Publicité
Publicité
Commentaire : très très long mais voilà
Format du document : text/plain
Prévisualisation
ComboFix 17-11-14.01 - Lucette 15/11/2017 17:19:03.3.2 - x64
Microsoft Windows 7 Édition Familiale Premium 6.1.7601.1.1252.33.1036.18.3686.1554 [GMT 1:00]
Lancé depuis: c:\users\Lucette\Desktop\tonprenom.exe
AV: Avast Antivirus *Disabled/Updated* {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Malwarebytes *Disabled/Updated* {23007AD3-69FE-687C-2629-D584AFFAF72B}
SP: Avast Antivirus *Disabled/Updated* {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
SP: Malwarebytes *Disabled/Updated* {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\security\logs\scecomp.log
c:\windows\SysWow64\DEBUG.log
c:\windows\SysWow64\Packet.dll
c:\windows\SysWow64\pthreadVC.dll
c:\windows\SysWow64\wpcap.dll
c:\windows\wininit.ini
.
.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_NPF
-------\Service_npf
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2017-10-15 au 2017-11-15 ))))))))))))))))))))))))))))))))))))
.
.
2017-11-15 18:47 . 2017-11-15 18:47 193464 ----a-w- c:\windows\system32\drivers\MbamChameleon.sys
2017-11-15 18:46 . 2017-11-15 18:46 46008 ----a-w- c:\windows\system32\drivers\mbam.sys
2017-11-15 18:46 . 2017-11-15 18:46 253880 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2017-11-15 16:45 . 2017-11-15 16:45 -------- d-----w- c:\users\Public\AppData\Local\temp
2017-11-15 16:45 . 2017-11-15 16:45 -------- d-----w- c:\users\Lucette\AppData\Local\temp
2017-11-15 16:45 . 2017-11-15 16:45 -------- d-----w- c:\users\Invité\AppData\Local\temp
2017-11-15 16:45 . 2017-11-15 16:45 -------- d-----w- c:\users\Hudson\AppData\Local\temp
2017-11-15 16:45 . 2017-11-15 16:45 -------- d-----w- c:\users\hervé\AppData\Local\temp
2017-11-15 16:45 . 2017-11-15 16:45 -------- d-----w- c:\users\FMDK7412\AppData\Local\temp
2017-11-15 16:45 . 2017-11-15 16:45 -------- d-----w- c:\users\Default\AppData\Local\temp
2017-11-14 19:30 . 2017-10-09 19:12 401488 ----a-w- c:\windows\system32\aswBoot.exe
2017-11-14 11:00 . 2017-11-14 17:31 -------- d-----w- c:\users\Lucette\AppData\Local\ZHP
2017-11-13 10:28 . 2017-11-01 07:54 77432 ----a-w- c:\windows\system32\drivers\mbae64.sys
2017-11-13 10:27 . 2017-11-13 10:27 -------- d-----w- c:\programdata\MB3CoreBackup
2017-10-27 11:35 . 2017-10-27 11:36 -------- d-----w- c:\programdata\Medtronic
2017-10-27 11:29 . 2017-10-27 11:29 -------- d-----w- c:\program files (x86)\Common Files\Java
2017-10-27 11:27 . 2017-10-27 11:27 97856 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2017-10-27 11:04 . 2017-10-27 11:04 -------- d-----w- c:\program files (x86)\Citrix
2017-10-27 11:04 . 2017-10-27 11:04 -------- d-----w- c:\users\Lucette\AppData\Local\GoToAssist Corporate
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2017-11-15 15:58 . 2012-05-18 14:48 803328 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2017-11-15 15:58 . 2012-05-18 14:48 144896 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2017-10-27 09:48 . 2015-11-23 06:31 1029872 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2017-10-13 17:53 . 2017-10-13 17:53 126925120 -c--a-w- c:\windows\system32\MRT-KB890830.exe
2017-10-13 17:53 . 2012-10-21 13:24 126925120 -c--a-w- c:\windows\system32\MRT.exe
2017-10-09 19:12 . 2015-11-23 06:31 201352 ----a-w- c:\windows\system32\drivers\aswStm.sys
2017-10-09 19:12 . 2015-11-23 06:31 363440 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2017-10-09 19:12 . 2015-11-23 06:31 84416 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2017-10-09 19:12 . 2015-11-23 06:31 587168 ----a-w- c:\windows\system32\drivers\aswSP.sys
2017-10-09 19:12 . 2015-11-23 06:31 147776 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2017-10-09 19:12 . 2015-11-23 06:31 47008 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2017-10-09 19:12 . 2015-11-23 06:31 110376 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2017-10-09 19:11 . 2017-03-18 07:12 57736 ----a-w- c:\windows\system32\drivers\aswbuniva.sys
2017-10-09 19:11 . 2017-03-18 07:12 343288 ----a-w- c:\windows\system32\drivers\aswbloga.sys
2017-10-09 19:11 . 2017-03-18 07:12 198976 ----a-w- c:\windows\system32\drivers\aswbidsha.sys
2017-10-09 19:11 . 2017-03-18 07:12 321032 ----a-w- c:\windows\system32\drivers\aswbidsdrivera.sys
2017-10-04 18:07 . 2017-10-04 18:07 0 ----a-w- c:\windows\SysWow64\sho40E5.tmp
2017-10-01 21:25 . 2017-10-01 21:25 0 ----a-w- c:\windows\SysWow64\sho5592.tmp
2017-09-26 09:42 . 2017-09-26 09:42 0 ----a-w- c:\windows\SysWow64\sho2DC4.tmp
2017-09-15 18:42 . 2017-09-15 18:42 0 ----a-w- c:\windows\SysWow64\shoA514.tmp
2017-09-13 21:31 . 2017-09-13 21:31 0 ----a-w- c:\windows\SysWow64\sho7C80.tmp
2017-09-13 15:33 . 2017-10-13 07:08 631176 ----a-w- c:\windows\system32\winresume.efi
2017-09-13 15:32 . 2017-10-13 07:08 706792 ----a-w- c:\windows\system32\winload.efi
2017-09-13 15:32 . 2017-10-13 07:09 5547752 ----a-w- c:\windows\system32\ntoskrnl.exe
2017-09-13 15:32 . 2017-10-13 07:08 95464 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2017-09-13 15:32 . 2017-10-13 07:08 154856 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2017-09-13 15:31 . 2017-10-13 07:08 1732864 ----a-w- c:\windows\system32\ntdll.dll
2017-09-13 15:28 . 2017-10-13 07:09 448512 ----a-w- c:\windows\system32\wlansec.dll
2017-09-13 15:28 . 2017-10-13 07:08 414208 ----a-w- c:\windows\system32\wlanmsm.dll
2017-09-13 15:28 . 2017-10-13 07:08 118784 ----a-w- c:\windows\system32\wlanhlp.dll
2017-09-13 15:28 . 2017-10-13 07:08 113664 ----a-w- c:\windows\system32\wlanapi.dll
2017-09-13 15:28 . 2017-10-13 07:08 886272 ----a-w- c:\windows\system32\wlansvc.dll
2017-09-13 15:28 . 2017-10-13 07:08 362496 ----a-w- c:\windows\system32\wow64win.dll
2017-09-13 15:28 . 2017-10-13 07:08 215552 ----a-w- c:\windows\system32\winsrv.dll
2017-09-13 15:28 . 2017-10-13 07:08 243712 ----a-w- c:\windows\system32\wow64.dll
2017-09-13 15:28 . 2017-10-13 07:08 13312 ----a-w- c:\windows\system32\wow64cpu.dll
2017-09-13 15:28 . 2017-10-13 07:08 86528 ----a-w- c:\windows\system32\TSpkg.dll
2017-09-13 15:28 . 2017-10-13 07:08 210432 ----a-w- c:\windows\system32\wdigest.dll
2017-09-13 15:28 . 2017-10-13 07:08 503808 ----a-w- c:\windows\system32\srcore.dll
2017-09-13 15:28 . 2017-10-13 07:08 135680 ----a-w- c:\windows\system32\sspicli.dll
2017-09-13 15:28 . 2017-10-13 07:08 28672 ----a-w- c:\windows\system32\sspisrv.dll
2017-09-13 15:28 . 2017-10-13 07:08 50176 ----a-w- c:\windows\system32\srclient.dll
2017-09-13 15:28 . 2017-10-13 07:08 63488 ----a-w- c:\windows\system32\setbcdlocale.dll
2017-09-13 15:28 . 2017-10-13 07:08 1212928 ----a-w- c:\windows\system32\rpcrt4.dll
