ComboFix 17-03-28.01 - Administrateur 04/04/2017 21:37:52.1.4 - x64 Microsoft Windows 7 Professionnel 6.1.7601.1.1252.33.1036.18.8126.5949 [GMT 2:00] Lancé depuis: c:\users\Administrateur\Desktop\ComboFix.exe AV: Avira Antivirus *Disabled/Updated* {B3F630BD-538D-1B4A-14FA-14B63235278F} SP: Avira Antivirus *Disabled/Updated* {0897D159-75B7-14C4-2E4A-2FC449B26D32} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((( Fichiers créés du 2017-03-04 au 2017-04-04 )))))))))))))))))))))))))))))))))))) . . 2017-04-04 19:42 . 2017-04-04 19:42 -------- d-----w- c:\users\LOUNA\AppData\Local\temp 2017-04-04 17:59 . 2017-04-04 17:59 512 ----a-w- C:\PhysicalMBR.bin 2017-04-04 17:18 . 2017-04-04 17:18 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{36E18030-E552-408F-B19B-79BD8E4F8C8C}\offreg.2984.dll 2017-04-04 06:17 . 2017-03-22 11:05 12774864 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{36E18030-E552-408F-B19B-79BD8E4F8C8C}\mpengine.dll 2017-04-02 18:15 . 2017-04-02 18:15 -------- d-----w- c:\users\Administrateur\AppData\Local\HUE 2017-04-02 17:14 . 2017-04-02 17:14 -------- d-----w- c:\users\Administrateur\AppData\Local\ZHP 2017-04-02 16:57 . 2017-04-02 16:57 -------- d-----w- C:\boot 2017-04-02 16:53 . 2017-04-02 16:53 -------- d-----w- c:\users\LOUNA\AppData\Roaming\HPPSDr 2017-04-02 16:14 . 2017-04-02 16:14 -------- d-----w- c:\users\LOUNA\AppData\Local\Skype 2017-04-02 16:08 . 2017-04-02 16:08 -------- d-----w- c:\programdata\HUE 2017-04-02 16:07 . 2017-04-02 16:07 -------- d-----w- c:\users\LOUNA\AppData\Local\HUE 2017-04-02 16:07 . 2017-04-02 16:07 -------- d-----w- c:\program files (x86)\HUE Intuition 2017-04-02 10:49 . 2017-04-02 10:48 320424 ----a-w- c:\windows\system32\javaws.exe 2017-04-02 10:49 . 2017-04-02 10:48 111016 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll 2017-04-02 10:49 . 2017-04-02 10:48 189352 ----a-w- c:\windows\system32\javaw.exe 2017-04-02 10:49 . 2017-04-02 10:48 189352 ----a-w- c:\windows\system32\java.exe 2017-04-02 10:48 . 2017-04-02 10:48 -------- d-----w- c:\program files\Java 2017-04-02 10:25 . 2017-04-02 10:25 -------- d-----w- c:\program files (x86)\WinDirStat 2017-04-01 13:43 . 2017-04-01 13:43 -------- d-----w- c:\users\LOUNA\AppData\Roaming\Atheros 2017-04-01 13:36 . 2017-04-02 15:16 -------- d-----w- C:\AdwCleaner 2017-04-01 13:31 . 2017-04-01 13:31 -------- d-----w- c:\users\Administrateur\AppData\Roaming\Avira 2017-04-01 13:28 . 2017-03-22 07:55 51248 ----a-w- c:\windows\system32\drivers\avusbflt.sys 2017-04-01 13:28 . 2017-03-22 07:55 78600 ----a-w- c:\windows\system32\drivers\avnetflt.sys 2017-04-01 13:28 . 2017-03-22 07:55 35328 ----a-w- c:\windows\system32\drivers\avkmgr.sys 2017-04-01 13:28 . 2017-03-22 07:55 176968 ----a-w- c:\windows\system32\drivers\avgntflt.sys 2017-04-01 13:28 . 2017-03-22 07:55 148104 ----a-w- c:\windows\system32\drivers\avipbb.sys 2017-04-01 13:21 . 2017-04-04 17:06 -------- d-----w- c:\users\Public\Speedup Sessions 2017-04-01 13:04 . 2017-04-01 13:04 -------- d-----w- c:\program files (x86)\Common Files\Telespree 2017-04-01 11:58 . 2017-04-01 13:43 -------- d-----w- c:\programdata\Atheros 2017-04-01 11:58 . 2017-04-01 11:58 -------- d-----w- c:\users\Administrateur\AppData\Roaming\Atheros 2017-04-01 11:24 . 2017-04-01 11:26 -------- d-----w- c:\program files\Common Files\QCA_Bluetooth 2017-04-01 11:24 . 2017-04-01 11:24 -------- d-----w- c:\program files (x86)\Bluetooth Suite 2017-03-26 18:25 . 2017-03-26 18:25 -------- d-----w- C:\CAT-Logs 2017-03-26 17:29 . 2017-03-26 17:29 -------- d-----w- c:\program files\CCleaner 2017-03-26 17:05 . 2017-04-01 12:44 -------- d-----w- c:\program files (x86)\ERUNT 2017-03-24 16:59 . 