Publicité
Publicité
Format du document : text/plain
Prévisualisation
ComboFix 17-02-24.01 - user 09/03/2017 16:09:10.2.4 - x64
Microsoft Windows 7 Professionnel 6.1.7601.1.1252.33.1036.18.8111.6219 [GMT 1:00]
Lancé depuis: c:\users\user\Desktop\ComboFix.exe
Commutateurs utilisés :: c:\users\user\Desktop\CFScript.txt
FW: Pare-feu personnel d'ESET *Enabled* {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}
SP: ESET Smart Security 9.0.408.1 *Disabled/Updated* {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
SP: Malwarebytes *Disabled/Outdated* {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2017-02-09 au 2017-03-09 ))))))))))))))))))))))))))))))))))))
.
.
2017-03-09 15:13 . 2017-03-09 15:13 -------- d-----w- c:\users\Default\AppData\Local\temp
2017-03-08 21:28 . 2017-03-08 21:31 -------- d-----w- C:\FRST
2017-03-08 08:59 . 2017-03-08 09:00 -------- d-----w- c:\program files (x86)\ZHPFix
2017-03-06 18:08 . 2017-03-06 18:08 -------- d-----w- c:\users\user\AppData\Local\TempTaskUpdateDetection38D0856A-DC27-4288-BC9D-70893F2DD837
2017-03-05 16:46 . 2017-03-05 16:46 -------- d-----w- c:\users\user\AppData\Roaming\Sublime Text 3
2017-03-05 16:46 . 2017-03-05 16:46 -------- d-----w- c:\users\user\AppData\Local\Sublime Text 3
2017-03-05 16:43 . 2017-03-05 16:43 -------- d-----w- c:\program files\Sublime Text 3
2017-03-05 16:19 . 2017-03-05 16:19 -------- d-----w- c:\users\user\.idlerc
2017-03-05 15:55 . 2017-03-05 15:55 -------- d-----w- c:\users\user\AppData\Local\Package Cache
2017-03-02 10:43 . 2017-02-23 18:32 1880512 ----a-w- c:\windows\system32\nvspcap64.dll
2017-03-02 10:43 . 2017-02-23 18:32 1755072 ----a-w- c:\windows\system32\nvspbridge64.dll
2017-03-02 10:43 . 2017-02-23 18:32 1468864 ----a-w- c:\windows\SysWow64\nvspcap.dll
2017-03-02 10:43 . 2017-02-23 18:32 1317312 ----a-w- c:\windows\SysWow64\nvspbridge.dll
2017-03-02 10:43 . 2017-02-23 18:32 120256 ----a-w- c:\windows\system32\NvRtmpStreamer64.dll
2017-03-02 10:42 . 2017-02-23 14:32 1951 ----a-w- c:\windows\NvContainerRecovery.bat
2017-03-02 10:42 . 2017-02-23 14:30 1951 ----a-w- c:\windows\NvTelemetryContainerRecovery.bat
2017-03-02 10:41 . 2017-02-23 18:32 57792 ----a-w- c:\windows\system32\drivers\nvvhci.sys
2017-03-02 10:41 . 2017-02-23 18:32 46016 ----a-w- c:\windows\system32\drivers\nvvad64v.sys
2017-03-02 10:41 . 2017-02-23 18:32 156608 ----a-w- c:\windows\system32\nvaudcap64v.dll
2017-03-02 10:41 . 2017-02-23 18:32 124352 ----a-w- c:\windows\SysWow64\nvaudcap32v.dll
2017-03-02 00:43 . 2017-03-02 00:44 -------- d-----w- c:\program files\Defraggler
2017-03-01 23:31 . 2017-03-01 23:31 -------- d-----w- c:\programdata\Unchecky
2017-03-01 23:31 . 2017-03-01 23:31 -------- d-----w- c:\program files (x86)\Unchecky
2017-03-01 21:45 . 2017-03-08 09:00 -------- d-----w- c:\users\user\AppData\Roaming\siw_tmp
2017-03-01 21:45 . 2017-03-01 22:28 -------- d-----w- c:\program files (x86)\SIW DEMO
2017-02-26 00:06 . 2017-02-26 00:06 -------- d-----w- c:\users\user\AppData\Roaming\Umeng
2017-02-26 00:05 . 2017-02-26 00:05 -------- d-----w- c:\users\user\AppData\Local\SHAREit Technologies
2017-02-26 00:04 . 2017-02-26 00:04 -------- d-----w- c:\program files (x86)\SHAREit Technologies
2017-02-18 21:05 . 2017-02-18 21:05 -------- d-----w- c:\program files (x86)\netcut
2017-02-16 16:21 . 2017-02-16 16:21 -------- d-----w- c:\program files (x86)\Common Files\Skype
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2017-03-04 11:21 . 2017-02-05 20:51 180 ----a-w- c:\windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-03-02 00:32 . 2016-07-11 11:58 192216 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2017-02-23 17:20 . 2016-01-13 20:20 138020592 -c--a-w- c:\windows\system32\MRT.exe
2017-02-10 19:48 . 2017-01-23 16:42 409128 ----a-w- c:\windows\SysWow64\EasyAntiCheat.exe
2017-02-06 23:29 . 2017-02-05 20:51 200 ----a-w- c:\windows\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2017-02-05 20:53 . 2017-02-05 20:53 0 ----a-w- c:\windows\system32\GfxValDisplayLog.bin
2017-02-04 20:28 . 2017-02-04 20:28 2094612 ----a-w- c:\windows\system32\drivers\rtkhdasetting.zip
2017-02-04 00:26 . 2016-07-11 11:51 81696 ----a-w- c:\windows\system32\drivers\mwac.sys
2017-02-04 00:26 . 2016-07-11 11:51 43968 ----a-w- c:\windows\system32\drivers\mbam.sys
2017-02-04 00:26 . 2016-06-22 15:14 110536 ----a-w- c:\windows\system32\drivers\farflt.sys
2017-02-03 21:54 . 2016-07-11 11:51 176584 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2017-01-30 20:39 . 2016-06-22 13:56 28272 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2017-01-20 16:36 . 2017-02-04 20:33 8990584 ----a-w- c:\windows\SysWow64\nvptxJitCompiler.dll
2017-01-20 16:36 . 2017-02-04 20:33 496680 ----a-w- c:\windows\system32\nvumdshimx.dll
2017-01-20 16:36 . 2017-02-04 20:33 412720 ----a-w- c:\windows\SysWow64\nvumdshim.dll
2017-01-20 16:36 . 2017-02-04 20:33 39992 ----a-w- c:\windows\system32\drivers\nvpciflt.sys
2017-01-20 16:36 . 2017-02-04 20:33 34934720 ----a-w- c:\windows\system32\nvoglv64.dll
2017-01-20 16:36 . 2017-02-04 20:33 19092912 ----a-w- c:\windows\system32\nvwgf2umx.dll
2017-01-20 16:36 . 2017-02-04 20:33 19008392 ----a-w- c:\windows\system32\nvopencl.dll
2017-01-20 16:36 . 2017-02-04 20:33 16491120 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2017-01-20 16:36 . 2017-02-04 20:33 14677456 ----a-w- c:\windows\SysWow64\nvopencl.dll
2017-01-20 16:36 . 2017-02-04 20:33 11019192 ----a-w- c:\windows\system32\nvptxJitCompiler.dll
2017-01-20 16:36 . 2017-02-04 20:33 990264 ----a-w- c:\windows\SysWow64\NvFBC.dll