2017-09-13 15:28 . 2017-10-13 07:08 345600 ----a-w- c:\windows\system32\schannel.dll
2017-09-13 15:28 . 2017-10-13 07:08 190464 ----a-w- c:\windows\system32\rpchttp.dll
2017-09-13 15:28 . 2017-10-13 07:08 28160 ----a-w- c:\windows\system32\secur32.dll
2017-09-13 15:28 . 2017-10-13 07:08 16384 ----a-w- c:\windows\system32\ntvdm64.dll
2017-09-13 15:28 . 2017-10-13 07:08 312320 ----a-w- c:\windows\system32\ncrypt.dll
2017-09-13 15:28 . 2017-10-13 07:09 1068544 ----a-w- c:\windows\system32\msctf.dll
2017-09-13 15:28 . 2017-10-13 07:08 316928 ----a-w- c:\windows\system32\msv1_0.dll
2017-09-13 15:28 . 2017-10-13 07:08 60416 ----a-w- c:\windows\system32\msobjs.dll
2017-09-13 15:28 . 2017-10-13 07:08 146432 ----a-w- c:\windows\system32\msaudite.dll
2017-09-13 15:27 . 2017-10-13 07:08 1460736 ----a-w- c:\windows\system32\lsasrv.dll
2017-09-13 15:27 . 2017-10-13 07:08 731648 ----a-w- c:\windows\system32\kerberos.dll
2017-09-13 15:27 . 2017-10-13 07:08 1163264 ----a-w- c:\windows\system32\kernel32.dll
2017-09-13 15:27 . 2017-10-13 07:08 419840 ----a-w- c:\windows\system32\KernelBase.dll
2017-09-13 15:27 . 2017-10-13 07:08 44032 ----a-w- c:\windows\system32\csrsrv.dll
2017-09-13 15:27 . 2017-10-13 07:08 43520 ----a-w- c:\windows\system32\cryptbase.dll
2017-09-13 15:27 . 2017-10-13 07:08 22016 ----a-w- c:\windows\system32\credssp.dll
2017-09-13 15:27 . 2017-10-13 07:08 463872 ----a-w- c:\windows\system32\certcli.dll
2017-09-13 15:27 . 2017-10-13 07:08 880640 ----a-w- c:\windows\system32\advapi32.dll
2017-09-13 15:27 . 2017-10-13 07:08 123904 ----a-w- c:\windows\system32\bcrypt.dll
2017-09-13 15:27 . 2017-10-13 07:08 59904 ----a-w- c:\windows\system32\appidapi.dll
2017-09-13 15:27 . 2017-10-13 07:08 34816 ----a-w- c:\windows\system32\appidsvc.dll
2017-09-13 15:27 . 2017-10-13 07:08 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-09-13 15:27 . 2017-10-13 07:08 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-09-13 15:27 . 2017-10-13 07:08 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-09-13 15:27 . 2017-10-13 07:08 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-09-13 15:27 . 2017-10-13 07:08 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-09-13 15:27 . 2017-10-13 07:08 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-09-13 15:27 . 2017-10-13 07:08 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-09-13 15:27 . 2017-10-13 07:08 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-09-13 15:27 . 2017-10-13 07:08 3584 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-09-13 15:27 . 2017-10-13 07:08 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-09-13 15:27 . 2017-10-13 07:08 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-09-13 15:27 . 2017-10-13 07:08 3584 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-09-13 15:27 . 2017-10-13 07:08 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-09-13 15:27 . 2017-10-13 07:08 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-09-13 15:27 . 2017-10-13 07:08 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-09-13 15:27 . 2017-10-13 07:08 3072 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-09-13 15:27 . 2017-10-13 07:08 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-09-13 15:27 . 2017-10-13 07:08 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-09-13 15:27 . 2017-10-13 07:08 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-09-13 15:27 . 2017-10-13 07:08 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-09-13 15:27 . 2017-10-13 07:08 3072 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-09-13 15:27 . 2017-10-13 07:08 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-09-13 15:27 . 2017-10-13 07:08 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-09-13 15:27 . 2017-10-13 07:08 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-09-13 15:27 . 2017-10-13 07:08 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-09-13 15:27 . 2017-10-13 07:08 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-09-13 15:27 . 2017-10-13 07:08 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-09-13 15:27 . 2017-10-13 07:08 690688 ----a-w- c:\windows\system32\adtschema.dll
2017-09-13 15:27 . 2017-10-13 07:08 6656 ----a-w- c:\windows\system32\apisetschema.dll
2017-09-13 15:27 . 2017-10-13 07:08 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-09-13 15:13 . 2017-10-13 07:09 4001512 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2017-09-13 15:13 . 2017-10-13 07:09 3945704 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2017-09-13 15:10 . 2017-10-13 07:09 1314112 ----a-w- c:\windows\SysWow64\ntdll.dll
2017-09-13 15:09 . 2017-10-13 07:08 666112 ----a-w- c:\windows\SysWow64\rpcrt4.dll
2017-09-13 15:09 . 2017-10-13 07:08 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive1]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2017-11-07 05:23 2619080 ----a-w- c:\users\Lucette\AppData\Local\Microsoft\OneDrive\17.3.7076.1026\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive2]
@="{5AB7172C-9C11-405C-8DD5-AF20F3606282}"
[HKEY_CLASSES_ROOT\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}]
2017-11-07 05:23 2619080 ----a-w- c:\users\Lucette\AppData\Local\Microsoft\OneDrive\17.3.7076.1026\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive3]
@="{A78ED123-AB77-406B-9962-2A5D9D2F7F30}"
[HKEY_CLASSES_ROOT\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}]
2017-11-07 05:23 2619080 ----a-w- c:\users\Lucette\AppData\Local\Microsoft\OneDrive\17.3.7076.1026\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive4]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2017-11-07 05:23 2619080 ----a-w- c:\users\Lucette\AppData\Local\Microsoft\OneDrive\17.3.7076.1026\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive5]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2017-11-07 05:23 2619080 ----a-w- c:\users\Lucette\AppData\Local\Microsoft\OneDrive\17.3.7076.1026\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive6]
@="{9AA2F32D-362A-42D9-9328-24A483E2CCC3}"
[HKEY_CLASSES_ROOT\CLSID\{9AA2F32D-362A-42D9-9328-24A483E2CCC3}]
2017-11-07 05:23 2619080 ----a-w- c:\users\Lucette\AppData\Local\Microsoft\OneDrive\17.3.7076.1026\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt01]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2017-11-01 11:44 289096 ----a-w- c:\users\Lucette\AppData\Roaming\Dropbox\bin\DropboxExt.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt02]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2017-11-01 11:44 289096 ----a-w- c:\users\Lucette\AppData\Roaming\Dropbox\bin\DropboxExt.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt03]
