ComboFix 17-09-14.01 - stef 02/10/2017  21:36:34.1.4 - x64
Microsoft Windows 7 Édition Familiale Premium   6.1.7601.1.1252.33.1036.18.5926.3227 [GMT 2:00]
Lancé depuis: c:\users\stef\Desktop\ComboFix.exe
AV: Kaspersky Anti-Virus *Enabled/Updated* {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
SP: Kaspersky Anti-Virus *Enabled/Updated* {3D579475-6DDE-A186-1569-44B9F9DE8725}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Autres suppressions   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\ntuser.pol
c:\users\stef\AppData\Local\1474131dsisetup14777351.exe
c:\users\stef\AppData\Local\1474131dsisetup14795292.exe
c:\windows\msdownld.tmp
c:\windows\SysWow64\ijl11.dll
c:\windows\SysWow64\Update.exe
c:\windows\TEMP\sqlite-3.7.151-amd64-sqlitejdbc.dll
.
.
(((((((((((((((((((((((((((((   Fichiers créés du 2017-09-03 au 2017-10-03  ))))))))))))))))))))))))))))))))))))
.
.
2017-10-02 17:28 . 2017-10-02 18:20	--------	d-----w-	c:\users\stef\AppData\Local\{12A8CCFE-3C33-4995-BAD8-074E4C5B22FD}
2017-10-02 17:27 . 2017-10-02 17:27	--------	d-----w-	c:\program files\Plumbytes Software
2017-09-26 18:02 . 2017-09-26 18:03	--------	d-----w-	C:\$WINDOWS.~BT
2017-09-25 19:14 . 2017-09-26 18:02	--------	d-----w-	C:\ESD
2017-09-25 19:13 . 2017-09-25 19:13	--------	d-----w-	C:\$Windows.~WS
2017-09-25 13:14 . 2017-09-25 17:02	--------	d-----w-	C:\FRST
2017-09-25 06:20 . 2017-09-25 12:22	--------	d-----w-	c:\users\stef\AppData\Roaming\ZHP
2017-09-25 06:20 . 2017-09-25 09:22	--------	d-----w-	c:\users\stef\AppData\Local\ZHP
2017-09-03 13:24 . 2017-09-03 13:24	--------	d-----w-	c:\program files\Mozilla Firefox
2017-09-03 06:37 . 2013-05-06 06:13	110176	----a-w-	c:\windows\system32\klfphc.dll
2017-09-03 06:36 . 2017-10-03 03:53	--------	d-----w-	c:\programdata\Kaspersky Lab
2017-09-03 06:36 . 2017-09-03 08:23	--------	d-----w-	c:\program files (x86)\Kaspersky Lab
2017-09-03 06:36 . 2017-09-03 06:40	206048	----a-w-	c:\windows\system32\drivers\klflt.sys
2017-09-03 06:36 . 2017-09-03 06:40	1071328	----a-w-	c:\windows\system32\drivers\klif.sys
2017-09-03 06:36 . 2017-09-03 06:36	317424	----a-w-	c:\windows\system32\drivers\klhk.sys
2017-09-03 06:36 . 2017-09-03 06:36	149584	----a-w-	c:\windows\system32\klhkum.dll
.
.
.
((((((((((((((((((((((((((((((((((   Compte-rendu de Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))
.
2017-09-23 13:55 . 2015-09-20 10:44	803328	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2017-09-23 13:55 . 2015-09-20 10:44	144896	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2017-09-23 13:55 . 2017-08-24 18:05	6476800	----a-w-	c:\windows\SysWow64\FlashPlayerInstaller.exe
2017-09-03 07:05 . 2014-04-20 12:20	136408	----a-w-	c:\windows\system32\drivers\MBAMSwissArmy.sys
2017-09-02 20:42 . 2017-09-02 20:42	719521	----a-w-	c:\windows\unins000.exe
2017-09-02 13:55 . 2017-09-02 13:55	75888	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{FD962E87-4C6F-4B38-A9BA-A4ABB45A47DE}\offreg.4520.dll
.
.
