Publicité
Publicité
Format du document : text/plain
Prévisualisation
ComboFix 17-12-11.01 - utilisateur 07/01/2018 20:22:32.1.8 - x64
Microsoft Windows 7 Édition Familiale Premium 6.1.7601.1.1252.33.1036.18.12269.8959 [GMT 1:00]
Lancé depuis: c:\users\utilisateur\Desktop\ComboFix.exe
AV: IObit Malware Fighter *Enabled/Updated* {2C1A27ED-EADF-56B0-8FBA-D38AFF9152A2}
AV: Suite de Sécurité Orange *Disabled/Updated* {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
FW: Suite de Sécurité Orange *Disabled* {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}
SP: IObit Malware Fighter *Enabled/Updated* {977BC609-CCE5-593E-B50A-E8F88416181F}
SP: Suite de Sécurité Orange *Disabled/Updated* {3D579475-6DDE-A186-1569-44B9F9DE8725}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\Tiem.txt
c:\windows\wininit.ini
.
.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_NPF
-------\Service_AdobeUpdateService
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2017-12-07 au 2018-01-07 ))))))))))))))))))))))))))))))))))))
.
.
2018-01-07 19:31 . 2018-01-07 19:31 7712 ----a-w- c:\windows\system32\drivers\xiynqintg.sys
2018-01-06 17:44 . 2018-01-06 17:44 -------- d-----w- c:\users\utilisateur\AppData\Local\Lavasoft
2018-01-06 17:44 . 2018-01-06 17:44 -------- d-----w- c:\users\utilisateur\AppData\Roaming\Lavasoft
2018-01-06 17:44 . 2018-01-06 17:44 -------- d-----w- c:\program files (x86)\Lavasoft
2018-01-06 17:44 . 2018-01-06 17:44 -------- d-----w- c:\programdata\Lavasoft
2018-01-05 17:45 . 2018-01-05 17:45 -------- d-----w- c:\program files (x86)\Common Files\Borland Shared
2018-01-05 17:45 . 1999-11-12 04:11 183808 ----a-w- c:\windows\SysWow64\BDEADMIN.CPL
2018-01-05 17:45 . 1999-01-20 04:01 210032 ----a-w- c:\windows\SysWow64\DBCLIENT.DLL
2018-01-05 15:42 . 2018-01-05 15:42 7712 ----a-w- c:\windows\system32\drivers\zbngraucl.sys
2018-01-05 15:42 . 2018-01-05 15:42 142760 ----a-w- c:\windows\system32\drivers\xpfzzrfux.sys
2018-01-05 12:21 . 2018-01-05 12:21 142760 ----a-w- c:\windows\system32\drivers\wlvmgwbgn.sys
2018-01-02 16:24 . 2018-01-02 16:24 -------- d-----w- c:\users\utilisateur\AppData\Roaming\4Free
2018-01-02 16:17 . 2018-01-02 16:17 -------- d-----w- c:\users\utilisateur\.fontconfig
2018-01-02 16:16 . 2018-01-02 16:16 -------- d-----w- c:\programdata\Movavi
2018-01-02 16:16 . 2018-01-02 16:16 -------- d-----w- c:\programdata\Movavi Video Converter 18
2018-01-02 16:09 . 2018-01-02 16:10 -------- d-----w- c:\users\utilisateur\AppData\Roaming\Apowersoft
2018-01-02 15:45 . 2018-01-02 15:45 -------- d-----w- c:\programdata\DigitalWave.ApplicationUpdater_files
2018-01-02 15:44 . 2018-01-02 15:44 -------- d-----w- c:\program files (x86)\FreeCodecPack
2018-01-02 15:44 . 2018-01-02 16:13 -------- d-----w- c:\program files (x86)\Common Files\DVDVideoSoft
2018-01-02 15:44 . 2018-01-02 16:13 -------- d-----w- c:\users\utilisateur\AppData\Roaming\DVDVideoSoft
2018-01-02 15:17 . 2018-01-05 12:21 -------- d-----w- c:\program files (x86)\DVD Flick
2018-01-02 15:17 . 2013-10-03 16:02 40960 ----a-w- c:\windows\SysWow64\ssubtmr6.dll
2018-01-02 15:17 . 2013-10-03 16:02 36864 ----a-w- c:\windows\SysWow64\trayicon_handler.ocx
2018-01-02 14:30 . 2018-01-02 14:30 -------- d-----w- c:\users\utilisateur\AppData\Local\FreemakeVideoConverter
2017-12-27 15:00 . 2017-12-27 15:00 -------- d-----w- c:\users\utilisateur\AppData\Local\gtk-3.0
2017-12-27 15:00 . 2017-12-27 15:00 -------- d-----w- c:\users\utilisateur\AppData\Local\RawTherapee
2017-12-27 14:58 . 2017-12-27 14:58 -------- d-----w- c:\program files\RawTherapee
2017-12-27 14:21 . 2017-12-27 14:21 -------- d-----w- c:\users\utilisateur\AppData\Roaming\hugin
2017-12-27 14:19 . 2017-12-27 14:19 -------- d-----w- c:\program files\Hugin
2017-12-27 10:50 . 2017-12-27 10:50 -------- d-----w- c:\program files\Google
2017-12-22 15:25 . 2018-01-05 16:44 -------- d-----w- c:\users\utilisateur\AppData\Roaming\MPC-HC
2017-12-20 15:18 . 2017-12-20 15:18 -------- d-----w- c:\users\utilisateur\AppData\Local\TumblRipper
2017-12-20 15:13 . 2017-12-20 15:13 -------- d-----w- c:\program files (x86)\TumblRipper
2017-12-20 12:44 . 2017-12-20 12:44 -------- d-----w- c:\users\utilisateur\AppData\Roaming\Intertel
2017-12-20 12:44 . 2017-12-20 15:18 -------- d-----w- c:\users\utilisateur\AppData\Local\SquirrelTemp
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2018-01-05 19:21 . 2017-10-11 10:28 133326408 -c--a-w- c:\windows\system32\MRT-KB890830.exe
2018-01-05 19:21 . 2016-04-01 09:25 133326408 -c--a-w- c:\windows\system32\MRT.exe
2018-01-05 15:20 . 2017-08-03 13:59 22096064 ----a-w- c:\windows\system32\nvwgf2umx.dll
2018-01-05 15:20 . 2017-08-03 13:59 492232 ----a-w- c:\windows\system32\nvumdshimx.dll
2018-01-05 15:20 . 2017-08-03 13:58 18207576 ----a-w- c:\windows\system32\nvd3dumx.dll
2018-01-05 15:20 . 2017-08-03 13:58 15027984 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2018-01-05 15:20 . 2017-08-03 13:57 4284680 ----a-w- c:\windows\system32\nvapi64.dll
2018-01-05 15:20 . 2017-08-03 13:57 3798848 ----a-w- c:\windows\SysWow64\nvapi.dll
2017-12-13 13:29 . 2016-08-05 18:57 803328 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2017-12-13 13:29 . 2016-08-05 18:57 144896 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2017-12-07 07:50 . 2017-12-07 07:50 142760 ----a-w- c:\windows\system32\drivers\daqpvbzve.sys
2017-12-03 18:00 . 2017-12-03 18:00 142760 ----a-w- c:\windows\system32\drivers\ixuktsmfq.sys
2017-11-25 06:37 . 2017-11-25 06:37 142760 ----a-w- c:\windows\system32\drivers\jagzrfhyv.sys
2017-11-23 14:12 . 2017-11-23 14:12 1989056 ----a-w- c:\windows\system32\nvdispco6438813.dll
2017-11-23 14:12 . 2017-11-23 14:12 1673848 ----a-w- c:\windows\system32\nvdispgenco6438813.dll
2017-11-23 14:11 . 2017-11-23 14:11 122848 ----a-w- c:\windows\system32\RtNicProp64.dll
2017-11-23 14:11 . 2017-11-23 14:11 1077216 ----a-w- c:\windows\system32\drivers\Rt64win7.sys
2017-11-23 14:11 . 2016-04-01 09:08 118816 ----a-w- c:\windows\system32\RTNUninst64.dll
2017-11-22 11:10 . 2017-11-22 11:10 142760 ----a-w- c:\windows\system32\drivers\srloxpfov.sys
2017-11-16 01:41 . 2016-09-25 11:53 2404800 ----a-w- c:\windows\system32\nvspcap64.dll
2017-11-16 01:41 . 2016-09-25 11:53 2070976 ----a-w- c:\windows\SysWow64\nvspcap.dll
2017-11-16 01:41 . 2016-09-25 11:53 1309120 ----a-w- c:\windows\system32\NvRtmpStreamer64.dll
2017-11-16 01:41 . 2017-11-24 08:42 57792 ----a-w- c:\windows\system32\drivers\nvvhci.sys
2017-11-16 01:41 . 2017-11-24 08:42 50624 ----a-w- c:\windows\system32\drivers\nvvad64v.sys
2017-11-16 01:41 . 2017-06-30 15:26 186304 ----a-w- c:\windows\system32\nvaudcap64v.dll
2017-11-16 01:41 . 2017-06-30 15:26 152512 ----a-w- c:\windows\SysWow64\nvaudcap32v.dll
2017-11-16 00:53 . 2017-01-12 08:54 1951 ----a-w- c:\windows\NvTelemetryContainerRecovery.bat
2017-11-15 16:18 . 2017-11-15 16:18 1988216 ----a-w- c:\windows\system32\nvdispco6438792.dll
2017-11-15 16:18 . 2017-11-15 16:18 1606776 ----a-w- c:\windows\system32\nvdispgenco6438792.dll
2017-11-15 16:17 . 2017-11-15 16:17 54680 ----a-w- c:\windows\system32\nvhdap64.dll
2017-11-15 16:17 . 2017-11-15 16:17 227408 ----a-w- c:\windows\system32\drivers\nvhda64v.sys
