Publicité
Publicité
Format du document : text/plain
Prévisualisation
ComboFix 16-11-13.01 - Jean-Pierre 22/11/2016 17:20:16.1.2 - x86
Microsoft® Windows Vista Édition Familiale Premium 6.0.6002.2.1252.33.1036.18.3326.2168 [GMT 1:00]
Lancé depuis: c:\users\Jean-Pierre\Downloads\ComboFix.exe
AV: Avast Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Avast Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\ma-config.com
c:\program files\ma-config.com\config.xml
c:\program files\ma-config.com\CPUID\cpuidsdk.dll
c:\program files\ma-config.com\Drivers\driverhardwarev2.sys
c:\program files\ma-config.com\Drivers\driverhardwarev2ia64.sys
c:\program files\ma-config.com\Drivers\driverhardwarev2x64.cat
c:\program files\ma-config.com\Drivers\driverhardwarev2x64.sys
c:\program files\ma-config.com\Drivers\matos9x.vxd
c:\program files\ma-config.com\Langues\LangueMC_ar.xml
c:\program files\ma-config.com\Langues\LangueMC_de.xml
c:\program files\ma-config.com\Langues\LangueMC_en.xml
c:\program files\ma-config.com\Langues\LangueMC_es.xml
c:\program files\ma-config.com\Langues\LangueMC_fr.xml
c:\program files\ma-config.com\Langues\LangueMC_pt.xml
c:\program files\ma-config.com\Langues\LangueMC_ru.xml
c:\program files\ma-config.com\ma-config.html
c:\program files\ma-config.com\maconfservice.exe
c:\program files\ma-config.com\MCATLActiveX.dll
c:\program files\ma-config.com\MCBCL.dll
c:\program files\ma-config.com\MCNoyau.dll
c:\program files\ma-config.com\MCrypt.dll
c:\program files\ma-config.com\MCSettings.exe
c:\program files\ma-config.com\MCStubUser.exe
c:\program files\ma-config.com\nphardwaredetection.dll
c:\program files\ma-config.com\sqlite3.dll
c:\program files\ma-config.com\StartDetection.html
c:\programdata\ma-config.com
c:\programdata\ma-config.com\Logs\activex.txt
c:\programdata\ma-config.com\Logs\maconfservice.txt
c:\programdata\ma-config.com\Logs\mcstubuser.txt
c:\programdata\ma-config.com\Logs\npapi.txt
c:\programdata\ma-config.com\mcbase.db
c:\users\Jean-Pierre\OperaSetup.exe
c:\users\Jean-Pierre\ZHPCleaner.exe
c:\users\Jean-Pierre\ZHPDiag3.exe
.
.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_driverhardwarev2
-------\Legacy_driverhardwarev2
-------\Service_driverhardwarev2
-------\Service_maconfservice
-------\Service_driverhardwarev2
-------\Service_maconfservice
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2016-10-22 au 2016-11-22 ))))))))))))))))))))))))))))))))))))
.
.
2016-11-22 16:38 . 2013-07-02 15:29 22776 ----a-w- c:\windows\system32\drivers\IOMap.sys
2016-11-22 16:33 . 2016-11-22 16:33 -------- d-----w- c:\users\Default\AppData\Local\temp
2016-11-19 17:23 . 2016-11-19 17:38 -------- d-----w- c:\users\Jean-Pierre\AppData\Roaming\ObviousIdea
2016-11-19 17:23 . 2016-11-19 17:23 -------- d-----w- c:\program files\ObviousIdea
2016-11-19 07:10 . 2016-11-22 13:26 -------- d-----w- C:\AdwCleaner
2016-11-18 13:33 . 2016-11-18 13:33 -------- d-----w- c:\program files\Common Files\Java
2016-11-18 13:30 . 2016-11-18 13:30 95808 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2016-11-18 13:29 . 2016-11-18 13:33 -------- d-----w- c:\programdata\Oracle
2016-11-18 10:34 . 2016-11-18 10:34 -------- d-----w- c:\users\Jean-Pierre\AppData\Roaming\Opera Mail
2016-11-18 10:34 . 2016-11-18 10:34 -------- d-----w- c:\users\Jean-Pierre\AppData\Local\Opera Mail
2016-11-18 10:34 . 2016-11-18 10:34 -------- d-----w- c:\users\Jean-Pierre\AppData\Local\Programs
2016-11-16 14:28 . 2016-11-16 14:28 -------- d-----w- c:\programdata\Package Cache
2016-11-16 14:28 . 2016-10-18 14:52 16128720 ----a-w- c:\windows\system32\nvwgf2um.dll
2016-11-16 14:28 . 2016-10-18 14:52 912432 ----a-w- c:\windows\system32\nvdispgenco3234200.dll
2016-11-16 14:28 . 2016-10-18 14:52 3994560 ----a-w- c:\windows\system32\nvcuvid.dll
2016-11-16 14:28 . 2016-10-18 14:52 24208952 ----a-w- c:\windows\system32\nvoglv32.dll
2016-11-16 14:28 . 2016-10-18 14:52 11272008 ----a-w- c:\windows\system32\nvopencl.dll
2016-11-16 14:28 . 2016-10-18 14:52 11209336 ----a-w- c:\windows\system32\nvcuda.dll
2016-11-16 14:28 . 2016-10-18 14:52 10716096 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2016-11-16 14:28 . 2016-10-18 14:52 1060400 ----a-w- c:\windows\system32\nvdispco3234200.dll
2016-11-16 14:28 . 2016-10-18 14:52 15302712 ----a-w- c:\windows\system32\nvcompiler.dll
2016-11-15 18:11 . 2016-11-22 16:38 -------- d-----w- c:\program files\Mozilla Thunderbird
2016-11-13 20:55 . 2016-11-13 20:55 -------- d-----w- c:\users\Jean-Pierre\{d0842ef6-73c9-4b9e-9f98-8f4c99f5745f}
2016-11-13 20:52 . 2016-11-15 17:37 -------- d-----w- c:\users\Jean-Pierre\{687f94b8-b030-440b-a8c1-834a95ad08be}
2016-11-12 19:05 . 2016-11-12 19:05 -------- d-----w- c:\users\Jean-Pierre\AppData\Local\ZipZap
2016-11-09 19:25 . 2016-11-09 19:55 -------- d-----w- c:\users\Jean-Pierre\AppData\Roaming\DeepBurner
2016-11-09 18:45 . 2016-11-09 18:45 -------- d-----w- c:\program files\Astonsoft
2016-11-07 22:49 . 2016-11-07 22:49 63600 ----a-w- c:\windows\system32\drivers\dbx-stable.sys
2016-11-07 22:49 . 2016-11-07 22:49 63600 ----a-w- c:\windows\system32\drivers\dbx-dev.sys
2016-11-07 22:49 . 2016-11-07 22:49 63600 ----a-w- c:\windows\system32\drivers\dbx-canary.sys
2016-11-07 22:49 . 2016-11-07 22:49 35440 ----a-w- c:\windows\system32\DbxSvc.exe
2016-11-07 14:02 . 2016-11-20 14:53 -------- d-----w- c:\users\Jean-Pierre\AppData\Local\NVIDIA
2016-11-07 14:02 . 2016-11-07 14:02 -------- d-----w- c:\program files\AGEIA Technologies
2016-11-07 14:01 . 2014-07-02 21:28 895264 ----a-w- c:\windows\system32\nvhdagenco3220103.dll
2016-11-07 14:01 . 2014-07-02 21:28 28448 ----a-w- c:\windows\system32\nvhdap32.dll
2016-11-07 14:01 . 2014-07-02 21:28 162592 ----a-w- c:\windows\system32\drivers\nvhda32v.sys
2016-11-07 14:01 . 2016-10-18 13:48 7471705 ----a-w- c:\windows\system32\nvcoproc.bin
2016-11-07 14:00 . 2014-07-02 20:54 907552 ----a-w- c:\windows\system32\nvdispgenco3234052.dll
2016-11-07 14:00 . 2014-07-02 20:54 1054552 ----a-w- c:\windows\system32\nvdispco3234052.dll
2016-11-06 09:23 . 2016-11-06 09:23 -------- d-----w- c:\programdata\ZoomBrowser
2016-11-06 09:22 . 2016-11-06 09:22 -------- d-----w- c:\programdata\Canon_Inc_IC
2016-11-06 09:22 . 2016-11-06 09:24 -------- d-----w- c:\program files\Canon