2017-01-20 16:36 . 2017-02-04 20:33 960568 ----a-w- c:\windows\system32\NvIFR64.dll
2017-01-20 16:36 . 2017-02-04 20:33 9308896 ----a-w- c:\windows\SysWow64\nvcuda.dll
2017-01-20 16:36 . 2017-02-04 20:33 909760 ----a-w- c:\windows\SysWow64\NvIFR.dll
2017-01-20 16:36 . 2017-02-04 20:33 687224 ----a-w- c:\windows\system32\nvfatbinaryLoader.dll
2017-01-20 16:36 . 2017-02-04 20:33 576192 ----a-w- c:\windows\SysWow64\nvfatbinaryLoader.dll
2017-01-20 16:36 . 2017-02-04 20:33 3623992 ----a-w- c:\windows\system32\nvcuvid.dll
2017-01-20 16:36 . 2017-02-04 20:33 3185720 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2017-01-20 16:36 . 2017-02-04 20:33 28209720 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2017-01-20 16:36 . 2017-02-04 20:33 1985080 ----a-w- c:\windows\system32\nvdispco6437849.dll
2017-01-20 16:36 . 2017-02-04 20:33 173272 ----a-w- c:\windows\system32\nvinitx.dll
2017-01-20 16:36 . 2017-02-04 20:33 16403200 ----a-w- c:\windows\system32\nvd3dumx.dll
2017-01-20 16:36 . 2017-02-04 20:33 1591352 ----a-w- c:\windows\system32\nvdispgenco6437849.dll
2017-01-20 16:36 . 2017-02-04 20:33 156792 ----a-w- c:\windows\system32\nvoglshim64.dll
2017-01-20 16:36 . 2017-02-04 20:33 150760 ----a-w- c:\windows\SysWow64\nvinit.dll
2017-01-20 16:36 . 2017-02-04 20:33 14286392 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2017-01-20 16:36 . 2017-02-04 20:33 135840 ----a-w- c:\windows\SysWow64\nvoglshim32.dll
2017-01-20 16:36 . 2017-02-04 20:33 13378448 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2017-01-20 16:36 . 2017-02-04 20:33 11123424 ----a-w- c:\windows\system32\nvcuda.dll
2017-01-20 16:36 . 2017-02-04 20:33 1051072 ----a-w- c:\windows\system32\NvFBC64.dll
2017-01-20 16:36 . 2017-02-04 20:33 4065808 ----a-w- c:\windows\system32\nvapi64.dll
2017-01-20 16:36 . 2017-02-04 20:33 40192056 ----a-w- c:\windows\system32\nvcompiler.dll
2017-01-20 16:36 . 2017-02-04 20:33 3585120 ----a-w- c:\windows\SysWow64\nvapi.dll
2017-01-20 16:36 . 2017-02-04 20:33 35272760 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2017-01-20 16:36 . 2015-12-08 12:49 512960 ----a-w- c:\windows\system32\OpenCL.DLL
2017-01-20 16:36 . 2015-12-08 12:49 420408 ----a-w- c:\windows\SysWow64\OpenCL.DLL
2017-01-20 15:13 . 2017-02-04 20:42 6401984 ----a-w- c:\windows\system32\nvcpl.dll
2017-01-20 15:13 . 2017-02-04 20:42 2479160 ----a-w- c:\windows\system32\nvsvc64.dll
2017-01-20 15:13 . 2017-02-04 20:42 83512 ----a-w- c:\windows\system32\nv3dappshextr.dll
2017-01-20 15:13 . 2017-02-04 20:42 69568 ----a-w- c:\windows\system32\nvshext.dll
2017-01-20 15:13 . 2017-02-04 20:42 548800 ----a-w- c:\windows\system32\nv3dappshext.dll
2017-01-20 15:13 . 2017-02-04 20:42 393784 ----a-w- c:\windows\system32\nvmctray.dll
2017-01-20 15:13 . 2017-02-04 20:42 1762752 ----a-w- c:\windows\system32\nvsvcr.dll
2017-01-20 06:47 . 2017-02-03 01:51 77416 ----a-w- c:\windows\system32\drivers\mbae64.sys
2017-01-18 12:57 . 2017-02-04 20:42 7755067 ----a-w- c:\windows\system32\nvcoproc.bin
2017-01-17 06:04 . 2017-02-04 21:19 82536 ----a-w- c:\windows\system32\RtNicProp64.dll
2017-01-17 06:04 . 2017-02-04 21:19 1044992 ----a-w- c:\windows\system32\drivers\Rt64win7.sys
2017-01-17 06:04 . 2015-12-08 13:06 116288 ----a-w- c:\windows\system32\RTNUninst64.dll
2017-01-11 10:38 . 2017-02-04 20:26 962128 ----a-w- c:\windows\system32\tosasfapo64.dll
2017-01-11 10:38 . 2017-02-04 20:26 873464 ----a-w- c:\windows\system32\tadefxapo264.dll
2017-01-11 10:38 . 2017-02-04 20:26 75536 ----a-w- c:\windows\system32\tepeqapo64.dll
2017-01-11 10:38 . 2017-02-04 20:26 601144 ----a-w- c:\windows\system32\tossaemaxapo64.dll
2017-01-11 10:38 . 2017-02-04 20:26 532376 ----a-w- c:\windows\system32\SRSTSX64.dll
2017-01-11 10:38 . 2017-02-04 20:26 447176 ----a-w- c:\windows\system32\toseaeapo64.dll
2017-01-11 10:38 . 2017-02-04 20:26 3299816 ----a-w- c:\windows\system32\YamahaAE2.dll
2017-01-11 10:38 . 2017-02-04 20:26 221968 ----a-w- c:\windows\system32\SRSTSH64.dll
2017-01-11 10:38 . 2017-02-04 20:26 2190984 ----a-w- c:\windows\system32\YamahaAE.dll
2017-01-11 10:38 . 2017-02-04 20:26 2110592 ----a-w- c:\windows\system32\WavesGUILib64.dll
2017-01-11 10:38 . 2017-02-04 20:26 166200 ----a-w- c:\windows\system32\SRSWOW64.dll
2017-01-11 10:38 . 2017-02-04 20:26 158696 ----a-w- c:\windows\system32\tadefxapo.dll
2017-01-11 10:38 . 2017-02-04 20:26 1382232 ----a-w- c:\windows\system32\tosade.dll
2017-01-11 10:38 . 2017-02-04 20:26 1337640 ----a-w- c:\windows\system32\tossaeapo64.dll
2017-01-11 10:38 . 2017-02-04 20:26 209536 ----a-w- c:\windows\system32\SRSHP64.dll
2017-01-11 10:38 . 2017-02-04 20:26 1435136 ----a-w- c:\windows\system32\SRRPTR64.dll
2017-01-11 10:38 . 2017-02-04 20:26 467152 ----a-w- c:\windows\system32\SRAPO64.dll
2017-01-11 10:38 . 2017-02-04 20:26 381408 ----a-w- c:\windows\system32\SRCOM64.dll
2017-01-11 10:38 . 2017-02-04 20:26 341144 ----a-w- c:\windows\SysWow64\SRCOM.dll
2017-01-11 10:38 . 2017-02-04 20:26 341144 ----a-w- c:\windows\system32\SRCOM.dll
2017-01-11 10:38 . 2017-02-04 20:26 3122656 ----a-w- c:\windows\system32\sltech64.dll
2017-01-11 10:38 . 2017-02-04 20:26 258864 ----a-w- c:\windows\system32\slprp64.dll
2017-01-11 10:38 . 2017-02-04 20:26 984912 ----a-w- c:\windows\system32\sl3apo64.dll
2017-01-11 10:38 . 2017-02-04 20:26 965024 ----a-w- c:\windows\system32\SFSS_APO.dll
2017-01-11 10:38 . 2017-02-04 20:26 3410832 ----a-w- c:\windows\system32\slcnt64.dll
2017-01-11 10:38 . 2017-02-04 20:26 231912 ----a-w- c:\windows\system32\SFNHK64.dll
