ComboFix 17-10-04.01 - CYRIL 10/10/2017   0:19.1.4 - x64
Microsoft Windows 7 Édition Intégrale   6.1.7601.1.1252.33.1036.18.4077.2375 [GMT 2:00]
Lancé depuis: c:\users\CYRIL\Desktop\ComboFix.exe
AV: Malwarebytes *Disabled/Updated* {23007AD3-69FE-687C-2629-D584AFFAF72B}
SP: Malwarebytes *Disabled/Updated* {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Autres suppressions   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\dir
c:\users\CYRIL\ZHPDiag3.exe
c:\windows\wininit.ini
H:\Autorun.inf
H:\install.exe
H:\Setup.exe
.
.
(((((((((((((((((((((((((((((   Fichiers créés du 2017-09-09 au 2017-10-09  ))))))))))))))))))))))))))))))))))))
.
.
2017-10-09 22:27 . 2017-10-09 22:27	--------	d-----w-	c:\users\NeroMediaHomeUser.4\AppData\Local\temp
2017-10-07 13:30 . 2017-10-08 14:23	--------	d-----w-	C:\FRST
2017-10-05 17:05 . 2017-10-05 18:43	--------	d-----w-	c:\users\CYRIL\AppData\Roaming\ZHP
2017-10-05 17:05 . 2017-10-05 18:16	--------	d-----w-	c:\users\CYRIL\AppData\Local\ZHP
2017-10-02 17:52 . 2017-10-07 17:39	77440	----a-w-	c:\windows\system32\drivers\mbae64.sys
2017-10-02 17:45 . 2017-10-02 17:45	--------	d-----w-	c:\program files\Common Files\AV
2017-10-02 17:27 . 2013-09-20 08:49	21040	----a-w-	c:\windows\system32\sdnclean64.exe
2017-09-19 17:12 . 2017-09-19 17:12	--------	d-----w-	c:\program files (x86)\Index Education
2017-09-16 01:51 . 2017-09-16 01:52	--------	d-----w-	c:\windows\rescache
.
.
.
((((((((((((((((((((((((((((((((((   Compte-rendu de Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))
.
2017-09-13 11:48 . 2013-09-21 11:01	803328	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2017-09-13 11:48 . 2013-09-21 11:01	144896	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2017-08-11 06:19 . 2017-09-13 11:56	44032	----a-w-	c:\windows\apppatch\acwow64.dll
2017-07-29 14:56 . 2017-08-25 17:53	117248	----a-w-	c:\windows\system32\drivers\tdx.sys
2017-07-21 14:26 . 2017-08-25 17:53	282624	----a-w-	c:\windows\SysWow64\mstext40.dll
2017-07-21 14:26 . 2017-08-25 17:53	518144	----a-w-	c:\windows\SysWow64\msjetoledb40.dll
2017-07-21 14:26 . 2017-08-25 17:53	290816	----a-w-	c:\windows\SysWow64\msjtes40.dll
2017-07-21 14:26 . 2017-08-25 17:53	409600	----a-w-	c:\windows\SysWow64\msexch40.dll
2017-07-14 15:29 . 2017-08-25 17:53	486400	----a-w-	c:\windows\system32\wer.dll
2017-07-14 15:29 . 2017-08-25 17:53	34304	----a-w-	c:\windows\system32\werdiagcontroller.dll
2017-07-14 15:29 . 2017-08-25 17:53	2319872	----a-w-	c:\windows\system32\tquery.dll
2017-07-14 15:29 . 2017-08-25 17:53	2058240	----a-w-	c:\windows\system32\Query.dll
2017-07-14 15:29 . 2017-08-25 17:53	778240	----a-w-	c:\windows\system32\mssvp.dll
2017-07-14 15:29 . 2017-08-25 17:53	2222080	----a-w-	c:\windows\system32\mssrch.dll
2017-07-14 15:29 . 2017-08-25 17:53	491520	----a-w-	c:\windows\system32\mssph.dll
2017-07-14 15:29 . 2017-08-25 17:53	99840	----a-w-	c:\windows\system32\mssprxy.dll
2017-07-14 15:29 . 2017-08-25 17:53	288256	----a-w-	c:\windows\system32\mssphtb.dll
2017-07-14 15:29 . 2017-08-25 17:53	115200	----a-w-	c:\windows\system32\mssitlb.dll
2017-07-14 15:29 . 2017-08-25 17:53	75264	----a-w-	c:\windows\system32\msscntrs.dll
