Rapport combofix

Fermé
tozate Messages postés 24 Date d'inscription vendredi 2 janvier 2009 Statut Membre Dernière intervention 1 avril 2014 - 1 avril 2014 à 23:57
Bonjour,

Voici le rapport avec combofix


ComboFix 14-03-24.01 - ABOU 01/04/2014 22:34:04.1.4 - x64
Microsoft Windows 7 Professionnel 6.1.7601.1.1252.33.1036.18.6046.4501 [GMT 1:00]
Lancé depuis: c:\users\ABOU\Downloads\ComboFix.exe
AV: Kaspersky Internet Security *Enabled/Outdated* {179979E8-273D-D14E-0543-2861940E4886}
FW: Kaspersky Internet Security *Enabled* {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}
SP: Kaspersky Internet Security *Enabled/Updated* {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\hpeCA24.dll
c:\windows\msxml4-KB954430-enu.LOG
c:\windows\msxml4-KB973688-enu.LOG
c:\windows\wininit.ini
.
.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_vpnagent
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2014-03-01 au 2014-04-01 ))))))))))))))))))))))))))))))))))))
.
.
2014-04-01 08:38 . 2014-03-07 04:43 10521840 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B4AE3F3D-425A-4FBC-B584-4BA03F506C26}\mpengine.dll
2014-03-31 20:51 . 2014-03-31 20:51 -------- d-----w- c:\programdata\Cisco
2014-03-31 20:51 . 2014-03-31 20:51 -------- d-----w- c:\program files (x86)\Cisco
2014-03-30 21:23 . 2014-03-30 21:23 -------- d-----w- c:\program files (x86)\VideoLAN
2014-03-30 09:28 . 2014-03-30 09:28 -------- d-----w- c:\program files (x86)\Notepad++
2014-03-27 08:56 . 2013-12-21 08:56 454656 ----a-w- c:\windows\SysWow64\vbscript.dll
2014-03-27 08:56 . 2013-12-21 09:53 548864 ----a-w- c:\windows\system32\vbscript.dll
2014-03-24 21:36 . 2013-10-14 17:00 28368 ----a-w- c:\windows\system32\IEUDINIT.EXE
2014-03-24 21:30 . 2014-03-24 21:30 878080 ----a-w- c:\windows\system32\advapi32.dll
2014-03-24 21:29 . 2014-03-24 21:29 -------- d-----w- c:\program files (x86)\MSXML 4.0
2014-03-24 06:26 . 2014-03-24 06:26 -------- d-----w- c:\programdata\BVRP Software
2014-03-23 18:54 . 2014-03-23 18:49 4833792 ----a-w- c:\windows\SysWow64\cdintf450.dll
2014-03-23 18:54 . 2014-03-23 18:49 6533632 ----a-w- c:\windows\system32\cdintf450_64.dll
2014-03-23 18:54 . 2014-03-23 18:49 199680 ----a-w- c:\windows\system32\SET5F44.tmp
2014-03-23 18:54 . 2014-03-23 18:54 -------- d-----w- c:\programdata\FLEXnet
2014-03-23 18:54 . 2014-03-23 18:54 -------- d-----w- c:\program files (x86)\Common Files\Macrovision Shared
2014-03-23 18:52 . 2014-03-23 18:52 -------- d-----w- c:\windows\Crystal
2014-03-23 18:52 . 2014-03-23 18:52 -------- d-----w- c:\programdata\MapInfo
2014-03-23 18:52 . 2014-03-23 18:52 -------- d-----w- c:\program files (x86)\Seagate Software
2014-03-23 18:52 . 2014-03-23 18:52 -------- d-----w- c:\program files (x86)\MapInfo
2014-03-23 17:16 . 2008-01-09 10:28 34032 ----a-w- c:\windows\system32\drivers\seehcri.sys
2014-03-17 13:33 . 2014-03-17 13:33 -------- d-----w- c:\users\Public\Foxit Software
2014-03-17 13:33 . 2014-03-17 13:33 -------- d-----w- c:\program files (x86)\Foxit Software
2014-03-17 13:12 . 2014-03-17 13:12 -------- d-----w- c:\programdata\regid.1991-06.com.microsoft
2014-03-17 13:04 . 2014-03-17 13:04 -------- d-----w- c:\programdata\Zbshareware Lab
2014-03-17 13:04 . 2014-03-17 13:04 -------- d-----w- c:\program files (x86)\USB Disk Security
