ComboFix 17-12-11.01 - utilisateur 07/01/2018 20:22:32.1.8 - x64 Microsoft Windows 7 Édition Familiale Premium 6.1.7601.1.1252.33.1036.18.12269.8959 [GMT 1:00] Lancé depuis: c:\users\utilisateur\Desktop\ComboFix.exe AV: IObit Malware Fighter *Enabled/Updated* {2C1A27ED-EADF-56B0-8FBA-D38AFF9152A2} AV: Suite de Sécurité Orange *Disabled/Updated* {86367591-4BE4-AE08-2FD9-7FCB8259CD98} FW: Suite de Sécurité Orange *Disabled* {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3} SP: IObit Malware Fighter *Enabled/Updated* {977BC609-CCE5-593E-B50A-E8F88416181F} SP: Suite de Sécurité Orange *Disabled/Updated* {3D579475-6DDE-A186-1569-44B9F9DE8725} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . . C:\Tiem.txt c:\windows\wininit.ini . . ((((((((((((((((((((((((((((((((((((((( Pilotes/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------\Legacy_NPF -------\Service_AdobeUpdateService . . ((((((((((((((((((((((((((((( Fichiers créés du 2017-12-07 au 2018-01-07 )))))))))))))))))))))))))))))))))))) . . 2018-01-07 19:31 . 2018-01-07 19:31 7712 ----a-w- c:\windows\system32\drivers\xiynqintg.sys 2018-01-06 17:44 . 2018-01-06 17:44 -------- d-----w- c:\users\utilisateur\AppData\Local\Lavasoft 2018-01-06 17:44 . 2018-01-06 17:44 -------- d-----w- c:\users\utilisateur\AppData\Roaming\Lavasoft 2018-01-06 17:44 . 2018-01-06 17:44 -------- d-----w- c:\program files (x86)\Lavasoft 2018-01-06 17:44 . 2018-01-06 17:44 -------- d-----w- c:\programdata\Lavasoft 2018-01-05 17:45 . 2018-01-05 17:45 -------- d-----w- c:\program files (x86)\Common Files\Borland Shared 2018-01-05 17:45 . 1999-11-12 04:11 183808 ----a-w- c:\windows\SysWow64\BDEADMIN.CPL 2018-01-05 17:45 . 1999-01-20 04:01 210032 ----a-w- c:\windows\SysWow64\DBCLIENT.DLL 2018-01-05 15:42 . 2018-01-05 15:42 7712 ----a-w- c:\windows\system32\drivers\zbngraucl.sys 2018-01-05 15:42 . 2018-01-05 15:42 142760 ----a-w- c:\windows\system32\drivers\xpfzzrfux.sys 2018-01-05 12:21 . 2018-01-05 12:21 142760 ----a-w- c:\windows\system32\drivers\wlvmgwbgn.sys 2018-01-02 16:24 . 2018-01-02 16:24 -------- d-----w- c:\users\utilisateur\AppData\Roaming\4Free 2018-01-02 16:17 . 2018-01-02 16:17 -------- d-----w- c:\users\utilisateur\.fontconfig 2018-01-02 16:16 . 2018-01-02 16:16 -------- d-----w- c:\programdata\Movavi 2018-01-02 16:16 . 2018-01-02 16:16 -------- d-----w- c:\programdata\Movavi Video Converter 18 2018-01-02 16:09 . 2018-01-02 16:10 -------- d-----w- c:\users\utilisateur\AppData\Roaming\Apowersoft 2018-01-02 15:45 . 2018-01-02 15:45 -------- d-----w- c:\programdata\DigitalWave.ApplicationUpdater_files 2018-01-02 15:44 . 2018-01-02 15:44 -------- d-----w- c:\program files (x86)\FreeCodecPack 2018-01-02 15:44 . 2018-01-02 16:13 -------- d-----w- c:\program files (x86)\Common Files\DVDVideoSoft 2018-01-02 15:44 . 2018-01-02 16:13 -------- d-----w- c:\users\utilisateur\AppData\Roaming\DVDVideoSoft 2018-01-02 15:17 . 2018-01-05 12:21 -------- d-----w- c:\program files (x86)\DVD Flick 2018-01-02 15:17 . 2013-10-03 16:02 40960 ----a-w- c:\windows\SysWow64\ssubtmr6.dll 2018-01-02 15:17 . 2013-10-03 16:02 36864 ----a-w- c:\windows\SysWow64\trayicon_handler.ocx 2018-01-02 14:30 . 2018-01-02 14:30 -------- d-----w- c:\users\utilisateur\AppData\Local\FreemakeVideoConverter 2017-12-27 15:00 . 2017-12-27 15:00 -------- d-----w- c:\users\utilisateur\AppData\Local\gtk-3.0 2017-12-27 15:00 . 2017-12-27 15:00 -------- d-----w- c:\users\utilisateur\AppData\Local\RawTherapee 2017-12-27 14:58 . 2017-12-27 14:58 -------- d-----w- c:\program files\RawTherapee 2017-12-27 14:21 . 2017-12-27 14:21 -------- d-----w- c:\users\utilisateur\AppData\Roaming\hugin 2017-12-27 14:19 . 2017-12-27 14:19 -------- d-----w- c:\program files\Hugin 2017-12-27 10:50 . 2017-12-27 10:50 -------- d-----w- c:\program files\Google 2017-12-22 15:25 . 2018-01-05 16:44 -------- d-----w- c:\users\utilisateur\AppData\Roaming\MPC-HC 2017-12-20 15:18 . 