ComboFix 16-01-01.01 - Valentin 05/01/2016 18:22:30.1.8 - x64 Microsoft Windows 7 Édition Intégrale 6.1.7600.0.1252.33.1036.18.16335.13562 [GMT 1:00] Lancé depuis: c:\users\Valentin\Downloads\ComboFix.exe SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((( Fichiers créés du 2015-12-05 au 2016-01-05 )))))))))))))))))))))))))))))))))))) . . 2016-01-05 17:24 . 2016-01-05 17:24 -------- d-----w- c:\users\Default\AppData\Local\temp 2016-01-05 16:15 . 2015-07-23 00:46 572232 ----a-w- c:\windows\SysWow64\nvStreaming.exe 2016-01-05 15:44 . 2016-01-05 15:44 -------- d-----w- c:\windows\Migration 2016-01-03 20:58 . 2015-12-16 14:53 75056 ----a-w- c:\windows\system32\nv3dappshextr.dll 2016-01-03 20:58 . 2015-12-16 14:53 523384 ----a-w- c:\windows\system32\nv3dappshext.dll 2016-01-03 20:58 . 2015-12-16 17:34 39240 ----a-w- c:\windows\system32\nvhdap64.dll 2016-01-03 20:58 . 2015-12-16 17:34 205456 ----a-w- c:\windows\system32\drivers\nvhda64v.sys 2016-01-03 20:58 . 2015-12-16 17:34 1915696 ----a-w- c:\windows\system32\nvdispco6436143.dll 2016-01-03 20:58 . 2015-12-16 17:34 1564976 ----a-w- c:\windows\system32\nvdispgenco6436143.dll 2016-01-03 20:58 . 2015-07-23 04:06 1101856 ----a-w- c:\windows\system32\nvumdshimx.dll 2016-01-03 20:11 . 2016-01-05 16:20 -------- d-----w- c:\program files (x86)\Common Files\Steam 2016-01-03 20:02 . 2016-01-03 20:08 -------- d-----w- c:\program files (x86)\Google 2016-01-03 19:55 . 2010-05-26 10:41 511328 ----a-w- c:\windows\system32\d3dx10_43.dll 2016-01-03 19:55 . 2010-05-26 10:41 470880 ----a-w- c:\windows\SysWow64\d3dx10_43.dll 2016-01-03 19:55 . 2010-05-26 10:41 276832 ----a-w- c:\windows\system32\d3dx11_43.dll 2016-01-03 19:55 . 2010-05-26 10:41 248672 ----a-w- c:\windows\SysWow64\d3dx11_43.dll 2016-01-03 19:55 . 2010-05-26 10:41 1998168 ----a-w- c:\windows\SysWow64\D3DX9_43.dll 2016-01-03 19:55 . 2010-05-26 10:41 2401112 ----a-w- c:\windows\system32\D3DX9_43.dll 2016-01-03 19:55 . 2015-07-24 04:21 1423304 ----a-w- c:\windows\SysWow64\nvspcap.dll 2016-01-03 19:55 . 2015-07-24 04:21 1316000 ----a-w- c:\windows\SysWow64\nvspbridge.dll 2016-01-03 19:54 . 2016-01-05 16:15 -------- d-----w- c:\programdata\NVIDIA Corporation 2016-01-03 19:53 . 2016-01-03 19:55 -------- d-----w- c:\program files\NVIDIA Corporation 2016-01-03 19:53 . 2016-01-03 19:53 -------- d-----w- C:\NVIDIA 2016-01-03 19:43 . 2016-01-03 19:43 -------- d-----w- c:\programdata\Hewlett-Packard 2016-01-03 19:43 . 2013-02-01 10:58 580608 ----a-w- c:\windows\system32\Spool\prtprocs\x64\hpcpp145.DLL 2016-01-03 19:42 . 2013-10-11 16:15 310272 ----a-w- c:\windows\system32\hpbcoins64.dll 2016-01-03 19:42 . 2013-02-01 10:57 427520 ----a-w- c:\windows\system32\hpcpn145.dll 2016-01-03 19:42 . 2013-02-01 10:51 427008 ----a-w- c:\windows\SysWow64\hpcc3145.dll 2016-01-03 19:42 . 2012-09-28 18:37 512000 ----a-w- c:\windows\SysWow64\hpcdmc32.DLL 2016-01-03 19:41 . 2016-01-03 19:43 -------- d-----w- c:\program files (x86)\HP 2016-01-03 19:41 . 2016-01-03 19:41 -------- d-----w- c:\programdata\HP 2016-01-03 19:38 . 2016-01-03 19:38 -------- d-----w- c:\program files (x86)\Microsoft Works 2016-01-03 19:38 . 2016-01-03 19:38 -------- d-----w- c:\windows\PCHEALTH 2016-01-03 19:37 . 2016-01-03 19:37 -------- d-----w- c:\program files\Microsoft Office 2016-01-03 19:37 . 2016-01-03 19:37 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 8 2016-01-03 19:36 . 2016-01-03 19:38 -------- d-----w- c:\programdata\Microsoft Help 2016-01-03 19:36 . 2016-01-03 19:36 -------- d-----r- C:\MSOCache 2016-01-03 19:32 . 2016-01-03 19:32 -------- d-----w- c:\program files (x86)\Common Files\Intel Corporation 2016-01-03 19:27 . 