Format du document : text/plain
Prévisualisation
ComboFix 16-03-07.01 - Jean-Marie 12/03/2016 17:39:29.1.2 - x64 NETWORK
Microsoft Windows 8 6.2.9200.0.1252.33.1036.18.3660.2719 [GMT 1:00]
Lancé depuis: c:\users\Jean-Marie\Desktop\ComboFix.exe
AV: Advanced SystemCare Ultimate *Enabled/Updated* {91A1210C-78DD-A71C-E865-63DB27C767EE}
AV: Emsisoft Anti-Malware *Disabled/Outdated* {2F44E1F9-850B-1C7A-0E56-EB2E0A3E20C9}
AV: IObit Malware Fighter *Enabled/Outdated* {4D381C57-3C7A-6F22-07EB-639F49E836D4}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Emsisoft Anti-Malware *Disabled/Outdated* {9425001D-A331-13F4-34E6-D05C71B96A74}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Un nouveau point de restauration a été créé
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\prefs.js
c:\programdata\ntuser.pol
c:\users\Jean-Marie\AppData\Local\assembly\tmp
.
.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_WiseBootAssistant
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2016-02-12 au 2016-03-12 ))))))))))))))))))))))))))))))))))))
.
.
2016-03-12 17:20 . 2016-03-12 17:20 -------- d-----w- c:\users\Default\AppData\Local\temp
2016-03-12 16:33 . 2016-03-12 16:33 -------- d-----w- c:\programdata\{BE2ACE5C-32B7-4777-9BDF-ECF87CDAB705}
2016-03-12 15:21 . 2016-03-12 15:21 -------- d-----w- c:\program files (x86)\Remo Repair ZIP 2.0
2016-03-12 15:06 . 2016-03-12 15:06 -------- d-----w- c:\program files (x86)\Remo Repair Word 2.0
2016-03-12 15:05 . 2016-03-12 15:05 -------- d-----w- c:\program files (x86)\Remo Repair AVI 2.0
2016-03-12 13:10 . 2015-11-05 14:00 143904 ----a-w- c:\windows\system32\drivers\KeyCrypt64.sys
2016-03-12 13:10 . 2016-03-12 13:10 -------- d-----w- c:\program files (x86)\KeyCryptSDK
2016-03-12 13:10 . 2016-03-12 13:10 -------- d-----w- c:\program files (x86)\Zemana AntiLogger Free
2016-03-12 12:26 . 2016-03-12 12:26 28272 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2016-03-12 12:23 . 2015-01-10 14:32 128288 ----a-w- c:\windows\system32\IObitSmartDefragExtension.dll
2016-03-12 12:23 . 2014-06-04 14:17 34080 ----a-w- c:\windows\system32\SmartDefragBootTime.exe
2016-03-12 12:23 . 2014-06-04 14:17 21184 ----a-w- c:\windows\system32\drivers\SmartDefragDriver.sys
2016-03-12 12:19 . 2016-03-12 12:20 -------- d-----w- c:\program files\DAEMON Tools Lite
2016-03-12 12:18 . 2016-03-12 12:19 -------- d-----w- c:\programdata\DAEMON Tools Lite
2016-03-12 12:16 . 2016-03-12 12:55 -------- d-----w- c:\program files\ByteFence
2016-03-12 10:32 . 2016-03-12 10:32 -------- d-----w- c:\program files (x86)\Common Files\CyberLink
2016-03-12 10:14 . 2016-03-12 10:32 -------- d-----w- c:\program files (x86)\NSIS Uninstall Information
2016-03-12 08:26 . 2016-03-12 13:35 -------- d-----w- c:\program files (x86)\RCP
2016-03-12 08:22 . 2016-03-12 08:22 -------- d-----w- C:\searchplugins
2016-03-12 08:14 . 2016-03-12 08:14 -------- d-----w- c:\program files (x86)\Opera
2016-03-12 08:13 . 2016-02-15 09:36 45992 ----a-w- c:\windows\system32\TURegOpt.exe
2016-03-12 08:13 . 2016-02-15 09:30 37288 ----a-w- c:\windows\system32\authuitu.dll
2016-03-12 08:13 . 2016-02-15 09:30 32680 ----a-w- c:\windows\SysWow64\authuitu.dll
2016-03-12 08:11 . 2016-03-12 08:13 -------- d-----w- c:\program files (x86)\AVG
2016-03-12 08:11 . 2016-03-12 08:13 -------- d-----w- c:\programdata\Avg
2016-03-12 08:09 . 2016-03-12 08:08 425744 ----a-w- c:\windows\system32\LavasoftTcpService64.dll
2016-03-12 08:08 . 2016-03-12 08:08 345360 ----a-w- c:\windows\SysWow64\LavasoftTcpService.dll
2016-03-12 08:08 . 2016-03-12 08:08 -------- d-----w- c:\program files (x86)\Lavasoft
2016-03-12 08:08 . 2016-03-12 08:08 -------- d-----w- c:\program files (x86)\FreeCodecPack
2016-03-12 08:08 . 2016-03-12 08:09 -------- d-----w- c:\program files (x86)\DVDVideoSoft
2016-03-12 08:08 . 2016-03-12 08:09 -------- d-----w- c:\program files (x86)\Common Files\DVDVideoSoft
2016-03-12 08:08 . 2016-03-12 08:08 -------- d-----w- c:\programdata\Lavasoft
2016-03-12 08:04 . 2016-03-12 08:04 -------- d-----w- C:\IDriveLocal
2016-03-12 08:01 . 2016-03-10 15:55 533776 ----a-w- c:\windows\SysWow64\msxml.dll
2016-03-12 08:01 . 2016-03-12 12:07 -------- d-----w- c:\program files (x86)\IDriveWindows
2016-03-12 08:01 . 2016-03-12 08:04 -------- d-----w- c:\programdata\IDrive
2016-03-12 07:27 . 2016-02-23 17:38 21072 ----a-w- c:\windows\system32\drivers\vsscanner.sys
2016-03-11 13:47 . 2016-03-11 13:47 -------- d-----w- c:\programdata\Solvusoft
2016-03-11 13:40 . 2016-03-11 13:40 -------- d-----w- c:\program files (x86)\SupersonicPC
2016-03-11 13:35 . 2016-03-12 12:05 -------- d-----w- C:\UsbFix
2016-03-11 13:17 . 2015-07-02 13:14 20248 ----a-w- c:\windows\system32\roboot64.exe
2016-03-11 13:17 . 2011-02-08 12:29 16896 ----a-w- c:\windows\system32\sasnative64.exe
2016-03-11 13:17 . 2016-03-12 07:20 -------- d-----w- c:\program files (x86)\Advanced System Optimizer 3
2016-03-11 13:17 . 2016-03-11 13:17 -------- d-----w- c:\programdata\Systweak
2016-03-11 13:15 . 2001-09-05 03:18 77824 ----a-w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll
2016-03-11 13:15 . 2001-09-05 03:18 225280 ----a-w- c:\program files (x86)\Common Files\InstallShield\IScript\iscript.dll
2016-03-11 13:15 . 2001-09-05 03:14 176128 ----a-w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll
2016-03-11 13:15 . 2001-09-05 03:13 32768 ----a-w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll
2016-03-11 13:15 . 2007-03-13 19:54 610436 ----a-w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\IKernel.exe
2016-03-11 10:43 . 2016-03-11 11:30 1024 ------w- C:\AMTAG.BIN
2016-03-11 10:43 . 2015-12-11 08:57 1920624 ----a-w- c:\windows\ampa.exe
2016-03-11 10:43 . 2015-11-10 08:36 19568 ----a-w- c:\windows\SysWow64\ampa.sys
2016-03-11 10:43 . 2015-11-10 08:36 19568 ----a-w- c:\windows\system32\ampa.sys
2016-03-11 10:42 . 2016-03-11 11:30 -------- d-----w- c:\program files (x86)\AOMEI Partition Assistant Standard Edition 6.0
2016-03-11 10:38 . 2016-03-11 10:38 -------- d-----w- C:\TsTemp
2016-03-11 07:47 . 2016-03-11 07:47 -------- d-----w- c:\program files (x86)\Avanquest update
2016-03-11 07:46 . 2016-03-11 12:56 -------- d-----w- c:\program files (x86)\Common Files\AntiVirus
2016-03-11 07:41 . 2016-03-11 07:41 -------- d-----w- C:\Log
2016-03-11 07:16 . 2016-03-11 12:51 -------- d-----w- c:\program files (x86)\Stellar Phoenix Windows Data Recovery - Professional
2016-03-10 17:35 . 2016-03-10 17:35 -------- d-----w- c:\programdata\BDLogging
2016-03-10 17:35 . 2014-10-15 21:14 452040 ----a-w- c:\windows\system32\drivers\trufos.sys
2016-03-10 17:34 . 2016-03-12 12:47 -------- d-----w- c:\programdata\ProductData
2016-03-10 17:09 . 2016-03-10 17:09 -------- d-s---w- c:\windows\SysWow64\AI_RecycleBin
2016-03-10 16:54 . 2016-03-10 16:54 -------- d-----w- c:\windows\ERUNT
2016-03-10 14:25 . 2016-03-12 10:31 -------- d-----w- c:\program files (x86)\CyberLink
2016-03-10 12:32 . 2016-03-12 13:34 -------- d-----w- C:\UnZacMe
2016-03-09 05:05 . 2015-05-11 14:43 12240 ----a-w- c:\windows\WiseUnlock64.sys
2016-03-09 05:04 . 2016-03-09 05:04 12208 ----a-w- c:\windows\WiseFs64.sys
2016-03-08 18:08 . 2016-03-08 18:54 -------- d-----w- C:\CCE_Quarantine
2016-03-08 17:03 . 2016-03-12 13:43 -------- d-----w- c:\programdata\VoodooShield
2016-03-08 17:03 . 2016-03-12 07:27 -------- d-----w- c:\program files\VoodooShield
2016-03-06 18:56 . 2016-03-06 18:56 -------- d-----w- c:\program files (x86)\ESET
2016-03-06 18:13 . 2016-03-06 18:13 -------- d-----w- c:\program files (x86)\e-Carte Bleue LCL
2016-03-06 16:37 . 2016-03-10 13:33 -------- d-----w- c:\program files (x86)\AdwCleaner
2016-03-06 15:52 . 2016-03-07 12:38 -------- d-----w- C:\SysLogs
2016-03-06 13:57 . 2016-03-12 08:16 -------- d-----w- c:\programdata\Package Cache
2016-03-06 13:56 . 2016-03-12 10:30 -------- d-----w- c:\programdata\SUPPORTDIR
2016-03-06 13:49 . 2016-03-06 13:49 -------- d-----w- c:\programdata\Baidu Cleaner
2016-03-06 06:26 . 2006-11-29 12:06 469264 ----a-w- c:\windows\system32\d3dx10.dll
2016-03-06 06:25 . 2006-03-31 11:41 3927248 ----a-w- c:\windows\system32\d3dx9_30.dll
2016-03-06 06:19 . 2016-03-06 06:19 -------- d-----w- c:\program files (x86)\Micro Application
2016-03-06 06:18 . 2016-03-06 06:18 -------- d-----w- c:\program files (x86)\File Identifier
2016-03-06 06:15 . 2016-03-06 06:15 -------- d-----w- c:\program files (x86)\IMSIDesign
2016-03-06 06:01 . 2016-03-06 06:01 -------- d-----w- c:\program files (x86)\Tenorshare Data Recovery WinPE
2016-03-06 05:59 . 2016-03-07 12:37 -------- d-----w- c:\program files (x86)\Android Data Recovery
2016-03-06 05:57 . 2016-03-07 12:37 -------- d-----w- c:\program files (x86)\Android Data Recovery Pro
2016-03-06 05:56 . 2016-03-09 05:04 -------- d-----w- c:\program files (x86)\Any Data Recovery Pro
2016-03-05 16:07 . 2016-03-08 19:09 -------- d-----w- c:\program files\RogueKiller
2016-03-05 16:07 . 2016-03-05 17:14 -------- d-----w- c:\programdata\RogueKiller
2016-03-05 07:39 . 2016-03-05 07:39 -------- d-----w- c:\program files\Zemana AntiMalware
2016-03-05 07:39 . 2016-03-05 07:52 -------- d-----w- c:\programdata\Zemana AntiMalware
2016-03-05 07:19 . 2016-03-11 07:57 -------- d-----w- c:\program files (x86)\Emsisoft Anti-Malware
2016-03-04 14:38 . 2016-03-04 14:39 -------- d-----w- c:\program files\Reason
2016-03-04 13:21 . 2016-03-04 13:21 -------- d-----w- c:\program files (x86)\Auslogics
2016-03-04 13:10 . 2015-09-15 14:51 149184 ----a-w- c:\windows\system32\drivers\K7Sentry.sys
2016-03-04 13:10 . 2015-01-22 05:39 110544 ----a-w- c:\windows\system32\drivers\K7FWHlpr.sys
2016-03-04 13:10 . 2011-12-29 04:38 22624 ----a-w- c:\windows\system32\K7TSDbg.exe
2016-03-04 13:10 . 2009-04-18 15:31 15904 ----a-w- c:\windows\system32\drivers\K7TdiHlp.sys
2016-03-04 13:09 . 2016-03-12 07:18 -------- d-----w- c:\programdata\K7 Computing
2016-03-04 13:09 . 2016-03-04 13:09 -------- d-----w- c:\program files (x86)\K7 Computing
2016-03-04 07:40 . 2016-03-04 07:40 -------- d-----w- c:\programdata\VS Revo Group
2016-03-04 07:39 . 2009-12-30 09:21 31800 ----a-w- c:\windows\system32\drivers\revoflt.sys
2016-03-04 07:38 . 2016-03-04 07:38 -------- d-----w- c:\program files\VS Revo Group
2016-03-03 09:44 . 2016-03-03 09:44 -------- d-----w- c:\programdata\Panda Security
