Publicité
Publicité
Format du document : text/plain
Prévisualisation
ComboFix 17-10-04.01 - CYRIL 10/10/2017 0:19.1.4 - x64
Microsoft Windows 7 Édition Intégrale 6.1.7601.1.1252.33.1036.18.4077.2375 [GMT 2:00]
Lancé depuis: c:\users\CYRIL\Desktop\ComboFix.exe
AV: Malwarebytes *Disabled/Updated* {23007AD3-69FE-687C-2629-D584AFFAF72B}
SP: Malwarebytes *Disabled/Updated* {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\dir
c:\users\CYRIL\ZHPDiag3.exe
c:\windows\wininit.ini
H:\Autorun.inf
H:\install.exe
H:\Setup.exe
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2017-09-09 au 2017-10-09 ))))))))))))))))))))))))))))))))))))
.
.
2017-10-09 22:27 . 2017-10-09 22:27 -------- d-----w- c:\users\NeroMediaHomeUser.4\AppData\Local\temp
2017-10-07 13:30 . 2017-10-08 14:23 -------- d-----w- C:\FRST
2017-10-05 17:05 . 2017-10-05 18:43 -------- d-----w- c:\users\CYRIL\AppData\Roaming\ZHP
2017-10-05 17:05 . 2017-10-05 18:16 -------- d-----w- c:\users\CYRIL\AppData\Local\ZHP
2017-10-02 17:52 . 2017-10-07 17:39 77440 ----a-w- c:\windows\system32\drivers\mbae64.sys
2017-10-02 17:45 . 2017-10-02 17:45 -------- d-----w- c:\program files\Common Files\AV
2017-10-02 17:27 . 2013-09-20 08:49 21040 ----a-w- c:\windows\system32\sdnclean64.exe
2017-09-19 17:12 . 2017-09-19 17:12 -------- d-----w- c:\program files (x86)\Index Education
2017-09-16 01:51 . 2017-09-16 01:52 -------- d-----w- c:\windows\rescache
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2017-09-13 11:48 . 2013-09-21 11:01 803328 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2017-09-13 11:48 . 2013-09-21 11:01 144896 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2017-08-11 06:19 . 2017-09-13 11:56 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2017-07-29 14:56 . 2017-08-25 17:53 117248 ----a-w- c:\windows\system32\drivers\tdx.sys
2017-07-21 14:26 . 2017-08-25 17:53 282624 ----a-w- c:\windows\SysWow64\mstext40.dll
2017-07-21 14:26 . 2017-08-25 17:53 518144 ----a-w- c:\windows\SysWow64\msjetoledb40.dll
2017-07-21 14:26 . 2017-08-25 17:53 290816 ----a-w- c:\windows\SysWow64\msjtes40.dll
2017-07-21 14:26 . 2017-08-25 17:53 409600 ----a-w- c:\windows\SysWow64\msexch40.dll
2017-07-14 15:29 . 2017-08-25 17:53 486400 ----a-w- c:\windows\system32\wer.dll
2017-07-14 15:29 . 2017-08-25 17:53 34304 ----a-w- c:\windows\system32\werdiagcontroller.dll
2017-07-14 15:29 . 2017-08-25 17:53 2319872 ----a-w- c:\windows\system32\tquery.dll
2017-07-14 15:29 . 2017-08-25 17:53 2058240 ----a-w- c:\windows\system32\Query.dll
2017-07-14 15:29 . 2017-08-25 17:53 778240 ----a-w- c:\windows\system32\mssvp.dll
2017-07-14 15:29 . 2017-08-25 17:53 2222080 ----a-w- c:\windows\system32\mssrch.dll
2017-07-14 15:29 . 2017-08-25 17:53 491520 ----a-w- c:\windows\system32\mssph.dll
2017-07-14 15:29 . 2017-08-25 17:53 99840 ----a-w- c:\windows\system32\mssprxy.dll
2017-07-14 15:29 . 2017-08-25 17:53 288256 ----a-w- c:\windows\system32\mssphtb.dll
2017-07-14 15:29 . 2017-08-25 17:53 115200 ----a-w- c:\windows\system32\mssitlb.dll
2017-07-14 15:29 . 2017-08-25 17:53 75264 ----a-w- c:\windows\system32\msscntrs.dll
2017-07-14 15:29 . 2017-08-25 17:53 14336 ----a-w- c:\windows\system32\msshooks.dll
2017-07-14 15:12 . 2017-08-25 17:53 591872 ----a-w- c:\windows\system32\SearchIndexer.exe
2017-07-14 15:12 . 2017-08-25 17:53 249856 ----a-w- c:\windows\system32\SearchProtocolHost.exe
2017-07-14 15:11 . 2017-08-25 17:53 113664 ----a-w- c:\windows\system32\SearchFilterHost.exe
2017-07-14 15:10 . 2017-08-25 17:53 382976 ----a-w- c:\windows\SysWow64\wer.dll
2017-07-14 15:10 . 2017-08-25 17:53 1549824 ----a-w- c:\windows\SysWow64\tquery.dll
2017-07-14 15:10 . 2017-08-25 17:53 1363968 ----a-w- c:\windows\SysWow64\Query.dll
2017-07-14 15:10 . 2017-08-25 17:53 1400320 ----a-w- c:\windows\SysWow64\mssrch.dll
2017-07-14 15:10 . 2017-08-25 17:53 666624 ----a-w- c:\windows\SysWow64\mssvp.dll
