Publicité
Publicité
Format du document : text/plain
Prévisualisation
ComboFix 17-03-28.01 - Administrateur 04/04/2017 21:37:52.1.4 - x64
Microsoft Windows 7 Professionnel 6.1.7601.1.1252.33.1036.18.8126.5949 [GMT 2:00]
Lancé depuis: c:\users\Administrateur\Desktop\ComboFix.exe
AV: Avira Antivirus *Disabled/Updated* {B3F630BD-538D-1B4A-14FA-14B63235278F}
SP: Avira Antivirus *Disabled/Updated* {0897D159-75B7-14C4-2E4A-2FC449B26D32}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2017-03-04 au 2017-04-04 ))))))))))))))))))))))))))))))))))))
.
.
2017-04-04 19:42 . 2017-04-04 19:42 -------- d-----w- c:\users\LOUNA\AppData\Local\temp
2017-04-04 17:59 . 2017-04-04 17:59 512 ----a-w- C:\PhysicalMBR.bin
2017-04-04 17:18 . 2017-04-04 17:18 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{36E18030-E552-408F-B19B-79BD8E4F8C8C}\offreg.2984.dll
2017-04-04 06:17 . 2017-03-22 11:05 12774864 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{36E18030-E552-408F-B19B-79BD8E4F8C8C}\mpengine.dll
2017-04-02 18:15 . 2017-04-02 18:15 -------- d-----w- c:\users\Administrateur\AppData\Local\HUE
2017-04-02 17:14 . 2017-04-02 17:14 -------- d-----w- c:\users\Administrateur\AppData\Local\ZHP
2017-04-02 16:57 . 2017-04-02 16:57 -------- d-----w- C:\boot
2017-04-02 16:53 . 2017-04-02 16:53 -------- d-----w- c:\users\LOUNA\AppData\Roaming\HPPSDr
2017-04-02 16:14 . 2017-04-02 16:14 -------- d-----w- c:\users\LOUNA\AppData\Local\Skype
2017-04-02 16:08 . 2017-04-02 16:08 -------- d-----w- c:\programdata\HUE
2017-04-02 16:07 . 2017-04-02 16:07 -------- d-----w- c:\users\LOUNA\AppData\Local\HUE
2017-04-02 16:07 . 2017-04-02 16:07 -------- d-----w- c:\program files (x86)\HUE Intuition
2017-04-02 10:49 . 2017-04-02 10:48 320424 ----a-w- c:\windows\system32\javaws.exe
2017-04-02 10:49 . 2017-04-02 10:48 111016 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2017-04-02 10:49 . 2017-04-02 10:48 189352 ----a-w- c:\windows\system32\javaw.exe
2017-04-02 10:49 . 2017-04-02 10:48 189352 ----a-w- c:\windows\system32\java.exe
2017-04-02 10:48 . 2017-04-02 10:48 -------- d-----w- c:\program files\Java
2017-04-02 10:25 . 2017-04-02 10:25 -------- d-----w- c:\program files (x86)\WinDirStat
2017-04-01 13:43 . 2017-04-01 13:43 -------- d-----w- c:\users\LOUNA\AppData\Roaming\Atheros
2017-04-01 13:36 . 2017-04-02 15:16 -------- d-----w- C:\AdwCleaner
2017-04-01 13:31 . 2017-04-01 13:31 -------- d-----w- c:\users\Administrateur\AppData\Roaming\Avira
2017-04-01 13:28 . 2017-03-22 07:55 51248 ----a-w- c:\windows\system32\drivers\avusbflt.sys
2017-04-01 13:28 . 2017-03-22 07:55 78600 ----a-w- c:\windows\system32\drivers\avnetflt.sys
2017-04-01 13:28 . 2017-03-22 07:55 35328 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2017-04-01 13:28 . 2017-03-22 07:55 176968 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2017-04-01 13:28 . 2017-03-22 07:55 148104 ----a-w- c:\windows\system32\drivers\avipbb.sys
2017-04-01 13:21 . 2017-04-04 17:06 -------- d-----w- c:\users\Public\Speedup Sessions
2017-04-01 13:04 . 2017-04-01 13:04 -------- d-----w- c:\program files (x86)\Common Files\Telespree
2017-04-01 11:58 . 2017-04-01 13:43 -------- d-----w- c:\programdata\Atheros
2017-04-01 11:58 . 2017-04-01 11:58 -------- d-----w- c:\users\Administrateur\AppData\Roaming\Atheros
2017-04-01 11:24 . 2017-04-01 11:26 -------- d-----w- c:\program files\Common Files\QCA_Bluetooth
2017-04-01 11:24 . 2017-04-01 11:24 -------- d-----w- c:\program files (x86)\Bluetooth Suite
2017-03-26 18:25 . 2017-03-26 18:25 -------- d-----w- C:\CAT-Logs
2017-03-26 17:29 . 2017-03-26 17:29 -------- d-----w- c:\program files\CCleaner
2017-03-26 17:05 . 2017-04-01 12:44 -------- d-----w- c:\program files (x86)\ERUNT
2017-03-24 16:59 . 2017-04-02 19:22 -------- d-----w- c:\windows\system32\catroot2
2017-03-24 16:33 . 2017-03-24 16:33 -------- d-----w- c:\windows\SysWow64\wbem\Performance
2017-03-24 07:32 . 2017-03-24 07:32 -------- d-----w- c:\users\Default
2017-03-23 21:57 . 2017-03-23 21:57 -------- d-----w- c:\program files (x86)\Tweaking.com
2017-03-23 18:03 . 2017-04-02 18:49 -------- d-----w- c:\program files (x86)\ZHPFix
2017-03-22 14:32 . 2017-04-02 10:18 -------- d-----w- c:\program files (x86)\Avira
2017-03-22 13:32 . 2017-03-22 14:16 -------- d-----w- c:\users\LOUNA\AppData\Roaming\ZHP
2017-03-16 09:36 . 2015-07-11 13:15 429568 ----a-w- c:\windows\system32\wksprt.exe
2017-03-16 09:36 . 2015-07-16 19:12 6131200 ----a-w- c:\windows\SysWow64\mstscax.dll
2017-03-16 09:36 . 2015-07-16 19:11 7077376 ----a-w- c:\windows\system32\mstscax.dll
2017-03-16 09:36 . 2015-07-16 19:11 1057792 ----a-w- c:\windows\system32\rdvidcrl.dll
2017-03-16 09:36 . 2015-07-16 19:12 856064 ----a-w- c:\windows\SysWow64\rdvidcrl.dll
2017-03-16 09:36 . 2015-07-16 19:12 53248 ----a-w- c:\windows\SysWow64\tsgqec.dll
2017-03-16 09:36 . 2015-07-16 19:11 62976 ----a-w- c:\windows\system32\tsgqec.dll
2017-03-16 07:06 . 2014-12-11 17:47 87040 ----a-w- c:\windows\system32\TSWbPrxy.exe
2017-03-14 21:07 . 2017-03-14 21:07 -------- d-----w- c:\users\Administrateur\AppData\Roaming\Dropbox
2017-03-14 21:05 . 2017-03-23 17:15 -------- d-----w- c:\program files (x86)\Dropbox
2017-03-14 21:05 . 2017-03-14 21:09 -------- d-----w- c:\users\Administrateur\AppData\Local\Dropbox
2017-03-14 21:05 . 2017-03-14 21:05 -------- d-----w- c:\programdata\Dropbox
2017-03-14 19:27 . 2017-03-14 19:27 -------- d-----w- c:\users\Administrateur\AppData\Local\Skype
2017-03-14 19:27 . 2017-03-14 19:55 -------- d-----w- c:\users\Administrateur\AppData\Roaming\Skype
2017-03-14 19:27 . 2017-03-14 19:27 -------- d-----w- c:\program files (x86)\Common Files\Skype
2017-03-14 19:27 . 2017-03-14 19:27 -------- d-----r- c:\program files (x86)\Skype
2017-03-14 19:26 . 2013-10-02 04:51 3584 ----a-w- c:\windows\system32\drivers\fr-FR\tsusbflt.sys.mui
2017-03-14 19:26 . 2013-10-02 01:10 44544 ----a-w- c:\windows\system32\TsUsbGDCoInstaller.dll
2017-03-14 19:26 . 2013-10-02 02:22 56832 ----a-w- c:\windows\system32\drivers\TsUsbFlt.sys
2017-03-14 19:26 . 2013-10-02 02:11 13824 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2017-03-14 19:26 . 2013-10-02 02:08 12800 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2017-03-14 19:26 . 2013-10-02 01:48 56832 ----a-w- c:\windows\system32\MsRdpWebAccess.dll
2017-03-14 19:26 . 2013-10-02 01:48 18944 ----a-w- c:\windows\system32\wksprtPS.dll
2017-03-14 19:26 . 2013-10-02 00:14 50176 ----a-w- c:\windows\SysWow64\MsRdpWebAccess.dll
2017-03-14 19:26 . 2013-10-02 00:14 17920 ----a-w- c:\windows\SysWow64\wksprtPS.dll