2017-11-15 16:17 . 2017-08-03 14:00 1624144 ----a-w- c:\windows\system32\nvhdagenco6420103.dll
2017-11-15 14:04 . 2017-11-15 14:04 142760 ----a-w- c:\windows\system32\drivers\zklwuyryk.sys
2017-11-09 16:47 . 2016-09-25 11:53 1951 ----a-w- c:\windows\NvContainerRecovery.bat
2017-11-06 12:55 . 2017-11-06 12:55 142760 ----a-w- c:\windows\system32\drivers\qnqudusnw.sys
2017-11-03 12:50 . 2017-11-03 12:50 142760 ----a-w- c:\windows\system32\drivers\bpynalwdb.sys
2017-11-02 10:05 . 2017-11-02 10:05 142760 ----a-w- c:\windows\system32\drivers\uaiohlsvv.sys
2017-10-23 15:11 . 2017-10-23 15:11 1988216 ----a-w- c:\windows\system32\nvdispco6438569.dll
2017-10-23 15:11 . 2017-10-23 15:11 1606592 ----a-w- c:\windows\system32\nvdispgenco6438569.dll
2017-10-18 07:31 . 2017-11-15 11:04 395976 ----a-w- c:\windows\system32\iedkcs32.dll
2017-10-18 02:34 . 2017-11-15 11:03 134376 ----a-w- c:\windows\system32\CompatTelRunner.exe
2017-10-18 02:30 . 2017-11-15 11:03 605184 ----a-w- c:\windows\system32\aeinv.dll
2017-10-18 02:06 . 2017-11-15 11:04 344064 ----a-w- c:\windows\system32\drivers\usbhub.sys
2017-10-18 02:06 . 2017-11-15 11:04 99840 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2017-10-18 02:06 . 2017-11-15 11:04 56320 ----a-w- c:\windows\system32\drivers\usbehci.sys
2017-10-18 02:06 . 2017-11-15 11:04 327168 ----a-w- c:\windows\system32\drivers\usbport.sys
2017-10-18 02:06 . 2017-11-15 11:04 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2017-10-18 02:06 . 2017-11-15 11:04 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2017-10-18 02:06 . 2017-11-15 11:04 7808 ----a-w- c:\windows\system32\drivers\usbd.sys
2017-10-16 23:07 . 2017-11-15 11:04 1680616 ----a-w- c:\windows\system32\drivers\ntfs.sys
2017-10-16 22:34 . 2017-11-15 11:04 3222528 ----a-w- c:\windows\system32\win32k.sys
2017-10-16 21:55 . 2017-11-15 11:04 339968 ----a-w- c:\windows\SysWow64\msexcl40.dll
2017-10-15 22:04 . 2017-11-15 11:03 407392 ----a-w- c:\windows\system32\centel.dll
2017-10-14 09:50 . 2016-07-05 15:49 1011192 ----a-w- c:\windows\system32\drivers\klif.sys
2017-10-14 09:50 . 2016-07-05 15:49 279544 ----a-w- c:\windows\system32\drivers\klhk.sys
2017-10-14 09:50 . 2015-12-11 16:28 186360 ----a-w- c:\windows\system32\drivers\klflt.sys
2017-10-14 08:38 . 2017-11-15 11:04 25731584 ----a-w- c:\windows\system32\mshtml.dll
2017-10-14 08:23 . 2017-11-15 11:04 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2017-10-14 08:23 . 2017-11-15 11:04 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2017-10-14 08:13 . 2017-11-15 11:04 2903552 ----a-w- c:\windows\system32\iertutil.dll
2017-10-14 08:12 . 2017-11-15 11:04 66560 ----a-w- c:\windows\system32\iesetup.dll
2017-10-14 08:11 . 2017-11-15 11:04 48640 ----a-w- c:\windows\system32\ieetwproxystub.dll
2017-10-14 08:11 . 2017-11-15 11:04 576512 ----a-w- c:\windows\system32\vbscript.dll
2017-10-14 08:11 . 2017-11-15 11:04 417792 ----a-w- c:\windows\system32\html.iec
2017-10-14 08:11 . 2017-11-15 11:04 88064 ----a-w- c:\windows\system32\MshtmlDac.dll
2017-10-14 08:09 . 2017-11-15 11:04 5979648 ----a-w- c:\windows\system32\jscript9.dll
2017-10-14 08:05 . 2017-11-15 11:04 54784 ----a-w- c:\windows\system32\jsproxy.dll
2017-10-14 08:04 . 2017-11-15 11:04 34304 ----a-w- c:\windows\system32\iernonce.dll
2017-10-14 08:02 . 2017-11-15 11:04 615936 ----a-w- c:\windows\system32\ieui.dll
2017-10-14 08:01 . 2017-11-15 11:04 116224 ----a-w- c:\windows\system32\ieetwcollector.exe
2017-10-14 08:01 . 2017-11-15 11:04 144384 ----a-w- c:\windows\system32\ieUnatt.exe
2017-10-14 08:01 . 2017-11-15 11:04 816640 ----a-w- c:\windows\system32\jscript.dll
2017-10-14 08:00 . 2017-11-15 11:04 814080 ----a-w- c:\windows\system32\jscript9diag.dll
2017-10-14 07:55 . 2017-11-15 11:04 968704 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2017-10-14 07:53 . 2017-11-15 11:04 489984 ----a-w- c:\windows\system32\dxtmsft.dll
2017-10-14 07:47 . 2017-11-15 11:04 77824 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2017-10-14 07:47 . 2017-11-15 11:04 87552 ----a-w- c:\windows\system32\tdc.ocx
2017-10-14 07:46 . 2017-11-15 11:04 107520 ----a-w- c:\windows\system32\inseng.dll
2017-10-14 07:43 . 2017-11-15 11:04 199680 ----a-w- c:\windows\system32\msrating.dll
2017-10-14 07:43 . 2017-11-15 11:04 92160 ----a-w- c:\windows\system32\mshtmled.dll
2017-10-14 07:41 . 2017-11-15 11:04 315392 ----a-w- c:\windows\system32\dxtrans.dll
2017-10-14 07:40 . 2017-11-15 11:04 152064 ----a-w- c:\windows\system32\occache.dll
2017-10-14 07:31 . 2017-11-15 11:04 262144 ----a-w- c:\windows\system32\webcheck.dll
2017-10-14 07:30 . 2017-11-15 11:04 15266816 ----a-w- c:\windows\system32\ieframe.dll
2017-10-14 07:30 . 2017-11-15 11:04 726528 ----a-w- c:\windows\system32\ie4uinit.exe
2017-10-14 07:29 . 2017-11-15 11:04 807936 ----a-w- c:\windows\system32\msfeeds.dll
2017-10-14 07:28 . 2017-11-15 11:04 1359360 ----a-w- c:\windows\system32\mshtmlmedia.dll
2017-10-14 07:27 . 2017-11-15 11:04 2134528 ----a-w- c:\windows\system32\inetcpl.cpl
2017-10-14 07:21 . 2017-11-15 11:04 3241472 ----a-w- c:\windows\system32\wininet.dll
2017-10-14 07:09 . 2017-11-15 11:04 1544704 ----a-w- c:\windows\system32\urlmon.dll
2017-10-14 07:03 . 2017-11-15 11:04 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb
2017-10-14 06:58 . 2017-11-15 11:04 800768 ----a-w- c:\windows\system32\ieapfltr.dll
2017-10-14 06:53 . 2017-11-15 11:04 499200 ----a-w- c:\windows\SysWow64\vbscript.dll
2017-10-14 06:53 . 2017-11-15 11:04 62464 ----a-w- c:\windows\SysWow64\iesetup.dll
2017-10-14 06:52 . 2017-11-15 11:04 47616 ----a-w- c:\windows\SysWow64\ieetwproxystub.dll
2017-10-14 06:52 . 2017-11-15 11:04 341504 ----a-w- c:\windows\SysWow64\html.iec
2017-10-14 06:51 . 2017-11-15 11:04 64000 ----a-w- c:\windows\SysWow64\MshtmlDac.dll
2017-10-14 06:45 . 2017-11-15 11:04 115712 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2017-10-14 06:45 . 2017-11-15 11:04 620032 ----a-w- c:\windows\SysWow64\jscript9diag.dll
2017-10-14 06:35 . 2017-11-15 11:04 60416 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MyDriveConnect.exe"="c:\program files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe" [2017-08-04 1986280]
"GoogleDriveSync"="c:\program files (x86)\Google\Drive\googledrivesync.exe" [2017-11-20 41061856]
"OCCDesktop"="c:\program files\Le Cloud d'Orange\OrangeCloudApplication.exe" [2017-10-31 4563968]
"Adobe Acrobat Synchronizer"="c:\program files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe" [2017-11-04 886768]
"GUDelayStartup"="c:\program files (x86)\Glary Utilities 5\StartupManager.exe" [2017-12-15 44024]
"RocketDock"="c:\program files (x86)\RocketDock\RocketDock.exe" [2007-09-02 495616]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2017-12-01 10249048]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe Creative Cloud"="c:\program files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" [2017-09-20 2407008]
"Nikon Message Center 2"="c:\program files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe" [2016-01-08 588288]
"IObit Malware Fighter"="c:\program files (x86)\IObit\IObit Malware Fighter\IMF.exe" [2017-11-20 5764384]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSimpleNetIDList"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]
@="Service"
.
