Publicité
Publicité
Format du document : text/plain
Prévisualisation
ComboFix 17-03-28.01 - Web 31/03/2017 9:29.2.4 - x64 MINIMAL
Microsoft Windows 7 Professionnel 6.1.7601.1.1252.33.1036.18.8066.6534 [GMT 2:00]
Lancé depuis: c:\users\Web\Downloads\ComboFix.exe
AV: AVG Antivirus *Enabled/Updated* {4D41356F-32AD-7C42-C820-63775EE4F413}
SP: AVG Antivirus *Enabled/Updated* {F620D48B-1497-73CC-F290-58052563BEAE}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Un nouveau point de restauration a été créé
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Exécution préalable -------
.
c:\users\Web\AppData\Local\Temp\b0494a1f-4bd3-4QlMWbVEg9J4ekRhBMTeLQ==\FriendlyFilterPlatform.dll
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2017-02-28 au 2017-03-31 ))))))))))))))))))))))))))))))))))))
.
.
2017-03-31 07:32 . 2017-03-31 07:32 -------- d-----w- c:\users\Default\AppData\Local\temp
2017-03-31 07:20 . 2017-03-31 07:20 -------- d-----w- C:\$AV_AVG
2017-03-31 06:47 . 2017-03-31 06:47 -------- d-----w- C:\Quarantine
2017-03-30 15:02 . 2017-03-30 15:02 -------- d-----r- C:\Sandbox
2017-03-30 14:47 . 2017-03-30 14:45 400928 ----a-w- c:\windows\system32\avgBoot.exe
2017-03-30 14:20 . 2017-03-30 14:20 250672 ----a-w- c:\windows\system32\mfevtps.exe
2017-03-30 14:20 . 2017-03-30 14:20 864072 ----a-w- c:\windows\system32\drivers\mfehidk.sys
2017-03-30 14:20 . 2017-03-30 14:20 106120 ----a-w- c:\windows\system32\drivers\mferkdet.sys
2017-03-30 14:19 . 2017-03-30 14:19 -------- d-----w- c:\program files\McAfee
2017-03-30 14:19 . 2017-03-31 06:47 -------- d-----w- c:\program files\stinger
2017-03-30 12:52 . 2014-07-09 02:03 7168 ----a-w- c:\windows\system32\KBDTAT.DLL
2017-03-30 12:52 . 2014-07-09 01:31 7168 ----a-w- c:\windows\SysWow64\KBDYAK.DLL
2017-03-30 12:52 . 2014-07-09 01:31 6656 ----a-w- c:\windows\SysWow64\KBDBASH.DLL
2017-03-30 12:52 . 2014-07-09 02:03 7168 ----a-w- c:\windows\system32\KBDYAK.DLL
2017-03-30 12:52 . 2014-07-09 02:03 7168 ----a-w- c:\windows\system32\KBDRU1.DLL
2017-03-30 12:52 . 2014-07-09 02:03 6656 ----a-w- c:\windows\system32\KBDRU.DLL
2017-03-30 12:52 . 2014-07-09 02:03 7168 ----a-w- c:\windows\system32\KBDBASH.DLL
2017-03-30 12:49 . 2016-05-13 22:07 91136 ----a-w- c:\windows\system32\WinSetupUI.dll
2017-03-30 12:49 . 2016-05-13 21:53 37888 ----a-w- c:\windows\system32\wuapp.exe
2017-03-30 12:49 . 2016-05-13 21:52 140288 ----a-w- c:\windows\system32\wuauclt.exe
2017-03-30 12:49 . 2016-05-13 22:09 3156480 ----a-w- c:\windows\system32\wucltux.dll
2017-03-30 12:49 . 2016-05-13 21:50 174080 ----a-w- c:\windows\SysWow64\wuwebv.dll
2017-03-30 12:49 . 2016-05-13 21:38 35328 ----a-w- c:\windows\SysWow64\wuapp.exe
2017-03-30 12:49 . 2016-05-13 21:38 93696 ----a-w- c:\windows\SysWow64\wudriver.dll
2017-03-30 12:49 . 2016-05-13 22:09 98816 ----a-w- c:\windows\system32\wudriver.dll
2017-03-30 12:49 . 2016-05-13 22:09 192512 ----a-w- c:\windows\system32\wuwebv.dll
2017-03-30 12:49 . 2016-05-13 21:55 2607104 ----a-w- c:\windows\system32\wuaueng.dll
2017-03-30 12:49 . 2016-05-13 21:53 709120 ----a-w- c:\windows\system32\wuapi.dll
2017-03-30 12:49 . 2016-05-13 21:38 573440 ----a-w- c:\windows\SysWow64\wuapi.dll
2017-03-30 12:48 . 2016-05-13 21:38 30208 ----a-w- c:\windows\SysWow64\wups.dll
2017-03-30 12:48 . 2016-05-13 21:52 36864 ----a-w- c:\windows\system32\wups.dll
2017-03-30 12:48 . 2016-05-13 21:52 37888 ----a-w- c:\windows\system32\wups2.dll
2017-03-30 12:48 . 2016-05-13 21:52 12288 ----a-w- c:\windows\system32\wu.upgrade.ps.dll
2017-03-30 12:48 . 2016-05-12 15:18 90624 ----a-w- c:\windows\SysWow64\olepro32.dll
2017-03-30 12:45 . 2013-11-22 22:48 3928064 ----a-w- c:\windows\system32\d2d1.dll
2017-03-30 12:45 . 2013-11-26 08:16 3419136 ----a-w- c:\windows\SysWow64\d2d1.dll
2017-03-30 08:25 . 2017-03-30 08:32 -------- d-----w- c:\program files (x86)\Deluge
2017-03-30 07:16 . 2017-03-30 07:16 -------- d-----w- c:\program files\Sandboxie
2017-03-30 06:22 . 2017-03-30 06:23 -------- d-----w- c:\program files (x86)\Mailbird
2017-03-29 22:47 . 2017-03-29 12:56 -------- d-----w- c:\windows\Panther
2017-03-29 22:47 . 2017-03-29 22:47 -------- d-----w- c:\windows\system32\OEM
