cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

ComboFix 15-10-28.01 - Yoann 01/11/2015 12:08:50.1.4 - x64
Microsoft Windows 7 Édition Familiale Premium 6.1.7601.1.1252.33.1036.18.3959.1639 [GMT 1:00]
Lancé depuis: c:\users\Yoann\Desktop\Kha.exe
AV: avast! Antivirus *Enabled/Updated* {C37D8F93-0602-E43C-40AA-47DAD597F308}
SP: avast! Antivirus *Enabled/Updated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\program files (x86)\3b911e68-2d0e-4985-a013-57eb74619be8\3b911e68-2d0e-4985-a013-57eb74619be8.dll
c:\program files (x86)\3b911e68-2d0e-4985-a013-57eb74619be8\44b6978a-6441-4804-936a-59d5053bc82e.dll
c:\program files (x86)\87861940-1445554523-9920-05F2-705AB6EEB25B\ccae07b4-f3dd-494f-a606-0f7795533295.dll
c:\program files (x86)\Adobe\cg.dll
c:\program files (x86)\Adobe\Photoshop.exe
c:\program files (x86)\Adobe\SHFOLDER.dll
c:\program files (x86)\Eorezo
c:\program files (x86)\Eorezo\confmedia.cyp
c:\program files (x86)\Eorezo\unins000.dat
c:\program files (x86)\Eorezo\unins000.exe
c:\program files (x86)\Eorezo\unins001.dat
c:\program files (x86)\Eorezo\unins001.exe
c:\program files (x86)\MediaViewV1
c:\program files (x86)\MediaWatchV1
c:\program files (x86)\SaveSense
c:\program files (x86)\ShopSave Toolbar
c:\programdata\4020828719841332898
c:\programdata\4020828719841332898\0ba2076f527e23259c43753cc16ec33d.ini
c:\programdata\4020828719841332898\28c5bea972ca1fec9c43753cc16ec33d.ini
c:\programdata\4020828719841332898\cd5b15e575e1c3d09c43753cc16ec33d.ini
c:\programdata\dsgsdgdsgdsgw.pad
c:\programdata\ma-config.com\Logs\activex.txt
c:\programdata\ma-config.com\Logs\mcstubuser.txt
c:\programdata\ma-config.com\mcbase.db
c:\programdata\ma-config.com\server.pem
c:\programdata\SearchNewTab
c:\programdata\SearchNewTab\knqe.dat
c:\users\Yoann\AppData\Local\Crsoft
c:\users\Yoann\AppData\Local\Crsoft\crsvc.exe
c:\users\Yoann\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd
c:\users\Yoann\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.26.136_0\background.html
c:\users\Yoann\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.26.136_0\crossriderManifest.json
c:\users\Yoann\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.26.136_0\extensionData\manifest.xml
c:\users\Yoann\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.26.136_0\extensionData\plugins.json
c:\users\Yoann\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.26.136_0\extensionData\plugins\1_base.js
c:\users\Yoann\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.26.136_0\extensionData\plugins\102_dealply_m.js
c:\users\Yoann\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.26.136_0\extensionData\plugins\103_intext_5_m.js
c:\users\Yoann\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.26.136_0\extensionData\plugins\104_jollywallet_m.js
c:\users\Yoann\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.26.136_0\extensionData\plugins\105_corticas_m.js
c:\users\Yoann\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.26.136_0\extensionData\plugins\108_icm_m.js
c:\users\Yoann\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.26.136_0\extensionData\plugins\119_similar_web_m.js
c:\users\Yoann\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.26.136_0\extensionData\plugins\123_intext_adv_m.js
c:\users\Yoann\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.26.136_0\extensionData\plugins\124_superfish_no_search_no_coupons_m.js
c:\users\Yoann\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.26.136_0\extensionData\plugins\13_CrossriderAppUtils.js
c:\users\Yoann\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.26.136_0\extensionData\plugins\14_CrossriderUtils.js
c:\users\Yoann\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.26.136_0\extensionData\plugins\158_50onred_ads_only_no_fb_m.js
c:\users\Yoann\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.26.136_0\extensionData\plugins\17_jQuery.js
c:\users\Yoann\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.26.136_0\extensionData\plugins\177_crossriderDashboard.js
c:\users\Yoann\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.26.136_0\extensionData\plugins\178_revizer_ws_dynamic_m.js
c:\users\Yoann\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.26.136_0\extensionData\plugins\179_revizer_p_dynamic_m.js
c:\users\Yoann\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.26.136_0\extensionData\plugins\180_bpo_serp_m.js
c:\users\Yoann\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.26.136_0\extensionData\plugins\182_openUrl.js
c:\users\Yoann\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.26.136_0\extensionData\plugins\183_tabsWrapper.js
c:\users\Yoann\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.26.136_0\extensionData\plugins\184_noproblemppc_m.js
c:\users\Yoann\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.26.136_0\extensionData\plugins\19_CHAppAPIWrapper.js
c:\users\Yoann\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.26.136_0\extensionData\plugins\194_retargeting_bi_m.js.js
c:\users\Yoann\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.26.136_0\extensionData\plugins\195_icm_convertmedia_m.js
c:\users\Yoann\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.26.136_0\extensionData\plugins\207_dbWrapper.js
c:\users\Yoann\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.26.136_0\extensionData\plugins\21_debug.js
c:\users\Yoann\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.26.136_0\extensionData\plugins\22_resources.js
c:\users\Yoann\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.26.136_0\extensionData\plugins\28_initializer.js
c:\users\Yoann\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.26.136_0\extensionData\plugins\4_jquery_1_7_1.js
c:\users\Yoann\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.26.136_0\extensionData\plugins\47_resources_background.js
c:\users\Yoann\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.26.136_0\extensionData\plugins\64_appApiMessage.js
c:\users\Yoann\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.26.136_0\extensionData\plugins\7_hooks.js
c:\users\Yoann\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.26.136_0\extensionData\plugins\72_appApiValidation.js
c:\users\Yoann\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.26.136_0\extensionData\plugins\78_CrossriderInfo.js
c:\users\Yoann\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.26.136_0\extensionData\plugins\80_CHPopupAppAPI.js
c:\users\Yoann\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.26.136_0\extensionData\plugins\87_ginyas_wrapper.js
c:\users\Yoann\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.26.136_0\extensionData\plugins\9_search_engine_hook.js
c:\users\Yoann\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.26.136_0\extensionData\plugins\91_monetizationLoader.js.js
c:\users\Yoann\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.26.136_0\extensionData\plugins\93_superfish_no_coupons_m.js
c:\users\Yoann\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.26.136_0\extensionData\plugins\97_resourceApiWrapper.js
c:\users\Yoann\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.26.136_0\extensionData\userCode\background.js
c:\users\Yoann\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.26.136_0\extensionData\userCode\extension.js
c:\users\Yoann\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.26.136_0\icons\actions\1.png