2017-01-11 10:38 . 2017-02-04 20:26 90912 ----a-w- c:\windows\system32\SFCOM64.dll
2017-01-11 10:38 . 2017-02-04 20:26 88320 ----a-w- c:\windows\system32\SFAPO64.dll
2017-01-11 10:38 . 2017-02-04 20:26 866096 ----a-w- c:\windows\SysWow64\SEHDHF32.dll
2017-01-11 10:38 . 2017-02-04 20:26 859912 ----a-w- c:\windows\system32\SEHDRA64.dll
2017-01-11 10:38 . 2017-02-04 20:26 854208 ----a-w- c:\windows\system32\SECOMN64.dll
2017-01-11 10:38 . 2017-02-04 20:26 83624 ----a-w- c:\windows\SysWow64\SFCOM.dll
2017-01-11 10:38 . 2017-02-04 20:26 726112 ----a-w- c:\windows\SysWow64\SECOMN32.dll
2017-01-11 10:38 . 2017-02-04 20:26 514872 ----a-w- c:\windows\system32\SEAPO64.dll
2017-01-11 10:38 . 2017-02-04 20:26 3203584 ----a-w- c:\windows\system32\RtPgEx64.dll
2017-01-11 10:38 . 2017-02-04 20:26 3014144 ----a-w- c:\windows\system32\RTSnMg64.cpl
2017-01-11 10:38 . 2017-02-04 20:26 1003512 ----a-w- c:\windows\system32\SEHDHF64.dll
2017-01-11 10:38 . 2017-02-04 20:26 343704 ----a-w- c:\windows\system32\RtlCPAPI64.dll
2017-01-11 10:38 . 2017-02-04 20:26 5545472 ----a-w- c:\windows\system32\drivers\RTKVHD64.sys
2017-01-11 10:38 . 2017-02-04 20:26 3503048 ----a-w- c:\windows\system32\RtkApi64.dll
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableSecureUIAPath"= 1 (0x1)
"DisableCAD"= 1 (0x1)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
2;2 ESRV_SVC_QUEENCREEK;Energy Server Service queencreek;c:\program files\Intel\SUR\QUEENCREEK\esrv_svc.exe;c:\program files\Intel\SUR\QUEENCREEK\esrv_svc.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys;c:\windows\SYSNATIVE\DRIVERS\btmaux.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 EasyAntiCheat;EasyAntiCheat;c:\windows\system32\EasyAntiCheat.exe;c:\windows\SYSNATIVE\EasyAntiCheat.exe [x]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [x]
R3 ICCWDT;Intel(R) Watchdog Timer Driver (Intel(R) WDT);c:\windows\system32\DRIVERS\ICCWDT.sys;c:\windows\SYSNATIVE\DRIVERS\ICCWDT.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 IntcDAud;Son Intel(R) pour écrans;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
R3 NvStreamKms;NVIDIA KMS;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 semav6msr64;semav6msr64;c:\windows\system32\drivers\semav6msr64.sys;c:\windows\SYSNATIVE\drivers\semav6msr64.sys [x]
R3 taphss6;Anchorfree HSS VPN Adapter;c:\windows\system32\DRIVERS\taphss6.sys;c:\windows\SYSNATIVE\DRIVERS\taphss6.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 AGSService;Adobe Genuine Software Integrity Service;c:\program files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe;c:\program files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [x]
R4 AIPS;Arp Intelligent Protection Service;c:\program files (x86)\netcut\services\AIPS.exe;c:\program files (x86)\netcut\services\AIPS.exe [x]
R4 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Bluetooth Suite\adminservice.exe [x]
R4 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [x]
R4 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [x]
R4 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [x]
R4 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service;c:\program files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe;c:\program files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [x]
R4 HiPatchService;Hi-Rez Studios Authenticate and Update Service;d:\paladins\HiPatchService.exe;d:\paladins\HiPatchService.exe [x]
R4 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
R4 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service;c:\windows\system32\igfxCUIService.exe;c:\windows\SYSNATIVE\igfxCUIService.exe [x]
R4 NvContainerLocalSystem;NVIDIA LocalSystem Container;c:\program files\NVIDIA Corporation\NvContainer\nvcontainer.exe;c:\program files\NVIDIA Corporation\NvContainer\nvcontainer.exe [x]
R4 NvContainerNetworkService;NVIDIA NetworkService Container;c:\program files\NVIDIA Corporation\NvContainer\nvcontainer.exe;c:\program files\NVIDIA Corporation\NvContainer\nvcontainer.exe [x]
R4 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS;c:\program files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe;c:\program files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [x]
R4 NvTelemetryContainer;NVIDIA Telemetry Container;c:\program files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe;c:\program files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [x]
R4 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R4 SystemUsageReportSvc_QUEENCREEK;Intel(R) System Usage Report Service SystemUsageReportSvc_QUEENCREEK;c:\program files\Intel Driver Update Utility\SUR\SurSvc.exe;c:\program files\Intel Driver Update Utility\SUR\SurSvc.exe [x]
R4 Unchecky;Unchecky;c:\program files (x86)\Unchecky\bin\unchecky_svc.exe;c:\program files (x86)\Unchecky\bin\unchecky_svc.exe [x]
R4 USER_ESRV_SVC_QUEENCREEK;User Energy Server Service queencreek;c:\program files\Intel\SUR\QUEENCREEK\esrv_svc.exe;c:\program files\Intel\SUR\QUEENCREEK\esrv_svc.exe [x]
R4 uSHAREitSvc;SHAREit Hotspot Service;c:\program files (x86)\SHAREit Technologies\SHAREit\SHAREit.Service.exe;c:\program files (x86)\SHAREit Technologies\SHAREit\SHAREit.Service.exe [x]
R4 XperiaCompanionService;Service Xperia Companion;c:\program files\Sony\Xperia Companion\Service\XperiaCompanionService.exe;c:\program files\Sony\Xperia Companion\Service\XperiaCompanionService.exe [x]
S0 BTATH_BUS;Qualcomm Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys;c:\windows\SYSNATIVE\DRIVERS\btath_bus.sys [x]