R0 hekznqut.sys;hekznqut.sys;c:\windows\System32\drivers\hekznqut.sys;c:\windows\SYSNATIVE\drivers\hekznqut.sys [x]
R0 pfgozbll.sys;pfgozbll.sys;c:\windows\System32\drivers\pfgozbll.sys;c:\windows\SYSNATIVE\drivers\pfgozbll.sys [x]
R1 arbpnzgdm.sys;arbpnzgdm.sys;c:\windows\system32\drivers\arbpnzgdm.sys;c:\windows\SYSNATIVE\drivers\arbpnzgdm.sys [x]
R1 atldpogvo.sys;atldpogvo.sys;c:\windows\system32\drivers\atldpogvo.sys;c:\windows\SYSNATIVE\drivers\atldpogvo.sys [x]
R1 bmlmmigie.sys;bmlmmigie.sys;c:\windows\system32\drivers\bmlmmigie.sys;c:\windows\SYSNATIVE\drivers\bmlmmigie.sys [x]
R1 chlxuifhn.sys;chlxuifhn.sys;c:\windows\system32\drivers\chlxuifhn.sys;c:\windows\SYSNATIVE\drivers\chlxuifhn.sys [x]
R1 eblhdfvtt.sys;eblhdfvtt.sys;c:\windows\system32\drivers\eblhdfvtt.sys;c:\windows\SYSNATIVE\drivers\eblhdfvtt.sys [x]
R1 gdzftrqfv.sys;gdzftrqfv.sys;c:\windows\system32\drivers\gdzftrqfv.sys;c:\windows\SYSNATIVE\drivers\gdzftrqfv.sys [x]
R1 haanvuday.sys;haanvuday.sys;c:\windows\system32\drivers\haanvuday.sys;c:\windows\SYSNATIVE\drivers\haanvuday.sys [x]
R1 idduqneux.sys;idduqneux.sys;c:\windows\system32\drivers\idduqneux.sys;c:\windows\SYSNATIVE\drivers\idduqneux.sys [x]
R1 lfyvfgnkm.sys;lfyvfgnkm.sys;c:\windows\system32\drivers\lfyvfgnkm.sys;c:\windows\SYSNATIVE\drivers\lfyvfgnkm.sys [x]
R1 nolwvfmgo.sys;nolwvfmgo.sys;c:\windows\system32\drivers\nolwvfmgo.sys;c:\windows\SYSNATIVE\drivers\nolwvfmgo.sys [x]
R1 qrumxzklx.sys;qrumxzklx.sys;c:\windows\system32\drivers\qrumxzklx.sys;c:\windows\SYSNATIVE\drivers\qrumxzklx.sys [x]
R1 vfkwphimv.sys;vfkwphimv.sys;c:\windows\system32\drivers\vfkwphimv.sys;c:\windows\SYSNATIVE\drivers\vfkwphimv.sys [x]
R1 xdiotsqev.sys;xdiotsqev.sys;c:\windows\system32\drivers\xdiotsqev.sys;c:\windows\SYSNATIVE\drivers\xdiotsqev.sys [x]
R1 xiynqintg.sys;xiynqintg.sys;c:\windows\system32\drivers\xiynqintg.sys;c:\windows\SYSNATIVE\drivers\xiynqintg.sys [x]
R1 zbngraucl.sys;zbngraucl.sys;c:\windows\system32\drivers\zbngraucl.sys;c:\windows\SYSNATIVE\drivers\zbngraucl.sys [x]
R2 AdobeActiveFileMonitor11.0;Adobe Active File Monitor V11;c:\program files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe;c:\program files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 GoProDeviceDetectionService;GoPro Device Detection Service;c:\program files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe;c:\program files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe [x]
R2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
R3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys;c:\windows\SYSNATIVE\DRIVERS\asmthub3.sys [x]
R3 cpuz143;cpuz143;c:\windows\temp\cpuz143\cpuz143_x64.sys;c:\windows\temp\cpuz143\cpuz143_x64.sys [x]
R3 FlashUSB;FlashUSB;c:\windows\system32\DRIVERS\FlashUSB.sys;c:\windows\SYSNATIVE\DRIVERS\FlashUSB.sys [x]
R3 guillflt;Guillemot Audio Lower Filter;c:\windows\system32\DRIVERS\guillflt.sys;c:\windows\SYSNATIVE\DRIVERS\guillflt.sys [x]
R3 hxctlflt;hxctlflt;c:\windows\system32\Drivers\hxctlflt.sys;c:\windows\SYSNATIVE\Drivers\hxctlflt.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 IMFFilter;IMFFilter;c:\program files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\IMFFilter.sys;c:\program files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\IMFFilter.sys [x]
R3 IUFileFilter;IUFileFilter;c:\program files (x86)\IObit\IObit Uninstaller\drivers\win7_amd64\IUFileFilter.sys;c:\program files (x86)\IObit\IObit Uninstaller\drivers\win7_amd64\IUFileFilter.sys [x]
R3 IURegProcessFilter;IURegProcessFilter;c:\program files (x86)\IObit\IObit Uninstaller\drivers\win7_amd64\IURegProcessFilter.sys;c:\program files (x86)\IObit\IObit Uninstaller\drivers\win7_amd64\IURegProcessFilter.sys [x]
R3 klids;klids;c:\programdata\Kaspersky Lab\AVP16.0.1\Bases\klids.sys;c:\programdata\Kaspersky Lab\AVP16.0.1\Bases\klids.sys [x]
R3 klvssbrigde64;klvssbrigde64;c:\program files (x86)\Orange\Orange Security Suite 10.10\x64\vssbridge64.exe;c:\program files (x86)\Orange\Orange Security Suite 10.10\x64\vssbridge64.exe [x]
R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;c:\windows\system32\DRIVERS\LEqdUsb.Sys;c:\windows\SYSNATIVE\DRIVERS\LEqdUsb.Sys [x]
R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;c:\windows\system32\DRIVERS\LHidEqd.Sys;c:\windows\SYSNATIVE\DRIVERS\LHidEqd.Sys [x]
R3 NvContainerNetworkService;NVIDIA NetworkService Container;c:\program files\NVIDIA Corporation\NvContainer\nvcontainer.exe;c:\program files\NVIDIA Corporation\NvContainer\nvcontainer.exe [x]
R3 NvStreamKms;NVIDIA KMS;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RegFilter;RegFilter;c:\program files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys;c:\program files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [x]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
R3 rtsuvc;Hercules HD Twist;c:\windows\system32\DRIVERS\rtsuvc.sys;c:\windows\SYSNATIVE\DRIVERS\rtsuvc.sys [x]
R3 semav6msr64;semav6msr64;c:\windows\system32\drivers\semav6msr64.sys;c:\windows\SYSNATIVE\drivers\semav6msr64.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 UsbClientService;UsbClientService;c:\program files (x86)\Synology\Assistant\UsbClientService.exe;c:\program files (x86)\Synology\Assistant\UsbClientService.exe [x]
R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys;c:\windows\SYSNATIVE\DRIVERS\wdcsam64.sys [x]
R3 WsAppService;Wondershare Application Framework Service;c:\program files (x86)\Wondershare\WAF\2.4.3.225\WsAppService.exe;c:\program files (x86)\Wondershare\WAF\2.4.3.225\WsAppService.exe [x]
S0 cm_km;Kaspersky Lab ZAO Cryptographic Module x64 (Weak);c:\windows\system32\DRIVERS\cm_km.sys;c:\windows\SYSNATIVE\DRIVERS\cm_km.sys [x]
S0 gxmrihho.sys;gxmrihho.sys;c:\windows\System32\drivers\gxmrihho.sys;c:\windows\SYSNATIVE\drivers\gxmrihho.sys [x]
S0 klbackupdisk;Kaspersky Lab klbackupdisk;c:\windows\system32\DRIVERS\klbackupdisk.sys;c:\windows\SYSNATIVE\DRIVERS\klbackupdisk.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S1 GUBootStartup;GUBootStartup;c:\windows\System32\drivers\GUBootStartup.sys;c:\windows\SYSNATIVE\drivers\GUBootStartup.sys [x]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\SysWOW64\drivers\HWiNFO64A.SYS;c:\windows\SysWOW64\drivers\HWiNFO64A.SYS [x]
S1 IMFCameraProtect;IMFCameraProtect;c:\windows\system32\drivers\IMFCameraProtect.sys;c:\windows\SYSNATIVE\drivers\IMFCameraProtect.sys [x]
S1 klbackupflt;Kaspersky Lab klbackupflt;c:\windows\system32\DRIVERS\klbackupflt.sys;c:\windows\SYSNATIVE\DRIVERS\klbackupflt.sys [x]
S1 klhk;Kaspersky Lab service driver;c:\windows\system32\DRIVERS\klhk.sys;c:\windows\SYSNATIVE\DRIVERS\klhk.sys [x]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys;c:\windows\SYSNATIVE\DRIVERS\klim6.sys [x]
S1 klpd;Kaspersky Lab format recognizer driver;c:\windows\system32\DRIVERS\klpd.sys;c:\windows\SYSNATIVE\DRIVERS\klpd.sys [x]
S1 kltdi;kltdi;c:\windows\system32\DRIVERS\kltdi.sys;c:\windows\SYSNATIVE\DRIVERS\kltdi.sys [x]
S1 Klwtp;KLwtp - WFP callout traffic inspector;c:\windows\system32\DRIVERS\klwtp.sys;c:\windows\SYSNATIVE\DRIVERS\klwtp.sys [x]
S1 kneps;kneps;c:\windows\system32\DRIVERS\kneps.sys;c:\windows\SYSNATIVE\DRIVERS\kneps.sys [x]
S1 kptksjwmv.sys;kptksjwmv.sys;c:\windows\system32\drivers\kptksjwmv.sys;c:\windows\SYSNATIVE\drivers\kptksjwmv.sys [x]
S2 AGSService;Adobe Genuine Software Integrity Service;c:\program files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe;c:\program files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [x]
S2 Apple Mobile Device Service;Apple Mobile Device Service;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [x]
S2 AVP16.0.1;Suite de Sécurité Orange 10.10;c:\program files (x86)\Orange\Orange Security Suite 10.10\avp.exe;c:\program files (x86)\Orange\Orange Security Suite 10.10\avp.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 DigitalWave.Update.Service;Digital Wave Update Service;c:\program files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe;c:\program files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [x]
S2 gzflt;gzflt;c:\windows\system32\DRIVERS\gzflt.sys;c:\windows\SYSNATIVE\DRIVERS\gzflt.sys [x]