c:\users\Yoann\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.26.136_0\icons\icon128.png
c:\users\Yoann\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.26.136_0\icons\icon16.png
c:\users\Yoann\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.26.136_0\icons\icon48.png
c:\users\Yoann\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.26.136_0\js\api\chrome.js
c:\users\Yoann\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.26.136_0\js\api\cookie.js
c:\users\Yoann\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.26.136_0\js\api\message.js
c:\users\Yoann\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.26.136_0\js\api\monitor.js
c:\users\Yoann\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.26.136_0\js\api\pageAction.js
c:\users\Yoann\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.26.136_0\js\api\pageActionBG.js
c:\users\Yoann\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.26.136_0\js\background.js
c:\users\Yoann\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.26.136_0\js\lib\app_api.js
c:\users\Yoann\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.26.136_0\js\lib\bg_app_api.js
c:\users\Yoann\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.26.136_0\js\lib\consts.js
c:\users\Yoann\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.26.136_0\js\lib\cookie_store.js
c:\users\Yoann\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.26.136_0\js\lib\crossriderAPI.js
c:\users\Yoann\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.26.136_0\js\lib\delegate.js
c:\users\Yoann\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.26.136_0\js\lib\events.js
c:\users\Yoann\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.26.136_0\js\lib\extensionDataStore.js
c:\users\Yoann\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.26.136_0\js\lib\installer.js
c:\users\Yoann\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.26.136_0\js\lib\logFile.js
c:\users\Yoann\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.26.136_0\js\lib\logging.js
c:\users\Yoann\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.26.136_0\js\lib\onBGDocumentLoad.js
c:\users\Yoann\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.26.136_0\js\lib\popupResource\newPopup.js
c:\users\Yoann\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.26.136_0\js\lib\popupResource\popup.js
c:\users\Yoann\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.26.136_0\js\lib\reports.js
c:\users\Yoann\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.26.136_0\js\lib\storageWrapper.js
c:\users\Yoann\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.26.136_0\js\lib\updateManager.js
c:\users\Yoann\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.26.136_0\js\lib\util.js
c:\users\Yoann\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.26.136_0\js\lib\xhr.js
c:\users\Yoann\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.26.136_0\js\main.js
c:\users\Yoann\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.26.136_0\js\platformVersion.js
c:\users\Yoann\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.26.136_0\manifest.json
c:\users\Yoann\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.26.136_0\popup.html
c:\users\Yoann\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gfhecnemngabimagkphnjaodohlnpibc_0.localstorage
c:\users\Yoann\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_lehjbbnflpadmbpmafhbgikkmgbccjhi_0.localstorage
c:\users\Yoann\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ohlmfmggfgjbegdpchcdpkdmkbnjania_0.localstorage
c:\users\Yoann\AppData\Local\Google\Chrome\User Data\Default\Preferences
c:\users\Yoann\AppData\Local\lollipop
c:\users\Yoann\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
c:\users\Yoann\AppData\Roaming\337
c:\users\Yoann\AppData\Roaming\337\337 Wallpaper\ebase.dll
c:\users\Yoann\AppData\Roaming\337\337 Wallpaper\image\default\app_close.png
c:\users\Yoann\AppData\Roaming\337\337 Wallpaper\image\default\app_max.png
c:\users\Yoann\AppData\Roaming\337\337 Wallpaper\image\default\app_min.png
c:\users\Yoann\AppData\Roaming\337\337 Wallpaper\image\default\app_restore.png
c:\users\Yoann\AppData\Roaming\337\337 Wallpaper\image\default\wallpaper_resource.xml
c:\users\Yoann\AppData\Roaming\337\337 Wallpaper\image\default\window.png
c:\users\Yoann\AppData\Roaming\337\337 Wallpaper\language\en_us\wallpaper_lang.ini
c:\users\Yoann\AppData\Roaming\337\337 Wallpaper\language\es_es\wallpaper_lang.ini
c:\users\Yoann\AppData\Roaming\337\337 Wallpaper\language\pt_br\wallpaper_lang.ini
c:\users\Yoann\AppData\Roaming\337\337 Wallpaper\language\tr_tr\wallpaper_lang.ini
c:\users\Yoann\AppData\Roaming\337\337 Wallpaper\language\zh_tw\wallpaper_lang.ini
c:\users\Yoann\AppData\Roaming\337\337 Wallpaper\layout\default\dp_appwnd.xml
c:\users\Yoann\AppData\Roaming\337\337 Wallpaper\layout\default\msgbox.xml
c:\users\Yoann\AppData\Roaming\337\337 Wallpaper\libpng.dll
c:\users\Yoann\AppData\Roaming\337\337 Wallpaper\main
c:\users\Yoann\AppData\Roaming\337\337 Wallpaper\msvcp100.dll
c:\users\Yoann\AppData\Roaming\337\337 Wallpaper\msvcr100.dll
c:\users\Yoann\AppData\Roaming\337\337 Wallpaper\ouilibnl.dll
c:\users\Yoann\AppData\Roaming\337\337 Wallpaper\plusapp.exe
c:\users\Yoann\AppData\Roaming\337\337 Wallpaper\style\wallpaper_style.xml
c:\users\Yoann\AppData\Roaming\337\337 Wallpaper\TrayDownloader.exe
c:\users\Yoann\AppData\Roaming\eorezo
c:\users\Yoann\AppData\Roaming\eorezo\EngineUninstallHelper.exe
c:\users\Yoann\AppData\Roaming\eoRezo\EoRezo\help_config.cyp
c:\users\Yoann\AppData\Roaming\eoRezo\EoRezo\user_config.cyp
c:\users\Yoann\AppData\Roaming\eoRezo\EoRezo\user_profil.cyp
c:\users\Yoann\AppData\Roaming\Mozilla\Firefox\Profiles\aoz7slaz.default-1411294620081\extensions\staged\w@fg.com
c:\users\Yoann\AppData\Roaming\Mozilla\Firefox\Profiles\aoz7slaz.default-1411294620081\extensions\staged\w@fg.com\bootstrap.js
c:\users\Yoann\AppData\Roaming\Mozilla\Firefox\Profiles\aoz7slaz.default-1411294620081\extensions\staged\w@fg.com\chrome.manifest
c:\users\Yoann\AppData\Roaming\Mozilla\Firefox\Profiles\aoz7slaz.default-1411294620081\extensions\staged\w@fg.com\content\bg.js
c:\users\Yoann\AppData\Roaming\Mozilla\Firefox\Profiles\aoz7slaz.default-1411294620081\extensions\staged\w@fg.com\install.rdf
c:\users\Yoann\AppData\Roaming\Mozilla\Firefox\Profiles\aoz7slaz.default-1411294620081\extensions\staged\yurGgHuq31@B.com
c:\users\Yoann\AppData\Roaming\Mozilla\Firefox\Profiles\aoz7slaz.default-1411294620081\extensions\staged\yurGgHuq31@B.com\bootstrap.js
c:\users\Yoann\AppData\Roaming\Mozilla\Firefox\Profiles\aoz7slaz.default-1411294620081\extensions\staged\yurGgHuq31@B.com\chrome.manifest
c:\users\Yoann\AppData\Roaming\Mozilla\Firefox\Profiles\aoz7slaz.default-1411294620081\extensions\staged\yurGgHuq31@B.com\content\bg.js
c:\users\Yoann\AppData\Roaming\Mozilla\Firefox\Profiles\aoz7slaz.default-1411294620081\extensions\staged\yurGgHuq31@B.com\install.rdf
c:\users\Yoann\AppData\Roaming\OfferBox
c:\users\Yoann\AppData\Roaming\OfferBox\config.dat
c:\users\Yoann\AppData\Roaming\OfferBox\config.xml
c:\users\Yoann\winrar_winrar_3.93_final_64_bits_francais_9632.exe
c:\windows\msdownld.tmp
c:\programdata\ma-config.com . . . . impossible à supprimer
c:\programdata\ma-config.com\Logs\maconfservice.txt . . . . impossible à supprimer
c:\programdata\ma-config.com\Logs\websocketpp.log . . . . impossible à supprimer
.