@="{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}]
2017-11-01 11:44 289096 ----a-w- c:\users\Lucette\AppData\Roaming\Dropbox\bin\DropboxExt.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt04]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2017-11-01 11:44 289096 ----a-w- c:\users\Lucette\AppData\Roaming\Dropbox\bin\DropboxExt.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt05]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2017-11-01 11:44 289096 ----a-w- c:\users\Lucette\AppData\Roaming\Dropbox\bin\DropboxExt.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt06]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2017-11-01 11:44 289096 ----a-w- c:\users\Lucette\AppData\Roaming\Dropbox\bin\DropboxExt.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt07]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2017-11-01 11:44 289096 ----a-w- c:\users\Lucette\AppData\Roaming\Dropbox\bin\DropboxExt.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt08]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2017-11-01 11:44 289096 ----a-w- c:\users\Lucette\AppData\Roaming\Dropbox\bin\DropboxExt.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt09]
@="{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}]
2017-11-01 11:44 289096 ----a-w- c:\users\Lucette\AppData\Roaming\Dropbox\bin\DropboxExt.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt10]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2017-11-01 11:44 289096 ----a-w- c:\users\Lucette\AppData\Roaming\Dropbox\bin\DropboxExt.19.0.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BingSvc"="c:\users\Lucette\AppData\Local\Microsoft\BingSvc\BingSvc.exe" [2016-01-15 144008]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2017-03-03 9364696]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableSecureUIAPath"= 1 (0x1)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean64.exe
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 Dedicarz Service;Dedicarz Service;c:\program files (x86)\Orange\ma Livebox\dedicarz\DedicarzService.exe;c:\program files (x86)\Orange\ma Livebox\dedicarz\DedicarzService.exe [x]
R2 Orange update Core Service;Orange update Core Service;c:\program files (x86)\Orange\OrangeUpdate\Service\OUCore.exe;c:\program files (x86)\Orange\OrangeUpdate\Service\OUCore.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 AlcatelOTnet;AlcatelOT USB-NDIS miniport;c:\windows\system32\DRIVERS\AlcatelOTUsbnet.sys;c:\windows\SYSNATIVE\DRIVERS\AlcatelOTUsbnet.sys [x]
R3 aswbIDSAgent;aswbIDSAgent;c:\program files\AVAST Software\Avast\x64\aswidsagenta.exe;c:\program files\AVAST Software\Avast\x64\aswidsagenta.exe [x]
R3 aswHwid;aswHwid;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 jrdusbser;Modem Interface Device for Legacy Serial Communication;c:\windows\system32\DRIVERS\jrdusbser.sys;c:\windows\SYSNATIVE\DRIVERS\jrdusbser.sys [x]
R3 massfilter;Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys;c:\windows\SYSNATIVE\drivers\massfilter.sys [x]
R3 MBAMProtection;MBAMProtection;c:\windows\system32\DRIVERS\mbam.sys;c:\windows\SYSNATIVE\DRIVERS\mbam.sys [x]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys;c:\windows\SYSNATIVE\DRIVERS\RtsPStor.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 MSSQLServerADHelper100;Service SQL Active Directory Helper;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [x]
R4 RsFx0103;RsFx0103 Driver;c:\windows\system32\DRIVERS\RsFx0103.sys;c:\windows\SYSNATIVE\DRIVERS\RsFx0103.sys [x]
R4 SQLAgent$SQLEXPRESS;Agent SQL Server (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE;c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 aswbidsh;aswbidsh;c:\windows\\SystemRoot\system32\drivers\aswbidsha.sys;c:\windows\\SystemRoot\system32\drivers\aswbidsha.sys [x]
S0 aswblog;aswblog;c:\windows\\SystemRoot\system32\drivers\aswbloga.sys;c:\windows\\SystemRoot\system32\drivers\aswbloga.sys [x]
S0 aswbuniv;aswbuniv;c:\windows\\SystemRoot\system32\drivers\aswbuniva.sys;c:\windows\\SystemRoot\system32\drivers\aswbuniva.sys [x]
S0 aswRvrt;aswRvrt;c:\windows\\SystemRoot\system32\drivers\aswRvrt.sys;c:\windows\\SystemRoot\system32\drivers\aswRvrt.sys [x]
S0 aswVmm;aswVmm;c:\windows\\SystemRoot\system32\drivers\aswVmm.sys;c:\windows\\SystemRoot\system32\drivers\aswVmm.sys [x]
S1 aswbidsdriver;aswbidsdriver;c:\windows\system32\drivers\aswbidsdrivera.sys;c:\windows\SYSNATIVE\drivers\aswbidsdrivera.sys [x]
S1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys;c:\windows\SYSNATIVE\drivers\aswKbd.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
S2 ClickToRunSvc;Service Démarrer en clic Microsoft Office;c:\program files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe;c:\program files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe;c:\program files (x86)\Launch Manager\dsiwmis.exe [x]
S2 ePowerSvc;ePower Service;c:\program files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe;c:\program files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [x]
S2 FreeStyleLibre MAS Server;FreeStyleLibre MAS Server;c:\program files (x86)\FreeStyle Libre\MAS.FreeStyleLibre.exe ;c:\program files (x86)\FreeStyle Libre\MAS.FreeStyleLibre.exe [x]
S2 GREGService;GREGService;c:\program files (x86)\Packard Bell\Registration\GREGsvc.exe;c:\program files (x86)\Packard Bell\Registration\GREGsvc.exe [x]
S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [x]
S2 Live Updater Service;Live Updater Service;c:\program files\Packard Bell\Packard Bell Updater\UpdaterService.exe;c:\program files\Packard Bell\Packard Bell Updater\UpdaterService.exe [x]
S2 MBAMChameleon;MBAMChameleon;c:\windows\System32\Drivers\MbamChameleon.sys;c:\windows\SYSNATIVE\Drivers\MbamChameleon.sys [x]
S2 MBAMService;Malwarebytes Service;c:\program files\Malwarebytes\Anti-Malware\mbamservice.exe;c:\program files\Malwarebytes\Anti-Malware\mbamservice.exe [x]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe;c:\program files (x86)\Nero\Update\NASvc.exe [x]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
S3 amdhub30;AMD USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\amdhub30.sys;c:\windows\SYSNATIVE\DRIVERS\amdhub30.sys [x]
S3 amdxhc;AMD USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\amdxhc.sys;c:\windows\SYSNATIVE\DRIVERS\amdxhc.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jubusenum.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\System32\Drivers\mbamswissarmy.sys;c:\windows\SYSNATIVE\Drivers\mbamswissarmy.sys [x]
S3 Point64;Microsoft Mouse and Keyboard Center Filter Driver;c:\windows\system32\DRIVERS\point64.sys;c:\windows\SYSNATIVE\DRIVERS\point64.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
.
