ComboFix 13-02-15.01 - olivier 16/02/2013  16:20:18.1.4 - x64
Lancé depuis: c:\users\olivier\Downloads\ComboFix.exe
AV: ESET Smart Security 5.2 *Enabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
FW: Pare-feu personnel d'ESET *Enabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
SP: ESET Smart Security 5.2 *Enabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Autres suppressions   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Your Product\lua5.1.dll
c:\program files (x86)\Your Product\Uninstall
c:\program files (x86)\Your Product\Uninstall\IRIMG1.JPG
c:\program files (x86)\Your Product\Uninstall\IRIMG2.JPG
c:\program files (x86)\Your Product\Uninstall\uninstall.dat
c:\program files (x86)\Your Product\Uninstall\uninstall.xml
c:\programdata\FullRemove.exe
c:\users\olivier\AppData\Roaming\Microsoft\Windows\Recent\desktop_42344797.ico
c:\users\Public\sdelevURL.tmp
c:\windows\msvcr71.dll
c:\windows\SysWow64\Packet.dll
c:\windows\SysWow64\pthreadVC.dll
c:\windows\SysWow64\wpcap.dll
.
.
(((((((((((((((((((((((((((((((((((((((   Pilotes/Services   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_npf
.
.
(((((((((((((((((((((((((((((   Fichiers créés du 2013-01-16 au 2013-02-16  ))))))))))))))))))))))))))))))))))))
.
.
2013-02-16 14:34 . 2013-02-16 14:34	512	----a-w-	C:\PhysicalDisk0_MBR.bin
2013-02-16 13:01 . 2013-02-16 13:01	--------	d-----w-	C:\found.002
2013-02-16 11:04 . 2013-02-16 11:04	--------	d-----w-	C:\f2159d90f6955b5bcc92e4
2013-02-16 11:04 . 2013-02-16 11:04	--------	d-----w-	c:\windows\CheckSur
2013-02-15 17:55 . 2013-02-15 17:55	--------	d-----w-	C:\Intel
2013-02-15 17:27 . 2013-02-15 17:27	639312	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2013-02-15 15:32 . 2013-02-15 15:32	--------	d-----w-	c:\program files (x86)\Ad-Remover
2013-02-15 15:07 . 2013-02-15 15:07	--------	d-----w-	c:\users\bis
2013-02-15 11:24 . 2013-02-16 14:33	--------	d-----w-	c:\program files (x86)\ZHPDiag
2013-02-15 11:24 . 2013-02-16 14:32	--------	d-----w-	C:\ZHP
2013-02-15 11:06 . 2013-01-08 05:32	9161176	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{A67313A9-B9F1-4DA5-B054-EB3D2B832C57}\mpengine.dll
2013-02-13 21:20 . 2013-02-13 21:20	--------	d-----w-	c:\program files\ASUS
2013-02-13 21:20 . 2010-11-30 12:19	379520	----a-w-	c:\windows\system32\FBAgent.exe
2013-02-13 19:46 . 2013-02-13 19:46	--------	d-----w-	C:\71eb5339d06da794c3c6
2013-02-13 19:45 . 2013-01-09 01:10	996352	----a-w-	c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-13 19:45 . 2013-01-08 22:01	768000	----a-w-	c:\program files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-13 19:39 . 2013-01-09 01:12	1346048	----a-w-	c:\windows\system32\urlmon.dll