2017-07-14 15:29 . 2017-08-25 17:53	14336	----a-w-	c:\windows\system32\msshooks.dll
2017-07-14 15:12 . 2017-08-25 17:53	591872	----a-w-	c:\windows\system32\SearchIndexer.exe
2017-07-14 15:12 . 2017-08-25 17:53	249856	----a-w-	c:\windows\system32\SearchProtocolHost.exe
2017-07-14 15:11 . 2017-08-25 17:53	113664	----a-w-	c:\windows\system32\SearchFilterHost.exe
2017-07-14 15:10 . 2017-08-25 17:53	382976	----a-w-	c:\windows\SysWow64\wer.dll
2017-07-14 15:10 . 2017-08-25 17:53	1549824	----a-w-	c:\windows\SysWow64\tquery.dll
2017-07-14 15:10 . 2017-08-25 17:53	1363968	----a-w-	c:\windows\SysWow64\Query.dll
2017-07-14 15:10 . 2017-08-25 17:53	1400320	----a-w-	c:\windows\SysWow64\mssrch.dll
2017-07-14 15:10 . 2017-08-25 17:53	666624	----a-w-	c:\windows\SysWow64\mssvp.dll
2017-07-14 15:10 . 2017-08-25 17:53	337408	----a-w-	c:\windows\SysWow64\mssph.dll
2017-07-14 15:10 . 2017-08-25 17:53	197120	----a-w-	c:\windows\SysWow64\mssphtb.dll
2017-07-14 15:10 . 2017-08-25 17:53	104448	----a-w-	c:\windows\SysWow64\mssitlb.dll
2017-07-14 15:10 . 2017-08-25 17:53	59392	----a-w-	c:\windows\SysWow64\msscntrs.dll
2017-07-14 15:10 . 2017-08-25 17:53	34816	----a-w-	c:\windows\SysWow64\mssprxy.dll
2017-07-14 15:00 . 2017-08-25 17:53	427520	----a-w-	c:\windows\SysWow64\SearchIndexer.exe
2017-07-14 15:00 . 2017-08-25 17:53	164352	----a-w-	c:\windows\SysWow64\SearchProtocolHost.exe
2017-07-14 14:59 . 2017-08-25 17:53	86528	----a-w-	c:\windows\SysWow64\SearchFilterHost.exe
2017-07-14 14:59 . 2017-08-25 17:53	9728	----a-w-	c:\windows\SysWow64\msshooks.dll
2017-07-14 14:57 . 2017-08-25 17:53	50688	----a-w-	c:\windows\system32\wermgr.exe
2017-07-14 14:50 . 2017-08-25 17:53	54272	----a-w-	c:\windows\SysWow64\wermgr.exe
2017-07-14 14:50 . 2017-08-25 17:53	28672	----a-w-	c:\windows\SysWow64\werdiagcontroller.dll
2014-03-07 09:03	3109520	--sha-r-	c:\windows\SysWOW64\avcodec-lav-55.dll
2014-03-07 09:03	98960	--sha-r-	c:\windows\SysWOW64\avfilter-lav-4.dll
2014-03-07 09:03	550032	--sha-r-	c:\windows\SysWOW64\avformat-lav-55.dll
2009-09-27 08:39	415744	--sh--w-	c:\windows\SysWOW64\avisynth.dll
2014-03-07 09:03	59536	--sha-r-	c:\windows\SysWOW64\avresample-lav-1.dll
2005-07-14 11:31	32256	--sh--w-	c:\windows\SysWOW64\AVSredirect.dll
2014-03-07 09:03	181392	--sha-r-	c:\windows\SysWOW64\avutil-lav-52.dll
2004-02-22 09:11	764416	--sh--w-	c:\windows\SysWOW64\devil.dll
2014-03-07 09:03	122512	--sha-r-	c:\windows\SysWOW64\HLaudio.dll
2014-03-07 09:03	203408	--sha-r-	c:\windows\SysWOW64\HLsplit.dll
2014-03-07 09:03	313520	--sha-r-	c:\windows\SysWOW64\HLvideo.dll
2004-01-24 23:00	70656	--sh--w-	c:\windows\SysWOW64\i420vfw.dll
2014-03-07 09:03	166544	--sha-r-	c:\windows\SysWOW64\IntelQuickSyncDecoder.dll
2014-03-07 09:03	109712	--sha-r-	c:\windows\SysWOW64\libbluray.dll
2011-02-11 08:26	112128	--sha-r-	c:\windows\SysWOW64\OptimFROG.dll
2014-03-07 09:03	118416	--sha-r-	c:\windows\SysWOW64\swscale-lav-2.dll
2010-01-06 22:00	107520	--sha-r-	c:\windows\SysWOW64\TAKDSDecoder.dll
2012-10-05 17:54	188416	--sha-r-	c:\windows\SysWOW64\winDCE32.dll
2004-01-24 23:00	70656	--sh--w-	c:\windows\SysWOW64\yv12vfw.dll
.