2017-03-14 19:26 . 2013-10-01 23:31 1147392 ----a-w- c:\windows\system32\mstsc.exe
2017-03-14 19:26 . 2013-10-01 22:34 1068544 ----a-w- c:\windows\SysWow64\mstsc.exe
2017-03-14 19:22 . 2015-08-05 17:56 22528 ----a-w- c:\windows\system32\icaapi.dll
2017-03-14 19:22 . 2015-08-05 17:06 39936 ----a-w- c:\windows\system32\drivers\tssecsrv.sys
2017-03-14 19:19 . 2015-12-16 18:53 7168 ----a-w- c:\windows\system32\kbdgeoqw.dll
2017-03-14 19:19 . 2015-12-16 18:53 7168 ----a-w- c:\windows\system32\KBDAZEL.DLL
2017-03-14 19:19 . 2015-12-16 18:53 7168 ----a-w- c:\windows\system32\KBDAZE.DLL
2017-03-14 19:19 . 2015-12-16 18:48 6656 ----a-w- c:\windows\SysWow64\kbdgeoqw.dll
2017-03-14 19:19 . 2015-12-16 18:48 6656 ----a-w- c:\windows\SysWow64\KBDAZEL.DLL
2017-03-14 18:56 . 2017-03-04 07:59 2895360 ----a-w- c:\windows\system32\iertutil.dll
2017-03-14 18:56 . 2017-03-04 07:51 34304 ----a-w- c:\windows\system32\iernonce.dll
2017-03-14 18:56 . 2017-03-02 18:01 47616 ----a-w- c:\windows\SysWow64\ieetwproxystub.dll
2017-03-14 18:54 . 2017-02-22 23:37 1285632 ----a-w- c:\windows\system32\aeinv.dll
2017-03-14 18:54 . 2017-02-18 14:05 1609216 ----a-w- c:\windows\system32\appraiser.dll
2017-03-14 18:54 . 2016-12-31 15:36 233984 ----a-w- c:\windows\system32\aepic.dll
2017-03-14 18:54 . 2017-02-22 23:42 84712 ----a-w- c:\windows\system32\CompatTelRunner.exe
2017-03-14 18:54 . 2017-02-18 14:05 646656 ----a-w- c:\windows\system32\generaltel.dll
2017-03-14 18:54 . 2016-12-31 15:36 335360 ----a-w- c:\windows\system32\invagent.dll
2017-03-14 18:54 . 2016-12-31 15:36 556544 ----a-w- c:\windows\system32\devinv.dll
2017-03-14 18:54 . 2016-12-31 15:36 293376 ----a-w- c:\windows\system32\centel.dll
2017-03-14 18:54 . 2016-12-31 15:36 133632 ----a-w- c:\windows\system32\acmigration.dll
2017-03-14 18:40 . 2017-03-14 18:40 -------- d-----w- c:\programdata\Intel
2017-03-14 18:36 . 2013-06-18 15:22 872152 ----a-w- c:\windows\system32\drivers\Rt64win7.sys
2017-03-14 18:36 . 2013-06-18 15:22 74456 ----a-w- c:\windows\system32\RtNicProp64.dll
2017-03-14 18:36 . 2017-03-14 18:36 -------- d-----w- c:\program files (x86)\Realtek
2017-03-14 18:17 . 2011-08-08 16:28 8192 ----a-w- c:\windows\system32\drivers\IntelMEFWVer.dll
2017-03-14 06:33 . 2017-03-14 06:33 -------- d-----w- c:\program files (x86)\Cisco
2017-03-14 06:33 . 2017-03-14 16:01 -------- d-----w- c:\program files (x86)\Qualcomm Atheros
2017-03-14 06:32 . 2017-03-14 06:34 -------- d-----w- c:\programdata\Qualcomm Atheros
2017-03-14 06:25 . 2017-03-14 06:26 -------- d-----w- c:\programdata\Recovery
2017-03-14 00:49 . 2017-03-14 00:49 -------- d-----w- c:\users\Administrateur\AppData\Local\ArcSoft
2017-03-13 22:43 . 2017-03-13 22:43 -------- d-----w- c:\users\LOUNA\AppData\Roaming\Notepad++
2017-03-13 22:43 . 2017-03-23 15:26 -------- d-----w- c:\users\Administrateur\AppData\Roaming\Notepad++
2017-03-13 22:43 . 2017-03-22 19:43 -------- d-----w- c:\program files\Notepad++
2017-03-13 22:35 . 2017-03-13 22:37 -------- d-----r- c:\users\Administrateur\Dropbox
2017-03-13 18:49 . 2017-03-22 14:51 -------- d-----w- c:\programdata\AVAST Software
2017-03-13 18:09 . 2017-04-02 18:54 -------- d-----w- c:\users\Administrateur\AppData\Roaming\ZHP
2017-03-13 18:01 . 2017-04-01 10:37 -------- d-----w- c:\program files (x86)\Common Files\Atheros
2017-03-13 17:57 . 2017-03-13 17:57 -------- d-----w- c:\users\Administrateur\AppData\Roaming\WildTangent
2017-03-13 06:06 . 2017-03-13 17:41 -------- d-----w- c:\users\Administrateur\AppData\Local\Autodesk
2017-03-13 06:05 . 2017-03-13 06:11 -------- d-----w- c:\users\Administrateur\AppData\Roaming\Autodesk
2017-03-12 23:42 . 2017-04-04 17:08 -------- d-----w- c:\program files\Mozilla Firefox
2017-03-12 23:27 . 2017-03-12 23:27 -------- d-----w- c:\program files\7-Zip
2017-03-12 17:59 . 2017-04-02 10:18 -------- d-----w- c:\users\Administrateur\AppData\Local\Avira
2017-03-11 12:07 . 2017-04-01 13:42 -------- d-----w- c:\users\LOUNA\AppData\Local\Avira
2017-03-11 12:01 . 2017-04-01 13:28 -------- d-----w- c:\programdata\Avira
2017-03-10 23:17 . 2017-03-10 23:17 46408 ----a-w- c:\windows\system32\DbxSvc.exe
2017-03-10 23:17 . 2017-03-10 23:17 45672 ----a-w- c:\windows\system32\drivers\dbx-stable.sys
2017-03-10 23:17 . 2017-03-10 23:17 45672 ----a-w- c:\windows\system32\drivers\dbx-dev.sys
2017-03-10 23:17 . 2017-03-10 23:17 45672 ----a-w- c:\windows\system32\drivers\dbx-canary.sys
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2017-03-22 21:10 . 2012-09-01 05:57 802904 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2017-03-22 21:10 . 2012-09-01 05:57 144472 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2017-03-18 09:42 . 2012-11-20 14:17 138634176 -c--a-w- c:\windows\system32\MRT.exe
2017-02-09 16:14 . 2017-03-14 18:55 44032 ----a-w- c:\windows\apppatch\acwow64.dll
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt01]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2017-03-21 18:01 236360 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.15.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt02]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2017-03-21 18:01 236360 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.15.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt03]
@="{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}]
2017-03-21 18:01 236360 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.15.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt04]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2017-03-21 18:01 236360 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.15.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt05]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2017-03-21 18:01 236360 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.15.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt06]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2017-03-21 18:01 236360 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.15.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt07]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2017-03-21 18:01 236360 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.15.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt08]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2017-03-21 18:01 236360 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.15.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt09]
@="{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}]