2017-12-20 15:18 -------- d-----w- c:\users\utilisateur\AppData\Local\TumblRipper 2017-12-20 15:13 . 2017-12-20 15:13 -------- d-----w- c:\program files (x86)\TumblRipper 2017-12-20 12:44 . 2017-12-20 12:44 -------- d-----w- c:\users\utilisateur\AppData\Roaming\Intertel 2017-12-20 12:44 . 2017-12-20 15:18 -------- d-----w- c:\users\utilisateur\AppData\Local\SquirrelTemp . . . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2018-01-05 19:21 . 2017-10-11 10:28 133326408 -c--a-w- c:\windows\system32\MRT-KB890830.exe 2018-01-05 19:21 . 2016-04-01 09:25 133326408 -c--a-w- c:\windows\system32\MRT.exe 2018-01-05 15:20 . 2017-08-03 13:59 22096064 ----a-w- c:\windows\system32\nvwgf2umx.dll 2018-01-05 15:20 . 2017-08-03 13:59 492232 ----a-w- c:\windows\system32\nvumdshimx.dll 2018-01-05 15:20 . 2017-08-03 13:58 18207576 ----a-w- c:\windows\system32\nvd3dumx.dll 2018-01-05 15:20 . 2017-08-03 13:58 15027984 ----a-w- c:\windows\SysWow64\nvd3dum.dll 2018-01-05 15:20 . 2017-08-03 13:57 4284680 ----a-w- c:\windows\system32\nvapi64.dll 2018-01-05 15:20 . 2017-08-03 13:57 3798848 ----a-w- c:\windows\SysWow64\nvapi.dll 2017-12-13 13:29 . 2016-08-05 18:57 803328 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2017-12-13 13:29 . 2016-08-05 18:57 144896 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2017-12-07 07:50 . 2017-12-07 07:50 142760 ----a-w- c:\windows\system32\drivers\daqpvbzve.sys 2017-12-03 18:00 . 2017-12-03 18:00 142760 ----a-w- c:\windows\system32\drivers\ixuktsmfq.sys 2017-11-25 06:37 . 2017-11-25 06:37 142760 ----a-w- c:\windows\system32\drivers\jagzrfhyv.sys 2017-11-23 14:12 . 2017-11-23 14:12 1989056 ----a-w- c:\windows\system32\nvdispco6438813.dll 2017-11-23 14:12 . 2017-11-23 14:12 1673848 ----a-w- c:\windows\system32\nvdispgenco6438813.dll 2017-11-23 14:11 . 2017-11-23 14:11 122848 ----a-w- c:\windows\system32\RtNicProp64.dll 2017-11-23 14:11 . 2017-11-23 14:11 1077216 ----a-w- c:\windows\system32\drivers\Rt64win7.sys 2017-11-23 14:11 . 2016-04-01 09:08 118816 ----a-w- c:\windows\system32\RTNUninst64.dll 2017-11-22 11:10 . 2017-11-22 11:10 142760 ----a-w- c:\windows\system32\drivers\srloxpfov.sys 2017-11-16 01:41 . 2016-09-25 11:53 2404800 ----a-w- c:\windows\system32\nvspcap64.dll 2017-11-16 01:41 . 2016-09-25 11:53 2070976 ----a-w- c:\windows\SysWow64\nvspcap.dll 2017-11-16 01:41 . 2016-09-25 11:53 1309120 ----a-w- c:\windows\system32\NvRtmpStreamer64.dll 2017-11-16 01:41 . 2017-11-24 08:42 57792 ----a-w- c:\windows\system32\drivers\nvvhci.sys 2017-11-16 01:41 . 2017-11-24 08:42 50624 ----a-w- c:\windows\system32\drivers\nvvad64v.sys 2017-11-16 01:41 . 2017-06-30 15:26 186304 ----a-w- c:\windows\system32\nvaudcap64v.dll 2017-11-16 01:41 . 2017-06-30 15:26 152512 ----a-w- c:\windows\SysWow64\nvaudcap32v.dll 2017-11-16 00:53 . 2017-01-12 08:54 1951 ----a-w- c:\windows\NvTelemetryContainerRecovery.bat 2017-11-15 16:18 . 2017-11-15 16:18 1988216 ----a-w- c:\windows\system32\nvdispco6438792.dll 2017-11-15 16:18 . 2017-11-15 16:18 1606776 ----a-w- c:\windows\system32\nvdispgenco6438792.dll 2017-11-15 16:17 . 2017-11-15 16:17 54680 ----a-w- c:\windows\system32\nvhdap64.dll 2017-11-15 16:17 . 2017-11-15 16:17 227408 ----a-w- c:\windows\system32\drivers\nvhda64v.sys 2017-11-15 16:17 . 2017-08-03 14:00 1624144 ----a-w- c:\windows\system32\nvhdagenco6420103.dll 2017-11-15 14:04 . 2017-11-15 14:04 142760 ----a-w- c:\windows\system32\drivers\zklwuyryk.sys 2017-11-09 16:47 . 2016-09-25 11:53 1951 ----a-w- c:\windows\NvContainerRecovery.bat 2017-11-06 12:55 . 2017-11-06 12:55 142760 ----a-w- c:\windows\system32\drivers\qnqudusnw.sys 2017-11-03 12:50 . 2017-11-03 12:50 142760 ----a-w- c:\windows\system32\drivers\bpynalwdb.sys 2017-11-02 10:05 . 2017-11-02 10:05 142760 ----a-w- c:\windows\system32\drivers\uaiohlsvv.sys 2017-10-23 15:11 . 2017-10-23 15:11 1988216 ----a-w- c:\windows\system32\nvdispco6438569.dll 2017-10-23 15:11 . 2017-10-23 15:11 1606592 ----a-w- c:\windows\system32\nvdispgenco6438569.dll 2017-10-18 07:31 . 