2016-03-03 09:40 . 2016-02-22 02:03 176096 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2016-03-03 09:40 . 2016-02-22 02:03 826328 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2016-03-03 08:52 . 2014-06-14 14:03 260696 ----a-w- c:\windows\system32\unrar64.dll
2016-03-03 08:42 . 2016-03-12 12:55 -------- d-----w- c:\program files (x86)\MP3jam
2016-03-03 08:20 . 2013-04-29 08:17 47632 ----a-w- c:\windows\system32\drivers\PSKMAD.sys
2016-03-03 08:19 . 2016-03-03 08:19 -------- d-----w- c:\windows\SysWow64\DASBOOT
2016-03-03 08:15 . 2016-03-04 09:27 -------- d-----w- c:\program files\Lavasoft
2016-03-03 08:13 . 2016-03-03 08:13 -------- d-----w- c:\program files (x86)\Panda Security
2016-03-03 07:58 . 2016-03-03 07:58 -------- d-----w- c:\program files (x86)\Panda USB Vaccine
2016-03-03 07:50 . 2015-03-05 05:12 421784 ----a-w- c:\windows\system32\BdSandboxDll64.dll
2016-03-03 07:50 . 2015-03-05 05:12 332320 ----a-w- c:\windows\SysWow64\BdSandboxDll32.dll
2016-03-03 07:34 . 2014-10-23 03:52 89920 ----a-w- c:\windows\system32\drivers\AppProtectEx.sys
2016-03-03 06:55 . 2016-03-07 12:37 -------- d-----w- c:\programdata\RpData
2016-03-03 06:53 . 2016-03-04 09:43 -------- d-----w- c:\programdata\Baidu
2016-03-03 06:41 . 2016-03-03 09:09 -------- d-----w- C:\AVG_Remover
2016-03-01 09:23 . 2016-03-01 09:23 -------- d-----w- C:\sources
2016-02-29 17:16 . 2016-02-29 17:16 -------- d-----w- c:\users\Default\AppData\Roaming\Avanquest
2016-02-29 13:54 . 2013-05-15 17:34 490208 ----a-w- c:\windows\SysWow64\GSService.exe
2016-02-29 13:54 . 2016-02-29 13:54 -------- d-----w- c:\program files (x86)\Online Video Recorder
2016-02-29 13:43 . 2016-02-29 13:43 -------- d-----w- c:\program files (x86)\XviD
2016-02-29 13:43 . 2002-11-08 14:18 51712 ----a-w- c:\windows\SysWow64\MMSwitch.ax
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-02-22 13:14 . 2013-08-22 12:40 40664 ----a-w- c:\windows\system32\drivers\tap0901.sys
2016-02-22 12:33 . 2014-10-07 11:14 826040 ----a-w- c:\windows\system32\drivers\vdbus.sys
2016-02-22 12:33 . 2014-10-07 10:56 1720192 ----a-w- c:\windows\system32\WdfCoInstaller01009.dll
2016-02-21 14:19 . 2014-07-09 12:04 25992 ----a-w- c:\windows\system32\drivers\uim_devim.sys
2016-02-21 14:18 . 2014-07-09 12:04 700296 ----a-w- c:\windows\system32\drivers\uim_im.sys
2016-02-21 14:18 . 2014-07-09 12:04 556296 ----a-w- c:\windows\system32\drivers\UimFIO.sys
2016-02-21 14:18 . 2014-07-09 12:04 102664 ----a-w- c:\windows\system32\drivers\UimBus.sys
2016-02-21 14:17 . 2014-07-09 12:03 1720072 ----a-w- c:\windows\system32\vimsdk.dll
2016-02-21 14:17 . 2014-07-09 12:03 2152176 ----a-w- c:\windows\system32\WudfUpdate_01009.dll
2016-02-21 14:17 . 2014-07-09 12:03 937224 ----a-w- c:\windows\system32\Vim.RWBlock.dll
2016-02-21 14:17 . 2014-07-09 12:03 401672 ----a-w- c:\windows\system32\drivers\UMDF\blockmounter.dll
2016-02-21 14:17 . 2014-07-09 12:03 79112 ----a-w- c:\windows\system32\vimbase.dll
2016-02-18 15:25 . 2012-07-26 08:13 24288 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Advanced SystemCare Ultimate"="c:\program files (x86)\IObit\Advanced SystemCare Ultimate\ASCTray.exe" [2016-01-15 2427168]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2016-02-12 8641240]
"ZoneAlarm Backup Startup"="c:\zonealarmbackup\ZABackupStartup.exe" [2010-03-11 177680]
"Web Companion"="c:\program files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe" [2016-03-12 1474320]
"Power2GoExpress10"="c:\program files (x86)\CyberLink\Power2Go10\Power2GoExpress10.exe" [2016-01-28 3065272]
"Chromium"="c:\users\jean-marie\appdata\local\chromium\application\chrome.exe" [2016-01-26 1043456]
"DAEMON Tools Lite Automount"="c:\program files\DAEMON Tools Lite\DTAgent.exe" [2016-03-01 4290240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AvgUi"="c:\program files (x86)\AVG\Framework\Common\avguirnx.exe" [2016-02-18 179624]
"VideoMeetingPlusService"="c:\program files (x86)\CyberLink\VideoMeetingPlus\VideoMeetingPlusService.exe" [2016-02-15 343480]
"YouCam Service7"="c:\program files (x86)\CyberLink\YouCam7\YouCamService7.exe" [2015-09-16 458168]
"CLMLServer_For_P2G10"="c:\program files (x86)\CyberLink\Power2Go10\CLMLSvc_P2G10.exe" [2016-01-28 110008]
"ZALFree"="c:\program files (x86)\Zemana AntiLogger Free\AntiLogger Free.exe" [2015-11-05 8980016]
.
c:\users\Jean-Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
ZoneAlarm Backup Tray.lnk - c:\zonealarmbackup\ZABackupReg2ini.exe 2 [2016-3-12 280080]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\StartUp\
Malwarebytes Anti-Ransomware.lnk - c:\program files\Malwarebytes\Anti-Ransomware\mbarw.exe [2016-2-25 650208]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableCursorSuppression"= 1 (0x1)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableSecureUIAPath"= 1 (0x1)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSimpleNetIDList"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\progra~2\KeyCryptSDK\KeyCrypt32(2).dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0bootdelete
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SBAMSvc]
@="Service"
.