S2 IMFservice;IMF Service;c:\program files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe;c:\program files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [x]
S2 kldisk;kldisk;c:\windows\system32\DRIVERS\kldisk.sys;c:\windows\SYSNATIVE\DRIVERS\kldisk.sys [x]
S2 NvContainerLocalSystem;NVIDIA LocalSystem Container;c:\program files\NVIDIA Corporation\NvContainer\nvcontainer.exe;c:\program files\NVIDIA Corporation\NvContainer\nvcontainer.exe [x]
S2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS;c:\program files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe;c:\program files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [x]
S2 NvTelemetryContainer;NVIDIA Telemetry Container;c:\program files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe;c:\program files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [x]
S2 RealPlayerUpdateSvc;RealPlayer Update Service;c:\program files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe;c:\program files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [x]
S2 RealTimes Desktop Service;RealTimes Desktop Service;c:\program files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe;c:\program files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe [x]
S2 WCAssistantService;WC Assistant;c:\program files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe;c:\program files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe [x]
S3 asmtxhci;ASMedia XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys;c:\windows\SYSNATIVE\DRIVERS\asmtxhci.sys [x]
S3 busenum;Synology Virtual USB Hub;c:\windows\system32\DRIVERS\busenum.sys;c:\windows\SYSNATIVE\DRIVERS\busenum.sys [x]
S3 IMFDownProtect;IMFDownProtect;c:\program files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\IMFDownProtect.sys;c:\program files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\IMFDownProtect.sys [x]
S3 IMFForceDelete;IMFForceDelete;c:\program files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\IMFForceDelete.sys;c:\program files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\IMFForceDelete.sys [x]
S3 klflt;Kaspersky Lab Kernel DLL;c:\windows\system32\DRIVERS\klflt.sys;c:\windows\SYSNATIVE\DRIVERS\klflt.sys [x]
S3 klkbdflt;Kaspersky Lab KLKBDFLT;c:\windows\system32\DRIVERS\klkbdflt.sys;c:\windows\SYSNATIVE\DRIVERS\klkbdflt.sys [x]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys;c:\windows\SYSNATIVE\DRIVERS\klmouflt.sys [x]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys;c:\windows\SYSNATIVE\DRIVERS\netr28x.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 nvvhci;NVVHCI Enumerator Service;c:\windows\system32\DRIVERS\nvvhci.sys;c:\windows\SYSNATIVE\DRIVERS\nvvhci.sys [x]
.
.
--- Autres Services/Pilotes en mémoire ---
.
*NewlyCreated* - GXMRIHHO.SYS
*NewlyCreated* - KPTKSJWMV.SYS
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr QWAVE wcncsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{A6EADE66-0000-0000-484E-7E8A45000000}]
2017-07-31 22:31 324080 ----a-w- c:\program files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
2017-05-22 10:16 2478880 ----a-w- c:\program files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ GoogleDriveBlacklisted]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2017-11-20 14:27 775064 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ GoogleDriveSynced]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2017-11-20 14:27 775064 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ GoogleDriveSyncing]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2017-11-20 14:27 775064 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco1]
@="{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}"
[HKEY_CLASSES_ROOT\CLSID\{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}]
2017-09-26 00:52 491600 ----a-w- c:\program files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco2]
@="{853B7E05-C47D-4985-909A-D0DC5C6D7303}"
[HKEY_CLASSES_ROOT\CLSID\{853B7E05-C47D-4985-909A-D0DC5C6D7303}]
2017-09-26 00:52 491600 ----a-w- c:\program files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco3]
@="{42D38F2E-98E9-4382-B546-E24E4D6D04BB}"
[HKEY_CLASSES_ROOT\CLSID\{42D38F2E-98E9-4382-B546-E24E4D6D04BB}]
2017-09-26 00:52 491600 ----a-w- c:\program files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AWCOverlayIconFailed]
@="{807B3DE6-04E1-41CD-BE17-79259C6F287E}"
[HKEY_CLASSES_ROOT\CLSID\{807B3DE6-04E1-41CD-BE17-79259C6F287E}]
2017-03-13 09:19 1332224 ----a-w- c:\program files\Le Cloud d'Orange\WindowsCloudShellExtensions64_3.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AWCOverlayIconIgnored]
@="{78E727AC-5F74-44D4-AB7B-1AF593CAB71A}"
[HKEY_CLASSES_ROOT\CLSID\{78E727AC-5F74-44D4-AB7B-1AF593CAB71A}]
2017-03-13 09:19 1332224 ----a-w- c:\program files\Le Cloud d'Orange\WindowsCloudShellExtensions64_3.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AWCOverlayIconUploaded]
@="{6AB3E22E-6F5C-4D4A-9F00-76BB29BAEAEF}"
[HKEY_CLASSES_ROOT\CLSID\{6AB3E22E-6F5C-4D4A-9F00-76BB29BAEAEF}]
2017-03-13 09:19 1332224 ----a-w- c:\program files\Le Cloud d'Orange\WindowsCloudShellExtensions64_3.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AWCOverlayIconUploading]
@="{5A062BD3-C231-4E7A-8782-D83B74BC2B08}"
[HKEY_CLASSES_ROOT\CLSID\{5A062BD3-C231-4E7A-8782-D83B74BC2B08}]
2017-03-13 09:19 1332224 ----a-w- c:\program files\Le Cloud d'Orange\WindowsCloudShellExtensions64_3.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2017-08-11 9228800]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2015-08-26 3113592]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2016-07-01 508128]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2017-12-05 297272]
.
------- Examen supplémentaire -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://r.orange.fr/r/Oodc_IE_oi_v2?ref=O_OI_defaultPage_IE_odc
uDefault_Search_URL =
mDefault_Search_URL =
mStart Page = about:blank
mSearch Page = www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
mSearch Bar =
uSearchAssistant = about:blank
mSearchAssistant = about:blank
IE: &Ajouter la cible du lien à un fichier PDF existant - c:\program files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll/AcroIEAppendSelLinks.html
IE: &Envoyer à OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Ajouter la page Web à un fichier PDF existant - c:\program files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll/AcroIEAppend.html
IE: Convertir la cible du lien au format Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll/AcroIECaptureSelLinks.html
IE: Convertir la page &Web au format Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll/AcroIECapture.html
IE: E&xporter vers Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
Trusted Zone: localhost
Trusted Zone: webcompanion.com
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\utilisateur\AppData\Roaming\Mozilla\Firefox\Profiles\x4na513e.default\
FF - prefs.js: browser.search.selectedEngine - Bing®
FF - prefs.js: browser.startup.homepage - hxxp://www.orange.fr/portail|http://www.journaux.fr/
.
- - - - ORPHELINS SUPPRIMES - - - -
.
Wow6432Node-HKLM-Run- - (no file)
SafeBoot-MBAMService
.
.
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,21,f0,7f,25,5f,1b,5b,45,ac,72,7b,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,21,f0,7f,25,5f,1b,5b,45,ac,72,7b,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Autres processus actifs ------------------------
.
c:\program files (x86)\IObit\IObit Malware Fighter\IMFSrvWsc.exe
c:\program files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
c:\program files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
c:\users\utilisateur\AppData\Roaming\Orange\OrangeInside\OrangeInside.exe
c:\program files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
.
**************************************************************************
.
Heure de fin: 2018-01-07 20:33:41 - La machine a redémarré
ComboFix-quarantined-files.txt 2018-01-07 19:33
.
Avant-CF: 115 178 364 928 octets libres
Après-CF: 114 896 392 192 octets libres
.