2017-11-15 11:04 395976 ----a-w- c:\windows\system32\iedkcs32.dll 2017-10-18 02:34 . 2017-11-15 11:03 134376 ----a-w- c:\windows\system32\CompatTelRunner.exe 2017-10-18 02:30 . 2017-11-15 11:03 605184 ----a-w- c:\windows\system32\aeinv.dll 2017-10-18 02:06 . 2017-11-15 11:04 344064 ----a-w- c:\windows\system32\drivers\usbhub.sys 2017-10-18 02:06 . 2017-11-15 11:04 99840 ----a-w- c:\windows\system32\drivers\usbccgp.sys 2017-10-18 02:06 . 2017-11-15 11:04 56320 ----a-w- c:\windows\system32\drivers\usbehci.sys 2017-10-18 02:06 . 2017-11-15 11:04 327168 ----a-w- c:\windows\system32\drivers\usbport.sys 2017-10-18 02:06 . 2017-11-15 11:04 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys 2017-10-18 02:06 . 2017-11-15 11:04 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys 2017-10-18 02:06 . 2017-11-15 11:04 7808 ----a-w- c:\windows\system32\drivers\usbd.sys 2017-10-16 23:07 . 2017-11-15 11:04 1680616 ----a-w- c:\windows\system32\drivers\ntfs.sys 2017-10-16 22:34 . 2017-11-15 11:04 3222528 ----a-w- c:\windows\system32\win32k.sys 2017-10-16 21:55 . 2017-11-15 11:04 339968 ----a-w- c:\windows\SysWow64\msexcl40.dll 2017-10-15 22:04 . 2017-11-15 11:03 407392 ----a-w- c:\windows\system32\centel.dll 2017-10-14 09:50 . 2016-07-05 15:49 1011192 ----a-w- c:\windows\system32\drivers\klif.sys 2017-10-14 09:50 . 2016-07-05 15:49 279544 ----a-w- c:\windows\system32\drivers\klhk.sys 2017-10-14 09:50 . 2015-12-11 16:28 186360 ----a-w- c:\windows\system32\drivers\klflt.sys 2017-10-14 08:38 . 2017-11-15 11:04 25731584 ----a-w- c:\windows\system32\mshtml.dll 2017-10-14 08:23 . 2017-11-15 11:04 2724864 ----a-w- c:\windows\system32\mshtml.tlb 2017-10-14 08:23 . 2017-11-15 11:04 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll 2017-10-14 08:13 . 2017-11-15 11:04 2903552 ----a-w- c:\windows\system32\iertutil.dll 2017-10-14 08:12 . 2017-11-15 11:04 66560 ----a-w- c:\windows\system32\iesetup.dll 2017-10-14 08:11 . 2017-11-15 11:04 48640 ----a-w- c:\windows\system32\ieetwproxystub.dll 2017-10-14 08:11 . 2017-11-15 11:04 576512 ----a-w- c:\windows\system32\vbscript.dll 2017-10-14 08:11 . 2017-11-15 11:04 417792 ----a-w- c:\windows\system32\html.iec 2017-10-14 08:11 . 2017-11-15 11:04 88064 ----a-w- c:\windows\system32\MshtmlDac.dll 2017-10-14 08:09 . 2017-11-15 11:04 5979648 ----a-w- c:\windows\system32\jscript9.dll 2017-10-14 08:05 . 2017-11-15 11:04 54784 ----a-w- c:\windows\system32\jsproxy.dll 2017-10-14 08:04 . 2017-11-15 11:04 34304 ----a-w- c:\windows\system32\iernonce.dll 2017-10-14 08:02 . 2017-11-15 11:04 615936 ----a-w- c:\windows\system32\ieui.dll 2017-10-14 08:01 . 2017-11-15 11:04 116224 ----a-w- c:\windows\system32\ieetwcollector.exe 2017-10-14 08:01 . 2017-11-15 11:04 144384 ----a-w- c:\windows\system32\ieUnatt.exe 2017-10-14 08:01 . 2017-11-15 11:04 816640 ----a-w- c:\windows\system32\jscript.dll 2017-10-14 08:00 . 2017-11-15 11:04 814080 ----a-w- c:\windows\system32\jscript9diag.dll 2017-10-14 07:55 . 2017-11-15 11:04 968704 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe 2017-10-14 07:53 . 2017-11-15 11:04 489984 ----a-w- c:\windows\system32\dxtmsft.dll 2017-10-14 07:47 . 2017-11-15 11:04 77824 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll 2017-10-14 07:47 . 2017-11-15 11:04 87552 ----a-w- c:\windows\system32\tdc.ocx 2017-10-14 07:46 . 2017-11-15 11:04 107520 ----a-w- c:\windows\system32\inseng.dll 2017-10-14 07:43 . 2017-11-15 11:04 199680 ----a-w- c:\windows\system32\msrating.dll 2017-10-14 07:43 . 2017-11-15 11:04 92160 ----a-w- c:\windows\system32\mshtmled.dll 2017-10-14 07:41 . 2017-11-15 11:04 315392 ----a-w- c:\windows\system32\dxtrans.dll 2017-10-14 07:40 . 2017-11-15 11:04 152064 ----a-w- c:\windows\system32\occache.dll 2017-10-14 07:31 . 2017-11-15 11:04 262144 ----a-w- c:\windows\system32\webcheck.dll 2017-10-14 07:30 . 2017-11-15 11:04 15266816 ----a-w- c:\windows\system32\ieframe.dll 2017-10-14 07:30 . 