R0 AvanquestFltr;AvanquestFltr; [x]
R1 epp;epp;f:\bin64\epp.sys;f:\bin64\epp.sys [x]
R1 Uim_DEVIM;UIM Direct Device Image Plugin;c:\windows\System32\drivers\uim_devim.sys;c:\windows\SYSNATIVE\drivers\uim_devim.sys [x]
R2 K7EmlPxy;K7Computng - EMail Proxy Server;c:\program files (x86)\K7 Computing\K7TSecurity\K7EmlPxy.exe;c:\program files (x86)\K7 Computing\K7TSecurity\K7EmlPxy.exe [x]
R2 K7FWSrvc;K7Firewall Services;c:\program files (x86)\K7 Computing\K7TSecurity\K7FWSrvc.exe;c:\program files (x86)\K7 Computing\K7TSecurity\K7FWSrvc.exe [x]
R2 K7PSSrvc;K7Privacy Services;c:\program files (x86)\K7 Computing\K7TSecurity\K7PSSrvc.exe;c:\program files (x86)\K7 Computing\K7TSecurity\K7PSSrvc.exe [x]
R2 K7RTScan;K7RealTime AntiVirus Services;c:\program files (x86)\K7 Computing\K7TSecurity\K7RTScan.exe;c:\program files (x86)\K7 Computing\K7TSecurity\K7RTScan.exe [x]
R3 a2AntiMalware;Emsisoft Protection Service;c:\program files (x86)\Emsisoft Anti-Malware\a2service.exe;c:\program files (x86)\Emsisoft Anti-Malware\a2service.exe [x]
R3 ACT2_Service;Ashampoo Core Tuner 2 Service;c:\program files (x86)\Ashampoo\Ashampoo Core Tuner 2\ACT2Service.exe;c:\program files (x86)\Ashampoo\Ashampoo Core Tuner 2\ACT2Service.exe [x]
R3 ampa;ampa;c:\windows\system32\ampa.sys;c:\windows\SYSNATIVE\ampa.sys [x]
R3 avchv;avchv Function Driver; [x]
R3 BingDesktopUpdate;Bing Desktop Update service;c:\program files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe;c:\program files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [x]
R3 DfSdkS;Service de Défragmentation;c:\program files (x86)\Ashampoo\Ashampoo UnInstaller 6\DfSdkS64.exe;c:\program files (x86)\Ashampoo\Ashampoo UnInstaller 6\DfSdkS64.exe [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 dtproscsibus;DAEMON Tools Pro Virtual SCSI Bus;c:\windows\System32\drivers\dtproscsibus.sys;c:\windows\SYSNATIVE\drivers\dtproscsibus.sys [x]
R3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys;c:\windows\SYSNATIVE\epmntdrv.sys [x]
R3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys;c:\windows\SYSNATIVE\EuGdiDrv.sys [x]
R3 GSService;GSService;c:\windows\SysWOW64\GSService.exe;c:\windows\SysWOW64\GSService.exe [x]
R3 HitmanProScheduler;HitmanPro Scheduler;c:\program files\HitmanPro\hmpsched.exe;c:\program files\HitmanPro\hmpsched.exe [x]
R3 K7RKScan;K7RKScan;c:\program files (x86)\K7 Computing\K7TSecurity\64Bit\K7RKScan.sys;c:\program files (x86)\K7 Computing\K7TSecurity\64Bit\K7RKScan.sys [x]
R3 K7SpmSrc;K7SpmSrc;c:\program files (x86)\K7 Computing\K7TSecurity\K7SpmSrc.exe;c:\program files (x86)\K7 Computing\K7TSecurity\K7SpmSrc.exe [x]
R3 PDF Architect 4 CrashHandler;PDF Architect 4 CrashHandler;c:\program files\PDF Architect 4\crash-handler-ws.exe;c:\program files\PDF Architect 4\crash-handler-ws.exe [x]
R3 PDF Architect 4 Creator;PDF Architect 4 Creator;c:\program files\PDF Architect 4\creator-ws.exe;c:\program files\PDF Architect 4\creator-ws.exe [x]
R3 PDF Architect 4;PDF Architect 4;c:\program files\PDF Architect 4\ws.exe;c:\program files\PDF Architect 4\ws.exe [x]
R3 PSKMAD;PSKMAD;c:\windows\system32\DRIVERS\PSKMAD.sys;c:\windows\SYSNATIVE\DRIVERS\PSKMAD.sys [x]
R3 Rebit-Pro-Svc;Rebit Pro Backup Service;c:\program files\Rebit\Rebit Pro\Rebit-Pro-Svc.exe;c:\program files\Rebit\Rebit Pro\Rebit-Pro-Svc.exe [x]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys;c:\windows\SYSNATIVE\DRIVERS\revoflt.sys [x]
R3 rsEngineSvc;Reason Core Security Engine Service;c:\program files\Reason\Security\rsEngineSvc.exe;c:\program files\Reason\Security\rsEngineSvc.exe [x]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 VoodooShieldService;VoodooShieldService;c:\program files\VoodooShield\VoodooShieldService.exe;c:\program files\VoodooShield\VoodooShieldService.exe [x]
R3 VSScanner;VSScanner;c:\windows\system32\DRIVERS\vsscanner.sys;c:\windows\SYSNATIVE\DRIVERS\vsscanner.sys [x]
R3 WCGBootAssistant;Windows Care Genius Service;c:\program files (x86)\Windows Care Genius\BootTime.exe;c:\program files (x86)\Windows Care Genius\BootTime.exe [x]
R3 WiseHDInfo;WiseHDInfo;c:\windows\WiseHDInfo64.dll;c:\windows\WiseHDInfo64.dll [x]
R3 WUDFWpdMtp;WUDFWpdMtp;c:\windows\system32\DRIVERS\WUDFRd.sys;c:\windows\SYSNATIVE\DRIVERS\WUDFRd.sys [x]
R3 ZemanaAntiMalwareScheduler;Zemana AntiMalware Scheduler;c:\program files\Zemana AntiMalware\zemsched.exe;c:\program files\Zemana AntiMalware\zemsched.exe [x]
R4 sptd;sptd; [x]
S0 bdisk;COMODO Disk Raw Access Filter;c:\windows\system32\drivers\bdisk.sys;c:\windows\SYSNATIVE\drivers\bdisk.sys [x]
S0 CBUfs;CBUfs;c:\windows\system32\drivers\CBUFS.sys;c:\windows\SYSNATIVE\drivers\CBUFS.sys [x]
S0 cbvd;COMODO Encrypted Virtual Disk;c:\windows\system32\DRIVERS\cbvd.sys;c:\windows\SYSNATIVE\DRIVERS\cbvd.sys [x]
S0 K7FWHlpr;K7FWHlpr;c:\windows\system32\drivers\K7FWHlpr.sys;c:\windows\SYSNATIVE\drivers\K7FWHlpr.sys [x]
S0 K7Sentry;K7AntiVirus MiniFilter Driver;c:\windows\system32\drivers\K7Sentry.sys;c:\windows\SYSNATIVE\drivers\K7Sentry.sys [x]
S0 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
S0 reparse;reparse;c:\windows\system32\DRIVERS\cbreparse.sys;c:\windows\SYSNATIVE\DRIVERS\cbreparse.sys [x]
S0 SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.sys;c:\windows\SYSNATIVE\Drivers\SmartDefragDriver.sys [x]