2017-03-21 18:01 236360 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.15.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt10]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2017-03-21 18:01 236360 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.15.0.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HP Officejet 5740 series (NET)"="c:\program files\HP\HP Officejet 5740 series\Bin\ScanToPCActivationApp.exe" [2014-08-22 3483656]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Avira System Speedup User Starter"="c:\program files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe" [2017-03-14 64648]
"Avira SystrayStartTrigger"="c:\program files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe" [2017-03-09 63432]
"avgnt"="c:\program files (x86)\Avira\Antivirus\avgnt.exe" [2017-03-22 909744]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Autodesk Sync"="c:\program files\Autodesk\Autodesk Sync\AdSync.exe" [2014-05-01 1193352]
"HP Officejet 5740 series (NET)"="c:\program files\HP\HP Officejet 5740 series\Bin\ScanToPCActivationApp.exe" [2014-08-22 3483656]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
"DisableCAD"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]
@="%Service%"
.
R1 jxolqqyx;jxolqqyx;c:\windows\system32\drivers\jxolqqyx.sys;c:\windows\SYSNATIVE\drivers\jxolqqyx.sys [x]
R1 kvlauizi;kvlauizi;c:\windows\system32\drivers\kvlauizi.sys;c:\windows\SYSNATIVE\drivers\kvlauizi.sys [x]
R1 mhsphwny;mhsphwny;c:\windows\system32\drivers\mhsphwny.sys;c:\windows\SYSNATIVE\drivers\mhsphwny.sys [x]
R1 pbgncayg;pbgncayg;c:\windows\system32\drivers\pbgncayg.sys;c:\windows\SYSNATIVE\drivers\pbgncayg.sys [x]
R2 AntiVirMailService;Avira Protection e-mail;c:\program files (x86)\Avira\Antivirus\avmailc7.exe;c:\program files (x86)\Avira\Antivirus\avmailc7.exe [x]
R2 AntiVirWebService;Avira Protection Web;c:\program files (x86)\Avira\Antivirus\avwebg7.exe;c:\program files (x86)\Avira\Antivirus\avwebg7.exe [x]
R2 AviraPhantomVPN;Avira Phantom VPN;c:\program files (x86)\Avira\VPN\Avira.VpnService.exe;c:\program files (x86)\Avira\VPN\Avira.VpnService.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SpeedupService;Avira System Speedup;c:\program files (x86)\Avira\System Speedup\Avira.SystemSpeedup.SpeedupService.exe;c:\program files (x86)\Avira\System Speedup\Avira.SystemSpeedup.SpeedupService.exe [x]
R3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver;c:\windows\system32\DRIVERS\ArcSoftVCapture.sys;c:\windows\SYSNATIVE\DRIVERS\ArcSoftVCapture.sys [x]
R3 ATHDFU;Qualcomm Atheros Valkyrie USB BootROM;c:\windows\system32\Drivers\AthDfu.sys;c:\windows\SYSNATIVE\Drivers\AthDfu.sys [x]
R3 Autodesk Content Service;Autodesk Content Service;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [x]
R3 dbupdatem;Service Mise à jour Dropbox (dbupdatem);c:\program files (x86)\Dropbox\Update\DropboxUpdate.exe;c:\program files (x86)\Dropbox\Update\DropboxUpdate.exe [x]
R3 dbx;dbx;c:\windows\system32\DRIVERS\dbx.sys;c:\windows\SYSNATIVE\DRIVERS\dbx.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WSDScan;Prise en charge de la numérisation WSD via UMB;c:\windows\system32\DRIVERS\WSDScan.sys;c:\windows\SYSNATIVE\DRIVERS\WSDScan.sys [x]
R4 dbupdate;Service Mise à jour Dropbox (dbupdate);c:\program files (x86)\Dropbox\Update\DropboxUpdate.exe;c:\program files (x86)\Dropbox\Update\DropboxUpdate.exe [x]
R4 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R4 vcsFPService;Validity VCS Fingerprint Service;c:\windows\system32\vcsFPService.exe;c:\windows\SYSNATIVE\vcsFPService.exe [x]
S0 avusbflt;avusbflt;c:\windows\System32\Drivers\avusbflt.sys;c:\windows\SYSNATIVE\Drivers\avusbflt.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe;c:\program files\IDT\WDM\AESTSr64.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AntiVirSchedulerService;Avira Planificateur;c:\program files (x86)\Avira\Antivirus\sched.exe;c:\program files (x86)\Avira\Antivirus\sched.exe [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Bluetooth Suite\adminservice.exe [x]
S2 Avira.ServiceHost;Avira Service Host;c:\program files (x86)\Avira\Launcher\Avira.ServiceHost.exe;c:\program files (x86)\Avira\Launcher\Avira.ServiceHost.exe [x]
S2 avnetflt;avnetflt;c:\windows\system32\DRIVERS\avnetflt.sys;c:\windows\SYSNATIVE\DRIVERS\avnetflt.sys [x]
S2 ClickToRunSvc;Service Démarrer en clic Microsoft Office;c:\program files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe;c:\program files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [x]
S2 DbxSvc;DbxSvc;c:\windows\system32\DbxSvc.exe;c:\windows\SYSNATIVE\DbxSvc.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 DragonSvc;Dragon Service;c:\program files (x86)\Common Files\Nuance\dgnsvc.exe;c:\program files (x86)\Common Files\Nuance\dgnsvc.exe [x]
S2 FlexNet Licensing Service 64;FlexNet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe [x]
S2 HP Power Assistant Service;HP Power Assistant Service;c:\program files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe;c:\program files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [x]
S2 hpCMSrv;HP Connection Manager 4 Service;c:\program files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe;c:\program files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [x]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [x]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe;c:\windows\SYSNATIVE\Hpservice.exe [x]
S2 PdiService;Portrait Displays SDK Service;c:\program files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe;c:\program files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 ZAtheros Bt and Wlan Coex Agent;ZAtheros Bt and Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [x]
S3 AthBTPort;Qualcomm Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
S3 btath_avdt;Qualcomm Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys;c:\windows\SYSNATIVE\drivers\btath_avdt.sys [x]
S3 BTATH_BUS;Qualcomm Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys;c:\windows\SYSNATIVE\DRIVERS\btath_bus.sys [x]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_hcrp.sys [x]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_rcp.sys [x]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
S3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys;c:\windows\SYSNATIVE\DRIVERS\igdpmd64.sys [x]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys;c:\windows\SYSNATIVE\DRIVERS\jmcr.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 SPUVCbv;SPUVCb Driver Service;c:\windows\system32\Drivers\SPUVCbv_x64.sys;c:\windows\SYSNATIVE\Drivers\SPUVCbv_x64.sys [x]
.