2017-11-15 11:04 726528 ----a-w- c:\windows\system32\ie4uinit.exe 2017-10-14 07:29 . 2017-11-15 11:04 807936 ----a-w- c:\windows\system32\msfeeds.dll 2017-10-14 07:28 . 2017-11-15 11:04 1359360 ----a-w- c:\windows\system32\mshtmlmedia.dll 2017-10-14 07:27 . 2017-11-15 11:04 2134528 ----a-w- c:\windows\system32\inetcpl.cpl 2017-10-14 07:21 . 2017-11-15 11:04 3241472 ----a-w- c:\windows\system32\wininet.dll 2017-10-14 07:09 . 2017-11-15 11:04 1544704 ----a-w- c:\windows\system32\urlmon.dll 2017-10-14 07:03 . 2017-11-15 11:04 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb 2017-10-14 06:58 . 2017-11-15 11:04 800768 ----a-w- c:\windows\system32\ieapfltr.dll 2017-10-14 06:53 . 2017-11-15 11:04 499200 ----a-w- c:\windows\SysWow64\vbscript.dll 2017-10-14 06:53 . 2017-11-15 11:04 62464 ----a-w- c:\windows\SysWow64\iesetup.dll 2017-10-14 06:52 . 2017-11-15 11:04 47616 ----a-w- c:\windows\SysWow64\ieetwproxystub.dll 2017-10-14 06:52 . 2017-11-15 11:04 341504 ----a-w- c:\windows\SysWow64\html.iec 2017-10-14 06:51 . 2017-11-15 11:04 64000 ----a-w- c:\windows\SysWow64\MshtmlDac.dll 2017-10-14 06:45 . 2017-11-15 11:04 115712 ----a-w- c:\windows\SysWow64\ieUnatt.exe 2017-10-14 06:45 . 2017-11-15 11:04 620032 ----a-w- c:\windows\SysWow64\jscript9diag.dll 2017-10-14 06:35 . 2017-11-15 11:04 60416 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll . . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MyDriveConnect.exe"="c:\program files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe" [2017-08-04 1986280] "GoogleDriveSync"="c:\program files (x86)\Google\Drive\googledrivesync.exe" [2017-11-20 41061856] "OCCDesktop"="c:\program files\Le Cloud d'Orange\OrangeCloudApplication.exe" [2017-10-31 4563968] "Adobe Acrobat Synchronizer"="c:\program files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe" [2017-11-04 886768] "GUDelayStartup"="c:\program files (x86)\Glary Utilities 5\StartupManager.exe" [2017-12-15 44024] "RocketDock"="c:\program files (x86)\RocketDock\RocketDock.exe" [2007-09-02 495616] "CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2017-12-01 10249048] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "Adobe Creative Cloud"="c:\program files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" [2017-09-20 2407008] "Nikon Message Center 2"="c:\program files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe" [2016-01-08 588288] "IObit Malware Fighter"="c:\program files (x86)\IObit\IObit Malware Fighter\IMF.exe" [2017-11-20 5764384] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) "SoftwareSASGeneration"= 1 (0x1) . [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoSimpleNetIDList"= 1 (0x1) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows] "LoadAppInit_DLLs"=1 (0x1) . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice] @="Service" . R0 hekznqut.sys;hekznqut.sys;c:\windows\System32\drivers\hekznqut.sys;c:\windows\SYSNATIVE\drivers\hekznqut.sys [x] R0 pfgozbll.sys;pfgozbll.sys;c:\windows\System32\drivers\pfgozbll.sys;c:\windows\SYSNATIVE\drivers\pfgozbll.sys [x] R1 arbpnzgdm.sys;arbpnzgdm.sys;c:\windows\system32\drivers\arbpnzgdm.sys;c:\windows\SYSNATIVE\drivers\arbpnzgdm.sys [x] R1 atldpogvo.sys;atldpogvo.sys;c:\windows\system32\drivers\atldpogvo.sys;c:\windows\SYSNATIVE\drivers\atldpogvo.sys [x] R1 bmlmmigie.sys;bmlmmigie.sys;c:\windows\system32\drivers\bmlmmigie.sys;c:\windows\SYSNATIVE\drivers\bmlmmigie.sys [x] R1 chlxuifhn.sys;chlxuifhn.sys;c:\windows\system32\drivers\chlxuifhn.sys;c:\windows\SYSNATIVE\drivers\chlxuifhn.sys [x] R1 eblhdfvtt.sys;eblhdfvtt.sys;c:\windows\system32\drivers\eblhdfvtt.sys;c:\windows\SYSNATIVE\drivers\eblhdfvtt.sys [x] R1 gdzftrqfv.sys;gdzftrqfv.sys;c:\windows\system32\drivers\gdzftrqfv.sys;c:\windows\SYSNATIVE\drivers\gdzftrqfv.sys [x] R1 haanvuday.sys;haanvuday.sys;c:\windows\system32\drivers\haanvuday.sys;c:\windows\SYSNATIVE\drivers\haanvuday.sys [x] R1 