2017-04-02 19:22 -------- d-----w- c:\windows\system32\catroot2 2017-03-24 16:33 . 2017-03-24 16:33 -------- d-----w- c:\windows\SysWow64\wbem\Performance 2017-03-24 07:32 . 2017-03-24 07:32 -------- d-----w- c:\users\Default 2017-03-23 21:57 . 2017-03-23 21:57 -------- d-----w- c:\program files (x86)\Tweaking.com 2017-03-23 18:03 . 2017-04-02 18:49 -------- d-----w- c:\program files (x86)\ZHPFix 2017-03-22 14:32 . 2017-04-02 10:18 -------- d-----w- c:\program files (x86)\Avira 2017-03-22 13:32 . 2017-03-22 14:16 -------- d-----w- c:\users\LOUNA\AppData\Roaming\ZHP 2017-03-16 09:36 . 2015-07-11 13:15 429568 ----a-w- c:\windows\system32\wksprt.exe 2017-03-16 09:36 . 2015-07-16 19:12 6131200 ----a-w- c:\windows\SysWow64\mstscax.dll 2017-03-16 09:36 . 2015-07-16 19:11 7077376 ----a-w- c:\windows\system32\mstscax.dll 2017-03-16 09:36 . 2015-07-16 19:11 1057792 ----a-w- c:\windows\system32\rdvidcrl.dll 2017-03-16 09:36 . 2015-07-16 19:12 856064 ----a-w- c:\windows\SysWow64\rdvidcrl.dll 2017-03-16 09:36 . 2015-07-16 19:12 53248 ----a-w- c:\windows\SysWow64\tsgqec.dll 2017-03-16 09:36 . 2015-07-16 19:11 62976 ----a-w- c:\windows\system32\tsgqec.dll 2017-03-16 07:06 . 2014-12-11 17:47 87040 ----a-w- c:\windows\system32\TSWbPrxy.exe 2017-03-14 21:07 . 2017-03-14 21:07 -------- d-----w- c:\users\Administrateur\AppData\Roaming\Dropbox 2017-03-14 21:05 . 2017-03-23 17:15 -------- d-----w- c:\program files (x86)\Dropbox 2017-03-14 21:05 . 2017-03-14 21:09 -------- d-----w- c:\users\Administrateur\AppData\Local\Dropbox 2017-03-14 21:05 . 2017-03-14 21:05 -------- d-----w- c:\programdata\Dropbox 2017-03-14 19:27 . 2017-03-14 19:27 -------- d-----w- c:\users\Administrateur\AppData\Local\Skype 2017-03-14 19:27 . 2017-03-14 19:55 -------- d-----w- c:\users\Administrateur\AppData\Roaming\Skype 2017-03-14 19:27 . 2017-03-14 19:27 -------- d-----w- c:\program files (x86)\Common Files\Skype 2017-03-14 19:27 . 2017-03-14 19:27 -------- d-----r- c:\program files (x86)\Skype 2017-03-14 19:26 . 2013-10-02 04:51 3584 ----a-w- c:\windows\system32\drivers\fr-FR\tsusbflt.sys.mui 2017-03-14 19:26 . 2013-10-02 01:10 44544 ----a-w- c:\windows\system32\TsUsbGDCoInstaller.dll 2017-03-14 19:26 . 2013-10-02 02:22 56832 ----a-w- c:\windows\system32\drivers\TsUsbFlt.sys 2017-03-14 19:26 . 2013-10-02 02:11 13824 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyControl.exe 2017-03-14 19:26 . 2013-10-02 02:08 12800 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll 2017-03-14 19:26 . 2013-10-02 01:48 56832 ----a-w- c:\windows\system32\MsRdpWebAccess.dll 2017-03-14 19:26 . 2013-10-02 01:48 18944 ----a-w- c:\windows\system32\wksprtPS.dll 2017-03-14 19:26 . 2013-10-02 00:14 50176 ----a-w- c:\windows\SysWow64\MsRdpWebAccess.dll 2017-03-14 19:26 . 2013-10-02 00:14 17920 ----a-w- c:\windows\SysWow64\wksprtPS.dll 2017-03-14 19:26 . 2013-10-01 23:31 1147392 ----a-w- c:\windows\system32\mstsc.exe 2017-03-14 19:26 . 2013-10-01 22:34 1068544 ----a-w- c:\windows\SysWow64\mstsc.exe 2017-03-14 19:22 . 2015-08-05 17:56 22528 ----a-w- c:\windows\system32\icaapi.dll 2017-03-14 19:22 . 2015-08-05 17:06 39936 ----a-w- c:\windows\system32\drivers\tssecsrv.sys 2017-03-14 19:19 . 2015-12-16 18:53 7168 ----a-w- c:\windows\system32\kbdgeoqw.dll 2017-03-14 19:19 . 2015-12-16 18:53 7168 ----a-w- c:\windows\system32\KBDAZEL.DLL 2017-03-14 19:19 . 2015-12-16 18:53 7168 ----a-w- c:\windows\system32\KBDAZE.DLL 2017-03-14 19:19 . 2015-12-16 18:48 6656 ----a-w- c:\windows\SysWow64\kbdgeoqw.dll 2017-03-14 19:19 . 2015-12-16 18:48 6656 ----a-w- c:\windows\SysWow64\KBDAZEL.DLL 2017-03-14 18:56 . 2017-03-04 07:59 2895360 ----a-w- c:\windows\system32\iertutil.dll 2017-03-14 18:56 . 2017-03-04 07:51 34304 ----a-w- c:\windows\system32\iernonce.dll 2017-03-14 18:56 . 