ComboFix 17-01-04.01 - zakio 10/01/2017  23:01:03.2.4 - x64
Microsoft Windows 7 Professionnel   6.1.7601.1.1252.33.1036.18.3767.2912 [GMT 1:00]
LancÃ© depuis: c:\users\zakio\Desktop\ComboFix.exe
AV: Avast Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
FW: Avast Antivirus *Disabled* {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
SP: Avast Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Autres suppressions   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
Une copie infectÃ©e de c:\windows\SysWow64\Version.dll a Ã©tÃ© trouvÃ©e et dÃ©sinfectÃ©e 
Copie restaurÃ©e Ã  partir de - c:\windows\erdnt\cache86\version.dll 
.
.
(((((((((((((((((((((((((((((   Fichiers crÃ©Ã©s du 2016-12-10 au 2017-01-10  ))))))))))))))))))))))))))))))))))))
.
.
2017-01-10 22:05 . 2017-01-10 22:05	--------	d-----w-	c:\users\Default\AppData\Local\temp
2017-01-10 15:26 . 2017-01-10 15:29	--------	d-----w-	C:\FRST
2017-01-09 18:12 . 2017-01-09 18:17	--------	d-----w-	c:\program files (x86)\Opera
2017-01-05 09:42 . 2017-01-05 09:42	--------	d-----w-	c:\programdata\IDM
2017-01-05 09:41 . 2017-01-05 09:45	--------	d-----w-	c:\program files (x86)\Internet Download Manager
2017-01-04 13:07 . 2017-01-05 20:28	--------	d-----w-	c:\programdata\Microsoft Help
2017-01-04 11:13 . 2017-01-04 11:13	--------	d-----w-	c:\program files\VideoLAN
2017-01-03 16:02 . 2017-01-10 22:06	--------	d-----w-	c:\program files\Google
2017-01-03 15:49 . 2017-01-10 22:06	--------	d-----w-	c:\program files (x86)\Google
2017-01-03 15:48 . 2017-01-03 15:48	--------	d-----w-	c:\program files (x86)\Common Files\AV
2017-01-03 15:48 . 2017-01-03 15:48	--------	d-----w-	c:\program files\Common Files\AV
2017-01-03 15:43 . 2017-01-03 15:43	37144	----a-w-	c:\windows\system32\drivers\aswKbd.sys
2017-01-03 15:25 . 2017-01-03 15:24	163416	----a-w-	c:\windows\system32\drivers\aswStm.sys
2017-01-03 15:25 . 2017-01-03 15:27	293352	----a-w-	c:\windows\system32\drivers\aswvmm.sys
2017-01-03 15:25 . 2017-01-03 15:26	513632	----a-w-	c:\windows\system32\drivers\aswsp.sys
2017-01-03 15:25 . 2017-01-03 15:24	74544	----a-w-	c:\windows\system32\drivers\aswRvrt.sys
2017-01-03 15:25 . 2017-01-03 15:24	108816	----a-w-	c:\windows\system32\drivers\aswMonFlt.sys
2017-01-03 15:25 . 2017-01-03 15:24	37656	----a-w-	c:\windows\system32\drivers\aswHwid.sys
2017-01-03 15:25 . 2017-01-03 15:24	103064	----a-w-	c:\windows\system32\drivers\aswRdr2.sys
2017-01-03 15:25 . 2017-01-03 15:26	969184	----a-w-	c:\windows\system32\drivers\aswsnx.sys
2017-01-03 15:25 . 2017-01-03 15:23	453192	----a-w-	c:\windows\system32\drivers\aswNetSec.sys
2017-01-03 15:24 . 2017-01-03 15:24	921280	----a-w-	c:\windows\SysWow64\ucrtbase.dll
2017-01-03 15:24 . 2017-01-03 15:24	992960	----a-w-	c:\windows\system32\ucrtbase.dll
2017-01-03 15:24 . 2017-01-03 15:24	53208	----a-w-	c:\windows\avastSS.scr
2017-01-03 15:23 . 2017-01-03 15:23	28312	----a-w-	c:\windows\system32\drivers\aswNetNd6.sys
2017-01-03 15:17 . 2017-01-03 15:43	--------	d-----w-	c:\program files\AVAST Software
2017-01-03 15:11 . 2017-01-03 15:43	--------	d-----w-	c:\programdata\AVAST Software
2017-01-03 15:08 . 2014-05-14 16:23	44512	----a-w-	c:\windows\system32\wups2.dll
2017-01-03 15:08 . 2014-05-14 16:23	58336	----a-w-	c:\windows\system32\wuauclt.exe
2017-01-03 15:08 . 2014-05-14 16:23	2477536	----a-w-	c:\windows\system32\wuaueng.dll
2017-01-03 15:08 . 2014-05-14 16:21	2620928	----a-w-	c:\windows\system32\wucltux.dll
2017-01-03 15:07 . 2014-05-14 08:23	198600	----a-w-	c:\windows\system32\wuwebv.dll
2017-01-03 15:07 . 2014-05-14 08:23	179656	----a-w-	c:\windows\SysWow64\wuwebv.dll