idduqneux.sys;idduqneux.sys;c:\windows\system32\drivers\idduqneux.sys;c:\windows\SYSNATIVE\drivers\idduqneux.sys [x] R1 lfyvfgnkm.sys;lfyvfgnkm.sys;c:\windows\system32\drivers\lfyvfgnkm.sys;c:\windows\SYSNATIVE\drivers\lfyvfgnkm.sys [x] R1 nolwvfmgo.sys;nolwvfmgo.sys;c:\windows\system32\drivers\nolwvfmgo.sys;c:\windows\SYSNATIVE\drivers\nolwvfmgo.sys [x] R1 qrumxzklx.sys;qrumxzklx.sys;c:\windows\system32\drivers\qrumxzklx.sys;c:\windows\SYSNATIVE\drivers\qrumxzklx.sys [x] R1 vfkwphimv.sys;vfkwphimv.sys;c:\windows\system32\drivers\vfkwphimv.sys;c:\windows\SYSNATIVE\drivers\vfkwphimv.sys [x] R1 xdiotsqev.sys;xdiotsqev.sys;c:\windows\system32\drivers\xdiotsqev.sys;c:\windows\SYSNATIVE\drivers\xdiotsqev.sys [x] R1 xiynqintg.sys;xiynqintg.sys;c:\windows\system32\drivers\xiynqintg.sys;c:\windows\SYSNATIVE\drivers\xiynqintg.sys [x] R1 zbngraucl.sys;zbngraucl.sys;c:\windows\system32\drivers\zbngraucl.sys;c:\windows\SYSNATIVE\drivers\zbngraucl.sys [x] R2 AdobeActiveFileMonitor11.0;Adobe Active File Monitor V11;c:\program files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe;c:\program files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [x] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x] R2 GoProDeviceDetectionService;GoPro Device Detection Service;c:\program files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe;c:\program files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe [x] R2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x] R3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys;c:\windows\SYSNATIVE\DRIVERS\asmthub3.sys [x] R3 cpuz143;cpuz143;c:\windows\temp\cpuz143\cpuz143_x64.sys;c:\windows\temp\cpuz143\cpuz143_x64.sys [x] R3 FlashUSB;FlashUSB;c:\windows\system32\DRIVERS\FlashUSB.sys;c:\windows\SYSNATIVE\DRIVERS\FlashUSB.sys [x] R3 guillflt;Guillemot Audio Lower Filter;c:\windows\system32\DRIVERS\guillflt.sys;c:\windows\SYSNATIVE\DRIVERS\guillflt.sys [x] R3 hxctlflt;hxctlflt;c:\windows\system32\Drivers\hxctlflt.sys;c:\windows\SYSNATIVE\Drivers\hxctlflt.sys [x] R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x] R3 IMFFilter;IMFFilter;c:\program files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\IMFFilter.sys;c:\program files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\IMFFilter.sys [x] R3 IUFileFilter;IUFileFilter;c:\program files (x86)\IObit\IObit Uninstaller\drivers\win7_amd64\IUFileFilter.sys;c:\program files (x86)\IObit\IObit Uninstaller\drivers\win7_amd64\IUFileFilter.sys [x] R3 IURegProcessFilter;IURegProcessFilter;c:\program files (x86)\IObit\IObit Uninstaller\drivers\win7_amd64\IURegProcessFilter.sys;c:\program files (x86)\IObit\IObit Uninstaller\drivers\win7_amd64\IURegProcessFilter.sys [x] R3 klids;klids;c:\programdata\Kaspersky Lab\AVP16.0.1\Bases\klids.sys;c:\programdata\Kaspersky Lab\AVP16.0.1\Bases\klids.sys [x] R3 klvssbrigde64;klvssbrigde64;c:\program files (x86)\Orange\Orange Security Suite 10.10\x64\vssbridge64.exe;c:\program files (x86)\Orange\Orange Security Suite 10.10\x64\vssbridge64.exe [x] R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;c:\windows\system32\DRIVERS\LEqdUsb.Sys;c:\windows\SYSNATIVE\DRIVERS\LEqdUsb.Sys [x] R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;c:\windows\system32\DRIVERS\LHidEqd.Sys;c:\windows\SYSNATIVE\DRIVERS\LHidEqd.Sys [x] R3 NvContainerNetworkService;NVIDIA NetworkService Container;c:\program files\NVIDIA Corporation\NvContainer\nvcontainer.exe;c:\program files\NVIDIA Corporation\NvContainer\nvcontainer.exe [x] R3 NvStreamKms;NVIDIA KMS;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x] R3 RegFilter;RegFilter;c:\program files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys;c:\program files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [x] R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x] R3 rtsuvc;Hercules HD Twist;c:\windows\system32\DRIVERS\rtsuvc.sys;c:\windows\SYSNATIVE\DRIVERS\rtsuvc.sys [x] R3 semav6msr64;semav6msr64;c:\windows\system32\drivers\semav6msr64.sys;c:\windows\SYSNATIVE\drivers\semav6msr64.