2016-11-06 09:21 . 2016-11-06 09:21 -------- d-----w- c:\program files\Common Files\Canon
2016-11-06 07:28 . 2016-11-06 07:28 -------- d-----w- c:\users\Jean-Pierre\AppData\Local\CEF
2016-11-05 19:34 . 2016-11-05 19:34 184592 ----a-w- c:\windows\system32\drivers\aswStmXP.sys
2016-11-05 19:34 . 2016-11-05 19:34 35096 ----a-w- c:\windows\system32\drivers\aswKbd.sys
2016-11-05 19:34 . 2016-11-05 19:34 921280 ----a-w- c:\windows\ucrtbase.dll
2016-11-05 19:34 . 2016-11-05 19:34 319760 ----a-w- c:\windows\system32\aswBoot.exe
2016-11-05 19:34 . 2016-11-05 19:34 53208 ----a-w- c:\windows\avastSS.scr
2016-11-05 18:48 . 2016-11-05 18:49 -------- d-----w- c:\program files\ZHPFix
2016-11-05 17:59 . 2016-11-12 19:11 -------- d-----w- c:\users\Jean-Pierre\AppData\Local\Learnpulse
2016-11-05 17:59 . 2016-11-12 19:11 -------- d-----w- c:\users\Jean-Pierre\AppData\Roaming\Learnpulse
2016-11-05 15:19 . 2016-11-05 15:19 -------- d-----w- c:\program files\Common Files\EPSON
2016-11-05 15:08 . 2007-04-10 00:06 8192 ----a-w- c:\windows\system32\E_DCINST.DLL
2016-11-05 15:08 . 2011-04-20 02:03 95232 ----a-w- c:\windows\system32\E_FLBILE.DLL
2016-11-05 15:08 . 2011-03-15 02:03 81408 ----a-w- c:\windows\system32\E_FD4BILE.DLL
2016-11-05 13:05 . 2016-11-22 12:28 -------- d-----w- c:\users\Jean-Pierre\AppData\Roaming\ZHP
2016-11-05 11:53 . 2016-11-22 16:40 170200 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2016-11-05 11:52 . 2016-11-05 11:54 -------- d-----w- c:\program files\Malwarebytes Anti-Malware
2016-11-05 11:52 . 2016-11-05 11:52 -------- d-----w- c:\programdata\Malwarebytes
2016-11-05 11:52 . 2016-03-10 13:09 53120 ----a-w- c:\windows\system32\drivers\mwac.sys
2016-11-05 11:52 . 2016-03-10 13:08 126336 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2016-11-05 11:52 . 2016-03-10 13:08 24448 ----a-w- c:\windows\system32\drivers\mbam.sys
2016-11-05 08:58 . 2016-11-05 08:58 -------- d-----w- c:\windows\system32\vbox
2016-11-05 08:58 . 2016-11-22 15:51 -------- d-----w- c:\users\Jean-Pierre\AppData\Local\Dropbox
2016-11-05 08:58 . 2016-11-05 08:58 -------- d-----w- c:\programdata\Dropbox
2016-11-05 02:24 . 2016-11-05 02:24 -------- d-----w- c:\windows\Migration
2016-11-04 21:07 . 2016-11-04 21:07 -------- d-----w- c:\users\Jean-Pierre\AppData\Local\Opera Software
2016-11-04 21:07 . 2016-11-04 21:07 -------- d-----w- c:\users\Jean-Pierre\AppData\Roaming\Opera Software
2016-11-04 19:43 . 2015-01-29 01:35 369664 ----a-w- c:\windows\system32\WMPhoto.dll
2016-11-04 19:43 . 2015-01-29 01:35 975360 ----a-w- c:\windows\system32\WindowsCodecs.dll
2016-11-04 19:40 . 2014-06-26 22:17 99480 ----a-w- c:\windows\system32\infocardapi.dll
2016-11-04 19:40 . 2014-06-26 22:17 8856 ----a-w- c:\windows\system32\icardres.dll
2016-11-04 19:40 . 2014-06-26 22:17 619664 ----a-w- c:\windows\system32\icardagt.exe
2016-11-04 19:40 . 2014-06-06 04:28 35480 ----a-w- c:\windows\system32\TsWpfWrp.exe
2016-11-04 19:39 . 2015-03-09 01:01 1249280 ----a-w- c:\windows\system32\msxml3.dll
2016-11-04 19:39 . 2014-08-27 00:55 2048 ----a-w- c:\windows\system32\msxml3r.dll
2016-11-04 19:39 . 2014-06-15 22:18 1131664 ----a-w- c:\windows\system32\dfshim.dll
2016-11-04 19:39 . 2014-06-13 18:22 81560 ----a-w- c:\windows\system32\mscories.dll
2016-11-04 19:39 . 2014-06-13 18:22 156824 ----a-w- c:\windows\system32\mscorier.dll
2016-11-04 19:33 . 2014-10-10 01:00 146432 ----a-w- c:\windows\system32\msaudite.dll
2016-11-04 19:33 . 2014-10-10 01:01 449536 ----a-w- c:\windows\system32\termsrv.dll
2016-11-04 19:33 . 2014-10-09 23:22 619520 ----a-w- c:\windows\system32\adtschema.dll
2016-11-04 19:32 . 2014-12-19 00:25 115200 ----a-w- c:\windows\system32\drivers\mrxdav.sys
2016-11-04 19:32 . 2014-11-04 00:19 2048 ----a-w- c:\windows\system32\tzres.dll
2016-11-04 19:31 . 2015-04-30 16:03 279040 ----a-w- c:\windows\system32\schannel.dll
2016-11-04 19:31 . 2015-01-15 04:13 440760 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2016-11-04 19:31 . 2014-10-10 01:00 1259008 ----a-w- c:\windows\system32\lsasrv.dll
2016-11-04 19:30 . 2015-03-05 02:24 297984 ----a-w- c:\windows\system32\gdi32.dll
2016-11-04 19:23 . 2014-10-24 01:03 499200 ----a-w- c:\windows\system32\kerberos.dll
2016-11-04 19:22 . 2015-03-05 02:32 244152 ----a-w- c:\windows\system32\clfs.sys
2016-11-04 19:22 . 2015-03-05 02:23 57344 ----a-w- c:\windows\system32\clfsw32.dll
2016-11-04 19:22 . 2015-03-14 02:21 1205168 ----a-w- c:\windows\system32\ntdll.dll
2016-11-04 19:22 . 2015-03-13 01:51 3604920 ----a-w- c:\windows\system32\ntkrnlpa.exe
2016-11-04 19:22 . 2015-01-09 02:04 49152 ----a-w- c:\windows\system32\csrsrv.dll
2016-11-04 19:22 . 2015-01-09 00:18 64000 ----a-w- c:\windows\system32\smss.exe
2016-11-04 19:22 . 2015-03-13 01:51 3552184 ----a-w- c:\windows\system32\ntoskrnl.exe
2016-11-04 19:21 . 2014-10-24 01:04 67072 ----a-w- c:\windows\system32\packager.dll
2016-11-04 19:17 . 2015-04-19 21:24 219648 ----a-w- c:\windows\system32\d3d10_1core.dll
2016-11-04 19:17 . 2015-04-19 21:24 189952 ----a-w- c:\windows\system32\d3d10core.dll
2016-11-04 19:17 . 2015-04-19 21:24 160768 ----a-w- c:\windows\system32\d3d10_1.dll
2016-11-04 19:17 . 2015-04-19 21:24 1029120 ----a-w- c:\windows\system32\d3d10.dll
2016-11-04 19:17 . 2015-04-19 20:19 1172480 ----a-w- c:\windows\system32\d3d10warp.dll
2016-11-04 19:17 . 2015-04-19 20:18 486400 ----a-w- c:\windows\system32\d3d10level9.dll
2016-11-04 19:17 . 2015-04-19 20:13 682496 ----a-w- c:\windows\system32\d2d1.dll
2016-11-04 19:17 . 2015-04-19 20:12 1072640 ----a-w- c:\windows\system32\DWrite.dll
2016-11-04 19:17 . 2015-04-19 20:12 801792 ----a-w- c:\windows\system32\FntCache.dll
2016-11-04 19:17 . 2015-04-19 04:59 2065408 ----a-w- c:\windows\system32\win32k.sys
2016-11-04 19:16 . 2014-11-26 02:05 564224 ----a-w- c:\windows\system32\oleaut32.dll
2016-11-04 19:11 . 2015-02-20 02:03 34304 ----a-w- c:\windows\system32\atmlib.dll
2016-11-04 19:11 . 2015-02-20 00:28 296960 ----a-w- c:\windows\system32\atmfd.dll
2016-11-04 19:11 . 2015-04-30 13:14 102608 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2016-11-04 19:10 . 2015-04-08 01:11 1219584 ----a-w- c:\program files\Windows Journal\NBDoc.DLL
2016-11-04 19:10 . 2015-04-08 01:11 985088 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll
2016-11-04 19:10 . 2015-04-08 01:11 939008 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2016-11-04 19:10 . 2015-04-07 23:35 1850880 ----a-w- c:\program files\Windows Journal\Journal.exe
2016-11-04 19:10 . 2015-04-08 01:11 967168 ----a-w- c:\program files\Windows Journal\JNWDRV.dll
2016-11-04 19:06 . 2015-01-21 02:02 807936 ----a-w- c:\windows\system32\msctf.dll
2016-11-04 19:06 . 2014-08-12 02:25 729600 ----a-w- c:\windows\system32\IMJP10K.DLL
2016-11-04 19:03 . 2014-10-13 01:12 2264064 ----a-w- c:\windows\system32\msi.dll
2016-11-04 19:03 . 2014-06-02 10:31 332800 ----a-w- c:\windows\system32\msihnd.dll
2016-11-04 19:03 . 2014-06-02 10:30 1993728 ----a-w- c:\windows\system32\authui.dll
2016-11-04 19:03 . 2014-06-02 10:30 33280 ----a-w- c:\windows\system32\appinfo.dll
2016-11-04 19:03 . 2014-06-02 08:56 82432 ----a-w- c:\windows\system32\consent.exe
2016-11-04 18:56 . 2014-10-03 01:18 274432 ----a-w- c:\windows\system32\AUDIOKSE.dll
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-11-08 11:53 . 2012-04-02 15:29 796352 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2016-11-08 11:53 . 2011-11-03 14:31 142528 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2016-11-05 19:34 . 2015-05-22 16:57 224752 ----a-w- c:\windows\system32\drivers\aswvmm.sys
2016-11-05 19:34 . 2011-11-02 13:22 433768 ----a-w- c:\windows\system32\drivers\aswsp.sys
2016-11-05 19:34 . 2011-11-02 13:22 735488 ----a-w- c:\windows\system32\drivers\aswsnx.sys
2016-11-05 19:34 . 2015-05-22 16:57 60424 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2016-11-05 19:34 . 2011-11-02 13:22 66688 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2016-11-05 19:34 . 2015-05-22 17:14 34008 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2016-11-05 19:34 . 2011-11-02 13:22 64272 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2016-11-05 19:34 . 2011-11-02 13:22 92256 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2016-10-18 14:52 . 2011-05-21 05:01 2825992 ----a-w- c:\windows\system32\nvapi.dll
2016-10-18 14:52 . 2006-11-02 10:25 14497712 ----a-w- c:\windows\system32\nvd3dum.dll
2016-10-18 13:49 . 2011-11-10 12:50 4397624 ----a-w- c:\windows\system32\nvcpl.dll
2016-10-18 13:49 . 2011-11-10 12:50 3068864 ----a-w- c:\windows\system32\nvsvc.dll
2016-10-18 13:48 . 2011-11-10 12:50 68544 ----a-w- c:\windows\system32\nvshext.dll
2016-10-18 13:48 . 2011-11-10 12:50 677312 ----a-w- c:\windows\system32\nvvsvc.exe
2016-10-18 13:48 . 2011-11-10 12:50 381888 ----a-w- c:\windows\system32\nvmctray.dll
2016-10-18 13:48 . 2011-11-10 12:50 2563128 ----a-w- c:\windows\system32\nvsvcr.dll
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2016-11-07 22:53 223552 ----a-w- c:\program files\Dropbox\Client\DropboxExt.3.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt10]
@="{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}]
2016-11-07 22:53 223552 ----a-w- c:\program files\Dropbox\Client\DropboxExt.3.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2016-11-07 22:53 223552 ----a-w- c:\program files\Dropbox\Client\DropboxExt.3.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt3]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2016-11-07 22:53 223552 ----a-w- c:\program files\Dropbox\Client\DropboxExt.3.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt4]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2016-11-07 22:53 223552 ----a-w- c:\program files\Dropbox\Client\DropboxExt.3.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt5]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2016-11-07 22:53 223552 ----a-w- c:\program files\Dropbox\Client\DropboxExt.3.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt6]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2016-11-07 22:53 223552 ----a-w- c:\program files\Dropbox\Client\DropboxExt.3.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt7]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2016-11-07 22:53 223552 ----a-w- c:\program files\Dropbox\Client\DropboxExt.3.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt8]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2016-11-07 22:53 223552 ----a-w- c:\program files\Dropbox\Client\DropboxExt.3.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt9]
@="{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}]
2016-11-07 22:53 223552 ----a-w- c:\program files\Dropbox\Client\DropboxExt.3.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2016-11-05 19:34 832488 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-10 1233920]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-18 202240]
"Screenpresso"="c:\users\Jean-Pierre\AppData\Local\Learnpulse\Screenpresso\Screenpresso.exe" [2016-11-12 12370664]
"EPLTarget\P0000000000000000"="c:\windows\system32\spool\DRIVERS\W32X86\3\E_FATIILE.EXE" [2012-02-29 249440]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2016-11-15 9080768]
"NvBackend"="c:\program files\NVIDIA Corporation\Update Core\NvBackend.exe" [2016-10-18 2397120]
"RUSB3MON"="c:\program files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe" [2011-09-20 115048]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2016-09-22 587288]
"Dropbox"="c:\program files\Dropbox\Client\Dropbox.exe" [2016-11-07 25673776]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Device Monitor 4.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Device Monitor 4.lnk
backup=c:\windows\pss\Device Monitor 4.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^E_SPSU01.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\E_SPSU01.lnk
backup=c:\windows\pss\E_SPSU01.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk
backup=c:\windows\pss\Microsoft Office.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Mémento.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Mémento.lnk
backup=c:\windows\pss\Mémento.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Samsung Drive Manager Real-Time.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Drive Manager Real-Time.lnk
backup=c:\windows\pss\Samsung Drive Manager Real-Time.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^Users^Jean-Pierre^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk]
path=c:\users\Jean-Pierre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
backup=c:\windows\pss\Dropbox.lnk.Startup
backupExtension=.Startup
.
