cjoint

Publicité


Publicité

Commentaire : Bonjour, je vous envoie le rapport combofix Cordialement et bonne journée à vous

Format du document : text/plain

Prévisualisation

ComboFix 15-10-15.01 - Jocelyn 15/10/2015 15:34:15.1.4 - x64
Microsoft Windows 7 Édition Familiale Premium 6.1.7601.1.1252.33.1036.18.6028.3299 [GMT 2:00]
Lancé depuis: c:\users\Jocelyn\Downloads\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
FW: avast! Antivirus *Disabled* {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Spybot - Search and Destroy *Disabled/Outdated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2015-09-15 au 2015-10-15 ))))))))))))))))))))))))))))))))))))
.
.
2015-10-15 13:53 . 2015-10-15 13:53 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2015-10-15 13:53 . 2015-10-15 13:53 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-10-15 13:41 . 2015-10-15 13:41 -------- d-----w- c:\users\Jocelyn\AppData\Local\TempTaskUpdateDetection4C6B2103-2559-4156-8700-28B9B1CD732D
2015-10-13 08:41 . 2015-08-31 22:45 11062400 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B6E019EF-D32D-4CBE-ABB2-C8566E812100}\mpengine.dll
2015-10-11 15:17 . 2015-10-14 16:09 -------- d-----w- c:\users\Jocelyn\AppData\Local\CrashDumps
2015-10-11 15:02 . 2015-10-12 16:26 35064 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2015-10-11 15:02 . 2015-10-11 15:02 -------- d-----w- c:\programdata\RogueKiller
2015-10-10 09:49 . 2015-10-10 09:49 -------- d-----w- c:\users\Jocelyn\AppData\Roaming\TeamViewer
2015-10-10 09:49 . 2015-10-11 16:06 -------- d-----w- c:\program files (x86)\TeamViewer
2015-10-10 09:32 . 2015-10-10 09:32 -------- d-----w- c:\users\Jocelyn\AppData\Roaming\ZHP
2015-10-07 16:10 . 2015-10-07 16:13 -------- d-----w- C:\$Windows.~BT
2015-10-07 16:10 . 2015-10-07 16:28 -------- d--h--w- c:\programdata\CanonIJMIG
2015-10-07 13:39 . 2015-10-07 13:39 -------- d--h--w- c:\programdata\CanonIJScan
2015-10-07 13:32 . 2015-10-07 16:10 -------- d-----w- c:\users\Jocelyn\AppData\Roaming\Canon
2015-10-07 13:24 . 2014-01-21 11:15 336896 ----a-w- c:\windows\SysWow64\CNC_CBL.dll
2015-10-07 12:08 . 2015-10-07 12:08 378880 ----a-w- c:\windows\system32\aswBoot.exe
2015-10-07 12:08 . 2015-10-07 12:08 43112 ----a-w- c:\windows\avastSS.scr
2015-10-07 12:07 . 2015-10-07 12:07 454528 ----a-w- c:\windows\system32\drivers\aswNdisFlt.sys
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-10-15 12:56 . 2013-11-09 13:32 387 ----a-w- c:\users\Jocelyn\AppData\Roaming\sp_data.sys
2015-10-14 17:29 . 2014-03-26 22:32 780488 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-10-14 17:29 . 2014-03-26 22:32 142536 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-10-12 14:52 . 2014-07-22 10:27 113880 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-10-07 12:08 . 2014-05-02 07:50 28656 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2015-10-07 12:08 . 2014-02-16 10:50 65224 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2015-10-07 12:08 . 2014-02-16 10:50 274808 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2015-10-07 12:08 . 2014-02-16 10:50 153744 ----a-w- c:\windows\system32\drivers\aswStm.sys
2015-10-07 12:08 . 2014-02-16 10:50 90968 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2015-10-07 12:08 . 2014-02-16 10:50 448968 ----a-w- c:\windows\system32\drivers\aswSP.sys
2015-10-07 12:08 . 2014-02-16 10:50 93528 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2015-10-07 12:08 . 2014-02-16 10:50 28144 ----a-w- c:\windows\system32\drivers\aswKbd.sys