2017-03-02 18:01 47616 ----a-w- c:\windows\SysWow64\ieetwproxystub.dll 2017-03-14 18:54 . 2017-02-22 23:37 1285632 ----a-w- c:\windows\system32\aeinv.dll 2017-03-14 18:54 . 2017-02-18 14:05 1609216 ----a-w- c:\windows\system32\appraiser.dll 2017-03-14 18:54 . 2016-12-31 15:36 233984 ----a-w- c:\windows\system32\aepic.dll 2017-03-14 18:54 . 2017-02-22 23:42 84712 ----a-w- c:\windows\system32\CompatTelRunner.exe 2017-03-14 18:54 . 2017-02-18 14:05 646656 ----a-w- c:\windows\system32\generaltel.dll 2017-03-14 18:54 . 2016-12-31 15:36 335360 ----a-w- c:\windows\system32\invagent.dll 2017-03-14 18:54 . 2016-12-31 15:36 556544 ----a-w- c:\windows\system32\devinv.dll 2017-03-14 18:54 . 2016-12-31 15:36 293376 ----a-w- c:\windows\system32\centel.dll 2017-03-14 18:54 . 2016-12-31 15:36 133632 ----a-w- c:\windows\system32\acmigration.dll 2017-03-14 18:40 . 2017-03-14 18:40 -------- d-----w- c:\programdata\Intel 2017-03-14 18:36 . 2013-06-18 15:22 872152 ----a-w- c:\windows\system32\drivers\Rt64win7.sys 2017-03-14 18:36 . 2013-06-18 15:22 74456 ----a-w- c:\windows\system32\RtNicProp64.dll 2017-03-14 18:36 . 2017-03-14 18:36 -------- d-----w- c:\program files (x86)\Realtek 2017-03-14 18:17 . 2011-08-08 16:28 8192 ----a-w- c:\windows\system32\drivers\IntelMEFWVer.dll 2017-03-14 06:33 . 2017-03-14 06:33 -------- d-----w- c:\program files (x86)\Cisco 2017-03-14 06:33 . 2017-03-14 16:01 -------- d-----w- c:\program files (x86)\Qualcomm Atheros 2017-03-14 06:32 . 2017-03-14 06:34 -------- d-----w- c:\programdata\Qualcomm Atheros 2017-03-14 06:25 . 2017-03-14 06:26 -------- d-----w- c:\programdata\Recovery 2017-03-14 00:49 . 2017-03-14 00:49 -------- d-----w- c:\users\Administrateur\AppData\Local\ArcSoft 2017-03-13 22:43 . 2017-03-13 22:43 -------- d-----w- c:\users\LOUNA\AppData\Roaming\Notepad++ 2017-03-13 22:43 . 2017-03-23 15:26 -------- d-----w- c:\users\Administrateur\AppData\Roaming\Notepad++ 2017-03-13 22:43 . 2017-03-22 19:43 -------- d-----w- c:\program files\Notepad++ 2017-03-13 22:35 . 2017-03-13 22:37 -------- d-----r- c:\users\Administrateur\Dropbox 2017-03-13 18:49 . 2017-03-22 14:51 -------- d-----w- c:\programdata\AVAST Software 2017-03-13 18:09 . 2017-04-02 18:54 -------- d-----w- c:\users\Administrateur\AppData\Roaming\ZHP 2017-03-13 18:01 . 2017-04-01 10:37 -------- d-----w- c:\program files (x86)\Common Files\Atheros 2017-03-13 17:57 . 2017-03-13 17:57 -------- d-----w- c:\users\Administrateur\AppData\Roaming\WildTangent 2017-03-13 06:06 . 2017-03-13 17:41 -------- d-----w- c:\users\Administrateur\AppData\Local\Autodesk 2017-03-13 06:05 . 2017-03-13 06:11 -------- d-----w- c:\users\Administrateur\AppData\Roaming\Autodesk 2017-03-12 23:42 . 2017-04-04 17:08 -------- d-----w- c:\program files\Mozilla Firefox 2017-03-12 23:27 . 2017-03-12 23:27 -------- d-----w- c:\program files\7-Zip 2017-03-12 17:59 . 2017-04-02 10:18 -------- d-----w- c:\users\Administrateur\AppData\Local\Avira 2017-03-11 12:07 . 2017-04-01 13:42 -------- d-----w- c:\users\LOUNA\AppData\Local\Avira 2017-03-11 12:01 . 2017-04-01 13:28 -------- d-----w- c:\programdata\Avira 2017-03-10 23:17 . 2017-03-10 23:17 46408 ----a-w- c:\windows\system32\DbxSvc.exe 2017-03-10 23:17 . 2017-03-10 23:17 45672 ----a-w- c:\windows\system32\drivers\dbx-stable.sys 2017-03-10 23:17 . 2017-03-10 23:17 45672 ----a-w- c:\windows\system32\drivers\dbx-dev.sys 2017-03-10 23:17 . 2017-03-10 23:17 45672 ----a-w- c:\windows\system32\drivers\dbx-canary.sys . . . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2017-03-22 21:10 . 2012-09-01 05:57 802904 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2017-03-22 21:10 . 