2017-07-14 15:10 . 2017-08-25 17:53 337408 ----a-w- c:\windows\SysWow64\mssph.dll
2017-07-14 15:10 . 2017-08-25 17:53 197120 ----a-w- c:\windows\SysWow64\mssphtb.dll
2017-07-14 15:10 . 2017-08-25 17:53 104448 ----a-w- c:\windows\SysWow64\mssitlb.dll
2017-07-14 15:10 . 2017-08-25 17:53 59392 ----a-w- c:\windows\SysWow64\msscntrs.dll
2017-07-14 15:10 . 2017-08-25 17:53 34816 ----a-w- c:\windows\SysWow64\mssprxy.dll
2017-07-14 15:00 . 2017-08-25 17:53 427520 ----a-w- c:\windows\SysWow64\SearchIndexer.exe
2017-07-14 15:00 . 2017-08-25 17:53 164352 ----a-w- c:\windows\SysWow64\SearchProtocolHost.exe
2017-07-14 14:59 . 2017-08-25 17:53 86528 ----a-w- c:\windows\SysWow64\SearchFilterHost.exe
2017-07-14 14:59 . 2017-08-25 17:53 9728 ----a-w- c:\windows\SysWow64\msshooks.dll
2017-07-14 14:57 . 2017-08-25 17:53 50688 ----a-w- c:\windows\system32\wermgr.exe
2017-07-14 14:50 . 2017-08-25 17:53 54272 ----a-w- c:\windows\SysWow64\wermgr.exe
2017-07-14 14:50 . 2017-08-25 17:53 28672 ----a-w- c:\windows\SysWow64\werdiagcontroller.dll
2014-03-07 09:03 3109520 --sha-r- c:\windows\SysWOW64\avcodec-lav-55.dll
2014-03-07 09:03 98960 --sha-r- c:\windows\SysWOW64\avfilter-lav-4.dll
2014-03-07 09:03 550032 --sha-r- c:\windows\SysWOW64\avformat-lav-55.dll
2009-09-27 08:39 415744 --sh--w- c:\windows\SysWOW64\avisynth.dll
2014-03-07 09:03 59536 --sha-r- c:\windows\SysWOW64\avresample-lav-1.dll
2005-07-14 11:31 32256 --sh--w- c:\windows\SysWOW64\AVSredirect.dll
2014-03-07 09:03 181392 --sha-r- c:\windows\SysWOW64\avutil-lav-52.dll
2004-02-22 09:11 764416 --sh--w- c:\windows\SysWOW64\devil.dll
2014-03-07 09:03 122512 --sha-r- c:\windows\SysWOW64\HLaudio.dll
2014-03-07 09:03 203408 --sha-r- c:\windows\SysWOW64\HLsplit.dll
2014-03-07 09:03 313520 --sha-r- c:\windows\SysWOW64\HLvideo.dll
2004-01-24 23:00 70656 --sh--w- c:\windows\SysWOW64\i420vfw.dll
2014-03-07 09:03 166544 --sha-r- c:\windows\SysWOW64\IntelQuickSyncDecoder.dll
2014-03-07 09:03 109712 --sha-r- c:\windows\SysWOW64\libbluray.dll
2011-02-11 08:26 112128 --sha-r- c:\windows\SysWOW64\OptimFROG.dll
2014-03-07 09:03 118416 --sha-r- c:\windows\SysWOW64\swscale-lav-2.dll
2010-01-06 22:00 107520 --sha-r- c:\windows\SysWOW64\TAKDSDecoder.dll
2012-10-05 17:54 188416 --sha-r- c:\windows\SysWOW64\winDCE32.dll
2004-01-24 23:00 70656 --sh--w- c:\windows\SysWOW64\yv12vfw.dll
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt01]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2017-05-01 14:39 230728 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.16.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt02]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2017-05-01 14:39 230728 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.16.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt03]
@="{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}]
2017-05-01 14:39 230728 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.16.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt04]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2017-05-01 14:39 230728 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.16.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt05]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2017-05-01 14:39 230728 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.16.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt06]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2017-05-01 14:39 230728 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.16.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt07]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2017-05-01 14:39 230728 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.16.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt08]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2017-05-01 14:39 230728 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.16.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt09]