2014-03-16 08:25 . 2010-02-23 08:16 294912 ----a-w- c:\windows\system32\browserchoice.exe
2014-03-13 09:17 . 2011-04-28 03:55 552960 ----a-w- c:\windows\system32\drivers\bthport.sys
2014-03-13 09:17 . 2011-04-28 03:54 80384 ----a-w- c:\windows\system32\drivers\BTHUSB.SYS
2014-03-12 19:04 . 2014-02-04 02:32 624128 ----a-w- c:\windows\system32\qedit.dll
2014-03-12 19:04 . 2014-02-04 02:04 509440 ----a-w- c:\windows\SysWow64\qedit.dll
2014-03-12 19:04 . 2014-01-29 02:32 484864 ----a-w- c:\windows\system32\wer.dll
2014-03-12 19:04 . 2014-01-29 02:06 381440 ----a-w- c:\windows\SysWow64\wer.dll
2014-03-12 19:04 . 2014-02-07 01:23 3156480 ----a-w- c:\windows\system32\win32k.sys
2014-03-12 19:04 . 2013-12-24 23:09 1987584 ----a-w- c:\windows\SysWow64\d3d10warp.dll
2014-03-12 19:04 . 2013-12-24 22:48 2565120 ----a-w- c:\windows\system32\d3d10warp.dll
2014-03-12 19:04 . 2013-11-26 08:16 3419136 ----a-w- c:\windows\SysWow64\d2d1.dll
2014-03-12 19:04 . 2013-11-22 22:48 3928064 ----a-w- c:\windows\system32\d2d1.dll
2014-03-11 22:30 . 2014-03-11 22:30 -------- d-----w- c:\windows\SysWow64\wbem\en-US
2014-03-11 22:30 . 2014-03-11 22:30 -------- d-----w- c:\windows\system32\wbem\en-US
2014-03-11 22:29 . 2014-03-11 22:29 -------- d-----w- c:\windows\SysWow64\Wat
2014-03-11 22:29 . 2014-03-11 22:29 -------- d-----w- c:\windows\system32\Wat
2014-03-11 10:41 . 2014-03-11 10:41 1887232 ----a-w- c:\windows\system32\d3d11.dll
2014-03-11 10:41 . 2014-03-11 10:41 1505280 ----a-w- c:\windows\SysWow64\d3d11.dll
2014-03-11 09:19 . 2012-03-01 06:46 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2014-03-11 09:19 . 2012-03-01 06:28 5120 ----a-w- c:\windows\system32\wmi.dll
2014-03-11 09:19 . 2012-03-01 05:29 5120 ----a-w- c:\windows\SysWow64\wmi.dll
2014-03-10 14:36 . 2014-03-26 22:02 -------- d-----w- c:\program files (x86)\FileZilla FTP Client
2014-03-10 11:25 . 2014-04-01 21:10 -------- d-----w- c:\program files (x86)\SerialTrunc
2014-03-10 11:25 . 2014-03-10 11:25 -------- d-----w- c:\program files (x86)\YourFileDownloader
2014-03-10 10:55 . 2014-03-10 11:02 -------- d-----w- c:\program files (x86)\Mega Browse
2014-03-10 10:54 . 2014-03-10 11:02 -------- d-----w- c:\program files (x86)\Mobogenie
2014-03-10 10:28 . 2014-03-10 10:28 -------- d-----w- c:\programdata\IDM
2014-03-10 10:13 . 2013-02-27 05:48 1930752 ----a-w- c:\windows\system32\authui.dll
2014-03-10 10:12 . 2013-10-04 02:16 116736 ----a-w- c:\windows\system32\drivers\drmk.sys
2014-03-10 10:11 . 2011-04-29 03:06 467456 ----a-w- c:\windows\system32\drivers\srv.sys
2014-03-10 10:10 . 2012-11-23 03:13 68608 ----a-w- c:\windows\system32\taskhost.exe
2014-03-10 10:09 . 2011-06-15 10:02 212992 ----a-w- c:\windows\system32\odbctrac.dll
2014-03-10 10:08 . 2011-10-26 05:25 1572864 ----a-w- c:\windows\system32\quartz.dll
2014-03-10 10:08 . 2011-10-26 05:25 366592 ----a-w- c:\windows\system32\qdvd.dll
2014-03-10 10:08 . 2011-10-26 04:32 514560 ----a-w- c:\windows\SysWow64\qdvd.dll
2014-03-10 10:08 . 2011-10-26 04:32 1328128 ----a-w- c:\windows\SysWow64\quartz.dll
2014-03-10 10:08 . 2011-07-09 02:46 288768 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2014-03-10 10:08 . 2011-04-27 02:40 158208 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2014-03-10 10:08 . 2011-04-27 02:39 128000 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2014-03-10 10:08 . 2011-11-17 06:35 395776 ----a-w- c:\windows\system32\webio.dll