.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_savesenselive
-------\Service_Windows Internet Name Service
-------\Service_Crashhd
-------\Service_Crashhd
-------\Service_savesenselivem
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2015-10-01 au 2015-11-01 ))))))))))))))))))))))))))))))))))))
.
.
2015-11-01 11:33 . 2015-11-01 11:33 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-11-01 09:08 . 2015-11-01 09:08 -------- d-----w- c:\program files (x86)\Com NotificationV01.11
2015-11-01 09:04 . 2015-11-01 09:04 -------- d-----w- c:\users\Yoann\AppData\Local\87861940-1446372241-9920-05F2-705AB6EEB25B
2015-10-31 14:02 . 2015-10-31 14:02 -------- d-----w- c:\programdata\Convertor
2015-10-31 14:02 . 2015-10-31 14:02 -------- d-----w- c:\users\Yoann\AppData\Roaming\PlusN
2015-10-31 14:02 . 2015-10-31 14:02 -------- d-----w- c:\users\Yoann\AppData\Local\cu
2015-10-31 14:02 . 2015-10-31 14:02 -------- d-----w- c:\users\Yoann\AppData\Roaming\DocToPDFConverter
2015-10-31 13:18 . 2015-10-31 13:18 -------- d-----w- c:\users\Yoann\AppData\Roaming\Avira
2015-10-31 13:16 . 2015-10-07 15:38 74952 ----a-w- c:\windows\system32\drivers\avnetflt.sys
2015-10-31 13:16 . 2015-10-07 15:38 28600 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2015-10-31 13:16 . 2015-10-07 15:38 163544 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2015-10-31 13:16 . 2015-10-07 15:38 141416 ----a-w- c:\windows\system32\drivers\avipbb.sys
2015-10-31 13:16 . 2015-10-31 14:00 -------- d-----w- c:\program files (x86)\Avira
2015-10-31 13:16 . 2015-10-31 13:59 -------- d-----w- c:\programdata\Avira
2015-10-31 13:08 . 2015-10-31 13:08 -------- d-----w- c:\program files (x86)\WordWizard_1.10.0.24
2015-10-30 14:17 . 2015-10-30 14:17 -------- d-----w- c:\program files (x86)\NexusFont
2015-10-29 17:38 . 2015-10-29 23:25 -------- d-----w- c:\users\Yoann\AppData\Local\DailyWiki
2015-10-29 17:38 . 2015-10-29 23:25 -------- d-----w- c:\users\Yoann\AppData\Roaming\DailyWiki
2015-10-29 08:52 . 2015-10-29 08:52 -------- d-----w- c:\users\Yoann\AppData\Local\Opera Software
2015-10-29 08:52 . 2015-10-29 08:52 -------- d-----w- c:\users\Yoann\AppData\Roaming\Opera Software
2015-10-29 08:50 . 2015-10-29 09:09 -------- d-----w- c:\program files (x86)\Opera
2015-10-29 08:07 . 2015-10-29 08:07 -------- d-----w- c:\users\Yoann\AppData\Local\Software
2015-10-29 08:02 . 2015-10-29 08:02 -------- d-----w- c:\program files (x86)\Exploremedia
2015-10-29 08:00 . 2015-10-29 08:00 -------- d-----w- c:\users\Yoann\AppData\Local\MyBrowser
2015-10-29 07:58 . 2015-10-29 07:58 -------- d-----w- c:\program files (x86)\MyBrowser
2015-10-29 07:57 . 2015-10-29 07:57 -------- d-----w- c:\programdata\MovieDeaConfig
2015-10-29 07:25 . 2015-10-29 07:26 -------- d-----w- c:\users\Yoann\AppData\Roaming\shortCutStore
2015-10-28 21:56 . 2015-10-28 21:56 -------- d-----w- c:\users\Invité\AppData\Local\Crossbrowse
2015-10-28 21:56 . 2015-10-28 21:56 -------- d-----w- c:\users\HomeGroupUser$\AppData\Local\Crossbrowse
2015-10-28 21:56 . 2015-10-28 21:56 -------- d-----w- c:\users\Administrateur\AppData\Local\Crossbrowse
2015-10-28 21:52 . 2015-11-01 11:31 -------- d-----w- c:\program files (x86)\3b911e68-2d0e-4985-a013-57eb74619be8
2015-10-28 21:51 . 2015-11-01 09:24 -------- d-----w- c:\program files (x86)\CinePlus-1.44V28.10
2015-10-28 21:51 . 2015-10-31 10:13 -------- d-----w- c:\users\Yoann\AppData\Roaming\RunDir
2015-10-28 21:51 . 2015-10-28 21:51 -------- d-----w- c:\users\Yoann\AppData\Roaming\NetService
2015-10-28 20:59 . 2015-10-28 20:59 -------- d-----w- c:\program files (x86)\ccae07b4-f3dd-494f-a606-0f7795533295
2015-10-22 22:58 . 2015-11-01 11:16 -------- d-----w- c:\program files (x86)\113c0252-6cfc-4908-b443-ec1d143c80ca
2015-10-22 22:58 . 2015-11-01 09:24 -------- d-----w- c:\program files (x86)\MyBrowser 1.0.2V22.10
2015-10-22 22:57 . 2015-10-27 18:34 -------- d-----w- c:\users\Yoann\AppData\Local\87861940-1445561837-9920-05F2-705AB6EEB25B
2015-10-22 22:57 . 2015-10-22 22:57 -------- d-----w- c:\users\HomeGroupUser$\AppData\Local\MyBrowser
2015-10-22 22:57 . 2015-10-22 22:57 -------- d-----w- c:\users\Administrateur\AppData\Local\MyBrowser
2015-10-22 22:55 . 2015-11-01 11:31 -------- d-----w- c:\program files (x86)\87861940-1445554523-9920-05F2-705AB6EEB25B
2015-10-15 20:31 . 2015-09-18 19:19 700416 ----a-w- c:\windows\system32\invagent.dll
2015-10-15 20:31 . 2015-09-18 19:19 766464 ----a-w- c:\windows\system32\generaltel.dll
2015-10-15 20:31 . 2015-09-18 19:19 503808 ----a-w- c:\windows\system32\devinv.dll
2015-10-15 20:31 . 2015-09-18 19:19 1291264 ----a-w- c:\windows\system32\appraiser.dll
2015-10-15 20:31 . 2015-09-18 19:22 25432 ----a-w- c:\windows\system32\CompatTelRunner.exe
2015-10-15 20:31 . 2015-09-18 19:19 73216 ----a-w- c:\windows\system32\acmigration.dll
2015-10-15 20:31 . 2015-09-18 19:09 1163776 ----a-w- c:\windows\system32\aeinv.dll
2015-10-14 17:09 . 2015-09-29 03:10 315392 ----a-w- c:\windows\system32\msv1_0.dll
2015-10-14 17:08 . 2015-08-06 18:04 14176768 ----a-w- c:\windows\system32\shell32.dll
2015-10-14 17:08 . 2015-08-06 18:03 1866752 ----a-w- c:\windows\system32\ExplorerFrame.dll
2015-10-14 17:08 . 2015-09-01 18:14 503296 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\tiptsf.dll
2015-10-14 17:08 . 2015-09-01 18:14 1247232 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\tipskins.dll
2015-10-14 17:08 . 2015-09-01 18:14 110592 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\TipBand.dll
2015-10-14 17:08 . 2015-09-01 18:13 224768 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\TabTip.exe
2015-10-14 17:08 . 2015-09-01 17:52 348672 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\tiptsf.dll
2015-10-14 17:08 . 2015-09-01 17:52 10240 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\TabTip32.exe
2015-10-14 17:08 . 2015-09-01 18:12 544768 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\TipRes.dll
2015-10-10 08:36 . 2015-10-10 08:36 -------- d-----w- C:\OneDriveTemp
2015-10-04 15:30 . 2015-10-04 15:30 -------- d-----w- c:\users\Yoann\AppData\Local\WickedWitch