2014-02-03 04:46 44744 ----a-w- c:\windows\system32\drivers\ISCTD.sys 2016-01-03 19:27 . 2014-02-25 05:05 565560 ----a-r- c:\windows\system32\PROUnstl.exe 2016-01-03 19:27 . 2014-02-03 17:26 488216 ----a-w- c:\windows\system32\drivers\e1d62x64.sys 2016-01-03 19:27 . 2013-11-21 19:57 73480 ----a-w- c:\windows\system32\e1dmsg.dll 2016-01-03 19:27 . 2009-05-26 01:05 36472 ----a-w- c:\windows\system32\NicCo36.dll 2016-01-03 19:24 . 2014-02-21 05:56 20464 ----a-w- c:\windows\system32\drivers\iusb3hcs.sys 2016-01-03 19:24 . 2014-02-21 05:56 791024 ----a-w- c:\windows\system32\drivers\iusb3xhc.sys 2016-01-03 19:24 . 2014-02-21 05:56 370672 ----a-w- c:\windows\system32\drivers\iusb3hub.sys 2016-01-03 19:23 . 2016-01-03 19:23 -------- d-----w- C:\Intel 2016-01-03 19:23 . 2016-01-03 19:23 -------- d-----w- c:\windows\SysWow64\config\systemprofile\Intel 2016-01-03 19:23 . 2016-01-03 19:23 -------- d-----w- c:\program files (x86)\Common Files\PostureAgent 2016-01-03 19:23 . 2016-01-03 19:24 -------- d-----w- c:\program files (x86)\Intel 2016-01-03 19:21 . 2016-01-03 19:38 -------- d-----w- c:\programdata\Intel 2016-01-03 19:20 . 2016-01-03 19:38 -------- d-----w- c:\program files (x86)\Microsoft.NET 2016-01-03 19:20 . 2009-11-25 10:47 99176 ----a-w- c:\windows\SysWow64\PresentationHostProxy.dll 2016-01-03 19:20 . 2009-11-25 10:47 49472 ----a-w- c:\windows\SysWow64\netfxperf.dll 2016-01-03 19:20 . 2009-11-25 10:47 48960 ----a-w- c:\windows\system32\netfxperf.dll 2016-01-03 19:20 . 2009-11-25 10:47 297808 ----a-w- c:\windows\SysWow64\mscoree.dll 2016-01-03 19:20 . 2009-11-25 10:47 295264 ----a-w- c:\windows\SysWow64\PresentationHost.exe 2016-01-03 19:20 . 2009-11-25 10:47 1130824 ----a-w- c:\windows\SysWow64\dfshim.dll 2016-01-03 19:20 . 2009-11-25 10:47 109912 ----a-w- c:\windows\system32\PresentationHostProxy.dll 2016-01-03 19:20 . 2009-11-25 10:47 444752 ----a-w- c:\windows\system32\mscoree.dll 2016-01-03 19:20 . 2009-11-25 10:47 320352 ----a-w- c:\windows\system32\PresentationHost.exe 2016-01-03 19:20 . 2009-11-25 10:47 1942856 ----a-w- c:\windows\system32\dfshim.dll 2016-01-03 19:15 . 2016-01-03 19:32 -------- d-----w- c:\program files\Intel 2016-01-03 19:15 . 2016-01-05 15:43 -------- d-----w- c:\programdata\Package Cache 2016-01-03 19:14 . 2012-07-26 05:04 2560 ----a-w- c:\windows\system32\drivers\fr-FR\wdf01000.sys.mui 2016-01-03 19:14 . 2012-07-26 04:55 785512 ----a-w- c:\windows\system32\drivers\Wdf01000.sys 2016-01-03 19:14 . 2012-07-26 04:55 54376 ----a-w- c:\windows\system32\drivers\WdfLdr.sys 2016-01-03 19:14 . 2012-07-26 02:36 9728 ----a-w- c:\windows\system32\Wdfres.dll 2016-01-03 19:13 . 2016-01-03 19:13 -------- d-----w- c:\program files\PlayReady 2016-01-03 19:11 . 2009-08-15 06:41 1975296 ----a-w- c:\windows\system32\CertEnroll.dll 2016-01-03 19:09 . 2016-01-03 19:09 -------- d-----w- c:\windows\system32\drivers\zh-TW 2016-01-03 19:07 . 2016-01-03 19:18 -------- d-----w- c:\users\Valentin 2016-01-03 19:07 . 2016-01-03 19:07 -------- d-sh--we c:\users\Default\Voisinage réseau 2016-01-03 19:07 . 2016-01-03 19:07 -------- d-sh--we c:\users\Default\Voisinage d'impression 2016-01-03 19:07 . 2016-01-03 19:07 -------- d-sh--we c:\users\Default\Modèles 2016-01-03 18:52 . 2009-06-14 13:46 20480 ----a-r- c:\program files\Windows Sidebar\Gadgets\Wireless_Network_Meter_V3.1.gadget\NetLib.dll 2016-01-03 18:52 . 2009-06-14 13:46 20480 ----a-r- c:\program files\Windows Sidebar\Gadgets\Wired_Network_Meter_V3.1.gadget\NetLib.dll . . . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . . . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Steam"="d:\jeux\Steam\steam.exe" [2015-12-14 3013712] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2014-02-21 292848] "HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2011-10-28 49208] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x] R3 AsrSetupDrv;AsrSetupDrv;c:\windows\SysWOW64\Drivers\AsrSetupDrv.sys;c:\windows\SysWOW64\Drivers\AsrSetupDrv.sys [x] R3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\SocketHeciServer.exe;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [x] R3 iumsvc;Intel(R) Update Manager;c:\program files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe;c:\program files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [x] S0 iaStorA;iaStorA;c:\windows\system32\DRIVERS\iaStorA.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorA.sys [x] S0 iaStorF;iaStorF;c:\windows\system32\DRIVERS\iaStorF.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorF.sys [x] S0 iusb3hcs;Pilote de commutateur de contrôleur d'hôte Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x] S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x] S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x] S2 Intel(R) ME Service;Intel® ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [x] S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x] S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x] S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [x] S2 RtkAudioService;Realtek Audio Service;c:\program files\Realtek\Audio\HDA\RtkAudioService64.exe;c:\program files\Realtek\Audio\HDA\RtkAudioService64.exe [x] S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x] S3 e1dexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver D;c:\windows\system32\DRIVERS\e1d62x64.sys;c:\windows\SYSNATIVE\DRIVERS\e1d62x64.sys [x] S3 ISCT;Intel(R) Smart Connect Technology Device Driver;c:\windows\system32\DRIVERS\ISCTD.sys;c:\windows\SYSNATIVE\DRIVERS\ISCTD.sys [x] S3 iusb3hub;Pilote de concentrateur Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x] S3 iusb3xhc;Pilote du contrôleur d'hôte extensible Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x] S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x] S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x] . . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] 2016-01-03 20:08 1000264 ----a-w- c:\program files (x86)\Google\Chrome\Application\47.0.2526.106\Installer\chrmstp.exe . Contenu du dossier 'Tâches planifiées' . 2016-01-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2016-01-03 20:02] . 2016-01-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2016-01-03 20:02] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2013-07-26 13636824] "IAStorIcon"="c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" [2014-02-26 36352] "NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2015-07-24 2634896] "ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2015-07-24 1710568] . ------- Examen supplémentaire ------- . uLocal Page = c:\windows\system32\blank.htm mLocal Page = c:\windows\SysWOW64\blank.htm IE: E&xporter vers Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000 TCP: DhcpNameServer = 192.168.0.1 . - - - - ORPHELINS SUPPRIMES - - - - . Wow6432Node-HKLM-Run- - (no file) AddRemove-Steam - d:\jeux\Steam\uninstall.exe . . . --------------------- CLES DE REGISTRE BLOQUEES --------------------- . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Heure de fin: 2016-01-05 18:25:00 ComboFix-quarantined-files.txt 2016-01-05 17:25 . Avant-CF: 64 819 195 904 octets libres Après-CF: 65 699 205 120 octets libres . - - End Of File - - 9DA8F95D8A51722FF329862F4FD8F020 A36C5E4F47E84449FF07ED3517B43A31