.
--- Autres Services/Pilotes en mémoire ---
.
*NewlyCreated* - UGDOAUOG
*Deregistered* - ugdoauog
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr QWAVE wcncsvc
.
Contenu du dossier 'Tâches planifiées'
.
2017-04-04 c:\windows\Tasks\DropboxUpdateTaskMachineCore.job
- c:\program files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-03-14 21:05]
.
2017-04-04 c:\windows\Tasks\DropboxUpdateTaskMachineUA.job
- c:\program files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-03-14 21:05]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt01]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2017-03-21 18:01 286024 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.15.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt02]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2017-03-21 18:01 286024 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.15.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt03]
@="{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}]
2017-03-21 18:01 286024 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.15.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt04]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2017-03-21 18:01 286024 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.15.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt05]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2017-03-21 18:01 286024 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.15.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt06]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2017-03-21 18:01 286024 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.15.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt07]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2017-03-21 18:01 286024 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.15.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt08]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2017-03-21 18:01 286024 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.15.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt09]
@="{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}]
2017-03-21 18:01 286024 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.15.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt10]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2017-03-21 18:01 286024 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.15.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco1]
@="{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}"
[HKEY_CLASSES_ROOT\CLSID\{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}]
2014-09-26 13:41 1021088 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco2]
@="{853B7E05-C47D-4985-909A-D0DC5C6D7303}"
[HKEY_CLASSES_ROOT\CLSID\{853B7E05-C47D-4985-909A-D0DC5C6D7303}]
2014-09-26 13:41 1021088 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco3]
@="{42D38F2E-98E9-4382-B546-E24E4D6D04BB}"
[HKEY_CLASSES_ROOT\CLSID\{42D38F2E-98E9-4382-B546-E24E4D6D04BB}]
2014-09-26 13:41 1021088 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2017-01-31 12:34 2351920 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2017-01-31 12:34 2351920 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2017-01-31 12:34 2351920 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll
.
------- Examen supplémentaire -------
.
uLocal Page = c:\windows\system32\blank.htm
mDefault_Search_URL = www.google.com
mDefault_Page_URL = www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: &Envoyer à OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: E&xport to Microsoft Excel - c:\program files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
IE: E&xporter vers Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\program files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
TCP: DhcpNameServer = 212.27.40.240 212.27.40.241
.
- - - - ORPHELINS SUPPRIMES - - - -
.
Toolbar-10 - (no file)
ShellIconOverlayIdentifiers-{F241C880-6982-4CE5-8CF7-7085BA96DA5A} - (no file)
ShellIconOverlayIdentifiers-{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} - (no file)
ShellIconOverlayIdentifiers-{BBACC218-34EA-4666-9D7A-C78F2274A524} - (no file)
Wow6432Node-HKLM-Run- - (no file)
HKLM_Wow6432Node-ActiveSetup-installed components - c:\program files (x86)\Crossbrowse\Crossbrowse\Application\39.6.2171.95\Installer\chrmstp.exe
HKLM_Wow6432Node-ActiveSetup-{8A69D345-D564-463c-AFF1-A69D9E530F96} - c:\program files (x86)\Google\Chrome\Application\48.0.2564.116\Installer\chrmstp.exe
Toolbar-10 - (no file)
ShellIconOverlayIdentifiers-{F241C880-6982-4CE5-8CF7-7085BA96DA5A} - (no file)
ShellIconOverlayIdentifiers-{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} - (no file)
ShellIconOverlayIdentifiers-{BBACC218-34EA-4666-9D7A-C78F2274A524} - (no file)
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file)
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_USERS\S-1-5-21-2207968073-3903004646-4250870805-500\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (Administrator)
.
[HKEY_USERS\S-1-5-21-2207968073-3903004646-4250870805-500\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (Administrator)
"Timestamp"=hex:0f,57,a0,cd,fa,b1,cd,01
.
[HKEY_USERS\S-1-5-21-2207968073-3903004646-4250870805-500\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,3d,5a,02,bb,ed,ad,15,4b,8f,bc,e2,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,3d,5a,02,bb,ed,ad,15,4b,8f,bc,e2,\
.
[HKEY_USERS\S-1-5-21-2207968073-3903004646-4250870805-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (Administrator)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\S-1-5-21-2207968073-3903004646-4250870805-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (Administrator)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\S-1-5-21-2207968073-3903004646-4250870805-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ino\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Arduino file"
.
[HKEY_USERS\S-1-5-21-2207968073-3903004646-4250870805-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (Administrator)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\S-1-5-21-2207968073-3903004646-4250870805-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (Administrator)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\S-1-5-21-2207968073-3903004646-4250870805-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (Administrator)
"Progid"="FirefoxHTML"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_25_0_0_127_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_25_0_0_127_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_25_0_0_127_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_25_0_0_127_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_25_0_0_127.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.25"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_25_0_0_127.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_25_0_0_127.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_25_0_0_127.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Environment*]
"v5Licence0"="35-FA2Z-9AN2-V8NA-5BKD-GKEQ-7YKN4FW"
"Activated"="N"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
"Key"="ActionsPane3"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0\Solutions\http://schemas.microsoft.com/office/smartdocuments/2003\0]
"Key"="http://schemas.microsoft.com/office/smartdocuments/2003"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0\Solutions\http://schemas.microsoft.com/office/smartdocuments/2003\0\{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}\Alias]
"0"="Microsoft Actions Pane 3"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Heure de fin: 2017-04-04 21:45:16
ComboFix-quarantined-files.txt 2017-04-04 19:45
.
Avant-CF: 61 984 964 608 octets libres
Après-CF: 62 053 122 048 octets libres
.