2015-10-07 12:08 . 2014-02-16 10:50 1049880 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2015-10-07 12:07 . 2015-08-09 08:59 132656 ----a-w- c:\windows\system32\drivers\ngvss.sys
2015-09-11 23:47 . 2014-10-04 09:41 632432 ----a-w- c:\programdata\Microsoft\ClickToRun\{9AC08E99-230B-47e8-9721-4577B7F124EA}\integrator.exe
2015-09-02 03:04 . 2015-09-09 13:04 41984 ----a-w- c:\windows\system32\lpk.dll
2015-09-02 03:04 . 2015-09-09 13:04 100864 ----a-w- c:\windows\system32\fontsub.dll
2015-09-02 03:04 . 2015-09-09 13:04 14336 ----a-w- c:\windows\system32\dciman32.dll
2015-09-02 03:04 . 2015-09-09 13:04 46080 ----a-w- c:\windows\system32\atmlib.dll
2015-09-02 02:48 . 2015-09-09 13:04 70656 ----a-w- c:\windows\SysWow64\fontsub.dll
2015-09-02 02:48 . 2015-09-09 13:04 10240 ----a-w- c:\windows\SysWow64\dciman32.dll
2015-09-02 02:48 . 2015-09-09 13:04 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2015-09-02 02:47 . 2015-09-09 13:04 25600 ----a-w- c:\windows\SysWow64\lpk.dll
2015-09-02 01:51 . 2015-09-09 13:04 3209216 ----a-w- c:\windows\system32\win32k.sys
2015-09-02 01:47 . 2015-09-09 13:04 372736 ----a-w- c:\windows\system32\atmfd.dll
2015-09-02 01:33 . 2015-09-09 13:04 299520 ----a-w- c:\windows\SysWow64\atmfd.dll
2015-08-27 18:18 . 2015-09-09 13:05 2004480 ----a-w- c:\windows\system32\msxml6.dll
2015-08-27 18:18 . 2015-09-09 13:05 1887232 ----a-w- c:\windows\system32\msxml3.dll
2015-08-27 18:13 . 2015-09-09 13:05 2048 ----a-w- c:\windows\system32\msxml6r.dll
2015-08-27 18:13 . 2015-09-09 13:05 2048 ----a-w- c:\windows\system32\msxml3r.dll
2015-08-27 17:58 . 2015-09-09 13:05 1391104 ----a-w- c:\windows\SysWow64\msxml6.dll
2015-08-27 17:58 . 2015-09-09 13:05 1241088 ----a-w- c:\windows\SysWow64\msxml3.dll
2015-08-27 17:51 . 2015-09-09 13:05 2048 ----a-w- c:\windows\SysWow64\msxml6r.dll
2015-08-27 17:51 . 2015-09-09 13:05 2048 ----a-w- c:\windows\SysWow64\msxml3r.dll
2015-08-26 18:07 . 2015-09-09 13:04 98304 ----a-w- c:\windows\system32\wudriver.dll
2015-08-26 18:07 . 2015-09-09 13:04 37888 ----a-w- c:\windows\system32\wups2.dll
2015-08-26 18:07 . 2015-09-09 13:04 3165696 ----a-w- c:\windows\system32\wucltux.dll
2015-08-26 18:07 . 2015-09-09 13:04 2606080 ----a-w- c:\windows\system32\wuaueng.dll
2015-08-26 18:07 . 2015-09-09 13:04 192000 ----a-w- c:\windows\system32\wuwebv.dll
2015-08-26 18:07 . 2015-09-09 13:04 36864 ----a-w- c:\windows\system32\wups.dll
2015-08-26 18:07 . 2015-09-09 13:04 696320 ----a-w- c:\windows\system32\wuapi.dll
2015-08-26 18:06 . 2015-09-09 13:04 91136 ----a-w- c:\windows\system32\WinSetupUI.dll
2015-08-26 18:06 . 2015-09-09 13:04 12288 ----a-w- c:\windows\system32\wu.upgrade.ps.dll
2015-08-26 18:06 . 2015-09-09 13:04 37376 ----a-w- c:\windows\system32\wuapp.exe
2015-08-26 18:06 . 2015-09-09 13:04 139776 ----a-w- c:\windows\system32\wuauclt.exe
2015-08-26 17:56 . 2015-09-09 13:04 93184 ----a-w- c:\windows\SysWow64\wudriver.dll
2015-08-26 17:56 . 2015-09-09 13:04 173056 ----a-w- c:\windows\SysWow64\wuwebv.dll
2015-08-26 17:56 . 2015-09-09 13:04 30208 ----a-w- c:\windows\SysWow64\wups.dll
2015-08-26 17:56 . 2015-09-09 13:04 566784 ----a-w- c:\windows\SysWow64\wuapi.dll
2015-08-26 17:55 . 2015-09-09 13:04 34816 ----a-w- c:\windows\SysWow64\wuapp.exe
2015-08-26 16:37 . 2013-11-11 14:44 134753440 ----a-w- c:\windows\system32\MRT.exe
2015-08-18 01:42 . 2015-09-09 13:07 393304 ----a-w- c:\windows\system32\iedkcs32.dll