2012-09-01 05:57 144472 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2017-03-18 09:42 . 2012-11-20 14:17 138634176 -c--a-w- c:\windows\system32\MRT.exe 2017-02-09 16:14 . 2017-03-14 18:55 44032 ----a-w- c:\windows\apppatch\acwow64.dll . . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt01] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2017-03-21 18:01 236360 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.15.0.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt02] @="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}] 2017-03-21 18:01 236360 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.15.0.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt03] @="{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}] 2017-03-21 18:01 236360 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.15.0.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt04] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2017-03-21 18:01 236360 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.15.0.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt05] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2017-03-21 18:01 236360 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.15.0.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt06] @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}] 2017-03-21 18:01 236360 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.15.0.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt07] @="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}] 2017-03-21 18:01 236360 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.15.0.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt08] @="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}] 2017-03-21 18:01 236360 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.15.0.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt09] @="{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}] 2017-03-21 18:01 236360 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.15.0.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt10] @="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}] 2017-03-21 18:01 236360 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.15.0.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "HP Officejet 5740 series (NET)"="c:\program files\HP\HP Officejet 5740 series\Bin\ScanToPCActivationApp.exe" [2014-08-22 3483656] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "Avira System Speedup User Starter"="c:\program files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe" [2017-03-14 64648] "Avira SystrayStartTrigger"="c:\program files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe" [2017-03-09 63432] "avgnt"="c:\program files (x86)\Avira\Antivirus\avgnt.exe" [2017-03-22 909744] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "Autodesk Sync"="c:\program files\Autodesk\Autodesk Sync\AdSync.exe" [2014-05-01 1193352] "HP Officejet 5740 series (NET)"="c:\program files\HP\HP Officejet 5740 series\Bin\ScanToPCActivationApp.exe" [2014-08-22 3483656] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) "SoftwareSASGeneration"= 1 (0x1) "DisableCAD"= 1 (0x1) . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer] @="%Service%" . R1 jxolqqyx;jxolqqyx;c:\windows\system32\drivers\jxolqqyx.sys;c:\windows\SYSNATIVE\drivers\jxolqqyx.sys [x] R1 kvlauizi;kvlauizi;c:\windows\system32\drivers\kvlauizi.sys;c:\windows\SYSNATIVE\drivers\kvlauizi.sys [x] R1 mhsphwny;mhsphwny;c:\windows\system32\drivers\mhsphwny.sys;c:\windows\SYSNATIVE\drivers\mhsphwny.sys [x] R1 pbgncayg;pbgncayg;c:\windows\system32\drivers\pbgncayg.sys;c:\windows\SYSNATIVE\drivers\pbgncayg.sys [x] R2 AntiVirMailService;Avira Protection e-mail;c:\program files (x86)\Avira\Antivirus\avmailc7.exe;c:\program files (x86)\Avira\Antivirus\avmailc7.exe [x] R2 AntiVirWebService;Avira Protection Web;c:\program files (x86)\Avira\Antivirus\avwebg7.exe;c:\program files (x86)\Avira\Antivirus\avwebg7.exe [x] R2 AviraPhantomVPN;Avira Phantom VPN;c:\program files (x86)\Avira\VPN\Avira.VpnService.exe;c:\program files (x86)\Avira\VPN\Avira.VpnService.exe [x] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x] R2 SpeedupService;Avira System Speedup;c:\program files (x86)\Avira\System Speedup\Avira.SystemSpeedup.SpeedupService.exe;c:\program files (x86)\Avira\System Speedup\Avira.SystemSpeedup.SpeedupService.exe [x] R3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver;c:\windows\system32\DRIVERS\ArcSoftVCapture.sys;c:\windows\SYSNATIVE\DRIVERS\ArcSoftVCapture.sys [x] R3 ATHDFU;Qualcomm Atheros Valkyrie USB BootROM;c:\windows\system32\Drivers\AthDfu.sys;c:\windows\SYSNATIVE\Drivers\AthDfu.sys [x] R3 Autodesk Content Service;Autodesk Content Service;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [x] R3 dbupdatem;Service Mise à jour Dropbox (dbupdatem);c:\program files (x86)\Dropbox\Update\DropboxUpdate.exe;c:\program files (x86)\Dropbox\Update\DropboxUpdate.exe [x] R3 dbx;dbx;c:\windows\system32\DRIVERS\dbx.sys;c:\windows\SYSNATIVE\DRIVERS\dbx.sys [x] R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x] R3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x] R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x] R3 WSDScan;Prise en charge de la numérisation WSD via UMB;c:\windows\system32\DRIVERS\WSDScan.sys;c:\windows\SYSNATIVE\DRIVERS\WSDScan.sys [x] R4 dbupdate;Service Mise à jour Dropbox (dbupdate);c:\program files (x86)\Dropbox\Update\DropboxUpdate.exe;c:\program files (x86)\Dropbox\Update\DropboxUpdate.exe [x] R4 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x] R4 vcsFPService;Validity VCS Fingerprint Service;c:\windows\system32\vcsFPService.exe;c:\windows\SYSNATIVE\vcsFPService.exe [x] S0 avusbflt;avusbflt;c:\windows\System32\Drivers\avusbflt.sys;c:\windows\SYSNATIVE\Drivers\avusbflt.sys [x] S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x] S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x] S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe;c:\program files\IDT\WDM\AESTSr64.exe [x] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x] S2 AntiVirSchedulerService;Avira Planificateur;c:\program files (x86)\Avira\Antivirus\sched.exe;c:\program files (x86)\Avira\Antivirus\sched.exe [x] S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Bluetooth Suite\adminservice.exe [x] S2 Avira.ServiceHost;Avira Service Host;c:\program files (x86)\Avira\Launcher\Avira.ServiceHost.exe;c:\program files (x86)\Avira\Launcher\Avira.ServiceHost.exe [x] S2 avnetflt;avnetflt;c:\windows\system32\DRIVERS\avnetflt.sys;c:\windows\SYSNATIVE\DRIVERS\avnetflt.sys [x] S2 ClickToRunSvc;Service Démarrer en clic Microsoft Office;c:\program files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe;c:\program files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [x] S2 DbxSvc;DbxSvc;c:\windows\system32\DbxSvc.exe;c:\windows\SYSNATIVE\DbxSvc.exe [x] S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x] S2 DragonSvc;Dragon Service;c:\program files (x86)\Common Files\Nuance\dgnsvc.exe;c:\program files (x86)\Common Files\Nuance\dgnsvc.exe [x] S2 FlexNet Licensing Service 64;FlexNet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe [x] S2 HP Power Assistant Service;HP Power Assistant Service;c:\program files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe;c:\program files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [x] S2 hpCMSrv;HP Connection Manager 4 Service;c:\program