2013-02-13 19:37 . 2013-01-05 05:53	5553512	----a-w-	c:\windows\system32\ntoskrnl.exe
2013-02-13 19:37 . 2013-01-05 05:00	3967848	----a-w-	c:\windows\SysWow64\ntkrnlpa.exe
2013-02-13 19:37 . 2013-01-05 05:00	3913064	----a-w-	c:\windows\SysWow64\ntoskrnl.exe
2013-02-13 06:08 . 2013-01-04 05:46	215040	----a-w-	c:\windows\system32\winsrv.dll
2013-02-13 06:08 . 2013-01-04 04:51	5120	----a-w-	c:\windows\SysWow64\wow32.dll
2013-02-13 06:08 . 2013-01-04 02:47	25600	----a-w-	c:\windows\SysWow64\setup16.exe
2013-02-13 06:08 . 2013-01-04 02:47	7680	----a-w-	c:\windows\SysWow64\instnm.exe
2013-02-13 06:08 . 2013-01-04 02:47	14336	----a-w-	c:\windows\SysWow64\ntvdm64.dll
2013-02-13 06:08 . 2013-01-04 02:47	2048	----a-w-	c:\windows\SysWow64\user.exe
2013-02-13 06:08 . 2013-01-03 06:00	1913192	----a-w-	c:\windows\system32\drivers\tcpip.sys
2013-02-13 06:08 . 2013-01-03 06:00	288088	----a-w-	c:\windows\system32\drivers\FWPKCLNT.SYS
2013-02-12 21:43 . 2013-02-15 22:28	268952	----a-w-	c:\windows\SysWow64\PnkBstrB.exe
2013-02-12 21:43 . 2013-02-12 22:20	268952	----a-w-	c:\windows\SysWow64\PnkBstrB.ex0
2013-02-12 21:43 . 2013-02-12 21:43	75136	----a-w-	c:\windows\SysWow64\PnkBstrA.exe
2013-02-05 17:38 . 2013-02-05 17:38	899184	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll
2013-02-05 17:38 . 2013-02-05 17:38	42776	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll
2013-02-05 12:52 . 2013-02-05 12:55	--------	d-----w-	c:\users\olivier\AppData\Roaming\Aion RainMeter
2013-01-30 12:51 . 2013-01-30 12:51	--------	d-----w-	c:\users\olivier\AppData\Roaming\Sony Creative Software Inc
2013-01-29 16:51 . 2013-01-29 16:51	--------	d-----w-	c:\users\olivier\AppData\Roaming\Mirillis
2013-01-29 16:51 . 2013-01-29 16:51	--------	d-----w-	c:\programdata\Mirillis
2013-01-29 16:48 . 2013-01-29 16:51	--------	d-----w-	c:\users\olivier\AppData\Local\Mirillis
2013-01-29 16:48 . 2012-11-25 09:28	--------	d-----w-	C:\Crack
2013-01-29 16:47 . 2013-01-29 17:02	--------	d-----w-	c:\program files (x86)\Mirillis
2013-01-28 14:39 . 2013-02-15 17:28	899184	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
2013-01-28 14:39 . 2013-02-15 17:27	42776	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2013-01-28 14:39 . 2013-01-28 14:39	639312	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2013-01-24 21:35 . 2008-04-14 04:42	506368	----a-w-	c:\windows\SysWow64\msxml.dll
2013-01-24 21:35 . 1998-06-18 00:00	89360	----a-w-	c:\windows\SysWow64\VB5DB.DLL
2013-01-24 21:16 . 2013-02-11 22:52	--------	d-----w-	c:\program files (x86)\SmireBoule
2013-01-18 19:21 . 2013-01-18 19:21	--------	d-----w-	c:\program files (x86)\Mumble
.
.
.