S1 AppProtectEx;AppProtectEx;c:\windows\System32\drivers\AppProtectEx.sys;c:\windows\SYSNATIVE\drivers\AppProtectEx.sys [x]
S1 cmderd;COMODO Internet Security Eradication Driver;c:\windows\system32\DRIVERS\cmderd.sys;c:\windows\SYSNATIVE\DRIVERS\cmderd.sys [x]
S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys;c:\windows\SYSNATIVE\DRIVERS\cmdguard.sys [x]
S1 cmdhlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys;c:\windows\SYSNATIVE\DRIVERS\cmdhlp.sys [x]
S1 epp64;epp64;c:\program files (x86)\EMSISOFT ANTI-MALWARE\epp64.sys;c:\program files (x86)\EMSISOFT ANTI-MALWARE\epp64.sys [x]
S1 mbamchameleon;mbamchameleon;c:\windows\system32\drivers\mbamchameleon.sys;c:\windows\SYSNATIVE\drivers\mbamchameleon.sys [x]
S1 sbtis;sbtis;c:\windows\system32\drivers\sbtis.sys;c:\windows\SYSNATIVE\drivers\sbtis.sys [x]
S1 WiseUnlock;WiseUnlock;c:\windows\WiseUnlock64.sys;c:\windows\WiseUnlock64.sys [x]
S2 ACT2PM;Ashampoo CoreTuner 2 ProcessMonitor Driver;c:\program files (x86)\Ashampoo\Ashampoo Core Tuner 2\ACT2ProcessMonitor64.sys;c:\program files (x86)\Ashampoo\Ashampoo Core Tuner 2\ACT2ProcessMonitor64.sys [x]
S2 AdvancedSystemCareService9;Advanced SystemCare Service 9;c:\program files (x86)\IObit\Advanced SystemCare Ultimate\ASCService.exe;c:\program files (x86)\IObit\Advanced SystemCare Ultimate\ASCService.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 ASCAntivirusSrv;AdvancedSystemCareAntivirus;c:\program files (x86)\IObit\Advanced SystemCare Ultimate\ascavsvc.exe;c:\program files (x86)\IObit\Advanced SystemCare Ultimate\ascavsvc.exe [x]
S2 avgsvc;AVG Service;c:\program files (x86)\AVG\Framework\Common\avgsvca.exe;c:\program files (x86)\AVG\Framework\Common\avgsvca.exe [x]
S2 COSService.exe;COMODO Online Storage Service;c:\program files\COMODO\COMMON\COSService.exe;c:\program files\COMODO\COMMON\COSService.exe [x]
S2 DigitalWave.Update.Service;Digital Wave Update Service;c:\program files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe;c:\program files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [x]
S2 IDriveService;IDriveService;c:\program files (x86)\IDriveWindows\id_service.exe;c:\program files (x86)\IDriveWindows\id_service.exe [x]
S2 K7CrvSvc;K7Carnivore Service;c:\program files (x86)\K7 Computing\K7TSecurity\K7CrvSvc.exe;c:\program files (x86)\K7 Computing\K7TSecurity\K7CrvSvc.exe [x]
S2 LavasoftTcpService;LavasoftTcpService;c:\program files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe;c:\program files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe [x]
S2 LiveUpdateSvc;LiveUpdate;c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe;c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe [x]
S2 MB3Service;MB3Service;c:\program files\Malwarebytes\Anti-Ransomware\MBAMService.exe;c:\program files\Malwarebytes\Anti-Ransomware\MBAMService.exe [x]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
S2 SBAMSvc;Fix-It;c:\program files (x86)\Common Files\AntiVirus\SBAMSvc.exe;c:\program files (x86)\Common Files\AntiVirus\SBAMSvc.exe [x]
S2 SMService;SMService;c:\program files (x86)\IObit\Classic Start\SMService.exe;c:\program files (x86)\IObit\Classic Start\SMService.exe [x]
S2 SolvusoftWMDiskOptimizer;SolvusoftWMDiskOptimizer;c:\program files (x86)\SupersonicPC\SolvusoftWMDefragSrv64.exe;c:\program files (x86)\SupersonicPC\SolvusoftWMDefragSrv64.exe [x]
S2 SynchronizationService.exe;COMODO BackUp Service;c:\program files\COMODO\COMMON\SynchronizationService.exe;c:\program files\COMODO\COMMON\SynchronizationService.exe [x]
S2 TuneUp.UtilitiesSvc;AVG PC TuneUp Service;c:\program files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe;c:\program files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [x]
S2 UI5IFS;Ashampoo Uninstaller FileSystemChanges Driver;c:\program files (x86)\Ashampoo\Ashampoo UnInstaller 6\IFS64.sys;c:\program files (x86)\Ashampoo\Ashampoo UnInstaller 6\IFS64.sys [x]
S2 WCAssistantService;WC Assistant;c:\program files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe;c:\program files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe [x]
S2 WiseFs;WiseFs;c:\windows\WiseFs64.sys;c:\windows\WiseFs64.sys [x]
S2 ZoneAlarmBackup Service;ZoneAlarmBackup Service;c:\zonealarmbackup\ZABackup Service.exe;c:\zonealarmbackup\ZABackup Service.exe [x]
S3 farflt;farflt;c:\windows\system32\drivers\farflt.sys;c:\windows\SYSNATIVE\drivers\farflt.sys [x]
S3 keycrypt;keycrypt;c:\windows\system32\DRIVERS\KeyCrypt64.sys;c:\windows\SYSNATIVE\DRIVERS\KeyCrypt64.sys [x]
S3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C63x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C63x64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys;c:\program files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\System32\drivers\usbfilter.sys;c:\windows\SYSNATIVE\drivers\usbfilter.sys [x]
S3 vdbus;Virtual Disk Bus Enumerator;c:\windows\System32\drivers\vdbus.sys;c:\windows\SYSNATIVE\drivers\vdbus.sys [x]
S3 WSDScan;Prise en charge de la numérisation WSD;c:\windows\system32\DRIVERS\WSDScan.sys;c:\windows\SYSNATIVE\DRIVERS\WSDScan.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
apphost REG_MULTI_SZ apphostsvc
iissvcs REG_MULTI_SZ w3svc was
.
