Publicité
Publicité
Format du document : text/plain
Prévisualisation
ComboFix 16-03-07.01 - fanny 07/03/2016 9:42.1.2 - x86
Microsoft Windows 7 Édition Familiale Basique 6.1.7601.1.1252.33.1036.18.2037.844 [GMT 1:00]
Lancé depuis: c:\users\fanny\Desktop\Downloads\ComboFix.exe
AV: Bitdefender Antivirus *Disabled/Updated* {9A0813D8-CED6-F86B-072E-28D2AF25A83D}
FW: Bitdefender Pare-feu *Enabled* {A23392FD-84B9-F933-2C71-81E751F6EF46}
SP: Bitdefender Antispyware *Disabled/Updated* {2169F23C-E8EC-F7E5-3D9E-13A0D4A2E280}
SP: Spybot - Search and Destroy *Enabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Un nouveau point de restauration a été créé
.
[i] ADS - Windows: deleted 24 bytes in 1 streams. [/i]
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Windows Searchqu Toolbar
c:\program files\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\content\overlay.xul
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\coupon-activated.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\skin\images\btn-showalert-over.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\bg-btnover-divider.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\btnback-down-vista.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\default.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\tab-off-l.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\footer.htm
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\arrow-sml.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\menul-bgon.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scrollb-over.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\view-detailed-on.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\popupWidgets.html
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_14.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\rss-reload.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\rss-subscribe.png
c:\programdata\1436021394.bdinstall.bin
c:\programdata\17470002380575711363
c:\programdata\17470002380575711363\cd5b15e575e1c3d029dc65c107aaaf3f.ini
c:\users\fanny\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec
c:\users\fanny\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.9_0\background.html
c:\users\fanny\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.9_0\crossriderManifest.json
c:\users\fanny\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.9_0\icons\actions\1.png
c:\users\fanny\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.9_0\icons\icon128.png
c:\users\fanny\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.9_0\icons\icon16.png
c:\users\fanny\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.9_0\icons\icon48.png
c:\users\fanny\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.9_0\js\api\chrome.js
c:\users\fanny\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.9_0\js\api\cookie.js
c:\users\fanny\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.9_0\js\api\message.js
c:\users\fanny\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.9_0\js\app\background.js
c:\users\fanny\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.9_0\js\app\extension.js
c:\users\fanny\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.9_0\js\background.js
c:\users\fanny\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.9_0\js\lib\app_api.js
c:\users\fanny\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.9_0\js\lib\async_api.js
c:\users\fanny\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.9_0\js\lib\bg_app_api.js
c:\users\fanny\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.9_0\js\lib\cookie_store.js
c:\users\fanny\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.9_0\js\lib\crossriderAPI.js
c:\users\fanny\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.9_0\js\lib\data_store.js
c:\users\fanny\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.9_0\js\lib\delegate.js
c:\users\fanny\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.9_0\js\lib\events.js
c:\users\fanny\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.9_0\js\lib\installer.js
c:\users\fanny\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.9_0\js\lib\logging.js
c:\users\fanny\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.9_0\js\lib\onBGDocumentLoad.js
c:\users\fanny\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.9_0\js\lib\popupResource\newPopup.js
c:\users\fanny\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.9_0\js\lib\popupResource\popup.js
c:\users\fanny\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.9_0\js\lib\reports.js
c:\users\fanny\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.9_0\js\lib\util.js
c:\users\fanny\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.9_0\js\lib\xhr.js
c:\users\fanny\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.9_0\popup.html
c:\users\fanny\AppData\Local\Google\Chrome\User Data\Default\Preferences
c:\users\fanny\AppData\Local\TempDIR
c:\windows\system32\2
c:\windows\system32\2\bdsandboxuh.dll
c:\windows\system32\2\bdsandboxuiskin.dll
c:\windows\system32\2\drivers\avc3.sys
c:\windows\system32\2\drivers\avchv.sys
c:\windows\system32\2\drivers\avckf.sys
c:\windows\system32\2\drivers\bdsandbox.sys
c:\windows\system32\2\drivers\bdvedisk.sys
c:\windows\system32\2\drivers\gzflt.sys
c:\windows\system32\2\drivers\trufos.sys
c:\windows\system32\sysdir
c:\windows\system32\sysdir\sycd6.dll
c:\windows\XSxS
.
.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_IO.SYS
-------\Service_io.sys
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2016-02-07 au 2016-03-07 ))))))))))))))))))))))))))))))))))))
.
.
2016-03-07 08:52 . 2016-03-07 08:57 -------- d-----w- c:\users\fanny\AppData\Local\temp
2016-03-07 08:52 . 2016-03-07 08:52 -------- d-----w- c:\users\Invité\AppData\Local\temp
2016-03-07 08:52 . 2016-03-07 08:52 -------- d-----w- c:\users\Default\AppData\Local\temp
2016-03-07 08:52 . 2016-03-07 08:52 -------- d-----w- c:\users\boby\AppData\Local\temp
2016-03-04 08:00 . 2016-03-04 08:00 -------- d-----w- c:\users\fanny\AppData\Local\Mega Limited
2016-03-03 23:05 . 2016-03-03 23:19 -------- d--h--w- c:\programdata\{827D21CC-A22D-45D6-23CA-451DDAC769BA}
2016-03-03 22:40 . 2016-03-03 22:57 -------- d-----w- c:\programdata\ukprfree
2016-03-03 22:26 . 2016-03-04 06:57 -------- d-----w- c:\users\Public\local
2016-03-02 08:09 . 2016-03-02 08:09 -------- d-----w- c:\programdata\Ralink
2016-03-01 23:04 . 2016-03-01 23:04 -------- d-----w- c:\users\fanny\AppData\Local\Remove_Empty_Directories
2016-02-28 00:07 . 2016-02-28 00:07 796864 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2016-02-28 00:07 . 2016-02-28 00:07 142528 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2016-02-27 23:53 . 2016-02-27 23:53 95840 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2016-02-27 23:46 . 2016-02-27 23:46 -------- d-----w- c:\users\fanny\AppData\Local\CEF
2016-02-27 22:22 . 2016-02-27 22:22 -------- d-----w- c:\users\fanny\.oracle_jre_usage
2016-02-22 23:29 . 2016-02-22 23:31 -------- d-----w- c:\program files\CCleaner
2016-02-22 13:21 . 2012-07-23 23:00 342016 ----a-w- c:\windows\system32\esw2ud.dll