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x] R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x] R3 UsbClientService;UsbClientService;c:\program files (x86)\Synology\Assistant\UsbClientService.exe;c:\program files (x86)\Synology\Assistant\UsbClientService.exe [x] R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x] R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys;c:\windows\SYSNATIVE\DRIVERS\wdcsam64.sys [x] R3 WsAppService;Wondershare Application Framework Service;c:\program files (x86)\Wondershare\WAF\2.4.3.225\WsAppService.exe;c:\program files (x86)\Wondershare\WAF\2.4.3.225\WsAppService.exe [x] S0 cm_km;Kaspersky Lab ZAO Cryptographic Module x64 (Weak);c:\windows\system32\DRIVERS\cm_km.sys;c:\windows\SYSNATIVE\DRIVERS\cm_km.sys [x] S0 gxmrihho.sys;gxmrihho.sys;c:\windows\System32\drivers\gxmrihho.sys;c:\windows\SYSNATIVE\drivers\gxmrihho.sys [x] S0 klbackupdisk;Kaspersky Lab klbackupdisk;c:\windows\system32\DRIVERS\klbackupdisk.sys;c:\windows\SYSNATIVE\DRIVERS\klbackupdisk.sys [x] S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x] S1 GUBootStartup;GUBootStartup;c:\windows\System32\drivers\GUBootStartup.sys;c:\windows\SYSNATIVE\drivers\GUBootStartup.sys [x] S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\SysWOW64\drivers\HWiNFO64A.SYS;c:\windows\SysWOW64\drivers\HWiNFO64A.SYS [x] S1 IMFCameraProtect;IMFCameraProtect;c:\windows\system32\drivers\IMFCameraProtect.sys;c:\windows\SYSNATIVE\drivers\IMFCameraProtect.sys [x] S1 klbackupflt;Kaspersky Lab klbackupflt;c:\windows\system32\DRIVERS\klbackupflt.sys;c:\windows\SYSNATIVE\DRIVERS\klbackupflt.sys [x] S1 klhk;Kaspersky Lab service driver;c:\windows\system32\DRIVERS\klhk.sys;c:\windows\SYSNATIVE\DRIVERS\klhk.sys [x] S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys;c:\windows\SYSNATIVE\DRIVERS\klim6.sys [x] S1 klpd;Kaspersky Lab format recognizer driver;c:\windows\system32\DRIVERS\klpd.sys;c:\windows\SYSNATIVE\DRIVERS\klpd.sys [x] S1 kltdi;kltdi;c:\windows\system32\DRIVERS\kltdi.sys;c:\windows\SYSNATIVE\DRIVERS\kltdi.sys [x] S1 Klwtp;KLwtp - WFP callout traffic inspector;c:\windows\system32\DRIVERS\klwtp.sys;c:\windows\SYSNATIVE\DRIVERS\klwtp.sys [x] S1 kneps;kneps;c:\windows\system32\DRIVERS\kneps.sys;c:\windows\SYSNATIVE\DRIVERS\kneps.sys [x] S1 kptksjwmv.sys;kptksjwmv.sys;c:\windows\system32\drivers\kptksjwmv.sys;c:\windows\SYSNATIVE\drivers\kptksjwmv.sys [x] S2 AGSService;Adobe Genuine Software Integrity Service;c:\program files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe;c:\program files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [x] S2 Apple Mobile Device Service;Apple Mobile Device Service;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [x] S2 AVP16.0.1;Suite de Sécurité Orange 10.10;c:\program files (x86)\Orange\Orange Security Suite 10.10\avp.exe;c:\program files (x86)\Orange\Orange Security Suite 10.10\avp.exe [x] S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x] S2 DigitalWave.Update.Service;Digital Wave Update Service;c:\program files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe;c:\program files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [x] S2 gzflt;gzflt;c:\windows\system32\DRIVERS\gzflt.sys;c:\windows\SYSNATIVE\DRIVERS\gzflt.sys [x] S2 IMFservice;IMF Service;c:\program files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe;c:\program files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [x] S2 kldisk;kldisk;c:\windows\system32\DRIVERS\kldisk.sys;c:\windows\SYSNATIVE\DRIVERS\kldisk.sys [x] S2 NvContainerLocalSystem;NVIDIA LocalSystem Container;c:\program files\NVIDIA Corporation\NvContainer\nvcontainer.exe;c:\program files\NVIDIA Corporation\NvContainer\nvcontainer.exe [x] S2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS;c:\program files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe;c:\program