(((((((((((((((((((((((((((((((((   Points de chargement Reg   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\   DropboxExt01]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2017-09-20 16:36	285000	----a-w-	c:\users\stef\AppData\Roaming\Dropbox\bin\DropboxExt.18.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\   DropboxExt02]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2017-09-20 16:36	285000	----a-w-	c:\users\stef\AppData\Roaming\Dropbox\bin\DropboxExt.18.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\   DropboxExt03]
@="{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}]
2017-09-20 16:36	285000	----a-w-	c:\users\stef\AppData\Roaming\Dropbox\bin\DropboxExt.18.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\   DropboxExt04]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2017-09-20 16:36	285000	----a-w-	c:\users\stef\AppData\Roaming\Dropbox\bin\DropboxExt.18.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\   DropboxExt05]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2017-09-20 16:36	285000	----a-w-	c:\users\stef\AppData\Roaming\Dropbox\bin\DropboxExt.18.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\   DropboxExt06]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2017-09-20 16:36	285000	----a-w-	c:\users\stef\AppData\Roaming\Dropbox\bin\DropboxExt.18.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\   DropboxExt07]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2017-09-20 16:36	285000	----a-w-	c:\users\stef\AppData\Roaming\Dropbox\bin\DropboxExt.18.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\   DropboxExt08]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2017-09-20 16:36	285000	----a-w-	c:\users\stef\AppData\Roaming\Dropbox\bin\DropboxExt.18.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\   DropboxExt09]
@="{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}]
2017-09-20 16:36	285000	----a-w-	c:\users\stef\AppData\Roaming\Dropbox\bin\DropboxExt.18.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\   DropboxExt10]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2017-09-20 16:36	285000	----a-w-	c:\users\stef\AppData\Roaming\Dropbox\bin\DropboxExt.18.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\   DropboxExt01]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2017-09-20 16:36	285000	----a-w-	c:\users\stef\AppData\Roaming\Dropbox\bin\DropboxExt.18.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\   DropboxExt05]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2017-09-20 16:36	285000	----a-w-	c:\users\stef\AppData\Roaming\Dropbox\bin\DropboxExt.18.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\   DropboxExt07]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2017-09-20 16:36	285000	----a-w-	c:\users\stef\AppData\Roaming\Dropbox\bin\DropboxExt.18.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\   DropboxExt10]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2017-09-20 16:36	285000	----a-w-	c:\users\stef\AppData\Roaming\Dropbox\bin\DropboxExt.18.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\   DropboxExt04]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2017-09-20 16:36	285000	----a-w-	c:\users\stef\AppData\Roaming\Dropbox\bin\DropboxExt.18.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\   DropboxExt02]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2017-09-20 16:36	285000	----a-w-	c:\users\stef\AppData\Roaming\Dropbox\bin\DropboxExt.18.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\   DropboxExt06]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2017-09-20 16:36	285000	----a-w-	c:\users\stef\AppData\Roaming\Dropbox\bin\DropboxExt.18.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\   DropboxExt08]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2017-09-20 16:36	285000	----a-w-	c:\users\stef\AppData\Roaming\Dropbox\bin\DropboxExt.18.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"midi2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\cmwf.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\cmwr.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R2 WsAppService;Wondershare Application Framework Service;c:\program files (x86)\Wondershare\WAF\2.4.2.223\WsAppService.exe;c:\program files (x86)\Wondershare\WAF\2.4.2.223\WsAppService.exe [x]