2017-03-29 15:53 . 2015-07-30 13:13 103120 ----a-w- c:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2017-03-29 15:53 . 2015-07-30 13:13 124624 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2017-03-29 15:50 . 2016-04-14 13:49 603648 ----a-w- c:\windows\SysWow64\d3d10level9.dll
2017-03-29 15:50 . 2016-04-14 13:21 647680 ----a-w- c:\windows\system32\d3d10level9.dll
2017-03-29 15:50 . 2015-12-08 21:54 2285056 ----a-w- c:\windows\SysWow64\msmpeg2vdec.dll
2017-03-29 15:50 . 2015-12-08 19:07 2777088 ----a-w- c:\windows\system32\msmpeg2vdec.dll
2017-03-29 15:50 . 2015-02-03 03:31 1424896 ----a-w- c:\windows\system32\WindowsCodecs.dll
2017-03-29 15:50 . 2015-02-03 03:12 1230848 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
2017-03-29 15:50 . 2015-02-04 03:16 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2017-03-29 15:50 . 2015-02-04 02:54 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2017-03-29 15:46 . 2017-03-29 15:46 451 ----a-w- c:\windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2017-03-29 15:36 . 2017-03-29 15:36 -------- d-----w- c:\windows\SysWow64\Wat
2017-03-29 15:36 . 2017-03-29 15:36 -------- d-----w- c:\windows\system32\Wat
2017-03-29 15:29 . 2017-03-29 15:29 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2017-03-29 15:20 . 2017-03-31 07:20 -------- d-----w- c:\programdata\NVIDIA
2017-03-29 15:20 . 2013-05-14 13:53 6411552 ----a-w- c:\windows\system32\nvcpl.dll
2017-03-29 15:20 . 2013-05-14 13:53 3462432 ----a-w- c:\windows\system32\nvsvc64.dll
2017-03-29 15:20 . 2013-05-14 13:53 3165737 ----a-w- c:\windows\system32\nvcoproc.bin
2017-03-29 15:20 . 2013-05-14 13:53 884512 ----a-w- c:\windows\system32\nvvsvc.exe
2017-03-29 15:20 . 2013-05-14 13:53 76064 ----a-w- c:\windows\system32\nv3dappshextr.dll
2017-03-29 15:20 . 2013-05-14 13:53 63776 ----a-w- c:\windows\system32\nvshext.dll
2017-03-29 15:20 . 2013-05-14 13:53 2558240 ----a-w- c:\windows\system32\nvsvcr.dll
2017-03-29 15:20 . 2013-05-14 13:53 118560 ----a-w- c:\windows\system32\nvmctray.dll
2017-03-29 15:20 . 2013-05-14 13:53 1001760 ----a-w- c:\windows\system32\nv3dappshext.dll
2017-03-29 15:19 . 2017-03-29 15:20 -------- d-----w- c:\programdata\NVIDIA Corporation
2017-03-29 15:19 . 2017-03-29 15:20 -------- d-----w- c:\program files (x86)\NVIDIA Corporation
2017-03-29 15:19 . 2017-03-29 15:20 -------- d-----w- c:\program files\NVIDIA Corporation
2017-03-29 15:14 . 2017-03-29 15:14 -------- d-----w- c:\program files (x86)\Intel
2017-03-29 15:14 . 2015-08-27 16:20 72704 ----a-w- c:\windows\system32\OpenCL.DLL
2017-03-29 15:14 . 2015-08-27 16:20 69120 ----a-w- c:\windows\SysWow64\OpenCL.DLL
2017-03-29 15:14 . 2017-03-29 15:14 -------- d-----w- C:\Intel
2017-03-29 15:14 . 2017-03-29 15:14 -------- d-----w- c:\program files\Intel
2017-03-29 15:14 . 2017-03-29 15:14 -------- d-----w- c:\program files (x86)\Common Files\Intel
2017-03-29 15:05 . 2017-03-29 15:05 -------- d-----w- c:\windows\system32\MRT
2017-03-29 14:54 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
2017-03-29 14:54 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
2017-03-29 14:54 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
2017-03-29 14:54 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2017-03-29 14:54 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
2017-03-29 14:54 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2017-03-29 14:54 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2017-03-29 14:49 . 2017-03-29 14:49 -------- d-----w- c:\programdata\MapControl
2017-03-29 14:38 . 2017-03-29 14:38 -------- d-s---w- c:\windows\system32\CompatTel
2017-03-29 14:38 . 2017-03-29 14:38 -------- d-----w- c:\windows\system32\appraiser
2017-03-29 14:37 . 2017-03-29 14:37 -------- d-----w- c:\programdata\Package Cache
2017-03-29 14:36 . 2017-03-29 14:36 -------- d-----w- c:\windows\Migration
2017-03-29 14:36 . 2017-03-29 14:36 -------- d-----w- c:\program files (x86)\Microsoft.NET
2017-03-29 14:35 . 2016-09-22 13:26 34520 ----a-w- c:\windows\system32\drivers\tapipvanish.sys
2017-03-29 14:35 . 2017-03-31 06:06 -------- d-----w- c:\program files\IPVanish
2017-03-29 14:35 . 2017-03-31 07:26 -------- d-----w- c:\programdata\TinyWall
2017-03-29 14:35 . 2017-03-29 14:35 -------- d-----w- c:\program files (x86)\TinyWall
2017-03-29 14:16 . 2014-06-30 22:24 8856 ----a-w- c:\windows\system32\icardres.dll
2017-03-29 14:16 . 2014-06-30 22:14 8856 ----a-w- c:\windows\SysWow64\icardres.dll