files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [x] S2 NvTelemetryContainer;NVIDIA Telemetry Container;c:\program files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe;c:\program files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [x] S2 RealPlayerUpdateSvc;RealPlayer Update Service;c:\program files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe;c:\program files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [x] S2 RealTimes Desktop Service;RealTimes Desktop Service;c:\program files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe;c:\program files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe [x] S2 WCAssistantService;WC Assistant;c:\program files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe;c:\program files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe [x] S3 asmtxhci;ASMedia XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys;c:\windows\SYSNATIVE\DRIVERS\asmtxhci.sys [x] S3 busenum;Synology Virtual USB Hub;c:\windows\system32\DRIVERS\busenum.sys;c:\windows\SYSNATIVE\DRIVERS\busenum.sys [x] S3 IMFDownProtect;IMFDownProtect;c:\program files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\IMFDownProtect.sys;c:\program files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\IMFDownProtect.sys [x] S3 IMFForceDelete;IMFForceDelete;c:\program files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\IMFForceDelete.sys;c:\program files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\IMFForceDelete.sys [x] S3 klflt;Kaspersky Lab Kernel DLL;c:\windows\system32\DRIVERS\klflt.sys;c:\windows\SYSNATIVE\DRIVERS\klflt.sys [x] S3 klkbdflt;Kaspersky Lab KLKBDFLT;c:\windows\system32\DRIVERS\klkbdflt.sys;c:\windows\SYSNATIVE\DRIVERS\klkbdflt.sys [x] S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys;c:\windows\SYSNATIVE\DRIVERS\klmouflt.sys [x] S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys;c:\windows\SYSNATIVE\DRIVERS\netr28x.sys [x] S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x] S3 nvvhci;NVVHCI Enumerator Service;c:\windows\system32\DRIVERS\nvvhci.sys;c:\windows\SYSNATIVE\DRIVERS\nvvhci.sys [x] . . --- Autres Services/Pilotes en mémoire --- . *NewlyCreated* - GXMRIHHO.SYS *NewlyCreated* - KPTKSJWMV.SYS *NewlyCreated* - WS2IFSL . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost] LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr QWAVE wcncsvc . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{A6EADE66-0000-0000-484E-7E8A45000000}] 2017-07-31 22:31 324080 ----a-w- c:\program files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}] 2017-05-22 10:16 2478880 ----a-w- c:\program files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ GoogleDriveBlacklisted] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}] 2017-11-20 14:27 775064 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ GoogleDriveSynced] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}] 2017-11-20 14:27 775064 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ GoogleDriveSyncing] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}] 2017-11-20 14:27 775064 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco1] @="{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}" [HKEY_CLASSES_ROOT\CLSID\{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}] 2017-09-26 00:52 491600 ----a-w- c:\program files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco2] @="{853B7E05-C47D-4985-909A-D0DC5C6D7303}" [HKEY_CLASSES_ROOT\CLSID\{853B7E05-C47D-4985-909A-D0DC5C6D7303}] 2017-09-26 00:52 491600 ----a-w- c:\program files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco3] @="{42D38F2E-98E9-4382-B546-E24E4D6D04BB}" [HKEY_CLASSES_ROOT\CLSID\{42D38F2E-98E9-4382-B546-E24E4D6D04BB}] 2017-09-26 00:52 491600 ----a-w- c:\program files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AWCOverlayIconFailed] @="{807B3DE6-04E1-41CD-BE17-79259C6F287E}" [HKEY_CLASSES_ROOT\CLSID\{807B3DE6-04E1-41CD-BE17-79259C6F287E}] 2017-03-13 09:19 1332224 ----a-w- c:\program files\Le Cloud d'Orange\WindowsCloudShellExtensions64_3.