ComboFix.txt

Document joint : HLnu1lSIkxq_ComboFix.txt

Cliquez pour partager vos propres fichiers

Format du document : text/plain

Prévisualisation

ComboFix 18-08-08.01 - roland 13/12/2018 21:04:11.6.4 - x64
Microsoft Windows 7 Édition Familiale Premium 6.1.7601.1.1252.33.1036.18.5608.3838 [GMT 1:00]
Lancé depuis: c:\users\roland\Desktop\ComboFix.exe
AV: ESET Security *Disabled/Updated* {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
FW: ESET Pare-feu *Enabled* {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}
SP: ESET Security *Disabled/Updated* {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\roland\AppData\Roaming\Yahoo
c:\users\roland\AppData\Roaming\Yahoo\search.xml
c:\windows\iun6002.exe
c:\windows\msdownld.tmp
c:\windows\msxml4-KB954430-enu.LOG
c:\windows\msxml4-KB973688-enu.LOG
c:\windows\SysWow64\DEBUG.log
c:\windows\SysWow64\Packet.dll
c:\windows\SysWow64\pthreadVC.dll
c:\windows\SysWow64\wpcap.dll
.
.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_NPF
-------\Service_npf
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2018-11-13 au 2018-12-13 ))))))))))))))))))))))))))))))))))))
.
.
2112-03-03 18:37 . 2112-03-03 18:37 96768 ----a-w- c:\windows\system32\fsutil.exe
2112-03-03 18:37 . 2112-03-03 18:37 91648 ----a-w- c:\windows\system32\drivers\USBSTOR.SYS
2112-03-03 18:37 . 2112-03-03 18:37 74240 ----a-w- c:\windows\SysWow64\fsutil.exe
2112-03-03 18:37 . 2112-03-03 18:37 410496 ----a-w- c:\windows\system32\drivers\iaStorV.sys
2112-03-03 18:37 . 2112-03-03 18:37 27008 ----a-w- c:\windows\system32\drivers\amdxata.sys
2112-03-03 18:37 . 2112-03-03 18:37 2565632 ----a-w- c:\windows\system32\esent.dll
2112-03-03 18:37 . 2112-03-03 18:37 1699328 ----a-w- c:\windows\SysWow64\esent.dll
2112-03-03 18:37 . 2112-03-03 18:37 166272 ----a-w- c:\windows\system32\drivers\nvstor.sys
2112-03-03 18:37 . 2112-03-03 18:37 148352 ----a-w- c:\windows\system32\drivers\nvraid.sys
2112-03-03 18:37 . 2112-03-03 18:37 107904 ----a-w- c:\windows\system32\drivers\amdsata.sys
2112-03-03 18:36 . 2112-03-03 18:36 501248 ----a-w- c:\windows\system32\WinSATAPI.dll
2112-03-03 18:36 . 2112-03-03 18:36 335872 ----a-w- c:\windows\SysWow64\WinSATAPI.dll
2112-03-03 18:35 . 2112-03-03 18:35 723456 ----a-w- c:\windows\system32\EncDec.dll
2112-03-03 18:35 . 2112-03-03 18:35 534528 ----a-w- c:\windows\SysWow64\EncDec.dll
2112-03-03 18:31 . 2112-03-03 18:31 75776 ----a-w- c:\windows\SysWow64\psisrndr.ax
2112-03-03 18:31 . 2112-03-03 18:31 613888 ----a-w- c:\windows\system32\psisdecd.dll
2112-03-03 18:31 . 2112-03-03 18:31 465408 ----a-w- c:\windows\SysWow64\psisdecd.dll
2112-03-03 18:31 . 2112-03-03 18:31 108032 ----a-w- c:\windows\system32\psisrndr.ax
2112-03-03 18:30 . 2112-03-03 18:30 331776 ----a-w- c:\windows\system32\oleacc.dll
2112-03-03 18:30 . 2112-03-03 18:30 233472 ----a-w- c:\windows\SysWow64\oleacc.dll
2112-03-03 18:27 . 2112-03-03 18:27 64512 ----a-w- c:\windows\SysWow64\devobj.dll
2112-03-03 18:27 . 2112-03-03 18:27 44544 ----a-w- c:\windows\SysWow64\devrtl.dll
2112-03-03 18:27 . 2112-03-03 18:27 404480 ----a-w- c:\windows\system32\umpnpmgr.dll