2014-03-10 10:08 . 2011-11-17 05:35 314880 ----a-w- c:\windows\SysWow64\webio.dll
2014-03-10 10:08 . 2013-04-12 14:45 1656680 ----a-w- c:\windows\system32\drivers\ntfs.sys
2014-03-10 09:59 . 2014-03-10 09:59 -------- d-----w- c:\program files (x86)\TeamViewer
2014-03-10 09:49 . 2014-03-10 09:49 -------- d-----w- c:\program files (x86)\Microsoft Synchronization Services
2014-03-10 09:49 . 2014-03-10 09:49 -------- d-----w- c:\windows\PCHEALTH
2014-03-10 09:49 . 2014-03-10 09:49 -------- d-----w- c:\program files (x86)\Microsoft Sync Framework
2014-03-10 09:49 . 2014-03-10 09:49 -------- d-----w- c:\program files (x86)\Microsoft SQL Server Compact Edition
2014-03-10 09:47 . 2014-03-10 09:47 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 8
2014-03-10 09:47 . 2014-03-17 13:09 -------- d-----w- c:\program files\Microsoft Office
2014-03-10 09:46 . 2014-03-10 09:46 -------- d-----w- c:\program files (x86)\Microsoft Analysis Services
2014-03-10 09:45 . 2014-03-17 13:12 -------- d-----w- c:\programdata\Microsoft Help
2014-03-10 09:45 . 2014-03-10 09:45 -------- d-----r- C:\MSOCache
2014-03-09 22:43 . 2014-03-09 22:42 41984 ----a-w- c:\windows\system32\drivers\USB3Ver.dll
2014-03-09 22:31 . 2012-06-22 00:13 15168 ----a-w- c:\windows\system32\drivers\IntelMEFWVer.dll
2014-03-09 22:30 . 2014-03-09 22:31 -------- d-----w- c:\programdata\Intel
2014-03-09 22:30 . 2014-03-09 22:30 -------- d-----w- c:\program files\Intel
2014-03-09 22:30 . 2014-03-09 22:30 -------- d-----w- c:\program files (x86)\Common Files\postureAgent
2014-03-09 22:30 . 2012-07-02 22:16 62784 ----a-w- c:\windows\system32\drivers\HECIx64.sys
2014-03-09 22:22 . 2014-03-09 22:43 -------- d-----w- c:\program files (x86)\Intel
2014-03-09 22:22 . 2011-12-06 14:55 53248 ----a-w- c:\windows\SysWow64\CSVer.dll
2014-03-09 22:22 . 2014-03-09 22:22 -------- d-----w- C:\DRIVERS
2014-03-09 22:21 . 2013-05-06 08:13 110176 ----a-w- c:\windows\system32\klfphc.dll
2014-03-09 22:20 . 2014-03-09 22:20 -------- d-----w- c:\windows\ELAMBKUP
2014-03-09 22:20 . 2014-04-01 21:39 -------- d-----w- c:\programdata\Kaspersky Lab
2014-03-09 22:20 . 2014-03-09 22:20 -------- d-----w- c:\program files (x86)\Kaspersky Lab
2014-03-09 22:20 . 2014-03-10 10:52 624224 ----a-w- c:\windows\system32\drivers\klif.sys
2014-03-09 22:20 . 2014-03-10 10:52 115296 ----a-w- c:\windows\system32\drivers\klflt.sys
2014-03-09 22:18 . 2014-03-10 09:49 -------- d-----w- c:\program files (x86)\Microsoft.NET
2014-03-09 22:16 . 2014-03-09 22:16 -------- d-----w- c:\programdata\Kaspersky Lab Setup Files
2014-03-09 22:10 . 2014-03-09 22:10 -------- d-----w- c:\windows\SysWow64\NV
2014-03-09 22:10 . 2014-03-09 22:10 -------- d-----w- c:\windows\system32\NV
2014-03-09 22:09 . 2014-03-09 22:09 -------- d-----w- c:\program files\Microsoft Silverlight
2014-03-09 22:09 . 2014-03-09 22:09 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
2014-03-09 22:03 . 2012-02-17 06:38 1031680 ----a-w- c:\windows\system32\rdpcore.dll
2014-03-09 22:03 . 2012-02-17 05:34 826880 ----a-w- c:\windows\SysWow64\rdpcore.dll
2014-03-09 22:03 . 2012-02-17 04:57 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2014-03-09 22:03 . 2014-03-31 20:51 -------- d-sh--w- c:\windows\Installer
2014-03-09 21:58 . 2014-03-10 11:08 -------- d-----w- c:\program files (x86)\Google