2017-03-29 14:16 . 2014-03-09 21:48 171160 ----a-w- c:\windows\system32\infocardapi.dll
2017-03-29 14:16 . 2014-03-09 21:48 1389208 ----a-w- c:\windows\system32\icardagt.exe
2017-03-29 14:16 . 2014-03-09 21:47 99480 ----a-w- c:\windows\SysWow64\infocardapi.dll
2017-03-29 14:16 . 2014-03-09 21:47 619672 ----a-w- c:\windows\SysWow64\icardagt.exe
2017-03-29 14:16 . 2014-06-06 06:16 35480 ----a-w- c:\windows\SysWow64\TsWpfWrp.exe
2017-03-29 14:16 . 2014-06-06 06:12 35480 ----a-w- c:\windows\system32\TsWpfWrp.exe
2017-03-29 14:12 . 2016-03-16 18:50 156672 ----a-w- c:\windows\system32\mtxoci.dll
2017-03-29 14:11 . 2015-07-10 17:51 44032 ----a-w- c:\windows\system32\tsgqec.dll
2017-03-29 14:10 . 2016-02-05 01:19 381440 ----a-w- c:\windows\system32\mfds.dll
2017-03-29 14:04 . 2015-07-23 00:02 879104 ----a-w- c:\windows\system32\tdh.dll
2017-03-29 14:04 . 2015-07-22 17:53 635392 ----a-w- c:\windows\SysWow64\tdh.dll
2017-03-29 13:59 . 2016-05-11 17:02 483840 ----a-w- c:\windows\system32\StructuredQuery.dll
2017-03-29 13:59 . 2016-05-11 15:19 363520 ----a-w- c:\windows\SysWow64\StructuredQuery.dll
2017-03-29 13:59 . 2015-12-08 21:53 509952 ----a-w- c:\windows\SysWow64\qedit.dll
2017-03-29 13:59 . 2015-12-08 19:07 624640 ----a-w- c:\windows\system32\qedit.dll
2017-03-29 13:59 . 2016-02-09 09:55 30720 ----a-w- c:\windows\system32\seclogon.dll
2017-03-29 13:59 . 2015-02-25 03:18 754688 ----a-w- c:\windows\system32\drivers\http.sys
2017-03-29 13:59 . 2016-01-22 06:18 961024 ----a-w- c:\windows\system32\CPFilters.dll
2017-03-29 13:59 . 2016-01-22 06:18 723968 ----a-w- c:\windows\system32\EncDec.dll
2017-03-29 13:59 . 2016-01-22 06:04 642048 ----a-w- c:\windows\SysWow64\CPFilters.dll
2017-03-29 13:59 . 2016-01-22 06:04 535040 ----a-w- c:\windows\SysWow64\EncDec.dll
2017-03-29 13:46 . 2017-03-29 14:34 -------- d-----w- c:\program files (x86)\Google
2017-03-29 13:45 . 2012-02-17 06:38 1031680 ----a-w- c:\windows\system32\rdpcore.dll
2017-03-29 13:45 . 2012-02-17 05:34 826880 ----a-w- c:\windows\SysWow64\rdpcore.dll
2017-03-29 13:45 . 2012-02-17 04:57 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2017-03-29 13:44 . 2017-03-31 06:10 -------- d-sh--w- c:\windows\Installer
2017-03-29 13:44 . 2017-03-29 13:45 -------- d-----w- c:\program files (x86)\AVG
2017-03-29 13:43 . 2017-03-30 08:16 -------- d-----w- c:\programdata\Avg
2017-03-29 13:43 . 2017-03-29 13:43 -------- d--h--w- c:\programdata\Common Files
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2017-02-09 16:14 . 2017-03-29 14:10 44032 ----a-w- c:\windows\apppatch\acwow64.dll
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Mailbird"="c:\program files (x86)\Mailbird\Mailbird.exe" [2017-03-28 6771584]
"SandboxieControl"="c:\program files\Sandboxie\SbieCtrl.exe" [2016-12-14 799376]
"Spotify Web Helper"="c:\users\Web\AppData\Roaming\Spotify\SpotifyWebHelper.exe" [2017-03-30 1446000]
"Spotify"="c:\users\Web\AppData\Roaming\Spotify\Spotify.exe" [2017-03-30 7089776]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
R0 avgbidsh;avgbidsh;c:\windows\\SystemRoot\system32\drivers\avgbidsha.sys;c:\windows\\SystemRoot\system32\drivers\avgbidsha.sys [x]
R0 avgblog;avgblog;c:\windows\\SystemRoot\system32\drivers\avgbloga.sys;c:\windows\\SystemRoot\system32\drivers\avgbloga.sys [x]
R0 avgbuniv;avgbuniv;c:\windows\\SystemRoot\system32\drivers\avgbuniva.sys;c:\windows\\SystemRoot\system32\drivers\avgbuniva.sys [x]
R0 avgRvrt;avgRvrt;c:\windows\\SystemRoot\system32\drivers\avgRvrt.sys;c:\windows\\SystemRoot\system32\drivers\avgRvrt.sys [x]
R0 avgVmm;avgVmm;c:\windows\\SystemRoot\system32\drivers\avgVmm.sys;c:\windows\\SystemRoot\system32\drivers\avgVmm.sys [x]
R1 avgbdisk;avgbdisk;c:\windows\system32\drivers\avgbdiska.sys;c:\windows\SYSNATIVE\drivers\avgbdiska.sys [x]
R1 avgbidsdriver;avgbidsdriver;c:\windows\system32\drivers\avgbidsdrivera.sys;c:\windows\SYSNATIVE\drivers\avgbidsdrivera.sys [x]
R1 avgRdr;avgRdr;c:\windows\system32\drivers\avgRdr2.sys;c:\windows\SYSNATIVE\drivers\avgRdr2.sys [x]
R1 avgSnx;avgSnx;c:\windows\system32\drivers\avgSnx.sys;c:\windows\SYSNATIVE\drivers\avgSnx.sys [x]
R1 avgSP;avgSP;c:\windows\system32\drivers\avgSP.sys;c:\windows\SYSNATIVE\drivers\avgSP.sys [x]
R2 AVG Antivirus;AVG Antivirus;c:\program files (x86)\AVG\Antivirus\AVGSvc.exe;c:\program files (x86)\AVG\Antivirus\AVGSvc.exe [x]