((((((((((((((((((((((((((((((((((   Compte-rendu de Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-02-15 22:28 . 2012-12-13 22:47	268952	----a-w-	c:\windows\SysWow64\PnkBstrB.xtr
2013-02-13 20:16 . 2012-08-09 15:48	70004024	----a-w-	c:\windows\system32\MRT.exe
2013-02-08 17:27 . 2012-08-12 12:16	74096	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-02-08 17:27 . 2012-08-12 12:16	697712	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2013-02-04 15:03 . 2012-12-16 11:46	925184	----a-w-	c:\windows\expstart.exe
2013-01-17 00:28 . 2012-08-09 16:59	273840	------w-	c:\windows\system32\MpSigStub.exe
2013-01-04 04:43 . 2013-02-13 06:08	44032	----a-w-	c:\windows\apppatch\acwow64.dll
2012-12-29 09:44 . 2012-08-09 15:10	45056	----a-w-	c:\windows\system32\acovcnt.exe
2012-12-17 19:12 . 2009-07-13 23:55	332288	----a-w-	c:\windows\system32\uxtheme.dll
2012-12-17 19:12 . 2011-02-18 19:49	2851840	----a-w-	c:\windows\system32\themeui.dll
2012-12-17 19:12 . 2009-07-13 23:54	44544	----a-w-	c:\windows\system32\themeservice.dll
2012-12-17 19:10 . 2011-02-18 19:49	2755072	----a-w-	c:\windows\SysWow64\themeui.dll
2012-12-17 19:10 . 2009-07-13 23:39	245760	----a-w-	c:\windows\SysWow64\uxtheme.dll
2012-12-17 19:10 . 2012-12-17 19:10	758040	----a-w-	c:\windows\UTP.exe
2012-12-16 17:11 . 2012-12-21 10:52	46080	----a-w-	c:\windows\system32\atmlib.dll
2012-12-16 14:45 . 2012-12-21 10:52	367616	----a-w-	c:\windows\system32\atmfd.dll
2012-12-16 14:13 . 2012-12-21 10:52	295424	----a-w-	c:\windows\SysWow64\atmfd.dll
2012-12-16 14:13 . 2012-12-21 10:52	34304	----a-w-	c:\windows\SysWow64\atmlib.dll
2012-12-14 15:49 . 2013-01-10 13:27	24176	----a-w-	c:\windows\system32\drivers\mbam.sys
2012-12-14 01:42 . 2012-12-14 01:42	9728	----a-w-	c:\windows\system32\IGFXDEVLib.dll
2012-12-14 01:42 . 2012-12-14 01:42	437760	----a-w-	c:\windows\system32\igfxrnor.lrc
2012-12-14 01:42 . 2012-12-14 01:42	12615680	----a-w-	c:\windows\system32\igdumd64.dll
2012-12-14 01:42 . 2012-10-10 01:22	384512	----a-w-	c:\windows\system32\igfxpph.dll
2012-12-14 01:42 . 2012-12-14 01:42	64512	----a-w-	c:\windows\SysWow64\igdde32.dll
2012-12-14 01:42 . 2012-12-14 01:42	440320	----a-w-	c:\windows\system32\igfxrell.lrc
2012-12-14 01:42 . 2012-12-14 01:42	437760	----a-w-	c:\windows\system32\igfxrptb.lrc
2012-12-14 01:42 . 2012-12-14 01:42	437248	----a-w-	c:\windows\system32\igfxrtha.lrc
2012-12-14 01:42 . 2012-12-14 01:42	435712	----a-w-	c:\windows\system32\igfxrheb.lrc
2012-12-14 01:42 . 2012-12-14 01:42	435712	----a-w-	c:\windows\system32\igfxrara.lrc
2012-12-14 01:42 . 2012-12-14 01:42	431104	----a-w-	c:\windows\system32\igfxrkor.lrc
2012-12-14 01:42 . 2012-12-14 01:42	429056	----a-w-	c:\windows\system32\igfxrcht.lrc
2012-12-14 01:42 . 2012-12-14 01:42	330752	----a-w-	c:\windows\SysWow64\igfxdv32.dll
2012-12-14 01:42 . 2012-12-14 01:42	28672	----a-w-	c:\windows\system32\igfxexps.dll
2012-12-14 01:42 . 2012-03-19 21:11	11174912	----a-w-	c:\windows\SysWow64\igd10umd32.dll
2012-12-14 01:42 . 2011-05-31 03:23	64000	----a-w-	c:\windows\system32\igfxsrvc.dll
2012-12-14 01:42 . 2011-05-31 03:23	110592	----a-w-	c:\windows\system32\hccutils.dll