@="{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}]
2017-05-01 14:39 230728 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.16.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt10]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2017-05-01 14:39 230728 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.16.0.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"DAEMON Tools Lite"="d:\utilitaires\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
"HydraVisionDesktopManager"="c:\program files (x86)\ATI Technologies\HydraVision\HydraDM.exe" [2011-10-12 393216]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2015-12-08 8590760]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ASUS AiChargerPlus Execute"="c:\program files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe" [2010-11-08 465536]
"ASUSWebStorage"="c:\program files (x86)\ASUS\ASUS WebStorage\3.0.94.193\AsusWSPanel.exe" [2011-04-11 734544]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" [2013-10-25 766208]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2016-06-22 598552]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux9"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean64.exe
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MBAMService;Malwarebytes Service;d:\utilitaires\Anti-Malware\mbamservice.exe;d:\utilitaires\Anti-Malware\mbamservice.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RTTEAMPT;Realtek Teaming Protocol Driver (NDIS 6.2);c:\windows\system32\DRIVERS\RtTeam60.sys;c:\windows\SYSNATIVE\DRIVERS\RtTeam60.sys [x]
R3 RTVLANPT;Realtek Vlan Protocol Driver (NDIS 6.2);c:\windows\system32\DRIVERS\RtVlan60.sys;c:\windows\SYSNATIVE\DRIVERS\RtVlan60.sys [x]
R3 TEAM;Realtek Virtual Miniport Driver for Teaming (NDIS 6.2);c:\windows\system32\DRIVERS\RtTeam60.sys;c:\windows\SYSNATIVE\DRIVERS\RtTeam60.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 VLAN;Realtek Virtual Miniport Driver for VLAN (NDIS 6.2);c:\windows\system32\DRIVERS\RtVLAN60.sys;c:\windows\SYSNATIVE\DRIVERS\RtVLAN60.sys [x]
R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 AiChargerPlus;ASUS Charger Plus Driver;c:\windows\system32\DRIVERS\AiChargerPlus.sys;c:\windows\SYSNATIVE\DRIVERS\AiChargerPlus.sys [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys;c:\windows\SYSNATIVE\Drivers\sptd.sys [x]
S1 AsUpIO;AsUpIO;SysWow64\drivers\AsUpIO.sys;SysWow64\drivers\AsUpIO.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 asComSvc;ASUS Com Service;c:\program files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe;c:\program files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe [x]
S2 asHmComSvc;ASUS HM Com Service;c:\program files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe;c:\program files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe [x]
S2 AsSysCtrlService;ASUS System Control Service;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [x]
S2 DbxSvc;DbxSvc;c:\windows\system32\DbxSvc.exe;c:\windows\SYSNATIVE\DbxSvc.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 MajIndexEducationService;Mise à jour automatique - Index Education;c:\program files (x86)\Index Education\Mise a jour automatique\ServiceMiseAJourIndex.exe;c:\program files (x86)\Index Education\Mise a jour automatique\ServiceMiseAJourIndex.exe [x]
S2 RtNdPt60;Realtek NDIS Protocol Driver;c:\windows\system32\DRIVERS\RtNdPt60.sys;c:\windows\SYSNATIVE\DRIVERS\RtNdPt60.sys [x]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys;c:\windows\SYSNATIVE\DRIVERS\asmthub3.sys [x]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys;c:\windows\SYSNATIVE\DRIVERS\asmtxhci.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 BCMH43XX;Broadcom 802.11 USB Network Adapter Driver;c:\windows\system32\DRIVERS\bcmwlhigh664.sys;c:\windows\SYSNATIVE\DRIVERS\bcmwlhigh664.sys [x]