R2 avgMonFlt;avgMonFlt;c:\windows\system32\drivers\avgMonFlt.sys;c:\windows\SYSNATIVE\drivers\avgMonFlt.sys [x]
R2 avgStm;avgStm;c:\windows\system32\drivers\avgStm.sys;c:\windows\SYSNATIVE\drivers\avgStm.sys [x]
R2 avgsvc;AVG Service;c:\program files (x86)\AVG\Framework\Common\avgsvca.exe;c:\program files (x86)\AVG\Framework\Common\avgsvca.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service;c:\windows\system32\igfxCUIService.exe;c:\windows\SYSNATIVE\igfxCUIService.exe [x]
R2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe;c:\windows\SYSNATIVE\mfevtps.exe [x]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
R2 TinyWall;TinyWall Service;c:\program files (x86)\TinyWall\TinyWall.exe;c:\program files (x86)\TinyWall\TinyWall.exe [x]
R3 amdhub30;AMD USB 3.0 Hub Driver;c:\windows\system32\drivers\amdhub30.sys;c:\windows\SYSNATIVE\drivers\amdhub30.sys [x]
R3 amdxhc;AMD USB 3.0 Host Controller Driver;c:\windows\system32\drivers\amdxhc.sys;c:\windows\SYSNATIVE\drivers\amdxhc.sys [x]
R3 avgbIDSAgent;avgbIDSAgent;c:\program files (x86)\AVG\Antivirus\x64\aswidsagenta.exe;c:\program files (x86)\AVG\Antivirus\x64\aswidsagenta.exe [x]
R3 avgHwid;avgHwid;c:\windows\system32\drivers\avgHwid.sys;c:\windows\SYSNATIVE\drivers\avgHwid.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 iaStorB;iaStorB;c:\windows\system32\drivers\iaStorB.sys;c:\windows\SYSNATIVE\drivers\iaStorB.sys [x]
R3 iaStorS;iaStorS;c:\windows\system32\drivers\iaStorS.sys;c:\windows\SYSNATIVE\drivers\iaStorS.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 IntcDAud;Son Intel(R) pour écrans;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
R3 iusb3hub;Intel(R) USB 3.0 Hub Driver;c:\windows\system32\drivers\iusb3hub.sys;c:\windows\SYSNATIVE\drivers\iusb3hub.sys [x]
R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\drivers\iusb3xhc.sys;c:\windows\SYSNATIVE\drivers\iusb3xhc.sys [x]
R3 MailbirdUpdater.exe;Mailbird Updater;c:\program files (x86)\Mailbird\MailbirdUpdater.exe;c:\program files (x86)\Mailbird\MailbirdUpdater.exe [x]
R3 megasas2;megasas2;c:\windows\system32\drivers\megasas2.sys;c:\windows\SYSNATIVE\drivers\megasas2.sys [x]
R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys;c:\windows\SYSNATIVE\drivers\mferkdet.sys [x]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\drivers\nusb3hub.sys;c:\windows\SYSNATIVE\drivers\nusb3hub.sys [x]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\drivers\nusb3xhc.sys;c:\windows\SYSNATIVE\drivers\nusb3xhc.sys [x]
R3 tapipvanish;IPVanish Adapter;c:\windows\system32\DRIVERS\tapipvanish.sys;c:\windows\SYSNATIVE\DRIVERS\tapipvanish.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 iaStorA;iaStorA;c:\windows\system32\drivers\iaStorA.sys;c:\windows\SYSNATIVE\drivers\iaStorA.sys [x]
S0 iaStorF;iaStorF;c:\windows\system32\drivers\iaStorF.sys;c:\windows\SYSNATIVE\drivers\iaStorF.sys [x]
S0 iusb3hcs;Pilote de commutateur de contrôleur d'hôte Intel(R) USB 3.0;c:\windows\system32\drivers\iusb3hcs.sys;c:\windows\SYSNATIVE\drivers\iusb3hcs.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\drivers\usbfilter.sys;c:\windows\SYSNATIVE\drivers\usbfilter.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr QWAVE wcncsvc
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AvgUi"="c:\program files (x86)\AVG\Framework\Common\avguirna.exe" [2017-03-23 239104]
"AVGUI.exe"="c:\program files (x86)\AVG\Antivirus\AvLaunch.exe" [2017-03-30 263088]
"TinyWall Controller"="c:\program files (x86)\TinyWall\TinyWall.exe" [2016-03-10 698296]
"nwiz"="c:\program files\NVIDIA Corporation\nview\nwiz.exe" [2013-06-05 2716960]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"RealProtect"="c:\program files\McAfee\Real Protect\RealProtect.exe" [2017-03-30 6876320]
.
------- Examen supplémentaire -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 198.18.0.1 198.18.0.2
TCP: Interfaces\{0178D835-96D3-4919-B386-1D145CB8FFE2}: NameServer = 8.8.8.8,8.8.4.4
.
- - - - ORPHELINS SUPPRIMES - - - -
.
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file)
.
.
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Heure de fin: 2017-03-31 09:33:12
ComboFix-quarantined-files.txt 2017-03-31 07:33
.
Avant-CF: 196 568 944 640 octets libres
Après-CF: 196 054 192 128 octets libres
.