2112-03-03 18:27 . 2112-03-03 18:27 252928 ----a-w- c:\windows\SysWow64\drvinst.exe
2112-03-03 18:27 . 2112-03-03 18:27 145920 ----a-w- c:\windows\SysWow64\cfgmgr32.dll
2112-03-03 18:27 . 2112-03-03 18:27 246784 ----a-w- c:\windows\system32\input.dll
2112-03-03 18:27 . 2112-03-03 18:27 202240 ----a-w- c:\windows\SysWow64\input.dll
2112-03-03 18:25 . 2112-03-03 18:25 288768 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2112-03-03 18:25 . 2112-03-03 18:25 158208 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2112-03-03 18:25 . 2112-03-03 18:25 128000 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2112-03-03 18:25 . 2112-03-03 18:25 467456 ----a-w- c:\windows\system32\drivers\srv.sys
2112-03-03 18:25 . 2112-03-03 18:25 410112 ----a-w- c:\windows\system32\drivers\srv2.sys
2112-03-03 18:25 . 2112-03-03 18:25 168448 ----a-w- c:\windows\system32\drivers\srvnet.sys
2112-03-03 18:24 . 2112-03-03 18:24 80384 ----a-w- c:\windows\system32\drivers\BTHUSB.SYS
2112-03-03 18:22 . 2112-03-03 18:22 31744 ----a-w- c:\windows\system32\drivers\usbrpm.sys
2112-03-03 18:21 . 2112-03-03 18:21 2871808 ----a-w- c:\windows\explorer.exe
2112-03-03 18:21 . 2112-03-03 18:21 2616320 ----a-w- c:\windows\SysWow64\explorer.exe
2112-03-03 18:21 . 2112-03-03 18:21 90624 ----a-w- c:\windows\system32\drivers\bowser.sys
2112-03-03 18:20 . 2112-03-03 18:20 357888 ----a-w- c:\windows\system32\dnsapi.dll
2112-03-03 18:20 . 2112-03-03 18:20 30208 ----a-w- c:\windows\system32\dnscacheugc.exe
2112-03-03 18:20 . 2112-03-03 18:20 28672 ----a-w- c:\windows\SysWow64\dnscacheugc.exe
2112-03-03 18:20 . 2112-03-03 18:20 183296 ----a-w- c:\windows\system32\dnsrslvr.dll
2112-03-03 18:19 . 2112-03-03 18:19 31232 ----a-w- c:\windows\SysWow64\prevhost.exe
2112-03-03 18:19 . 2112-03-03 18:19 31232 ----a-w- c:\windows\system32\prevhost.exe
2112-03-03 18:19 . 2112-03-03 18:19 1395712 ----a-w- c:\windows\system32\mfc42.dll
2112-03-03 18:19 . 2112-03-03 18:19 1359872 ----a-w- c:\windows\system32\mfc42u.dll
2112-03-03 18:19 . 2112-03-03 18:19 1164288 ----a-w- c:\windows\SysWow64\mfc42u.dll
2112-03-03 18:19 . 2112-03-03 18:19 1137664 ----a-w- c:\windows\SysWow64\mfc42.dll
2112-03-03 18:19 . 2112-03-03 18:19 20352 ----a-w- c:\windows\system32\kdusb.dll
2112-03-03 18:19 . 2112-03-03 18:19 19328 ----a-w- c:\windows\system32\kd1394.dll
2112-03-03 18:19 . 2112-03-03 18:19 17792 ----a-w- c:\windows\system32\kdcom.dll
2112-03-03 18:18 . 2112-03-03 18:18 296320 ----a-w- c:\windows\system32\drivers\volsnap.sys
2112-03-03 18:16 . 2112-03-03 18:16 267776 ----a-w- c:\windows\system32\FXSCOVER.exe
2112-03-03 18:14 . 2112-03-03 18:14 961024 ----a-w- c:\windows\system32\CPFilters.dll
2112-03-03 18:14 . 2112-03-03 18:14 850944 ----a-w- c:\windows\SysWow64\sbe.dll
2112-03-03 18:14 . 2112-03-03 18:14 642048 ----a-w- c:\windows\SysWow64\CPFilters.dll
2112-03-03 18:14 . 2112-03-03 18:14 259072 ----a-w- c:\windows\system32\mpg2splt.ax
2112-03-03 18:14 . 2112-03-03 18:14 199680 ----a-w- c:\windows\SysWow64\mpg2splt.ax
2112-03-03 18:14 . 2112-03-03 18:14 1118720 ----a-w- c:\windows\system32\sbe.dll