.
--- Autres Services/Pilotes en mémoire ---
.
*NewlyCreated* - MBAMCHAMELEON
*NewlyCreated* - MBAMSWISSARMY
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr QWAVE wcncsvc
.
Contenu du dossier 'Tâches planifiées'
.
2017-11-13 c:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-284284951-1657546118-486349192-1000Core.job
- c:\users\Lucette\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-18 05:19]
.
2017-11-15 c:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-284284951-1657546118-486349192-1000UA.job
- c:\users\Lucette\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-18 05:19]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive1]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2017-11-07 05:24 2889416 ----a-w- c:\users\Lucette\AppData\Local\Microsoft\OneDrive\17.3.7076.1026\amd64\FileSyncShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive2]
@="{5AB7172C-9C11-405C-8DD5-AF20F3606282}"
[HKEY_CLASSES_ROOT\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}]
2017-11-07 05:24 2889416 ----a-w- c:\users\Lucette\AppData\Local\Microsoft\OneDrive\17.3.7076.1026\amd64\FileSyncShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive3]
@="{A78ED123-AB77-406B-9962-2A5D9D2F7F30}"
[HKEY_CLASSES_ROOT\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}]
2017-11-07 05:24 2889416 ----a-w- c:\users\Lucette\AppData\Local\Microsoft\OneDrive\17.3.7076.1026\amd64\FileSyncShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive4]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2017-11-07 05:24 2889416 ----a-w- c:\users\Lucette\AppData\Local\Microsoft\OneDrive\17.3.7076.1026\amd64\FileSyncShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive5]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2017-11-07 05:24 2889416 ----a-w- c:\users\Lucette\AppData\Local\Microsoft\OneDrive\17.3.7076.1026\amd64\FileSyncShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive6]
@="{9AA2F32D-362A-42D9-9328-24A483E2CCC3}"
[HKEY_CLASSES_ROOT\CLSID\{9AA2F32D-362A-42D9-9328-24A483E2CCC3}]
2017-11-07 05:24 2889416 ----a-w- c:\users\Lucette\AppData\Local\Microsoft\OneDrive\17.3.7076.1026\amd64\FileSyncShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2017-09-05 10:52 2351920 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2017-09-05 10:52 2351920 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2017-09-05 10:52 2351920 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2017-11-01 11:44 337224 ----a-w- c:\users\Lucette\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2017-11-01 11:44 337224 ----a-w- c:\users\Lucette\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2017-11-01 11:44 337224 ----a-w- c:\users\Lucette\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2017-11-01 11:44 337224 ----a-w- c:\users\Lucette\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2017-11-01 11:44 337224 ----a-w- c:\users\Lucette\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2017-11-01 11:44 337224 ----a-w- c:\users\Lucette\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2017-11-01 11:44 337224 ----a-w- c:\users\Lucette\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2017-11-01 11:44 337224 ----a-w- c:\users\Lucette\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00asw]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2017-10-09 19:12 1789648 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00asw]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2017-10-09 19:12 1789648 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvLaunch.exe" [2017-10-09 253344]
"ALU"="c:\program files\Packard Bell\Packard Bell Updater\ALU.exe" [2016-06-06 2419104]
.
------- Examen supplémentaire -------
.
uLocal Page = c:\windows\system32\blank.htm
uSearchMigratedDefaultURL = https://www.google.com/
mDefault_Search_URL = hxxp://www.google.com
mDefault_Page_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\System32\blank.htm
mSearch Page = hxxp://www.google.com
mSearch Bar = https://www.google.com/
mSearchMigratedDefaultURL = https://www.google.com/
uCustomizeSearch = https://www.google.com/
mCustomizeSearch = https://www.google.com/
IE: E&xport to Microsoft Excel - c:\program files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\program files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
Trusted Zone: orange.fr\logicielsgratuits
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{0FF06AFD-856E-41E1-8468-D33646941909}: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{0FF06AFD-856E-41E1-8468-D33646941909}\356425F593735483: DhcpNameServer = 192.168.1.1
DPF: {42F2D240-B23C-11D6-8C73-70A05DC10000} - hxxp://dl.logicielsgratuits.orange.fr/softs/orangeinstaller/src/win/Orange_Install.exe
FF - ProfilePath - c:\users\Lucette\AppData\Roaming\Mozilla\Firefox\Profiles\6igu2cod.default-1452752827800-1510316214766\
.
- - - - ORPHELINS SUPPRIMES - - - -
.
Toolbar-Locked - (no file)
Toolbar-10 - (no file)
HKLM_Wow6432Node-ActiveSetup-{8A69D345-D564-463c-AFF1-A69D9E530F96} - c:\program files (x86)\Google\Chrome\Application\58.0.3029.81\Installer\chrmstp.exe
.
.
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_27_0_0_187_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_27_0_0_187_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_27_0_0_187_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_27_0_0_187_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_27_0_0_187.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.27"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_27_0_0_187.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_27_0_0_187.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_27_0_0_187.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0\Alias]
@=""
"0"="ActionsPane Schema for Add-Ins"
.
------------------------ Autres processus actifs ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Launch Manager\LMworker.exe
c:\program files (x86)\Launch Manager\LMutilps32.exe
c:\program files (x86)\Adobe\Acrobat Reader DC\Reader\Reader_sl.exe
.
**************************************************************************
.
Heure de fin: 2017-11-15 19:57:22 - La machine a redémarré
ComboFix-quarantined-files.txt 2017-11-15 18:57
ComboFix2.txt 2015-12-27 20:00
.
Avant-CF: 155 229 970 432 octets libres
Après-CF: 154 612 338 688 octets libres
.