2014-03-09 21:57 . 2014-03-09 21:57 -------- d-----w- c:\program files (x86)\Lavalys
2014-03-09 21:54 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2014-03-09 21:54 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe
2014-03-09 21:54 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll
2014-03-09 21:54 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll
2014-03-09 21:54 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll
2014-03-09 21:54 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll
2014-03-09 21:54 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll
2014-03-09 21:54 . 2012-06-02 14:19 186752 ----a-w- c:\windows\system32\wuwebv.dll
2014-03-09 21:54 . 2012-06-02 14:15 36864 ----a-w- c:\windows\system32\wuapp.exe
2014-03-09 21:30 . 2014-03-18 21:11 -------- d-----w- c:\programdata\DatacardService
2014-03-09 21:26 . 2014-03-09 22:10 -------- d-----w- c:\programdata\NVIDIA
2014-03-09 21:15 . 2013-07-02 01:41 337752 ----a-w- c:\windows\system32\drivers\USBXHCI.SYS
2014-03-09 21:15 . 2013-07-02 01:41 213336 ----a-w- c:\windows\system32\drivers\UCX01000.SYS
2014-03-09 21:12 . 2012-07-26 05:00 411888 ----a-w- c:\windows\system32\drivers\iaStorV.sys
2014-03-09 21:10 . 2012-06-02 14:31 589824 ----a-w- c:\windows\system32\drivers\Rt630x64.sys
2014-03-09 21:07 . 2013-05-12 20:34 3514656 ----a-w- c:\windows\system32\nvsvc64.dll
2014-03-09 21:07 . 2013-05-12 20:34 63776 ----a-w- c:\windows\system32\nvshext.dll
2014-03-09 21:07 . 2013-05-12 20:34 67072 ----a-w- c:\windows\system32\nv3dappshextr.dll
2014-03-09 21:07 . 2013-05-12 20:34 1025312 ----a-w- c:\windows\system32\nv3dappshext.dll
2014-03-09 21:07 . 2013-05-12 20:34 6491936 ----a-w- c:\windows\system32\nvcpl.dll
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-03-24 21:30 . 2014-03-24 21:30 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2014-03-10 10:52 . 2013-10-12 05:19 29280 ----a-w- c:\windows\system32\drivers\klkbdflt.sys
2014-03-10 10:52 . 2013-06-06 16:38 178272 ----a-w- c:\windows\system32\drivers\kneps.sys
2014-03-10 10:52 . 2013-10-12 05:19 458336 ----a-w- c:\windows\system32\drivers\kl1.sys
2014-03-09 22:42 . 2013-09-17 05:48 795632 ----a-w- c:\windows\system32\drivers\iusb3xhc.sys
2014-03-09 22:42 . 2013-09-17 05:48 358896 ----a-w- c:\windows\system32\drivers\iusb3hub.sys
2014-03-09 22:42 . 2013-09-17 05:48 20464 ----a-w- c:\windows\system32\drivers\iusb3hcs.sys
2014-03-09 22:42 . 2009-07-14 12:21 1721576 ----a-w- c:\windows\system32\WdfCoInstaller01009.dll
2014-03-09 22:39 . 2013-12-18 10:34 107552 ----a-w- c:\windows\system32\RTNUninst64.dll
2014-03-09 22:39 . 2013-12-18 10:34 73800 ----a-w- c:\windows\system32\RtNicProp64.dll
2014-03-09 22:39 . 2013-12-18 10:34 888536 ----a-w- c:\windows\system32\drivers\Rt64win7.sys
2014-03-09 22:35 . 2013-10-21 08:00 4022272 ----a-w- c:\windows\system32\drivers\athrx.sys
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2014-03-09 292088]
"USB Security"="c:\program files (x86)\USB Disk Security\USBGuard.exe" [2012-07-31 658632]
"AnyConnect SMC"="c:\program files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" [2011-01-11 518392]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 Mobile Partner. RunOuc;Mobile Partner. OUC;c:\program files (x86)\Mobile Partner\UpdateDog\ouc.exe;c:\program files (x86)\Mobile Partner\UpdateDog\ouc.exe [x]