S3 ICCWDT;Intel(R) Watchdog Timer Driver (Intel(R) WDT);c:\windows\system32\DRIVERS\ICCWDT.sys;c:\windows\SYSNATIVE\DRIVERS\ICCWDT.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr QWAVE wcncsvc
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt01]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2017-05-01 14:39 278344 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.16.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt02]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2017-05-01 14:39 278344 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.16.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt03]
@="{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}]
2017-05-01 14:39 278344 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.16.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt04]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2017-05-01 14:39 278344 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.16.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt05]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2017-05-01 14:39 278344 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.16.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt06]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2017-05-01 14:39 278344 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.16.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt07]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2017-05-01 14:39 278344 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.16.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt08]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2017-05-01 14:39 278344 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.16.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt09]
@="{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}]
2017-05-01 14:39 278344 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.16.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt10]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2017-05-01 14:39 278344 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.16.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2011-04-11 03:35 220160 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.94.193\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2011-04-11 03:35 220160 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.94.193\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-06-28 11905128]
.
------- Examen supplémentaire -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com/
mStart Page = www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 89.2.0.1 89.2.0.2
.
- - - - ORPHELINS SUPPRIMES - - - -
.
Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
HKLM_Wow6432Node-ActiveSetup-{8A69D345-D564-463c-AFF1-A69D9E530F96} - c:\program files (x86)\Google\Chrome\Application\57.0.2987.133\Installer\chrmstp.exe
AddRemove-Turbopoker.fr - c:\users\CYRIL\AppData\Local\Turbopoker\internalLogicielTurboPokerUninstall1411646745896_cb5c2f_fr.exe
.
.
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_USERS\S-1-5-21-1259235147-3347209182-4082495589-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_27_0_0_130_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_27_0_0_130_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_27_0_0_130_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_27_0_0_130_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_27_0_0_130.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.27"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_27_0_0_130.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_27_0_0_130.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_27_0_0_130.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Heure de fin: 2017-10-10 00:30:41
ComboFix-quarantined-files.txt 2017-10-09 22:30
.
Avant-CF: 4 715 962 368 octets libres
Après-CF: 4 554 264 576 octets libres
.