2012-12-14 01:42 . 2012-12-14 01:42	640512	----a-w-	c:\windows\SysWow64\igfxcmrt32.dll
2012-12-14 01:42 . 2012-12-14 01:42	512112	----a-w-	c:\windows\system32\igfxsrvc.exe
2012-12-14 01:42 . 2012-12-14 01:42	438784	----a-w-	c:\windows\system32\igfxrnld.lrc
2012-12-14 01:42 . 2012-12-14 01:42	438784	----a-w-	c:\windows\system32\igfxrdeu.lrc
2012-12-14 01:42 . 2012-12-14 01:42	3121152	----a-w-	c:\windows\SysWow64\igfxcmjit32.dll
2012-12-14 01:42 . 2012-12-14 01:42	255088	----a-w-	c:\windows\system32\igfxext.exe
2012-12-14 01:42 . 2012-12-14 01:42	13030400	----a-w-	c:\windows\system32\ig4icd64.dll
2012-12-14 01:42 . 2012-12-14 01:42	483840	----a-w-	c:\windows\system32\igfx11cmrt64.dll
2012-12-14 01:42 . 2012-12-14 01:42	439808	----a-w-	c:\windows\system32\igfxresn.lrc
2012-12-14 01:42 . 2012-12-14 01:42	437760	----a-w-	c:\windows\system32\igfxrtrk.lrc
2012-12-14 01:42 . 2012-12-14 01:42	428544	----a-w-	c:\windows\system32\igfxrchs.lrc
2012-12-14 01:42 . 2011-05-31 03:23	9007616	----a-w-	c:\windows\system32\igfxress.dll
2012-12-14 01:42 . 2011-05-31 03:23	12858368	----a-w-	c:\windows\system32\igd10umd64.dll
2012-12-14 01:42 . 2012-12-14 01:42	80384	----a-w-	c:\windows\system32\igdde64.dll
2012-12-14 01:42 . 2012-12-14 01:42	459264	----a-w-	c:\windows\SysWow64\igfx11cmrt32.dll
2012-12-14 01:42 . 2012-12-14 01:42	439296	----a-w-	c:\windows\system32\igfxrrus.lrc
2012-12-14 01:42 . 2012-12-14 01:42	438784	----a-w-	c:\windows\system32\igfxrptg.lrc
2012-12-14 01:42 . 2012-12-14 01:42	286208	----a-w-	c:\windows\system32\igfxrenu.lrc
2012-12-14 01:42 . 2012-12-14 01:42	142336	----a-w-	c:\windows\system32\igfxdo.dll
2012-12-14 01:42 . 2012-12-14 01:42	11049472	----a-w-	c:\windows\SysWow64\igdumd32.dll
2012-12-14 01:42 . 2012-12-14 01:42	5353888	----a-w-	c:\windows\system32\drivers\igdkmd64.sys
2012-12-14 01:42 . 2012-12-14 01:42	439296	----a-w-	c:\windows\system32\igfxrrom.lrc
2012-12-14 01:42 . 2012-12-14 01:42	438272	----a-w-	c:\windows\system32\igfxrcsy.lrc
2012-12-14 01:42 . 2012-12-14 01:42	25088	----a-w-	c:\windows\SysWow64\igfxexps32.dll
2012-12-14 01:42 . 2012-12-14 01:42	185968	----a-w-	c:\windows\system32\difx64.exe
2012-12-14 01:42 . 2012-12-14 01:42	518656	----a-w-	c:\windows\system32\igfxcmrt64.dll
2012-12-14 01:42 . 2012-12-14 01:42	438272	----a-w-	c:\windows\system32\igfxrfin.lrc
2012-12-14 01:42 . 2012-12-14 01:42	437760	----a-w-	c:\windows\system32\igfxrsve.lrc
2012-12-14 01:42 . 2012-12-14 01:42	432128	----a-w-	c:\windows\system32\igfxrjpn.lrc
2012-12-14 01:42 . 2012-12-14 01:42	116224	----a-w-	c:\windows\system32\igfxCoIn_v2932.dll
2012-12-14 01:42 . 2012-12-14 01:42	10812416	----a-w-	c:\windows\SysWow64\ig4icd32.dll
2012-12-14 01:42 . 2012-12-14 01:42	442880	----a-w-	c:\windows\system32\igfxdev.dll
2012-12-14 01:42 . 2012-12-14 01:42	438784	----a-w-	c:\windows\system32\igfxrita.lrc
2012-12-14 01:42 . 2012-12-14 01:42	438272	----a-w-	c:\windows\system32\igfxrhun.lrc
2012-12-14 01:42 . 2012-12-14 01:42	437248	----a-w-	c:\windows\system32\igfxrdan.lrc
2012-12-14 01:42 . 2012-12-14 01:42	126976	----a-w-	c:\windows\system32\igfxcpl.cpl