[HKLM\~\startupfolder\C:^Users^Jean-Pierre^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.4.1.lnk]
path=c:\users\Jean-Pierre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
backup=c:\windows\pss\OpenOffice.org 3.4.1.lnk.Startup
backupExtension=.Startup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPLTarget
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acronis Scheduler2 Service]
2007-10-07 16:08 140568 ----a-w- c:\program files\Common Files\Acronis\Schedule2\schedhlp.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AcronisTimounterMonitor]
2007-10-07 16:36 904880 ----a-w- c:\program files\Acronis\TrueImageHome\TimounterMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2014-12-19 16:50 1022152 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUSPRP]
2014-03-25 15:27 1134752 ----a-w- c:\program files\ASUS\APRP\aprp.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
2008-01-22 09:13 152872 ----a-w- c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dropbox]
2016-11-07 22:58 25673776 ----a-w- c:\program files\Dropbox\Client\Dropbox.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EEventManager]
2011-10-31 12:25 1058400 ----a-w- c:\program files\Epson Software\Event Manager\EEventManager.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPLTarget\P0000000000000000]
2012-02-29 06:03 249440 ----a-w- c:\windows\System32\spool\drivers\w32x86\3\E_FATIILE.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MagicSpeed]
2004-01-12 09:13 214016 ----a-w- c:\program files\SamsungODD\Magic Speed\MagicSL.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mxomssmenu]
2008-07-21 15:54 169312 ----a-w- c:\program files\Maxtor\OneTouch Status\MaxMenuMgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Name of App]
2011-11-23 13:41 692307 ----a-w- c:\program files\SAMSUNG\FW LiveUpdate\FWManager.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2008-05-28 06:27 570664 ----a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvBackend]
2016-10-18 18:42 2397120 ----a-w- c:\program files\NVIDIA Corporation\Update Core\NvBackend.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Screenpresso]
2016-11-12 19:11 12370664 ----a-w- c:\users\Jean-Pierre\AppData\Local\Learnpulse\Screenpresso\Screenpresso.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TrueImageMonitor.exe]
2007-10-07 16:01 2620336 ----a-w- c:\program files\Acronis\TrueImageHome\TrueImageMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
2008-01-18 22:38 1008184 ----a-w- c:\program files\Windows Defender\MSASCui.exe
.
S2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;c:\program files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [2009-05-14 759048]
S2 ACEDRV08;ACEDRV08;c:\windows\system32\drivers\ACEDRV08.sys [2011-11-04 108768]
.
.
--- Autres Services/Pilotes en mémoire ---
.
*NewlyCreated* - MBAMSWISSARMY
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-08-20 12:24 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2016-11-04 18:18 1106072 ----a-w- c:\program files\Google\Chrome\Application\49.0.2623.112\Installer\chrmstp.exe
.
Contenu du dossier 'Tâches planifiées'
.
2016-11-08 c:\windows\Tasks\Adobe Flash Player PPAPI Notifier.job
- c:\windows\system32\Macromed\Flash\FlashUtil32_23_0_0_205_pepper.exe [2016-11-07 22:12]
.
2016-11-08 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-02 13:19]
.
2016-11-19 c:\windows\Tasks\DropboxUpdateTaskMachineCore.job
- c:\program files\Dropbox\Update\DropboxUpdate.exe [2016-11-05 08:58]
.
2016-11-19 c:\windows\Tasks\DropboxUpdateTaskMachineUA.job
- c:\program files\Dropbox\Update\DropboxUpdate.exe [2016-11-05 08:58]
.
2016-11-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-11-04 18:11]
.
2016-11-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-11-04 18:11]
.
2012-12-09 c:\windows\Tasks\Rescue Reminder for 2HAA5T2M.job
- c:\program files\Maxtor\ManagerApp\MaxUtilities.exe [2008-07-21 15:52]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.orange.fr/
mStart Page =
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Jean-Pierre\AppData\Roaming\Mozilla\Firefox\Profiles\zxslg9gl.default-1351797009267\
FF - prefs.js: browser.search.selectedEngine - Bing
FF - prefs.js: browser.startup.homepage - hxxp://www.orange.fr/portail
FF - ExtSQL: 2016-11-05 20:34; sp@avast.com; c:\program files\AVAST Software\Avast\SafePrice\FF
FF - ExtSQL: 2016-11-09 17:21; e-webprint@epson.com; c:\program files\Epson Software\E-Web Print\Firefox Add-on
.
- - - - ORPHELINS SUPPRIMES - - - -
.
SafeBoot-SolutoService
MSConfigStartUp-MaxtorOneTouch - c:\program files\Maxtor\ManagerApp\Onetouch.exe
MSConfigStartUp-ROC_ROC_NT - c:\program files\AVG Secure Search\ROC_ROC_NT.exe
MSConfigStartUp-Samsung Drive Manager - c:\program files\Clarus\Samsung Drive Manager\Drive Manager.exe
AddRemove-AviSynth - c:\program files\AviSynth 2.5\Uninstall.exe
AddRemove-CCleaner - c:\program files\CCleaner\uninst.exe
AddRemove-EBP Utilitaire d'échanges 1.1 - c:\programdata\{7C92D371-D7DA-40C3-A9DD-F2040D5CF57E}\setup.exe
AddRemove-EBP Utilitaire d'échanges 1.1.2 - c:\programdata\{7E679B5D-5180-4CBF-B7B2-79A43403C62E}\setup.exe
AddRemove-EBP Utilitaire d'échanges 1.1.3 - c:\programdata\{E7384988-402B-4E25-9422-A1635E52B9C9}\setup.exe
AddRemove-EPSON PERFECTION V500 PHOTO Guide d'utilisation - c:\program files\EPSON\TPMANUAL\PerfV500\FRA\USE_G\DOCUNINS.EXE
AddRemove-{2BDA0D88-9E0C-467e-847E-6C7B89FB650D}_is1 - c:\program files\4Videosoft Studio\4Videosoft MTS Converter\unins000.exe
AddRemove-{5E39F2FB-0D5B-413E-903C-3F495017109C} - c:\programdata\{E7384988-402B-4E25-9422-A1635E52B9C9}\setup.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2016-11-22 17:40
Windows 6.0.6002 Service Pack 2 NTFS
.
Recherche de processus cachés ...
.
Recherche d'éléments en démarrage automatique cachés ...
.
Recherche de fichiers cachés ...
.
Scan terminé avec succès
Fichiers cachés: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\{73526619-C24F-470B-9BED-53D455FBB5C6}]
"ImagePath"="\??\c:\program files\CyberLink\PowerDVD12\Common\NavFilter\000.fcl"
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
--------------------- DLLs chargées dans les processus actifs ---------------------
.
- - - - - - - > 'lsass.exe'(1500)
c:\windows\system32\relog_ap.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\program files\NVIDIA Corporation\Display\nvxdsync.exe
c:\windows\system32\nvvsvc.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files\AVAST Software\Avast\wsc_proxy.exe
c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
c:\program files\Common Files\Acronis\Schedule2\schedul2.exe
c:\program files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\windows\System32\ASGT.exe
c:\program files\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
c:\program files\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
c:\windows\system32\DbxSvc.exe
c:\windows\system32\EscSvc.exe
c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Maxtor\Sync\SyncServices.exe
c:\program files\Malwarebytes Anti-Malware\mbamscheduler.exe
c:\program files\Malwarebytes Anti-Malware\mbamservice.exe
c:\program files\EPSON\MyEpson Portal\mepService.exe
c:\program files\Nero\Update\NASvc.exe
c:\program files\EPSON\MyEpson Portal\mep.exe
c:\program files\Common Files\Nero\Nero BackItUp 4\NBService.exe
c:\program files\Malwarebytes Anti-Malware\mbam.exe
c:\program files\NVIDIA Corporation\NetService\NvNetworkService.exe
c:\windows\system32\IoctlSvc.exe
c:\program files\Microsoft Application Virtualization Client\sftvsa.exe
c:\program files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
c:\program files\Microsoft Application Virtualization Client\sftlist.exe
c:\windows\System32\WUDFHost.exe
c:\program files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
c:\program files\NVIDIA Corporation\Display\nvtray.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\wermgr.exe
c:\windows\system32\wermgr.exe
c:\windows\system32\conime.exe
c:\program files\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe
.
**************************************************************************
.
Heure de fin: 2016-11-22 17:42:47 - La machine a redémarré
ComboFix-quarantined-files.txt 2016-11-22 16:42
.
Avant-CF: 115 976 364 032 octets libres
Après-CF: 116 770 828 288 octets libres
.