.
(((((((((((((((((((((((((((((((((   Points de chargement Reg   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\   DropboxExt01]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2017-05-01 14:39	230728	----a-w-	c:\program files (x86)\Dropbox\Client\DropboxExt.16.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\   DropboxExt02]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2017-05-01 14:39	230728	----a-w-	c:\program files (x86)\Dropbox\Client\DropboxExt.16.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\   DropboxExt03]
@="{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}]
2017-05-01 14:39	230728	----a-w-	c:\program files (x86)\Dropbox\Client\DropboxExt.16.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\   DropboxExt04]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2017-05-01 14:39	230728	----a-w-	c:\program files (x86)\Dropbox\Client\DropboxExt.16.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\   DropboxExt05]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2017-05-01 14:39	230728	----a-w-	c:\program files (x86)\Dropbox\Client\DropboxExt.16.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\   DropboxExt06]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2017-05-01 14:39	230728	----a-w-	c:\program files (x86)\Dropbox\Client\DropboxExt.16.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\   DropboxExt07]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2017-05-01 14:39	230728	----a-w-	c:\program files (x86)\Dropbox\Client\DropboxExt.16.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\   DropboxExt08]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2017-05-01 14:39	230728	----a-w-	c:\program files (x86)\Dropbox\Client\DropboxExt.16.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\   DropboxExt09]
@="{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}]
2017-05-01 14:39	230728	----a-w-	c:\program files (x86)\Dropbox\Client\DropboxExt.16.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\   DropboxExt10]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2017-05-01 14:39	230728	----a-w-	c:\program files (x86)\Dropbox\Client\DropboxExt.16.0.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"DAEMON Tools Lite"="d:\utilitaires\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
"HydraVisionDesktopManager"="c:\program files (x86)\ATI Technologies\HydraVision\HydraDM.exe" [2011-10-12 393216]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2015-12-08 8590760]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ASUS AiChargerPlus Execute"="c:\program files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe" [2010-11-08 465536]
"ASUSWebStorage"="c:\program files (x86)\ASUS\ASUS WebStorage\3.0.94.193\AsusWSPanel.exe" [2011-04-11 734544]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" [2013-10-25 766208]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2016-06-22 598552]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux9"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute	REG_MULTI_SZ   	autocheck autochk *\0\0sdnclean64.exe
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MBAMService;Malwarebytes Service;d:\utilitaires\Anti-Malware\mbamservice.exe;d:\utilitaires\Anti-Malware\mbamservice.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RTTEAMPT;Realtek Teaming Protocol Driver (NDIS 6.2);c:\windows\system32\DRIVERS\RtTeam60.sys;c:\windows\SYSNATIVE\DRIVERS\RtTeam60.sys [x]
R3 RTVLANPT;Realtek Vlan Protocol Driver (NDIS 6.2);c:\windows\system32\DRIVERS\RtVlan60.sys;c:\windows\SYSNATIVE\DRIVERS\RtVlan60.sys [x]
R3 TEAM;Realtek Virtual Miniport Driver for Teaming (NDIS 6.2);c:\windows\system32\DRIVERS\RtTeam60.sys;c:\windows\SYSNATIVE\DRIVERS\RtTeam60.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 VLAN;Realtek Virtual Miniport Driver for VLAN (NDIS 6.2);c:\windows\system32\DRIVERS\RtVLAN60.sys;c:\windows\SYSNATIVE\DRIVERS\RtVLAN60.sys [x]
R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 AiChargerPlus;ASUS Charger Plus Driver;c:\windows\system32\DRIVERS\AiChargerPlus.sys;c:\windows\SYSNATIVE\DRIVERS\AiChargerPlus.sys [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys;c:\windows\SYSNATIVE\Drivers\sptd.sys [x]
S1 AsUpIO;AsUpIO;SysWow64\drivers\AsUpIO.sys;SysWow64\drivers\AsUpIO.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 asComSvc;ASUS Com Service;c:\program files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe;c:\program files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe [x]
S2 asHmComSvc;ASUS HM Com Service;c:\program files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe;c:\program files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe [x]
S2 AsSysCtrlService;ASUS System Control Service;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [x]