- - End Of File - - 94B68F0B6B50ED3131AA3D53CA2326B9
973E9BA32FDBB305C552ED3E1EBF0686
Microsoft Windows 7 Professionnel 6.1.7601.1.1252.33.1036.18.8126.5949 [GMT 2:00]
Lancé depuis: c:\users\Administrateur\Desktop\ComboFix.exe
AV: Avira Antivirus *Disabled/Updated* {B3F630BD-538D-1B4A-14FA-14B63235278F}
SP: Avira Antivirus *Disabled/Updated* {0897D159-75B7-14C4-2E4A-2FC449B26D32}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2017-03-04 au 2017-04-04 ))))))))))))))))))))))))))))))))))))
.
.
2017-04-04 19:42 . 2017-04-04 19:42 -------- d-----w- c:\users\LOUNA\AppData\Local\temp
2017-04-04 17:59 . 2017-04-04 17:59 512 ----a-w- C:\PhysicalMBR.bin
2017-04-04 17:18 . 2017-04-04 17:18 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{36E18030-E552-408F-B19B-79BD8E4F8C8C}\offreg.2984.dll
2017-04-04 06:17 . 2017-03-22 11:05 12774864 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{36E18030-E552-408F-B19B-79BD8E4F8C8C}\mpengine.dll
2017-04-02 18:15 . 2017-04-02 18:15 -------- d-----w- c:\users\Administrateur\AppData\Local\HUE
2017-04-02 17:14 . 2017-04-02 17:14 -------- d-----w- c:\users\Administrateur\AppData\Local\ZHP
2017-04-02 16:57 . 2017-04-02 16:57 -------- d-----w- C:\boot
2017-04-02 16:53 . 2017-04-02 16:53 -------- d-----w- c:\users\LOUNA\AppData\Roaming\HPPSDr
2017-04-02 16:14 . 2017-04-02 16:14 -------- d-----w- c:\users\LOUNA\AppData\Local\Skype
2017-04-02 16:08 . 2017-04-02 16:08 -------- d-----w- c:\programdata\HUE
2017-04-02 16:07 . 2017-04-02 16:07 -------- d-----w- c:\users\LOUNA\AppData\Local\HUE
2017-04-02 16:07 . 2017-04-02 16:07 -------- d-----w- c:\program files (x86)\HUE Intuition
2017-04-02 10:49 . 2017-04-02 10:48 320424 ----a-w- c:\windows\system32\javaws.exe
2017-04-02 10:49 . 2017-04-02 10:48 111016 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2017-04-02 10:49 . 2017-04-02 10:48 189352 ----a-w- c:\windows\system32\javaw.exe
2017-04-02 10:49 . 2017-04-02 10:48 189352 ----a-w- c:\windows\system32\java.exe
2017-04-02 10:48 . 2017-04-02 10:48 -------- d-----w- c:\program files\Java
2017-04-02 10:25 . 2017-04-02 10:25 -------- d-----w- c:\program files (x86)\WinDirStat
2017-04-01 13:43 . 2017-04-01 13:43 -------- d-----w- c:\users\LOUNA\AppData\Roaming\Atheros
2017-04-01 13:36 . 2017-04-02 15:16 -------- d-----w- C:\AdwCleaner
2017-04-01 13:31 . 2017-04-01 13:31 -------- d-----w- c:\users\Administrateur\AppData\Roaming\Avira
2017-04-01 13:28 . 2017-03-22 07:55 51248 ----a-w- c:\windows\system32\drivers\avusbflt.sys
2017-04-01 13:28 . 2017-03-22 07:55 78600 ----a-w- c:\windows\system32\drivers\avnetflt.sys
2017-04-01 13:28 . 2017-03-22 07:55 35328 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2017-04-01 13:28 . 2017-03-22 07:55 176968 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2017-04-01 13:28 . 2017-03-22 07:55 148104 ----a-w- c:\windows\system32\drivers\avipbb.sys
2017-04-01 13:21 . 2017-04-04 17:06 -------- d-----w- c:\users\Public\Speedup Sessions
2017-04-01 13:04 . 2017-04-01 13:04 -------- d-----w- c:\program files (x86)\Common Files\Telespree
2017-04-01 11:58 . 2017-04-01 13:43 -------- d-----w- c:\programdata\Atheros
2017-04-01 11:58 . 2017-04-01 11:58 -------- d-----w- c:\users\Administrateur\AppData\Roaming\Atheros
2017-04-01 11:24 . 2017-04-01 11:26 -------- d-----w- c:\program files\Common Files\QCA_Bluetooth
2017-04-01 11:24 . 2017-04-01 11:24 -------- d-----w- c:\program files (x86)\Bluetooth Suite
2017-03-26 18:25 . 2017-03-26 18:25 -------- d-----w- C:\CAT-Logs
2017-03-26 17:29 . 2017-03-26 17:29 -------- d-----w- c:\program files\CCleaner
2017-03-26 17:05 . 2017-04-01 12:44 -------- d-----w- c:\program files (x86)\ERUNT
2017-03-24 16:59 . 2017-04-02 19:22 -------- d-----w- c:\windows\system32\catroot2
2017-03-24 16:33 . 2017-03-24 16:33 -------- d-----w- c:\windows\SysWow64\wbem\Performance
2017-03-24 07:32 . 2017-03-24 07:32 -------- d-----w- c:\users\Default
2017-03-23 21:57 . 2017-03-23 21:57 -------- d-----w- c:\program files (x86)\Tweaking.com
2017-03-23 18:03 . 2017-04-02 18:49 -------- d-----w- c:\program files (x86)\ZHPFix
2017-03-22 14:32 . 2017-04-02 10:18 -------- d-----w- c:\program files (x86)\Avira
2017-03-22 13:32 . 2017-03-22 14:16 -------- d-----w- c:\users\LOUNA\AppData\Roaming\ZHP
2017-03-16 09:36 . 2015-07-11 13:15 429568 ----a-w- c:\windows\system32\wksprt.exe
2017-03-16 09:36 . 2015-07-16 19:12 6131200 ----a-w- c:\windows\SysWow64\mstscax.dll
2017-03-16 09:36 . 2015-07-16 19:11 7077376 ----a-w- c:\windows\system32\mstscax.dll
2017-03-16 09:36 . 2015-07-16 19:11 1057792 ----a-w- c:\windows\system32\rdvidcrl.dll
2017-03-16 09:36 . 2015-07-16 19:12 856064 ----a-w- c:\windows\SysWow64\rdvidcrl.dll
2017-03-16 09:36 . 2015-07-16 19:12 53248 ----a-w- c:\windows\SysWow64\tsgqec.dll
2017-03-16 09:36 . 2015-07-16 19:11 62976 ----a-w- c:\windows\system32\tsgqec.dll
2017-03-16 07:06 . 2014-12-11 17:47 87040 ----a-w- c:\windows\system32\TSWbPrxy.exe
2017-03-14 21:07 . 2017-03-14 21:07 -------- d-----w- c:\users\Administrateur\AppData\Roaming\Dropbox
2017-03-14 21:05 . 2017-03-23 17:15 -------- d-----w- c:\program files (x86)\Dropbox
2017-03-14 21:05 . 2017-03-14 21:09 -------- d-----w- c:\users\Administrateur\AppData\Local\Dropbox
2017-03-14 21:05 . 2017-03-14 21:05 -------- d-----w- c:\programdata\Dropbox
2017-03-14 19:27 . 2017-03-14 19:27 -------- d-----w- c:\users\Administrateur\AppData\Local\Skype
2017-03-14 19:27 . 2017-03-14 19:55 -------- d-----w- c:\users\Administrateur\AppData\Roaming\Skype
2017-03-14 19:27 . 2017-03-14 19:27 -------- d-----w- c:\program files (x86)\Common Files\Skype
2017-03-14 19:27 . 2017-03-14 19:27 -------- d-----r- c:\program files (x86)\Skype
2017-03-14 19:26 . 2013-10-02 04:51 3584 ----a-w- c:\windows\system32\drivers\fr-FR\tsusbflt.sys.mui
2017-03-14 19:26 . 2013-10-02 01:10 44544 ----a-w- c:\windows\system32\TsUsbGDCoInstaller.dll
2017-03-14 19:26 . 2013-10-02 02:22 56832 ----a-w- c:\windows\system32\drivers\TsUsbFlt.sys
2017-03-14 19:26 . 2013-10-02 02:11 13824 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2017-03-14 19:26 . 2013-10-02 02:08 12800 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2017-03-14 19:26 . 2013-10-02 01:48 56832 ----a-w- c:\windows\system32\MsRdpWebAccess.dll
2017-03-14 19:26 . 2013-10-02 01:48 18944 ----a-w- c:\windows\system32\wksprtPS.dll
2017-03-14 19:26 . 2013-10-02 00:14 50176 ----a-w- c:\windows\SysWow64\MsRdpWebAccess.dll
2017-03-14 19:26 . 2013-10-02 00:14 17920 ----a-w- c:\windows\SysWow64\wksprtPS.dll