files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe;c:\program files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [x] S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [x] S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe;c:\windows\SYSNATIVE\Hpservice.exe [x] S2 PdiService;Portrait Displays SDK Service;c:\program files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe;c:\program files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [x] S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x] S2 ZAtheros Bt and Wlan Coex Agent;ZAtheros Bt and Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [x] S3 AthBTPort;Qualcomm Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x] S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x] S3 btath_avdt;Qualcomm Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys;c:\windows\SYSNATIVE\drivers\btath_avdt.sys [x] S3 BTATH_BUS;Qualcomm Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys;c:\windows\SYSNATIVE\DRIVERS\btath_bus.sys [x] S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_hcrp.sys [x] S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x] S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_rcp.sys [x] S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x] S3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys;c:\windows\SYSNATIVE\DRIVERS\igdpmd64.sys [x] S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys;c:\windows\SYSNATIVE\DRIVERS\jmcr.sys [x] S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x] S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x] S3 SPUVCbv;SPUVCb Driver Service;c:\windows\system32\Drivers\SPUVCbv_x64.sys;c:\windows\SYSNATIVE\Drivers\SPUVCbv_x64.sys [x] . . --- Autres Services/Pilotes en mémoire --- . *NewlyCreated* - UGDOAUOG *Deregistered* - ugdoauog . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost] LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr QWAVE wcncsvc . Contenu du dossier 'Tâches planifiées' . 2017-04-04 c:\windows\Tasks\DropboxUpdateTaskMachineCore.job - c:\program files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-03-14 21:05] . 2017-04-04 c:\windows\Tasks\DropboxUpdateTaskMachineUA.job - c:\program files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-03-14 21:05] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt01] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2017-03-21 18:01 286024 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.15.0.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt02] @="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}] 2017-03-21 18:01 286024 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.15.0.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt03] @="{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}] 2017-03-21 18:01 286024 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.15.0.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt04] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2017-03-21 18:01 286024 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.15.0.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt05] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2017-03-21 18:01 286024 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.15.0.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt06] @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}] 2017-03-21 18:01 286024 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.15.0.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt07] @="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}] 2017-03-21 18:01 286024 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.15.0.