-06 15:23 106496 ----a-w- c:\windows\SysWow64\cryptnet.dll
2016-07-31 14:25 . 2016-06-26 00:27 756736 ----a-w- c:\windows\system32\win32spl.dll
2016-07-31 14:25 . 2016-06-26 00:27 970240 ----a-w- c:\windows\system32\localspl.dll
2016-07-31 14:25 . 2016-06-25 19:54 497152 ----a-w- c:\windows\SysWow64\win32spl.dll
2016-07-31 14:25 . 2016-06-26 00:27 38912 ----a-w- c:\windows\system32\Spool\prtprocs\x64\winprint.dll
2016-07-31 14:25 . 2016-06-26 00:27 344576 ----a-w- c:\windows\system32\ntprint.dll
2016-07-31 14:25 . 2016-06-26 00:27 22528 ----a-w- c:\windows\system32\inetppui.dll
2016-07-31 14:25 . 2016-06-26 00:27 166400 ----a-w- c:\windows\system32\inetpp.dll
2016-07-31 14:25 . 2016-06-25 19:53 297472 ----a-w- c:\windows\SysWow64\ntprint.dll
2016-07-31 14:25 . 2016-06-25 19:53 48640 ----a-w- c:\windows\system32\wpnpinst.exe
2016-07-31 14:25 . 2016-06-25 19:53 61952 ----a-w- c:\windows\system32\ntprint.exe
2016-07-31 14:25 . 2016-06-25 19:41 61952 ----a-w- c:\windows\SysWow64\ntprint.exe
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-08-10 10:52 . 2013-05-10 16:37 147640136 -c--a-w- c:\windows\system32\MRT.exe
2016-07-28 13:41 . 2013-05-14 11:21 171752 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2016-07-28 13:41 . 2013-05-14 11:21 145984 ----a-w- c:\windows\system32\drivers\avipbb.sys
2016-07-26 12:24 . 2010-11-21 03:27 504488 ------w- c:\windows\system32\MpSigStub.exe
2016-07-25 23:16 . 2013-05-10 17:57 796352 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2016-07-25 23:16 . 2013-05-10 17:57 142528 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2016-06-26 00:35 . 2016-07-11 13:55 41704 ----a-w- c:\windows\system32\CompatTelRunner.exe
2016-06-26 00:27 . 2016-07-11 13:55 1208320 ----a-w- c:\windows\system32\aeinv.dll
2016-06-22 13:06 . 2016-07-11 13:55 268800 ----a-w- c:\windows\system32\centel.dll
2016-06-17 18:24 . 2016-07-11 13:55 571904 ----a-w- c:\windows\system32\generaltel.dll
2016-06-17 18:24 . 2016-07-11 13:55 544256 ----a-w- c:\windows\system32\devinv.dll
2016-06-17 18:24 . 2016-07-11 13:55 294912 ----a-w- c:\windows\system32\invagent.dll
2016-06-17 18:24 . 2016-07-11 13:55 76800 ----a-w- c:\windows\system32\acmigration.dll
2016-06-17 18:24 . 2016-07-11 13:55 219136 ----a-w- c:\windows\system32\aepic.dll
2016-06-17 18:24 . 2016-07-11 13:55 1490432 ----a-w- c:\windows\system32\appraiser.dll
2016-06-14 15:21 . 2016-07-31 14:24 2560 ----a-w- c:\windows\apppatch\AcRes.dll
2016-06-07 02:32 . 2016-06-07 02:32 31612480 ----a-w- c:\windows\system32\nvoglv64.dll
2016-06-07 02:32 . 2016-06-07 02:32 25386560 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2016-06-07 02:31 . 2016-06-07 02:31 13469248 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2016-06-07 02:31 . 2016-06-07 02:31 917448 ----a-w- c:\windows\system32\NvIFR64.dll
2016-06-07 02:31 . 2016-06-07 02:31 716232 ----a-w- c:\windows\SysWow64\NvIFR.dll
2016-06-07 02:30 . 2016-06-07 02:30 54736 ----a-w- c:\windows\system32\nvhdap64.dll
2016-06-07 02:30 . 2016-06-07 02:30 1590336 ----a-w- c:\windows\system32\nvhdagenco64.dll
2016-06-07 02:29 . 2016-06-07 02:29 149968 ----a-w- c:\windows\system32\drivers\nvhda64v.sys
2016-06-07 02:29 . 2016-06-07 02:29 993856 ----a-w- c:\windows\system32\NvFBC64.dll