2017-03-14 19:26 . 2013-10-01 23:31 1147392 ----a-w- c:\windows\system32\mstsc.exe
2017-03-14 19:26 . 2013-10-01 22:34 1068544 ----a-w- c:\windows\SysWow64\mstsc.exe
2017-03-14 19:22 . 2015-08-05 17:56 22528 ----a-w- c:\windows\system32\icaapi.dll
2017-03-14 19:22 . 2015-08-05 17:06 39936 ----a-w- c:\windows\system32\drivers\tssecsrv.sys
2017-03-14 19:19 . 2015-12-16 18:53 7168 ----a-w- c:\windows\system32\kbdgeoqw.dll
2017-03-14 19:19 . 2015-12-16 18:53 7168 ----a-w- c:\windows\system32\KBDAZEL.DLL
2017-03-14 19:19 . 2015-12-16 18:53 7168 ----a-w- c:\windows\system32\KBDAZE.DLL
2017-03-14 19:19 . 2015-12-16 18:48 6656 ----a-w- c:\windows\SysWow64\kbdgeoqw.dll
2017-03-14 19:19 . 2015-12-16 18:48 6656 ----a-w- c:\windows\SysWow64\KBDAZEL.DLL
2017-03-14 18:56 . 2017-03-04 07:59 2895360 ----a-w- c:\windows\system32\iertutil.dll
2017-03-14 18:56 . 2017-03-04 07:51 34304 ----a-w- c:\windows\system32\iernonce.dll
2017-03-14 18:56 . 2017-03-02 18:01 47616 ----a-w- c:\windows\SysWow64\ieetwproxystub.dll
2017-03-14 18:54 . 2017-02-22 23:37 1285632 ----a-w- c:\windows\system32\aeinv.dll
2017-03-14 18:54 . 2017-02-18 14:05 1609216 ----a-w- c:\windows\system32\appraiser.dll
2017-03-14 18:54 . 2016-12-31 15:36 233984 ----a-w- c:\windows\system32\aepic.dll
2017-03-14 18:54 . 2017-02-22 23:42 84712 ----a-w- c:\windows\system32\CompatTelRunner.exe
2017-03-14 18:54 . 2017-02-18 14:05 646656 ----a-w- c:\windows\system32\generaltel.dll
2017-03-14 18:54 . 2016-12-31 15:36 335360 ----a-w- c:\windows\system32\invagent.dll
2017-03-14 18:54 . 2016-12-31 15:36 556544 ----a-w- c:\windows\system32\devinv.dll
2017-03-14 18:54 . 2016-12-31 15:36 293376 ----a-w- c:\windows\system32\centel.dll
2017-03-14 18:54 . 2016-12-31 15:36 133632 ----a-w- c:\windows\system32\acmigration.dll
2017-03-14 18:40 . 2017-03-14 18:40 -------- d-----w- c:\programdata\Intel
2017-03-14 18:36 . 2013-06-18 15:22 872152 ----a-w- c:\windows\system32\drivers\Rt64win7.sys
2017-03-14 18:36 . 2013-06-18 15:22 74456 ----a-w- c:\windows\system32\RtNicProp64.dll
2017-03-14 18:36 . 2017-03-14 18:36 -------- d-----w- c:\program files (x86)\Realtek
2017-03-14 18:17 . 2011-08-08 16:28 8192 ----a-w- c:\windows\system32\drivers\IntelMEFWVer.dll
2017-03-14 06:33 . 2017-03-14 06:33 -------- d-----w- c:\program files (x86)\Cisco
2017-03-14 06:33 . 2017-03-14 16:01 -------- d-----w- c:\program files (x86)\Qualcomm Atheros
2017-03-14 06:32 . 2017-03-14 06:34 -------- d-----w- c:\programdata\Qualcomm Atheros
2017-03-14 06:25 . 2017-03-14 06:26 -------- d-----w- c:\programdata\Recovery
2017-03-14 00:49 . 2017-03-14 00:49 -------- d-----w- c:\users\Administrateur\AppData\Local\ArcSoft
2017-03-13 22:43 . 2017-03-13 22:43 -------- d-----w- c:\users\LOUNA\AppData\Roaming\Notepad++
2017-03-13 22:43 . 2017-03-23 15:26 -------- d-----w- c:\users\Administrateur\AppData\Roaming\Notepad++
2017-03-13 22:43 . 2017-03-22 19:43 -------- d-----w- c:\program files\Notepad++
2017-03-13 22:35 . 2017-03-13 22:37 -------- d-----r- c:\users\Administrateur\Dropbox
2017-03-13 18:49 . 2017-03-22 14:51 -------- d-----w- c:\programdata\AVAST Software
2017-03-13 18:09 . 2017-04-02 18:54 -------- d-----w- c:\users\Administrateur\AppData\Roaming\ZHP
2017-03-13 18:01 . 2017-04-01 10:37 -------- d-----w- c:\program files (x86)\Common Files\Atheros
2017-03-13 17:57 . 2017-03-13 17:57 -------- d-----w- c:\users\Administrateur\AppData\Roaming\WildTangent
2017-03-13 06:06 . 2017-03-13 17:41 -------- d-----w- c:\users\Administrateur\AppData\Local\Autodesk
2017-03-13 06:05 . 2017-03-13 06:11 -------- d-----w- c:\users\Administrateur\AppData\Roaming\Autodesk
2017-03-12 23:42 . 2017-04-04 17:08 -------- d-----w- c:\program files\Mozilla Firefox
2017-03-12 23:27 . 2017-03-12 23:27 -------- d-----w- c:\program files\7-Zip
2017-03-12 17:59 . 2017-04-02 10:18 -------- d-----w- c:\users\Administrateur\AppData\Local\Avira
2017-03-11 12:07 . 2017-04-01 13:42 -------- d-----w- c:\users\LOUNA\AppData\Local\Avira
2017-03-11 12:01 . 2017-04-01 13:28 -------- d-----w- c:\programdata\Avira
2017-03-10 23:17 . 2017-03-10 23:17 46408 ----a-w- c:\windows\system32\DbxSvc.exe
2017-03-10 23:17 . 2017-03-10 23:17 45672 ----a-w- c:\windows\system32\drivers\dbx-stable.sys
2017-03-10 23:17 . 2017-03-10 23:17 45672 ----a-w- c:\windows\system32\drivers\dbx-dev.sys
2017-03-10 23:17 . 2017-03-10 23:17 45672 ----a-w- c:\windows\system32\drivers\dbx-canary.sys
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2017-03-22 21:10 . 2012-09-01 05:57 802904 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2017-03-22 21:10 . 2012-09-01 05:57 144472 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2017-03-18 09:42 . 2012-11-20 14:17 138634176 -c--a-w- c:\windows\system32\MRT.exe
2017-02-09 16:14 . 2017-03-14 18:55 44032 ----a-w- c:\windows\apppatch\acwow64.dll
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt01]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2017-03-21 18:01 236360 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.15.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt02]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2017-03-21 18:01 236360 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.15.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt03]
@="{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}]
2017-03-21 18:01 236360 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.15.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt04]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2017-03-21 18:01 236360 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.15.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt05]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2017-03-21 18:01 236360 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.15.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt06]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2017-03-21 18:01 236360 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.15.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt07]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2017-03-21 18:01 236360 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.15.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt08]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2017-03-21 18:01 236360 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.15.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt09]
@="{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}]