2012-12-14 01:42 . 2012-12-14 01:42	441968	----a-w-	c:\windows\system32\igfxpers.exe
2012-12-14 01:42 . 2012-12-14 01:42	439808	----a-w-	c:\windows\system32\igfxrfra.lrc
2012-12-14 01:42 . 2012-12-14 01:42	410112	----a-w-	c:\windows\system32\igfxTMM.dll
2012-12-14 01:42 . 2012-12-14 01:42	172144	----a-w-	c:\windows\system32\igfxtray.exe
2012-12-14 01:42 . 2012-12-14 01:42	5906032	----a-w-	c:\windows\system32\GfxUI.exe
2012-12-14 01:42 . 2012-12-14 01:42	438784	----a-w-	c:\windows\system32\igfxrsky.lrc
2012-12-14 01:42 . 2012-12-14 01:42	438784	----a-w-	c:\windows\system32\igfxrplk.lrc
2012-12-14 01:42 . 2012-12-14 01:42	438784	----a-w-	c:\windows\system32\igfxrhrv.lrc
2012-12-14 01:42 . 2012-12-14 01:42	3511296	----a-w-	c:\windows\system32\igfxcmjit64.dll
2012-12-14 01:42 . 2012-12-14 01:42	175104	----a-w-	c:\windows\system32\gfxSrvc.dll
2012-12-14 01:42 . 2012-12-14 01:42	437760	----a-w-	c:\windows\system32\igfxrslv.lrc
2012-12-14 01:42 . 2012-12-14 01:42	399984	----a-w-	c:\windows\system32\hkcmd.exe
2012-12-14 01:42 . 2012-12-14 01:42	277616	----a-w-	c:\windows\SysWow64\IntelCpHeciSvc.exe
2012-12-13 22:31 . 2012-12-13 22:31	682280	----a-w-	c:\windows\SysWow64\pbsvc.exe
2012-12-07 13:20 . 2013-01-10 01:01	441856	----a-w-	c:\windows\system32\Wpc.dll
2012-12-07 13:15 . 2013-01-10 01:01	2746368	----a-w-	c:\windows\system32\gameux.dll
2012-12-07 12:26 . 2013-01-10 01:01	308736	----a-w-	c:\windows\SysWow64\Wpc.dll
2012-12-07 12:20 . 2013-01-10 01:01	2576384	----a-w-	c:\windows\SysWow64\gameux.dll
2012-12-07 11:20 . 2013-01-10 01:01	30720	----a-w-	c:\windows\system32\usk.rs
2012-12-07 11:20 . 2013-01-10 01:01	43520	----a-w-	c:\windows\system32\csrr.rs
2012-12-07 11:20 . 2013-01-10 01:01	23552	----a-w-	c:\windows\system32\oflc.rs
2012-12-07 11:20 . 2013-01-10 01:01	45568	----a-w-	c:\windows\system32\oflc-nz.rs
2012-12-07 11:20 . 2013-01-10 01:01	44544	----a-w-	c:\windows\system32\pegibbfc.rs
2012-12-07 11:20 . 2013-01-10 01:01	20480	----a-w-	c:\windows\system32\pegi-fi.rs
2012-12-07 11:20 . 2013-01-10 01:01	20480	----a-w-	c:\windows\system32\pegi-pt.rs
2012-12-07 11:19 . 2013-01-10 01:01	20480	----a-w-	c:\windows\system32\pegi.rs
2012-12-07 11:19 . 2013-01-10 01:01	46592	----a-w-	c:\windows\system32\fpb.rs
2012-12-07 11:19 . 2013-01-10 01:01	40960	----a-w-	c:\windows\system32\cob-au.rs
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[7] 2013-01-05 . 5DEF532B4661D612CD4E894CD3688E4C . 5500776 . . [6.1.7600.17207] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.17207_none_c87dba8dcd9188af\ntoskrnl.exe
[7] 2013-01-05 . 24607D189375475224138CE863A1A9D5 . 5467992 . . [6.1.7600.21417] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.21417_none_c8fc8952e6b74191\ntoskrnl.exe
[-] 2013-01-05 . D6AF8FFE8261E2089440544A1B241E5B . 5553512 . . [6.1.7601.18044] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.18044_none_ca35d705cadb185a\ntoskrnl.exe
[7] 2013-01-05 . A0F9F36C3F670053F9A2E9B9577CD1AB . 5554536 . . [6.1.7601.22210] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.22210_none_cadbe452e3e3fc1c\ntoskrnl.exe