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfp.sys [x]
S0 iaStorA;iaStorA;c:\windows\system32\DRIVERS\iaStorA.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorA.sys [x]
S0 iaStorF;iaStorF;c:\windows\system32\DRIVERS\iaStorF.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorF.sys [x]
S0 iusb3hcs;Pilote de commutateur de contrôleur d'hôte Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S1 EpfwLWF;ESET Personal Firewall;c:\windows\system32\DRIVERS\EpfwLWF.sys;c:\windows\SYSNATIVE\DRIVERS\EpfwLWF.sys [x]
S1 HssDRV6;Hotspot Shield Routing Driver 6;c:\windows\system32\DRIVERS\hssdrv6.sys;c:\windows\SYSNATIVE\DRIVERS\hssdrv6.sys [x]
S2 ClickToRunSvc;Service Démarrer en clic Microsoft Office;c:\program files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe;c:\program files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 ekbdflt;ekbdflt;c:\windows\system32\DRIVERS\ekbdflt.sys;c:\windows\SYSNATIVE\DRIVERS\ekbdflt.sys [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe;c:\program files\ESET\ESET Smart Security\ekrn.exe [x]
S2 IDMWFP;IDMWFP;c:\windows\system32\DRIVERS\idmwfp.sys;c:\windows\SYSNATIVE\DRIVERS\idmwfp.sys [x]
S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys;c:\windows\SYSNATIVE\drivers\npf.sys [x]
S3 AthBTPort;Qualcomm Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
S3 btath_avdt;Qualcomm Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys;c:\windows\SYSNATIVE\drivers\btath_avdt.sys [x]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_hcrp.sys [x]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_rcp.sys [x]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
S3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus;c:\windows\system32\DRIVERS\dtlitescsibus.sys;c:\windows\SYSNATIVE\DRIVERS\dtlitescsibus.sys [x]
S3 dtliteusbbus;DAEMON Tools Lite Virtual USB Bus;c:\windows\system32\DRIVERS\dtliteusbbus.sys;c:\windows\SYSNATIVE\DRIVERS\dtliteusbbus.sys [x]
S3 iusb3hub;Pilote de concentrateur Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Pilote du contrôleur d'hôte extensible Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 nvvhci;NVVHCI Enumerator Service;c:\windows\system32\DRIVERS\nvvhci.sys;c:\windows\SYSNATIVE\DRIVERS\nvvhci.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 RTSPER;Realtek PCIE Card Reader - PER;c:\windows\system32\DRIVERS\RtsPer.sys;c:\windows\SYSNATIVE\DRIVERS\RtsPer.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr QWAVE wcncsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2017-02-07 16:27 1368920 ----a-w- c:\program files (x86)\Google\Chrome\Application\56.0.2924.87\Installer\chrmstp.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{A6EADE66-0000-0000-484E-7E8A45000000}]
2016-12-23 18:10 323152 ----a-w- c:\program files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll
.
Contenu du dossier 'Tâches planifiées'
.
2017-03-09 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-01-19 21:38]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ IDM Shell Extension]
@="{CDC95B92-E27C-4745-A8C5-64A52A78855D}"
[HKEY_CLASSES_ROOT\CLSID\{CDC95B92-E27C-4745-A8C5-64A52A78855D}]
2015-08-14 10:52 25624 ----a-w- c:\program files (x86)\Internet Download Manager\IDMShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco1]
@="{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}"
[HKEY_CLASSES_ROOT\CLSID\{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}]
2016-05-22 17:33 491184 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco2]
@="{853B7E05-C47D-4985-909A-D0DC5C6D7303}"
[HKEY_CLASSES_ROOT\CLSID\{853B7E05-C47D-4985-909A-D0DC5C6D7303}]
2016-05-22 17:33 491184 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco3]
@="{42D38F2E-98E9-4382-B546-E24E4D6D04BB}"
[HKEY_CLASSES_ROOT\CLSID\{42D38F2E-98E9-4382-B546-E24E4D6D04BB}]
2016-05-22 17:33 491184 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2016-11-01 11:58 2351920 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2016-11-01 11:58 2351920 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2016-11-01 11:58 2351920 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshellex.dll" [2014-03-26 7825720]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2017-01-11 16781824]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Examen supplémentaire -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: &Envoyer à OneNote - c:\progra~1\MICROS~1\Office15\ONBttnIE.dll/105
IE: E&xporter vers Microsoft Excel - c:\progra~2\MICROS~3\Office12\EXCEL.EXE/3000
IE: Télécharger avec IDM - c:\program files (x86)\Internet Download Manager\IEExt.htm
IE: Télécharger tous les liens avec Internet Download Manager - c:\program files (x86)\Internet Download Manager\IEGetAll.htm
Trusted Zone: eset.com\help
TCP: DhcpNameServer = 192.168.1.1 192.168.1.1
TCP: Interfaces\{1CEA9EB1-AD14-44D9-ADA9-A5A6183F1628}: NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{1CEA9EB1-AD14-44D9-ADA9-A5A6183F1628}\9646F6F6D6144637C635: NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{1CEA9EB1-AD14-44D9-ADA9-A5A6183F1628}\C496675626F687D253640354: NameServer = 8.8.8.8,8.8.4.4
.
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Autres processus actifs ------------------------
.
c:\windows\SysWOW64\rundll32.exe
.
**************************************************************************
.
Heure de fin: 2017-03-09 16:19:22 - La machine a redémarré
ComboFix-quarantined-files.txt 2017-03-09 15:19
.
Avant-CF: 33 128 083 456 octets libres
Après-CF: 33 047 609 344 octets libres
.