- - End Of File - - 800251CB588F17F00BACB41F6A40106B
A36C5E4F47E84449FF07ED3517B43A31
Microsoft Windows 7 Édition Intégrale 6.1.7601.1.1252.33.1036.18.4077.2375 [GMT 2:00]
Lancé depuis: c:\users\CYRIL\Desktop\ComboFix.exe
AV: Malwarebytes *Disabled/Updated* {23007AD3-69FE-687C-2629-D584AFFAF72B}
SP: Malwarebytes *Disabled/Updated* {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\dir
c:\users\CYRIL\ZHPDiag3.exe
c:\windows\wininit.ini
H:\Autorun.inf
H:\install.exe
H:\Setup.exe
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2017-09-09 au 2017-10-09 ))))))))))))))))))))))))))))))))))))
.
.
2017-10-09 22:27 . 2017-10-09 22:27 -------- d-----w- c:\users\NeroMediaHomeUser.4\AppData\Local\temp
2017-10-07 13:30 . 2017-10-08 14:23 -------- d-----w- C:\FRST
2017-10-05 17:05 . 2017-10-05 18:43 -------- d-----w- c:\users\CYRIL\AppData\Roaming\ZHP
2017-10-05 17:05 . 2017-10-05 18:16 -------- d-----w- c:\users\CYRIL\AppData\Local\ZHP
2017-10-02 17:52 . 2017-10-07 17:39 77440 ----a-w- c:\windows\system32\drivers\mbae64.sys
2017-10-02 17:45 . 2017-10-02 17:45 -------- d-----w- c:\program files\Common Files\AV
2017-10-02 17:27 . 2013-09-20 08:49 21040 ----a-w- c:\windows\system32\sdnclean64.exe
2017-09-19 17:12 . 2017-09-19 17:12 -------- d-----w- c:\program files (x86)\Index Education
2017-09-16 01:51 . 2017-09-16 01:52 -------- d-----w- c:\windows\rescache
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2017-09-13 11:48 . 2013-09-21 11:01 803328 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2017-09-13 11:48 . 2013-09-21 11:01 144896 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2017-08-11 06:19 . 2017-09-13 11:56 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2017-07-29 14:56 . 2017-08-25 17:53 117248 ----a-w- c:\windows\system32\drivers\tdx.sys
2017-07-21 14:26 . 2017-08-25 17:53 282624 ----a-w- c:\windows\SysWow64\mstext40.dll
2017-07-21 14:26 . 2017-08-25 17:53 518144 ----a-w- c:\windows\SysWow64\msjetoledb40.dll
2017-07-21 14:26 . 2017-08-25 17:53 290816 ----a-w- c:\windows\SysWow64\msjtes40.dll
2017-07-21 14:26 . 2017-08-25 17:53 409600 ----a-w- c:\windows\SysWow64\msexch40.dll
2017-07-14 15:29 . 2017-08-25 17:53 486400 ----a-w- c:\windows\system32\wer.dll
2017-07-14 15:29 . 2017-08-25 17:53 34304 ----a-w- c:\windows\system32\werdiagcontroller.dll
2017-07-14 15:29 . 2017-08-25 17:53 2319872 ----a-w- c:\windows\system32\tquery.dll
2017-07-14 15:29 . 2017-08-25 17:53 2058240 ----a-w- c:\windows\system32\Query.dll
2017-07-14 15:29 . 2017-08-25 17:53 778240 ----a-w- c:\windows\system32\mssvp.dll
2017-07-14 15:29 . 2017-08-25 17:53 2222080 ----a-w- c:\windows\system32\mssrch.dll
2017-07-14 15:29 . 2017-08-25 17:53 491520 ----a-w- c:\windows\system32\mssph.dll
2017-07-14 15:29 . 2017-08-25 17:53 99840 ----a-w- c:\windows\system32\mssprxy.dll
2017-07-14 15:29 . 2017-08-25 17:53 288256 ----a-w- c:\windows\system32\mssphtb.dll
2017-07-14 15:29 . 2017-08-25 17:53 115200 ----a-w- c:\windows\system32\mssitlb.dll
2017-07-14 15:29 . 2017-08-25 17:53 75264 ----a-w- c:\windows\system32\msscntrs.dll
2017-07-14 15:29 . 2017-08-25 17:53 14336 ----a-w- c:\windows\system32\msshooks.dll
2017-07-14 15:12 . 2017-08-25 17:53 591872 ----a-w- c:\windows\system32\SearchIndexer.exe
2017-07-14 15:12 . 2017-08-25 17:53 249856 ----a-w- c:\windows\system32\SearchProtocolHost.exe
2017-07-14 15:11 . 2017-08-25 17:53 113664 ----a-w- c:\windows\system32\SearchFilterHost.exe
2017-07-14 15:10 . 2017-08-25 17:53 382976 ----a-w- c:\windows\SysWow64\wer.dll
2017-07-14 15:10 . 2017-08-25 17:53 1549824 ----a-w- c:\windows\SysWow64\tquery.dll
2017-07-14 15:10 . 2017-08-25 17:53 1363968 ----a-w- c:\windows\SysWow64\Query.dll
2017-07-14 15:10 . 2017-08-25 17:53 1400320 ----a-w- c:\windows\SysWow64\mssrch.dll
2017-07-14 15:10 . 2017-08-25 17:53 666624 ----a-w- c:\windows\SysWow64\mssvp.dll
2017-07-14 15:10 . 2017-08-25 17:53 337408 ----a-w- c:\windows\SysWow64\mssph.dll