Contenu du dossier 'Tâches planifiées'
.
2016-03-11 c:\windows\Tasks\ASCU9_SkipUac_Jean-Marie.job
- c:\program files (x86)\IObit\Advanced SystemCare Ultimate\ASC.exe [2016-03-10 18:57]
.
2016-03-12 c:\windows\Tasks\Driver Booster Scheduler.job
- c:\program files (x86)\IObit\Driver Booster\Scheduler.exe [2016-03-12 09:05]
.
2016-03-12 c:\windows\Tasks\Driver Booster SkipUAC (Jean-Marie).job
- c:\program files (x86)\IObit\Driver Booster\DriverBooster.exe [2016-03-12 16:42]
.
2016-03-12 c:\windows\Tasks\Opera scheduled Autoupdate 1457770486.job
- c:\program files (x86)\Opera\launcher.exe [2016-03-12 07:09]
.
2016-03-12 c:\windows\Tasks\Scan de ByteFence.job
- c:\program files\ByteFence\ByteFence.exe [2015-12-31 18:19]
.
2016-03-11 c:\windows\Tasks\SupersonicPC.job
- c:\program files (x86)\SupersonicPC\SolvusoftWM.exe [2016-03-11 17:54]
.
2016-03-11 c:\windows\Tasks\Uninstaller_SkipUac_Jean-Marie.job
- c:\program files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2016-03-10 12:49]
.
2016-03-12 c:\windows\Tasks\VideoMeetingPlus.exe_20160312_111515_0009.job
- c:\program files (x86)\CyberLink\VideoMeetingPlus\VideoMeetingPlus.exe [2016-03-12 01:26]
.
2016-03-04 c:\windows\Tasks\Windows Care Genius.job
- c:\program files (x86)\Windows Care Genius\WCGTray.exe [2016-02-29 13:43]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ 0001IDSIcon1]
@="{0FA6DCC0-CF0B-427D-A8AF-97C466AB5769}"
[HKEY_CLASSES_ROOT\CLSID\{0FA6DCC0-CF0B-427D-A8AF-97C466AB5769}]
2016-03-10 15:54 874496 ----a-w- c:\program files (x86)\IDriveWindows\IDSyncIntIcon64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ 0001IDSIcon2]
@="{66357BBE-D2E5-453C-95FF-8102EB32419D}"
[HKEY_CLASSES_ROOT\CLSID\{66357BBE-D2E5-453C-95FF-8102EB32419D}]
2016-03-10 15:54 874496 ----a-w- c:\program files (x86)\IDriveWindows\IDSyncIntIcon64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ 0001IDSIcon3]
@="{904E6336-8B13-43FA-B4C3-5B62C1C91971}"
[HKEY_CLASSES_ROOT\CLSID\{904E6336-8B13-43FA-B4C3-5B62C1C91971}]
2016-03-10 15:54 874496 ----a-w- c:\program files (x86)\IDriveWindows\IDSyncIntIcon64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\COSDriveIconOverlay]
@="{5FDACB62-6B7B-4116-9403-C5E0D3852A57}"
[HKEY_CLASSES_ROOT\CLSID\{5FDACB62-6B7B-4116-9403-C5E0D3852A57}]
\\?\c:\program files\COMODO\COMMON\ShellExtension.dll [?]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\COSSyncItemInSyncIconOverlay]
@="{68F287EF-DA6D-4595-AF52-90FF6CE52AFE}"
[HKEY_CLASSES_ROOT\CLSID\{68F287EF-DA6D-4595-AF52-90FF6CE52AFE}]
\\?\c:\program files\COMODO\COMMON\ShellExtension.dll [?]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\COSSyncItemModifiedIconOverlay]
@="{AE67D273-7253-4236-B55E-D40055B305D6}"
[HKEY_CLASSES_ROOT\CLSID\{AE67D273-7253-4236-B55E-D40055B305D6}]
\\?\c:\program files\COMODO\COMMON\ShellExtension.dll [?]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\COSSyncItemNewIconOverlay]
@="{022F23E9-DA0F-4A86-A728-CAF6150C0B63}"
[HKEY_CLASSES_ROOT\CLSID\{022F23E9-DA0F-4A86-A728-CAF6150C0B63}]
\\?\c:\program files\COMODO\COMMON\ShellExtension.dll [?]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\COSSyncItemUnsynchronizedIconOverlay]
@="{4D7EE7CF-E7A1-45FE-8F80-3A37574918D7}"
[HKEY_CLASSES_ROOT\CLSID\{4D7EE7CF-E7A1-45FE-8F80-3A37574918D7}]
\\?\c:\program files\COMODO\COMMON\ShellExtension.dll [?]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"VoodooShield"="c:\program files\VoodooShield\VoodooShield.exe" [2016-02-23 1889800]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\progra~2\KeyCryptSDK\KeyCrypt64(2).dll
.
------- Examen supplémentaire -------
.