- - End Of File - - E815574920C3F39B6AA6AB824E9AB2CF
A36C5E4F47E84449FF07ED3517B43A31
Microsoft Windows 7 Édition Familiale Premium 6.1.7601.1.1252.33.1036.18.3686.1554 [GMT 1:00]
Lancé depuis: c:\users\Lucette\Desktop\tonprenom.exe
AV: Avast Antivirus *Disabled/Updated* {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Malwarebytes *Disabled/Updated* {23007AD3-69FE-687C-2629-D584AFFAF72B}
SP: Avast Antivirus *Disabled/Updated* {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
SP: Malwarebytes *Disabled/Updated* {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\security\logs\scecomp.log
c:\windows\SysWow64\DEBUG.log
c:\windows\SysWow64\Packet.dll
c:\windows\SysWow64\pthreadVC.dll
c:\windows\SysWow64\wpcap.dll
c:\windows\wininit.ini
.
.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_NPF
-------\Service_npf
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2017-10-15 au 2017-11-15 ))))))))))))))))))))))))))))))))))))
.
.
2017-11-15 18:47 . 2017-11-15 18:47 193464 ----a-w- c:\windows\system32\drivers\MbamChameleon.sys
2017-11-15 18:46 . 2017-11-15 18:46 46008 ----a-w- c:\windows\system32\drivers\mbam.sys
2017-11-15 18:46 . 2017-11-15 18:46 253880 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2017-11-15 16:45 . 2017-11-15 16:45 -------- d-----w- c:\users\Public\AppData\Local\temp
2017-11-15 16:45 . 2017-11-15 16:45 -------- d-----w- c:\users\Lucette\AppData\Local\temp
2017-11-15 16:45 . 2017-11-15 16:45 -------- d-----w- c:\users\Invité\AppData\Local\temp
2017-11-15 16:45 . 2017-11-15 16:45 -------- d-----w- c:\users\Hudson\AppData\Local\temp
2017-11-15 16:45 . 2017-11-15 16:45 -------- d-----w- c:\users\hervé\AppData\Local\temp
2017-11-15 16:45 . 2017-11-15 16:45 -------- d-----w- c:\users\FMDK7412\AppData\Local\temp
2017-11-15 16:45 . 2017-11-15 16:45 -------- d-----w- c:\users\Default\AppData\Local\temp
2017-11-14 19:30 . 2017-10-09 19:12 401488 ----a-w- c:\windows\system32\aswBoot.exe
2017-11-14 11:00 . 2017-11-14 17:31 -------- d-----w- c:\users\Lucette\AppData\Local\ZHP
2017-11-13 10:28 . 2017-11-01 07:54 77432 ----a-w- c:\windows\system32\drivers\mbae64.sys
2017-11-13 10:27 . 2017-11-13 10:27 -------- d-----w- c:\programdata\MB3CoreBackup
2017-10-27 11:35 . 2017-10-27 11:36 -------- d-----w- c:\programdata\Medtronic
2017-10-27 11:29 . 2017-10-27 11:29 -------- d-----w- c:\program files (x86)\Common Files\Java
2017-10-27 11:27 . 2017-10-27 11:27 97856 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2017-10-27 11:04 . 2017-10-27 11:04 -------- d-----w- c:\program files (x86)\Citrix
2017-10-27 11:04 . 2017-10-27 11:04 -------- d-----w- c:\users\Lucette\AppData\Local\GoToAssist Corporate
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2017-11-15 15:58 . 2012-05-18 14:48 803328 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2017-11-15 15:58 . 2012-05-18 14:48 144896 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2017-10-27 09:48 . 2015-11-23 06:31 1029872 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2017-10-13 17:53 . 2017-10-13 17:53 126925120 -c--a-w- c:\windows\system32\MRT-KB890830.exe
2017-10-13 17:53 . 2012-10-21 13:24 126925120 -c--a-w- c:\windows\system32\MRT.exe
2017-10-09 19:12 . 2015-11-23 06:31 201352 ----a-w- c:\windows\system32\drivers\aswStm.sys
2017-10-09 19:12 . 2015-11-23 06:31 363440 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2017-10-09 19:12 . 2015-11-23 06:31 84416 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2017-10-09 19:12 . 2015-11-23 06:31 587168 ----a-w- c:\windows\system32\drivers\aswSP.sys
2017-10-09 19:12 . 2015-11-23 06:31 147776 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2017-10-09 19:12 . 2015-11-23 06:31 47008 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2017-10-09 19:12 . 2015-11-23 06:31 110376 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2017-10-09 19:11 . 2017-03-18 07:12 57736 ----a-w- c:\windows\system32\drivers\aswbuniva.sys
2017-10-09 19:11 . 2017-03-18 07:12 343288 ----a-w- c:\windows\system32\drivers\aswbloga.sys
2017-10-09 19:11 . 2017-03-18 07:12 198976 ----a-w- c:\windows\system32\drivers\aswbidsha.sys
2017-10-09 19:11 . 2017-03-18 07:12 321032 ----a-w- c:\windows\system32\drivers\aswbidsdrivera.sys
2017-10-04 18:07 . 2017-10-04 18:07 0 ----a-w- c:\windows\SysWow64\sho40E5.tmp
2017-10-01 21:25 . 2017-10-01 21:25 0 ----a-w- c:\windows\SysWow64\sho5592.tmp
2017-09-26 09:42 . 2017-09-26 09:42 0 ----a-w- c:\windows\SysWow64\sho2DC4.tmp
2017-09-15 18:42 . 2017-09-15 18:42 0 ----a-w- c:\windows\SysWow64\shoA514.tmp
2017-09-13 21:31 . 2017-09-13 21:31 0 ----a-w- c:\windows\SysWow64\sho7C80.tmp
2017-09-13 15:33 . 2017-10-13 07:08 631176 ----a-w- c:\windows\system32\winresume.efi
2017-09-13 15:32 . 2017-10-13 07:08 706792 ----a-w- c:\windows\system32\winload.efi
2017-09-13 15:32 . 2017-10-13 07:09 5547752 ----a-w- c:\windows\system32\ntoskrnl.exe
2017-09-13 15:32 . 2017-10-13 07:08 95464 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2017-09-13 15:32 . 2017-10-13 07:08 154856 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2017-09-13 15:31 . 2017-10-13 07:08 1732864 ----a-w- c:\windows\system32\ntdll.dll
2017-09-13 15:28 . 2017-10-13 07:09 448512 ----a-w- c:\windows\system32\wlansec.dll
2017-09-13 15:28 . 2017-10-13 07:08 414208 ----a-w- c:\windows\system32\wlanmsm.dll
2017-09-13 15:28 . 2017-10-13 07:08 118784 ----a-w- c:\windows\system32\wlanhlp.dll
2017-09-13 15:28 . 2017-10-13 07:08 113664 ----a-w- c:\windows\system32\wlanapi.dll
2017-09-13 15:28 . 2017-10-13 07:08 886272 ----a-w- c:\windows\system32\wlansvc.dll
2017-09-13 15:28 . 2017-10-13 07:08 362496 ----a-w- c:\windows\system32\wow64win.dll
2017-09-13 15:28 . 2017-10-13 07:08 215552 ----a-w- c:\windows\system32\winsrv.dll
2017-09-13 15:28 . 2017-10-13 07:08 243712 ----a-w- c:\windows\system32\wow64.dll
2017-09-13 15:28 . 2017-10-13 07:08 13312 ----a-w- c:\windows\system32\wow64cpu.dll
2017-09-13 15:28 . 2017-10-13 07:08 86528 ----a-w- c:\windows\system32\TSpkg.dll
2017-09-13 15:28 . 2017-10-13 07:08 210432 ----a-w- c:\windows\system32\wdigest.dll
2017-09-13 15:28 . 2017-10-13 07:08 503808 ----a-w- c:\windows\system32\srcore.dll
2017-09-13 15:28 . 2017-10-13 07:08 135680 ----a-w- c:\windows\system32\sspicli.dll
2017-09-13 15:28 . 2017-10-13 07:08 28672 ----a-w- c:\windows\system32\sspisrv.dll
2017-09-13 15:28 . 2017-10-13 07:08 50176 ----a-w- c:\windows\system32\srclient.dll
2017-09-13 15:28 . 2017-10-13 07:08 63488 ----a-w- c:\windows\system32\setbcdlocale.dll
2017-09-13 15:28 . 2017-10-13 07:08 1212928 ----a-w- c:\windows\system32\rpcrt4.dll
2017-09-13 15:28 . 2017-10-13 07:08 345600 ----a-w- c:\windows\system32\schannel.dll