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt08] @="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}] 2017-03-21 18:01 286024 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.15.0.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt09] @="{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}] 2017-03-21 18:01 286024 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.15.0.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt10] @="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}] 2017-03-21 18:01 286024 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.15.0.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco1] @="{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}" [HKEY_CLASSES_ROOT\CLSID\{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}] 2014-09-26 13:41 1021088 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco2] @="{853B7E05-C47D-4985-909A-D0DC5C6D7303}" [HKEY_CLASSES_ROOT\CLSID\{853B7E05-C47D-4985-909A-D0DC5C6D7303}] 2014-09-26 13:41 1021088 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco3] @="{42D38F2E-98E9-4382-B546-E24E4D6D04BB}" [HKEY_CLASSES_ROOT\CLSID\{42D38F2E-98E9-4382-B546-E24E4D6D04BB}] 2014-09-26 13:41 1021088 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)] @="{8BA85C75-763B-4103-94EB-9470F12FE0F7}" [HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}] 2017-01-31 12:34 2351920 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)] @="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}" [HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}] 2017-01-31 12:34 2351920 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)] @="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}" [HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}] 2017-01-31 12:34 2351920 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll . ------- Examen supplémentaire ------- . uLocal Page = c:\windows\system32\blank.htm mDefault_Search_URL = www.google.com mDefault_Page_URL = www.google.com mLocal Page = c:\windows\SysWOW64\blank.htm IE: &Envoyer à OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105 IE: E&xport to Microsoft Excel - c:\program files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000 IE: E&xporter vers Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - c:\program files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105 TCP: DhcpNameServer = 212.27.40.240 212.27.40.241 . - - - - ORPHELINS SUPPRIMES - - - - . Toolbar-10 - (no file) ShellIconOverlayIdentifiers-{F241C880-6982-4CE5-8CF7-7085BA96DA5A} - (no file) ShellIconOverlayIdentifiers-{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} - (no file) ShellIconOverlayIdentifiers-{BBACC218-34EA-4666-9D7A-C78F2274A524} - (no file) Wow6432Node-HKLM-Run- - (no file) HKLM_Wow6432Node-ActiveSetup-installed components - c:\program files (x86)\Crossbrowse\Crossbrowse\Application\39.6.2171.95\Installer\chrmstp.exe HKLM_Wow6432Node-ActiveSetup-{8A69D345-D564-463c-AFF1-A69D9E530F96} - c:\program files (x86)\Google\Chrome\Application\48.0.2564.116\Installer\chrmstp.exe Toolbar-10 - (no file) ShellIconOverlayIdentifiers-{F241C880-6982-4CE5-8CF7-7085BA96DA5A} - (no file) ShellIconOverlayIdentifiers-{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} - (no file) ShellIconOverlayIdentifiers-{BBACC218-34EA-4666-9D7A-C78F2274A524} - (no file) ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file) ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file) HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe . . . --------------------- CLES DE REGISTRE BLOQUEES --------------------- . [HKEY_USERS\S-1-5-21-2207968073-3903004646-4250870805-500\Software\Microsoft\Internet Explorer\Approved Extensions] @Denied: (2) (Administrator) . [HKEY_USERS\S-1-5-21-2207968073-3903004646-4250870805-500\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration] @Denied: (2) (Administrator) "Timestamp"=hex:0f,57,a0,cd,fa,b1,cd,01 . [HKEY_USERS\S-1-5-21-2207968073-3903004646-4250870805-500\Software\Microsoft\Internet Explorer\User Preferences] @Denied: (2) (Administrator) "88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,3d,5a,02,bb,ed,ad,15,4b,8f,bc,e2,\ "2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,3d,5a,02,bb,ed,ad,15,4b,8f,bc,e2,\ . [HKEY_USERS\S-1-5-21-2207968073-3903004646-4250870805-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice] @Denied: (2) (Administrator) "Progid"="FirefoxHTML" . [HKEY_USERS\S-1-5-21-2207968073-3903004646-4250870805-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice] @Denied: (2) (Administrator) "Progid"="FirefoxHTML" . [HKEY_USERS\S-1-5-21-2207968073-3903004646-4250870805-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ino\UserChoice] @Denied: (2) (Administrator) "Progid"="Arduino file" . [HKEY_USERS\S-1-5-21-2207968073-3903004646-4250870805-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice] @Denied: (2) (Administrator) "Progid"="FirefoxHTML" . [HKEY_USERS\S-1-5-21-2207968073-3903004646-4250870805-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice] @Denied: (2) (Administrator) "Progid"="FirefoxHTML" . [HKEY_USERS\S-1-5-21-2207968073-3903004646-4250870805-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice] @Denied: (2) (Administrator) "Progid"="FirefoxHTML" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_25_0_0_127_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32] @="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_25_0_0_127_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}] @Denied: (A 2) (Everyone) @="IFlashBroker6" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_25_0_0_127_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32] @="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_25_0_0_127_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_25_0_0_127.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.25" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_25_0_0_127.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_25_0_0_127.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_25_0_0_127.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}] @Denied: (A 2) (Everyone) @="IFlashBroker6" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\Microsoft\Environment*] "v5Licence0"="35-FA2Z-9AN2-V8NA-5BKD-GKEQ-7YKN4FW" "Activated"="N" . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] @Denied: (A) (Everyone) "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}" . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0] "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd" "Key"="ActionsPane3" . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0\Solutions\http://schemas.microsoft.com/office/smartdocuments/2003\0] "Key"="http://schemas.microsoft.com/office/smartdocuments/2003" . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0\Solutions\http://schemas.microsoft.com/office/smartdocuments/2003\0\{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}\Alias] "0"="Microsoft Actions Pane 3" . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Windows CE Services] "SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79, 00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\ . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Heure de fin: 2017-04-04 21:45:16 ComboFix-quarantined-files.txt 2017-04-04 19:45 . Avant-CF: 61 984 964 608 octets libres Après-CF: 62 053 122 048 octets libres . - - End Of File - - 94B68F0B6B50ED3131AA3D53CA2326B9 973E9BA32FDBB305C552ED3E1EBF0686