2112-03-03 18:11 . 2112-03-03 18:11 -------- d-----w- c:\windows\fr-FR
2112-03-03 18:11 . 2112-03-03 18:11 -------- d-----w- c:\windows\SysWow64\XPSViewer
2112-03-03 18:11 . 2112-03-03 18:11 -------- d-----w- c:\windows\SysWow64\fr
2112-03-03 18:11 . 2112-03-03 18:11 -------- d-----w- c:\windows\SysWow64\drivers\UMDF\fr-FR
2112-03-03 18:11 . 2112-03-03 18:11 -------- d-----w- c:\windows\SysWow64\drivers\fr-FR
2112-03-03 18:11 . 2112-03-03 18:11 -------- d-----w- c:\windows\SysWow64\040C
2112-03-03 18:11 . 2013-11-28 20:26 -------- d-----w- c:\windows\SysWow64\wbem\fr-FR
2112-03-03 18:11 . 2112-03-03 18:11 -------- d-----w- c:\windows\system32\040C
2112-03-03 18:11 . 2112-03-03 18:11 -------- d-----w- c:\windows\system32\fr
2112-03-03 18:11 . 2112-03-03 18:11 -------- d-----w- c:\windows\system32\drivers\UMDF\fr-FR
2112-03-03 18:11 . 2014-09-13 07:51 -------- d-----w- c:\windows\system32\drivers\fr-FR
2112-03-03 18:11 . 2013-11-28 20:26 -------- d-----w- c:\windows\system32\wbem\fr-FR
2112-03-03 18:10 . 2112-03-03 18:10 3584 ----a-w- c:\windows\system32\Spool\prtprocs\x64\fr-FR\LXKPTPRC.DLL.mui
2018-12-13 20:26 . 2018-12-13 20:26 -------- d-----w- c:\users\TEMP\AppData\Local\temp
2018-12-13 20:26 . 2018-12-13 20:26 -------- d-----w- c:\users\Public\AppData\Local\temp
2018-12-13 20:26 . 2018-12-13 20:26 -------- d-----w- c:\users\N1EFE~1.HMI\AppData\Local\temp
2018-12-13 20:26 . 2018-12-13 20:26 -------- d-----w- c:\users\Default\AppData\Local\temp
2018-12-09 19:08 . 2018-12-09 19:41 -------- d-----w- C:\APP
2018-12-09 19:05 . 2018-12-09 19:41 -------- d-----w- C:\AWRoot
2018-12-09 17:30 . 2018-12-09 17:30 -------- d-----w- c:\users\roland\AppData\Local\ESET
2018-12-09 17:27 . 2018-12-09 17:27 -------- d-----w- c:\program files\ESET
2018-11-19 19:32 . 2018-11-19 19:32 52328 ----a-w- c:\windows\system32\drivers\staport.sys
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2112-03-03 18:10 . 2112-03-03 18:10 2560 ----a-w- c:\windows\SysWow64\drivers\fr-FR\qwavedrv.sys.mui
2112-03-03 18:10 . 2112-03-03 18:10 29696 ----a-w- c:\windows\SysWow64\drivers\fr-FR\bfe.dll.mui
2112-03-03 18:10 . 2112-03-03 18:10 15872 ----a-w- c:\windows\SysWow64\drivers\fr-FR\pacer.sys.mui
2112-03-03 18:10 . 2112-03-03 18:10 6144 ----a-w- c:\windows\SysWow64\drivers\fr-FR\ndiscap.sys.mui
2112-03-03 18:10 . 2112-03-03 18:10 2560 ----a-w- c:\windows\SysWow64\drivers\fr-FR\scfilter.sys.mui
2112-03-03 18:10 . 2112-03-03 18:10 49152 ----a-w- c:\windows\SysWow64\drivers\fr-FR\tcpip.sys.mui
2018-12-13 20:27 . 2015-01-19 21:41 65536 ----a-w- c:\windows\system32\spu_storage.bin
2018-12-13 06:07 . 2012-10-02 10:35 137260640 -c--a-w- c:\windows\system32\MRT.exe
2018-12-09 17:31 . 2018-09-04 11:23 82304 ----a-w- c:\windows\system32\drivers\epfw.sys
2018-12-09 17:31 . 2018-09-04 11:23 61528 ----a-w- c:\windows\system32\drivers\EpfwLWF.sys
2018-12-09 17:31 . 2018-09-04 11:23 50144 ----a-w- c:\windows\system32\drivers\ekbdflt.sys
2018-12-09 17:31 . 2018-09-04 11:23 188832 ----a-w- c:\windows\system32\drivers\ehdrv.sys
2018-12-09 17:31 . 2018-09-04 11:23 143448 ----a-w- c:\windows\system32\drivers\eamonm.sys