2016-02-22 13:21 . 2011-12-11 23:00 122000 ----a-w- c:\windows\system32\escsvc.exe
2016-02-19 17:57 . 2016-02-19 17:57 -------- d-sh--w- c:\windows\system32\AI_RecycleBin
2016-02-19 17:55 . 2016-02-19 17:55 -------- d-----w- c:\users\fanny\AppData\Roaming\Drivers et Pilotes
2016-02-10 12:47 . 2016-01-22 05:12 2973184 ----a-w- c:\windows\explorer.exe
2016-02-10 12:47 . 2016-01-22 06:00 1498624 ----a-w- c:\windows\system32\ExplorerFrame.dll
2016-02-10 12:47 . 2016-01-22 05:59 1805824 ----a-w- c:\windows\system32\authui.dll
2016-02-10 12:46 . 2016-01-11 14:07 1198080 ----a-w- c:\windows\system32\appraiser.dll
2016-02-10 12:46 . 2016-01-16 18:42 22464 ----a-w- c:\windows\system32\CompatTelRunner.exe
2016-02-10 12:46 . 2016-01-16 18:34 949760 ----a-w- c:\windows\system32\aeinv.dll
2016-02-10 12:46 . 2016-01-11 14:07 65536 ----a-w- c:\windows\system32\acmigration.dll
2016-02-10 12:46 . 2016-01-11 14:07 591360 ----a-w- c:\windows\system32\invagent.dll
2016-02-10 12:46 . 2016-01-11 14:07 544768 ----a-w- c:\windows\system32\generaltel.dll
2016-02-10 12:46 . 2016-01-11 14:07 424960 ----a-w- c:\windows\system32\devinv.dll
2016-02-10 12:46 . 2016-01-16 18:36 1413632 ----a-w- c:\windows\system32\ole32.dll
2016-02-10 12:32 . 2016-01-11 18:47 2956288 ----a-w- c:\windows\system32\wucltux.dll
2016-02-10 12:32 . 2016-01-11 18:17 2062848 ----a-w- c:\windows\system32\wuaueng.dll
2016-02-10 12:32 . 2016-01-11 18:14 573440 ----a-w- c:\windows\system32\wuapi.dll
2016-02-10 12:32 . 2016-01-11 18:47 174080 ----a-w- c:\windows\system32\wuwebv.dll
2016-02-10 12:32 . 2016-01-11 18:35 73728 ----a-w- c:\windows\system32\WinSetupUI.dll
2016-02-10 12:32 . 2016-01-11 18:14 93696 ----a-w- c:\windows\system32\wudriver.dll
2016-02-10 12:32 . 2016-01-11 18:14 30208 ----a-w- c:\windows\system32\wups.dll
2016-02-10 12:32 . 2016-01-11 18:14 35840 ----a-w- c:\windows\system32\wups2.dll
2016-02-10 12:32 . 2016-01-11 18:14 136192 ----a-w- c:\windows\system32\wuauclt.exe
2016-02-10 12:32 . 2016-01-11 18:14 35328 ----a-w- c:\windows\system32\wuapp.exe
2016-02-10 12:32 . 2016-01-11 18:14 11776 ----a-w- c:\windows\system32\wu.upgrade.ps.dll
2016-02-10 08:53 . 2016-02-10 08:53 8817344 ----a-w- c:\windows\system32\FlashPlayerInstaller.exe
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-03-07 08:55 . 2008-01-01 00:36 16608 ----a-w- c:\windows\gdrv.sys
2015-12-09 18:58 . 2015-12-09 18:58 1070232 ----a-w- c:\windows\system32\MSCOMCTL.OCX
2015-12-08 21:54 . 2016-01-13 10:24 902144 ----a-w- c:\windows\system32\WMADMOD.DLL
2015-12-08 21:54 . 2016-01-13 10:24 1620992 ----a-w- c:\windows\system32\WMVDECOD.DLL
2015-12-08 21:54 . 2016-01-13 10:24 815616 ----a-w- c:\windows\system32\WMADMOE.DLL
2015-12-08 21:54 . 2016-01-13 10:24 740352 ----a-w- c:\windows\system32\wmpmde.dll
2015-12-08 21:54 . 2016-01-13 10:24 739328 ----a-w- c:\windows\system32\WMSPDMOD.DLL
2015-12-08 21:54 . 2016-01-13 10:24 665088 ----a-w- c:\windows\system32\WMVXENCD.DLL
2015-12-08 21:54 . 2016-01-13 10:24 541184 ----a-w- c:\windows\system32\WMVSDECD.DLL
2015-12-08 21:54 . 2016-01-13 10:24 1568768 ----a-w- c:\windows\system32\WMVENCOD.DLL
2015-12-08 21:54 . 2016-01-13 10:24 358400 ----a-w- c:\windows\system32\WMVSENCD.DLL
2015-12-08 21:54 . 2016-01-13 10:24 1325056 ----a-w- c:\windows\system32\WMSPDMOE.DLL
2015-12-08 21:54 . 2016-01-13 10:24 1202688 ----a-w- c:\windows\system32\WMALFXGFXDSP.dll
2015-12-08 21:54 . 2016-01-13 10:24 2285056 ----a-w- c:\windows\system32\msmpeg2vdec.dll
2015-12-08 21:54 . 2016-01-13 10:24 154112 ----a-w- c:\windows\system32\VIDRESZR.DLL
2015-12-08 21:53 . 2016-01-13 10:24 338944 ----a-w- c:\windows\system32\SysFxUI.dll
2015-12-08 21:53 . 2016-01-13 10:24 206848 ----a-w- c:\windows\system32\RESAMPLEDMO.DLL
2015-12-08 21:53 . 2016-01-13 10:25 509952 ----a-w- c:\windows\system32\qedit.dll
2015-12-08 21:53 . 2016-01-13 10:24 1329664 ----a-w- c:\windows\system32\quartz.dll
2015-12-08 21:53 . 2016-01-13 10:24 519680 ----a-w- c:\windows\system32\qdvd.dll
2015-12-08 21:53 . 2016-01-13 10:24 206848 ----a-w- c:\windows\system32\qasf.dll
2015-12-08 21:53 . 2016-01-13 10:24 970240 ----a-w- c:\windows\system32\msmpeg2adec.dll
2015-12-08 21:53 . 2016-01-13 10:24 829952 ----a-w- c:\windows\system32\MSMPEG2ENC.DLL
2015-12-08 21:53 . 2016-01-13 10:24 241152 ----a-w- c:\windows\system32\MPG4DECD.DLL
2015-12-08 21:53 . 2016-01-13 10:24 241152 ----a-w- c:\windows\system32\MP43DECD.DLL
2015-12-08 21:53 . 2016-01-13 10:24 79872 ----a-w- c:\windows\system32\MP3DMOD.DLL
2015-12-08 21:53 . 2016-01-13 10:24 415744 ----a-w- c:\windows\system32\MP4SDECD.DLL
2015-12-08 21:53 . 2016-01-13 10:24 3209728 ----a-w- c:\windows\system32\mf.dll
2015-12-08 21:53 . 2016-01-13 10:24 609280 ----a-w- c:\windows\system32\MFWMAAEC.DLL
2015-12-08 21:53 . 2016-01-13 10:24 354816 ----a-w- c:\windows\system32\mfplat.dll
2015-12-08 21:53 . 2016-01-13 10:24 53248 ----a-w- c:\windows\system32\mfvdsp.dll
2015-12-08 21:53 . 2016-01-13 10:24 4608 ----a-w- c:\windows\system32\ksuser.dll
2015-12-08 21:53 . 2016-01-13 10:24 103424 ----a-w- c:\windows\system32\mfps.dll
2015-12-08 21:53 . 2016-01-13 10:25 305664 ----a-w- c:\windows\system32\gdi32.dll
2015-12-08 21:53 . 2016-01-13 10:24 489984 ----a-w- c:\windows\system32\evr.dll
2015-12-08 21:53 . 2016-01-13 10:24 67584 ----a-w- c:\windows\system32\devenum.dll
2015-12-08 21:53 . 2016-01-13 10:24 153600 ----a-w- c:\windows\system32\COLORCNV.DLL
2015-12-08 21:53 . 2016-01-13 10:24 50176 ----a-w- c:\windows\system32\rrinstaller.exe
2015-12-08 21:53 . 2016-01-13 10:24 23040 ----a-w- c:\windows\system32\mfpmp.exe
2015-12-08 21:53 . 2016-01-13 10:24 193536 ----a-w- c:\windows\system32\ksproxy.ax
2015-12-08 21:50 . 2016-01-13 10:24 2048 ----a-w- c:\windows\system32\mferror.dll
2015-12-08 21:43 . 2016-01-13 10:24 81408 ----a-w- c:\windows\system32\drivers\drmk.sys
2015-12-08 21:11 . 2016-01-13 10:24 177152 ----a-w- c:\windows\system32\drivers\portcls.sys
2015-12-08 21:11 . 2016-01-13 10:24 5120 ----a-w- c:\windows\system32\drivers\drmkaud.sys
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2006-05-16 213936]
"Bitdefender Wallet Agent"="c:\program files\Bitdefender\Bitdefender 2015\bdwtxag.exe" [2015-01-15 671400]
"EPLTarget\P0000000000000002"="c:\windows\system32\spool\DRIVERS\W32X86\3\E_FATIIKE.EXE" [2012-02-29 249440]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-01-13 6711840]
"DHTray"="c:\windows\system32\DHTray.exe" [2007-05-25 331776]
"A0380mon"="c:\windows\system32\A0380mon.exe" [2007-03-22 16384]
"Bdagent"="c:\program files\Bitdefender\Bitdefender 2015\bdagent.exe" [2015-03-12 1862056]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"SpybotPostWindows10UpgradeReInstall"="c:\program files\Common Files\AV\Spybot - Search and Destroy\Test.exe" [2015-07-28 1011200]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
USB Wifi Listo.lnk - c:\program files\Listo\Common\RaUI.exe -s [2011-8-7 11474272]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"HideFastUserSwitching"= 0 (0x0)
"HideShutdownScripts"= 0 (0x0)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"HideLogonScripts"= 0 (0x0)
.