- - End Of File - - 0C0F7B8C9D08D6E66C85BBFB64BC7B3E
A36C5E4F47E84449FF07ED3517B43A31
Microsoft Windows 7 Édition Familiale Premium 6.1.7601.1.1252.33.1036.18.12269.8959 [GMT 1:00]
Lancé depuis: c:\users\utilisateur\Desktop\ComboFix.exe
AV: IObit Malware Fighter *Enabled/Updated* {2C1A27ED-EADF-56B0-8FBA-D38AFF9152A2}
AV: Suite de Sécurité Orange *Disabled/Updated* {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
FW: Suite de Sécurité Orange *Disabled* {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}
SP: IObit Malware Fighter *Enabled/Updated* {977BC609-CCE5-593E-B50A-E8F88416181F}
SP: Suite de Sécurité Orange *Disabled/Updated* {3D579475-6DDE-A186-1569-44B9F9DE8725}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\Tiem.txt
c:\windows\wininit.ini
.
.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_NPF
-------\Service_AdobeUpdateService
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2017-12-07 au 2018-01-07 ))))))))))))))))))))))))))))))))))))
.
.
2018-01-07 19:31 . 2018-01-07 19:31 7712 ----a-w- c:\windows\system32\drivers\xiynqintg.sys
2018-01-06 17:44 . 2018-01-06 17:44 -------- d-----w- c:\users\utilisateur\AppData\Local\Lavasoft
2018-01-06 17:44 . 2018-01-06 17:44 -------- d-----w- c:\users\utilisateur\AppData\Roaming\Lavasoft
2018-01-06 17:44 . 2018-01-06 17:44 -------- d-----w- c:\program files (x86)\Lavasoft
2018-01-06 17:44 . 2018-01-06 17:44 -------- d-----w- c:\programdata\Lavasoft
2018-01-05 17:45 . 2018-01-05 17:45 -------- d-----w- c:\program files (x86)\Common Files\Borland Shared
2018-01-05 17:45 . 1999-11-12 04:11 183808 ----a-w- c:\windows\SysWow64\BDEADMIN.CPL
2018-01-05 17:45 . 1999-01-20 04:01 210032 ----a-w- c:\windows\SysWow64\DBCLIENT.DLL
2018-01-05 15:42 . 2018-01-05 15:42 7712 ----a-w- c:\windows\system32\drivers\zbngraucl.sys
2018-01-05 15:42 . 2018-01-05 15:42 142760 ----a-w- c:\windows\system32\drivers\xpfzzrfux.sys
2018-01-05 12:21 . 2018-01-05 12:21 142760 ----a-w- c:\windows\system32\drivers\wlvmgwbgn.sys
2018-01-02 16:24 . 2018-01-02 16:24 -------- d-----w- c:\users\utilisateur\AppData\Roaming\4Free
2018-01-02 16:17 . 2018-01-02 16:17 -------- d-----w- c:\users\utilisateur\.fontconfig
2018-01-02 16:16 . 2018-01-02 16:16 -------- d-----w- c:\programdata\Movavi
2018-01-02 16:16 . 2018-01-02 16:16 -------- d-----w- c:\programdata\Movavi Video Converter 18
2018-01-02 16:09 . 2018-01-02 16:10 -------- d-----w- c:\users\utilisateur\AppData\Roaming\Apowersoft
2018-01-02 15:45 . 2018-01-02 15:45 -------- d-----w- c:\programdata\DigitalWave.ApplicationUpdater_files
2018-01-02 15:44 . 2018-01-02 15:44 -------- d-----w- c:\program files (x86)\FreeCodecPack
2018-01-02 15:44 . 2018-01-02 16:13 -------- d-----w- c:\program files (x86)\Common Files\DVDVideoSoft
2018-01-02 15:44 . 2018-01-02 16:13 -------- d-----w- c:\users\utilisateur\AppData\Roaming\DVDVideoSoft
2018-01-02 15:17 . 2018-01-05 12:21 -------- d-----w- c:\program files (x86)\DVD Flick
2018-01-02 15:17 . 2013-10-03 16:02 40960 ----a-w- c:\windows\SysWow64\ssubtmr6.dll
2018-01-02 15:17 . 2013-10-03 16:02 36864 ----a-w- c:\windows\SysWow64\trayicon_handler.ocx
2018-01-02 14:30 . 2018-01-02 14:30 -------- d-----w- c:\users\utilisateur\AppData\Local\FreemakeVideoConverter
2017-12-27 15:00 . 2017-12-27 15:00 -------- d-----w- c:\users\utilisateur\AppData\Local\gtk-3.0
2017-12-27 15:00 . 2017-12-27 15:00 -------- d-----w- c:\users\utilisateur\AppData\Local\RawTherapee
2017-12-27 14:58 . 2017-12-27 14:58 -------- d-----w- c:\program files\RawTherapee
2017-12-27 14:21 . 2017-12-27 14:21 -------- d-----w- c:\users\utilisateur\AppData\Roaming\hugin
2017-12-27 14:19 . 2017-12-27 14:19 -------- d-----w- c:\program files\Hugin
2017-12-27 10:50 . 2017-12-27 10:50 -------- d-----w- c:\program files\Google
2017-12-22 15:25 . 2018-01-05 16:44 -------- d-----w- c:\users\utilisateur\AppData\Roaming\MPC-HC
2017-12-20 15:18 . 2017-12-20 15:18 -------- d-----w- c:\users\utilisateur\AppData\Local\TumblRipper
2017-12-20 15:13 . 2017-12-20 15:13 -------- d-----w- c:\program files (x86)\TumblRipper
2017-12-20 12:44 . 2017-12-20 12:44 -------- d-----w- c:\users\utilisateur\AppData\Roaming\Intertel
2017-12-20 12:44 . 2017-12-20 15:18 -------- d-----w- c:\users\utilisateur\AppData\Local\SquirrelTemp
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2018-01-05 19:21 . 2017-10-11 10:28 133326408 -c--a-w- c:\windows\system32\MRT-KB890830.exe
2018-01-05 19:21 . 2016-04-01 09:25 133326408 -c--a-w- c:\windows\system32\MRT.exe
2018-01-05 15:20 . 2017-08-03 13:59 22096064 ----a-w- c:\windows\system32\nvwgf2umx.dll
2018-01-05 15:20 . 2017-08-03 13:59 492232 ----a-w- c:\windows\system32\nvumdshimx.dll
2018-01-05 15:20 . 2017-08-03 13:58 18207576 ----a-w- c:\windows\system32\nvd3dumx.dll
2018-01-05 15:20 . 2017-08-03 13:58 15027984 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2018-01-05 15:20 . 2017-08-03 13:57 4284680 ----a-w- c:\windows\system32\nvapi64.dll
2018-01-05 15:20 . 2017-08-03 13:57 3798848 ----a-w- c:\windows\SysWow64\nvapi.dll
2017-12-13 13:29 . 2016-08-05 18:57 803328 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2017-12-13 13:29 . 2016-08-05 18:57 144896 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2017-12-07 07:50 . 2017-12-07 07:50 142760 ----a-w- c:\windows\system32\drivers\daqpvbzve.sys
2017-12-03 18:00 . 2017-12-03 18:00 142760 ----a-w- c:\windows\system32\drivers\ixuktsmfq.sys
2017-11-25 06:37 . 2017-11-25 06:37 142760 ----a-w- c:\windows\system32\drivers\jagzrfhyv.sys
2017-11-23 14:12 . 2017-11-23 14:12 1989056 ----a-w- c:\windows\system32\nvdispco6438813.dll
2017-11-23 14:12 . 2017-11-23 14:12 1673848 ----a-w- c:\windows\system32\nvdispgenco6438813.dll
2017-11-23 14:11 . 2017-11-23 14:11 122848 ----a-w- c:\windows\system32\RtNicProp64.dll
2017-11-23 14:11 . 2017-11-23 14:11 1077216 ----a-w- c:\windows\system32\drivers\Rt64win7.sys
2017-11-23 14:11 . 2016-04-01 09:08 118816 ----a-w- c:\windows\system32\RTNUninst64.dll
2017-11-22 11:10 . 2017-11-22 11:10 142760 ----a-w- c:\windows\system32\drivers\srloxpfov.sys
2017-11-16 01:41 . 2016-09-25 11:53 2404800 ----a-w- c:\windows\system32\nvspcap64.dll
2017-11-16 01:41 . 2016-09-25 11:53 2070976 ----a-w- c:\windows\SysWow64\nvspcap.dll
2017-11-16 01:41 . 2016-09-25 11:53 1309120 ----a-w- c:\windows\system32\NvRtmpStreamer64.dll
2017-11-16 01:41 . 2017-11-24 08:42 57792 ----a-w- c:\windows\system32\drivers\nvvhci.sys
2017-11-16 01:41 . 2017-11-24 08:42 50624 ----a-w- c:\windows\system32\drivers\nvvad64v.sys
2017-11-16 01:41 . 2017-06-30 15:26 186304 ----a-w- c:\windows\system32\nvaudcap64v.dll
2017-11-16 01:41 . 2017-06-30 15:26 152512 ----a-w- c:\windows\SysWow64\nvaudcap32v.dll
2017-11-16 00:53 . 2017-01-12 08:54 1951 ----a-w- c:\windows\NvTelemetryContainerRecovery.bat
2017-11-15 16:18 . 2017-11-15 16:18 1988216 ----a-w- c:\windows\system32\nvdispco6438792.dll
2017-11-15 16:18 . 2017-11-15 16:18 1606776 ----a-w- c:\windows\system32\nvdispgenco6438792.dll
2017-11-15 16:17 . 2017-11-15 16:17 54680 ----a-w- c:\windows\system32\nvhdap64.dll
2017-11-15 16:17 . 2017-11-15 16:17 227408 ----a-w- c:\windows\system32\drivers\nvhda64v.sys
2017-11-15 16:17 . 2017-08-03 14:00 1624144 ----a-w- c:\windows\system32\nvhdagenco6420103.dll