- - End Of File - - 49AF6D2C36B1524777B0741C83EEFF1C
C99C3199CFAA4CBDCD91493F6D113A50
Microsoft® Windows Vista Édition Familiale Premium 6.0.6002.2.1252.33.1036.18.3326.2168 [GMT 1:00]
Lancé depuis: c:\users\Jean-Pierre\Downloads\ComboFix.exe
AV: Avast Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Avast Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\ma-config.com
c:\program files\ma-config.com\config.xml
c:\program files\ma-config.com\CPUID\cpuidsdk.dll
c:\program files\ma-config.com\Drivers\driverhardwarev2.sys
c:\program files\ma-config.com\Drivers\driverhardwarev2ia64.sys
c:\program files\ma-config.com\Drivers\driverhardwarev2x64.cat
c:\program files\ma-config.com\Drivers\driverhardwarev2x64.sys
c:\program files\ma-config.com\Drivers\matos9x.vxd
c:\program files\ma-config.com\Langues\LangueMC_ar.xml
c:\program files\ma-config.com\Langues\LangueMC_de.xml
c:\program files\ma-config.com\Langues\LangueMC_en.xml
c:\program files\ma-config.com\Langues\LangueMC_es.xml
c:\program files\ma-config.com\Langues\LangueMC_fr.xml
c:\program files\ma-config.com\Langues\LangueMC_pt.xml
c:\program files\ma-config.com\Langues\LangueMC_ru.xml
c:\program files\ma-config.com\ma-config.html
c:\program files\ma-config.com\maconfservice.exe
c:\program files\ma-config.com\MCATLActiveX.dll
c:\program files\ma-config.com\MCBCL.dll
c:\program files\ma-config.com\MCNoyau.dll
c:\program files\ma-config.com\MCrypt.dll
c:\program files\ma-config.com\MCSettings.exe
c:\program files\ma-config.com\MCStubUser.exe
c:\program files\ma-config.com\nphardwaredetection.dll
c:\program files\ma-config.com\sqlite3.dll
c:\program files\ma-config.com\StartDetection.html
c:\programdata\ma-config.com
c:\programdata\ma-config.com\Logs\activex.txt
c:\programdata\ma-config.com\Logs\maconfservice.txt
c:\programdata\ma-config.com\Logs\mcstubuser.txt
c:\programdata\ma-config.com\Logs\npapi.txt
c:\programdata\ma-config.com\mcbase.db
c:\users\Jean-Pierre\OperaSetup.exe
c:\users\Jean-Pierre\ZHPCleaner.exe
c:\users\Jean-Pierre\ZHPDiag3.exe
.
.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_driverhardwarev2
-------\Legacy_driverhardwarev2
-------\Service_driverhardwarev2
-------\Service_maconfservice
-------\Service_driverhardwarev2
-------\Service_maconfservice
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2016-10-22 au 2016-11-22 ))))))))))))))))))))))))))))))))))))
.
.
2016-11-22 16:38 . 2013-07-02 15:29 22776 ----a-w- c:\windows\system32\drivers\IOMap.sys
2016-11-22 16:33 . 2016-11-22 16:33 -------- d-----w- c:\users\Default\AppData\Local\temp
2016-11-19 17:23 . 2016-11-19 17:38 -------- d-----w- c:\users\Jean-Pierre\AppData\Roaming\ObviousIdea
2016-11-19 17:23 . 2016-11-19 17:23 -------- d-----w- c:\program files\ObviousIdea
2016-11-19 07:10 . 2016-11-22 13:26 -------- d-----w- C:\AdwCleaner
2016-11-18 13:33 . 2016-11-18 13:33 -------- d-----w- c:\program files\Common Files\Java
2016-11-18 13:30 . 2016-11-18 13:30 95808 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2016-11-18 13:29 . 2016-11-18 13:33 -------- d-----w- c:\programdata\Oracle
2016-11-18 10:34 . 2016-11-18 10:34 -------- d-----w- c:\users\Jean-Pierre\AppData\Roaming\Opera Mail
2016-11-18 10:34 . 2016-11-18 10:34 -------- d-----w- c:\users\Jean-Pierre\AppData\Local\Opera Mail
2016-11-18 10:34 . 2016-11-18 10:34 -------- d-----w- c:\users\Jean-Pierre\AppData\Local\Programs
2016-11-16 14:28 . 2016-11-16 14:28 -------- d-----w- c:\programdata\Package Cache
2016-11-16 14:28 . 2016-10-18 14:52 16128720 ----a-w- c:\windows\system32\nvwgf2um.dll
2016-11-16 14:28 . 2016-10-18 14:52 912432 ----a-w- c:\windows\system32\nvdispgenco3234200.dll
2016-11-16 14:28 . 2016-10-18 14:52 3994560 ----a-w- c:\windows\system32\nvcuvid.dll
2016-11-16 14:28 . 2016-10-18 14:52 24208952 ----a-w- c:\windows\system32\nvoglv32.dll
2016-11-16 14:28 . 2016-10-18 14:52 11272008 ----a-w- c:\windows\system32\nvopencl.dll
2016-11-16 14:28 . 2016-10-18 14:52 11209336 ----a-w- c:\windows\system32\nvcuda.dll
2016-11-16 14:28 . 2016-10-18 14:52 10716096 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2016-11-16 14:28 . 2016-10-18 14:52 1060400 ----a-w- c:\windows\system32\nvdispco3234200.dll
2016-11-16 14:28 . 2016-10-18 14:52 15302712 ----a-w- c:\windows\system32\nvcompiler.dll
2016-11-15 18:11 . 2016-11-22 16:38 -------- d-----w- c:\program files\Mozilla Thunderbird
2016-11-13 20:55 . 2016-11-13 20:55 -------- d-----w- c:\users\Jean-Pierre\{d0842ef6-73c9-4b9e-9f98-8f4c99f5745f}
2016-11-13 20:52 . 2016-11-15 17:37 -------- d-----w- c:\users\Jean-Pierre\{687f94b8-b030-440b-a8c1-834a95ad08be}
2016-11-12 19:05 . 2016-11-12 19:05 -------- d-----w- c:\users\Jean-Pierre\AppData\Local\ZipZap
2016-11-09 19:25 . 2016-11-09 19:55 -------- d-----w- c:\users\Jean-Pierre\AppData\Roaming\DeepBurner
2016-11-09 18:45 . 2016-11-09 18:45 -------- d-----w- c:\program files\Astonsoft
2016-11-07 22:49 . 2016-11-07 22:49 63600 ----a-w- c:\windows\system32\drivers\dbx-stable.sys
2016-11-07 22:49 . 2016-11-07 22:49 63600 ----a-w- c:\windows\system32\drivers\dbx-dev.sys
2016-11-07 22:49 . 2016-11-07 22:49 63600 ----a-w- c:\windows\system32\drivers\dbx-canary.sys
2016-11-07 22:49 . 2016-11-07 22:49 35440 ----a-w- c:\windows\system32\DbxSvc.exe
2016-11-07 14:02 . 2016-11-20 14:53 -------- d-----w- c:\users\Jean-Pierre\AppData\Local\NVIDIA
2016-11-07 14:02 . 2016-11-07 14:02 -------- d-----w- c:\program files\AGEIA Technologies
2016-11-07 14:01 . 2014-07-02 21:28 895264 ----a-w- c:\windows\system32\nvhdagenco3220103.dll
2016-11-07 14:01 . 2014-07-02 21:28 28448 ----a-w- c:\windows\system32\nvhdap32.dll
2016-11-07 14:01 . 2014-07-02 21:28 162592 ----a-w- c:\windows\system32\drivers\nvhda32v.sys
2016-11-07 14:01 . 2016-10-18 13:48 7471705 ----a-w- c:\windows\system32\nvcoproc.bin
2016-11-07 14:00 . 2014-07-02 20:54 907552 ----a-w- c:\windows\system32\nvdispgenco3234052.dll
2016-11-07 14:00 . 2014-07-02 20:54 1054552 ----a-w- c:\windows\system32\nvdispco3234052.dll
2016-11-06 09:23 . 2016-11-06 09:23 -------- d-----w- c:\programdata\ZoomBrowser
2016-11-06 09:22 . 2016-11-06 09:22 -------- d-----w- c:\programdata\Canon_Inc_IC
2016-11-06 09:22 . 2016-11-06 09:24 -------- d-----w- c:\program files\Canon
2016-11-06 09:21 . 2016-11-06 09:21 -------- d-----w- c:\program files\Common Files\Canon