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\system]
"NoColorChoice"= 0 (0x0)
"HideLogonScripts"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"UseDefaultTile"= 0 (0x0)
"NoWelcomeScreen"= 0 (0x0)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"RestrictCpl"= 0 (0x0)
"DisallowCpl"= 0 (0x0)
"PreventItemCreationInUsersFilesFolder"= 0 (0x0)
"NoReadingPane"= 0 (0x0)
"NoPreviewPane"= 0 (0x0)
"DontSetAutoplayCheckbox"= 0 (0x0)
"NoCustomizeWebView"= 0 (0x0)
"NoDFSTab"= 0 (0x0)
"DisableThumbnails"= 0 (0x0)
"DisableThumbnailsOnNetworkFolders"= 0 (0x0)
"NoCustomizeThisFolder"= 0 (0x0)
"NoWebView"= 0 (0x0)
"DontShowSuperHidden"= 0 (0x0)
"NoOnlinePrintsWizard"= 0 (0x0)
"NoPublishingWizard"= 0 (0x0)
"AlwaysShowClassicMenu"= 0 (0x0)
"ClearRecentProgForNewUserInStartMenu"= 0 (0x0)
"NoUserFolderInStartMenu"= 0 (0x0)
"NoSearchComputerLinkInStartMenu"= 0 (0x0)
"NoSearchProgramsInStartMenu"= 0 (0x0)
"NoSearchInternetInStartMenu"= 0 (0x0)
"NoSearchFilesInStartMenu"= 0 (0x0)
"NoSearchCommInStartMenu"= 0 (0x0)
"NoSMConfigurePrograms"= 0 (0x0)
"NoHelp"= 0 (0x0)
"NoCommonGroups"= 0 (0x0)
"NoStartMenuEjectPC"= 0 (0x0)
"NoSimpleStartMenu"= 0 (0x0)
"NoStartMenuSubFolders"= 0 (0x0)
"NoDisconnect"= 0 (0x0)
"NoNtSecurity"= 0 (0x0)
"GreyMSIAds"= 0 (0x0)
"ForceMaxRecentDocs"= 0 (0x0)
"NoStartMenuMyGames"= 0 (0x0)
"NoSMBalloonTip"= 0 (0x0)
"NoSMBalloonTips"= 0 (0x0)
"HideSCAVolume"= 0 (0x0)
"HideSCANetwork"= 0 (0x0)
"HideSCAPower"= 0 (0x0)
"HideSCABattery"= 0 (0x0)
"TaskbarNoNotification"= 0 (0x0)
"NoTaskGrouping"= 0 (0x0)
"TaskbarNoThumbnail"= 0 (0x0)
"TaskbarLockAll"= 0 (0x0)
"TaskbarNoResize"= 0 (0x0)
"TaskbarNoAddRemoveToolbar"= 0 (0x0)
"TaskbarNoDragToolbar"= 0 (0x0)
"TaskbarNoRedock"= 0 (0x0)
"RestrictWelcomeCenter"= 0 (0x0)
"NoWebServices"= 0 (0x0)
"NoFileUrl"= 0 (0x0)
"SpecifyDefaultButtons"= 0 (0x0)
"NoInplaceSharing"= 0 (0x0)
"UseFoldersInStartMenu"= 0 (0x0)
"TurnOffSPIAnimations"= 0 (0x0)
"PromptRunasInstallNetPath"= 1 (0x1)
"NoResolveTrack"= 0 (0x0)
"NoThumbnailCache"= 0 (0x0)
"ForceCopyAclwithFile"= 0 (0x0)
"StartRunNoHOMEPATH"= 0 (0x0)
.
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoThemesTab"= 0 (0x0)
"RestrictCpl"= 0 (0x0)
"DisallowCpl"= 0 (0x0)
"RestrictRun"= 0 (0x0)
"DisallowRun"= 0 (0x0)
"NoRecycleFiles"= 0 (0x0)
"PreventItemCreationInUsersFilesFolder"= 0 (0x0)
"NoReadingPane"= 0 (0x0)
"NoPreviewPane"= 0 (0x0)
"DontSetAutoplayCheckbox"= 0 (0x0)
"NoCustomizeWebView"= 0 (0x0)
"NoDFSTab"= 0 (0x0)
"DisableThumbnails"= 0 (0x0)
"DisableThumbnailsOnNetworkFolders"= 0 (0x0)
"NoCustomizeThisFolder"= 0 (0x0)
"NoWebView"= 0 (0x0)
"DontShowSuperHidden"= 0 (0x0)
"NoOnlinePrintsWizard"= 0 (0x0)
"NoPublishingWizard"= 0 (0x0)
"AlwaysShowClassicMenu"= 0 (0x0)
"ClearRecentProgForNewUserInStartMenu"= 0 (0x0)
"NoUserFolderInStartMenu"= 0 (0x0)
"NoSearchComputerLinkInStartMenu"= 0 (0x0)
"NoSearchProgramsInStartMenu"= 0 (0x0)
"NoSearchInternetInStartMenu"= 0 (0x0)
"NoSearchFilesInStartMenu"= 0 (0x0)
"NoSearchCommInStartMenu"= 0 (0x0)
"NoSMConfigurePrograms"= 0 (0x0)
"NoSMMyPictures"= 0 (0x0)
"NoStartMenuMyMusic"= 0 (0x0)
"NoHelp"= 0 (0x0)
"NoCommonGroups"= 0 (0x0)
"NoStartMenuEjectPC"= 0 (0x0)
"NoSimpleStartMenu"= 0 (0x0)
"NoStartMenuSubFolders"= 0 (0x0)
"NoDisconnect"= 0 (0x0)
"NoNtSecurity"= 0 (0x0)
"GreyMSIAds"= 0 (0x0)
"ForceMaxRecentDocs"= 0 (0x0)
"NoStartMenuMyGames"= 0 (0x0)
"NoSMBalloonTip"= 0 (0x0)
"NoSMBalloonTips"= 0 (0x0)
"HideClock"= 0 (0x0)
"HideSCAVolume"= 0 (0x0)
"HideSCANetwork"= 0 (0x0)
"HideSCAPower"= 0 (0x0)
"HideSCABattery"= 0 (0x0)
"TaskbarNoNotification"= 0 (0x0)
"NoTaskGrouping"= 0 (0x0)
"TaskbarNoThumbnail"= 0 (0x0)
"TaskbarLockAll"= 0 (0x0)
"TaskbarNoResize"= 0 (0x0)
"TaskbarNoAddRemoveToolbar"= 0 (0x0)
"TaskbarNoDragToolbar"= 0 (0x0)
"TaskbarNoRedock"= 0 (0x0)
"RestrictWelcomeCenter"= 0 (0x0)
"NoWebServices"= 0 (0x0)
"NoFileUrl"= 0 (0x0)
"SpecifyDefaultButtons"= 0 (0x0)
"NoInplaceSharing"= 0 (0x0)
"UseFoldersInStartMenu"= 0 (0x0)
"TurnOffSPIAnimations"= 0 (0x0)
"PromptRunasInstallNetPath"= 1 (0x1)
"NoResolveTrack"= 0 (0x0)
"NoThumbnailCache"= 0 (0x0)
"ForceCopyAclwithFile"= 0 (0x0)
"StartRunNoHOMEPATH"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean.exe
.
[HKLM\~\startupfolder\C:^Users^fanny^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^SFR Cloud.lnk]
path=c:\users\fanny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SFR Cloud.lnk
backup=c:\windows\pss\SFR Cloud.lnk.Startup
backupExtension=.Startup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avgnt
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPLTarget
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HitsBlender
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SDTray
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Selection Tools
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Smart File Advisor
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2015-12-14 07:48 1085656 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
2015-04-08 15:49 6276888 ----a-w- c:\program files\CCleaner\CCleaner.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EEventManager]
2011-10-31 13:25 1058400 ----a-w- c:\program files\EPSON Software\Event Manager\EEventManager.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPLTarget\P0000000000000000]
2012-02-29 05:03 249440 ----a-w- c:\windows\System32\spool\drivers\w32x86\3\E_FATIIKE.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPLTarget\P0000000000000001]
2012-02-29 05:03 249440 ----a-w- c:\windows\System32\spool\drivers\w32x86\3\E_FATIIKE.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FAHConsole]
2014-01-28 10:16 616632 ----a-w- c:\program files\File Association Helper\FAHConsole.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Monitor]
2006-11-03 09:01 319488 ----a-w- c:\windows\PixArt\Pac207\Monitor.exe
.