R3 acsock;acsock;c:\windows\system32\DRIVERS\acsock64.sys;c:\windows\SYSNATIVE\DRIVERS\acsock64.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys;c:\windows\SYSNATIVE\DRIVERS\ew_hwusbdev.sys [x]
R3 ew_usbenumfilter;huawei_CompositeFilter;c:\windows\system32\DRIVERS\ew_usbenumfilter.sys;c:\windows\SYSNATIVE\DRIVERS\ew_usbenumfilter.sys [x]
R3 ewusbmbb;HUAWEI USB-WWAN miniport;c:\windows\system32\DRIVERS\ewusbwwan.sys;c:\windows\SYSNATIVE\DRIVERS\ewusbwwan.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 RTL8168;Realtek 8168 NT Driver;c:\windows\system32\DRIVERS\Rt630x64.sys;c:\windows\SYSNATIVE\DRIVERS\Rt630x64.sys [x]
R3 s1018bus;Sony Ericsson Device 1018 driver (WDM);c:\windows\system32\DRIVERS\s1018bus.sys;c:\windows\SYSNATIVE\DRIVERS\s1018bus.sys [x]
R3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s1018mdfl.sys;c:\windows\SYSNATIVE\DRIVERS\s1018mdfl.sys [x]
R3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s1018mdm.sys;c:\windows\SYSNATIVE\DRIVERS\s1018mdm.sys [x]
R3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s1018mgmt.sys;c:\windows\SYSNATIVE\DRIVERS\s1018mgmt.sys [x]
R3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS);c:\windows\system32\DRIVERS\s1018nd5.sys;c:\windows\SYSNATIVE\DRIVERS\s1018nd5.sys [x]
R3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s1018obex.sys;c:\windows\SYSNATIVE\DRIVERS\s1018obex.sys [x]
R3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM);c:\windows\system32\DRIVERS\s1018unic.sys;c:\windows\SYSNATIVE\DRIVERS\s1018unic.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 UCX01000;USB Controller Extension;c:\windows\system32\DRIVERS\ucx01000.sys;c:\windows\SYSNATIVE\DRIVERS\ucx01000.sys [x]
R3 USBXHCI;USB xHCI Compliant Host Controller;c:\windows\system32\DRIVERS\USBXHCI.SYS;c:\windows\SYSNATIVE\DRIVERS\USBXHCI.SYS [x]
R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 klflt;klflt;c:\windows\system32\DRIVERS\klflt.sys;c:\windows\SYSNATIVE\DRIVERS\klflt.sys [x]
S0 iusb3hcs;Pilote de commutateur de contrôleur d'hôte Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys;c:\windows\SYSNATIVE\DRIVERS\klim6.sys [x]
S1 klpd;klpd;c:\windows\system32\DRIVERS\klpd.sys;c:\windows\SYSNATIVE\DRIVERS\klpd.sys [x]
S1 kltdi;kltdi;c:\windows\system32\DRIVERS\kltdi.sys;c:\windows\SYSNATIVE\DRIVERS\kltdi.sys [x]
S1 kneps;kneps;c:\windows\system32\DRIVERS\kneps.sys;c:\windows\SYSNATIVE\DRIVERS\kneps.sys [x]
S2 FoxitCloudUpdateService;Foxit Cloud Safe Update Service;c:\program files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe;c:\program files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [x]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe;c:\windows\SYSNATIVE\Hpservice.exe [x]
S2 HWDeviceService64.exe;HWDeviceService64.exe;c:\programdata\DatacardService\HWDeviceService64.exe;c:\programdata\DatacardService\HWDeviceService64.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 OMSI download service;Sony Ericsson OMSI download service;c:\program files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe;c:\program files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [x]
S2 TeamViewer9;TeamViewer 9;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jubusenum.sys [x]