- - End Of File - - D06B30448446E4A3E3CDAF56312CAB7B
A36C5E4F47E84449FF07ED3517B43A31
Microsoft Windows 7 Professionnel 6.1.7601.1.1252.33.1036.18.8066.6534 [GMT 2:00]
Lancé depuis: c:\users\Web\Downloads\ComboFix.exe
AV: AVG Antivirus *Enabled/Updated* {4D41356F-32AD-7C42-C820-63775EE4F413}
SP: AVG Antivirus *Enabled/Updated* {F620D48B-1497-73CC-F290-58052563BEAE}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Un nouveau point de restauration a été créé
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Exécution préalable -------
.
c:\users\Web\AppData\Local\Temp\b0494a1f-4bd3-4QlMWbVEg9J4ekRhBMTeLQ==\FriendlyFilterPlatform.dll
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2017-02-28 au 2017-03-31 ))))))))))))))))))))))))))))))))))))
.
.
2017-03-31 07:32 . 2017-03-31 07:32 -------- d-----w- c:\users\Default\AppData\Local\temp
2017-03-31 07:20 . 2017-03-31 07:20 -------- d-----w- C:\$AV_AVG
2017-03-31 06:47 . 2017-03-31 06:47 -------- d-----w- C:\Quarantine
2017-03-30 15:02 . 2017-03-30 15:02 -------- d-----r- C:\Sandbox
2017-03-30 14:47 . 2017-03-30 14:45 400928 ----a-w- c:\windows\system32\avgBoot.exe
2017-03-30 14:20 . 2017-03-30 14:20 250672 ----a-w- c:\windows\system32\mfevtps.exe
2017-03-30 14:20 . 2017-03-30 14:20 864072 ----a-w- c:\windows\system32\drivers\mfehidk.sys
2017-03-30 14:20 . 2017-03-30 14:20 106120 ----a-w- c:\windows\system32\drivers\mferkdet.sys
2017-03-30 14:19 . 2017-03-30 14:19 -------- d-----w- c:\program files\McAfee
2017-03-30 14:19 . 2017-03-31 06:47 -------- d-----w- c:\program files\stinger
2017-03-30 12:52 . 2014-07-09 02:03 7168 ----a-w- c:\windows\system32\KBDTAT.DLL
2017-03-30 12:52 . 2014-07-09 01:31 7168 ----a-w- c:\windows\SysWow64\KBDYAK.DLL
2017-03-30 12:52 . 2014-07-09 01:31 6656 ----a-w- c:\windows\SysWow64\KBDBASH.DLL
2017-03-30 12:52 . 2014-07-09 02:03 7168 ----a-w- c:\windows\system32\KBDYAK.DLL
2017-03-30 12:52 . 2014-07-09 02:03 7168 ----a-w- c:\windows\system32\KBDRU1.DLL
2017-03-30 12:52 . 2014-07-09 02:03 6656 ----a-w- c:\windows\system32\KBDRU.DLL
2017-03-30 12:52 . 2014-07-09 02:03 7168 ----a-w- c:\windows\system32\KBDBASH.DLL
2017-03-30 12:49 . 2016-05-13 22:07 91136 ----a-w- c:\windows\system32\WinSetupUI.dll
2017-03-30 12:49 . 2016-05-13 21:53 37888 ----a-w- c:\windows\system32\wuapp.exe
2017-03-30 12:49 . 2016-05-13 21:52 140288 ----a-w- c:\windows\system32\wuauclt.exe
2017-03-30 12:49 . 2016-05-13 22:09 3156480 ----a-w- c:\windows\system32\wucltux.dll
2017-03-30 12:49 . 2016-05-13 21:50 174080 ----a-w- c:\windows\SysWow64\wuwebv.dll
2017-03-30 12:49 . 2016-05-13 21:38 35328 ----a-w- c:\windows\SysWow64\wuapp.exe
2017-03-30 12:49 . 2016-05-13 21:38 93696 ----a-w- c:\windows\SysWow64\wudriver.dll
2017-03-30 12:49 . 2016-05-13 22:09 98816 ----a-w- c:\windows\system32\wudriver.dll
2017-03-30 12:49 . 2016-05-13 22:09 192512 ----a-w- c:\windows\system32\wuwebv.dll
2017-03-30 12:49 . 2016-05-13 21:55 2607104 ----a-w- c:\windows\system32\wuaueng.dll
2017-03-30 12:49 . 2016-05-13 21:53 709120 ----a-w- c:\windows\system32\wuapi.dll
2017-03-30 12:49 . 2016-05-13 21:38 573440 ----a-w- c:\windows\SysWow64\wuapi.dll
2017-03-30 12:48 . 2016-05-13 21:38 30208 ----a-w- c:\windows\SysWow64\wups.dll
2017-03-30 12:48 . 2016-05-13 21:52 36864 ----a-w- c:\windows\system32\wups.dll
2017-03-30 12:48 . 2016-05-13 21:52 37888 ----a-w- c:\windows\system32\wups2.dll
2017-03-30 12:48 . 2016-05-13 21:52 12288 ----a-w- c:\windows\system32\wu.upgrade.ps.dll
2017-03-30 12:48 . 2016-05-12 15:18 90624 ----a-w- c:\windows\SysWow64\olepro32.dll
2017-03-30 12:45 . 2013-11-22 22:48 3928064 ----a-w- c:\windows\system32\d2d1.dll
2017-03-30 12:45 . 2013-11-26 08:16 3419136 ----a-w- c:\windows\SysWow64\d2d1.dll
2017-03-30 08:25 . 2017-03-30 08:32 -------- d-----w- c:\program files (x86)\Deluge
2017-03-30 07:16 . 2017-03-30 07:16 -------- d-----w- c:\program files\Sandboxie
2017-03-30 06:22 . 2017-03-30 06:23 -------- d-----w- c:\program files (x86)\Mailbird
2017-03-29 22:47 . 2017-03-29 12:56 -------- d-----w- c:\windows\Panther
2017-03-29 22:47 . 2017-03-29 22:47 -------- d-----w- c:\windows\system32\OEM
2017-03-29 15:53 . 2015-07-30 13:13 103120 ----a-w- c:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2017-03-29 15:53 . 2015-07-30 13:13 124624 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2017-03-29 15:50 . 2016-04-14 13:49 603648 ----a-w- c:\windows\SysWow64\d3d10level9.dll