2017-11-15 14:04 . 2017-11-15 14:04 142760 ----a-w- c:\windows\system32\drivers\zklwuyryk.sys
2017-11-09 16:47 . 2016-09-25 11:53 1951 ----a-w- c:\windows\NvContainerRecovery.bat
2017-11-06 12:55 . 2017-11-06 12:55 142760 ----a-w- c:\windows\system32\drivers\qnqudusnw.sys
2017-11-03 12:50 . 2017-11-03 12:50 142760 ----a-w- c:\windows\system32\drivers\bpynalwdb.sys
2017-11-02 10:05 . 2017-11-02 10:05 142760 ----a-w- c:\windows\system32\drivers\uaiohlsvv.sys
2017-10-23 15:11 . 2017-10-23 15:11 1988216 ----a-w- c:\windows\system32\nvdispco6438569.dll
2017-10-23 15:11 . 2017-10-23 15:11 1606592 ----a-w- c:\windows\system32\nvdispgenco6438569.dll
2017-10-18 07:31 . 2017-11-15 11:04 395976 ----a-w- c:\windows\system32\iedkcs32.dll
2017-10-18 02:34 . 2017-11-15 11:03 134376 ----a-w- c:\windows\system32\CompatTelRunner.exe
2017-10-18 02:30 . 2017-11-15 11:03 605184 ----a-w- c:\windows\system32\aeinv.dll
2017-10-18 02:06 . 2017-11-15 11:04 344064 ----a-w- c:\windows\system32\drivers\usbhub.sys
2017-10-18 02:06 . 2017-11-15 11:04 99840 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2017-10-18 02:06 . 2017-11-15 11:04 56320 ----a-w- c:\windows\system32\drivers\usbehci.sys
2017-10-18 02:06 . 2017-11-15 11:04 327168 ----a-w- c:\windows\system32\drivers\usbport.sys
2017-10-18 02:06 . 2017-11-15 11:04 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2017-10-18 02:06 . 2017-11-15 11:04 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2017-10-18 02:06 . 2017-11-15 11:04 7808 ----a-w- c:\windows\system32\drivers\usbd.sys
2017-10-16 23:07 . 2017-11-15 11:04 1680616 ----a-w- c:\windows\system32\drivers\ntfs.sys
2017-10-16 22:34 . 2017-11-15 11:04 3222528 ----a-w- c:\windows\system32\win32k.sys
2017-10-16 21:55 . 2017-11-15 11:04 339968 ----a-w- c:\windows\SysWow64\msexcl40.dll
2017-10-15 22:04 . 2017-11-15 11:03 407392 ----a-w- c:\windows\system32\centel.dll
2017-10-14 09:50 . 2016-07-05 15:49 1011192 ----a-w- c:\windows\system32\drivers\klif.sys
2017-10-14 09:50 . 2016-07-05 15:49 279544 ----a-w- c:\windows\system32\drivers\klhk.sys
2017-10-14 09:50 . 2015-12-11 16:28 186360 ----a-w- c:\windows\system32\drivers\klflt.sys
2017-10-14 08:38 . 2017-11-15 11:04 25731584 ----a-w- c:\windows\system32\mshtml.dll
2017-10-14 08:23 . 2017-11-15 11:04 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2017-10-14 08:23 . 2017-11-15 11:04 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2017-10-14 08:13 . 2017-11-15 11:04 2903552 ----a-w- c:\windows\system32\iertutil.dll
2017-10-14 08:12 . 2017-11-15 11:04 66560 ----a-w- c:\windows\system32\iesetup.dll
2017-10-14 08:11 . 2017-11-15 11:04 48640 ----a-w- c:\windows\system32\ieetwproxystub.dll
2017-10-14 08:11 . 2017-11-15 11:04 576512 ----a-w- c:\windows\system32\vbscript.dll
2017-10-14 08:11 . 2017-11-15 11:04 417792 ----a-w- c:\windows\system32\html.iec
2017-10-14 08:11 . 2017-11-15 11:04 88064 ----a-w- c:\windows\system32\MshtmlDac.dll
2017-10-14 08:09 . 2017-11-15 11:04 5979648 ----a-w- c:\windows\system32\jscript9.dll
2017-10-14 08:05 . 2017-11-15 11:04 54784 ----a-w- c:\windows\system32\jsproxy.dll
2017-10-14 08:04 . 2017-11-15 11:04 34304 ----a-w- c:\windows\system32\iernonce.dll
2017-10-14 08:02 . 2017-11-15 11:04 615936 ----a-w- c:\windows\system32\ieui.dll
2017-10-14 08:01 . 2017-11-15 11:04 116224 ----a-w- c:\windows\system32\ieetwcollector.exe
2017-10-14 08:01 . 2017-11-15 11:04 144384 ----a-w- c:\windows\system32\ieUnatt.exe
2017-10-14 08:01 . 2017-11-15 11:04 816640 ----a-w- c:\windows\system32\jscript.dll
2017-10-14 08:00 . 2017-11-15 11:04 814080 ----a-w- c:\windows\system32\jscript9diag.dll
2017-10-14 07:55 . 2017-11-15 11:04 968704 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2017-10-14 07:53 . 2017-11-15 11:04 489984 ----a-w- c:\windows\system32\dxtmsft.dll
2017-10-14 07:47 . 2017-11-15 11:04 77824 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2017-10-14 07:47 . 2017-11-15 11:04 87552 ----a-w- c:\windows\system32\tdc.ocx
2017-10-14 07:46 . 2017-11-15 11:04 107520 ----a-w- c:\windows\system32\inseng.dll
2017-10-14 07:43 . 2017-11-15 11:04 199680 ----a-w- c:\windows\system32\msrating.dll
2017-10-14 07:43 . 2017-11-15 11:04 92160 ----a-w- c:\windows\system32\mshtmled.dll
2017-10-14 07:41 . 2017-11-15 11:04 315392 ----a-w- c:\windows\system32\dxtrans.dll
2017-10-14 07:40 . 2017-11-15 11:04 152064 ----a-w- c:\windows\system32\occache.dll
2017-10-14 07:31 . 2017-11-15 11:04 262144 ----a-w- c:\windows\system32\webcheck.dll
2017-10-14 07:30 . 2017-11-15 11:04 15266816 ----a-w- c:\windows\system32\ieframe.dll
2017-10-14 07:30 . 2017-11-15 11:04 726528 ----a-w- c:\windows\system32\ie4uinit.exe
2017-10-14 07:29 . 2017-11-15 11:04 807936 ----a-w- c:\windows\system32\msfeeds.dll
2017-10-14 07:28 . 2017-11-15 11:04 1359360 ----a-w- c:\windows\system32\mshtmlmedia.dll
2017-10-14 07:27 . 2017-11-15 11:04 2134528 ----a-w- c:\windows\system32\inetcpl.cpl
2017-10-14 07:21 . 2017-11-15 11:04 3241472 ----a-w- c:\windows\system32\wininet.dll
2017-10-14 07:09 . 2017-11-15 11:04 1544704 ----a-w- c:\windows\system32\urlmon.dll
2017-10-14 07:03 . 2017-11-15 11:04 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb
2017-10-14 06:58 . 2017-11-15 11:04 800768 ----a-w- c:\windows\system32\ieapfltr.dll
2017-10-14 06:53 . 2017-11-15 11:04 499200 ----a-w- c:\windows\SysWow64\vbscript.dll
2017-10-14 06:53 . 2017-11-15 11:04 62464 ----a-w- c:\windows\SysWow64\iesetup.dll
2017-10-14 06:52 . 2017-11-15 11:04 47616 ----a-w- c:\windows\SysWow64\ieetwproxystub.dll
2017-10-14 06:52 . 2017-11-15 11:04 341504 ----a-w- c:\windows\SysWow64\html.iec
2017-10-14 06:51 . 2017-11-15 11:04 64000 ----a-w- c:\windows\SysWow64\MshtmlDac.dll
2017-10-14 06:45 . 2017-11-15 11:04 115712 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2017-10-14 06:45 . 2017-11-15 11:04 620032 ----a-w- c:\windows\SysWow64\jscript9diag.dll
2017-10-14 06:35 . 2017-11-15 11:04 60416 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MyDriveConnect.exe"="c:\program files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe" [2017-08-04 1986280]
"GoogleDriveSync"="c:\program files (x86)\Google\Drive\googledrivesync.exe" [2017-11-20 41061856]
"OCCDesktop"="c:\program files\Le Cloud d'Orange\OrangeCloudApplication.exe" [2017-10-31 4563968]
"Adobe Acrobat Synchronizer"="c:\program files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe" [2017-11-04 886768]
"GUDelayStartup"="c:\program files (x86)\Glary Utilities 5\StartupManager.exe" [2017-12-15 44024]
"RocketDock"="c:\program files (x86)\RocketDock\RocketDock.exe" [2007-09-02 495616]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2017-12-01 10249048]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe Creative Cloud"="c:\program files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" [2017-09-20 2407008]
"Nikon Message Center 2"="c:\program files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe" [2016-01-08 588288]
"IObit Malware Fighter"="c:\program files (x86)\IObit\IObit Malware Fighter\IMF.exe" [2017-11-20 5764384]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSimpleNetIDList"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]
@="Service"
.