2017-03-21 18:01 236360 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.15.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt10]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2017-03-21 18:01 236360 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.15.0.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HP Officejet 5740 series (NET)"="c:\program files\HP\HP Officejet 5740 series\Bin\ScanToPCActivationApp.exe" [2014-08-22 3483656]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Avira System Speedup User Starter"="c:\program files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe" [2017-03-14 64648]
"Avira SystrayStartTrigger"="c:\program files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe" [2017-03-09 63432]
"avgnt"="c:\program files (x86)\Avira\Antivirus\avgnt.exe" [2017-03-22 909744]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Autodesk Sync"="c:\program files\Autodesk\Autodesk Sync\AdSync.exe" [2014-05-01 1193352]
"HP Officejet 5740 series (NET)"="c:\program files\HP\HP Officejet 5740 series\Bin\ScanToPCActivationApp.exe" [2014-08-22 3483656]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
"DisableCAD"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]
@="%Service%"
.
R1 jxolqqyx;jxolqqyx;c:\windows\system32\drivers\jxolqqyx.sys;c:\windows\SYSNATIVE\drivers\jxolqqyx.sys [x]
R1 kvlauizi;kvlauizi;c:\windows\system32\drivers\kvlauizi.sys;c:\windows\SYSNATIVE\drivers\kvlauizi.sys [x]
R1 mhsphwny;mhsphwny;c:\windows\system32\drivers\mhsphwny.sys;c:\windows\SYSNATIVE\drivers\mhsphwny.sys [x]
R1 pbgncayg;pbgncayg;c:\windows\system32\drivers\pbgncayg.sys;c:\windows\SYSNATIVE\drivers\pbgncayg.sys [x]
R2 AntiVirMailService;Avira Protection e-mail;c:\program files (x86)\Avira\Antivirus\avmailc7.exe;c:\program files (x86)\Avira\Antivirus\avmailc7.exe [x]
R2 AntiVirWebService;Avira Protection Web;c:\program files (x86)\Avira\Antivirus\avwebg7.exe;c:\program files (x86)\Avira\Antivirus\avwebg7.exe [x]
R2 AviraPhantomVPN;Avira Phantom VPN;c:\program files (x86)\Avira\VPN\Avira.VpnService.exe;c:\program files (x86)\Avira\VPN\Avira.VpnService.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SpeedupService;Avira System Speedup;c:\program files (x86)\Avira\System Speedup\Avira.SystemSpeedup.SpeedupService.exe;c:\program files (x86)\Avira\System Speedup\Avira.SystemSpeedup.SpeedupService.exe [x]
R3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver;c:\windows\system32\DRIVERS\ArcSoftVCapture.sys;c:\windows\SYSNATIVE\DRIVERS\ArcSoftVCapture.sys [x]
R3 ATHDFU;Qualcomm Atheros Valkyrie USB BootROM;c:\windows\system32\Drivers\AthDfu.sys;c:\windows\SYSNATIVE\Drivers\AthDfu.sys [x]
R3 Autodesk Content Service;Autodesk Content Service;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [x]
R3 dbupdatem;Service Mise à jour Dropbox (dbupdatem);c:\program files (x86)\Dropbox\Update\DropboxUpdate.exe;c:\program files (x86)\Dropbox\Update\DropboxUpdate.exe [x]
R3 dbx;dbx;c:\windows\system32\DRIVERS\dbx.sys;c:\windows\SYSNATIVE\DRIVERS\dbx.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WSDScan;Prise en charge de la numérisation WSD via UMB;c:\windows\system32\DRIVERS\WSDScan.sys;c:\windows\SYSNATIVE\DRIVERS\WSDScan.sys [x]
R4 dbupdate;Service Mise à jour Dropbox (dbupdate);c:\program files (x86)\Dropbox\Update\DropboxUpdate.exe;c:\program files (x86)\Dropbox\Update\DropboxUpdate.exe [x]
R4 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R4 vcsFPService;Validity VCS Fingerprint Service;c:\windows\system32\vcsFPService.exe;c:\windows\SYSNATIVE\vcsFPService.exe [x]
S0 avusbflt;avusbflt;c:\windows\System32\Drivers\avusbflt.sys;c:\windows\SYSNATIVE\Drivers\avusbflt.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe;c:\program files\IDT\WDM\AESTSr64.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AntiVirSchedulerService;Avira Planificateur;c:\program files (x86)\Avira\Antivirus\sched.exe;c:\program files (x86)\Avira\Antivirus\sched.exe [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Bluetooth Suite\adminservice.exe [x]
S2 Avira.ServiceHost;Avira Service Host;c:\program files (x86)\Avira\Launcher\Avira.ServiceHost.exe;c:\program files (x86)\Avira\Launcher\Avira.ServiceHost.exe [x]
S2 avnetflt;avnetflt;c:\windows\system32\DRIVERS\avnetflt.sys;c:\windows\SYSNATIVE\DRIVERS\avnetflt.sys [x]
S2 ClickToRunSvc;Service Démarrer en clic Microsoft Office;c:\program files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe;c:\program files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [x]
S2 DbxSvc;DbxSvc;c:\windows\system32\DbxSvc.exe;c:\windows\SYSNATIVE\DbxSvc.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 DragonSvc;Dragon Service;c:\program files (x86)\Common Files\Nuance\dgnsvc.exe;c:\program files (x86)\Common Files\Nuance\dgnsvc.exe [x]
S2 FlexNet Licensing Service 64;FlexNet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe [x]
S2 HP Power Assistant Service;HP Power Assistant Service;c:\program files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe;c:\program files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [x]
S2 hpCMSrv;HP Connection Manager 4 Service;c:\program files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe;c:\program files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [x]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [x]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe;c:\windows\SYSNATIVE\Hpservice.exe [x]
S2 PdiService;Portrait Displays SDK Service;c:\program files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe;c:\program files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 ZAtheros Bt and Wlan Coex Agent;ZAtheros Bt and Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [x]
S3 AthBTPort;Qualcomm Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
S3 btath_avdt;Qualcomm Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys;c:\windows\SYSNATIVE\drivers\btath_avdt.sys [x]
S3 BTATH_BUS;Qualcomm Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys;c:\windows\SYSNATIVE\DRIVERS\btath_bus.sys [x]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_hcrp.sys [x]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_rcp.sys [x]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
S3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys;c:\windows\SYSNATIVE\DRIVERS\igdpmd64.sys [x]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys;c:\windows\SYSNATIVE\DRIVERS\jmcr.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 SPUVCbv;SPUVCb Driver Service;c:\windows\system32\Drivers\SPUVCbv_x64.sys;c:\windows\SYSNATIVE\Drivers\SPUVCbv_x64.sys [x]
.