[7] 2012-08-30 . CD632F72C798CA012FE429F66E1F1CAD . 5505904 . . [6.1.7600.17118] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.17118_none_c873e905cd98c0d0\ntoskrnl.exe
[7] 2012-08-30 . 502070A5B89F1E6DEC54817DEBF46425 . 5473136 . . [6.1.7600.21315] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.21315_none_c8fa86d8e6b911bc\ntoskrnl.exe
[7] 2012-08-30 . FE905D59663E86BFE51623947B7425FD . 5559664 . . [6.1.7601.17944] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17944_none_ca35fee3cadae518\ntoskrnl.exe
[7] 2012-08-30 . A0D1C0E813A7C6E17C029375AC2ACE18 . 5562736 . . [6.1.7601.22103] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.22103_none_cae9b336e3d92f09\ntoskrnl.exe
[7] 2012-05-04 . C4C870BD7F081C7AAC4DA553CD17E0F1 . 5473136 . . [6.1.7600.21207] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.21207_none_c9075572e6af2b52\ntoskrnl.exe
[7] 2012-05-04 . 2819BB6417B85D38169A4F151463A815 . 5559664 . . [6.1.7601.17835] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17835_none_ca41cd33cad1e557\ntoskrnl.exe
[7] 2012-05-04 . BD31B81BFA2E89680315AB15D0D58671 . 5505392 . . [6.1.7600.17017] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.17017_none_c872e6d5cd99aa52\ntoskrnl.exe
[7] 2012-05-04 . 6A692DB27A943B463E97B749DD34F3DA . 5561200 . . [6.1.7601.21987] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.21987_none_ca975af6e4164384\ntoskrnl.exe
[7] 2012-04-02 . 9579F84C40B3BE205C9FD4CCDD99B6B7 . 5504880 . . [6.1.7600.16988] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.16988_none_c8285f89cdd153fe\ntoskrnl.exe
[7] 2012-03-31 . 03B5C6DBA5A770CEEFD1615E380C6BC3 . 5559664 . . [6.1.7601.17803] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17803_none_ca603c63cabb5ed6\ntoskrnl.exe
[7] 2012-03-31 . 5E6017E5814B3BC366A5A7A88538D0FC . 5473136 . . [6.1.7600.21179] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.21179_none_c8bda4ace6e62470\ntoskrnl.exe
[7] 2012-03-31 . 708A4C721CEE6B3845B5A54477D873CF . 5561200 . . [6.1.7601.21955] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.21955_none_cab5ca26e3ffbd03\ntoskrnl.exe
[7] 2012-03-06 . BAA66E360105F79B5948A2FDAF3AA8FE . 5559152 . . [6.1.7601.17790] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17790_none_c9fbea53cb071123\ntoskrnl.exe
[7] 2012-03-06 . F96AA8BE1890C99883A6C233F9FB59A7 . 5473136 . . [6.1.7600.21163] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.21163_none_c8c272dce6e37075\ntoskrnl.exe
[7] 2012-03-06 . 51F2FD7B6C7966AFE271611D786D35A3 . 5504880 . . [6.1.7600.16973] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.16973_none_c82e2e03cdcdb95a\ntoskrnl.exe
[7] 2012-03-06 . FCAB208AC0F7263A84EB627B1517E5AC . 5561200 . . [6.1.7601.21936] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.21936_none_cacc6a48e3ee9e78\ntoskrnl.exe
[7] 2011-10-19 . 577841951E8BAD6EA8288106693CD39F . 5561216 . . [6.1.7601.17640] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17640_none_ca31f809cade8847\ntoskrnl.exe
[7] 2011-10-19 . CE6AF5EC2DB1567B6297ADCB56B39B5D . 5561728 . . [6.1.7601.21755] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.21755_none_cab5c65ae3ffc2b5\ntoskrnl.exe