2017-03-29 15:50 . 2016-04-14 13:21 647680 ----a-w- c:\windows\system32\d3d10level9.dll
2017-03-29 15:50 . 2015-12-08 21:54 2285056 ----a-w- c:\windows\SysWow64\msmpeg2vdec.dll
2017-03-29 15:50 . 2015-12-08 19:07 2777088 ----a-w- c:\windows\system32\msmpeg2vdec.dll
2017-03-29 15:50 . 2015-02-03 03:31 1424896 ----a-w- c:\windows\system32\WindowsCodecs.dll
2017-03-29 15:50 . 2015-02-03 03:12 1230848 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
2017-03-29 15:50 . 2015-02-04 03:16 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2017-03-29 15:50 . 2015-02-04 02:54 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2017-03-29 15:46 . 2017-03-29 15:46 451 ----a-w- c:\windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2017-03-29 15:36 . 2017-03-29 15:36 -------- d-----w- c:\windows\SysWow64\Wat
2017-03-29 15:36 . 2017-03-29 15:36 -------- d-----w- c:\windows\system32\Wat
2017-03-29 15:29 . 2017-03-29 15:29 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2017-03-29 15:20 . 2017-03-31 07:20 -------- d-----w- c:\programdata\NVIDIA
2017-03-29 15:20 . 2013-05-14 13:53 6411552 ----a-w- c:\windows\system32\nvcpl.dll
2017-03-29 15:20 . 2013-05-14 13:53 3462432 ----a-w- c:\windows\system32\nvsvc64.dll
2017-03-29 15:20 . 2013-05-14 13:53 3165737 ----a-w- c:\windows\system32\nvcoproc.bin
2017-03-29 15:20 . 2013-05-14 13:53 884512 ----a-w- c:\windows\system32\nvvsvc.exe
2017-03-29 15:20 . 2013-05-14 13:53 76064 ----a-w- c:\windows\system32\nv3dappshextr.dll
2017-03-29 15:20 . 2013-05-14 13:53 63776 ----a-w- c:\windows\system32\nvshext.dll
2017-03-29 15:20 . 2013-05-14 13:53 2558240 ----a-w- c:\windows\system32\nvsvcr.dll
2017-03-29 15:20 . 2013-05-14 13:53 118560 ----a-w- c:\windows\system32\nvmctray.dll
2017-03-29 15:20 . 2013-05-14 13:53 1001760 ----a-w- c:\windows\system32\nv3dappshext.dll
2017-03-29 15:19 . 2017-03-29 15:20 -------- d-----w- c:\programdata\NVIDIA Corporation
2017-03-29 15:19 . 2017-03-29 15:20 -------- d-----w- c:\program files (x86)\NVIDIA Corporation
2017-03-29 15:19 . 2017-03-29 15:20 -------- d-----w- c:\program files\NVIDIA Corporation
2017-03-29 15:14 . 2017-03-29 15:14 -------- d-----w- c:\program files (x86)\Intel
2017-03-29 15:14 . 2015-08-27 16:20 72704 ----a-w- c:\windows\system32\OpenCL.DLL
2017-03-29 15:14 . 2015-08-27 16:20 69120 ----a-w- c:\windows\SysWow64\OpenCL.DLL
2017-03-29 15:14 . 2017-03-29 15:14 -------- d-----w- C:\Intel
2017-03-29 15:14 . 2017-03-29 15:14 -------- d-----w- c:\program files\Intel
2017-03-29 15:14 . 2017-03-29 15:14 -------- d-----w- c:\program files (x86)\Common Files\Intel
2017-03-29 15:05 . 2017-03-29 15:05 -------- d-----w- c:\windows\system32\MRT
2017-03-29 14:54 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
2017-03-29 14:54 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
2017-03-29 14:54 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
2017-03-29 14:54 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2017-03-29 14:54 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
2017-03-29 14:54 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2017-03-29 14:54 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2017-03-29 14:49 . 2017-03-29 14:49 -------- d-----w- c:\programdata\MapControl
2017-03-29 14:38 . 2017-03-29 14:38 -------- d-s---w- c:\windows\system32\CompatTel
2017-03-29 14:38 . 2017-03-29 14:38 -------- d-----w- c:\windows\system32\appraiser
2017-03-29 14:37 . 2017-03-29 14:37 -------- d-----w- c:\programdata\Package Cache
2017-03-29 14:36 . 2017-03-29 14:36 -------- d-----w- c:\windows\Migration
2017-03-29 14:36 . 2017-03-29 14:36 -------- d-----w- c:\program files (x86)\Microsoft.NET
2017-03-29 14:35 . 2016-09-22 13:26 34520 ----a-w- c:\windows\system32\drivers\tapipvanish.sys
2017-03-29 14:35 . 2017-03-31 06:06 -------- d-----w- c:\program files\IPVanish
2017-03-29 14:35 . 2017-03-31 07:26 -------- d-----w- c:\programdata\TinyWall
2017-03-29 14:35 . 2017-03-29 14:35 -------- d-----w- c:\program files (x86)\TinyWall
2017-03-29 14:16 . 2014-06-30 22:24 8856 ----a-w- c:\windows\system32\icardres.dll
2017-03-29 14:16 . 2014-06-30 22:14 8856 ----a-w- c:\windows\SysWow64\icardres.dll
2017-03-29 14:16 . 2014-03-09 21:48 171160 ----a-w- c:\windows\system32\infocardapi.dll