2016-11-06 07:28 . 2016-11-06 07:28 -------- d-----w- c:\users\Jean-Pierre\AppData\Local\CEF
2016-11-05 19:34 . 2016-11-05 19:34 184592 ----a-w- c:\windows\system32\drivers\aswStmXP.sys
2016-11-05 19:34 . 2016-11-05 19:34 35096 ----a-w- c:\windows\system32\drivers\aswKbd.sys
2016-11-05 19:34 . 2016-11-05 19:34 921280 ----a-w- c:\windows\ucrtbase.dll
2016-11-05 19:34 . 2016-11-05 19:34 319760 ----a-w- c:\windows\system32\aswBoot.exe
2016-11-05 19:34 . 2016-11-05 19:34 53208 ----a-w- c:\windows\avastSS.scr
2016-11-05 18:48 . 2016-11-05 18:49 -------- d-----w- c:\program files\ZHPFix
2016-11-05 17:59 . 2016-11-12 19:11 -------- d-----w- c:\users\Jean-Pierre\AppData\Local\Learnpulse
2016-11-05 17:59 . 2016-11-12 19:11 -------- d-----w- c:\users\Jean-Pierre\AppData\Roaming\Learnpulse
2016-11-05 15:19 . 2016-11-05 15:19 -------- d-----w- c:\program files\Common Files\EPSON
2016-11-05 15:08 . 2007-04-10 00:06 8192 ----a-w- c:\windows\system32\E_DCINST.DLL
2016-11-05 15:08 . 2011-04-20 02:03 95232 ----a-w- c:\windows\system32\E_FLBILE.DLL
2016-11-05 15:08 . 2011-03-15 02:03 81408 ----a-w- c:\windows\system32\E_FD4BILE.DLL
2016-11-05 13:05 . 2016-11-22 12:28 -------- d-----w- c:\users\Jean-Pierre\AppData\Roaming\ZHP
2016-11-05 11:53 . 2016-11-22 16:40 170200 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2016-11-05 11:52 . 2016-11-05 11:54 -------- d-----w- c:\program files\Malwarebytes Anti-Malware
2016-11-05 11:52 . 2016-11-05 11:52 -------- d-----w- c:\programdata\Malwarebytes
2016-11-05 11:52 . 2016-03-10 13:09 53120 ----a-w- c:\windows\system32\drivers\mwac.sys
2016-11-05 11:52 . 2016-03-10 13:08 126336 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2016-11-05 11:52 . 2016-03-10 13:08 24448 ----a-w- c:\windows\system32\drivers\mbam.sys
2016-11-05 08:58 . 2016-11-05 08:58 -------- d-----w- c:\windows\system32\vbox
2016-11-05 08:58 . 2016-11-22 15:51 -------- d-----w- c:\users\Jean-Pierre\AppData\Local\Dropbox
2016-11-05 08:58 . 2016-11-05 08:58 -------- d-----w- c:\programdata\Dropbox
2016-11-05 02:24 . 2016-11-05 02:24 -------- d-----w- c:\windows\Migration
2016-11-04 21:07 . 2016-11-04 21:07 -------- d-----w- c:\users\Jean-Pierre\AppData\Local\Opera Software
2016-11-04 21:07 . 2016-11-04 21:07 -------- d-----w- c:\users\Jean-Pierre\AppData\Roaming\Opera Software
2016-11-04 19:43 . 2015-01-29 01:35 369664 ----a-w- c:\windows\system32\WMPhoto.dll
2016-11-04 19:43 . 2015-01-29 01:35 975360 ----a-w- c:\windows\system32\WindowsCodecs.dll
2016-11-04 19:40 . 2014-06-26 22:17 99480 ----a-w- c:\windows\system32\infocardapi.dll
2016-11-04 19:40 . 2014-06-26 22:17 8856 ----a-w- c:\windows\system32\icardres.dll
2016-11-04 19:40 . 2014-06-26 22:17 619664 ----a-w- c:\windows\system32\icardagt.exe
2016-11-04 19:40 . 2014-06-06 04:28 35480 ----a-w- c:\windows\system32\TsWpfWrp.exe
2016-11-04 19:39 . 2015-03-09 01:01 1249280 ----a-w- c:\windows\system32\msxml3.dll
2016-11-04 19:39 . 2014-08-27 00:55 2048 ----a-w- c:\windows\system32\msxml3r.dll
2016-11-04 19:39 . 2014-06-15 22:18 1131664 ----a-w- c:\windows\system32\dfshim.dll
2016-11-04 19:39 . 2014-06-13 18:22 81560 ----a-w- c:\windows\system32\mscories.dll
2016-11-04 19:39 . 2014-06-13 18:22 156824 ----a-w- c:\windows\system32\mscorier.dll
2016-11-04 19:33 . 2014-10-10 01:00 146432 ----a-w- c:\windows\system32\msaudite.dll
2016-11-04 19:33 . 2014-10-10 01:01 449536 ----a-w- c:\windows\system32\termsrv.dll
2016-11-04 19:33 . 2014-10-09 23:22 619520 ----a-w- c:\windows\system32\adtschema.dll
2016-11-04 19:32 . 2014-12-19 00:25 115200 ----a-w- c:\windows\system32\drivers\mrxdav.sys
2016-11-04 19:32 . 2014-11-04 00:19 2048 ----a-w- c:\windows\system32\tzres.dll
2016-11-04 19:31 . 2015-04-30 16:03 279040 ----a-w- c:\windows\system32\schannel.dll
2016-11-04 19:31 . 2015-01-15 04:13 440760 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2016-11-04 19:31 . 2014-10-10 01:00 1259008 ----a-w- c:\windows\system32\lsasrv.dll
2016-11-04 19:30 . 2015-03-05 02:24 297984 ----a-w- c:\windows\system32\gdi32.dll
2016-11-04 19:23 . 2014-10-24 01:03 499200 ----a-w- c:\windows\system32\kerberos.dll
2016-11-04 19:22 . 2015-03-05 02:32 244152 ----a-w- c:\windows\system32\clfs.sys
2016-11-04 19:22 . 2015-03-05 02:23 57344 ----a-w- c:\windows\system32\clfsw32.dll
2016-11-04 19:22 . 2015-03-14 02:21 1205168 ----a-w- c:\windows\system32\ntdll.dll
2016-11-04 19:22 . 2015-03-13 01:51 3604920 ----a-w- c:\windows\system32\ntkrnlpa.exe
2016-11-04 19:22 . 2015-01-09 02:04 49152 ----a-w- c:\windows\system32\csrsrv.dll
2016-11-04 19:22 . 2015-01-09 00:18 64000 ----a-w- c:\windows\system32\smss.exe
2016-11-04 19:22 . 2015-03-13 01:51 3552184 ----a-w- c:\windows\system32\ntoskrnl.exe
2016-11-04 19:21 . 2014-10-24 01:04 67072 ----a-w- c:\windows\system32\packager.dll
2016-11-04 19:17 . 2015-04-19 21:24 219648 ----a-w- c:\windows\system32\d3d10_1core.dll
2016-11-04 19:17 . 2015-04-19 21:24 189952 ----a-w- c:\windows\system32\d3d10core.dll
2016-11-04 19:17 . 2015-04-19 21:24 160768 ----a-w- c:\windows\system32\d3d10_1.dll
2016-11-04 19:17 . 2015-04-19 21:24 1029120 ----a-w- c:\windows\system32\d3d10.dll
2016-11-04 19:17 . 2015-04-19 20:19 1172480 ----a-w- c:\windows\system32\d3d10warp.dll
2016-11-04 19:17 . 2015-04-19 20:18 486400 ----a-w- c:\windows\system32\d3d10level9.dll
2016-11-04 19:17 . 2015-04-19 20:13 682496 ----a-w- c:\windows\system32\d2d1.dll
2016-11-04 19:17 . 2015-04-19 20:12 1072640 ----a-w- c:\windows\system32\DWrite.dll
2016-11-04 19:17 . 2015-04-19 20:12 801792 ----a-w- c:\windows\system32\FntCache.dll
2016-11-04 19:17 . 2015-04-19 04:59 2065408 ----a-w- c:\windows\system32\win32k.sys
2016-11-04 19:16 . 2014-11-26 02:05 564224 ----a-w- c:\windows\system32\oleaut32.dll
2016-11-04 19:11 . 2015-02-20 02:03 34304 ----a-w- c:\windows\system32\atmlib.dll
2016-11-04 19:11 . 2015-02-20 00:28 296960 ----a-w- c:\windows\system32\atmfd.dll
2016-11-04 19:11 . 2015-04-30 13:14 102608 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2016-11-04 19:10 . 2015-04-08 01:11 1219584 ----a-w- c:\program files\Windows Journal\NBDoc.DLL
2016-11-04 19:10 . 2015-04-08 01:11 985088 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll
2016-11-04 19:10 . 2015-04-08 01:11 939008 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2016-11-04 19:10 . 2015-04-07 23:35 1850880 ----a-w- c:\program files\Windows Journal\Journal.exe
2016-11-04 19:10 . 2015-04-08 01:11 967168 ----a-w- c:\program files\Windows Journal\JNWDRV.dll
2016-11-04 19:06 . 2015-01-21 02:02 807936 ----a-w- c:\windows\system32\msctf.dll
2016-11-04 19:06 . 2014-08-12 02:25 729600 ----a-w- c:\windows\system32\IMJP10K.DLL
2016-11-04 19:03 . 2014-10-13 01:12 2264064 ----a-w- c:\windows\system32\msi.dll
2016-11-04 19:03 . 2014-06-02 10:31 332800 ----a-w- c:\windows\system32\msihnd.dll
2016-11-04 19:03 . 2014-06-02 10:30 1993728 ----a-w- c:\windows\system32\authui.dll
2016-11-04 19:03 . 2014-06-02 10:30 33280 ----a-w- c:\windows\system32\appinfo.dll
2016-11-04 19:03 . 2014-06-02 08:56 82432 ----a-w- c:\windows\system32\consent.exe
2016-11-04 18:56 . 2014-10-03 01:18 274432 ----a-w- c:\windows\system32\AUDIOKSE.dll
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-11-08 11:53 . 2012-04-02 15:29 796352 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2016-11-08 11:53 . 2011-11-03 14:31 142528 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2016-11-05 19:34 . 2015-05-22 16:57 224752 ----a-w- c:\windows\system32\drivers\aswvmm.sys
2016-11-05 19:34 . 2011-11-02 13:22 433768 ----a-w- c:\windows\system32\drivers\aswsp.sys
2016-11-05 19:34 . 2011-11-02 13:22 735488 ----a-w- c:\windows\system32\drivers\aswsnx.sys
2016-11-05 19:34 . 2015-05-22 16:57 60424 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2016-11-05 19:34 . 2011-11-02 13:22 66688 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2016-11-05 19:34 . 2015-05-22 17:14 34008 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2016-11-05 19:34 . 2011-11-02 13:22 64272 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2016-11-05 19:34 . 2011-11-02 13:22 92256 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2016-10-18 14:52 . 2011-05-21 05:01 2825992 ----a-w- c:\windows\system32\nvapi.dll
2016-10-18 14:52 . 2006-11-02 10:25 14497712 ----a-w- c:\windows\system32\nvd3dum.dll
2016-10-18 13:49 . 2011-11-10 12:50 4397624 ----a-w- c:\windows\system32\nvcpl.dll
2016-10-18 13:49 . 2011-11-10 12:50 3068864 ----a-w- c:\windows\system32\nvsvc.dll
2016-10-18 13:48 . 2011-11-10 12:50 68544 ----a-w- c:\windows\system32\nvshext.dll
2016-10-18 13:48 . 2011-11-10 12:50 677312 ----a-w- c:\windows\system32\nvvsvc.exe
2016-10-18 13:48 . 2011-11-10 12:50 381888 ----a-w- c:\windows\system32\nvmctray.dll
2016-10-18 13:48 . 2011-11-10 12:50 2563128 ----a-w- c:\windows\system32\nvsvcr.dll
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2016-11-07 22:53 223552 ----a-w- c:\program files\Dropbox\Client\DropboxExt.3.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt10]
@="{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}]
2016-11-07 22:53 223552 ----a-w- c:\program files\Dropbox\Client\DropboxExt.3.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2016-11-07 22:53 223552 ----a-w- c:\program files\Dropbox\Client\DropboxExt.3.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt3]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2016-11-07 22:53 223552 ----a-w- c:\program files\Dropbox\Client\DropboxExt.3.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt4]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2016-11-07 22:53 223552 ----a-w- c:\program files\Dropbox\Client\DropboxExt.3.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt5]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2016-11-07 22:53 223552 ----a-w- c:\program files\Dropbox\Client\DropboxExt.3.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt6]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2016-11-07 22:53 223552 ----a-w- c:\program files\Dropbox\Client\DropboxExt.3.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt7]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2016-11-07 22:53 223552 ----a-w- c:\program files\Dropbox\Client\DropboxExt.3.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt8]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2016-11-07 22:53 223552 ----a-w- c:\program files\Dropbox\Client\DropboxExt.3.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt9]
@="{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}]
2016-11-07 22:53 223552 ----a-w- c:\program files\Dropbox\Client\DropboxExt.3.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2016-11-05 19:34 832488 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-10 1233920]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-18 202240]
"Screenpresso"="c:\users\Jean-Pierre\AppData\Local\Learnpulse\Screenpresso\Screenpresso.exe" [2016-11-12 12370664]
"EPLTarget\P0000000000000000"="c:\windows\system32\spool\DRIVERS\W32X86\3\E_FATIILE.EXE" [2012-02-29 249440]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2016-11-15 9080768]
"NvBackend"="c:\program files\NVIDIA Corporation\Update Core\NvBackend.exe" [2016-10-18 2397120]
"RUSB3MON"="c:\program files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe" [2011-09-20 115048]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2016-09-22 587288]
"Dropbox"="c:\program files\Dropbox\Client\Dropbox.exe" [2016-11-07 25673776]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Device Monitor 4.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Device Monitor 4.lnk
backup=c:\windows\pss\Device Monitor 4.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^E_SPSU01.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\E_SPSU01.lnk
backup=c:\windows\pss\E_SPSU01.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk
backup=c:\windows\pss\Microsoft Office.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Mémento.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Mémento.lnk
backup=c:\windows\pss\Mémento.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Samsung Drive Manager Real-Time.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Drive Manager Real-Time.lnk
backup=c:\windows\pss\Samsung Drive Manager Real-Time.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^Users^Jean-Pierre^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk]
path=c:\users\Jean-Pierre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
backup=c:\windows\pss\Dropbox.lnk.Startup
backupExtension=.Startup
.