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-10-17 08:52 . 2012-05-10 15:50 780488 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-10-17 08:52 . 2011-05-16 12:36 142536 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-10-14 22:22 . 2010-10-23 20:30 143481208 ----a-w- c:\windows\system32\MRT.exe
2015-10-01 18:06 . 2015-10-14 17:09 692672 ----a-w- c:\windows\system32\winload.efi
2015-10-01 18:04 . 2015-10-14 17:09 616360 ----a-w- c:\windows\system32\winresume.efi
2015-09-29 03:11 . 2015-10-14 17:10 243712 ----a-w- c:\windows\system32\wow64.dll
2015-09-29 03:11 . 2015-10-14 17:10 215040 ----a-w- c:\windows\system32\winsrv.dll
2015-09-29 03:11 . 2015-10-14 17:09 362496 ----a-w- c:\windows\system32\wow64win.dll
2015-09-29 03:11 . 2015-10-14 17:09 13312 ----a-w- c:\windows\system32\wow64cpu.dll
2015-09-29 03:11 . 2015-10-14 17:09 210944 ----a-w- c:\windows\system32\wdigest.dll
2015-09-29 03:11 . 2015-10-14 17:09 86528 ----a-w- c:\windows\system32\TSpkg.dll
2015-09-29 03:05 . 2015-10-14 17:10 3936192 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2015-09-29 03:05 . 2015-10-14 17:10 3990976 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2015-09-29 03:02 . 2015-10-14 17:09 1311768 ----a-w- c:\windows\SysWow64\ntdll.dll
2015-09-29 02:59 . 2015-10-14 17:09 172032 ----a-w- c:\windows\SysWow64\wdigest.dll
2015-09-29 02:59 . 2015-10-14 17:09 65536 ----a-w- c:\windows\SysWow64\TSpkg.dll
2015-09-29 02:59 . 2015-10-14 17:09 43008 ----a-w- c:\windows\SysWow64\srclient.dll
2015-09-29 02:59 . 2015-10-14 17:09 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2015-09-29 02:59 . 2015-10-14 17:09 259584 ----a-w- c:\windows\SysWow64\msv1_0.dll
2015-09-29 02:59 . 2015-10-14 17:10 552960 ----a-w- c:\windows\SysWow64\kerberos.dll
2015-09-29 02:58 . 2015-10-14 17:09 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2015-09-29 02:58 . 2015-10-14 17:09 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2015-09-29 02:57 . 2015-10-14 17:09 665088 ----a-w- c:\windows\SysWow64\rpcrt4.dll
2015-09-29 02:57 . 2015-10-14 17:09 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2015-09-29 02:57 . 2015-10-14 17:09 274944 ----a-w- c:\windows\SysWow64\KernelBase.dll
2015-09-29 02:53 . 2015-10-14 17:09 60416 ----a-w- c:\windows\SysWow64\msobjs.dll
2015-09-29 02:53 . 2015-10-14 17:09 146432 ----a-w- c:\windows\SysWow64\msaudite.dll
2015-09-29 01:43 . 2015-10-14 17:09 7680 ----a-w- c:\windows\SysWow64\instnm.exe
2015-09-29 01:43 . 2015-10-14 17:09 2048 ----a-w- c:\windows\SysWow64\user.exe
2015-09-25 18:07 . 2015-10-14 17:08 98816 ----a-w- c:\windows\system32\wudriver.dll
2015-09-25 18:07 . 2015-10-14 17:08 37888 ----a-w- c:\windows\system32\wups2.dll
2015-09-25 18:07 . 2015-10-14 17:08 36864 ----a-w- c:\windows\system32\wups.dll
2015-09-25 18:07 . 2015-10-14 17:08 3168768 ----a-w- c:\windows\system32\wucltux.dll
2015-09-25 18:07 . 2015-10-14 17:08 2607104 ----a-w- c:\windows\system32\wuaueng.dll
2015-09-25 18:07 . 2015-10-14 17:08 192512 ----a-w- c:\windows\system32\wuwebv.dll
2015-09-25 18:07 . 2015-10-14 17:08 696320 ----a-w- c:\windows\system32\wuapi.dll
2015-09-25 18:06 . 2015-10-14 17:08 91136 ----a-w- c:\windows\system32\WinSetupUI.dll
2015-09-25 18:06 . 2015-10-14 17:08 12288 ----a-w- c:\windows\system32\wu.upgrade.ps.dll
2015-09-25 18:06 . 2015-10-14 17:08 37888 ----a-w- c:\windows\system32\wuapp.exe
2015-09-25 18:06 . 2015-10-14 17:08 140288 ----a-w- c:\windows\system32\wuauclt.exe
2015-09-25 17:59 . 2015-10-14 17:08 93696 ----a-w- c:\windows\SysWow64\wudriver.dll
2015-09-25 17:59 . 2015-10-14 17:08 566784 ----a-w- c:\windows\SysWow64\wuapi.dll
2015-09-25 17:59 . 2015-10-14 17:08 30208 ----a-w- c:\windows\SysWow64\wups.dll
2015-09-25 17:59 . 2015-10-14 17:08 174080 ----a-w- c:\windows\SysWow64\wuwebv.dll
2015-09-25 17:58 . 2015-10-14 17:08 35328 ----a-w- c:\windows\SysWow64\wuapp.exe
2015-09-16 04:21 . 2015-10-14 17:10 585728 ----a-w- c:\windows\system32\vbscript.dll
2015-09-16 03:45 . 2015-10-14 17:10 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb
2015-09-16 03:33 . 2015-10-14 17:10 504832 ----a-w- c:\windows\SysWow64\vbscript.dll
2015-09-16 03:33 . 2015-10-14 17:10 62464 ----a-w- c:\windows\SysWow64\iesetup.dll
2015-09-16 03:32 . 2015-10-14 17:10 47616 ----a-w- c:\windows\SysWow64\ieetwproxystub.dll
2015-09-16 03:32 . 2015-10-14 17:10 341504 ----a-w- c:\windows\SysWow64\html.iec
2015-09-16 03:31 . 2015-10-14 17:10 64000 ----a-w- c:\windows\SysWow64\MshtmlDac.dll
2015-09-16 03:31 . 2015-10-14 17:10 262144 ----a-w- c:\windows\system32\webcheck.dll
2015-09-16 03:23 . 2015-10-14 17:10 115712 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2015-09-16 03:22 . 2015-10-14 17:10 620032 ----a-w- c:\windows\SysWow64\jscript9diag.dll
2015-09-16 03:11 . 2015-10-14 17:10 2487808 ----a-w- c:\windows\system32\wininet.dll
2015-09-16 03:10 . 2015-10-14 17:10 60416 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2015-09-16 03:05 . 2015-10-14 17:10 4527616 ----a-w- c:\windows\SysWow64\jscript9.dll
2015-09-16 02:59 . 2015-10-14 17:10 1546752 ----a-w- c:\windows\system32\urlmon.dll
2015-09-16 02:55 . 2015-10-14 17:10 1155072 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2015-09-16 02:55 . 2015-10-14 17:10 2052608 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2015-09-16 02:37 . 2015-10-14 17:10 2011136 ----a-w- c:\windows\SysWow64\wininet.dll
2015-09-15 17:36 . 2015-10-14 17:09 248832 ----a-w- c:\windows\SysWow64\schannel.dll
2015-09-15 17:36 . 2015-10-14 17:09 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2015-09-15 17:36 . 2015-10-14 17:09 221184 ----a-w- c:\windows\SysWow64\ncrypt.dll
2015-09-15 17:35 . 2015-10-14 17:09 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2015-09-02 20:16 . 2015-09-02 20:16 57728 ----a-w- c:\windows\system32\drivers\wwfd_vw_1_10_0_24.sys
2015-09-02 20:16 . 2015-09-02 20:16 61312 ----a-w- c:\windows\system32\drivers\wwfd_vt_1_10_0_24.sys
2015-09-02 03:04 . 2015-09-09 08:27 41984 ----a-w- c:\windows\system32\lpk.dll
2015-09-02 03:04 . 2015-09-09 08:27 100864 ----a-w- c:\windows\system32\fontsub.dll
2015-09-02 03:04 . 2015-09-09 08:27 14336 ----a-w- c:\windows\system32\dciman32.dll
