ComboFix 18-08-08.01 - icosium 06/02/2019   7:49.1.2 - x86
Microsoft Windows 7 Édition Intégrale   6.1.7601.1.1252.33.1036.18.2038.1258 [GMT 1:00]
Lancé depuis: c:\users\icosium\Desktop\ComboFix.exe
AV: Malwarebytes *Disabled/Updated* {23007AD3-69FE-687C-2629-D584AFFAF72B}
SP: Malwarebytes *Disabled/Updated* {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Un nouveau point de restauration a été créé
.
.
((((((((((((((((((((((((((((((((((((   Autres suppressions   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\autorun.inf
c:\users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\KUKOTEABQN-DECRYPT.txt
c:\users\icosium\AppData\Roaming\Microsoft\Windows\index001.dat
C:\Win
c:\win\_openme.txt
c:\windows\msdownld.tmp
.
.
(((((((((((((((((((((((((((((((((((((((   Pilotes/Services   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_WINMON
.
.
(((((((((((((((((((((((((((((   Fichiers créés du 2019-01-06 au 2019-02-06  ))))))))))))))))))))))))))))))))))))
.
.
2019-02-06 06:55 . 2019-02-06 06:55	--------	d-----w-	c:\users\Default\AppData\Local\temp
2019-02-05 12:53 . 2019-02-05 12:53	--------	d-----w-	c:\program files\Stellar Repair for Video
2019-02-04 18:26 . 2019-02-04 18:26	--------	d-----w-	c:\users\icosium\AppData\Roaming\HMYGSetting
2019-02-04 18:23 . 2019-02-04 18:24	--------	d-----w-	c:\users\icosium\AppData\Roaming\Wondershare
2019-02-04 17:26 . 2019-02-04 18:01	--------	d-----w-	c:\users\icosium\AppData\Local\Samsung
2019-02-04 17:24 . 2019-02-04 17:41	--------	d-----w-	c:\users\icosium\AppData\Roaming\Samsung
2019-02-04 17:23 . 2016-07-22 07:21	589944	----a-w-	c:\windows\system32\WinUSBCoInstaller.dll
2019-02-04 17:23 . 2016-07-22 07:21	1121040	----a-w-	c:\windows\system32\WdfCoInstaller01007.dll
2019-02-04 17:23 . 2016-07-22 07:21	146048	----a-w-	c:\windows\system32\drivers\ssudmdm.sys
2019-02-04 17:23 . 2016-07-22 07:21	107648	----a-w-	c:\windows\system32\drivers\ssudbus.sys
2019-02-04 17:19 . 2016-05-17 22:49	144664	----a-w-	c:\windows\system32\secman.dll
2019-02-04 17:19 . 2016-05-17 22:49	4659712	----a-w-	c:\windows\system32\Redemption.dll
2019-02-04 17:19 . 2016-05-17 22:49	821824	----a-w-	c:\windows\system32\dgderapi.dll
2019-02-04 17:16 . 2019-02-04 17:48	--------	d-----w-	c:\programdata\Samsung
2019-02-04 17:16 . 2019-02-04 17:48	--------	d-----w-	c:\program files\Samsung
2019-02-04 17:12 . 2019-02-04 17:12	--------	d-----w-	c:\users\icosium\AppData\Local\Downloaded Installations
2019-02-04 16:42 . 2019-02-04 16:42	--------	d-----w-	c:\programdata\ProductData
2019-02-04 15:03 . 2019-02-04 15:12	--------	d-----w-	C:\Pre_Scan
2019-02-02 21:24 . 2019-02-02 21:24	--------	d-----w-	c:\users\icosium\AppData\Local\CrashRpt