- - End Of File - - 694B13EFCB29C9FBE0E4FCA64D4CC029
A36C5E4F47E84449FF07ED3517B43A31
Microsoft Windows 7 Professionnel 6.1.7601.1.1252.33.1036.18.8111.6219 [GMT 1:00]
Lancé depuis: c:\users\user\Desktop\ComboFix.exe
Commutateurs utilisés :: c:\users\user\Desktop\CFScript.txt
FW: Pare-feu personnel d'ESET *Enabled* {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}
SP: ESET Smart Security 9.0.408.1 *Disabled/Updated* {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
SP: Malwarebytes *Disabled/Outdated* {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2017-02-09 au 2017-03-09 ))))))))))))))))))))))))))))))))))))
.
.
2017-03-09 15:13 . 2017-03-09 15:13 -------- d-----w- c:\users\Default\AppData\Local\temp
2017-03-08 21:28 . 2017-03-08 21:31 -------- d-----w- C:\FRST
2017-03-08 08:59 . 2017-03-08 09:00 -------- d-----w- c:\program files (x86)\ZHPFix
2017-03-06 18:08 . 2017-03-06 18:08 -------- d-----w- c:\users\user\AppData\Local\TempTaskUpdateDetection38D0856A-DC27-4288-BC9D-70893F2DD837
2017-03-05 16:46 . 2017-03-05 16:46 -------- d-----w- c:\users\user\AppData\Roaming\Sublime Text 3
2017-03-05 16:46 . 2017-03-05 16:46 -------- d-----w- c:\users\user\AppData\Local\Sublime Text 3
2017-03-05 16:43 . 2017-03-05 16:43 -------- d-----w- c:\program files\Sublime Text 3
2017-03-05 16:19 . 2017-03-05 16:19 -------- d-----w- c:\users\user\.idlerc
2017-03-05 15:55 . 2017-03-05 15:55 -------- d-----w- c:\users\user\AppData\Local\Package Cache
2017-03-02 10:43 . 2017-02-23 18:32 1880512 ----a-w- c:\windows\system32\nvspcap64.dll
2017-03-02 10:43 . 2017-02-23 18:32 1755072 ----a-w- c:\windows\system32\nvspbridge64.dll
2017-03-02 10:43 . 2017-02-23 18:32 1468864 ----a-w- c:\windows\SysWow64\nvspcap.dll
2017-03-02 10:43 . 2017-02-23 18:32 1317312 ----a-w- c:\windows\SysWow64\nvspbridge.dll
2017-03-02 10:43 . 2017-02-23 18:32 120256 ----a-w- c:\windows\system32\NvRtmpStreamer64.dll
2017-03-02 10:42 . 2017-02-23 14:32 1951 ----a-w- c:\windows\NvContainerRecovery.bat
2017-03-02 10:42 . 2017-02-23 14:30 1951 ----a-w- c:\windows\NvTelemetryContainerRecovery.bat
2017-03-02 10:41 . 2017-02-23 18:32 57792 ----a-w- c:\windows\system32\drivers\nvvhci.sys
2017-03-02 10:41 . 2017-02-23 18:32 46016 ----a-w- c:\windows\system32\drivers\nvvad64v.sys
2017-03-02 10:41 . 2017-02-23 18:32 156608 ----a-w- c:\windows\system32\nvaudcap64v.dll
2017-03-02 10:41 . 2017-02-23 18:32 124352 ----a-w- c:\windows\SysWow64\nvaudcap32v.dll
2017-03-02 00:43 . 2017-03-02 00:44 -------- d-----w- c:\program files\Defraggler
2017-03-01 23:31 . 2017-03-01 23:31 -------- d-----w- c:\programdata\Unchecky
2017-03-01 23:31 . 2017-03-01 23:31 -------- d-----w- c:\program files (x86)\Unchecky
2017-03-01 21:45 . 2017-03-08 09:00 -------- d-----w- c:\users\user\AppData\Roaming\siw_tmp
2017-03-01 21:45 . 2017-03-01 22:28 -------- d-----w- c:\program files (x86)\SIW DEMO
2017-02-26 00:06 . 2017-02-26 00:06 -------- d-----w- c:\users\user\AppData\Roaming\Umeng
2017-02-26 00:05 . 2017-02-26 00:05 -------- d-----w- c:\users\user\AppData\Local\SHAREit Technologies
2017-02-26 00:04 . 2017-02-26 00:04 -------- d-----w- c:\program files (x86)\SHAREit Technologies
2017-02-18 21:05 . 2017-02-18 21:05 -------- d-----w- c:\program files (x86)\netcut
2017-02-16 16:21 . 2017-02-16 16:21 -------- d-----w- c:\program files (x86)\Common Files\Skype
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2017-03-04 11:21 . 2017-02-05 20:51 180 ----a-w- c:\windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-03-02 00:32 . 2016-07-11 11:58 192216 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2017-02-23 17:20 . 2016-01-13 20:20 138020592 -c--a-w- c:\windows\system32\MRT.exe
2017-02-10 19:48 . 2017-01-23 16:42 409128 ----a-w- c:\windows\SysWow64\EasyAntiCheat.exe
2017-02-06 23:29 . 2017-02-05 20:51 200 ----a-w- c:\windows\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2017-02-05 20:53 . 2017-02-05 20:53 0 ----a-w- c:\windows\system32\GfxValDisplayLog.bin
2017-02-04 20:28 . 2017-02-04 20:28 2094612 ----a-w- c:\windows\system32\drivers\rtkhdasetting.zip
2017-02-04 00:26 . 2016-07-11 11:51 81696 ----a-w- c:\windows\system32\drivers\mwac.sys
2017-02-04 00:26 . 2016-07-11 11:51 43968 ----a-w- c:\windows\system32\drivers\mbam.sys
2017-02-04 00:26 . 2016-06-22 15:14 110536 ----a-w- c:\windows\system32\drivers\farflt.sys
2017-02-03 21:54 . 2016-07-11 11:51 176584 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2017-01-30 20:39 . 2016-06-22 13:56 28272 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2017-01-20 16:36 . 2017-02-04 20:33 8990584 ----a-w- c:\windows\SysWow64\nvptxJitCompiler.dll
2017-01-20 16:36 . 2017-02-04 20:33 496680 ----a-w- c:\windows\system32\nvumdshimx.dll
2017-01-20 16:36 . 2017-02-04 20:33 412720 ----a-w- c:\windows\SysWow64\nvumdshim.dll
2017-01-20 16:36 . 2017-02-04 20:33 39992 ----a-w- c:\windows\system32\drivers\nvpciflt.sys
2017-01-20 16:36 . 2017-02-04 20:33 34934720 ----a-w- c:\windows\system32\nvoglv64.dll
2017-01-20 16:36 . 2017-02-04 20:33 19092912 ----a-w- c:\windows\system32\nvwgf2umx.dll
2017-01-20 16:36 . 2017-02-04 20:33 19008392 ----a-w- c:\windows\system32\nvopencl.dll
2017-01-20 16:36 . 2017-02-04 20:33 16491120 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2017-01-20 16:36 . 2017-02-04 20:33 14677456 ----a-w- c:\windows\SysWow64\nvopencl.dll
2017-01-20 16:36 . 2017-02-04 20:33 11019192 ----a-w- c:\windows\system32\nvptxJitCompiler.dll
2017-01-20 16:36 . 2017-02-04 20:33 990264 ----a-w- c:\windows\SysWow64\NvFBC.dll