2;2 MBAMService;MBAMService;c:\program files\Malwarebytes Anti-Malware\mbamservice.exe [x]
R0 cdcono;cdcono;c:\windows\System32\drivers\gubxxvh.sys [x]
R2 AxAutoMntSrv;Alcohol Virtual Drive Auto-mount Service;c:\program files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [2012-01-05 75624]
R2 KMService;KMService;c:\windows\system32\srvany.exe [2010-10-03 8192]
R2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes Anti-Malware\mbamscheduler.exe [2015-04-14 1871160]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2015-01-02 315488]
R3 A0380VID;USB2.0 PC Camera;c:\windows\system32\DRIVERS\A0380Vid.sys [2007-05-17 300480]
R3 avckf;avckf;c:\windows\system32\DRIVERS\avckf.sys [2015-01-14 548336]
R3 BdDesktopParental;Bitdefender Desktop Parental Control;c:\program files\Bitdefender\Bitdefender 2015\bdparentalservice.exe [2014-12-09 69880]
R3 bdfwfpf_pc;bdfwfpf_pc;c:\program files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [2013-07-02 108008]
R3 BDSandBox;BDSandBox;c:\windows\system32\drivers\bdsandbox.sys [2015-01-09 66832]
R3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [x]
R3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.SYS [2009-04-07 36608]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2016-01-22 102912]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys [2015-06-24 119512]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys [2015-04-14 51928]
R3 PAC207;SoC PC-Camera;c:\windows\system32\DRIVERS\PFC027.SYS [2006-12-05 507136]
R3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys [2013-01-31 47360]
R3 RaMediaServer;RaMediaServer;c:\program files\Listo\Common\RaMediaServer.exe [2010-12-30 619872]
R3 RTL8187B;Carte réseau USB 2.0 Realtek RTL8187B sans fil 802.11b/g 54 Mbits/s;c:\windows\system32\DRIVERS\RTL8187B.sys [2009-07-13 347136]
R3 RtlProt;RtlProt;c:\windows\System32\Drivers\RtlProt.sys [2007-04-23 25896]
R3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 WSDScan;Prise en charge de la numérisation WSD via UMB;c:\windows\system32\drivers\WSDScan.sys [2009-07-14 20480]
R4 MyEpson Portal Service;MyEpson Portal Service;c:\program files\EPSON\MyEpson Portal\mepService.exe [2014-09-22 703984]
S0 avc3;avc3;c:\windows\system32\DRIVERS\avc3.sys [2015-01-14 1083448]
S0 gzflt;gzflt;c:\windows\system32\DRIVERS\gzflt.sys [2015-02-24 172936]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 BdfNdisf;BitDefender Firewall NDIS 6 Filter Driver;c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [2014-12-15 77632]
S1 bdfwfpf;bdfwfpf;c:\program files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [2012-10-29 93648]
S2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;c:\program files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [2009-05-14 759048]
S2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2016-01-08 1433216]
S2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2016-01-08 1773696]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe [2009-07-14 20992]
S2 EpsonScanSvc;Epson Scanner Service;c:\windows\system32\EscSvc.exe [2011-12-11 122000]
S2 ES lite Service;ES lite Service for program management.;c:\program files\Gigabyte\EasySaver\ESSVR.EXE [2008-12-24 68136]
S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2010-06-25 35088]
S2 RealtekUSB;RealtekUSB;c:\program files\BlueStork\BS-WG-USB Wireless LAN Utility\RtlService.exe [2007-07-27 36864]
S2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files\Spybot - Search & Destroy 2\SDFSSvc.exe [2014-06-24 1738168]
S2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files\Spybot - Search & Destroy 2\SDUpdSvc.exe [2014-06-27 2088408]
S2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files\Spybot - Search & Destroy 2\SDWSCSvc.exe [2014-04-25 171928]
S2 SOFTLOK;SOFTLOK; [x]
S2 UPDATESRV;Bitdefender Desktop Update Service;c:\program files\Bitdefender\Bitdefender 2015\updatesrv.exe [2014-10-27 54424]
S3 avchv;avchv Function Driver;c:\windows\system32\DRIVERS\avchv.sys [2015-01-23 243456]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2015-04-14 23256]
S3 netr28u;RT2870 USB Extensible Wireless LAN Card Driver;c:\windows\system32\DRIVERS\netr28u.sys [2010-12-28 1174880]
S3 portio32;portio32;c:\windows\system32\drivers\portio32.sys [2004-07-14 2048]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-03-01 139776]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS fdrespub AppIDSvc QWAVE wcncsvc SensrSvc
HPService REG_MULTI_SZ HPSLPSVC
utcsvc REG_MULTI_SZ DiagTrack
.
Contenu du dossier 'Tâches planifiées'
.
2016-03-07 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-28 00:07]
.
.
------- Examen supplémentaire -------
.
uStart Page = https://www.google.fr/
mStart Page = about:blank
uSearchAssistant = www.google.com
IE: E&xporter vers Microsoft Excel - c:\progra~1\MIF5BA~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{86FE1262-30CE-4737-BB0C-2730A122071B}\E4545564F524330343: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\fanny\AppData\Roaming\Mozilla\Firefox\Profiles\osfy5o1j.default-1435476110931\
user_pref(extensions.autoDisableScopes,14);
.
.
------- Associations de fichier -------
.
inifile="%SystemRoot%\system32\NOTEPAD.EXE" %1
txtfile="%SystemRoot%\system32\NOTEPAD.EXE" %1
.
- - - - ORPHELINS SUPPRIMES - - - -
.
Toolbar-10 - (no file)
WebBrowser-{4DAAC69C-CBA7-45E2-9BC8-1044483D3352} - (no file)
ShellIconOverlayIdentifiers-{056D528D-CE28-4194-9BA3-BA2E9197FF8C} - (no file)
ShellIconOverlayIdentifiers-{05B38830-F4E9-4329-978B-1DD28605D202} - (no file)
ShellIconOverlayIdentifiers-{0596C850-7BDD-4C9D-AFDF-873BE6890637} - (no file)
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file)
HKLM-Run-kbdsprt - (no file)
c:\users\fanny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HWMonitor_x32 - Raccourci.lnk - c:\users\fanny\Desktop\Downloads\hwmonitor_1.22-32bit\HWMonitor_x32.exe
AddRemove-360WAVESPATCHERCLT - c:\program files\360WavesPatcher\WDUNINST.EXE
AddRemove-VisualBee for Microsoft PowerPoint - c:\users\fanny\AppData\Local\VisualBeeExe\uninst.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\MWAC]
"ImagePath"="\??\c:\windows\system32\drivers\"
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="BrowserHTM"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="BrowserHTM"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="BrowserHTM"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="BrowserHTM"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="BrowserHTM"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Autres processus actifs ------------------------
.
c:\program files\Bitdefender\Bitdefender 2015\vsserv.exe
c:\windows\system32\WLANExt.exe
c:\windows\system32\conhost.exe
c:\program files\Common Files\EPSON\EBAPI\eEBSVC.exe
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\GWX\GWX.exe
c:\program files\Listo\Common\RaRegistry.exe
c:\program files\BlueStork\BS-WG-USB Wireless LAN Utility\RtWlan.exe
c:\program files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\sppsvc.exe
c:\windows\system32\conhost.exe
c:\program files\Listo\Common\RaUI.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\servicing\TrustedInstaller.exe
.
**************************************************************************
.
Heure de fin: 2016-03-07 10:03:14 - La machine a redémarré
ComboFix-quarantined-files.txt 2016-03-07 09:03
.
Avant-CF: 140 064 595 968 octets libres
Après-CF: 139 682 783 232 octets libres
.