2017-09-13 15:28 . 2017-10-13 07:08 190464 ----a-w- c:\windows\system32\rpchttp.dll
2017-09-13 15:28 . 2017-10-13 07:08 28160 ----a-w- c:\windows\system32\secur32.dll
2017-09-13 15:28 . 2017-10-13 07:08 16384 ----a-w- c:\windows\system32\ntvdm64.dll
2017-09-13 15:28 . 2017-10-13 07:08 312320 ----a-w- c:\windows\system32\ncrypt.dll
2017-09-13 15:28 . 2017-10-13 07:09 1068544 ----a-w- c:\windows\system32\msctf.dll
2017-09-13 15:28 . 2017-10-13 07:08 316928 ----a-w- c:\windows\system32\msv1_0.dll
2017-09-13 15:28 . 2017-10-13 07:08 60416 ----a-w- c:\windows\system32\msobjs.dll
2017-09-13 15:28 . 2017-10-13 07:08 146432 ----a-w- c:\windows\system32\msaudite.dll
2017-09-13 15:27 . 2017-10-13 07:08 1460736 ----a-w- c:\windows\system32\lsasrv.dll
2017-09-13 15:27 . 2017-10-13 07:08 731648 ----a-w- c:\windows\system32\kerberos.dll
2017-09-13 15:27 . 2017-10-13 07:08 1163264 ----a-w- c:\windows\system32\kernel32.dll
2017-09-13 15:27 . 2017-10-13 07:08 419840 ----a-w- c:\windows\system32\KernelBase.dll
2017-09-13 15:27 . 2017-10-13 07:08 44032 ----a-w- c:\windows\system32\csrsrv.dll
2017-09-13 15:27 . 2017-10-13 07:08 43520 ----a-w- c:\windows\system32\cryptbase.dll
2017-09-13 15:27 . 2017-10-13 07:08 22016 ----a-w- c:\windows\system32\credssp.dll
2017-09-13 15:27 . 2017-10-13 07:08 463872 ----a-w- c:\windows\system32\certcli.dll
2017-09-13 15:27 . 2017-10-13 07:08 880640 ----a-w- c:\windows\system32\advapi32.dll
2017-09-13 15:27 . 2017-10-13 07:08 123904 ----a-w- c:\windows\system32\bcrypt.dll
2017-09-13 15:27 . 2017-10-13 07:08 59904 ----a-w- c:\windows\system32\appidapi.dll
2017-09-13 15:27 . 2017-10-13 07:08 34816 ----a-w- c:\windows\system32\appidsvc.dll
2017-09-13 15:27 . 2017-10-13 07:08 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-09-13 15:27 . 2017-10-13 07:08 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-09-13 15:27 . 2017-10-13 07:08 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-09-13 15:27 . 2017-10-13 07:08 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-09-13 15:27 . 2017-10-13 07:08 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-09-13 15:27 . 2017-10-13 07:08 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-09-13 15:27 . 2017-10-13 07:08 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-09-13 15:27 . 2017-10-13 07:08 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-09-13 15:27 . 2017-10-13 07:08 3584 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-09-13 15:27 . 2017-10-13 07:08 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-09-13 15:27 . 2017-10-13 07:08 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-09-13 15:27 . 2017-10-13 07:08 3584 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-09-13 15:27 . 2017-10-13 07:08 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-09-13 15:27 . 2017-10-13 07:08 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-09-13 15:27 . 2017-10-13 07:08 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-09-13 15:27 . 2017-10-13 07:08 3072 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-09-13 15:27 . 2017-10-13 07:08 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-09-13 15:27 . 2017-10-13 07:08 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-09-13 15:27 . 2017-10-13 07:08 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-09-13 15:27 . 2017-10-13 07:08 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-09-13 15:27 . 2017-10-13 07:08 3072 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-09-13 15:27 . 2017-10-13 07:08 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-09-13 15:27 . 2017-10-13 07:08 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-09-13 15:27 . 2017-10-13 07:08 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-09-13 15:27 . 2017-10-13 07:08 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-09-13 15:27 . 2017-10-13 07:08 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-09-13 15:27 . 2017-10-13 07:08 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-09-13 15:27 . 2017-10-13 07:08 690688 ----a-w- c:\windows\system32\adtschema.dll
2017-09-13 15:27 . 2017-10-13 07:08 6656 ----a-w- c:\windows\system32\apisetschema.dll
2017-09-13 15:27 . 2017-10-13 07:08 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-09-13 15:13 . 2017-10-13 07:09 4001512 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2017-09-13 15:13 . 2017-10-13 07:09 3945704 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2017-09-13 15:10 . 2017-10-13 07:09 1314112 ----a-w- c:\windows\SysWow64\ntdll.dll
2017-09-13 15:09 . 2017-10-13 07:08 666112 ----a-w- c:\windows\SysWow64\rpcrt4.dll
2017-09-13 15:09 . 2017-10-13 07:08 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive1]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2017-11-07 05:23 2619080 ----a-w- c:\users\Lucette\AppData\Local\Microsoft\OneDrive\17.3.7076.1026\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive2]
@="{5AB7172C-9C11-405C-8DD5-AF20F3606282}"
[HKEY_CLASSES_ROOT\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}]
2017-11-07 05:23 2619080 ----a-w- c:\users\Lucette\AppData\Local\Microsoft\OneDrive\17.3.7076.1026\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive3]
@="{A78ED123-AB77-406B-9962-2A5D9D2F7F30}"
[HKEY_CLASSES_ROOT\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}]
2017-11-07 05:23 2619080 ----a-w- c:\users\Lucette\AppData\Local\Microsoft\OneDrive\17.3.7076.1026\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive4]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2017-11-07 05:23 2619080 ----a-w- c:\users\Lucette\AppData\Local\Microsoft\OneDrive\17.3.7076.1026\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive5]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2017-11-07 05:23 2619080 ----a-w- c:\users\Lucette\AppData\Local\Microsoft\OneDrive\17.3.7076.1026\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive6]
@="{9AA2F32D-362A-42D9-9328-24A483E2CCC3}"
[HKEY_CLASSES_ROOT\CLSID\{9AA2F32D-362A-42D9-9328-24A483E2CCC3}]
2017-11-07 05:23 2619080 ----a-w- c:\users\Lucette\AppData\Local\Microsoft\OneDrive\17.3.7076.1026\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt01]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2017-11-01 11:44 289096 ----a-w- c:\users\Lucette\AppData\Roaming\Dropbox\bin\DropboxExt.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt02]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2017-11-01 11:44 289096 ----a-w- c:\users\Lucette\AppData\Roaming\Dropbox\bin\DropboxExt.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt03]
@="{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}]