2017-01-20 16:36 . 2017-02-04 20:33 960568 ----a-w- c:\windows\system32\NvIFR64.dll
2017-01-20 16:36 . 2017-02-04 20:33 9308896 ----a-w- c:\windows\SysWow64\nvcuda.dll
2017-01-20 16:36 . 2017-02-04 20:33 909760 ----a-w- c:\windows\SysWow64\NvIFR.dll
2017-01-20 16:36 . 2017-02-04 20:33 687224 ----a-w- c:\windows\system32\nvfatbinaryLoader.dll
2017-01-20 16:36 . 2017-02-04 20:33 576192 ----a-w- c:\windows\SysWow64\nvfatbinaryLoader.dll
2017-01-20 16:36 . 2017-02-04 20:33 3623992 ----a-w- c:\windows\system32\nvcuvid.dll
2017-01-20 16:36 . 2017-02-04 20:33 3185720 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2017-01-20 16:36 . 2017-02-04 20:33 28209720 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2017-01-20 16:36 . 2017-02-04 20:33 1985080 ----a-w- c:\windows\system32\nvdispco6437849.dll
2017-01-20 16:36 . 2017-02-04 20:33 173272 ----a-w- c:\windows\system32\nvinitx.dll
2017-01-20 16:36 . 2017-02-04 20:33 16403200 ----a-w- c:\windows\system32\nvd3dumx.dll
2017-01-20 16:36 . 2017-02-04 20:33 1591352 ----a-w- c:\windows\system32\nvdispgenco6437849.dll
2017-01-20 16:36 . 2017-02-04 20:33 156792 ----a-w- c:\windows\system32\nvoglshim64.dll
2017-01-20 16:36 . 2017-02-04 20:33 150760 ----a-w- c:\windows\SysWow64\nvinit.dll
2017-01-20 16:36 . 2017-02-04 20:33 14286392 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2017-01-20 16:36 . 2017-02-04 20:33 135840 ----a-w- c:\windows\SysWow64\nvoglshim32.dll
2017-01-20 16:36 . 2017-02-04 20:33 13378448 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2017-01-20 16:36 . 2017-02-04 20:33 11123424 ----a-w- c:\windows\system32\nvcuda.dll
2017-01-20 16:36 . 2017-02-04 20:33 1051072 ----a-w- c:\windows\system32\NvFBC64.dll
2017-01-20 16:36 . 2017-02-04 20:33 4065808 ----a-w- c:\windows\system32\nvapi64.dll
2017-01-20 16:36 . 2017-02-04 20:33 40192056 ----a-w- c:\windows\system32\nvcompiler.dll
2017-01-20 16:36 . 2017-02-04 20:33 3585120 ----a-w- c:\windows\SysWow64\nvapi.dll
2017-01-20 16:36 . 2017-02-04 20:33 35272760 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2017-01-20 16:36 . 2015-12-08 12:49 512960 ----a-w- c:\windows\system32\OpenCL.DLL
2017-01-20 16:36 . 2015-12-08 12:49 420408 ----a-w- c:\windows\SysWow64\OpenCL.DLL
2017-01-20 15:13 . 2017-02-04 20:42 6401984 ----a-w- c:\windows\system32\nvcpl.dll
2017-01-20 15:13 . 2017-02-04 20:42 2479160 ----a-w- c:\windows\system32\nvsvc64.dll
2017-01-20 15:13 . 2017-02-04 20:42 83512 ----a-w- c:\windows\system32\nv3dappshextr.dll
2017-01-20 15:13 . 2017-02-04 20:42 69568 ----a-w- c:\windows\system32\nvshext.dll
2017-01-20 15:13 . 2017-02-04 20:42 548800 ----a-w- c:\windows\system32\nv3dappshext.dll
2017-01-20 15:13 . 2017-02-04 20:42 393784 ----a-w- c:\windows\system32\nvmctray.dll
2017-01-20 15:13 . 2017-02-04 20:42 1762752 ----a-w- c:\windows\system32\nvsvcr.dll
2017-01-20 06:47 . 2017-02-03 01:51 77416 ----a-w- c:\windows\system32\drivers\mbae64.sys
2017-01-18 12:57 . 2017-02-04 20:42 7755067 ----a-w- c:\windows\system32\nvcoproc.bin
2017-01-17 06:04 . 2017-02-04 21:19 82536 ----a-w- c:\windows\system32\RtNicProp64.dll
2017-01-17 06:04 . 2017-02-04 21:19 1044992 ----a-w- c:\windows\system32\drivers\Rt64win7.sys
2017-01-17 06:04 . 2015-12-08 13:06 116288 ----a-w- c:\windows\system32\RTNUninst64.dll
2017-01-11 10:38 . 2017-02-04 20:26 962128 ----a-w- c:\windows\system32\tosasfapo64.dll
2017-01-11 10:38 . 2017-02-04 20:26 873464 ----a-w- c:\windows\system32\tadefxapo264.dll
2017-01-11 10:38 . 2017-02-04 20:26 75536 ----a-w- c:\windows\system32\tepeqapo64.dll
2017-01-11 10:38 . 2017-02-04 20:26 601144 ----a-w- c:\windows\system32\tossaemaxapo64.dll
2017-01-11 10:38 . 2017-02-04 20:26 532376 ----a-w- c:\windows\system32\SRSTSX64.dll
2017-01-11 10:38 . 2017-02-04 20:26 447176 ----a-w- c:\windows\system32\toseaeapo64.dll
2017-01-11 10:38 . 2017-02-04 20:26 3299816 ----a-w- c:\windows\system32\YamahaAE2.dll
2017-01-11 10:38 . 2017-02-04 20:26 221968 ----a-w- c:\windows\system32\SRSTSH64.dll
2017-01-11 10:38 . 2017-02-04 20:26 2190984 ----a-w- c:\windows\system32\YamahaAE.dll
2017-01-11 10:38 . 2017-02-04 20:26 2110592 ----a-w- c:\windows\system32\WavesGUILib64.dll
2017-01-11 10:38 . 2017-02-04 20:26 166200 ----a-w- c:\windows\system32\SRSWOW64.dll
2017-01-11 10:38 . 2017-02-04 20:26 158696 ----a-w- c:\windows\system32\tadefxapo.dll
2017-01-11 10:38 . 2017-02-04 20:26 1382232 ----a-w- c:\windows\system32\tosade.dll
2017-01-11 10:38 . 2017-02-04 20:26 1337640 ----a-w- c:\windows\system32\tossaeapo64.dll
2017-01-11 10:38 . 2017-02-04 20:26 209536 ----a-w- c:\windows\system32\SRSHP64.dll
2017-01-11 10:38 . 2017-02-04 20:26 1435136 ----a-w- c:\windows\system32\SRRPTR64.dll
2017-01-11 10:38 . 2017-02-04 20:26 467152 ----a-w- c:\windows\system32\SRAPO64.dll
2017-01-11 10:38 . 2017-02-04 20:26 381408 ----a-w- c:\windows\system32\SRCOM64.dll
2017-01-11 10:38 . 2017-02-04 20:26 341144 ----a-w- c:\windows\SysWow64\SRCOM.dll
2017-01-11 10:38 . 2017-02-04 20:26 341144 ----a-w- c:\windows\system32\SRCOM.dll
2017-01-11 10:38 . 2017-02-04 20:26 3122656 ----a-w- c:\windows\system32\sltech64.dll
2017-01-11 10:38 . 2017-02-04 20:26 258864 ----a-w- c:\windows\system32\slprp64.dll
2017-01-11 10:38 . 2017-02-04 20:26 984912 ----a-w- c:\windows\system32\sl3apo64.dll
2017-01-11 10:38 . 2017-02-04 20:26 965024 ----a-w- c:\windows\system32\SFSS_APO.dll
2017-01-11 10:38 . 2017-02-04 20:26 3410832 ----a-w- c:\windows\system32\slcnt64.dll
2017-01-11 10:38 . 2017-02-04 20:26 231912 ----a-w- c:\windows\system32\SFNHK64.dll