- - End Of File - - C80DFCC8FFD8DA78B9D90B4906917E14
A36C5E4F47E84449FF07ED3517B43A31
Microsoft Windows 7 Édition Familiale Basique 6.1.7601.1.1252.33.1036.18.2037.844 [GMT 1:00]
Lancé depuis: c:\users\fanny\Desktop\Downloads\ComboFix.exe
AV: Bitdefender Antivirus *Disabled/Updated* {9A0813D8-CED6-F86B-072E-28D2AF25A83D}
FW: Bitdefender Pare-feu *Enabled* {A23392FD-84B9-F933-2C71-81E751F6EF46}
SP: Bitdefender Antispyware *Disabled/Updated* {2169F23C-E8EC-F7E5-3D9E-13A0D4A2E280}
SP: Spybot - Search and Destroy *Enabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Un nouveau point de restauration a été créé
.
[i] ADS - Windows: deleted 24 bytes in 1 streams. [/i]
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Windows Searchqu Toolbar
c:\program files\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\content\overlay.xul
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\coupon-activated.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\skin\images\btn-showalert-over.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\bg-btnover-divider.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\btnback-down-vista.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\default.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\tab-off-l.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\footer.htm
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\arrow-sml.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\menul-bgon.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scrollb-over.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\view-detailed-on.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\popupWidgets.html
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_14.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\rss-reload.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\rss-subscribe.png
c:\programdata\1436021394.bdinstall.bin
c:\programdata\17470002380575711363
c:\programdata\17470002380575711363\cd5b15e575e1c3d029dc65c107aaaf3f.ini
c:\users\fanny\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec
c:\users\fanny\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.9_0\background.html
c:\users\fanny\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.9_0\crossriderManifest.json
c:\users\fanny\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.9_0\icons\actions\1.png
c:\users\fanny\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.9_0\icons\icon128.png
c:\users\fanny\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.9_0\icons\icon16.png
c:\users\fanny\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.9_0\icons\icon48.png
c:\users\fanny\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.9_0\js\api\chrome.js
c:\users\fanny\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.9_0\js\api\cookie.js
c:\users\fanny\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.9_0\js\api\message.js
c:\users\fanny\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.9_0\js\app\background.js
c:\users\fanny\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.9_0\js\app\extension.js
c:\users\fanny\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.9_0\js\background.js
c:\users\fanny\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.9_0\js\lib\app_api.js
c:\users\fanny\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.9_0\js\lib\async_api.js
c:\users\fanny\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.9_0\js\lib\bg_app_api.js
c:\users\fanny\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.9_0\js\lib\cookie_store.js
c:\users\fanny\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.9_0\js\lib\crossriderAPI.js
c:\users\fanny\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.9_0\js\lib\data_store.js
c:\users\fanny\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.9_0\js\lib\delegate.js
c:\users\fanny\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.9_0\js\lib\events.js
c:\users\fanny\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.9_0\js\lib\installer.js
c:\users\fanny\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.9_0\js\lib\logging.js
c:\users\fanny\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.9_0\js\lib\onBGDocumentLoad.js
c:\users\fanny\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.9_0\js\lib\popupResource\newPopup.js
c:\users\fanny\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.9_0\js\lib\popupResource\popup.js
c:\users\fanny\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.9_0\js\lib\reports.js
c:\users\fanny\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.9_0\js\lib\util.js
c:\users\fanny\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.9_0\js\lib\xhr.js
c:\users\fanny\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.9_0\popup.html
c:\users\fanny\AppData\Local\Google\Chrome\User Data\Default\Preferences
c:\users\fanny\AppData\Local\TempDIR
c:\windows\system32\2
c:\windows\system32\2\bdsandboxuh.dll
c:\windows\system32\2\bdsandboxuiskin.dll
c:\windows\system32\2\drivers\avc3.sys
c:\windows\system32\2\drivers\avchv.sys
c:\windows\system32\2\drivers\avckf.sys
c:\windows\system32\2\drivers\bdsandbox.sys
c:\windows\system32\2\drivers\bdvedisk.sys
c:\windows\system32\2\drivers\gzflt.sys
c:\windows\system32\2\drivers\trufos.sys
c:\windows\system32\sysdir
c:\windows\system32\sysdir\sycd6.dll
c:\windows\XSxS
.
.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_IO.SYS
-------\Service_io.sys
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2016-02-07 au 2016-03-07 ))))))))))))))))))))))))))))))))))))
.
.
2016-03-07 08:52 . 2016-03-07 08:57 -------- d-----w- c:\users\fanny\AppData\Local\temp
2016-03-07 08:52 . 2016-03-07 08:52 -------- d-----w- c:\users\Invité\AppData\Local\temp
2016-03-07 08:52 . 2016-03-07 08:52 -------- d-----w- c:\users\Default\AppData\Local\temp
2016-03-07 08:52 . 2016-03-07 08:52 -------- d-----w- c:\users\boby\AppData\Local\temp
2016-03-04 08:00 . 2016-03-04 08:00 -------- d-----w- c:\users\fanny\AppData\Local\Mega Limited
2016-03-03 23:05 . 2016-03-03 23:19 -------- d--h--w- c:\programdata\{827D21CC-A22D-45D6-23CA-451DDAC769BA}
2016-03-03 22:40 . 2016-03-03 22:57 -------- d-----w- c:\programdata\ukprfree
2016-03-03 22:26 . 2016-03-04 06:57 -------- d-----w- c:\users\Public\local
2016-03-02 08:09 . 2016-03-02 08:09 -------- d-----w- c:\programdata\Ralink
2016-03-01 23:04 . 2016-03-01 23:04 -------- d-----w- c:\users\fanny\AppData\Local\Remove_Empty_Directories
2016-02-28 00:07 . 2016-02-28 00:07 796864 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2016-02-28 00:07 . 2016-02-28 00:07 142528 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2016-02-27 23:53 . 2016-02-27 23:53 95840 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2016-02-27 23:46 . 2016-02-27 23:46 -------- d-----w- c:\users\fanny\AppData\Local\CEF
2016-02-27 22:22 . 2016-02-27 22:22 -------- d-----w- c:\users\fanny\.oracle_jre_usage
2016-02-22 23:29 . 2016-02-22 23:31 -------- d-----w- c:\program files\CCleaner
2016-02-22 13:21 . 2012-07-23 23:00 342016 ----a-w- c:\windows\system32\esw2ud.dll