2017-01-03 15:07 . 2014-05-14 08:20	36864	----a-w-	c:\windows\system32\wuapp.exe
2017-01-03 15:07 . 2014-05-14 08:17	33792	----a-w-	c:\windows\SysWow64\wuapp.exe
2017-01-03 14:41 . 2017-01-03 14:41	--------	d-----w-	c:\program files (x86)\Common Files\postureAgent
2017-01-03 14:38 . 2011-03-01 09:54	1142376	----a-r-	c:\windows\system32\drivers\rtl8192ce.sys
2017-01-03 14:38 . 2017-01-03 14:39	--------	d-----w-	c:\program files (x86)\REALTEK PCIE Wireless LAN Driver
2017-01-03 14:38 . 2009-02-05 01:49	451072	----a-w-	c:\windows\SysWow64\ISSRemoveSP.exe
2017-01-03 14:35 . 2011-03-11 17:56	2712064	----a-w-	c:\windows\system32\drivers\athrx.sys
2017-01-03 14:35 . 2017-01-03 14:35	--------	d-----w-	c:\windows\system32\nn-NO
2017-01-03 14:35 . 2011-03-16 15:47	63648	----a-w-	c:\windows\system32\athihvui.dll
2017-01-03 14:35 . 2017-01-03 14:35	--------	d-----w-	c:\program files (x86)\Atheros
2017-01-03 14:35 . 2011-03-16 15:47	443040	----a-w-	c:\windows\system32\athihvs.dll
2017-01-03 14:34 . 2017-01-03 14:36	--------	d-----w-	c:\programdata\Atheros
2017-01-03 14:32 . 2017-01-03 14:32	--------	d-----w-	c:\program files\DIFX
2017-01-03 14:31 . 2017-01-03 14:31	--------	d-----w-	c:\program files (x86)\Cisco
2017-01-03 14:30 . 2017-01-03 14:30	6656	----a-w-	c:\windows\system32\bcmwlrc.dll
2017-01-03 14:29 . 2017-01-03 14:29	--------	d-----w-	c:\program files\Common Files\Intel
2017-01-03 14:29 . 2017-01-03 14:29	--------	d-----w-	c:\program files (x86)\Common Files\Intel
2017-01-03 14:26 . 2017-01-03 14:26	--------	d-----w-	c:\program files\Intel
2017-01-03 14:23 . 2017-01-03 14:23	--------	d-----w-	c:\program files\Synaptics
2017-01-03 14:23 . 2010-10-08 10:32	1395248	----a-w-	c:\windows\system32\drivers\SynTP.sys
2017-01-03 14:23 . 2010-10-08 10:29	165160	----a-w-	c:\windows\system32\SynGlwPadShlExt.dll
2017-01-03 14:23 . 2010-10-08 10:29	107816	----a-w-	c:\windows\SysWow64\SynTPCOM.dll
2017-01-03 14:23 . 2010-10-08 10:29	148264	----a-w-	c:\windows\system32\SynTPCo4.dll
2017-01-03 14:23 . 2010-10-08 10:29	221480	----a-w-	c:\windows\system32\SynTPAPI.dll
2017-01-03 14:23 . 2010-10-08 10:29	273704	----a-w-	c:\windows\system32\SynCtrl.dll
2017-01-03 14:23 . 2010-10-08 10:29	218408	----a-w-	c:\windows\SysWow64\SynCtrl.dll
2017-01-03 14:23 . 2010-10-08 10:29	173352	----a-w-	c:\windows\SysWow64\SynCOM.dll
2017-01-03 14:23 . 2009-08-07 01:49	1721576	----a-w-	c:\windows\system32\WdfCoInstaller01009.dll
2017-01-03 14:21 . 2017-01-03 14:21	--------	d-----w-	c:\program files\Elantech
2017-01-03 14:21 . 2011-04-05 11:26	142632	----a-w-	c:\windows\system32\drivers\ETD.sys
2017-01-03 14:02 . 2017-01-03 14:45	--------	d-----w-	c:\program files (x86)\Intel
2017-01-03 14:02 . 2009-11-18 08:03	53248	----a-r-	c:\windows\SysWow64\CSVer.dll
2017-01-03 14:00 . 2017-01-03 14:30	--------	d-----w-	c:\program files\Broadcom
2017-01-03 13:51 . 2017-01-03 13:51	--------	d-----w-	c:\windows\SysWow64\sda
2017-01-03 13:51 . 2010-07-20 09:42	422504	----a-w-	c:\windows\system32\RtsUStor.dll
2017-01-03 13:50 . 2010-09-22 01:47	243712	----a-r-	c:\windows\system32\drivers\RtsUStor.sys
2017-01-03 13:50 . 2010-07-20 09:42	9112168	----a-w-	c:\windows\SysWow64\RtsUStoricon.dll
2017-01-03 13:48 . 2010-11-29 10:47	1868944	----a-w-	c:\windows\system32\MaxxAudioRealtek.dll
2017-01-03 13:47 . 2017-01-03 13:47	--------	d-----w-	c:\program files (x86)\Common Files\InstallShield
2017-01-03 13:43 . 2017-01-03 13:43	--------	d-----w-	c:\program files (x86)\Common Files\Adobe AIR
2017-01-03 13:38 . 2017-01-03 13:40	--------	d-----w-	c:\program files (x86)\Common Files\Adobe
2017-01-03 13:37 . 2017-01-10 13:51	--------	d-sh--w-	c:\windows\Installer