R0 hekznqut.sys;hekznqut.sys;c:\windows\System32\drivers\hekznqut.sys;c:\windows\SYSNATIVE\drivers\hekznqut.sys [x]
R0 pfgozbll.sys;pfgozbll.sys;c:\windows\System32\drivers\pfgozbll.sys;c:\windows\SYSNATIVE\drivers\pfgozbll.sys [x]
R1 arbpnzgdm.sys;arbpnzgdm.sys;c:\windows\system32\drivers\arbpnzgdm.sys;c:\windows\SYSNATIVE\drivers\arbpnzgdm.sys [x]
R1 atldpogvo.sys;atldpogvo.sys;c:\windows\system32\drivers\atldpogvo.sys;c:\windows\SYSNATIVE\drivers\atldpogvo.sys [x]
R1 bmlmmigie.sys;bmlmmigie.sys;c:\windows\system32\drivers\bmlmmigie.sys;c:\windows\SYSNATIVE\drivers\bmlmmigie.sys [x]
R1 chlxuifhn.sys;chlxuifhn.sys;c:\windows\system32\drivers\chlxuifhn.sys;c:\windows\SYSNATIVE\drivers\chlxuifhn.sys [x]
R1 eblhdfvtt.sys;eblhdfvtt.sys;c:\windows\system32\drivers\eblhdfvtt.sys;c:\windows\SYSNATIVE\drivers\eblhdfvtt.sys [x]
R1 gdzftrqfv.sys;gdzftrqfv.sys;c:\windows\system32\drivers\gdzftrqfv.sys;c:\windows\SYSNATIVE\drivers\gdzftrqfv.sys [x]
R1 haanvuday.sys;haanvuday.sys;c:\windows\system32\drivers\haanvuday.sys;c:\windows\SYSNATIVE\drivers\haanvuday.sys [x]
R1 idduqneux.sys;idduqneux.sys;c:\windows\system32\drivers\idduqneux.sys;c:\windows\SYSNATIVE\drivers\idduqneux.sys [x]
R1 lfyvfgnkm.sys;lfyvfgnkm.sys;c:\windows\system32\drivers\lfyvfgnkm.sys;c:\windows\SYSNATIVE\drivers\lfyvfgnkm.sys [x]
R1 nolwvfmgo.sys;nolwvfmgo.sys;c:\windows\system32\drivers\nolwvfmgo.sys;c:\windows\SYSNATIVE\drivers\nolwvfmgo.sys [x]
R1 qrumxzklx.sys;qrumxzklx.sys;c:\windows\system32\drivers\qrumxzklx.sys;c:\windows\SYSNATIVE\drivers\qrumxzklx.sys [x]
R1 vfkwphimv.sys;vfkwphimv.sys;c:\windows\system32\drivers\vfkwphimv.sys;c:\windows\SYSNATIVE\drivers\vfkwphimv.sys [x]
R1 xdiotsqev.sys;xdiotsqev.sys;c:\windows\system32\drivers\xdiotsqev.sys;c:\windows\SYSNATIVE\drivers\xdiotsqev.sys [x]
R1 xiynqintg.sys;xiynqintg.sys;c:\windows\system32\drivers\xiynqintg.sys;c:\windows\SYSNATIVE\drivers\xiynqintg.sys [x]
R1 zbngraucl.sys;zbngraucl.sys;c:\windows\system32\drivers\zbngraucl.sys;c:\windows\SYSNATIVE\drivers\zbngraucl.sys [x]
R2 AdobeActiveFileMonitor11.0;Adobe Active File Monitor V11;c:\program files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe;c:\program files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 GoProDeviceDetectionService;GoPro Device Detection Service;c:\program files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe;c:\program files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe [x]
R2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
R3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys;c:\windows\SYSNATIVE\DRIVERS\asmthub3.sys [x]
R3 cpuz143;cpuz143;c:\windows\temp\cpuz143\cpuz143_x64.sys;c:\windows\temp\cpuz143\cpuz143_x64.sys [x]
R3 FlashUSB;FlashUSB;c:\windows\system32\DRIVERS\FlashUSB.sys;c:\windows\SYSNATIVE\DRIVERS\FlashUSB.sys [x]
R3 guillflt;Guillemot Audio Lower Filter;c:\windows\system32\DRIVERS\guillflt.sys;c:\windows\SYSNATIVE\DRIVERS\guillflt.sys [x]
R3 hxctlflt;hxctlflt;c:\windows\system32\Drivers\hxctlflt.sys;c:\windows\SYSNATIVE\Drivers\hxctlflt.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 IMFFilter;IMFFilter;c:\program files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\IMFFilter.sys;c:\program files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\IMFFilter.sys [x]
R3 IUFileFilter;IUFileFilter;c:\program files (x86)\IObit\IObit Uninstaller\drivers\win7_amd64\IUFileFilter.sys;c:\program files (x86)\IObit\IObit Uninstaller\drivers\win7_amd64\IUFileFilter.sys [x]
R3 IURegProcessFilter;IURegProcessFilter;c:\program files (x86)\IObit\IObit Uninstaller\drivers\win7_amd64\IURegProcessFilter.sys;c:\program files (x86)\IObit\IObit Uninstaller\drivers\win7_amd64\IURegProcessFilter.sys [x]
R3 klids;klids;c:\programdata\Kaspersky Lab\AVP16.0.1\Bases\klids.sys;c:\programdata\Kaspersky Lab\AVP16.0.1\Bases\klids.sys [x]
R3 klvssbrigde64;klvssbrigde64;c:\program files (x86)\Orange\Orange Security Suite 10.10\x64\vssbridge64.exe;c:\program files (x86)\Orange\Orange Security Suite 10.10\x64\vssbridge64.exe [x]
R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;c:\windows\system32\DRIVERS\LEqdUsb.Sys;c:\windows\SYSNATIVE\DRIVERS\LEqdUsb.Sys [x]
R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;c:\windows\system32\DRIVERS\LHidEqd.Sys;c:\windows\SYSNATIVE\DRIVERS\LHidEqd.Sys [x]
R3 NvContainerNetworkService;NVIDIA NetworkService Container;c:\program files\NVIDIA Corporation\NvContainer\nvcontainer.exe;c:\program files\NVIDIA Corporation\NvContainer\nvcontainer.exe [x]
R3 NvStreamKms;NVIDIA KMS;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RegFilter;RegFilter;c:\program files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys;c:\program files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [x]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
R3 rtsuvc;Hercules HD Twist;c:\windows\system32\DRIVERS\rtsuvc.sys;c:\windows\SYSNATIVE\DRIVERS\rtsuvc.sys [x]
R3 semav6msr64;semav6msr64;c:\windows\system32\drivers\semav6msr64.sys;c:\windows\SYSNATIVE\drivers\semav6msr64.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 UsbClientService;UsbClientService;c:\program files (x86)\Synology\Assistant\UsbClientService.exe;c:\program files (x86)\Synology\Assistant\UsbClientService.exe [x]
R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys;c:\windows\SYSNATIVE\DRIVERS\wdcsam64.sys [x]
R3 WsAppService;Wondershare Application Framework Service;c:\program files (x86)\Wondershare\WAF\2.4.3.225\WsAppService.exe;c:\program files (x86)\Wondershare\WAF\2.4.3.225\WsAppService.exe [x]
S0 cm_km;Kaspersky Lab ZAO Cryptographic Module x64 (Weak);c:\windows\system32\DRIVERS\cm_km.sys;c:\windows\SYSNATIVE\DRIVERS\cm_km.sys [x]
S0 gxmrihho.sys;gxmrihho.sys;c:\windows\System32\drivers\gxmrihho.sys;c:\windows\SYSNATIVE\drivers\gxmrihho.sys [x]
S0 klbackupdisk;Kaspersky Lab klbackupdisk;c:\windows\system32\DRIVERS\klbackupdisk.sys;c:\windows\SYSNATIVE\DRIVERS\klbackupdisk.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S1 GUBootStartup;GUBootStartup;c:\windows\System32\drivers\GUBootStartup.sys;c:\windows\SYSNATIVE\drivers\GUBootStartup.sys [x]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\SysWOW64\drivers\HWiNFO64A.SYS;c:\windows\SysWOW64\drivers\HWiNFO64A.SYS [x]
S1 IMFCameraProtect;IMFCameraProtect;c:\windows\system32\drivers\IMFCameraProtect.sys;c:\windows\SYSNATIVE\drivers\IMFCameraProtect.sys [x]
S1 klbackupflt;Kaspersky Lab klbackupflt;c:\windows\system32\DRIVERS\klbackupflt.sys;c:\windows\SYSNATIVE\DRIVERS\klbackupflt.sys [x]
S1 klhk;Kaspersky Lab service driver;c:\windows\system32\DRIVERS\klhk.sys;c:\windows\SYSNATIVE\DRIVERS\klhk.sys [x]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys;c:\windows\SYSNATIVE\DRIVERS\klim6.sys [x]
S1 klpd;Kaspersky Lab format recognizer driver;c:\windows\system32\DRIVERS\klpd.sys;c:\windows\SYSNATIVE\DRIVERS\klpd.sys [x]
S1 kltdi;kltdi;c:\windows\system32\DRIVERS\kltdi.sys;c:\windows\SYSNATIVE\DRIVERS\kltdi.sys [x]
S1 Klwtp;KLwtp - WFP callout traffic inspector;c:\windows\system32\DRIVERS\klwtp.sys;c:\windows\SYSNATIVE\DRIVERS\klwtp.sys [x]
S1 kneps;kneps;c:\windows\system32\DRIVERS\kneps.sys;c:\windows\SYSNATIVE\DRIVERS\kneps.sys [x]
S1 kptksjwmv.sys;kptksjwmv.sys;c:\windows\system32\drivers\kptksjwmv.sys;c:\windows\SYSNATIVE\drivers\kptksjwmv.sys [x]
S2 AGSService;Adobe Genuine Software Integrity Service;c:\program files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe;c:\program files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [x]
S2 Apple Mobile Device Service;Apple Mobile Device Service;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [x]
S2 AVP16.0.1;Suite de Sécurité Orange 10.10;c:\program files (x86)\Orange\Orange Security Suite 10.10\avp.exe;c:\program files (x86)\Orange\Orange Security Suite 10.10\avp.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 DigitalWave.Update.Service;Digital Wave Update Service;c:\program files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe;c:\program files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [x]
S2 gzflt;gzflt;c:\windows\system32\DRIVERS\gzflt.sys;c:\windows\SYSNATIVE\DRIVERS\gzflt.sys [x]