2017-11-01 11:44 289096 ----a-w- c:\users\Lucette\AppData\Roaming\Dropbox\bin\DropboxExt.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt04]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2017-11-01 11:44 289096 ----a-w- c:\users\Lucette\AppData\Roaming\Dropbox\bin\DropboxExt.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt05]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2017-11-01 11:44 289096 ----a-w- c:\users\Lucette\AppData\Roaming\Dropbox\bin\DropboxExt.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt06]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2017-11-01 11:44 289096 ----a-w- c:\users\Lucette\AppData\Roaming\Dropbox\bin\DropboxExt.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt07]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2017-11-01 11:44 289096 ----a-w- c:\users\Lucette\AppData\Roaming\Dropbox\bin\DropboxExt.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt08]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2017-11-01 11:44 289096 ----a-w- c:\users\Lucette\AppData\Roaming\Dropbox\bin\DropboxExt.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt09]
@="{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}]
2017-11-01 11:44 289096 ----a-w- c:\users\Lucette\AppData\Roaming\Dropbox\bin\DropboxExt.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt10]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2017-11-01 11:44 289096 ----a-w- c:\users\Lucette\AppData\Roaming\Dropbox\bin\DropboxExt.19.0.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BingSvc"="c:\users\Lucette\AppData\Local\Microsoft\BingSvc\BingSvc.exe" [2016-01-15 144008]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2017-03-03 9364696]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableSecureUIAPath"= 1 (0x1)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean64.exe
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 Dedicarz Service;Dedicarz Service;c:\program files (x86)\Orange\ma Livebox\dedicarz\DedicarzService.exe;c:\program files (x86)\Orange\ma Livebox\dedicarz\DedicarzService.exe [x]
R2 Orange update Core Service;Orange update Core Service;c:\program files (x86)\Orange\OrangeUpdate\Service\OUCore.exe;c:\program files (x86)\Orange\OrangeUpdate\Service\OUCore.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 AlcatelOTnet;AlcatelOT USB-NDIS miniport;c:\windows\system32\DRIVERS\AlcatelOTUsbnet.sys;c:\windows\SYSNATIVE\DRIVERS\AlcatelOTUsbnet.sys [x]
R3 aswbIDSAgent;aswbIDSAgent;c:\program files\AVAST Software\Avast\x64\aswidsagenta.exe;c:\program files\AVAST Software\Avast\x64\aswidsagenta.exe [x]
R3 aswHwid;aswHwid;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 jrdusbser;Modem Interface Device for Legacy Serial Communication;c:\windows\system32\DRIVERS\jrdusbser.sys;c:\windows\SYSNATIVE\DRIVERS\jrdusbser.sys [x]
R3 massfilter;Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys;c:\windows\SYSNATIVE\drivers\massfilter.sys [x]
R3 MBAMProtection;MBAMProtection;c:\windows\system32\DRIVERS\mbam.sys;c:\windows\SYSNATIVE\DRIVERS\mbam.sys [x]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys;c:\windows\SYSNATIVE\DRIVERS\RtsPStor.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 MSSQLServerADHelper100;Service SQL Active Directory Helper;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [x]
R4 RsFx0103;RsFx0103 Driver;c:\windows\system32\DRIVERS\RsFx0103.sys;c:\windows\SYSNATIVE\DRIVERS\RsFx0103.sys [x]
R4 SQLAgent$SQLEXPRESS;Agent SQL Server (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE;c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 aswbidsh;aswbidsh;c:\windows\\SystemRoot\system32\drivers\aswbidsha.sys;c:\windows\\SystemRoot\system32\drivers\aswbidsha.sys [x]
S0 aswblog;aswblog;c:\windows\\SystemRoot\system32\drivers\aswbloga.sys;c:\windows\\SystemRoot\system32\drivers\aswbloga.sys [x]
S0 aswbuniv;aswbuniv;c:\windows\\SystemRoot\system32\drivers\aswbuniva.sys;c:\windows\\SystemRoot\system32\drivers\aswbuniva.sys [x]
S0 aswRvrt;aswRvrt;c:\windows\\SystemRoot\system32\drivers\aswRvrt.sys;c:\windows\\SystemRoot\system32\drivers\aswRvrt.sys [x]
S0 aswVmm;aswVmm;c:\windows\\SystemRoot\system32\drivers\aswVmm.sys;c:\windows\\SystemRoot\system32\drivers\aswVmm.sys [x]
S1 aswbidsdriver;aswbidsdriver;c:\windows\system32\drivers\aswbidsdrivera.sys;c:\windows\SYSNATIVE\drivers\aswbidsdrivera.sys [x]
S1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys;c:\windows\SYSNATIVE\drivers\aswKbd.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
S2 ClickToRunSvc;Service Démarrer en clic Microsoft Office;c:\program files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe;c:\program files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe;c:\program files (x86)\Launch Manager\dsiwmis.exe [x]
S2 ePowerSvc;ePower Service;c:\program files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe;c:\program files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [x]
S2 FreeStyleLibre MAS Server;FreeStyleLibre MAS Server;c:\program files (x86)\FreeStyle Libre\MAS.FreeStyleLibre.exe ;c:\program files (x86)\FreeStyle Libre\MAS.FreeStyleLibre.exe [x]
S2 GREGService;GREGService;c:\program files (x86)\Packard Bell\Registration\GREGsvc.exe;c:\program files (x86)\Packard Bell\Registration\GREGsvc.exe [x]
S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [x]
S2 Live Updater Service;Live Updater Service;c:\program files\Packard Bell\Packard Bell Updater\UpdaterService.exe;c:\program files\Packard Bell\Packard Bell Updater\UpdaterService.exe [x]
S2 MBAMChameleon;MBAMChameleon;c:\windows\System32\Drivers\MbamChameleon.sys;c:\windows\SYSNATIVE\Drivers\MbamChameleon.sys [x]
S2 MBAMService;Malwarebytes Service;c:\program files\Malwarebytes\Anti-Malware\mbamservice.exe;c:\program files\Malwarebytes\Anti-Malware\mbamservice.exe [x]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe;c:\program files (x86)\Nero\Update\NASvc.exe [x]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
S3 amdhub30;AMD USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\amdhub30.sys;c:\windows\SYSNATIVE\DRIVERS\amdhub30.sys [x]
S3 amdxhc;AMD USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\amdxhc.sys;c:\windows\SYSNATIVE\DRIVERS\amdxhc.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jubusenum.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\System32\Drivers\mbamswissarmy.sys;c:\windows\SYSNATIVE\Drivers\mbamswissarmy.sys [x]
S3 Point64;Microsoft Mouse and Keyboard Center Filter Driver;c:\windows\system32\DRIVERS\point64.sys;c:\windows\SYSNATIVE\DRIVERS\point64.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
.