2019-02-02 21:23 . 2019-02-03 14:17	--------	d-----w-	c:\users\icosium\AppData\Local\DiskDrill
2019-02-02 21:23 . 2019-02-02 21:23	--------	d-----w-	c:\program files\CleverFiles
2019-02-01 18:00 . 2019-02-01 18:00	899184	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
2019-02-01 18:00 . 2019-02-01 18:00	42168	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2019-02-01 18:00 . 2019-02-01 18:00	639312	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2019-02-01 16:16 . 2019-02-04 16:32	--------	d-----w-	c:\program files\RogueKiller
2019-01-31 18:21 . 2019-01-31 21:36	--------	d-----w-	c:\users\icosium\AppData\Roaming\MPC-HC
2019-01-31 15:59 . 2019-01-31 17:07	--------	d-----w-	c:\users\icosium\AppData\Local\ZHP
2019-01-30 15:57 . 2019-01-30 15:57	181496	----a-w-	c:\windows\system32\drivers\zam32.sys
2019-01-30 15:57 . 2019-01-30 15:57	181496	----a-w-	c:\windows\system32\drivers\zamguard32.sys
2019-01-30 15:57 . 2019-01-30 15:57	--------	d-----w-	c:\program files\Zemana AntiMalware
2019-01-26 21:02 . 2019-01-26 21:04	--------	d-----w-	c:\users\icosium\AppData\Roaming\Noxg4
2019-01-26 20:33 . 2019-01-26 20:33	--------	d-----w-	c:\users\icosium\AppData\Local\mbam
2019-01-26 20:31 . 2019-01-27 14:32	129248	----a-w-	c:\windows\system32\drivers\mbae.sys
2019-01-26 20:30 . 2019-01-27 15:29	--------	d-----w-	c:\program files\4XQKIZIR1Z
2019-01-26 20:30 . 2019-01-27 15:29	--------	d-----w-	c:\users\icosium\AppData\Roaming\cj43bx0tll0
2019-01-26 20:30 . 2019-01-27 15:28	--------	d-----w-	c:\program files\4HT5DMBAM1
2019-01-26 20:30 . 2019-01-27 15:28	--------	d-----w-	c:\users\icosium\AppData\Roaming\wcmaawdm3xf
2019-01-26 20:19 . 2019-01-27 15:29	--------	d-----w-	c:\users\icosium\AppData\Roaming\rvuhwdml1pm
2019-01-26 20:19 . 2019-01-27 15:28	--------	d-----w-	c:\users\icosium\AppData\Roaming\vcwlgjscqj4
2019-01-26 20:19 . 2019-01-26 21:01	--------	d-----w-	c:\program files\CUXF705C7A
2019-01-26 20:19 . 2019-01-26 20:21	--------	d-----w-	c:\program files\AWAV5KK3WL
2019-01-26 20:02 . 2019-01-26 20:02	--------	d-----w-	c:\programdata\Malwarebytes
2019-01-26 20:02 . 2019-01-26 20:02	--------	d-----w-	c:\program files\Malwarebytes
2019-01-26 19:52 . 2019-01-26 21:01	--------	d-----w-	c:\users\icosium\AppData\Roaming\lx0h3os1ixw
2019-01-26 19:52 . 2019-01-27 15:29	--------	d-----w-	c:\users\icosium\AppData\Roaming\z4xi0g0dohh
2019-01-26 19:37 . 2019-01-27 15:29	--------	d-----w-	c:\users\icosium\AppData\Roaming\jangia34frh
2019-01-26 19:07 . 2019-01-27 15:29	--------	d-----w-	c:\users\icosium\AppData\Roaming\ircqcuk41l2
2019-01-26 19:07 . 2019-01-27 15:28	--------	d-----w-	c:\users\icosium\AppData\Roaming\oefmhnmttpd
2019-01-26 18:54 . 2019-01-27 15:29	--------	d-----w-	c:\program files\P0SC8HLXYY