[7] 2011-10-19 . EBECACD545E280FE7A0A2CBFC0AC29BD . 5507968 . . [6.1.7600.16841] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.16841_none_c84c9b4dcdb735b2\ntoskrnl.exe
[7] 2011-10-19 . 12EC6D619756240886680523392EEF9C . 5474688 . . [6.1.7600.20994] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.20994_none_c8a3295ae6faad36\ntoskrnl.exe
[7] 2011-10-19 . D60D9BCEAE5870A67E6C167F4681877B . 5562240 . . [6.1.7601.17592] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17592_none_c9fde71bcb054983\ntoskrnl.exe
[7] 2011-10-19 . 99C2715F138E7ED2F489AB796DD3B53C . 5562240 . . [6.1.7601.21701] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.21701_none_cae7d4cee3dad1a4\ntoskrnl.exe
[7] 2011-10-19 . E03A9AC0273182895DCB3693A36785C9 . 5509504 . . [6.1.7600.16792] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.16792_none_c8178a15cddedd97\ntoskrnl.exe
[7] 2011-10-19 . 240D89BBE5BCD168D748D6C12B6FE884 . 5475712 . . [6.1.7600.20941] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.20941_none_c8d63818e6d4d57c\ntoskrnl.exe
[7] 2011-10-19 . E2EA143288BFF3D6B3AEB88C3BC02DAF . 5510528 . . [6.1.7600.16695] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.16695_none_c81a890dcddc2c75\ntoskrnl.exe
[7] 2011-10-19 . E6FC5686F6BB6F0CEB1107E6D064A944 . 5477248 . . [6.1.7600.20826] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.20826_none_c8f0d77ce6c01f26\ntoskrnl.exe
[7] 2010-11-20 . C6CEC3E6CC9842B73501C70AA64C00FE . 5563776 . . [6.1.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17514_none_ca56670fcac29ca9\ntoskrnl.exe
[7] 2009-07-14 . 9E722B768E33D26AD8FA7D642E707443 . 5511248 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.16385_none_c8255347cdd4190f\ntoskrnl.exe
[-] 2013-01-05 . 3E7F9F95B170D4C8C2773ECED12AD8BF . 5553512 . . [6.1.7601.18044] .. c:\windows\system32\ntoskrnl.exe
.
[7] 2013-01-05 . B089270BACB16B8A1F0FDE1529DBFE65 . 3902312 . . [6.1.7600.17207] .. c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.17207_none_6c5f1f0a15341779\ntoskrnl.exe
[-] 2013-01-05 . 6E2C1BDCA2048FEC1FFC67BC621FDEEB . 3913064 . . [6.1.7601.18044] .. c:\windows\SysWOW64\ntoskrnl.exe
[-] 2013-01-05 . A3666E1F1F8A2873498076D3F4C6D1A0 . 3913064 . . [6.1.7601.18044] .. c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.18044_none_6e173b82127da724\ntoskrnl.exe
[7] 2013-01-05 . D93B06F0419392A2BEA3DDCFFB78FF37 . 3915112 . . [6.1.7600.21417] .. c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.21417_none_6cddedcf2e59d05b\ntoskrnl.exe
[7] 2013-01-05 . 2E083C7D9CA98B63FA8F8062874E9327 . 3916648 . . [6.1.7601.22210] .. c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.22210_none_6ebd48cf2b868ae6\ntoskrnl.exe
[7] 2012-08-30 . 60D216C90A0A306A2A1E69B9EC4A2BA7 . 3915632 . . [6.1.7600.21315] .. c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.21315_none_6cdbeb552e5ba086\ntoskrnl.exe
[7] 2012-08-30 . 8C8FC2396921C0F897721718ABD5E70B . 3902832 . . [6.1.7600.17118] .. c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.17118_none_6c554d82153b4f9a\ntoskrnl.exe
[7] 2012-08-30 . 948F0B444CB6CC35FE5F9DE52420CB95 . 3914096 . . [6.1.7601.17944] .. c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17944_none_6e176360127d73e2\ntoskrnl.exe