2017-07-14 15:10 . 2017-08-25 17:53 197120 ----a-w- c:\windows\SysWow64\mssphtb.dll
2017-07-14 15:10 . 2017-08-25 17:53 104448 ----a-w- c:\windows\SysWow64\mssitlb.dll
2017-07-14 15:10 . 2017-08-25 17:53 59392 ----a-w- c:\windows\SysWow64\msscntrs.dll
2017-07-14 15:10 . 2017-08-25 17:53 34816 ----a-w- c:\windows\SysWow64\mssprxy.dll
2017-07-14 15:00 . 2017-08-25 17:53 427520 ----a-w- c:\windows\SysWow64\SearchIndexer.exe
2017-07-14 15:00 . 2017-08-25 17:53 164352 ----a-w- c:\windows\SysWow64\SearchProtocolHost.exe
2017-07-14 14:59 . 2017-08-25 17:53 86528 ----a-w- c:\windows\SysWow64\SearchFilterHost.exe
2017-07-14 14:59 . 2017-08-25 17:53 9728 ----a-w- c:\windows\SysWow64\msshooks.dll
2017-07-14 14:57 . 2017-08-25 17:53 50688 ----a-w- c:\windows\system32\wermgr.exe
2017-07-14 14:50 . 2017-08-25 17:53 54272 ----a-w- c:\windows\SysWow64\wermgr.exe
2017-07-14 14:50 . 2017-08-25 17:53 28672 ----a-w- c:\windows\SysWow64\werdiagcontroller.dll
2014-03-07 09:03 3109520 --sha-r- c:\windows\SysWOW64\avcodec-lav-55.dll
2014-03-07 09:03 98960 --sha-r- c:\windows\SysWOW64\avfilter-lav-4.dll
2014-03-07 09:03 550032 --sha-r- c:\windows\SysWOW64\avformat-lav-55.dll
2009-09-27 08:39 415744 --sh--w- c:\windows\SysWOW64\avisynth.dll
2014-03-07 09:03 59536 --sha-r- c:\windows\SysWOW64\avresample-lav-1.dll
2005-07-14 11:31 32256 --sh--w- c:\windows\SysWOW64\AVSredirect.dll
2014-03-07 09:03 181392 --sha-r- c:\windows\SysWOW64\avutil-lav-52.dll
2004-02-22 09:11 764416 --sh--w- c:\windows\SysWOW64\devil.dll
2014-03-07 09:03 122512 --sha-r- c:\windows\SysWOW64\HLaudio.dll
2014-03-07 09:03 203408 --sha-r- c:\windows\SysWOW64\HLsplit.dll
2014-03-07 09:03 313520 --sha-r- c:\windows\SysWOW64\HLvideo.dll
2004-01-24 23:00 70656 --sh--w- c:\windows\SysWOW64\i420vfw.dll
2014-03-07 09:03 166544 --sha-r- c:\windows\SysWOW64\IntelQuickSyncDecoder.dll
2014-03-07 09:03 109712 --sha-r- c:\windows\SysWOW64\libbluray.dll
2011-02-11 08:26 112128 --sha-r- c:\windows\SysWOW64\OptimFROG.dll
2014-03-07 09:03 118416 --sha-r- c:\windows\SysWOW64\swscale-lav-2.dll
2010-01-06 22:00 107520 --sha-r- c:\windows\SysWOW64\TAKDSDecoder.dll
2012-10-05 17:54 188416 --sha-r- c:\windows\SysWOW64\winDCE32.dll
2004-01-24 23:00 70656 --sh--w- c:\windows\SysWOW64\yv12vfw.dll
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt01]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2017-05-01 14:39 230728 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.16.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt02]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2017-05-01 14:39 230728 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.16.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt03]
@="{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}]
2017-05-01 14:39 230728 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.16.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt04]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2017-05-01 14:39 230728 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.16.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt05]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2017-05-01 14:39 230728 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.16.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt06]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2017-05-01 14:39 230728 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.16.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt07]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2017-05-01 14:39 230728 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.16.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt08]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2017-05-01 14:39 230728 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.16.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt09]
@="{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}]