.
--- Autres Services/Pilotes en mémoire ---
.
*NewlyCreated* - MBAMCHAMELEON
*NewlyCreated* - MBAMSWISSARMY
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr QWAVE wcncsvc
.
Contenu du dossier 'Tâches planifiées'
.
2017-11-13 c:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-284284951-1657546118-486349192-1000Core.job
- c:\users\Lucette\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-18 05:19]
.
2017-11-15 c:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-284284951-1657546118-486349192-1000UA.job
- c:\users\Lucette\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-18 05:19]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive1]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2017-11-07 05:24 2889416 ----a-w- c:\users\Lucette\AppData\Local\Microsoft\OneDrive\17.3.7076.1026\amd64\FileSyncShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive2]
@="{5AB7172C-9C11-405C-8DD5-AF20F3606282}"
[HKEY_CLASSES_ROOT\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}]
2017-11-07 05:24 2889416 ----a-w- c:\users\Lucette\AppData\Local\Microsoft\OneDrive\17.3.7076.1026\amd64\FileSyncShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive3]
@="{A78ED123-AB77-406B-9962-2A5D9D2F7F30}"
[HKEY_CLASSES_ROOT\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}]
2017-11-07 05:24 2889416 ----a-w- c:\users\Lucette\AppData\Local\Microsoft\OneDrive\17.3.7076.1026\amd64\FileSyncShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive4]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2017-11-07 05:24 2889416 ----a-w- c:\users\Lucette\AppData\Local\Microsoft\OneDrive\17.3.7076.1026\amd64\FileSyncShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive5]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2017-11-07 05:24 2889416 ----a-w- c:\users\Lucette\AppData\Local\Microsoft\OneDrive\17.3.7076.1026\amd64\FileSyncShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive6]
@="{9AA2F32D-362A-42D9-9328-24A483E2CCC3}"
[HKEY_CLASSES_ROOT\CLSID\{9AA2F32D-362A-42D9-9328-24A483E2CCC3}]
2017-11-07 05:24 2889416 ----a-w- c:\users\Lucette\AppData\Local\Microsoft\OneDrive\17.3.7076.1026\amd64\FileSyncShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2017-09-05 10:52 2351920 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2017-09-05 10:52 2351920 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2017-09-05 10:52 2351920 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2017-11-01 11:44 337224 ----a-w- c:\users\Lucette\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2017-11-01 11:44 337224 ----a-w- c:\users\Lucette\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2017-11-01 11:44 337224 ----a-w- c:\users\Lucette\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2017-11-01 11:44 337224 ----a-w- c:\users\Lucette\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2017-11-01 11:44 337224 ----a-w- c:\users\Lucette\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2017-11-01 11:44 337224 ----a-w- c:\users\Lucette\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2017-11-01 11:44 337224 ----a-w- c:\users\Lucette\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2017-11-01 11:44 337224 ----a-w- c:\users\Lucette\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00asw]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2017-10-09 19:12 1789648 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00asw]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2017-10-09 19:12 1789648 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvLaunch.exe" [2017-10-09 253344]
"ALU"="c:\program files\Packard Bell\Packard Bell Updater\ALU.exe" [2016-06-06 2419104]
.
------- Examen supplémentaire -------
.
uLocal Page = c:\windows\system32\blank.htm
uSearchMigratedDefaultURL = https://www.google.com/
mDefault_Search_URL = hxxp://www.google.com
mDefault_Page_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\System32\blank.htm
mSearch Page = hxxp://www.google.com
mSearch Bar = https://www.google.com/
mSearchMigratedDefaultURL = https://www.google.com/
uCustomizeSearch = https://www.google.com/
mCustomizeSearch = https://www.google.com/
IE: E&xport to Microsoft Excel - c:\program files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\program files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
Trusted Zone: orange.fr\logicielsgratuits
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{0FF06AFD-856E-41E1-8468-D33646941909}: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{0FF06AFD-856E-41E1-8468-D33646941909}\356425F593735483: DhcpNameServer = 192.168.1.1
DPF: {42F2D240-B23C-11D6-8C73-70A05DC10000} - hxxp://dl.logicielsgratuits.orange.fr/softs/orangeinstaller/src/win/Orange_Install.exe
FF - ProfilePath - c:\users\Lucette\AppData\Roaming\Mozilla\Firefox\Profiles\6igu2cod.default-1452752827800-1510316214766\
.
- - - - ORPHELINS SUPPRIMES - - - -
.
Toolbar-Locked - (no file)
Toolbar-10 - (no file)
HKLM_Wow6432Node-ActiveSetup-{8A69D345-D564-463c-AFF1-A69D9E530F96} - c:\program files (x86)\Google\Chrome\Application\58.0.3029.81\Installer\chrmstp.exe
.
.
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_27_0_0_187_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_27_0_0_187_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_27_0_0_187_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_27_0_0_187_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_27_0_0_187.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.27"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_27_0_0_187.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_27_0_0_187.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_27_0_0_187.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0\Alias]
@=""
"0"="ActionsPane Schema for Add-Ins"
.
------------------------ Autres processus actifs ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Launch Manager\LMworker.exe
c:\program files (x86)\Launch Manager\LMutilps32.exe
c:\program files (x86)\Adobe\Acrobat Reader DC\Reader\Reader_sl.exe
.
**************************************************************************
.
Heure de fin: 2017-11-15 19:57:22 - La machine a redémarré
ComboFix-quarantined-files.txt 2017-11-15 18:57
ComboFix2.txt 2015-12-27 20:00
.
Avant-CF: 155 229 970 432 octets libres
Après-CF: 154 612 338 688 octets libres
.
- - End Of File - - E815574920C3F39B6AA6AB824E9AB2CF
A36C5E4F47E84449FF07ED3517B43A31