S2 DbxSvc;DbxSvc;c:\windows\system32\DbxSvc.exe;c:\windows\SYSNATIVE\DbxSvc.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 MajIndexEducationService;Mise à jour automatique - Index Education;c:\program files (x86)\Index Education\Mise a jour automatique\ServiceMiseAJourIndex.exe;c:\program files (x86)\Index Education\Mise a jour automatique\ServiceMiseAJourIndex.exe [x]
S2 RtNdPt60;Realtek NDIS Protocol Driver;c:\windows\system32\DRIVERS\RtNdPt60.sys;c:\windows\SYSNATIVE\DRIVERS\RtNdPt60.sys [x]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys;c:\windows\SYSNATIVE\DRIVERS\asmthub3.sys [x]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys;c:\windows\SYSNATIVE\DRIVERS\asmtxhci.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 BCMH43XX;Broadcom 802.11 USB Network Adapter Driver;c:\windows\system32\DRIVERS\bcmwlhigh664.sys;c:\windows\SYSNATIVE\DRIVERS\bcmwlhigh664.sys [x]
S3 ICCWDT;Intel(R) Watchdog Timer Driver (Intel(R) WDT);c:\windows\system32\DRIVERS\ICCWDT.sys;c:\windows\SYSNATIVE\DRIVERS\ICCWDT.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation	REG_MULTI_SZ   	SSDPSRV upnphost SCardSvr QWAVE wcncsvc
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\   DropboxExt01]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2017-05-01 14:39	278344	----a-w-	c:\program files (x86)\Dropbox\Client\DropboxExt64.16.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\   DropboxExt02]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2017-05-01 14:39	278344	----a-w-	c:\program files (x86)\Dropbox\Client\DropboxExt64.16.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\   DropboxExt03]
@="{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}]
2017-05-01 14:39	278344	----a-w-	c:\program files (x86)\Dropbox\Client\DropboxExt64.16.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\   DropboxExt04]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2017-05-01 14:39	278344	----a-w-	c:\program files (x86)\Dropbox\Client\DropboxExt64.16.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\   DropboxExt05]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2017-05-01 14:39	278344	----a-w-	c:\program files (x86)\Dropbox\Client\DropboxExt64.16.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\   DropboxExt06]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2017-05-01 14:39	278344	----a-w-	c:\program files (x86)\Dropbox\Client\DropboxExt64.16.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\   DropboxExt07]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2017-05-01 14:39	278344	----a-w-	c:\program files (x86)\Dropbox\Client\DropboxExt64.16.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\   DropboxExt08]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2017-05-01 14:39	278344	----a-w-	c:\program files (x86)\Dropbox\Client\DropboxExt64.16.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\   DropboxExt09]
@="{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}]
2017-05-01 14:39	278344	----a-w-	c:\program files (x86)\Dropbox\Client\DropboxExt64.16.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\   DropboxExt10]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2017-05-01 14:39	278344	----a-w-	c:\program files (x86)\Dropbox\Client\DropboxExt64.16.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2011-04-11 03:35	220160	----a-w-	c:\program files (x86)\ASUS\ASUS WebStorage\3.0.94.193\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2011-04-11 03:35	220160	----a-w-	c:\program files (x86)\ASUS\ASUS WebStorage\3.0.94.193\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-06-28 11905128]
.
------- Examen supplémentaire -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com/
mStart Page = www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 89.2.0.1 89.2.0.2
.
- - - - ORPHELINS SUPPRIMES - - - -
.
Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
HKLM_Wow6432Node-ActiveSetup-{8A69D345-D564-463c-AFF1-A69D9E530F96} - c:\program files (x86)\Google\Chrome\Application\57.0.2987.133\Installer\chrmstp.exe
AddRemove-Turbopoker.fr - c:\users\CYRIL\AppData\Local\Turbopoker\internalLogicielTurboPokerUninstall1411646745896_cb5c2f_fr.exe
.
.
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_USERS\S-1-5-21-1259235147-3347209182-4082495589-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_27_0_0_130_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_27_0_0_130_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_27_0_0_130_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_27_0_0_130_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_27_0_0_130.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.27"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_27_0_0_130.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_27_0_0_130.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_27_0_0_130.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Heure de fin: 2017-10-10  00:30:41
ComboFix-quarantined-files.txt  2017-10-09 22:30
.
Avant-CF: 4 715 962 368 octets libres
Après-CF: 4 554 264 576 octets libres
.
- - End Of File - - 800251CB588F17F00BACB41F6A40106B
A36C5E4F47E84449FF07ED3517B43A31