S3 iusb3hub;Pilote de concentrateur Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Pilote du contrôleur d'hôte extensible Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 klkbdflt;Kaspersky Lab KLKBDFLT;c:\windows\system32\DRIVERS\klkbdflt.sys;c:\windows\SYSNATIVE\DRIVERS\klkbdflt.sys [x]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys;c:\windows\SYSNATIVE\DRIVERS\klmouflt.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\DRIVERS\seehcri.sys;c:\windows\SYSNATIVE\DRIVERS\seehcri.sys [x]
.
.
--- Autres Services/Pilotes en mémoire ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-03-16 09:04 1150280 ----a-w- c:\program files (x86)\Google\Chrome\Application\33.0.1750.154\Installer\chrmstp.exe
.
Contenu du dossier 'Tâches planifiées'
.
2014-04-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-03-09 21:58]
.
2014-04-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-03-09 21:58]
.
2014-04-01 c:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
- c:\program files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-04-16 10:54]
.
2014-04-01 c:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
- c:\program files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-04-16 10:54]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2012-10-01 19:47 2322576 ----a-w- c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2012-10-01 19:47 2322576 ----a-w- c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2012-10-01 19:47 2322576 ----a-w- c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-12-14 172144]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-12-14 399984]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-12-14 441968]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Examen supplémentaire -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.buenosearch.com/?babsrc=HP_ss&mntrId=00E22016D81E2A57&affID=128235&tsp=5182
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>
IE: &Envoyer à OneNote - c:\progra~2\MICROS~2\Office14\ONBttnIE.dll/105
IE: E&xporter vers Microsoft Excel - c:\progra~2\MICROS~2\Office14\EXCEL.EXE/3000
TCP: Interfaces\{89C5AA22-C7FC-43C4-B9BD-4F8470ECD866}: NameServer = 192.168.27.6 172.25.1.60
TCP: Interfaces\{C8748767-1CF7-4FD0-8608-224058E0A5CB}: NameServer = 192.168.27.6 172.25.1.60
TCP: Interfaces\{E9FFDAF4-40F0-422D-9603-B0E9D0C88495}: NameServer = 172.25.1.60 192.168.27.6
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL
DPF: 55963676-2F5E-4BAF-AC28-CF26AA587566 - vpnweb.cab
.
- - - - ORPHELINS SUPPRIMES - - - -
.
BHO-{4e6cd411-ce62-4584-97ff-6afbcf6900af} - (no file)
BHO-{e76b4f24-4a2f-4e65-ad36-e2aa934e547c} - (no file)
Wow6432Node-HKCU-Run-DriverMax_RESTART - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
.
.
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Autres processus actifs ------------------------
.
c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe
c:\program files (x86)\YourFileDownloader\YourFileUpdater.exe
c:\program files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler.exe
c:\programdata\Mobile Partner\OnlineUpdate\ouc.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Heure de fin: 2014-04-01 22:43:51 - La machine a redémarré
ComboFix-quarantined-files.txt 2014-04-01 21:43
.
Avant-CF: 61 303 148 544 octets libres
Après-CF: 61 814 132 736 octets libres
.
- - End Of File - - 3DE19AB8B402A34FBC1028D9733BDDC3
A36C5E4F47E84449FF07ED3517B43A31


Salutation