2016-06-07 02:29 . 2016-06-07 02:29 778696 ----a-w- c:\windows\SysWow64\NvFBC.dll
2016-06-07 02:29 . 2016-06-07 02:29 1580488 ----a-w- c:\windows\system32\nvdispgenco6436839.dll
2016-06-07 02:29 . 2016-06-07 02:29 1931328 ----a-w- c:\windows\system32\nvdispco6436839.dll
2016-06-07 02:29 . 2016-06-07 02:29 3521600 ----a-w- c:\windows\system32\nvcuvid.dll
2016-06-07 02:29 . 2016-06-07 02:29 3073984 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2016-06-07 02:27 . 2016-06-07 02:27 39988288 ----a-w- c:\windows\system32\nvcompiler.dll
2016-06-07 02:12 . 2016-06-07 02:12 35124168 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2016-06-07 01:58 . 2016-06-07 01:58 19356760 ----a-w- c:\windows\system32\nvwgf2umx.dll
2016-06-07 01:58 . 2016-06-07 01:58 16912336 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2016-06-07 01:58 . 2015-11-09 21:35 489776 ----a-w- c:\windows\system32\nvumdshimx.dll
2016-06-07 01:58 . 2016-06-07 01:58 407224 ----a-w- c:\windows\SysWow64\nvumdshim.dll
2016-06-07 01:57 . 2016-06-07 01:57 10745152 ----a-w- c:\windows\system32\nvptxJitCompiler.dll
2016-06-07 01:57 . 2016-06-07 01:57 8818808 ----a-w- c:\windows\SysWow64\nvptxJitCompiler.dll
2016-06-07 01:57 . 2016-06-07 01:57 22001720 ----a-w- c:\windows\system32\nvopencl.dll
2016-06-07 01:57 . 2016-06-07 01:57 18311368 ----a-w- c:\windows\SysWow64\nvopencl.dll
2016-06-07 01:57 . 2016-06-07 01:57 163680 ----a-w- c:\windows\system32\nvoglshim64.dll
2016-06-07 01:57 . 2016-06-07 01:57 141816 ----a-w- c:\windows\SysWow64\nvoglshim32.dll
2016-06-07 01:57 . 2016-06-07 01:57 188616 ----a-w- c:\windows\system32\nvinitx.dll
2016-06-07 01:57 . 2016-06-07 01:57 166000 ----a-w- c:\windows\SysWow64\nvinit.dll
2016-06-07 01:57 . 2016-06-07 01:57 684720 ----a-w- c:\windows\system32\nvfatbinaryLoader.dll
2016-06-07 01:57 . 2016-06-07 01:57 579224 ----a-w- c:\windows\SysWow64\nvfatbinaryLoader.dll
2016-06-07 01:56 . 2015-11-09 21:35 17450504 ----a-w- c:\windows\system32\nvd3dumx.dll
2016-06-07 01:56 . 2016-06-07 01:56 14480624 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2016-06-07 01:56 . 2016-06-07 01:56 21542176 ----a-w- c:\windows\system32\nvcuda.dll
2016-06-07 01:55 . 2016-06-07 01:55 17902488 ----a-w- c:\windows\SysWow64\nvcuda.dll
2016-06-07 01:55 . 2015-11-09 21:35 3868272 ----a-w- c:\windows\system32\nvapi64.dll
2016-06-07 01:55 . 2016-06-07 01:55 3421928 ----a-w- c:\windows\SysWow64\nvapi.dll
2016-06-03 03:26 . 2013-05-10 14:41 6362560 ----a-w- c:\windows\system32\nvcpl.dll
2016-06-03 03:26 . 2013-05-10 14:41 2453952 ----a-w- c:\windows\system32\nvsvc64.dll
2016-06-03 03:26 . 2013-05-10 14:41 71224 ----a-w- c:\windows\system32\nvshext.dll
2016-06-03 03:26 . 2013-05-10 14:41 392128 ----a-w- c:\windows\system32\nvmctray.dll
2016-06-03 03:26 . 2013-05-10 14:41 1764408 ----a-w- c:\windows\system32\nvsvcr.dll
2016-06-03 03:26 . 2013-05-10 14:41 1351104 ----a-w- c:\windows\system32\nvvsvc.exe
2016-06-02 13:01 . 2013-05-14 11:21 79696 ----a-w- c:\windows\system32\drivers\avnetflt.sys
2016-06-02 12:19 . 2013-05-10 14:41 6452948 ----a-w- c:\windows\system32\nvcoproc.bin
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2016-08-05 8894680]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2015-05-15 60712]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2016-07-28 831064]