S2 IMFservice;IMF Service;c:\program files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe;c:\program files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [x]
S2 kldisk;kldisk;c:\windows\system32\DRIVERS\kldisk.sys;c:\windows\SYSNATIVE\DRIVERS\kldisk.sys [x]
S2 NvContainerLocalSystem;NVIDIA LocalSystem Container;c:\program files\NVIDIA Corporation\NvContainer\nvcontainer.exe;c:\program files\NVIDIA Corporation\NvContainer\nvcontainer.exe [x]
S2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS;c:\program files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe;c:\program files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [x]
S2 NvTelemetryContainer;NVIDIA Telemetry Container;c:\program files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe;c:\program files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [x]
S2 RealPlayerUpdateSvc;RealPlayer Update Service;c:\program files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe;c:\program files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [x]
S2 RealTimes Desktop Service;RealTimes Desktop Service;c:\program files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe;c:\program files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe [x]
S2 WCAssistantService;WC Assistant;c:\program files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe;c:\program files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe [x]
S3 asmtxhci;ASMedia XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys;c:\windows\SYSNATIVE\DRIVERS\asmtxhci.sys [x]
S3 busenum;Synology Virtual USB Hub;c:\windows\system32\DRIVERS\busenum.sys;c:\windows\SYSNATIVE\DRIVERS\busenum.sys [x]
S3 IMFDownProtect;IMFDownProtect;c:\program files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\IMFDownProtect.sys;c:\program files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\IMFDownProtect.sys [x]
S3 IMFForceDelete;IMFForceDelete;c:\program files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\IMFForceDelete.sys;c:\program files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\IMFForceDelete.sys [x]
S3 klflt;Kaspersky Lab Kernel DLL;c:\windows\system32\DRIVERS\klflt.sys;c:\windows\SYSNATIVE\DRIVERS\klflt.sys [x]
S3 klkbdflt;Kaspersky Lab KLKBDFLT;c:\windows\system32\DRIVERS\klkbdflt.sys;c:\windows\SYSNATIVE\DRIVERS\klkbdflt.sys [x]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys;c:\windows\SYSNATIVE\DRIVERS\klmouflt.sys [x]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys;c:\windows\SYSNATIVE\DRIVERS\netr28x.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 nvvhci;NVVHCI Enumerator Service;c:\windows\system32\DRIVERS\nvvhci.sys;c:\windows\SYSNATIVE\DRIVERS\nvvhci.sys [x]
.
.
--- Autres Services/Pilotes en mémoire ---
.
*NewlyCreated* - GXMRIHHO.SYS
*NewlyCreated* - KPTKSJWMV.SYS
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr QWAVE wcncsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{A6EADE66-0000-0000-484E-7E8A45000000}]
2017-07-31 22:31 324080 ----a-w- c:\program files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
2017-05-22 10:16 2478880 ----a-w- c:\program files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ GoogleDriveBlacklisted]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2017-11-20 14:27 775064 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ GoogleDriveSynced]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2017-11-20 14:27 775064 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ GoogleDriveSyncing]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2017-11-20 14:27 775064 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco1]
@="{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}"
[HKEY_CLASSES_ROOT\CLSID\{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}]
2017-09-26 00:52 491600 ----a-w- c:\program files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco2]
@="{853B7E05-C47D-4985-909A-D0DC5C6D7303}"
[HKEY_CLASSES_ROOT\CLSID\{853B7E05-C47D-4985-909A-D0DC5C6D7303}]
2017-09-26 00:52 491600 ----a-w- c:\program files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco3]
@="{42D38F2E-98E9-4382-B546-E24E4D6D04BB}"
[HKEY_CLASSES_ROOT\CLSID\{42D38F2E-98E9-4382-B546-E24E4D6D04BB}]
2017-09-26 00:52 491600 ----a-w- c:\program files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AWCOverlayIconFailed]
@="{807B3DE6-04E1-41CD-BE17-79259C6F287E}"
[HKEY_CLASSES_ROOT\CLSID\{807B3DE6-04E1-41CD-BE17-79259C6F287E}]
2017-03-13 09:19 1332224 ----a-w- c:\program files\Le Cloud d'Orange\WindowsCloudShellExtensions64_3.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AWCOverlayIconIgnored]
@="{78E727AC-5F74-44D4-AB7B-1AF593CAB71A}"
[HKEY_CLASSES_ROOT\CLSID\{78E727AC-5F74-44D4-AB7B-1AF593CAB71A}]
2017-03-13 09:19 1332224 ----a-w- c:\program files\Le Cloud d'Orange\WindowsCloudShellExtensions64_3.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AWCOverlayIconUploaded]
@="{6AB3E22E-6F5C-4D4A-9F00-76BB29BAEAEF}"
[HKEY_CLASSES_ROOT\CLSID\{6AB3E22E-6F5C-4D4A-9F00-76BB29BAEAEF}]
2017-03-13 09:19 1332224 ----a-w- c:\program files\Le Cloud d'Orange\WindowsCloudShellExtensions64_3.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AWCOverlayIconUploading]
@="{5A062BD3-C231-4E7A-8782-D83B74BC2B08}"
[HKEY_CLASSES_ROOT\CLSID\{5A062BD3-C231-4E7A-8782-D83B74BC2B08}]
2017-03-13 09:19 1332224 ----a-w- c:\program files\Le Cloud d'Orange\WindowsCloudShellExtensions64_3.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2017-08-11 9228800]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2015-08-26 3113592]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2016-07-01 508128]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2017-12-05 297272]
.
------- Examen supplémentaire -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://r.orange.fr/r/Oodc_IE_oi_v2?ref=O_OI_defaultPage_IE_odc
uDefault_Search_URL =
mDefault_Search_URL =
mStart Page = about:blank
mSearch Page = www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
mSearch Bar =
uSearchAssistant = about:blank
mSearchAssistant = about:blank
IE: &Ajouter la cible du lien à un fichier PDF existant - c:\program files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll/AcroIEAppendSelLinks.html
IE: &Envoyer à OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Ajouter la page Web à un fichier PDF existant - c:\program files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll/AcroIEAppend.html
IE: Convertir la cible du lien au format Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll/AcroIECaptureSelLinks.html
IE: Convertir la page &Web au format Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll/AcroIECapture.html
IE: E&xporter vers Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
Trusted Zone: localhost
Trusted Zone: webcompanion.com
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\utilisateur\AppData\Roaming\Mozilla\Firefox\Profiles\x4na513e.default\
FF - prefs.js: browser.search.selectedEngine - Bing®
FF - prefs.js: browser.startup.homepage - hxxp://www.orange.fr/portail|http://www.journaux.fr/
.
- - - - ORPHELINS SUPPRIMES - - - -
.
Wow6432Node-HKLM-Run-
SafeBoot-MBAMService
.
.
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,21,f0,7f,25,5f,1b,5b,45,ac,72,7b,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,21,f0,7f,25,5f,1b,5b,45,ac,72,7b,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Autres processus actifs ------------------------
.
c:\program files (x86)\IObit\IObit Malware Fighter\IMFSrvWsc.exe
c:\program files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
c:\program files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
c:\users\utilisateur\AppData\Roaming\Orange\OrangeInside\OrangeInside.exe
c:\program files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
.
**************************************************************************
.
Heure de fin: 2018-01-07 20:33:41 - La machine a redémarré
ComboFix-quarantined-files.txt 2018-01-07 19:33
.
Avant-CF: 115 178 364 928 octets libres
Après-CF: 114 896 392 192 octets libres
.
- - End Of File - - 0C0F7B8C9D08D6E66C85BBFB64BC7B3E
A36C5E4F47E84449FF07ED3517B43A31