2017-05-01 14:39 230728 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.16.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt10]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2017-05-01 14:39 230728 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.16.0.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"DAEMON Tools Lite"="d:\utilitaires\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
"HydraVisionDesktopManager"="c:\program files (x86)\ATI Technologies\HydraVision\HydraDM.exe" [2011-10-12 393216]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2015-12-08 8590760]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ASUS AiChargerPlus Execute"="c:\program files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe" [2010-11-08 465536]
"ASUSWebStorage"="c:\program files (x86)\ASUS\ASUS WebStorage\3.0.94.193\AsusWSPanel.exe" [2011-04-11 734544]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" [2013-10-25 766208]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2016-06-22 598552]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux9"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean64.exe
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MBAMService;Malwarebytes Service;d:\utilitaires\Anti-Malware\mbamservice.exe;d:\utilitaires\Anti-Malware\mbamservice.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RTTEAMPT;Realtek Teaming Protocol Driver (NDIS 6.2);c:\windows\system32\DRIVERS\RtTeam60.sys;c:\windows\SYSNATIVE\DRIVERS\RtTeam60.sys [x]
R3 RTVLANPT;Realtek Vlan Protocol Driver (NDIS 6.2);c:\windows\system32\DRIVERS\RtVlan60.sys;c:\windows\SYSNATIVE\DRIVERS\RtVlan60.sys [x]
R3 TEAM;Realtek Virtual Miniport Driver for Teaming (NDIS 6.2);c:\windows\system32\DRIVERS\RtTeam60.sys;c:\windows\SYSNATIVE\DRIVERS\RtTeam60.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 VLAN;Realtek Virtual Miniport Driver for VLAN (NDIS 6.2);c:\windows\system32\DRIVERS\RtVLAN60.sys;c:\windows\SYSNATIVE\DRIVERS\RtVLAN60.sys [x]
R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 AiChargerPlus;ASUS Charger Plus Driver;c:\windows\system32\DRIVERS\AiChargerPlus.sys;c:\windows\SYSNATIVE\DRIVERS\AiChargerPlus.sys [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys;c:\windows\SYSNATIVE\Drivers\sptd.sys [x]
S1 AsUpIO;AsUpIO;SysWow64\drivers\AsUpIO.sys;SysWow64\drivers\AsUpIO.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 asComSvc;ASUS Com Service;c:\program files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe;c:\program files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe [x]
S2 asHmComSvc;ASUS HM Com Service;c:\program files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe;c:\program files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe [x]
S2 AsSysCtrlService;ASUS System Control Service;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [x]
S2 DbxSvc;DbxSvc;c:\windows\system32\DbxSvc.exe;c:\windows\SYSNATIVE\DbxSvc.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 MajIndexEducationService;Mise à jour automatique - Index Education;c:\program files (x86)\Index Education\Mise a jour automatique\ServiceMiseAJourIndex.exe;c:\program files (x86)\Index Education\Mise a jour automatique\ServiceMiseAJourIndex.exe [x]
S2 RtNdPt60;Realtek NDIS Protocol Driver;c:\windows\system32\DRIVERS\RtNdPt60.sys;c:\windows\SYSNATIVE\DRIVERS\RtNdPt60.sys [x]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys;c:\windows\SYSNATIVE\DRIVERS\asmthub3.sys [x]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys;c:\windows\SYSNATIVE\DRIVERS\asmtxhci.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 BCMH43XX;Broadcom 802.11 USB Network Adapter Driver;c:\windows\system32\DRIVERS\bcmwlhigh664.sys;c:\windows\SYSNATIVE\DRIVERS\bcmwlhigh664.sys [x]
S3 ICCWDT;Intel(R) Watchdog Timer Driver (Intel(R) WDT);c:\windows\system32\DRIVERS\ICCWDT.sys;c:\windows\SYSNATIVE\DRIVERS\ICCWDT.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr QWAVE wcncsvc