2015-09-02 03:04 . 2015-09-09 08:27 46080 ----a-w- c:\windows\system32\atmlib.dll
2015-09-02 02:48 . 2015-09-09 08:27 70656 ----a-w- c:\windows\SysWow64\fontsub.dll
2015-09-02 02:48 . 2015-09-09 08:27 10240 ----a-w- c:\windows\SysWow64\dciman32.dll
2015-09-02 02:48 . 2015-09-09 08:27 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2015-09-02 02:47 . 2015-09-09 08:27 25600 ----a-w- c:\windows\SysWow64\lpk.dll
2015-09-02 01:51 . 2015-09-09 08:27 3209216 ----a-w- c:\windows\system32\win32k.sys
2015-09-02 01:47 . 2015-09-09 08:27 372736 ----a-w- c:\windows\system32\atmfd.dll
2015-09-02 01:33 . 2015-09-09 08:27 299520 ----a-w- c:\windows\SysWow64\atmfd.dll
2015-08-27 18:18 . 2015-09-09 08:28 2004480 ----a-w- c:\windows\system32\msxml6.dll
2015-08-27 18:18 . 2015-09-09 08:28 1887232 ----a-w- c:\windows\system32\msxml3.dll
2015-08-27 18:13 . 2015-09-09 08:28 2048 ----a-w- c:\windows\system32\msxml6r.dll
2015-08-27 18:13 . 2015-09-09 08:28 2048 ----a-w- c:\windows\system32\msxml3r.dll
2015-08-27 17:58 . 2015-09-09 08:28 1391104 ----a-w- c:\windows\SysWow64\msxml6.dll
2015-08-27 17:58 . 2015-09-09 08:28 1241088 ----a-w- c:\windows\SysWow64\msxml3.dll
2015-08-27 17:51 . 2015-09-09 08:28 2048 ----a-w- c:\windows\SysWow64\msxml6r.dll
2015-08-27 17:51 . 2015-09-09 08:28 2048 ----a-w- c:\windows\SysWow64\msxml3r.dll
2015-08-06 17:44 . 2015-10-14 17:08 1498624 ----a-w- c:\windows\SysWow64\ExplorerFrame.dll
2015-08-05 17:56 . 2015-09-09 08:33 1110016 ----a-w- c:\windows\system32\schedsvc.dll
2015-08-05 17:56 . 2015-09-09 08:34 24576 ----a-w- c:\windows\system32\jnwmon.dll
2015-08-05 17:56 . 2015-09-09 08:34 275456 ----a-w- c:\windows\system32\InkEd.dll
2015-08-05 17:40 . 2015-09-09 08:34 216064 ----a-w- c:\windows\SysWow64\InkEd.dll
2015-08-04 06:28 . 2015-08-04 06:28 78432 ----a-w- c:\windows\system32\atimpc64.dll
2015-08-04 06:28 . 2015-08-04 06:28 78432 ----a-w- c:\windows\system32\amdpcom64.dll
2015-08-04 06:28 . 2015-08-04 06:28 71704 ----a-w- c:\windows\SysWow64\atimpc32.dll
2015-08-04 06:28 . 2015-08-04 06:28 71704 ----a-w- c:\windows\SysWow64\amdpcom32.dll
2015-08-04 06:28 . 2010-05-06 12:01 152056 ----a-w- c:\windows\system32\atiuxp64.dll
2015-08-04 06:28 . 2013-12-20 19:23 133016 ----a-w- c:\windows\SysWow64\atiuxpag.dll
2015-08-04 06:28 . 2013-12-20 19:23 120144 ----a-w- c:\windows\system32\atiu9p64.dll
2015-08-04 06:28 . 2015-08-04 06:28 102616 ----a-w- c:\windows\SysWow64\atiu9pag.dll
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive1]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2015-09-15 14:40 1587272 ----a-w- c:\users\Yoann\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive2]
@="{5AB7172C-9C11-405C-8DD5-AF20F3606282}"
[HKEY_CLASSES_ROOT\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}]
2015-09-15 14:40 1587272 ----a-w- c:\users\Yoann\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive3]
@="{A78ED123-AB77-406B-9962-2A5D9D2F7F30}"
[HKEY_CLASSES_ROOT\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}]
2015-09-15 14:40 1587272 ----a-w- c:\users\Yoann\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive4]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2015-09-15 14:40 1587272 ----a-w- c:\users\Yoann\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive5]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2015-09-15 14:40 1587272 ----a-w- c:\users\Yoann\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2010-04-17 05:55 120176 ----a-w- c:\program files (x86)\EgisTec MyWinLocker\x86\PSDProtect.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="c:\users\Yoann\AppData\Roaming\uTorrent\uTorrent.exe" [2015-10-08 1822048]
"Akamai NetSession Interface"="c:\users\Yoann\AppData\Local\Akamai\netsession_win.exe" [2015-09-10 4691384]
"Media Finder"="c:\program files (x86)\Media Finder\MF.exe" [2012-01-20 8481792]
"Steam"="c:\program files (x86)\Steam\Steam.exe" [2015-10-14 2901584]
"Badoo Desktop"="c:\programdata\Badoo\Badoo Desktop\1.6.58.1220\Badoo.Desktop.exe" [2012-12-24 1067232]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2014-03-04 3696912]
"EADM"="c:\program files (x86)\Origin\Origin.exe" [2015-10-29 3638256]
"Adobe Acrobat Synchronizer"="c:\program files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe" [2015-09-30 876216]
"GoogleChromeAutoLaunch_B64A9F903A9A080C6BBD09DB4E461494"="c:\program files (x86)\MyBrowser\MyBrowser\Application\mybrowser.exe" [2015-08-29 636928]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SuiteTray"="c:\program files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [2010-04-17 337264]
"EgisUpdate"="c:\program files (x86)\EgisTec IPS\EgisUpdate.exe" [2010-03-11 201584]
"EgisTecPMMUpdate"="c:\program files (x86)\EgisTec IPS\PmmUpdate.exe" [2010-03-11 407920]
"BackupManagerTray"="c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" [2010-03-08 260608]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2010-04-08 908368]
"SMSTray"="c:\program files (x86)\Samsung\EmoDio\SMSTray.exe" [2009-04-16 479232]
"EEventManager"="c:\program files (x86)\Epson Software\Event Manager\EEventManager.exe" [2010-10-12 979328]
"SweetIM"="c:\program files (x86)\SweetIM\Messenger\SweetIM.exe" [2012-05-29 115032]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2013-04-25 1075296]
"SDTray"="c:\program files (x86)\Spybot - Search & Destroy 2\SDTray.exe" [2013-07-25 5624784]
"DicterRu"="c:\program files (x86)\Dicter\Dicter.exe" [2012-07-11 3076608]
"Adobe Creative Cloud"="c:\program files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" [2015-09-17 2292912]
"FrameFox Shop"="c:\program files (x86)\FrameFox\framefox.exe" [2015-05-08 416256]
"Raptr"="c:\program files (x86)\Raptr\raptrstub.exe" [2015-10-01 56080]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2015-06-08 334896]
"StartCCC"="c:\program files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" [2015-08-04 767176]
"Acrobat Assistant 8.0"="c:\program files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe" [2015-09-30 1856184]
"avgnt"="c:\program files (x86)\Avira\Antivirus\avgnt.exe" [2015-10-07 782520]