"NUSB3MON"="c:\program files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-01-22 106496]
"Avira SystrayStartTrigger"="c:\program files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe" [2016-08-04 67864]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"SpybotPostWindows10UpgradeReInstall"="c:\program files\Common Files\AV\Spybot - Search and Destroy\Test.exe" [2015-07-28 1011200]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Wireless Configuration Utility.lnk - c:\program files\TRENDnet\TEW-649UB\WlanCU.exe [2013-5-13 499712]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 AntiVirMailService;Avira Protection e-mail;c:\program files (x86)\Avira\AntiVir Desktop\avmailc7.exe;c:\program files (x86)\Avira\AntiVir Desktop\avmailc7.exe [x]
R2 AntiVirWebService;Avira Protection Web;c:\program files (x86)\Avira\AntiVir Desktop\avwebg7.exe;c:\program files (x86)\Avira\AntiVir Desktop\avwebg7.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 cpuz130;cpuz130;c:\users\P\AppData\Local\Temp\cpuz130\cpuz_x64.sys;c:\users\P\AppData\Local\Temp\cpuz130\cpuz_x64.sys [x]
R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [x]
R3 CT20XUT;CT20XUT;c:\windows\system32\drivers\CT20XUT.SYS;c:\windows\SYSNATIVE\drivers\CT20XUT.SYS [x]
R3 CTEXFIFX;CTEXFIFX;c:\windows\system32\drivers\CTEXFIFX.SYS;c:\windows\SYSNATIVE\drivers\CTEXFIFX.SYS [x]
R3 CTHWIUT;CTHWIUT;c:\windows\system32\drivers\CTHWIUT.SYS;c:\windows\SYSNATIVE\drivers\CTHWIUT.SYS [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys;c:\windows\SYSNATIVE\drivers\LGBusEnum.sys [x]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys;c:\windows\SYSNATIVE\drivers\LGVirHid.sys [x]
R3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;c:\windows\system32\DRIVERS\MijXfilt.sys;c:\windows\SYSNATIVE\DRIVERS\MijXfilt.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 xhunter1;xhunter1;c:\windows\xhunter1.sys;c:\windows\xhunter1.sys [x]
S0 mv91xx;mv91xx;c:\windows\system32\DRIVERS\mv91xx.sys;c:\windows\SYSNATIVE\DRIVERS\mv91xx.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S2 AntiVirSchedulerService;Avira Planificateur;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 Apple Mobile Device Service;Apple Mobile Device Service;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [x]
S2 Avira.ServiceHost;Avira Service Host;c:\program files (x86)\Avira\Launcher\Avira.ServiceHost.exe;c:\program files (x86)\Avira\Launcher\Avira.ServiceHost.exe [x]
S2 avnetflt;avnetflt;c:\windows\system32\DRIVERS\avnetflt.sys;c:\windows\SYSNATIVE\DRIVERS\avnetflt.sys [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x]
S2 MSSQL$MYMOVIES;SQL Server (MYMOVIES);c:\program files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe;c:\program files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe [x]
S2 WlanWpsSvc;WlanWpsSvc;c:\program files\TRENDnet\TEW-649UB\WlanWpsSvc.exe;c:\program files\TRENDnet\TEW-649UB\WlanWpsSvc.exe [x]
S3 CT20XUT.SYS;CT20XUT.SYS;c:\windows\System32\drivers\CT20XUT.SYS;c:\windows\SYSNATIVE\drivers\CT20XUT.SYS [x]
S3 CTEXFIFX.SYS;CTEXFIFX.SYS;c:\windows\System32\drivers\CTEXFIFX.SYS;c:\windows\SYSNATIVE\drivers\CTEXFIFX.SYS [x]