2019-01-26 18:54 . 2019-01-27 15:29	--------	d-----w-	c:\users\icosium\AppData\Roaming\lzfumxg3xib
2019-01-26 18:54 . 2019-01-27 15:29	--------	d-----w-	c:\program files\638VY58A82
2019-01-26 18:54 . 2019-01-27 15:27	--------	d-----w-	c:\users\icosium\AppData\Roaming\uav1tqhumyi
2019-01-26 18:44 . 2019-01-27 15:29	--------	d-----w-	c:\program files\XZQ5EN5257
2019-01-26 18:44 . 2019-01-27 15:29	--------	d-----w-	c:\users\icosium\AppData\Roaming\calue00cyzs
2019-01-26 18:14 . 2019-01-27 15:29	--------	d-----w-	c:\users\icosium\AppData\Roaming\u0f5uvlvmeb
2019-01-26 18:14 . 2019-01-27 15:29	--------	d-----w-	c:\program files\9U5QD31TBO
2019-01-26 18:14 . 2019-01-27 15:28	--------	d-----w-	c:\program files\7UBZLCVITV
2019-01-26 18:14 . 2019-01-27 15:28	--------	d-----w-	c:\users\icosium\AppData\Roaming\wswiiwpy4vr
2019-01-26 18:03 . 2019-01-27 15:28	--------	d-----w-	c:\program files\S121782FNB
2019-01-26 18:03 . 2019-01-27 15:29	--------	d-----w-	c:\users\icosium\AppData\Roaming\f2isuw34jaf
2019-01-26 17:33 . 2019-01-27 15:29	--------	d-----w-	c:\program files\N30DB0DYFJ
2019-01-26 17:33 . 2019-01-27 15:27	--------	d-----w-	c:\users\icosium\AppData\Roaming\1lxrnkcqveb
2019-01-26 17:33 . 2019-01-27 15:27	--------	d-----w-	c:\users\icosium\AppData\Roaming\fo424f2jvtx
2019-01-26 17:33 . 2019-01-27 15:29	--------	d-----w-	c:\program files\FFFFOJIKH9
2019-01-26 16:32 . 2019-01-27 15:28	--------	d-----w-	c:\users\icosium\AppData\Roaming\y5misqwhkk5
2019-01-26 16:32 . 2019-01-27 15:28	--------	d-----w-	c:\program files\YKYW1RHVB5
2019-01-26 16:02 . 2019-01-27 15:29	--------	d-----w-	c:\program files\FCEUF1E88E
2019-01-26 16:02 . 2019-01-27 15:29	--------	d-----w-	c:\users\icosium\AppData\Roaming\whpjinfxbqn
2019-01-26 16:02 . 2019-01-27 15:29	--------	d-----w-	c:\users\icosium\AppData\Roaming\ur41gcmjkj0
2019-01-26 16:02 . 2019-01-27 15:29	--------	d-----w-	c:\program files\O3M45RC7KG
2019-01-26 15:58 . 2019-01-26 15:59	--------	d-----w-	C:\AdwCleaner
2019-01-26 15:57 . 2019-01-27 15:29	--------	d-----w-	c:\users\icosium\AppData\Roaming\xhrbpjker3t
2019-01-26 15:57 . 2019-01-27 15:28	--------	d-----w-	c:\program files\XWGOSC4T96
2019-01-26 15:27 . 2019-01-27 15:29	--------	d-----w-	c:\program files\0ETUB8XC3O
2019-01-26 15:27 . 2019-01-27 15:29	--------	d-----w-	c:\users\icosium\AppData\Roaming\2hc0mayytqz
2019-01-26 15:27 . 2019-01-27 15:29	--------	d-----w-	c:\users\icosium\AppData\Roaming\v0wtsggam1n
2019-01-26 15:27 . 2019-01-27 15:29	--------	d-----w-	c:\program files\HYSI0ZREVN
2019-01-26 15:14 . 2019-01-27 15:29	--------	d-----w-	c:\program files\OD75TGEKK7
2019-01-26 15:14 . 2019-01-27 15:29	--------	d-----w-	c:\users\icosium\AppData\Roaming\ge0q3uu3qrz