"Avira SystrayStartTrigger"="c:\program files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe" [2015-10-14 66320]
.
c:\users\Yoann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.2.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2010-5-20 1195008]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0sdnclean64.exe
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
3;2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe;c:\program files (x86)\Nero\Update\NASvc.exe [x]
R1 swsedrvr_vt_1_10_0_25;swsedrvr_vt_1_10_0_25;c:\windows\system32\drivers\swsedrvr_vt_1_10_0_25.sys;c:\windows\SYSNATIVE\drivers\swsedrvr_vt_1_10_0_25.sys [x]
R2 AntiVirMailService;Avira Protection e-mail;c:\program files (x86)\Avira\Antivirus\avmailc7.exe;c:\program files (x86)\Avira\Antivirus\avmailc7.exe [x]
R2 AntiVirWebService;Avira Protection Web;c:\program files (x86)\Avira\Antivirus\avwebg7.exe;c:\program files (x86)\Avira\Antivirus\avwebg7.exe [x]
R2 Avira.ServiceHost;Avira Service Host;c:\program files (x86)\Avira\Launcher\Avira.ServiceHost.exe;c:\program files (x86)\Avira\Launcher\Avira.ServiceHost.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 dealplylive;Service DealPly Live (dealplylive);c:\program files (x86)\DealPlyLive\Update\DealPlyLive.exe;c:\program files (x86)\DealPlyLive\Update\DealPlyLive.exe [x]
R2 dqupdate;Duuqu Update Service (dqupdate);c:\program files (x86)\Duuqu\Update\DuuquUpdate.exe;c:\program files (x86)\Duuqu\Update\DuuquUpdate.exe [x]
R2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [x]
R2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [x]
R3 CnxtHdmiAudService;Conexant UAA HDMI Function Driver for High Definition Audio Service;c:\windows\system32\drivers\CHDMI64.sys;c:\windows\SYSNATIVE\drivers\CHDMI64.sys [x]
R3 dealplylivem;Service DealPly Live (dealplylivem);c:\program files (x86)\DealPlyLive\Update\DealPlyLive.exe;c:\program files (x86)\DealPlyLive\Update\DealPlyLive.exe [x]
R3 dqupdatem;Duuqu Update Service (dqupdatem);c:\program files (x86)\Duuqu\Update\DuuquUpdate.exe;c:\program files (x86)\Duuqu\Update\DuuquUpdate.exe [x]
R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
R3 FlexNet Licensing Service 64;FlexNet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe [x]
R3 globalUpdatem;globalUpdate Update Service (globalUpdatem);c:\program files (x86)\globalUpdate\Update\globalupdate.exe;c:\program files (x86)\globalUpdate\Update\globalupdate.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 ma-config_amd64;ma-config_amd64;c:\program files\ma-config.com\Drivers\ma-config_amd64.sys;c:\program files\ma-config.com\Drivers\ma-config_amd64.sys [x]
R3 mi-raysat_3dsmax2015_64;mental ray Satellite for Autodesk 3ds Max 2015 64-bit;c:\program files\Autodesk\3ds Max 2015\NVIDIA\Satellite\raysat_3dsmax2015_64server.exe;c:\program files\Autodesk\3ds Max 2015\NVIDIA\Satellite\raysat_3dsmax2015_64server.exe [x]
R3 MWLService;MyWinLocker Service;c:\program files (x86)\EgisTec MyWinLocker\x86\MWLService.exe;c:\program files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [x]
R3 nmwcdnsux64;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsux64.sys;c:\windows\SYSNATIVE\drivers\nmwcdnsux64.sys [x]
R3 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [x]
R3 Origin Client Service;Origin Client Service;c:\program files (x86)\Origin\OriginClientService.exe;c:\program files (x86)\Origin\OriginClientService.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 iaStorA;iaStorA;c:\windows\system32\DRIVERS\iaStorA.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorA.sys [x]
S0 iaStorF;iaStorF;c:\windows\system32\DRIVERS\iaStorF.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorF.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDFilter.sys [x]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDNServ.sys [x]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDVDisk.sys [x]
S1 wwfd_vt_1_10_0_24;wwfd_vt_1_10_0_24;c:\windows\system32\drivers\wwfd_vt_1_10_0_24.sys;c:\windows\SYSNATIVE\drivers\wwfd_vt_1_10_0_24.sys [x]
S2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;c:\program files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe;c:\program files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [x]
S2 AGSService;Adobe Genuine Software Integrity Service;c:\program files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe;c:\program files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AntiVirSchedulerService;Avira Planificateur;c:\program files (x86)\Avira\Antivirus\sched.exe;c:\program files (x86)\Avira\Antivirus\sched.exe [x]
S2 avnetflt;avnetflt;c:\windows\system32\DRIVERS\avnetflt.sys;c:\windows\SYSNATIVE\DRIVERS\avnetflt.sys [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 DicterUpdateService;Dicter Service;c:\program files (x86)\Dicter\DicterService.exe;c:\program files (x86)\Dicter\DicterService.exe [x]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe;c:\program files (x86)\Launch Manager\dsiwmis.exe [x]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [x]
S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe;c:\program files (x86)\Acer\Registration\GREGsvc.exe [x]
S2 hidekoqe;Normal Blind Carbon Copy;c:\users\Yoann\AppData\Local\87861940-1446372241-9920-05F2-705AB6EEB25B\qnscD8A4.tmp;c:\users\Yoann\AppData\Local\87861940-1446372241-9920-05F2-705AB6EEB25B\qnscD8A4.tmp [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 MaConfigAgent;Ma-Config Agent;c:\program files\ma-config.com\MaConfigAgent.exe;c:\program files\ma-config.com\MaConfigAgent.exe [x]
S2 MAJTuto;MAJTuto;c:\users\Yoann\AppData\Local\MAJTuto\MAJTuto.exe;c:\users\Yoann\AppData\Local\MAJTuto\MAJTuto.exe [x]
S2 NetTcpHandler;Net.Tcp Service Handler;c:\users\Yoann\AppData\Roaming\NetService\netservice.exe;c:\users\Yoann\AppData\Roaming\NetService\netservice.exe [x]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [x]
S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [x]
S2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [x]
S2 teruxuri;Division SIM Card;c:\program files (x86)\87861940-1445554523-9920-05F2-705AB6EEB25B\knsfBED6.tmpfs;c:\program files (x86)\87861940-1445554523-9920-05F2-705AB6EEB25B\knsfBED6.tmpfs [x]