uStart Page = https://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_ir_16_10¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyE0CyBtB0Bzy0FzyyDyC0AtB0FtC0EyBtN0D0Tzu0StCyDtAtBtN1L2XzutAtFtCzytFtBtFtDtN1L1Czu1BtBtN1L1G1B1V1N2Y1L1Qzu2StAtD0C0CyC0CyB0DtGyBzy0DtBtGzyzy0CzztGyBtByE0EtGzzyC0B0ByDtB0EyD0DtA0A0E2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyCtDtAzyyE0FtByCtGyByB0E0AtGyE0FyCyEtG0B0DyE0EtGtB0F0Ezz0DyDyE0DtCtByE0F2QtN0A0LzutB%26cr%3D1622531168%26a%3Dwbf_ir_16_10%26os_ver%3D6.2%26os%3DWindows%2B8
mStart Page = https://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_ir_16_10¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyE0CyBtB0Bzy0FzyyDyC0AtB0FtC0EyBtN0D0Tzu0StCyDtAtBtN1L2XzutAtFtCzytFtBtFtDtN1L1Czu1BtBtN1L1G1B1V1N2Y1L1Qzu2StAtD0C0CyC0CyB0DtGyBzy0DtBtGzyzy0CzztGyBtByE0EtGzzyC0B0ByDtB0EyD0DtA0A0E2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyCtDtAzyyE0FtByCtGyByB0E0AtGyE0FyCyEtG0B0DyE0EtGtB0F0Ezz0DyDyE0DtCtByE0F2QtN0A0LzutB%26cr%3D1622531168%26a%3Dwbf_ir_16_10%26os_ver%3D6.2%26os%3DWindows%2B8
IE: Free YouTube Download - c:\program files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm
IE: Free YouTube to MP3 Converter - c:\program files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm
IE: {{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - c:\program files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
Trusted Zone: localhost
Trusted Zone: webcompanion.com
TCP: DhcpNameServer = 192.168.1.1 192.168.1.1
TCP: Interfaces\{B389AB24-C362-4FAB-B29C-601C91B5A911}: NameServer = 8.8.8.8,8.8.4.4
FF - ProfilePath - c:\users\Jean-Marie\AppData\Roaming\Mozilla\Firefox\Profiles\gl1x1oq0.default\
FF - prefs.js: browser.search.selectedEngine - Search Provided by Yahoo
FF - prefs.js: browser.startup.homepage - hxxps://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_ir_16_10¶m1=1¶m2=f%3D1%26b%3DFirefox%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyE0CyBtB0Bzy0FzyyDyC0AtB0FtC0EyBtN0D0Tzu0StCyDtAtBtN1L2XzutAtFtCzytFtBtFtDtN1L1Czu1BtBtN1L1G1B1V1N2Y1L1Qzu2StAtD0C0CyC0CyB0DtGyBzy0DtBtGzyzy0CzztGyBtByE0EtGzzyC0B0ByDtB0EyD0DtA0A0E2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyCtDtAzyyE0FtByCtGyByB0E0AtGyE0FyCyEtG0B0DyE0EtGtB0F0Ezz0DyDyE0DtCtByE0F2QtN0A0LzutB%26cr%3D1622531168%26a%3Dwbf_ir_16_10%26os_ver%3D6.2%26os%3DWindows%2B8
.
- - - - ORPHELINS SUPPRIMES - - - -
.
ShellIconOverlayIdentifiers-{F241C880-6982-4CE5-8CF7-7085BA96DA5A} - (no file)
ShellIconOverlayIdentifiers-{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} - (no file)
ShellIconOverlayIdentifiers-{BBACC218-34EA-4666-9D7A-C78F2274A524} - (no file)
Wow6432Node-HKU-Default-Run-ZoneAlarm Windows 10 Upgrader - c:\programdata\CheckPoint\ZoneAlarm\Data\Updates\unpacked==win10=update_win10.zip\upgrade.exe
SafeBoot-mbamchameleon
SafeBoot-vga.sys
SafeBoot-vgasave.sys
SafeBoot-BasicDisplay.sys
SafeBoot-BasicRender.sys
SafeBoot-dxgkrnl.sys
SafeBoot-FsDepends.sys
ShellIconOverlayIdentifiers-{F241C880-6982-4CE5-8CF7-7085BA96DA5A} - (no file)
ShellIconOverlayIdentifiers-{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} - (no file)
ShellIconOverlayIdentifiers-{BBACC218-34EA-4666-9D7A-C78F2274A524} - (no file)
.
.
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_USERS\S-1-5-21-3331589601-751847041-4288644589-1001_Classes\Wow6432Node\CLSID\{130F8154-E804-4BD5-A07B-35BE69039715}\{A730F6F3-255C-417C-8986-2C578500547E}*Hidden]
"{6D31FCD2-64F7-4E43-8E18-5A2BBA7D13C9}"="AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAAqxqw4EoULUa6b4Anl5VSmAAAAAACAAAAAAAQZgAAAAEAACAAAADot+b32H6SxRZd1ad9qF2dpd9E34PM6/WNbRkwWnntTwAAAAAOgAAAAAIAACAAAABlBetCxPawXBxdkzBBPyR3z8JojNJNpyyzAbWxrNHfUxAAAADYKmDX18mF39DjCeIrurnAQAAAAGIGQd833N0537YniP7My6Vl9HNAS3hAi2WaB6YN7anr9ISh5OHSRlKtYY0pzA29Sw/MUGe0MzDfFU1xtqumqG8="
"{2338F5D5-2437-4FC3-9005-A01804321264}"="AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAAqxqw4EoULUa6b4Anl5VSmAAAAAACAAAAAAAQZgAAAAEAACAAAAAmSDiRpDZotPxO8I5J9quwV6KmE9IotbhdP1hHd0zrqwAAAAAOgAAAAAIAACAAAAB9HXCkyWbECyKZGJunMkpbKEuPJd5nlpuTFEnrd6spZCAAAAAcGJ2GaC8SDMg6QTBOsYuPDzg9L9IhthrEqxgpMqM1XkAAAAB72CzM2bCI6q+ONvtehCfOZkGKlzjXgOfBDb1UZ0uXJzBPgmTl88aC6+QAniNXwdJz0eF4j+i6pf9J9oz5gUa6"
.