2017-01-11 10:38 . 2017-02-04 20:26 90912 ----a-w- c:\windows\system32\SFCOM64.dll
2017-01-11 10:38 . 2017-02-04 20:26 88320 ----a-w- c:\windows\system32\SFAPO64.dll
2017-01-11 10:38 . 2017-02-04 20:26 866096 ----a-w- c:\windows\SysWow64\SEHDHF32.dll
2017-01-11 10:38 . 2017-02-04 20:26 859912 ----a-w- c:\windows\system32\SEHDRA64.dll
2017-01-11 10:38 . 2017-02-04 20:26 854208 ----a-w- c:\windows\system32\SECOMN64.dll
2017-01-11 10:38 . 2017-02-04 20:26 83624 ----a-w- c:\windows\SysWow64\SFCOM.dll
2017-01-11 10:38 . 2017-02-04 20:26 726112 ----a-w- c:\windows\SysWow64\SECOMN32.dll
2017-01-11 10:38 . 2017-02-04 20:26 514872 ----a-w- c:\windows\system32\SEAPO64.dll
2017-01-11 10:38 . 2017-02-04 20:26 3203584 ----a-w- c:\windows\system32\RtPgEx64.dll
2017-01-11 10:38 . 2017-02-04 20:26 3014144 ----a-w- c:\windows\system32\RTSnMg64.cpl
2017-01-11 10:38 . 2017-02-04 20:26 1003512 ----a-w- c:\windows\system32\SEHDHF64.dll
2017-01-11 10:38 . 2017-02-04 20:26 343704 ----a-w- c:\windows\system32\RtlCPAPI64.dll
2017-01-11 10:38 . 2017-02-04 20:26 5545472 ----a-w- c:\windows\system32\drivers\RTKVHD64.sys
2017-01-11 10:38 . 2017-02-04 20:26 3503048 ----a-w- c:\windows\system32\RtkApi64.dll
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableSecureUIAPath"= 1 (0x1)
"DisableCAD"= 1 (0x1)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
2;2 ESRV_SVC_QUEENCREEK;Energy Server Service queencreek;c:\program files\Intel\SUR\QUEENCREEK\esrv_svc.exe;c:\program files\Intel\SUR\QUEENCREEK\esrv_svc.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys;c:\windows\SYSNATIVE\DRIVERS\btmaux.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 EasyAntiCheat;EasyAntiCheat;c:\windows\system32\EasyAntiCheat.exe;c:\windows\SYSNATIVE\EasyAntiCheat.exe [x]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [x]
R3 ICCWDT;Intel(R) Watchdog Timer Driver (Intel(R) WDT);c:\windows\system32\DRIVERS\ICCWDT.sys;c:\windows\SYSNATIVE\DRIVERS\ICCWDT.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 IntcDAud;Son Intel(R) pour écrans;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
R3 NvStreamKms;NVIDIA KMS;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 semav6msr64;semav6msr64;c:\windows\system32\drivers\semav6msr64.sys;c:\windows\SYSNATIVE\drivers\semav6msr64.sys [x]
R3 taphss6;Anchorfree HSS VPN Adapter;c:\windows\system32\DRIVERS\taphss6.sys;c:\windows\SYSNATIVE\DRIVERS\taphss6.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 AGSService;Adobe Genuine Software Integrity Service;c:\program files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe;c:\program files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [x]
R4 AIPS;Arp Intelligent Protection Service;c:\program files (x86)\netcut\services\AIPS.exe;c:\program files (x86)\netcut\services\AIPS.exe [x]
R4 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Bluetooth Suite\adminservice.exe [x]
R4 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [x]
R4 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [x]
R4 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [x]
R4 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service;c:\program files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe;c:\program files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [x]
R4 HiPatchService;Hi-Rez Studios Authenticate and Update Service;d:\paladins\HiPatchService.exe;d:\paladins\HiPatchService.exe [x]
R4 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
R4 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service;c:\windows\system32\igfxCUIService.exe;c:\windows\SYSNATIVE\igfxCUIService.exe [x]
R4 NvContainerLocalSystem;NVIDIA LocalSystem Container;c:\program files\NVIDIA Corporation\NvContainer\nvcontainer.exe;c:\program files\NVIDIA Corporation\NvContainer\nvcontainer.exe [x]
R4 NvContainerNetworkService;NVIDIA NetworkService Container;c:\program files\NVIDIA Corporation\NvContainer\nvcontainer.exe;c:\program files\NVIDIA Corporation\NvContainer\nvcontainer.exe [x]
R4 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS;c:\program files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe;c:\program files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [x]
R4 NvTelemetryContainer;NVIDIA Telemetry Container;c:\program files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe;c:\program files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [x]
R4 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R4 SystemUsageReportSvc_QUEENCREEK;Intel(R) System Usage Report Service SystemUsageReportSvc_QUEENCREEK;c:\program files\Intel Driver Update Utility\SUR\SurSvc.exe;c:\program files\Intel Driver Update Utility\SUR\SurSvc.exe [x]
R4 Unchecky;Unchecky;c:\program files (x86)\Unchecky\bin\unchecky_svc.exe;c:\program files (x86)\Unchecky\bin\unchecky_svc.exe [x]
R4 USER_ESRV_SVC_QUEENCREEK;User Energy Server Service queencreek;c:\program files\Intel\SUR\QUEENCREEK\esrv_svc.exe;c:\program files\Intel\SUR\QUEENCREEK\esrv_svc.exe [x]
R4 uSHAREitSvc;SHAREit Hotspot Service;c:\program files (x86)\SHAREit Technologies\SHAREit\SHAREit.Service.exe;c:\program files (x86)\SHAREit Technologies\SHAREit\SHAREit.Service.exe [x]
R4 XperiaCompanionService;Service Xperia Companion;c:\program files\Sony\Xperia Companion\Service\XperiaCompanionService.exe;c:\program files\Sony\Xperia Companion\Service\XperiaCompanionService.exe [x]
S0 BTATH_BUS;Qualcomm Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys;c:\windows\SYSNATIVE\DRIVERS\btath_bus.sys [x]
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfp.sys [x]