2015-08-15 06:48 . 2015-09-09 13:06 25190400 ----a-w- c:\windows\system32\mshtml.dll
2015-08-15 06:34 . 2015-09-09 13:07 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2015-08-15 06:33 . 2015-09-09 13:07 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2015-08-15 06:18 . 2015-09-09 13:07 66560 ----a-w- c:\windows\system32\iesetup.dll
2015-08-15 06:18 . 2015-09-09 13:07 48640 ----a-w- c:\windows\system32\ieetwproxystub.dll
2015-08-15 06:17 . 2015-09-09 13:06 417792 ----a-w- c:\windows\system32\html.iec
2015-08-15 06:17 . 2015-09-09 13:06 585216 ----a-w- c:\windows\system32\vbscript.dll
2015-08-15 06:17 . 2015-09-09 13:07 2886144 ----a-w- c:\windows\system32\iertutil.dll
2015-08-15 06:17 . 2015-09-09 13:06 88064 ----a-w- c:\windows\system32\MshtmlDac.dll
2015-08-15 06:10 . 2015-09-09 13:06 54784 ----a-w- c:\windows\system32\jsproxy.dll
2015-08-15 06:09 . 2015-09-09 13:07 34304 ----a-w- c:\windows\system32\iernonce.dll
2015-08-15 06:06 . 2015-09-09 13:06 615936 ----a-w- c:\windows\system32\ieui.dll
2015-08-15 06:04 . 2015-09-09 13:07 114688 ----a-w- c:\windows\system32\ieetwcollector.exe
2015-08-15 06:04 . 2015-09-09 13:06 144384 ----a-w- c:\windows\system32\ieUnatt.exe
2015-08-15 06:04 . 2015-09-09 13:06 817664 ----a-w- c:\windows\system32\jscript.dll
2015-08-15 06:04 . 2015-09-09 13:06 814080 ----a-w- c:\windows\system32\jscript9diag.dll
2015-08-15 06:00 . 2015-09-09 13:06 5923328 ----a-w- c:\windows\system32\jscript9.dll
2015-08-15 05:57 . 2015-09-09 13:07 968704 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2015-08-15 05:53 . 2015-09-09 13:06 490496 ----a-w- c:\windows\system32\dxtmsft.dll
2015-08-15 05:53 . 2015-09-09 13:07 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb
2015-08-15 05:46 . 2015-09-09 13:07 77824 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2015-08-15 05:42 . 2015-09-09 13:06 199680 ----a-w- c:\windows\system32\msrating.dll
2015-08-15 05:41 . 2015-09-09 13:06 92160 ----a-w- c:\windows\system32\mshtmled.dll
2015-08-15 05:40 . 2015-09-09 13:07 504832 ----a-w- c:\windows\SysWow64\vbscript.dll
2015-08-15 05:40 . 2015-09-09 13:07 62464 ----a-w- c:\windows\SysWow64\iesetup.dll
2015-08-15 05:39 . 2015-09-09 13:07 47616 ----a-w- c:\windows\SysWow64\ieetwproxystub.dll
2015-08-15 05:39 . 2015-09-09 13:06 341504 ----a-w- c:\windows\SysWow64\html.iec
2015-08-15 05:39 . 2015-09-09 13:07 316928 ----a-w- c:\windows\system32\dxtrans.dll
2015-08-15 05:38 . 2015-09-09 13:07 64000 ----a-w- c:\windows\SysWow64\MshtmlDac.dll
2015-08-15 05:29 . 2015-09-09 13:07 115712 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2015-08-15 05:29 . 2015-09-09 13:07 620032 ----a-w- c:\windows\SysWow64\jscript9diag.dll
2015-08-15 05:24 . 2015-09-09 13:07 720384 ----a-w- c:\windows\system32\ie4uinit.exe
2015-08-15 05:23 . 2015-09-09 13:07 801280 ----a-w- c:\windows\system32\msfeeds.dll
2015-08-15 05:22 . 2015-09-09 13:06 1359360 ----a-w- c:\windows\system32\mshtmlmedia.dll
2015-08-15 05:22 . 2015-09-09 13:07 2126336 ----a-w- c:\windows\system32\inetcpl.cpl
2015-08-15 05:16 . 2015-09-09 13:07 60416 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2015-08-15 05:16 . 2015-09-09 13:06 14451712 ----a-w- c:\windows\system32\ieframe.dll
2015-08-15 05:10 . 2015-09-09 13:06 4520448 ----a-w- c:\windows\SysWow64\jscript9.dll
2015-08-15 05:07 . 2015-09-09 13:06 2427392 ----a-w- c:\windows\system32\wininet.dll
2015-08-15 05:01 . 2015-09-09 13:07 2052608 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2015-08-15 05:01 . 2015-09-09 13:06 1155072 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2015-08-15 04:55 . 2015-09-09 13:07 1545728 ----a-w- c:\windows\system32\urlmon.dll