S2 tor;Tor Win32 Service;c:\program files (x86)\Tor\tor.exe;c:\program files (x86)\Tor\tor.exe [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe;c:\program files\Acer\Acer Updater\UpdaterService.exe [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys;c:\windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x]
.
.
--- Autres Services/Pilotes en mémoire ---
.
*NewlyCreated* - AVNETFLT
*NewlyCreated* - WS2IFSL
.
Contenu du dossier 'Tâches planifiées'
.
2015-11-01 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-16 08:52]
.
2015-11-01 c:\windows\Tasks\DriverToolkit Autorun.job
- c:\program files (x86)\DriverToolkit\DriverToolkit.exe [2014-05-07 13:01]
.
2015-11-01 c:\windows\Tasks\DuuquUpdateTaskMachineCore.job
- c:\program files (x86)\Duuqu\Update\DuuquUpdate.exe [2014-01-23 17:35]
.
2015-11-01 c:\windows\Tasks\DuuquUpdateTaskMachineUA.job
- c:\program files (x86)\Duuqu\Update\DuuquUpdate.exe [2014-01-23 17:35]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco1]
@="{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}"
[HKEY_CLASSES_ROOT\CLSID\{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}]
2015-09-11 17:02 803488 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco2]
@="{853B7E05-C47D-4985-909A-D0DC5C6D7303}"
[HKEY_CLASSES_ROOT\CLSID\{853B7E05-C47D-4985-909A-D0DC5C6D7303}]
2015-09-11 17:02 803488 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco3]
@="{42D38F2E-98E9-4382-B546-E24E4D6D04BB}"
[HKEY_CLASSES_ROOT\CLSID\{42D38F2E-98E9-4382-B546-E24E4D6D04BB}]
2015-09-11 17:02 803488 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive1]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2015-09-15 14:41 1638992 ----a-w- c:\users\Yoann\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64\FileSyncShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive2]
@="{5AB7172C-9C11-405C-8DD5-AF20F3606282}"
[HKEY_CLASSES_ROOT\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}]
2015-09-15 14:41 1638992 ----a-w- c:\users\Yoann\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64\FileSyncShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive3]
@="{A78ED123-AB77-406B-9962-2A5D9D2F7F30}"
[HKEY_CLASSES_ROOT\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}]
2015-09-15 14:41 1638992 ----a-w- c:\users\Yoann\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64\FileSyncShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive4]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2015-09-15 14:41 1638992 ----a-w- c:\users\Yoann\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64\FileSyncShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive5]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2015-09-15 14:41 1638992 ----a-w- c:\users\Yoann\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64\FileSyncShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2010-04-17 05:58 137584 ----a-w- c:\program files (x86)\EgisTec MyWinLocker\x64\PSDProtect.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-12-29 9913376]
"mwlDaemon"="c:\program files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe" [2010-04-17 349552]
"Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2010-04-23 861216]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2015-09-04 508104]
"IAStorIcon"="c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" [2013-11-21 36352]
.
------- Examen supplémentaire -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = https://safesearch.avira.com/#web/result?source=art&q=
uDefault_Search_URL = https://safesearch.avira.com/#web/result?source=art&q=
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Bar = https://fr.yahoo.com?fr=hp-avast&type=avastbcl
mStart Page = https://safesearch.avira.com/#web/result?source=art&q=
mDefault_Page_URL = https://safesearch.avira.com/#web/result?source=art&q=
mDefault_Search_URL = https://safesearch.avira.com/#web/result?source=art&q=
mSearch Page = https://safesearch.avira.com/#web/result?source=art&q=
uInternet Settings,ProxyOverride =
IE: &Ajouter la cible du lien à un fichier PDF existant - c:\program files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll/AcroIEAppendSelLinks.html
IE: ACA Capture: Capture all Flash... - c:\program files (x86)\ACASystems\ACACapturePro\add-ons\ie-flash-all.htm
IE: ACA Capture: Capture all images... - c:\program files (x86)\ACASystems\ACACapturePro\add-ons\ie-image-all.htm
IE: ACA Capture: Capture current image... - c:\program files (x86)\ACASystems\ACACapturePro\add-ons\ie-image.htm
IE: ACA Capture: Capture webpage contents to image... - c:\program files (x86)\ACASystems\ACACapturePro\add-ons\ie-webpage-to-image.htm
IE: Ajouter la page Web à un fichier PDF existant - c:\program files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll/AcroIEAppend.html
IE: Convertir la cible du lien au format Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll/AcroIECaptureSelLinks.html
IE: Convertir la page &Web au format Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll/AcroIECapture.html
IE: Download with &Media Finder - c:\program files (x86)\Media Finder\hook.html
TCP: DhcpNameServer = 192.168.1.254
TCP: Interfaces\{770050FE-083B-4373-BC6B-CD8B34CC01AC}: NameServer = 192.168.1.20
FF - ProfilePath - c:\users\Yoann\AppData\Roaming\Mozilla\Firefox\Profiles\19em6sk2.default-1376254894454\
FF - prefs.js: browser.search.defaulturl - hxxps://www.google.com/search/?trackid=sp-006
FF - prefs.js: browser.search.selectedEngine - Google (avast)
FF - prefs.js: browser.startup.homepage - www.tohotweb.com?oem=sunadfrv3&uid=WD-WXS1E10RCL13_WDCWD3200BEVT-22ZCT0&tm=1446103426
FF - prefs.js: keyword.URL - hxxps://www.google.com/search/?trackid=sp-006
user_pref(extensions.shownSelectionUI,true);
user_pref(extensions.autoDisableScopes,0);
user_pref(security.mixed_content.block_active_content,false);
user_pref(security.mixed_content.block_display_content,false);
user_pref(security.warn_viewing_mixed,false);
user_pref(app.update.auto,false);
user_pref(app.update.enabled,false);
user_pref(app.update.mode,0);
user_pref(app.update.silent,true);
.