S0 iaStorA;iaStorA;c:\windows\system32\DRIVERS\iaStorA.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorA.sys [x]
S0 iaStorF;iaStorF;c:\windows\system32\DRIVERS\iaStorF.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorF.sys [x]
S0 iusb3hcs;Pilote de commutateur de contrôleur d'hôte Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S1 EpfwLWF;ESET Personal Firewall;c:\windows\system32\DRIVERS\EpfwLWF.sys;c:\windows\SYSNATIVE\DRIVERS\EpfwLWF.sys [x]
S1 HssDRV6;Hotspot Shield Routing Driver 6;c:\windows\system32\DRIVERS\hssdrv6.sys;c:\windows\SYSNATIVE\DRIVERS\hssdrv6.sys [x]
S2 ClickToRunSvc;Service Démarrer en clic Microsoft Office;c:\program files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe;c:\program files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 ekbdflt;ekbdflt;c:\windows\system32\DRIVERS\ekbdflt.sys;c:\windows\SYSNATIVE\DRIVERS\ekbdflt.sys [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe;c:\program files\ESET\ESET Smart Security\ekrn.exe [x]
S2 IDMWFP;IDMWFP;c:\windows\system32\DRIVERS\idmwfp.sys;c:\windows\SYSNATIVE\DRIVERS\idmwfp.sys [x]
S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys;c:\windows\SYSNATIVE\drivers\npf.sys [x]
S3 AthBTPort;Qualcomm Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
S3 btath_avdt;Qualcomm Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys;c:\windows\SYSNATIVE\drivers\btath_avdt.sys [x]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_hcrp.sys [x]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_rcp.sys [x]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
S3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus;c:\windows\system32\DRIVERS\dtlitescsibus.sys;c:\windows\SYSNATIVE\DRIVERS\dtlitescsibus.sys [x]
S3 dtliteusbbus;DAEMON Tools Lite Virtual USB Bus;c:\windows\system32\DRIVERS\dtliteusbbus.sys;c:\windows\SYSNATIVE\DRIVERS\dtliteusbbus.sys [x]
S3 iusb3hub;Pilote de concentrateur Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Pilote du contrôleur d'hôte extensible Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 nvvhci;NVVHCI Enumerator Service;c:\windows\system32\DRIVERS\nvvhci.sys;c:\windows\SYSNATIVE\DRIVERS\nvvhci.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 RTSPER;Realtek PCIE Card Reader - PER;c:\windows\system32\DRIVERS\RtsPer.sys;c:\windows\SYSNATIVE\DRIVERS\RtsPer.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr QWAVE wcncsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2017-02-07 16:27 1368920 ----a-w- c:\program files (x86)\Google\Chrome\Application\56.0.2924.87\Installer\chrmstp.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{A6EADE66-0000-0000-484E-7E8A45000000}]
2016-12-23 18:10 323152 ----a-w- c:\program files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll
.
Contenu du dossier 'Tâches planifiées'
.
2017-03-09 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-01-19 21:38]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ IDM Shell Extension]
@="{CDC95B92-E27C-4745-A8C5-64A52A78855D}"
[HKEY_CLASSES_ROOT\CLSID\{CDC95B92-E27C-4745-A8C5-64A52A78855D}]
2015-08-14 10:52 25624 ----a-w- c:\program files (x86)\Internet Download Manager\IDMShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco1]
@="{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}"
[HKEY_CLASSES_ROOT\CLSID\{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}]
2016-05-22 17:33 491184 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco2]
@="{853B7E05-C47D-4985-909A-D0DC5C6D7303}"
[HKEY_CLASSES_ROOT\CLSID\{853B7E05-C47D-4985-909A-D0DC5C6D7303}]
2016-05-22 17:33 491184 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco3]
@="{42D38F2E-98E9-4382-B546-E24E4D6D04BB}"
[HKEY_CLASSES_ROOT\CLSID\{42D38F2E-98E9-4382-B546-E24E4D6D04BB}]
2016-05-22 17:33 491184 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2016-11-01 11:58 2351920 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2016-11-01 11:58 2351920 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2016-11-01 11:58 2351920 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshellex.dll" [2014-03-26 7825720]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2017-01-11 16781824]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Examen supplémentaire -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: &Envoyer à OneNote - c:\progra~1\MICROS~1\Office15\ONBttnIE.dll/105
IE: E&xporter vers Microsoft Excel - c:\progra~2\MICROS~3\Office12\EXCEL.EXE/3000
IE: Télécharger avec IDM - c:\program files (x86)\Internet Download Manager\IEExt.htm
IE: Télécharger tous les liens avec Internet Download Manager - c:\program files (x86)\Internet Download Manager\IEGetAll.htm
Trusted Zone: eset.com\help
TCP: DhcpNameServer = 192.168.1.1 192.168.1.1
TCP: Interfaces\{1CEA9EB1-AD14-44D9-ADA9-A5A6183F1628}: NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{1CEA9EB1-AD14-44D9-ADA9-A5A6183F1628}\9646F6F6D6144637C635: NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{1CEA9EB1-AD14-44D9-ADA9-A5A6183F1628}\C496675626F687D253640354: NameServer = 8.8.8.8,8.8.4.4
.
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Autres processus actifs ------------------------
.
c:\windows\SysWOW64\rundll32.exe
.
**************************************************************************
.
Heure de fin: 2017-03-09 16:19:22 - La machine a redémarré
ComboFix-quarantined-files.txt 2017-03-09 15:19
.
Avant-CF: 33 128 083 456 octets libres
Après-CF: 33 047 609 344 octets libres
.
- - End Of File - - 694B13EFCB29C9FBE0E4FCA64D4CC029
A36C5E4F47E84449FF07ED3517B43A31