2018-12-09 17:31 . 2018-09-04 11:23 109864 ----a-w- c:\windows\system32\drivers\epfwwfp.sys
2018-12-09 17:31 . 2018-09-04 11:23 107896 ----a-w- c:\windows\system32\drivers\edevmon.sys
2018-12-05 22:37 . 2010-12-31 23:15 842240 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2018-12-05 22:37 . 2010-12-31 23:15 175104 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2018-11-27 01:33 . 2010-11-21 03:27 592416 ------w- c:\windows\system32\MpSigStub.exe
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"HideFastUserSwitching"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 Dedicarz Service;Dedicarz Service;c:\program files (x86)\Orange\ma Livebox\dedicarz\DedicarzService.exe;c:\program files (x86)\Orange\ma Livebox\dedicarz\DedicarzService.exe [x]
R2 DirectNT;DirectNT; [x]
R3 amdiox64;AMD IO Driver;c:\windows\system32\drivers\amdiox64.sys;c:\windows\SYSNATIVE\drivers\amdiox64.sys [x]
R3 CH341SER_A64;CH341SER_A64;c:\windows\system32\Drivers\CH341S64.SYS;c:\windows\SYSNATIVE\Drivers\CH341S64.SYS [x]
R3 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [x]
R3 hpsrv;HP Service;c:\windows\system32\Hpservice.exe;c:\windows\SYSNATIVE\Hpservice.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 libusb0;libusb-win32 - Kernel Driver 07/24/2011 1.2.5.0;c:\windows\system32\DRIVERS\libusb0.sys;c:\windows\SYSNATIVE\DRIVERS\libusb0.sys [x]
R3 lvpepf64;Volume Adapter;c:\windows\system32\DRIVERS\lv302a64.sys;c:\windows\SYSNATIVE\DRIVERS\lv302a64.sys [x]
R3 LVUSBS64;Logitech USB Monitor Filter;c:\windows\system32\drivers\LVUSBS64.sys;c:\windows\SYSNATIVE\drivers\LVUSBS64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RT-USB;Ross-Tech USB driver;c:\windows\system32\drivers\RT-USB64.SYS;c:\windows\SYSNATIVE\drivers\RT-USB64.SYS [x]
R3 silabenm;Silicon Labs CP210x USB to UART Bridge Serial Port Enumerator Driver;c:\windows\system32\DRIVERS\silabenm.sys;c:\windows\SYSNATIVE\DRIVERS\silabenm.sys [x]
R3 silabser;Silicon Labs CP210x USB to UART Bridge Driver;c:\windows\system32\DRIVERS\silabser.sys;c:\windows\SYSNATIVE\DRIVERS\silabser.sys [x]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTAZL6.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTDPV6.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTCNXT6.SYS [x]
R3 TomTomHOMEService;TomTomHOMEService;c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe;c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 Wibukey2_64;Wibukey2_64;c:\windows\system32\drivers\wibukey2_64.sys;c:\windows\SYSNATIVE\drivers\wibukey2_64.sys [x]
R4 mgod;mgod;c:\windows\mgod.exe;c:\windows\mgod.exe [x]
S0 amd_sata;amd_sata;c:\windows\system32\drivers\amd_sata.sys;c:\windows\SYSNATIVE\drivers\amd_sata.sys [x]
S0 amd_xata;amd_xata;c:\windows\system32\drivers\amd_xata.sys;c:\windows\SYSNATIVE\drivers\amd_xata.sys [x]
S0 amdkmpfd;AMD PCI Root Bus Lower Filter;c:\windows\system32\drivers\amdkmpfd.sys;c:\windows\SYSNATIVE\drivers\amdkmpfd.sys [x]
S0 edevmon;edevmon;c:\windows\system32\DRIVERS\edevmon.sys;c:\windows\SYSNATIVE\DRIVERS\edevmon.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S1 EpfwLWF;ESET Firewall;c:\windows\system32\DRIVERS\EpfwLWF.sys;c:\windows\SYSNATIVE\DRIVERS\EpfwLWF.sys [x]