[HKEY_USERS\S-1-5-21-3331589601-751847041-4288644589-1001_Classes\Wow6432Node\CLSID\{130F8154-E804-4BD5-A07B-35BE69039715}\{A730F6F3-255C-417C-8986-2C578500547E}*Hidden\DeltaClock]
"LastSynchronizationClock"=hex(b):a0,2b,6d,b2,75,4a,d3,08
"DeltaClock"=hex(b):62,3d,53,fa,ff,ff,ff,ff
"LastNtpServer"="time.nist.gov"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\COMODO\CIS\Installer\Sym_Cam\CIS]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\System*]
"OOSE06.00.00.01PRO"="A75F2ADC91BE785E1CD35BFAF92052DFD53B8316DB18F52CBCC268F58B944AF68FA002DE45E2704EC86F70A5552B41A38F5185225443631EB7ED59EB6FCC603ED7B96C62482AD9D26A89670DD63BC53F8184D945EA6EBB8C855192B8B62154D10BA9092DE2D3996636A94F2340A382E6A97E1E40FDA103888B5BE40C75702BC097C577FB06B1533642273BD1FA4DDE86E73EF7460DFC825B1351A685E72C2F50CFB6DC7C432D74A30AB1407513B485BB7F980D823E2FC6814BC92FBD695BEC79EA7AE4D2514028C4EBCAF95CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CC038D530D6EB3452BA7FD869164D67945D575E7D6A3B98088EDD5E5BE2F6E66798867F4B037AA27FA78482BDCFE72B17EC2CB6F1ED6BE3171FFA3E0DB69D8D1A57D0F79D96F4A118715822132ADA123F744B26FC781785210D0359A42F0535AC18D9E66F779DCE03BA573913D951EF8793B57799ABB0A6D8ED2F15B81BE00C850F2073F1B5686C9713768C8B94C4F5F853F2B05209D68896E2BB5AAEE316866519B40609C21E3DA72EBCA57EF5035A0E5F219EE5737CF4A130F8542356DC1E04B2BF4B4DF45C8EF4E0C3D4A0FD2DDA3707EE4FC6B367B5B7BF4FF36525C0CC097E79B38B0693AB36A7BD2ADC113AB1D8BEA1161A77B31C889DB4EC7965211694C0B1F6441688E718216B7DCDF472A44B1E900A3CCC4FF9B97A39389610B0FC39644A8BAB275317388FA5E748D5F4F95A61A707BB2A7D2965AC7C112782F90A7BF6B9B0A99FE193A9DAD6C65042327C46E8E82CD8E6D40317ABB2F7CB7ED64C552B09E5DCC8F33C748CFEBE1F2FF1F84137E65B8C403F6A509428B158AAF6D0B4D6D8F093D19F711255AF34A273CB43F5F5CB3D00D5FDBE0729B745D38DDD2FFC72D85BD3CCCC98F20613517CC92FB200EED13B13AC21EA224DD4007A1665FD831E5172D530B89CF997E10582D0DCA1EC944A8657AC90D9020A82F0B99537DB91191B4685D7726AFCA3EC01BD0E6BED43F719919221067AF30DDAEC37C255E766CB252D847FE07348E9963BEB68C4FA7AD33792413D13413FA60B8B4A3411C6333F723F254CBBAC99CCD56D7D2A25AE7E0230848F1397A59C4C552A7D6A12221E20975A72429092A5D2B7971A831F742F82A428E29DCB2339168DE71145D626C042401FA8CDBE1F92A759799909193AE0FAC880CEB53A38B5419D29F888AC83AA9A2A73363CFC577B996F1C0B2FCCF35BB16553201EC16AA6AF8315DAE0B9EE5CC22780C1BFD23EEE9B41C6AE53C797DA13562D54F915419564CF9A94D9F2A04D791FB2A26E1DDE7046A988F934EA1F8E2F0BDB1DD33A4700892866B3E426D566200BBA66C48C46F7D117B416F6ED8A1BB909F363950D0DD5EAC4EFFDD7714F853CF810CC"
"OOSE10.00.00.01PRO"="1EA3FBA40C218DDA2E68199FE8D46289A94482D8331C0214604B584CD9786F5F713F08231A9680D92D58655F6D7B48550C67D3E20712842EB63C05B8E1F7A2C19DE2BF3FE226503C9936B98E8163212DABB3863C8C8BBC70BA2F8D71729FA4E7ED4A9544A5AD07029446646A06861E16989ADDBB65BDA5078BE4CC7F8D815B4133A4FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CC038D530D6EB3452BA7FD869164D67945D575E7D6A3B9808A6171C11EC38DE3D878DC659C3D543F096304CD70BCA2A727474D8CCE309577D2156FCF63850FCBDE9FBA0219FF5554D267F90F8D9DE3D6DFC999C32E448D998C18AC3F99EDE51DAE15FFABE772A0EFED97DF042B241148DC208747C3FD3EE17EC0D5DD492869ECE8A0611A19E18257D66AD8A80555999B735967F77B978CF6A6927076D83960FBBA3CFE06BCEB35737A5A23D3262623944E5301D1EFED53BF923BA43DCC4B5D1B410B02EF2A349640C13082C8A5D6EE2830AD2F3209B637220263957718D5E19C259B181411D778E51D1994172B2DE0D367B116D630467B92E27A9CEAA795D1BE02B6EA396A0301E4FA3A9A6832E6CAE13398FB47F8D7FDCE4FCA977BF0954137ED416A4E5773CDFC4731D4E1081234544E30B3C42F29CA8FB23E6E21B9DB940014BEE58544B3422E1CDEBEA184262D166C14F3A2BD2826E9FB62466D800D66440A4CFD4BC2F8738CA64257556695DD70D3DC0A46EAE4C046D7B391FC9DA4AC6879D26762D15797B1A8AE9A934549CDFBDE453BCF4EDE44278D912E7F4BE85329816F1DB68D720C55BBAEE88D2C4FBF8726814015C5A0D89C85BADE5121D4EF22413C6E766B2E7F790117DD504DF2BB0981F1F3673225AB8D8AD1EFC914F3D5FD5BACC4251C40D75AECD7219502F2E9E93042867C0D9B5B517A60D57131041CB48D9C155859424A59ED6BF9F7421DCD7B83274E0F9745AEB67BA3364EB7E1C930AE074D0180A9374BC35EAF7DD0561FC516E5F338D4E5BC6A0066156261EE31521634A28CDF09651DA150D77B0113D2C1D9B56B41DA69BBA8D46F922FE56013306973B12A2F93B303EC753B54460440ACCC6DA7DF99D543A6C5F758169F233D3A15CD20944B9E3091F427F8F25ED1D40069C056BAFBB124172D8DEF508A20AE257AFB14D9428C7562B9CE425119CC4FB646EFD9EF96937CCC45C543DB7F86D4E79B58CE1AA2272978315EED9FDB10AEBF3B2847DC777F6DE003A0AE083ED9588D0362B8D5267C1D13C0B1AD591D490C6B903EA313F965A7CB163C6A92E5D9089199DE9DB881E680DDE05F7862896D043281D962638DD3FAEDC6FE525AC84C14A817B3A1B7F4C6ED2E8ABAC1AD0E5179F2C63830DC0C65484F899D7A62888DC49AE831E5F9F602DB4CA4A7307CF1982"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
@SACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\CmdAgent\Mode\Configurations]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,59,00,53,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\CmdAgent\Mode\Data]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\CmdAgent\Mode\Options]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\Software\COMODO\Cam]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\Software\COMODO\Firewall Pro]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,59,00,53,00,\
.
------------------------ Autres processus actifs ------------------------
.
c:\progra~2\AVANQU~1\Fix-It\mxtask.exe
c:\program files (x86)\Malwarebytes Anti-Malware\mbam.exe
c:\program files (x86)\IObit\Classic Start\ClassicStart.exe
c:\progra~2\AVANQU~1\Fix-It\mxtask.exe
c:\program files (x86)\IObit\Classic Start\StartMenu_Hook.exe
c:\program files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
c:\zonealarmbackup\ZABackupTray.exe
c:\zonealarmbackup\ZABackupBackground.exe
.
**************************************************************************
.
Heure de fin: 2016-03-12 18:46:18 - La machine a redémarré
ComboFix-quarantined-files.txt 2016-03-12 17:46
.
Avant-CF: 897 973 309 440 octets libres
Après-CF: 898 510 970 880 octets libres
.
- - End Of File - - 6D130AB161DF6732734B5846890EDE6A
5FB38429D5D77768867C76DCBDB35194