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt01]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2017-05-01 14:39 278344 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.16.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt02]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2017-05-01 14:39 278344 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.16.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt03]
@="{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}]
2017-05-01 14:39 278344 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.16.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt04]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2017-05-01 14:39 278344 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.16.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt05]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2017-05-01 14:39 278344 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.16.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt06]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2017-05-01 14:39 278344 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.16.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt07]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2017-05-01 14:39 278344 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.16.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt08]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2017-05-01 14:39 278344 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.16.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt09]
@="{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}]
2017-05-01 14:39 278344 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.16.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt10]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2017-05-01 14:39 278344 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.16.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2011-04-11 03:35 220160 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.94.193\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2011-04-11 03:35 220160 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.94.193\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-06-28 11905128]
.
------- Examen supplémentaire -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com/
mStart Page = www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 89.2.0.1 89.2.0.2
.
- - - - ORPHELINS SUPPRIMES - - - -
.
Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
HKLM_Wow6432Node-ActiveSetup-{8A69D345-D564-463c-AFF1-A69D9E530F96} - c:\program files (x86)\Google\Chrome\Application\57.0.2987.133\Installer\chrmstp.exe
AddRemove-Turbopoker.fr - c:\users\CYRIL\AppData\Local\Turbopoker\internalLogicielTurboPokerUninstall1411646745896_cb5c2f_fr.exe
.
.
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_USERS\S-1-5-21-1259235147-3347209182-4082495589-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_27_0_0_130_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_27_0_0_130_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_27_0_0_130_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_27_0_0_130_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_27_0_0_130.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.27"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_27_0_0_130.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_27_0_0_130.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_27_0_0_130.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Heure de fin: 2017-10-10 00:30:41
ComboFix-quarantined-files.txt 2017-10-09 22:30
.
Avant-CF: 4 715 962 368 octets libres
Après-CF: 4 554 264 576 octets libres
.
- - End Of File - - 800251CB588F17F00BACB41F6A40106B
A36C5E4F47E84449FF07ED3517B43A31