2015-08-15 04:43 . 2015-09-09 13:07 800768 ----a-w- c:\windows\system32\ieapfltr.dll
2015-08-15 04:43 . 2015-09-09 13:06 1951232 ----a-w- c:\windows\SysWow64\wininet.dll
2015-08-05 17:56 . 2015-09-09 13:07 1110016 ----a-w- c:\windows\system32\schedsvc.dll
2015-08-05 17:56 . 2015-09-09 13:07 24576 ----a-w- c:\windows\system32\jnwmon.dll
2015-08-05 17:56 . 2015-09-09 13:07 275456 ----a-w- c:\windows\system32\InkEd.dll
2015-08-05 17:40 . 2015-09-09 13:07 216064 ----a-w- c:\windows\SysWow64\InkEd.dll
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2015-09-11 23:47 1733240 ----a-w- c:\program files\Microsoft Office 15\root\office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2015-09-11 23:47 1733240 ----a-w- c:\program files\Microsoft Office 15\root\office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2015-09-11 23:47 1733240 ----a-w- c:\program files\Microsoft Office 15\root\office15\grooveex.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\program files (x86)\Steam\Steam.exe" [2015-10-08 2900560]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ASUSPRP"="c:\program files (x86)\ASUS\APRP\APRP.EXE" [2012-02-24 3331312]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-02-07 291608]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2012-04-19 5142128]
"ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2011-12-23 318080]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2011-10-25 174720]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"CLMLServer"="c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe" [2010-08-20 107816]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2015-10-07 6134544]
"CanonQuickMenu"="c:\program files (x86)\Canon\Quick Menu\CNQMMAIN.EXE" [2014-01-17 1284680]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0sdnclean64.exe
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys;c:\windows\SYSNATIVE\DRIVERS\SiSG664.sys [x]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 aswNdisFlt;Avast! Firewall Driver;c:\windows\system32\DRIVERS\aswNdisFlt.sys;c:\windows\SYSNATIVE\DRIVERS\aswNdisFlt.sys [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S0 ngvss;ngvss; [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys;c:\windows\SYSNATIVE\drivers\aswKbd.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 ATKWMIACPIIO;ATKWMIACPI Driver;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [x]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [x]
S2 ASUS InstantOn;ASUS InstantOn Service;c:\program files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe;c:\program files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 avast! Firewall;Avast Firewall;c:\program files\AVAST Software\Avast\afwServ.exe;c:\program files\AVAST Software\Avast\afwServ.exe [x]
S2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [x]
S2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [x]
S2 ClickToRunSvc;Service Démarrer en clic Microsoft Office;c:\program files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe;c:\program files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 VBoxAswDrv;VBoxAsw Support Driver;c:\program files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys;c:\program files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [x]
S2 VIAKaraokeService;VIA Karaoke digital mixer Service;c:\windows\system32\viakaraokesrv.exe;c:\windows\SYSNATIVE\viakaraokesrv.exe [x]