.
--- Autres Services/Pilotes en mémoire ---
.
*NewlyCreated* - UGDOAUOG
*Deregistered* - ugdoauog
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr QWAVE wcncsvc
.
Contenu du dossier 'Tâches planifiées'
.
2017-04-04 c:\windows\Tasks\DropboxUpdateTaskMachineCore.job
- c:\program files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-03-14 21:05]
.
2017-04-04 c:\windows\Tasks\DropboxUpdateTaskMachineUA.job
- c:\program files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-03-14 21:05]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt01]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2017-03-21 18:01 286024 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.15.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt02]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2017-03-21 18:01 286024 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.15.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt03]
@="{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}]
2017-03-21 18:01 286024 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.15.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt04]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2017-03-21 18:01 286024 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.15.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt05]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2017-03-21 18:01 286024 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.15.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt06]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2017-03-21 18:01 286024 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.15.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt07]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2017-03-21 18:01 286024 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.15.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt08]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2017-03-21 18:01 286024 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.15.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt09]
@="{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}]
2017-03-21 18:01 286024 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.15.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt10]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2017-03-21 18:01 286024 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.15.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco1]
@="{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}"
[HKEY_CLASSES_ROOT\CLSID\{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}]
2014-09-26 13:41 1021088 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco2]
@="{853B7E05-C47D-4985-909A-D0DC5C6D7303}"
[HKEY_CLASSES_ROOT\CLSID\{853B7E05-C47D-4985-909A-D0DC5C6D7303}]
2014-09-26 13:41 1021088 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco3]
@="{42D38F2E-98E9-4382-B546-E24E4D6D04BB}"
[HKEY_CLASSES_ROOT\CLSID\{42D38F2E-98E9-4382-B546-E24E4D6D04BB}]
2014-09-26 13:41 1021088 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2017-01-31 12:34 2351920 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2017-01-31 12:34 2351920 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2017-01-31 12:34 2351920 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll
.
------- Examen supplémentaire -------
.
uLocal Page = c:\windows\system32\blank.htm
mDefault_Search_URL = www.google.com
mDefault_Page_URL = www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: &Envoyer à OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: E&xport to Microsoft Excel - c:\program files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
IE: E&xporter vers Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\program files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
TCP: DhcpNameServer = 212.27.40.240 212.27.40.241
.
- - - - ORPHELINS SUPPRIMES - - - -
.
Toolbar-10 - (no file)
ShellIconOverlayIdentifiers-{F241C880-6982-4CE5-8CF7-7085BA96DA5A} - (no file)
ShellIconOverlayIdentifiers-{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} - (no file)
ShellIconOverlayIdentifiers-{BBACC218-34EA-4666-9D7A-C78F2274A524} - (no file)
Wow6432Node-HKLM-Run-
HKLM_Wow6432Node-ActiveSetup-installed components - c:\program files (x86)\Crossbrowse\Crossbrowse\Application\39.6.2171.95\Installer\chrmstp.exe
HKLM_Wow6432Node-ActiveSetup-{8A69D345-D564-463c-AFF1-A69D9E530F96} - c:\program files (x86)\Google\Chrome\Application\48.0.2564.116\Installer\chrmstp.exe
Toolbar-10 - (no file)
ShellIconOverlayIdentifiers-{F241C880-6982-4CE5-8CF7-7085BA96DA5A} - (no file)
ShellIconOverlayIdentifiers-{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} - (no file)
ShellIconOverlayIdentifiers-{BBACC218-34EA-4666-9D7A-C78F2274A524} - (no file)
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file)
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_USERS\S-1-5-21-2207968073-3903004646-4250870805-500\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (Administrator)
.
[HKEY_USERS\S-1-5-21-2207968073-3903004646-4250870805-500\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (Administrator)
"Timestamp"=hex:0f,57,a0,cd,fa,b1,cd,01
.
[HKEY_USERS\S-1-5-21-2207968073-3903004646-4250870805-500\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,3d,5a,02,bb,ed,ad,15,4b,8f,bc,e2,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,3d,5a,02,bb,ed,ad,15,4b,8f,bc,e2,\
.
[HKEY_USERS\S-1-5-21-2207968073-3903004646-4250870805-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (Administrator)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\S-1-5-21-2207968073-3903004646-4250870805-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (Administrator)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\S-1-5-21-2207968073-3903004646-4250870805-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ino\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Arduino file"
.
[HKEY_USERS\S-1-5-21-2207968073-3903004646-4250870805-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (Administrator)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\S-1-5-21-2207968073-3903004646-4250870805-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (Administrator)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\S-1-5-21-2207968073-3903004646-4250870805-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (Administrator)
"Progid"="FirefoxHTML"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_25_0_0_127_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_25_0_0_127_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_25_0_0_127_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_25_0_0_127_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_25_0_0_127.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.25"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_25_0_0_127.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_25_0_0_127.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_25_0_0_127.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Environment*]
"v5Licence0"="35-FA2Z-9AN2-V8NA-5BKD-GKEQ-7YKN4FW"
"Activated"="N"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
"Key"="ActionsPane3"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0\Solutions\http://schemas.microsoft.com/office/smartdocuments/2003\0]
"Key"="http://schemas.microsoft.com/office/smartdocuments/2003"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0\Solutions\http://schemas.microsoft.com/office/smartdocuments/2003\0\{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}\Alias]
"0"="Microsoft Actions Pane 3"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Heure de fin: 2017-04-04 21:45:16
ComboFix-quarantined-files.txt 2017-04-04 19:45
.
Avant-CF: 61 984 964 608 octets libres
Après-CF: 62 053 122 048 octets libres
.
- - End Of File - - 94B68F0B6B50ED3131AA3D53CA2326B9
973E9BA32FDBB305C552ED3E1EBF0686