2019-01-26 15:14 . 2019-01-27 15:29	--------	d-----w-	c:\users\icosium\AppData\Roaming\poeovperaau
2019-01-26 15:13 . 2019-01-27 15:29	--------	d-----w-	c:\program files\V54S0R4DIB
2019-01-26 15:10 . 2019-01-26 21:01	--------	d-----w-	c:\program files\3MFYR75S41
2019-01-26 15:10 . 2019-01-26 15:10	--------	d-----w-	c:\users\icosium\AppData\Roaming\xlius11uhtq
2019-01-26 14:40 . 2019-01-26 21:01	--------	d-----w-	c:\users\icosium\AppData\Roaming\inx5taiipdj
2019-01-26 14:40 . 2019-01-26 21:01	--------	d-----w-	c:\users\icosium\AppData\Roaming\rnnwgxy3iot
2019-01-26 14:17 . 2019-01-26 21:01	--------	d-----w-	c:\users\icosium\AppData\Roaming\tw3s00radzs
2019-01-26 14:17 . 2019-01-26 21:01	--------	d-----w-	c:\users\icosium\AppData\Roaming\v33qronq2vl
2019-01-26 14:11 . 2019-01-26 21:01	--------	d-----w-	c:\users\icosium\AppData\Roaming\uelaqq0nxgh
2019-01-26 14:11 . 2019-01-26 21:01	--------	d-----w-	c:\users\icosium\AppData\Roaming\5coycykxou0
2019-01-26 14:11 . 2019-01-26 21:01	--------	d-----w-	c:\users\icosium\AppData\Roaming\aij1cmt43go
2019-01-26 14:09 . 2019-01-26 21:01	--------	d-----w-	c:\users\icosium\AppData\Roaming\gbffaiinx1k
2019-01-26 14:09 . 2019-01-26 21:01	--------	d-----w-	c:\users\icosium\AppData\Roaming\rxshe1mvxad
2019-01-26 14:09 . 2019-01-26 21:01	--------	d-----w-	c:\users\icosium\AppData\Roaming\row0ynpeclt
2019-01-26 14:03 . 2019-01-26 21:01	--------	d-----w-	c:\users\icosium\AppData\Roaming\yvkrjwh0gla
2019-01-26 14:03 . 2019-01-26 21:01	--------	d-----w-	c:\users\icosium\AppData\Roaming\ew2qejjngh4
2019-01-26 14:03 . 2019-01-26 21:01	--------	d-----w-	c:\users\icosium\AppData\Roaming\ddwbcjkl14u
2019-01-26 14:02 . 2019-01-26 21:02	--------	d-----w-	c:\program files\Noxg4
2019-01-26 14:02 . 2019-01-26 21:01	--------	d-----w-	c:\users\icosium\AppData\Roaming\3uj2lu3kfn2
2019-01-26 14:02 . 2019-01-26 20:47	--------	d-----w-	c:\users\icosium\AppData\Roaming\2QR5S7Q9
2019-01-26 14:02 . 2019-01-26 21:01	--------	d-----w-	c:\users\icosium\AppData\Local\181a4aba-3b14-47c5-adcc-92dc9ac705fe
2019-01-26 14:00 . 2019-01-26 21:01	--------	d-----w-	c:\users\icosium\AppData\Roaming\2nuahetcwvx
2019-01-26 13:59 . 2019-01-26 14:01	--------	d-----w-	c:\users\icosium\AppData\Roaming\gwlgulpruyr
2019-01-26 13:58 . 2019-01-27 15:28	--------	d-----w-	c:\program files\SlowMotion
2019-01-23 14:38 . 2019-01-23 14:38	--------	d-----w-	c:\program files\K-Lite Codec Pack
2019-01-15 14:57 . 2019-01-15 14:57	--------	d-----w-	c:\users\icosium\AppData\Local\Smart PC Soft
2019-01-15 14:57 . 2019-02-04 16:36	--------	d-----w-	c:\program files\Smart PC Soft
2019-01-11 14:01 . 2019-01-11 14:01	62576	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{ADF65D09-CCEE-403E-9AFC-05477737803B}\offreg.3820.dll
.