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AWCOverlayIconIgnored] @="{78E727AC-5F74-44D4-AB7B-1AF593CAB71A}" [HKEY_CLASSES_ROOT\CLSID\{78E727AC-5F74-44D4-AB7B-1AF593CAB71A}] 2017-03-13 09:19 1332224 ----a-w- c:\program files\Le Cloud d'Orange\WindowsCloudShellExtensions64_3.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AWCOverlayIconUploaded] @="{6AB3E22E-6F5C-4D4A-9F00-76BB29BAEAEF}" [HKEY_CLASSES_ROOT\CLSID\{6AB3E22E-6F5C-4D4A-9F00-76BB29BAEAEF}] 2017-03-13 09:19 1332224 ----a-w- c:\program files\Le Cloud d'Orange\WindowsCloudShellExtensions64_3.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AWCOverlayIconUploading] @="{5A062BD3-C231-4E7A-8782-D83B74BC2B08}" [HKEY_CLASSES_ROOT\CLSID\{5A062BD3-C231-4E7A-8782-D83B74BC2B08}] 2017-03-13 09:19 1332224 ----a-w- c:\program files\Le Cloud d'Orange\WindowsCloudShellExtensions64_3.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2017-08-11 9228800] "EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2015-08-26 3113592] "AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2016-07-01 508128] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2017-12-05 297272] . ------- Examen supplémentaire ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://r.orange.fr/r/Oodc_IE_oi_v2?ref=O_OI_defaultPage_IE_odc uDefault_Search_URL = mDefault_Search_URL = mStart Page = about:blank mSearch Page = www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch mSearch Bar = uSearchAssistant = about:blank mSearchAssistant = about:blank IE: &Ajouter la cible du lien à un fichier PDF existant - c:\program files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll/AcroIEAppendSelLinks.html IE: &Envoyer à OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105 IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: Ajouter la page Web à un fichier PDF existant - c:\program files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll/AcroIEAppend.html IE: Convertir la cible du lien au format Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll/AcroIECaptureSelLinks.html IE: Convertir la page &Web au format Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll/AcroIECapture.html IE: E&xporter vers Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000 Trusted Zone: localhost Trusted Zone: webcompanion.com TCP: DhcpNameServer = 192.168.1.1 FF - ProfilePath - c:\users\utilisateur\AppData\Roaming\Mozilla\Firefox\Profiles\x4na513e.default\ FF - prefs.js: browser.search.selectedEngine - Bing® FF - prefs.js: browser.startup.homepage - hxxp://www.orange.fr/portail|http://www.journaux.fr/ . - - - - ORPHELINS SUPPRIMES - - - - . Wow6432Node-HKLM-Run- - (no file) SafeBoot-MBAMService . . . --------------------- CLES DE REGISTRE BLOQUEES --------------------- . [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences] @Denied: (2) (LocalSystem) "88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,21,f0,7f,25,5f,1b,5b,45,ac,72,7b,\ "2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,21,f0,7f,25,5f,1b,5b,45,ac,72,7b,\ . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Autres processus actifs ------------------------ . c:\program files (x86)\IObit\IObit Malware Fighter\IMFSrvWsc.exe c:\program files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe c:\program files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe c:\users\utilisateur\AppData\Roaming\Orange\OrangeInside\OrangeInside.exe c:\program files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe . ************************************************************************** . Heure de fin: 2018-01-07 20:33:41 - La machine a redémarré ComboFix-quarantined-files.txt 2018-01-07 19:33 . Avant-CF: 115 178 364 928 octets libres Après-CF: 114 896 392 192 octets libres . - - End Of File - - 0C0F7B8C9D08D6E66C85BBFB64BC7B3E A36C5E4F47E84449FF07ED3517B43A31