R2 WsDrvInst;Wondershare Driver Install Service;c:\program files (x86)\Wondershare\Dr.Fone pour Android\Library\DriverInstaller\DriverInstall.exe;c:\program files (x86)\Wondershare\Dr.Fone pour Android\Library\DriverInstaller\DriverInstall.exe [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\3.11.163\McCHSvc.exe;c:\program files\McAfee Security Scan\3.11.163\McCHSvc.exe [x]
R3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 AllShare Framework DMS;AllShare Framework DMS;c:\program files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe;c:\program files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe [x]
R4 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Bluetooth Suite\adminservice.exe [x]
R4 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
R4 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
R4 ZAtheros Bt&Wlan Coex Agent;ZAtheros Bt&Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [x]
S0 cm_km;AO Kaspersky Lab Cryptographic Module x64 (56 bit);c:\windows\system32\DRIVERS\cm_km.sys;c:\windows\SYSNATIVE\DRIVERS\cm_km.sys [x]
S0 klbackupdisk;Kaspersky Lab klbackupdisk;c:\windows\system32\DRIVERS\klbackupdisk.sys;c:\windows\SYSNATIVE\DRIVERS\klbackupdisk.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S1 cmwf;cmwf service;c:\windows\system32\Drivers\cmwf.sys;c:\windows\SYSNATIVE\Drivers\cmwf.sys [x]
S1 cmwr;cmwr service;c:\windows\system32\Drivers\cmwr.sys;c:\windows\SYSNATIVE\Drivers\cmwr.sys [x]
S1 klbackupflt;Kaspersky Lab klbackupflt;c:\windows\system32\DRIVERS\klbackupflt.sys;c:\windows\SYSNATIVE\DRIVERS\klbackupflt.sys [x]
S1 klhk;Kaspersky Lab service driver;c:\windows\system32\DRIVERS\klhk.sys;c:\windows\SYSNATIVE\DRIVERS\klhk.sys [x]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys;c:\windows\SYSNATIVE\DRIVERS\klim6.sys [x]
S1 klpd;Kaspersky Lab format recognizer driver;c:\windows\system32\DRIVERS\klpd.sys;c:\windows\SYSNATIVE\DRIVERS\klpd.sys [x]
S1 kltdi;kltdi;c:\windows\system32\DRIVERS\kltdi.sys;c:\windows\SYSNATIVE\DRIVERS\kltdi.sys [x]
S1 Klwtp;KLwtp - WFP callout traffic inspector;c:\windows\system32\DRIVERS\klwtp.sys;c:\windows\SYSNATIVE\DRIVERS\klwtp.sys [x]
S1 kneps;kneps;c:\windows\system32\DRIVERS\kneps.sys;c:\windows\SYSNATIVE\DRIVERS\kneps.sys [x]
S1 SABI;SAMSUNG Kernel Driver For Windows 7;c:\windows\system32\Drivers\SABI.sys;c:\windows\SYSNATIVE\Drivers\SABI.sys [x]
S2 AVP18.0.0;Kaspersky Anti-Virus Service 18.0.0;c:\program files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 18.0.0\avp.exe;c:\program files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 18.0.0\avp.exe [x]
S2 ColorMedia;ColorMedia;c:\programdata\PicColor Utility\ColorMedia.exe;c:\programdata\PicColor Utility\ColorMedia.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 DragonSvc;Dragon Service;c:\program files (x86)\Common Files\Nuance\dgnsvc.exe;c:\program files (x86)\Common Files\Nuance\dgnsvc.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 kldisk;kldisk;c:\windows\system32\DRIVERS\kldisk.sys;c:\windows\SYSNATIVE\DRIVERS\kldisk.sys [x]
S2 pbamw_service;AMW Service;c:\program files\Plumbytes Software\Plumbytes Anti-Malware\AmwService.exe run;c:\program files\Plumbytes Software\Plumbytes Anti-Malware\AmwService.exe run [x]
S2 Samsung Link Service;Samsung Link Service;c:\program files\Samsung\Samsung Link\Samsung Link.exe;c:\program files\Samsung\Samsung Link\Samsung Link.exe [x]
S2 SamsungDeviceConfigurationWinService;SamsungDeviceConfiguration;c:\program files (x86)\Samsung\Easy Settings\SamsungDeviceConfiguration.exe;c:\program files (x86)\Samsung\Easy Settings\SamsungDeviceConfiguration.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
S3 btath_avdt;Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys;c:\windows\SYSNATIVE\drivers\btath_avdt.sys [x]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys;c:\windows\SYSNATIVE\DRIVERS\btath_bus.sys [x]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_hcrp.sys [x]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_rcp.sys [x]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 klflt;Kaspersky Lab Kernel DLL;c:\windows\system32\DRIVERS\klflt.sys;c:\windows\SYSNATIVE\DRIVERS\klflt.sys [x]
S3 klkbdflt;Kaspersky Lab KLKBDFLT;c:\windows\system32\DRIVERS\klkbdflt.sys;c:\windows\SYSNATIVE\DRIVERS\klkbdflt.sys [x]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys;c:\windows\SYSNATIVE\DRIVERS\klmouflt.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation	REG_MULTI_SZ   	SSDPSRV upnphost SCardSvr QWAVE wcncsvc
.