S3 CTHWIUT.SYS;CTHWIUT.SYS;c:\windows\System32\drivers\CTHWIUT.SYS;c:\windows\SYSNATIVE\drivers\CTHWIUT.SYS [x]
S3 e1yexpress;Pilote de connexions réseau Intel(R) Gigabit;c:\windows\system32\DRIVERS\e1y60x64.sys;c:\windows\SYSNATIVE\DRIVERS\e1y60x64.sys [x]
S3 ha20x22k;Creative 20X2 HAL Driver;c:\windows\system32\drivers\ha20x22k.sys;c:\windows\SYSNATIVE\drivers\ha20x22k.sys [x]
S3 LGPBTDD;LGPBTDD.sys Display Driver;c:\windows\system32\Drivers\LGPBTDD.sys;c:\windows\SYSNATIVE\Drivers\LGPBTDD.sys [x]
S3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8192su.sys;c:\windows\SYSNATIVE\DRIVERS\RTL8192su.sys [x]
S3 ScpVBus;Scp Virtual Bus Driver;c:\windows\system32\DRIVERS\ScpVBus.sys;c:\windows\SYSNATIVE\DRIVERS\ScpVBus.sys [x]
S3 WSDScan;Prise en charge de la numérisation WSD via UMB;c:\windows\system32\drivers\WSDScan.sys;c:\windows\SYSNATIVE\drivers\WSDScan.sys [x]
.
.
--- Autres Services/Pilotes en mémoire ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr QWAVE wcncsvc
.
Contenu du dossier 'Tâches planifiées'
.
2015-08-20 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-05-10 23:16]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Launch LgDevAgt"="c:\program files\Logitech\GamePanel Software\LgDevAgt.exe" [2008-11-06 397320]
"Launch LCDMon"="c:\program files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe" [2008-11-06 2049544]
"Launch LGDCore"="c:\program files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" [2008-11-06 3837960]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2015-11-05 2655520]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2015-07-11 170280]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2015-11-05 1710752]
.
------- Examen supplémentaire -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\P\AppData\Roaming\Mozilla\Firefox\Profiles\isqb3av1.default-1470695831094\
FF - prefs.js: browser.startup.homepage - hxxps://www.google.fr/
.
- - - - ORPHELINS SUPPRIMES - - - -
.
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
.
.
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_18_0_0_209_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_18_0_0_209_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_18_0_0_209_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_18_0_0_209_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_209.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.18"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_209.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_209.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_209.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Autres processus actifs ------------------------
.
c:\program files (x86)\Creative\Shared Files\CTAudSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Microsoft SQL Server\MSSQL.2\MSSQL\Binn\sqlservr.exe
c:\program files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
.
**************************************************************************
.
Heure de fin: 2016-08-30 14:55:47 - La machine a redémarré
ComboFix-quarantined-files.txt 2016-08-30 12:55
.
Avant-CF: 832.704.110.592 octets libres
Après-CF: 832.129.662.976 octets libres
.
- - End Of File - - 776582F5F8EE8BE92A1C95A02D573596

Publicité


Signaler le contenu de ce document

Publicité