S1 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfp.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\AMD\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 AODDriver4.3;AODDriver4.3;c:\program files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 ekbdflt;ekbdflt;c:\windows\system32\DRIVERS\ekbdflt.sys;c:\windows\SYSNATIVE\DRIVERS\ekbdflt.sys [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Security\ekrn.exe;c:\program files\ESET\ESET Security\ekrn.exe [x]
S2 ezSharedSvc;Easybits Services for Windows;c:\windows\System32\ezSharedSvcHost.exe;c:\windows\SYSNATIVE\ezSharedSvcHost.exe [x]
S2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance;c:\app\firebird\bin\fbguard.exe;c:\app\firebird\bin\fbguard.exe [x]
S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]
S2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service;c:\program files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe;c:\program files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [x]
S2 HPWMISVC;HPWMISVC;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [x]
S2 inpoutx64;inpoutx64;c:\windows\system32\Drivers\inpoutx64.sys;c:\windows\SYSNATIVE\Drivers\inpoutx64.sys [x]
S2 USBhostFRM;Microsoft USB host;c:\windows\USBhostFW.exe;c:\windows\USBhostFW.exe [x]
S2 VServer;VServer;c:\ec-apps\carserver\mkp-vs\vservice.exe;c:\ec-apps\carserver\mkp-vs\vservice.exe [x]
S3 amdhub30;AMD USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\amdhub30.sys;c:\windows\SYSNATIVE\DRIVERS\amdhub30.sys [x]
S3 amdxhc;AMD USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\amdxhc.sys;c:\windows\SYSNATIVE\DRIVERS\amdxhc.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 ekrnEpfw;ESET Firewall Helper;c:\program files\ESET\ESET Security\ekrn.exe;c:\program files\ESET\ESET Security\ekrn.exe [x]
S3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance;c:\app\firebird\bin\fbserver.exe;c:\app\firebird\bin\fbserver.exe [x]
S3 RSP2STOR;Realtek PCIE CardReader Driver - P2;c:\windows\system32\DRIVERS\RtsP2Stor.sys;c:\windows\SYSNATIVE\DRIVERS\RtsP2Stor.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys;c:\windows\SYSNATIVE\DRIVERS\wdcsam64.sys [x]
S3 WSDScan;Prise en charge de la numérisation WSD via UMB;c:\windows\system32\DRIVERS\WSDScan.sys;c:\windows\SYSNATIVE\DRIVERS\WSDScan.sys [x]
.
.
Contenu du dossier 'Tâches planifiées'
.
2018-12-13 c:\windows\Tasks\HPCeeScheduleForroland.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2016-01-22 19:52]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="c:\program files\ESET\ESET Security\ecmds.exe" [2018-12-09 177928]
.
------- Examen supplémentaire -------
.
uLocal Page = c:\windows\system32\blank.htm
mDefault_Search_URL = hxxp://www.google.fr/
mDefault_Page_URL = hxxp://www.google.fr/
mStart Page = hxxp://www.google.fr/
mLocal Page = c:\windows\System32\blank.htm
mSearch Page = hxxp://www.google.fr/?q={searchTerms}
uInternet Settings,ProxyOverride = *.local
Trusted Zone: amazon.fr
Trusted Zone: localhost
TCP: DhcpNameServer = 192.168.1.1 192.168.1.1
.