2017-03-29 14:16 . 2014-03-09 21:48 1389208 ----a-w- c:\windows\system32\icardagt.exe
2017-03-29 14:16 . 2014-03-09 21:47 99480 ----a-w- c:\windows\SysWow64\infocardapi.dll
2017-03-29 14:16 . 2014-03-09 21:47 619672 ----a-w- c:\windows\SysWow64\icardagt.exe
2017-03-29 14:16 . 2014-06-06 06:16 35480 ----a-w- c:\windows\SysWow64\TsWpfWrp.exe
2017-03-29 14:16 . 2014-06-06 06:12 35480 ----a-w- c:\windows\system32\TsWpfWrp.exe
2017-03-29 14:12 . 2016-03-16 18:50 156672 ----a-w- c:\windows\system32\mtxoci.dll
2017-03-29 14:11 . 2015-07-10 17:51 44032 ----a-w- c:\windows\system32\tsgqec.dll
2017-03-29 14:10 . 2016-02-05 01:19 381440 ----a-w- c:\windows\system32\mfds.dll
2017-03-29 14:04 . 2015-07-23 00:02 879104 ----a-w- c:\windows\system32\tdh.dll
2017-03-29 14:04 . 2015-07-22 17:53 635392 ----a-w- c:\windows\SysWow64\tdh.dll
2017-03-29 13:59 . 2016-05-11 17:02 483840 ----a-w- c:\windows\system32\StructuredQuery.dll
2017-03-29 13:59 . 2016-05-11 15:19 363520 ----a-w- c:\windows\SysWow64\StructuredQuery.dll
2017-03-29 13:59 . 2015-12-08 21:53 509952 ----a-w- c:\windows\SysWow64\qedit.dll
2017-03-29 13:59 . 2015-12-08 19:07 624640 ----a-w- c:\windows\system32\qedit.dll
2017-03-29 13:59 . 2016-02-09 09:55 30720 ----a-w- c:\windows\system32\seclogon.dll
2017-03-29 13:59 . 2015-02-25 03:18 754688 ----a-w- c:\windows\system32\drivers\http.sys
2017-03-29 13:59 . 2016-01-22 06:18 961024 ----a-w- c:\windows\system32\CPFilters.dll
2017-03-29 13:59 . 2016-01-22 06:18 723968 ----a-w- c:\windows\system32\EncDec.dll
2017-03-29 13:59 . 2016-01-22 06:04 642048 ----a-w- c:\windows\SysWow64\CPFilters.dll
2017-03-29 13:59 . 2016-01-22 06:04 535040 ----a-w- c:\windows\SysWow64\EncDec.dll
2017-03-29 13:46 . 2017-03-29 14:34 -------- d-----w- c:\program files (x86)\Google
2017-03-29 13:45 . 2012-02-17 06:38 1031680 ----a-w- c:\windows\system32\rdpcore.dll
2017-03-29 13:45 . 2012-02-17 05:34 826880 ----a-w- c:\windows\SysWow64\rdpcore.dll
2017-03-29 13:45 . 2012-02-17 04:57 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2017-03-29 13:44 . 2017-03-31 06:10 -------- d-sh--w- c:\windows\Installer
2017-03-29 13:44 . 2017-03-29 13:45 -------- d-----w- c:\program files (x86)\AVG
2017-03-29 13:43 . 2017-03-30 08:16 -------- d-----w- c:\programdata\Avg
2017-03-29 13:43 . 2017-03-29 13:43 -------- d--h--w- c:\programdata\Common Files
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2017-02-09 16:14 . 2017-03-29 14:10 44032 ----a-w- c:\windows\apppatch\acwow64.dll
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Mailbird"="c:\program files (x86)\Mailbird\Mailbird.exe" [2017-03-28 6771584]
"SandboxieControl"="c:\program files\Sandboxie\SbieCtrl.exe" [2016-12-14 799376]
"Spotify Web Helper"="c:\users\Web\AppData\Roaming\Spotify\SpotifyWebHelper.exe" [2017-03-30 1446000]
"Spotify"="c:\users\Web\AppData\Roaming\Spotify\Spotify.exe" [2017-03-30 7089776]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
R0 avgbidsh;avgbidsh;c:\windows\\SystemRoot\system32\drivers\avgbidsha.sys;c:\windows\\SystemRoot\system32\drivers\avgbidsha.sys [x]
R0 avgblog;avgblog;c:\windows\\SystemRoot\system32\drivers\avgbloga.sys;c:\windows\\SystemRoot\system32\drivers\avgbloga.sys [x]
R0 avgbuniv;avgbuniv;c:\windows\\SystemRoot\system32\drivers\avgbuniva.sys;c:\windows\\SystemRoot\system32\drivers\avgbuniva.sys [x]
R0 avgRvrt;avgRvrt;c:\windows\\SystemRoot\system32\drivers\avgRvrt.sys;c:\windows\\SystemRoot\system32\drivers\avgRvrt.sys [x]
R0 avgVmm;avgVmm;c:\windows\\SystemRoot\system32\drivers\avgVmm.sys;c:\windows\\SystemRoot\system32\drivers\avgVmm.sys [x]
R1 avgbdisk;avgbdisk;c:\windows\system32\drivers\avgbdiska.sys;c:\windows\SYSNATIVE\drivers\avgbdiska.sys [x]
R1 avgbidsdriver;avgbidsdriver;c:\windows\system32\drivers\avgbidsdrivera.sys;c:\windows\SYSNATIVE\drivers\avgbidsdrivera.sys [x]
R1 avgRdr;avgRdr;c:\windows\system32\drivers\avgRdr2.sys;c:\windows\SYSNATIVE\drivers\avgRdr2.sys [x]
R1 avgSnx;avgSnx;c:\windows\system32\drivers\avgSnx.sys;c:\windows\SYSNATIVE\drivers\avgSnx.sys [x]
R1 avgSP;avgSP;c:\windows\system32\drivers\avgSP.sys;c:\windows\SYSNATIVE\drivers\avgSP.sys [x]
R2 AVG Antivirus;AVG Antivirus;c:\program files (x86)\AVG\Antivirus\AVGSvc.exe;c:\program files (x86)\AVG\Antivirus\AVGSvc.exe [x]