.
.
((((((((((((((((((((((((((((((((((   Compte-rendu de Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))
.
2019-02-06 06:58 . 2019-02-06 06:58	63760	----a-w-	c:\windows\system32\drivers\mbam.sys
2019-02-06 06:57 . 2019-02-06 06:57	172280	----a-w-	c:\windows\system32\drivers\MbamChameleon.sys
2019-02-06 06:57 . 2019-02-06 06:57	106144	----a-w-	c:\windows\system32\drivers\farflt.sys
2019-02-06 06:57 . 2019-02-06 06:57	83648	----a-w-	c:\windows\system32\drivers\mwac.sys
2019-02-06 06:57 . 2019-02-06 06:57	230120	----a-w-	c:\windows\system32\drivers\mbamswissarmy.sys
2018-11-17 21:27 . 2018-11-17 21:27	12872	----a-w-	c:\windows\system32\bootdelete.exe
2018-11-16 18:11 . 2018-04-29 20:24	96632	----a-w-	c:\windows\system32\WindowsAccessBridge.dll
.
.
(((((((((((((((((((((((((((((((((   Points de chargement Reg   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IDMan"="c:\program files\Internet Download Manager\IDMan.exe" [2018-10-24 3973176]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ZAM"="c:\program files\Zemana AntiMalware\ZAM.exe" [2017-08-09 15775888]
"KiesTrayAgent"="c:\program files\Samsung\Kies\KiesTrayAgent.exe" [2017-11-15 318112]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
MobileGo Service.lnk - c:\program files\Wondershare\MobileGo\MobileGoService.exe [2019-2-4 95008]
TP-LINK Wireless Configuration Utility.lnk - c:\program files\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe -nogui [2018-5-14 847872]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]
@="Service"
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^PC-TV FM Remote Control.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\PC-TV FM Remote Control.lnk
backup=c:\windows\pss\PC-TV FM Remote Control.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IDMan]
2018-10-24 18:55	3973176	----a-w-	c:\program files\Internet Download Manager\IDMan.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2018-10-06 09:15	601424	----a-w-	c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Wondershare Helper Compact.exe]
2016-10-08 15:49	2137744	----a-w-	c:\program files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
"AntiVirusDisableNotify"=dword:00000001
"FirewallDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
"UacDisableNotify"=dword:00000001
.
R3 DfSdkS;Service de Défragmentation;c:\program files\Ashampoo\Ashampoo UnInstaller 6\DfSdkS.exe [2009-08-24 406016]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [2016-07-22 107648]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-20 62464]
R3 KINONI_Wave;Kinoni Audio Source;c:\windows\system32\drivers\kinonivad.sys [2016-03-18 18432]
R3 kinonivd;Kinoni Video Source;c:\windows\system32\DRIVERS\kinonivd.sys [2016-03-18 2782080]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 15872]
R3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [2016-07-22 146048]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [2010-11-20 77184]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [2010-11-20 25600]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [2010-11-20 112640]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WsDrvInst;Wondershare Driver Install Service;c:\program files\Wondershare\MobileGo\DriverInstall.exe [2017-06-01 101152]
R4 IUFileFilter;IUFileFilter;c:\program files\IObit\IObit Uninstaller\drivers\win7_x86\IUFileFilter.sys [x]