2016-02-22 13:21 . 2011-12-11 23:00 122000 ----a-w- c:\windows\system32\escsvc.exe
2016-02-19 17:57 . 2016-02-19 17:57 -------- d-sh--w- c:\windows\system32\AI_RecycleBin
2016-02-19 17:55 . 2016-02-19 17:55 -------- d-----w- c:\users\fanny\AppData\Roaming\Drivers et Pilotes
2016-02-10 12:47 . 2016-01-22 05:12 2973184 ----a-w- c:\windows\explorer.exe
2016-02-10 12:47 . 2016-01-22 06:00 1498624 ----a-w- c:\windows\system32\ExplorerFrame.dll
2016-02-10 12:47 . 2016-01-22 05:59 1805824 ----a-w- c:\windows\system32\authui.dll
2016-02-10 12:46 . 2016-01-11 14:07 1198080 ----a-w- c:\windows\system32\appraiser.dll
2016-02-10 12:46 . 2016-01-16 18:42 22464 ----a-w- c:\windows\system32\CompatTelRunner.exe
2016-02-10 12:46 . 2016-01-16 18:34 949760 ----a-w- c:\windows\system32\aeinv.dll
2016-02-10 12:46 . 2016-01-11 14:07 65536 ----a-w- c:\windows\system32\acmigration.dll
2016-02-10 12:46 . 2016-01-11 14:07 591360 ----a-w- c:\windows\system32\invagent.dll
2016-02-10 12:46 . 2016-01-11 14:07 544768 ----a-w- c:\windows\system32\generaltel.dll
2016-02-10 12:46 . 2016-01-11 14:07 424960 ----a-w- c:\windows\system32\devinv.dll
2016-02-10 12:46 . 2016-01-16 18:36 1413632 ----a-w- c:\windows\system32\ole32.dll
2016-02-10 12:32 . 2016-01-11 18:47 2956288 ----a-w- c:\windows\system32\wucltux.dll
2016-02-10 12:32 . 2016-01-11 18:17 2062848 ----a-w- c:\windows\system32\wuaueng.dll
2016-02-10 12:32 . 2016-01-11 18:14 573440 ----a-w- c:\windows\system32\wuapi.dll
2016-02-10 12:32 . 2016-01-11 18:47 174080 ----a-w- c:\windows\system32\wuwebv.dll
2016-02-10 12:32 . 2016-01-11 18:35 73728 ----a-w- c:\windows\system32\WinSetupUI.dll
2016-02-10 12:32 . 2016-01-11 18:14 93696 ----a-w- c:\windows\system32\wudriver.dll
2016-02-10 12:32 . 2016-01-11 18:14 30208 ----a-w- c:\windows\system32\wups.dll
2016-02-10 12:32 . 2016-01-11 18:14 35840 ----a-w- c:\windows\system32\wups2.dll
2016-02-10 12:32 . 2016-01-11 18:14 136192 ----a-w- c:\windows\system32\wuauclt.exe
2016-02-10 12:32 . 2016-01-11 18:14 35328 ----a-w- c:\windows\system32\wuapp.exe
2016-02-10 12:32 . 2016-01-11 18:14 11776 ----a-w- c:\windows\system32\wu.upgrade.ps.dll
2016-02-10 08:53 . 2016-02-10 08:53 8817344 ----a-w- c:\windows\system32\FlashPlayerInstaller.exe
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-03-07 08:55 . 2008-01-01 00:36 16608 ----a-w- c:\windows\gdrv.sys
2015-12-09 18:58 . 2015-12-09 18:58 1070232 ----a-w- c:\windows\system32\MSCOMCTL.OCX
2015-12-08 21:54 . 2016-01-13 10:24 902144 ----a-w- c:\windows\system32\WMADMOD.DLL
2015-12-08 21:54 . 2016-01-13 10:24 1620992 ----a-w- c:\windows\system32\WMVDECOD.DLL
2015-12-08 21:54 . 2016-01-13 10:24 815616 ----a-w- c:\windows\system32\WMADMOE.DLL
2015-12-08 21:54 . 2016-01-13 10:24 740352 ----a-w- c:\windows\system32\wmpmde.dll
2015-12-08 21:54 . 2016-01-13 10:24 739328 ----a-w- c:\windows\system32\WMSPDMOD.DLL
2015-12-08 21:54 . 2016-01-13 10:24 665088 ----a-w- c:\windows\system32\WMVXENCD.DLL
2015-12-08 21:54 . 2016-01-13 10:24 541184 ----a-w- c:\windows\system32\WMVSDECD.DLL
2015-12-08 21:54 . 2016-01-13 10:24 1568768 ----a-w- c:\windows\system32\WMVENCOD.DLL
2015-12-08 21:54 . 2016-01-13 10:24 358400 ----a-w- c:\windows\system32\WMVSENCD.DLL
2015-12-08 21:54 . 2016-01-13 10:24 1325056 ----a-w- c:\windows\system32\WMSPDMOE.DLL
2015-12-08 21:54 . 2016-01-13 10:24 1202688 ----a-w- c:\windows\system32\WMALFXGFXDSP.dll
2015-12-08 21:54 . 2016-01-13 10:24 2285056 ----a-w- c:\windows\system32\msmpeg2vdec.dll
2015-12-08 21:54 . 2016-01-13 10:24 154112 ----a-w- c:\windows\system32\VIDRESZR.DLL
2015-12-08 21:53 . 2016-01-13 10:24 338944 ----a-w- c:\windows\system32\SysFxUI.dll
2015-12-08 21:53 . 2016-01-13 10:24 206848 ----a-w- c:\windows\system32\RESAMPLEDMO.DLL
2015-12-08 21:53 . 2016-01-13 10:25 509952 ----a-w- c:\windows\system32\qedit.dll
2015-12-08 21:53 . 2016-01-13 10:24 1329664 ----a-w- c:\windows\system32\quartz.dll
2015-12-08 21:53 . 2016-01-13 10:24 519680 ----a-w- c:\windows\system32\qdvd.dll
2015-12-08 21:53 . 2016-01-13 10:24 206848 ----a-w- c:\windows\system32\qasf.dll
2015-12-08 21:53 . 2016-01-13 10:24 970240 ----a-w- c:\windows\system32\msmpeg2adec.dll
2015-12-08 21:53 . 2016-01-13 10:24 829952 ----a-w- c:\windows\system32\MSMPEG2ENC.DLL
2015-12-08 21:53 . 2016-01-13 10:24 241152 ----a-w- c:\windows\system32\MPG4DECD.DLL
2015-12-08 21:53 . 2016-01-13 10:24 241152 ----a-w- c:\windows\system32\MP43DECD.DLL
2015-12-08 21:53 . 2016-01-13 10:24 79872 ----a-w- c:\windows\system32\MP3DMOD.DLL
2015-12-08 21:53 . 2016-01-13 10:24 415744 ----a-w- c:\windows\system32\MP4SDECD.DLL
2015-12-08 21:53 . 2016-01-13 10:24 3209728 ----a-w- c:\windows\system32\mf.dll
2015-12-08 21:53 . 2016-01-13 10:24 609280 ----a-w- c:\windows\system32\MFWMAAEC.DLL
2015-12-08 21:53 . 2016-01-13 10:24 354816 ----a-w- c:\windows\system32\mfplat.dll
2015-12-08 21:53 . 2016-01-13 10:24 53248 ----a-w- c:\windows\system32\mfvdsp.dll
2015-12-08 21:53 . 2016-01-13 10:24 4608 ----a-w- c:\windows\system32\ksuser.dll
2015-12-08 21:53 . 2016-01-13 10:24 103424 ----a-w- c:\windows\system32\mfps.dll
2015-12-08 21:53 . 2016-01-13 10:25 305664 ----a-w- c:\windows\system32\gdi32.dll
2015-12-08 21:53 . 2016-01-13 10:24 489984 ----a-w- c:\windows\system32\evr.dll
2015-12-08 21:53 . 2016-01-13 10:24 67584 ----a-w- c:\windows\system32\devenum.dll
2015-12-08 21:53 . 2016-01-13 10:24 153600 ----a-w- c:\windows\system32\COLORCNV.DLL
2015-12-08 21:53 . 2016-01-13 10:24 50176 ----a-w- c:\windows\system32\rrinstaller.exe
2015-12-08 21:53 . 2016-01-13 10:24 23040 ----a-w- c:\windows\system32\mfpmp.exe
2015-12-08 21:53 . 2016-01-13 10:24 193536 ----a-w- c:\windows\system32\ksproxy.ax
2015-12-08 21:50 . 2016-01-13 10:24 2048 ----a-w- c:\windows\system32\mferror.dll
2015-12-08 21:43 . 2016-01-13 10:24 81408 ----a-w- c:\windows\system32\drivers\drmk.sys
2015-12-08 21:11 . 2016-01-13 10:24 177152 ----a-w- c:\windows\system32\drivers\portcls.sys
2015-12-08 21:11 . 2016-01-13 10:24 5120 ----a-w- c:\windows\system32\drivers\drmkaud.sys
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2006-05-16 213936]
"Bitdefender Wallet Agent"="c:\program files\Bitdefender\Bitdefender 2015\bdwtxag.exe" [2015-01-15 671400]
"EPLTarget\P0000000000000002"="c:\windows\system32\spool\DRIVERS\W32X86\3\E_FATIIKE.EXE" [2012-02-29 249440]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-01-13 6711840]
"DHTray"="c:\windows\system32\DHTray.exe" [2007-05-25 331776]
"A0380mon"="c:\windows\system32\A0380mon.exe" [2007-03-22 16384]
"Bdagent"="c:\program files\Bitdefender\Bitdefender 2015\bdagent.exe" [2015-03-12 1862056]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"SpybotPostWindows10UpgradeReInstall"="c:\program files\Common Files\AV\Spybot - Search and Destroy\Test.exe" [2015-07-28 1011200]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
USB Wifi Listo.lnk - c:\program files\Listo\Common\RaUI.exe -s [2011-8-7 11474272]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"HideFastUserSwitching"= 0 (0x0)
"HideShutdownScripts"= 0 (0x0)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"HideLogonScripts"= 0 (0x0)
.