- - - - ORPHELINS SUPPRIMES - - - -
.
Toolbar-10 - (no file)
Toolbar-Locked - (no file)
SafeBoot-MBAMService
HKLM_Wow6432Node-ActiveSetup-{8A69D345-D564-463c-AFF1-A69D9E530F96} - c:\program files (x86)\Google\Chrome\Application\58.0.3029.81\Installer\chrmstp.exe
AddRemove-Radio Decoder - c:\windows\iun6002.exe
AddRemove-SLABCOMM&10C4&EA60 - c:\program files (x86)\Silabs\MCU\CP210x\DriverUninstaller.exe VCP CP210x Cardinal\SLABCOMM&10C4&EA60
AddRemove-{0D9BB33A-69F5-4460-B624-4AAA280DF059} - c:\program files (x86)\InstallShield Installation Information\{0D9BB33A-69F5-4460-B624-4AAA280DF059}\setup.exe
AddRemove-{1E7F409E-E35A-4DF8-BF5C-FE34B74B640E} - c:\program files (x86)\InstallShield Installation Information\{1E7F409E-E35A-4DF8-BF5C-FE34B74B640E}\setup.exe
AddRemove-{28006915-2739-4EBE-B5E8-49B25D32EB33} - c:\program files (x86)\InstallShield Installation Information\{28006915-2739-4EBE-B5E8-49B25D32EB33}\setup.exe
AddRemove-{33BD513E-842C-43C4-9856-B8C7AE81CF00} - c:\program files (x86)\InstallShield Installation Information\{33BD513E-842C-43C4-9856-B8C7AE81CF00}\setup.exe
AddRemove-{78E2C850-ADA6-420D-BA35-2F4A9BE733CC} - c:\program files (x86)\InstallShield Installation Information\{78E2C850-ADA6-420D-BA35-2F4A9BE733CC}\setup.exe
AddRemove-{8833FFB6-5B0C-4764-81AA-06DFEED9A476} - c:\program files (x86)\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\setup.exe
AddRemove-{ACFDD7A9-0585-4F00-9D75-82A7DD3E40AD} - c:\program files (x86)\InstallShield Installation Information\{ACFDD7A9-0585-4F00-9D75-82A7DD3E40AD}\setup.exe
AddRemove-{C1594429-8296-4652-BF54-9DBE4932A44C} - c:\program files (x86)\InstallShield Installation Information\{C1594429-8296-4652-BF54-9DBE4932A44C}\setup.exe
AddRemove-{C3A32068-8AB1-4327-BB16-BED9C6219DC7} - c:\program files (x86)\InstallShield Installation Information\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}\Setup.exe
AddRemove-{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001} - c:\program files (x86)\InstallShield Installation Information\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}\Setup.exe
.
.
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_USERS\S-1-5-21-2977659287-1481995803-4227248665-1001\@*Yq*]
@Allowed: (Read) (RestrictedCode)
"cl"=dword:00000003
.
[HKEY_USERS\S-1-5-21-2977659287-1481995803-4227248665-1001\@*r*]
@Allowed: (Read) (RestrictedCode)
"cl"=dword:00000003
.
[HKEY_USERS\S-1-5-21-2977659287-1481995803-4227248665-1001\48b*]
@Allowed: (Read) (RestrictedCode)
"cl"=dword:00000003
.
[HKEY_USERS\S-1-5-21-2977659287-1481995803-4227248665-1001\4Ìg*]
@Allowed: (Read) (RestrictedCode)
"cl"=dword:00000003
.
------------------------ Autres processus actifs ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\windows\SysWOW64\ezSharedSvcHost.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\program files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
c:\program files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
.
**************************************************************************
.
Heure de fin: 2018-12-13 21:41:47 - La machine a redémarré
ComboFix-quarantined-files.txt 2018-12-13 20:41
ComboFix2.txt 2016-01-30 12:04
ComboFix3.txt 2015-09-10 18:32
ComboFix4.txt 2015-07-01 22:18
.
Avant-CF: 478 347 522 048 octets libres
Après-CF: 477 972 426 752 octets libres
.
- - End Of File - - E362D169F642A6BAC9FD65F342AED157
A36C5E4F47E84449FF07ED3517B43A31

Signaler le contenu de ce document