S0 SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.sys [2016-03-22 18800]
S1 ESProtectionDriver;Malwarebytes Anti-Exploit;c:\windows\system32\drivers\mbae.sys [2019-01-27 129248]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\system32\drivers\HWiNFO32.SYS [2018-07-09 23840]
S1 ZAM;ZAM Helper Driver;c:\windows\System32\drivers\zam32.sys [2019-01-30 181496]
S1 ZAM_Guard;ZAM Guard Driver;c:\windows\System32\drivers\zamguard32.sys [2019-01-30 181496]
S2 BT848;AVerMedia AVerTV WDM Video Capture (878);c:\windows\system32\drivers\BT848.sys [2018-10-15 163840]
S2 BTTUNER;BtTuner, WDM TvTuner;c:\windows\system32\drivers\BTTUNER.sys [2001-03-07 18944]
S2 BTXBAR;BtXBar, WDM Crossbar;c:\windows\system32\drivers\BTXBAR.sys [1999-07-21 13308]
S2 cfbackd;DiskDrill Watcher;c:\program files\CleverFiles\Disk Drill\cfbackd.w32.exe [2016-09-29 211520]
S2 IDMWFP;IDMWFP;c:\windows\system32\DRIVERS\idmwfp.sys [2018-03-01 149688]
S2 MBAMChameleon;MBAMChameleon;c:\windows\System32\Drivers\MbamChameleon.sys [2019-02-06 172280]
S2 MBAMService;Malwarebytes Service;c:\program files\Malwarebytes\Anti-Malware\mbamservice.exe [2018-09-19 5073376]
S2 ss_conn_service;SAMSUNG Mobile Connectivity Service;c:\program files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [2016-07-22 754784]
S2 TechSmith Uploader Service;TechSmith Uploader Service;c:\program files\Common Files\TechSmith Shared\Uploader\UploaderService.exe [2015-09-14 3661096]
S2 UI5IFS;Ashampoo Uninstaller FileSystemChanges Driver;c:\program files\Ashampoo\Ashampoo UnInstaller 6\IFS32.sys [2015-12-07 27736]
S2 VIAKaraokeService;VIA Karaoke digital mixer Service;c:\windows\system32\viakaraokesrv.exe [2016-10-20 36496]
S2 WindscribeService;WindscribeService;c:\program files\Windscribe\WindscribeService.exe [2018-09-07 401072]
S2 WsAppService;Wondershare Application Framework Service;c:\program files\Wondershare\WAF\2.4.2.223\WsAppService.exe [2017-03-20 473312]
S2 ZAMSvc;ZAM Controller Service;c:\program files\Zemana AntiMalware\ZAM.exe [2017-08-09 15775888]
S3 AmUStor;Al USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [2018-07-09 75200]
S3 iVCam;e2eSoft iVCam;c:\windows\system32\DRIVERS\iVCam.sys [2017-12-21 766832]
S3 MBAMFarflt;MBAMFarflt;c:\windows\system32\DRIVERS\farflt.sys [2019-02-06 106144]
S3 MBAMProtection;MBAMProtection;c:\windows\system32\DRIVERS\mbam.sys [2019-02-06 63760]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\System32\Drivers\mbamswissarmy.sys [2019-02-06 230120]
S3 MBAMWebProtection;MBAMWebProtection;c:\windows\system32\DRIVERS\mwac.sys [2019-02-06 83648]
S3 MOBIOLA_Wave;Mobiola Wave Audio Device (WDM);c:\windows\system32\drivers\mobiolawave.sys [2011-04-06 25024]
S3 mobiolavs;Mobiola Web Camera Video Source;c:\windows\system32\DRIVERS\mobiolavs.sys [2011-04-06 26896]
S3 netr28u;RT2870 USB Extensible Wireless LAN Card Driver;c:\windows\system32\DRIVERS\netr28u.sys [2014-07-04 1702032]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2018-10-15 913344]
S3 tapwindscribe0901;Windscribe VPN;c:\windows\system32\DRIVERS\tapwindscribe0901.sys [2017-04-21 41976]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2016-10-20 575696]
.
.
--- Autres Services/Pilotes en mémoire ---
.
*NewlyCreated* - ESPROTECTIONDRIVER
*NewlyCreated* - MBAMCHAMELEON
*NewlyCreated* - MBAMFARFLT
*NewlyCreated* - MBAMPROTECTION
*NewlyCreated* - MBAMSWISSARMY
*NewlyCreated* - MBAMWEBPROTECTION
.