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\system]
"NoColorChoice"= 0 (0x0)
"HideLogonScripts"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"UseDefaultTile"= 0 (0x0)
"NoWelcomeScreen"= 0 (0x0)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"RestrictCpl"= 0 (0x0)
"DisallowCpl"= 0 (0x0)
"PreventItemCreationInUsersFilesFolder"= 0 (0x0)
"NoReadingPane"= 0 (0x0)
"NoPreviewPane"= 0 (0x0)
"DontSetAutoplayCheckbox"= 0 (0x0)
"NoCustomizeWebView"= 0 (0x0)
"NoDFSTab"= 0 (0x0)
"DisableThumbnails"= 0 (0x0)
"DisableThumbnailsOnNetworkFolders"= 0 (0x0)
"NoCustomizeThisFolder"= 0 (0x0)
"NoWebView"= 0 (0x0)
"DontShowSuperHidden"= 0 (0x0)
"NoOnlinePrintsWizard"= 0 (0x0)
"NoPublishingWizard"= 0 (0x0)
"AlwaysShowClassicMenu"= 0 (0x0)
"ClearRecentProgForNewUserInStartMenu"= 0 (0x0)
"NoUserFolderInStartMenu"= 0 (0x0)
"NoSearchComputerLinkInStartMenu"= 0 (0x0)
"NoSearchProgramsInStartMenu"= 0 (0x0)
"NoSearchInternetInStartMenu"= 0 (0x0)
"NoSearchFilesInStartMenu"= 0 (0x0)
"NoSearchCommInStartMenu"= 0 (0x0)
"NoSMConfigurePrograms"= 0 (0x0)
"NoHelp"= 0 (0x0)
"NoCommonGroups"= 0 (0x0)
"NoStartMenuEjectPC"= 0 (0x0)
"NoSimpleStartMenu"= 0 (0x0)
"NoStartMenuSubFolders"= 0 (0x0)
"NoDisconnect"= 0 (0x0)
"NoNtSecurity"= 0 (0x0)
"GreyMSIAds"= 0 (0x0)
"ForceMaxRecentDocs"= 0 (0x0)
"NoStartMenuMyGames"= 0 (0x0)
"NoSMBalloonTip"= 0 (0x0)
"NoSMBalloonTips"= 0 (0x0)
"HideSCAVolume"= 0 (0x0)
"HideSCANetwork"= 0 (0x0)
"HideSCAPower"= 0 (0x0)
"HideSCABattery"= 0 (0x0)
"TaskbarNoNotification"= 0 (0x0)
"NoTaskGrouping"= 0 (0x0)
"TaskbarNoThumbnail"= 0 (0x0)
"TaskbarLockAll"= 0 (0x0)
"TaskbarNoResize"= 0 (0x0)
"TaskbarNoAddRemoveToolbar"= 0 (0x0)
"TaskbarNoDragToolbar"= 0 (0x0)
"TaskbarNoRedock"= 0 (0x0)
"RestrictWelcomeCenter"= 0 (0x0)
"NoWebServices"= 0 (0x0)
"NoFileUrl"= 0 (0x0)
"SpecifyDefaultButtons"= 0 (0x0)
"NoInplaceSharing"= 0 (0x0)
"UseFoldersInStartMenu"= 0 (0x0)
"TurnOffSPIAnimations"= 0 (0x0)
"PromptRunasInstallNetPath"= 1 (0x1)
"NoResolveTrack"= 0 (0x0)
"NoThumbnailCache"= 0 (0x0)
"ForceCopyAclwithFile"= 0 (0x0)
"StartRunNoHOMEPATH"= 0 (0x0)
.
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoThemesTab"= 0 (0x0)
"RestrictCpl"= 0 (0x0)
"DisallowCpl"= 0 (0x0)
"RestrictRun"= 0 (0x0)
"DisallowRun"= 0 (0x0)
"NoRecycleFiles"= 0 (0x0)
"PreventItemCreationInUsersFilesFolder"= 0 (0x0)
"NoReadingPane"= 0 (0x0)
"NoPreviewPane"= 0 (0x0)
"DontSetAutoplayCheckbox"= 0 (0x0)
"NoCustomizeWebView"= 0 (0x0)
"NoDFSTab"= 0 (0x0)
"DisableThumbnails"= 0 (0x0)
"DisableThumbnailsOnNetworkFolders"= 0 (0x0)
"NoCustomizeThisFolder"= 0 (0x0)
"NoWebView"= 0 (0x0)
"DontShowSuperHidden"= 0 (0x0)
"NoOnlinePrintsWizard"= 0 (0x0)
"NoPublishingWizard"= 0 (0x0)
"AlwaysShowClassicMenu"= 0 (0x0)
"ClearRecentProgForNewUserInStartMenu"= 0 (0x0)
"NoUserFolderInStartMenu"= 0 (0x0)
"NoSearchComputerLinkInStartMenu"= 0 (0x0)
"NoSearchProgramsInStartMenu"= 0 (0x0)
"NoSearchInternetInStartMenu"= 0 (0x0)
"NoSearchFilesInStartMenu"= 0 (0x0)
"NoSearchCommInStartMenu"= 0 (0x0)
"NoSMConfigurePrograms"= 0 (0x0)
"NoSMMyPictures"= 0 (0x0)
"NoStartMenuMyMusic"= 0 (0x0)
"NoHelp"= 0 (0x0)
"NoCommonGroups"= 0 (0x0)
"NoStartMenuEjectPC"= 0 (0x0)
"NoSimpleStartMenu"= 0 (0x0)
"NoStartMenuSubFolders"= 0 (0x0)
"NoDisconnect"= 0 (0x0)
"NoNtSecurity"= 0 (0x0)
"GreyMSIAds"= 0 (0x0)
"ForceMaxRecentDocs"= 0 (0x0)
"NoStartMenuMyGames"= 0 (0x0)
"NoSMBalloonTip"= 0 (0x0)
"NoSMBalloonTips"= 0 (0x0)
"HideClock"= 0 (0x0)
"HideSCAVolume"= 0 (0x0)
"HideSCANetwork"= 0 (0x0)
"HideSCAPower"= 0 (0x0)
"HideSCABattery"= 0 (0x0)
"TaskbarNoNotification"= 0 (0x0)
"NoTaskGrouping"= 0 (0x0)
"TaskbarNoThumbnail"= 0 (0x0)
"TaskbarLockAll"= 0 (0x0)
"TaskbarNoResize"= 0 (0x0)
"TaskbarNoAddRemoveToolbar"= 0 (0x0)
"TaskbarNoDragToolbar"= 0 (0x0)
"TaskbarNoRedock"= 0 (0x0)
"RestrictWelcomeCenter"= 0 (0x0)
"NoWebServices"= 0 (0x0)
"NoFileUrl"= 0 (0x0)
"SpecifyDefaultButtons"= 0 (0x0)
"NoInplaceSharing"= 0 (0x0)
"UseFoldersInStartMenu"= 0 (0x0)
"TurnOffSPIAnimations"= 0 (0x0)
"PromptRunasInstallNetPath"= 1 (0x1)
"NoResolveTrack"= 0 (0x0)
"NoThumbnailCache"= 0 (0x0)
"ForceCopyAclwithFile"= 0 (0x0)
"StartRunNoHOMEPATH"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean.exe
.
[HKLM\~\startupfolder\C:^Users^fanny^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^SFR Cloud.lnk]
path=c:\users\fanny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SFR Cloud.lnk
backup=c:\windows\pss\SFR Cloud.lnk.Startup
backupExtension=.Startup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avgnt
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPLTarget
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HitsBlender
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SDTray
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Selection Tools
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Smart File Advisor
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2015-12-14 07:48 1085656 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
2015-04-08 15:49 6276888 ----a-w- c:\program files\CCleaner\CCleaner.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EEventManager]
2011-10-31 13:25 1058400 ----a-w- c:\program files\EPSON Software\Event Manager\EEventManager.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPLTarget\P0000000000000000]
2012-02-29 05:03 249440 ----a-w- c:\windows\System32\spool\drivers\w32x86\3\E_FATIIKE.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPLTarget\P0000000000000001]
2012-02-29 05:03 249440 ----a-w- c:\windows\System32\spool\drivers\w32x86\3\E_FATIIKE.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FAHConsole]
2014-01-28 10:16 616632 ----a-w- c:\program files\File Association Helper\FAHConsole.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Monitor]
2006-11-03 09:01 319488 ----a-w- c:\windows\PixArt\Pac207\Monitor.exe
.