Contenu du dossier 'Tâches planifiées'
.
2017-10-03 c:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
- c:\program files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25 04:41]
.
2017-10-02 c:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
- c:\program files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25 04:41]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0E2877D3-2641-4970-B794-A553E295428D}]
2017-09-03 06:37	1429352	----a-w-	c:\program files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 18.0.0\x64\ieext\ie_plugin.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{4853DF44-7D6B-48E9-9258-D800EEE54AF6}"= "c:\program files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 18.0.0\x64\IEExt\ie_plugin.dll" [2017-09-03 1429352]
.
[HKEY_CLASSES_ROOT\CLSID\{4853DF44-7D6B-48E9-9258-D800EEE54AF6}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\   DropboxExt01]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2017-09-20 16:36	333128	----a-w-	c:\users\stef\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\   DropboxExt02]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2017-09-20 16:36	333128	----a-w-	c:\users\stef\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\   DropboxExt03]
@="{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}]
2017-09-20 16:36	333128	----a-w-	c:\users\stef\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\   DropboxExt04]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2017-09-20 16:36	333128	----a-w-	c:\users\stef\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\   DropboxExt05]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2017-09-20 16:36	333128	----a-w-	c:\users\stef\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\   DropboxExt06]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2017-09-20 16:36	333128	----a-w-	c:\users\stef\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\   DropboxExt07]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2017-09-20 16:36	333128	----a-w-	c:\users\stef\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\   DropboxExt08]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2017-09-20 16:36	333128	----a-w-	c:\users\stef\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\   DropboxExt09]
@="{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}]
2017-09-20 16:36	333128	----a-w-	c:\users\stef\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\   DropboxExt10]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2017-09-20 16:36	333128	----a-w-	c:\users\stef\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Plumbytes Anti-Malware"="c:\program files\Plumbytes Software\Plumbytes Anti-Malware\Plumbytes.exe" [2017-09-28 1928944]
.
------- Examen supplémentaire -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com/
mLocal Page = c:\windows\SYSTEM32\blank.htm
mDefault_Page_URL = hxxp://www.google.com
LSP: c:\windows\system32\ColorMedia.dll
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\stef\AppData\Roaming\Mozilla\Firefox\Profiles\6611e1r9.default-1448355657722\
FF - prefs.js: browser.startup.homepage - hxxps://wwww.google.fr
.
- - - - ORPHELINS SUPPRIMES - - - -
.
Toolbar-Locked - (no file)
HKLM_Wow6432Node-ActiveSetup-installed components - c:\program files (x86)\Crossbrowse\Crossbrowse\Application\39.6.2171.95\Installer\chrmstp.exe
HKLM_Wow6432Node-ActiveSetup-{8A69D345-D564-463c-AFF1-A69D9E530F96} - c:\program files (x86)\Google\Chrome\Application\57.0.2987.133\Installer\chrmstp.exe
Toolbar-Locked - (no file)
.
.
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Autres processus actifs ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\CyberLink\Shared files\RichVideo.exe
c:\program files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 18.0.0\avpui.exe
c:\program files (x86)\CyberLink\YouCam\YCMMirage.exe
c:\program files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe
c:\program files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
.
**************************************************************************
.
Heure de fin: 2017-10-03  06:04:43 - La machine a redémarré
ComboFix-quarantined-files.txt  2017-10-03 04:04
.
Avant-CF: 582 969 954 304 octets libres
Après-CF: 581 777 272 832 octets libres
.
- - End Of File - - 541845983EE3A9E767DB17180042367F