.
------- Examen supplémentaire -------
.
mStart Page = hxxp://www.google.fr/
uInternet Settings,ProxyOverride = *.local
IE: Télécharger avec IDM - c:\program files\Internet Download Manager\IEExt.htm
IE: Télécharger tous les liens avec IDM - c:\program files\Internet Download Manager\IEGetAll.htm
Trusted Zone: localhost
TCP: DhcpNameServer = 192.168.100.1
FF - ProfilePath - c:\users\icosium\AppData\Roaming\Mozilla\Firefox\Profiles\ufpfk67c.default-1543855532147\
FF - prefs.js: browser.startup.homepage - hxxps://www.google.com/
.
- - - - ORPHELINS SUPPRIMES - - - -
.
{CDC95B92-E27C-4745-A8C5-64A52A78855D}"-IDM Shell Extension - ShellIconOverlayIdentifiers
HKCU-Run-CCleaner Smart Cleaning - c:\program files\CCleaner\CCleaner.exe
AddRemove-7D883151-2128-47CA-BA96-1908A071FFBA - c:\program files\Dimo MTS Converter\unins000.exe
AddRemove-01_Simmental - c:\program files\Samsung\USB Drivers\01_Simmental\Uninstall.exe
AddRemove-02_Siberian - c:\program files\Samsung\USB Drivers\02_Siberian\Uninstall.exe
AddRemove-03_Swallowtail - c:\program files\Samsung\USB Drivers\03_Swallowtail\Uninstall.exe
AddRemove-04_semseyite - c:\program files\Samsung\USB Drivers\04_semseyite\Uninstall.exe
AddRemove-07_Schorl - c:\program files\Samsung\USB Drivers\07_Schorl\Uninstall.exe
AddRemove-09_Hsp - c:\program files\Samsung\USB Drivers\09_Hsp\Uninstall.exe
AddRemove-11_HSP_Plus_Default - c:\program files\Samsung\USB Drivers\11_HSP_Plus_Default\Uninstall.exe
AddRemove-16_Shrewsbury - c:\program files\Samsung\USB Drivers\16_Shrewsbury\Uninstall.exe
AddRemove-20_NXP_Driver - c:\program files\Samsung\USB Drivers\20_NXP_Driver\Uninstall.exe
AddRemove-24_flashusbdriver - c:\program files\Samsung\USB Drivers\24_flashusbdriver\Uninstall.exe
AddRemove-25_escape - c:\program files\Samsung\USB Drivers\25_escape\Uninstall.exe
AddRemove-27_ssconn - c:\program files\Samsung\USB Drivers\27_ssconn\Uninstall.exe
.
.
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_USERS\S-1-5-21-612375770-1197113522-2392976946-1000_Classes\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"scansk"=hex(0):ad,0a,23,52,f3,63,45,7b,f0,0a,fa,1c,fe,81,9b,ed,4f,fa,e5,77,02,
   79,b4,d8,67,31,e7,f6,a6,7e,67,07,d1,09,d3,01,1d,78,05,47,00,00,00,00,00,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_31_0_0_122_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_31_0_0_122_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Autres processus actifs ------------------------
.
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\system32\taskhost.exe
c:\program files\IObit\Smart Defrag\SmartDefrag.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\WUDFHost.exe
c:\windows\system32\conhost.exe
c:\program files\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
c:\program files\Internet Download Manager\IEMonitor.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\program files\Malwarebytes\Anti-Malware\mbamtray.exe
c:\windows\system32\sppsvc.exe
.
**************************************************************************
.
Heure de fin: 2019-02-06  08:00:19 - La machine a redémarré
ComboFix-quarantined-files.txt  2019-02-06 07:00
.
Avant-CF: 131 393 884 160 octets libres
Après-CF: 131 277 312 000 octets libres
.
- - End Of File - - AF38C33DE61298AD293774E24EE7B80C
A36C5E4F47E84449FF07ED3517B43A31