- - - - ORPHELINS SUPPRIMES - - - -
.
URLSearchHooks-{09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - (no file)
BHO-{0f21b1e5-5afc-43c9-9c66-515046e92ec2} - (no file)
BHO-{11111111-1111-1111-1111-110311341138} - (no file)
BHO-{23AF19F7-1D5B-442c-B14C-3D1081953C94} - (no file)
BHO-{4A312F06-8FF8-1DCC-4225-097EB5379759} - (no file)
BHO-{58124A0B-DC32-4180-9BFF-E0E21AE34026} - (no file)
BHO-{AA74D58F-ACD0-450D-A85E-6C04B171C044} - (no file)
BHO-{ae48ed75-5a56-4c5f-bbce-6f1ac3875f66} - (no file)
BHO-{b8635db9-2694-4837-be3d-4ed3bea8a8ee} - (no file)
BHO-{C0924543-15FD-4F3D-889C-0B4562A9CB45} - (no file)
BHO-{C1AF5FA5-852C-4C90-812E-A7F75E011D87} - (no file)
Toolbar-Locked - (no file)
Toolbar-10 - (no file)
Toolbar-{CDB982ED-F9D6-4E3B-B94B-96F705D35AD1} - (no file)
Toolbar-{977AE9CC-AF83-45E8-9E03-E2798216E2D5} - (no file)
Toolbar-{82E1477C-B154-48D3-9891-33D83C26BCD3} - (no file)
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
Wow6432Node-HKCU-Run-Apps Hat - c:\users\Yoann\AppData\Local\WebPlayer\AppsHat\WebPlayer.exe
Wow6432Node-HKCU-Run-CrashService - c:\users\Yoann\AppData\Local\BoBrowser\Application\crash_service.exe
Wow6432Node-HKLM-Run-NortonOnlineBackupReminder - c:\program files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe
Wow6432Node-HKLM-Run-combroadcaster - (no file)
Wow6432Node-HKLM-Run-mbot_fr_18 - (no file)
Wow6432Node-HKLM-Run- - (no file)
Wow6432Node-HKLM-Run-dply_en_015020123 - (no file)
Wow6432Node-HKLM-Run-rec_en_77 - (no file)
Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exe
Notify-SDWinLogon - SDWinLogon.dll
BHO-{4A312F06-8FF8-1DCC-4225-097EB5379759} - (no file)
BHO-{AD4DF010-E2FD-43CE-864A-6BD1EDC59AC2} - (no file)
Toolbar-Locked - (no file)
Toolbar-10 - (no file)
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
HKLM-Run-3D BubbleSound - c:\program files\BubbleSound\3D BubbleSound.exe
HKLM-Run-SpaceSoundPro - c:\program files\SpaceSoundPro\SpaceSoundPro.exe
AddRemove-{75F9BF4A-AF67-A478-A37B-31D73186D3F3} - c:\program files (x86)\PricELeeSs\P6EqKQwZeVtjet.exe
AddRemove-{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96} - c:\users\Yoann\AppData\Local\15118\Updater.exe
AddRemove-DarthMod Ultimate Commander Edition - c:\program files (x86)\Steam\SteamApps\common\Empire Total War\Uninstall_DMUC.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\hidekoqe]
"ImagePath"="c:\users\Yoann\AppData\Local\87861940-1446372241-9920-05F2-705AB6EEB25B\qnscD8A4.tmp"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\teruxuri]
"ImagePath"="c:\program files (x86)\87861940-1445554523-9920-05F2-705AB6EEB25B\knsfBED6.tmpfs"
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_USERS\S-1-5-21-3373858058-1112040613-1628989597-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-3373858058-1112040613-1628989597-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*i*n*i*” r_\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-3373858058-1112040613-1628989597-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_USERS\S-1-5-21-3373858058-1112040613-1628989597-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-3373858058-1112040613-1628989597-1000\Software\SecuROM\License information*]
"datasecu"=hex:5b,fb,bb,63,16,62,2f,61,fa,cd,cd,48,3b,f6,34,12,f3,11,ad,a7,d0,
ac,ae,c3,a1,78,4f,0a,46,63,4b,44,b1,c7,be,71,34,27,54,96,25,09,d4,52,18,71,\
"rkeysecu"=hex:cd,b8,c1,7a,45,b3,ee,dc,a3,4e,3b,dc,2e,49,b7,5a
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_19_0_0_226_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_19_0_0_226_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_19_0_0_226_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_19_0_0_226_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_19_0_0_226.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.19"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_19_0_0_226.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_19_0_0_226.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_19_0_0_226.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Autres processus actifs ------------------------
.
c:\program files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Avira\Antivirus\avguard.exe
c:\program files (x86)\WordWizard_1.10.0.24\Update\WordwizardAutoUpdateClient.exe
c:\program files (x86)\WordWizard_1.10.0.24\Update\WordwizardAutoUpdateClient.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
c:\program files (x86)\Avira\Launcher\Avira.Systray.exe
c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
c:\progra~2\Raptr\raptr.exe
c:\program files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
c:\progra~2\Raptr\raptr_im.exe
c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
c:\program files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\CCLibrary.exe
c:\program files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\libs\node.exe
.
**************************************************************************
.
Heure de fin: 2015-11-01 13:00:08 - La machine a redémarré
ComboFix-quarantined-files.txt 2015-11-01 12:00
.
Avant-CF: 10 291 642 368 octets libres
Après-CF: 10 803 417 088 octets libres
.
- - End Of File - - 3FE379AE6D52EDD4905D150DC7BCE33C
A36C5E4F47E84449FF07ED3517B43A31

Publicité


Signaler le contenu de ce document

Publicité