R2 avgMonFlt;avgMonFlt;c:\windows\system32\drivers\avgMonFlt.sys;c:\windows\SYSNATIVE\drivers\avgMonFlt.sys [x]
R2 avgStm;avgStm;c:\windows\system32\drivers\avgStm.sys;c:\windows\SYSNATIVE\drivers\avgStm.sys [x]
R2 avgsvc;AVG Service;c:\program files (x86)\AVG\Framework\Common\avgsvca.exe;c:\program files (x86)\AVG\Framework\Common\avgsvca.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service;c:\windows\system32\igfxCUIService.exe;c:\windows\SYSNATIVE\igfxCUIService.exe [x]
R2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe;c:\windows\SYSNATIVE\mfevtps.exe [x]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
R2 TinyWall;TinyWall Service;c:\program files (x86)\TinyWall\TinyWall.exe;c:\program files (x86)\TinyWall\TinyWall.exe [x]
R3 amdhub30;AMD USB 3.0 Hub Driver;c:\windows\system32\drivers\amdhub30.sys;c:\windows\SYSNATIVE\drivers\amdhub30.sys [x]
R3 amdxhc;AMD USB 3.0 Host Controller Driver;c:\windows\system32\drivers\amdxhc.sys;c:\windows\SYSNATIVE\drivers\amdxhc.sys [x]
R3 avgbIDSAgent;avgbIDSAgent;c:\program files (x86)\AVG\Antivirus\x64\aswidsagenta.exe;c:\program files (x86)\AVG\Antivirus\x64\aswidsagenta.exe [x]
R3 avgHwid;avgHwid;c:\windows\system32\drivers\avgHwid.sys;c:\windows\SYSNATIVE\drivers\avgHwid.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 iaStorB;iaStorB;c:\windows\system32\drivers\iaStorB.sys;c:\windows\SYSNATIVE\drivers\iaStorB.sys [x]
R3 iaStorS;iaStorS;c:\windows\system32\drivers\iaStorS.sys;c:\windows\SYSNATIVE\drivers\iaStorS.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 IntcDAud;Son Intel(R) pour écrans;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
R3 iusb3hub;Intel(R) USB 3.0 Hub Driver;c:\windows\system32\drivers\iusb3hub.sys;c:\windows\SYSNATIVE\drivers\iusb3hub.sys [x]
R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\drivers\iusb3xhc.sys;c:\windows\SYSNATIVE\drivers\iusb3xhc.sys [x]
R3 MailbirdUpdater.exe;Mailbird Updater;c:\program files (x86)\Mailbird\MailbirdUpdater.exe;c:\program files (x86)\Mailbird\MailbirdUpdater.exe [x]
R3 megasas2;megasas2;c:\windows\system32\drivers\megasas2.sys;c:\windows\SYSNATIVE\drivers\megasas2.sys [x]
R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys;c:\windows\SYSNATIVE\drivers\mferkdet.sys [x]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\drivers\nusb3hub.sys;c:\windows\SYSNATIVE\drivers\nusb3hub.sys [x]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\drivers\nusb3xhc.sys;c:\windows\SYSNATIVE\drivers\nusb3xhc.sys [x]
R3 tapipvanish;IPVanish Adapter;c:\windows\system32\DRIVERS\tapipvanish.sys;c:\windows\SYSNATIVE\DRIVERS\tapipvanish.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 iaStorA;iaStorA;c:\windows\system32\drivers\iaStorA.sys;c:\windows\SYSNATIVE\drivers\iaStorA.sys [x]
S0 iaStorF;iaStorF;c:\windows\system32\drivers\iaStorF.sys;c:\windows\SYSNATIVE\drivers\iaStorF.sys [x]
S0 iusb3hcs;Pilote de commutateur de contrôleur d'hôte Intel(R) USB 3.0;c:\windows\system32\drivers\iusb3hcs.sys;c:\windows\SYSNATIVE\drivers\iusb3hcs.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\drivers\usbfilter.sys;c:\windows\SYSNATIVE\drivers\usbfilter.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr QWAVE wcncsvc
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AvgUi"="c:\program files (x86)\AVG\Framework\Common\avguirna.exe" [2017-03-23 239104]
"AVGUI.exe"="c:\program files (x86)\AVG\Antivirus\AvLaunch.exe" [2017-03-30 263088]
"TinyWall Controller"="c:\program files (x86)\TinyWall\TinyWall.exe" [2016-03-10 698296]
"nwiz"="c:\program files\NVIDIA Corporation\nview\nwiz.exe" [2013-06-05 2716960]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"RealProtect"="c:\program files\McAfee\Real Protect\RealProtect.exe" [2017-03-30 6876320]
.
------- Examen supplémentaire -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 198.18.0.1 198.18.0.2
TCP: Interfaces\{0178D835-96D3-4919-B386-1D145CB8FFE2}: NameServer = 8.8.8.8,8.8.4.4
.
- - - - ORPHELINS SUPPRIMES - - - -
.
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file)
.
.
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Heure de fin: 2017-03-31 09:33:12
ComboFix-quarantined-files.txt 2017-03-31 07:33
.
Avant-CF: 196 568 944 640 octets libres
Après-CF: 196 054 192 128 octets libres
.
- - End Of File - - D06B30448446E4A3E3CDAF56312CAB7B
A36C5E4F47E84449FF07ED3517B43A31