S3 AiCharger;ASUS Charger Driver;c:\windows\system32\DRIVERS\AiCharger.sys;c:\windows\SYSNATIVE\DRIVERS\AiCharger.sys [x]
S3 AsusVBus;AsusVBus;c:\windows\system32\DRIVERS\AsusVBus.sys;c:\windows\SYSNATIVE\DRIVERS\AsusVBus.sys [x]
S3 AsusVTouch;AsusVTouch;c:\windows\system32\DRIVERS\AsusVTouch.sys;c:\windows\SYSNATIVE\DRIVERS\AsusVTouch.sys [x]
S3 AvastVBoxSvc;AvastVBox COM Service;c:\program files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe;c:\program files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 iusb3hub;Intel(R) USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys;c:\windows\SYSNATIVE\drivers\viahduaa.sys [x]
.
.
Contenu du dossier 'Tâches planifiées'
.
2015-10-15 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-26 17:29]
.
2015-10-15 c:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
- c:\program files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25 21:41]
.
2015-10-13 c:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
- c:\program files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25 21:41]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2015-09-11 08:26 2340472 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2015-09-11 08:26 2340472 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2015-09-11 08:26 2340472 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2015-10-07 12:08 780616 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-02-22 170264]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-02-22 398616]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2011-03-21 361984]
"ACMON"="c:\program files (x86)\ASUS\Splendid\ACMON.exe" [2012-05-08 90792]
"Able2Extract 9.0 Print Dispatcher"="c:\program files\Investintech.com Inc\Able2Extract 9.0\Able2Extract.PrnDisp.exe" [2014-12-08 9023816]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Examen supplémentaire -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.fr/
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://www.google.com
IE: E&xport to Microsoft Excel - c:\program files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\program files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
Trusted Zone: sharepoint.com\upecnumerique
Trusted Zone: sharepoint.com\upecnumerique-my
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Jocelyn\AppData\Roaming\mozilla\firefox\Profiles\j1uyybq9.default-1444425091700\
.
- - - - ORPHELINS SUPPRIMES - - - -
.
Toolbar-Locked - (no file)
HKLM-Run-ETDCtrl - c:\program files (x86)\Elantech\ETDCtrl.exe
.
.
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_19_0_0_207_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_19_0_0_207_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_19_0_0_207_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_19_0_0_207_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_19_0_0_207.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.19"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_19_0_0_207.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_19_0_0_207.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_19_0_0_207.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Heure de fin: 2015-10-15 16:01:19
ComboFix-quarantined-files.txt 2015-10-15 14:01
.
Avant-CF: 349 078 122 496 octets libres
Après-CF: 349 006 217 216 octets libres
.
- - End Of File - - 50314DE38FC949738C04A87F67B900A2

Publicité


Signaler le contenu de ce document

Publicité