2;2 MBAMService;MBAMService;c:\program files\Malwarebytes Anti-Malware\mbamservice.exe [x]
R0 cdcono;cdcono;c:\windows\System32\drivers\gubxxvh.sys [x]
R2 AxAutoMntSrv;Alcohol Virtual Drive Auto-mount Service;c:\program files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [2012-01-05 75624]
R2 KMService;KMService;c:\windows\system32\srvany.exe [2010-10-03 8192]
R2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes Anti-Malware\mbamscheduler.exe [2015-04-14 1871160]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2015-01-02 315488]
R3 A0380VID;USB2.0 PC Camera;c:\windows\system32\DRIVERS\A0380Vid.sys [2007-05-17 300480]
R3 avckf;avckf;c:\windows\system32\DRIVERS\avckf.sys [2015-01-14 548336]
R3 BdDesktopParental;Bitdefender Desktop Parental Control;c:\program files\Bitdefender\Bitdefender 2015\bdparentalservice.exe [2014-12-09 69880]
R3 bdfwfpf_pc;bdfwfpf_pc;c:\program files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [2013-07-02 108008]
R3 BDSandBox;BDSandBox;c:\windows\system32\drivers\bdsandbox.sys [2015-01-09 66832]
R3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [x]
R3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.SYS [2009-04-07 36608]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2016-01-22 102912]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys [2015-06-24 119512]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys [2015-04-14 51928]
R3 PAC207;SoC PC-Camera;c:\windows\system32\DRIVERS\PFC027.SYS [2006-12-05 507136]
R3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys [2013-01-31 47360]
R3 RaMediaServer;RaMediaServer;c:\program files\Listo\Common\RaMediaServer.exe [2010-12-30 619872]
R3 RTL8187B;Carte réseau USB 2.0 Realtek RTL8187B sans fil 802.11b/g 54 Mbits/s;c:\windows\system32\DRIVERS\RTL8187B.sys [2009-07-13 347136]
R3 RtlProt;RtlProt;c:\windows\System32\Drivers\RtlProt.sys [2007-04-23 25896]
R3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 WSDScan;Prise en charge de la numérisation WSD via UMB;c:\windows\system32\drivers\WSDScan.sys [2009-07-14 20480]
R4 MyEpson Portal Service;MyEpson Portal Service;c:\program files\EPSON\MyEpson Portal\mepService.exe [2014-09-22 703984]
S0 avc3;avc3;c:\windows\system32\DRIVERS\avc3.sys [2015-01-14 1083448]
S0 gzflt;gzflt;c:\windows\system32\DRIVERS\gzflt.sys [2015-02-24 172936]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 BdfNdisf;BitDefender Firewall NDIS 6 Filter Driver;c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [2014-12-15 77632]
S1 bdfwfpf;bdfwfpf;c:\program files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [2012-10-29 93648]
S2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;c:\program files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [2009-05-14 759048]
S2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2016-01-08 1433216]
S2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2016-01-08 1773696]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe [2009-07-14 20992]
S2 EpsonScanSvc;Epson Scanner Service;c:\windows\system32\EscSvc.exe [2011-12-11 122000]
S2 ES lite Service;ES lite Service for program management.;c:\program files\Gigabyte\EasySaver\ESSVR.EXE [2008-12-24 68136]
S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2010-06-25 35088]
S2 RealtekUSB;RealtekUSB;c:\program files\BlueStork\BS-WG-USB Wireless LAN Utility\RtlService.exe [2007-07-27 36864]
S2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files\Spybot - Search & Destroy 2\SDFSSvc.exe [2014-06-24 1738168]
S2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files\Spybot - Search & Destroy 2\SDUpdSvc.exe [2014-06-27 2088408]
S2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files\Spybot - Search & Destroy 2\SDWSCSvc.exe [2014-04-25 171928]
S2 SOFTLOK;SOFTLOK; [x]
S2 UPDATESRV;Bitdefender Desktop Update Service;c:\program files\Bitdefender\Bitdefender 2015\updatesrv.exe [2014-10-27 54424]
S3 avchv;avchv Function Driver;c:\windows\system32\DRIVERS\avchv.sys [2015-01-23 243456]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2015-04-14 23256]
S3 netr28u;RT2870 USB Extensible Wireless LAN Card Driver;c:\windows\system32\DRIVERS\netr28u.sys [2010-12-28 1174880]
S3 portio32;portio32;c:\windows\system32\drivers\portio32.sys [2004-07-14 2048]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-03-01 139776]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS fdrespub AppIDSvc QWAVE wcncsvc SensrSvc
HPService REG_MULTI_SZ HPSLPSVC
utcsvc REG_MULTI_SZ DiagTrack
.
Contenu du dossier 'Tâches planifiées'
.
2016-03-07 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-28 00:07]
.
.
------- Examen supplémentaire -------
.
uStart Page = https://www.google.fr/
mStart Page = about:blank
uSearchAssistant = www.google.com
IE: E&xporter vers Microsoft Excel - c:\progra~1\MIF5BA~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{86FE1262-30CE-4737-BB0C-2730A122071B}\E4545564F524330343: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\fanny\AppData\Roaming\Mozilla\Firefox\Profiles\osfy5o1j.default-1435476110931\
user_pref(extensions.autoDisableScopes,14);
.
.
------- Associations de fichier -------
.
inifile="%SystemRoot%\system32\NOTEPAD.EXE" %1
txtfile="%SystemRoot%\system32\NOTEPAD.EXE" %1
.
- - - - ORPHELINS SUPPRIMES - - - -
.
Toolbar-10 - (no file)
WebBrowser-{4DAAC69C-CBA7-45E2-9BC8-1044483D3352} - (no file)
ShellIconOverlayIdentifiers-{056D528D-CE28-4194-9BA3-BA2E9197FF8C} - (no file)
ShellIconOverlayIdentifiers-{05B38830-F4E9-4329-978B-1DD28605D202} - (no file)
ShellIconOverlayIdentifiers-{0596C850-7BDD-4C9D-AFDF-873BE6890637} - (no file)
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file)
HKLM-Run-kbdsprt - (no file)
c:\users\fanny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HWMonitor_x32 - Raccourci.lnk - c:\users\fanny\Desktop\Downloads\hwmonitor_1.22-32bit\HWMonitor_x32.exe
AddRemove-360WAVESPATCHERCLT - c:\program files\360WavesPatcher\WDUNINST.EXE
AddRemove-VisualBee for Microsoft PowerPoint - c:\users\fanny\AppData\Local\VisualBeeExe\uninst.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\MWAC]
"ImagePath"="\??\c:\windows\system32\drivers\"
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="BrowserHTM"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="BrowserHTM"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="BrowserHTM"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="BrowserHTM"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="BrowserHTM"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Autres processus actifs ------------------------
.
c:\program files\Bitdefender\Bitdefender 2015\vsserv.exe
c:\windows\system32\WLANExt.exe
c:\windows\system32\conhost.exe
c:\program files\Common Files\EPSON\EBAPI\eEBSVC.exe
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\GWX\GWX.exe
c:\program files\Listo\Common\RaRegistry.exe
c:\program files\BlueStork\BS-WG-USB Wireless LAN Utility\RtWlan.exe
c:\program files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\sppsvc.exe
c:\windows\system32\conhost.exe
c:\program files\Listo\Common\RaUI.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\servicing\TrustedInstaller.exe
.
**************************************************************************
.
Heure de fin: 2016-03-07 10:03:14 - La machine a redémarré
ComboFix-quarantined-files.txt 2016-03-07 09:03
.
Avant-CF: 140 064 595 968 octets libres
Après-CF: 139 682 783 232 octets libres
.
- - End Of File - - C80DFCC8FFD8DA78B9D90B4906917E14
A36C5E4F47E84449FF07ED3517B43A31