[HKLM\~\startupfolder\C:^Users^Jean-Pierre^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.4.1.lnk]
path=c:\users\Jean-Pierre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
backup=c:\windows\pss\OpenOffice.org 3.4.1.lnk.Startup
backupExtension=.Startup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPLTarget
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acronis Scheduler2 Service]
2007-10-07 16:08 140568 ----a-w- c:\program files\Common Files\Acronis\Schedule2\schedhlp.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AcronisTimounterMonitor]
2007-10-07 16:36 904880 ----a-w- c:\program files\Acronis\TrueImageHome\TimounterMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2014-12-19 16:50 1022152 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUSPRP]
2014-03-25 15:27 1134752 ----a-w- c:\program files\ASUS\APRP\aprp.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
2008-01-22 09:13 152872 ----a-w- c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dropbox]
2016-11-07 22:58 25673776 ----a-w- c:\program files\Dropbox\Client\Dropbox.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EEventManager]
2011-10-31 12:25 1058400 ----a-w- c:\program files\Epson Software\Event Manager\EEventManager.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPLTarget\P0000000000000000]
2012-02-29 06:03 249440 ----a-w- c:\windows\System32\spool\drivers\w32x86\3\E_FATIILE.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MagicSpeed]
2004-01-12 09:13 214016 ----a-w- c:\program files\SamsungODD\Magic Speed\MagicSL.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mxomssmenu]
2008-07-21 15:54 169312 ----a-w- c:\program files\Maxtor\OneTouch Status\MaxMenuMgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Name of App]
2011-11-23 13:41 692307 ----a-w- c:\program files\SAMSUNG\FW LiveUpdate\FWManager.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2008-05-28 06:27 570664 ----a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvBackend]
2016-10-18 18:42 2397120 ----a-w- c:\program files\NVIDIA Corporation\Update Core\NvBackend.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Screenpresso]
2016-11-12 19:11 12370664 ----a-w- c:\users\Jean-Pierre\AppData\Local\Learnpulse\Screenpresso\Screenpresso.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TrueImageMonitor.exe]
2007-10-07 16:01 2620336 ----a-w- c:\program files\Acronis\TrueImageHome\TrueImageMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
2008-01-18 22:38 1008184 ----a-w- c:\program files\Windows Defender\MSASCui.exe
.
S2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;c:\program files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [2009-05-14 759048]
S2 ACEDRV08;ACEDRV08;c:\windows\system32\drivers\ACEDRV08.sys [2011-11-04 108768]
.
.
--- Autres Services/Pilotes en mémoire ---
.
*NewlyCreated* - MBAMSWISSARMY
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-08-20 12:24 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2016-11-04 18:18 1106072 ----a-w- c:\program files\Google\Chrome\Application\49.0.2623.112\Installer\chrmstp.exe
.
Contenu du dossier 'Tâches planifiées'
.
2016-11-08 c:\windows\Tasks\Adobe Flash Player PPAPI Notifier.job
- c:\windows\system32\Macromed\Flash\FlashUtil32_23_0_0_205_pepper.exe [2016-11-07 22:12]
.
2016-11-08 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-02 13:19]
.
2016-11-19 c:\windows\Tasks\DropboxUpdateTaskMachineCore.job
- c:\program files\Dropbox\Update\DropboxUpdate.exe [2016-11-05 08:58]
.
2016-11-19 c:\windows\Tasks\DropboxUpdateTaskMachineUA.job
- c:\program files\Dropbox\Update\DropboxUpdate.exe [2016-11-05 08:58]
.
2016-11-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-11-04 18:11]
.
2016-11-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-11-04 18:11]
.
2012-12-09 c:\windows\Tasks\Rescue Reminder for 2HAA5T2M.job
- c:\program files\Maxtor\ManagerApp\MaxUtilities.exe [2008-07-21 15:52]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.orange.fr/
mStart Page =
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Jean-Pierre\AppData\Roaming\Mozilla\Firefox\Profiles\zxslg9gl.default-1351797009267\
FF - prefs.js: browser.search.selectedEngine - Bing
FF - prefs.js: browser.startup.homepage - hxxp://www.orange.fr/portail
FF - ExtSQL: 2016-11-05 20:34; sp@avast.com; c:\program files\AVAST Software\Avast\SafePrice\FF
FF - ExtSQL: 2016-11-09 17:21; e-webprint@epson.com; c:\program files\Epson Software\E-Web Print\Firefox Add-on
.
- - - - ORPHELINS SUPPRIMES - - - -
.
SafeBoot-SolutoService
MSConfigStartUp-MaxtorOneTouch - c:\program files\Maxtor\ManagerApp\Onetouch.exe
MSConfigStartUp-ROC_ROC_NT - c:\program files\AVG Secure Search\ROC_ROC_NT.exe
MSConfigStartUp-Samsung Drive Manager - c:\program files\Clarus\Samsung Drive Manager\Drive Manager.exe
AddRemove-AviSynth - c:\program files\AviSynth 2.5\Uninstall.exe
AddRemove-CCleaner - c:\program files\CCleaner\uninst.exe
AddRemove-EBP Utilitaire d'échanges 1.1 - c:\programdata\{7C92D371-D7DA-40C3-A9DD-F2040D5CF57E}\setup.exe
AddRemove-EBP Utilitaire d'échanges 1.1.2 - c:\programdata\{7E679B5D-5180-4CBF-B7B2-79A43403C62E}\setup.exe
AddRemove-EBP Utilitaire d'échanges 1.1.3 - c:\programdata\{E7384988-402B-4E25-9422-A1635E52B9C9}\setup.exe
AddRemove-EPSON PERFECTION V500 PHOTO Guide d'utilisation - c:\program files\EPSON\TPMANUAL\PerfV500\FRA\USE_G\DOCUNINS.EXE
AddRemove-{2BDA0D88-9E0C-467e-847E-6C7B89FB650D}_is1 - c:\program files\4Videosoft Studio\4Videosoft MTS Converter\unins000.exe
AddRemove-{5E39F2FB-0D5B-413E-903C-3F495017109C} - c:\programdata\{E7384988-402B-4E25-9422-A1635E52B9C9}\setup.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2016-11-22 17:40
Windows 6.0.6002 Service Pack 2 NTFS
.
Recherche de processus cachés ...
.
Recherche d'éléments en démarrage automatique cachés ...
.
Recherche de fichiers cachés ...
.
Scan terminé avec succès
Fichiers cachés: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\{73526619-C24F-470B-9BED-53D455FBB5C6}]
"ImagePath"="\??\c:\program files\CyberLink\PowerDVD12\Common\NavFilter\000.fcl"
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
--------------------- DLLs chargées dans les processus actifs ---------------------
.
- - - - - - - > 'lsass.exe'(1500)
c:\windows\system32\relog_ap.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\program files\NVIDIA Corporation\Display\nvxdsync.exe
c:\windows\system32\nvvsvc.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files\AVAST Software\Avast\wsc_proxy.exe
c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
c:\program files\Common Files\Acronis\Schedule2\schedul2.exe
c:\program files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\windows\System32\ASGT.exe
c:\program files\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
c:\program files\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
c:\windows\system32\DbxSvc.exe
c:\windows\system32\EscSvc.exe
c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Maxtor\Sync\SyncServices.exe
c:\program files\Malwarebytes Anti-Malware\mbamscheduler.exe
c:\program files\Malwarebytes Anti-Malware\mbamservice.exe
c:\program files\EPSON\MyEpson Portal\mepService.exe
c:\program files\Nero\Update\NASvc.exe
c:\program files\EPSON\MyEpson Portal\mep.exe
c:\program files\Common Files\Nero\Nero BackItUp 4\NBService.exe
c:\program files\Malwarebytes Anti-Malware\mbam.exe
c:\program files\NVIDIA Corporation\NetService\NvNetworkService.exe
c:\windows\system32\IoctlSvc.exe
c:\program files\Microsoft Application Virtualization Client\sftvsa.exe
c:\program files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
c:\program files\Microsoft Application Virtualization Client\sftlist.exe
c:\windows\System32\WUDFHost.exe
c:\program files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
c:\program files\NVIDIA Corporation\Display\nvtray.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\wermgr.exe
c:\windows\system32\wermgr.exe
c:\windows\system32\conime.exe
c:\program files\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe
.
**************************************************************************
.
Heure de fin: 2016-11-22 17:42:47 - La machine a redémarré
ComboFix-quarantined-files.txt 2016-11-22 16:42
.
Avant-CF: 115 976 364 032 octets libres
Après-CF: 116 770 828 288 octets libres
.
- - End Of File - - 49AF6D2C36B1524777B0741C83EEFF1C
C99C3199CFAA4CBDCD91493F6D113A50