2017-01-03 13:15 . 2017-01-03 13:18	--------	d-----w-	c:\users\zakio
2017-01-03 13:15 . 2017-01-03 13:15	--------	d-sh--we	c:\users\Default\Voisinage rÃ©seau
2017-01-03 12:00 . 2017-01-03 13:31	--------	d-----w-	C:\Windows.old
2016-12-27 06:28 . 2016-12-27 06:28	--------	d-----w-	C:\found.000
2016-12-15 20:53 . 2016-12-15 21:11	--------	d-----w-	C:\Intel
2016-12-15 19:58 . 2017-01-03 13:15	--------	d-----w-	C:\Recovery
2016-12-15 19:39 . 2017-01-03 12:25	--------	d-----w-	C:\Boot
.
.
.
((((((((((((((((((((((((((((((((((   Compte-rendu de Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
(((((((((((((((((((((((((((((((((   Points de chargement Reg   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les Ã©lÃ©ments vides & les Ã©lÃ©ments initiaux lÃ©gitimes ne sont pas listÃ©s 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IDMan"="c:\program files (x86)\Internet Download Manager\IDMan.exe" [2016-10-01 3994736]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2017-01-03 9080768]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 avast! Firewall;Avast Firewall;c:\program files\AVAST Software\Avast\afwServ.exe;c:\program files\AVAST Software\Avast\afwServ.exe [x]
R3 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 TurboBoost;TurboBoost;c:\program files\Intel\TurboBoost\TurboBoost.exe;c:\program files\Intel\TurboBoost\TurboBoost.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys;c:\windows\SYSNATIVE\drivers\aswKbd.sys [x]
S1 aswNetSec;aswNetSec;c:\windows\system32\drivers\aswNetSec.sys;c:\windows\SYSNATIVE\drivers\aswNetSec.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
S2 IDMWFP;IDMWFP;c:\windows\system32\DRIVERS\idmwfp.sys;c:\windows\SYSNATIVE\DRIVERS\idmwfp.sys [x]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys;c:\windows\SYSNATIVE\DRIVERS\TurboB.sys [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 aswNetNd6;Avast Firewall NDIS6 Helper;c:\windows\system32\DRIVERS\aswNetNd6.sys;c:\windows\SYSNATIVE\DRIVERS\aswNetNd6.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys;c:\windows\SYSNATIVE\DRIVERS\Impcd.sys [x]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys;c:\windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x]
.
.
--- Autres Services/Pilotes en mÃ©moire ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2017-01-03 15:56	1384792	----a-w-	c:\program files (x86)\Google\Chrome\Application\55.0.2883.87\Installer\chrmstp.exe
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\   IDM Shell Extension]
@="{CDC95B92-E27C-4745-A8C5-64A52A78855D}"
[HKEY_CLASSES_ROOT\CLSID\{CDC95B92-E27C-4745-A8C5-64A52A78855D}]
2015-08-14 14:52	25624	----a-w-	c:\program files (x86)\Internet Download Manager\IDMShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2017-01-03 15:24	1031520	----a-w-	c:\program files\AVAST Software\Avast\ashShA64.dll
.
------- Examen supplÃ©mentaire -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Download all links with IDM - c:\program files (x86)\Internet Download Manager\IEGetAll.htm
IE: Download with IDM - c:\program files (x86)\Internet Download Manager\IEExt.htm
TCP: DhcpNameServer = 192.168.1.1
.
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Autres processus actifs ------------------------
.
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Heure de fin: 2017-01-10  23:13:32 - La machine a redÃ©marrÃ©
ComboFix-quarantined-files.txt  2017-01-10 22:13
ComboFix2.txt  2017-01-10 21:53
.
Avant-CF: 73Â 725Â 059Â 072 octets libres
AprÃ¨s-CF: 73Â 664Â 462Â 848 octets libres
.
- - End Of File - - BC438FC280E0871E501204C2AFA481EE
A36C5E4F47E84449FF07ED3517B43A31