[7] 2012-08-30 . 5355A85D26EECFA3A68B1F55B0C59A20 . 3917168 . . [6.1.7601.22103] .. c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.22103_none_6ecb17b32b7bbdd3\ntoskrnl.exe
[7] 2012-05-04 . 3D58BF0B376A9968B70B9EB293BE3739 . 3902320 . . [6.1.7600.17017] .. c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.17017_none_6c544b52153c391c\ntoskrnl.exe
[7] 2012-05-04 . A37A39568C8EC9A17D1B7471445B81A8 . 3916656 . . [6.1.7601.21987] .. c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.21987_none_6e78bf732bb8d24e\ntoskrnl.exe
[7] 2012-05-04 . 53483A0B2DE3617E832F1DBAF9620F39 . 3913072 . . [6.1.7601.17835] .. c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17835_none_6e2331b012747421\ntoskrnl.exe
[7] 2012-05-04 . 7A77B0BB0E658AEDC1C99B6DBCB360A1 . 3915632 . . [6.1.7600.21207] .. c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.21207_none_6ce8b9ef2e51ba1c\ntoskrnl.exe
[7] 2012-04-02 . 678AD0F9DB55F9127851CD631456F483 . 3902320 . . [6.1.7600.16988] .. c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.16988_none_6c09c4061573e2c8\ntoskrnl.exe
[7] 2012-03-31 . D909EAFA618BC9DB2615303DA3D9C830 . 3915632 . . [6.1.7600.21179] .. c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.21179_none_6c9f09292e88b33a\ntoskrnl.exe
[7] 2012-03-31 . 28F44480E411C3DDF04B63F6560E6EF4 . 3913072 . . [6.1.7601.17803] .. c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17803_none_6e41a0e0125deda0\ntoskrnl.exe
[7] 2012-03-31 . 2E02A17E8965AD671E4987E503AD38B1 . 3916656 . . [6.1.7601.21955] .. c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.21955_none_6e972ea32ba24bcd\ntoskrnl.exe
[7] 2012-03-06 . 53B4BDEA12A032EEC71E60B6BFF42F37 . 3913072 . . [6.1.7601.17790] .. c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17790_none_6ddd4ed012a99fed\ntoskrnl.exe
[7] 2012-03-06 . 0FB535B17A519134C5F9867841B019AF . 3902320 . . [6.1.7600.16973] .. c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.16973_none_6c0f928015704824\ntoskrnl.exe
[7] 2012-03-06 . B83E403A94C4CB2D0576DD6945469D16 . 3915632 . . [6.1.7600.21163] .. c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.21163_none_6ca3d7592e85ff3f\ntoskrnl.exe
[7] 2012-03-06 . 57B7DE30C4E65AD19CA13AC3065EE60B . 3916656 . . [6.1.7601.21936] .. c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.21936_none_6eadcec52b912d42\ntoskrnl.exe
[7] 2011-10-19 . FB58ABD5E1F75A2CF713C9DFF0EC0804 . 3912576 . . [6.1.7601.17640] .. c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17640_none_6e135c8612811711\ntoskrnl.exe
[7] 2011-10-19 . 90EFDB506F6140EEA9DEE398D9449D86 . 3912576 . . [6.1.7601.21755] .. c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.21755_none_6e972ad72ba2517f\ntoskrnl.exe
[7] 2011-10-19 . DFB0E9F902FDAB7CD2E180E4072D45DD . 3902336 . . [6.1.7600.16841] .. c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.16841_none_6c2dffca1559c47c\ntoskrnl.exe
[7] 2011-10-19 . 638A384E9968036D42BDBDE499A1C8B8 . 3911552 . . [6.1.7600.20994] .. c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.20994_none_6c848dd72e9d3c00\ntoskrnl.exe
[7] 2011-10-19 . 5D21C487F79F8245E799071589E035BF . 3912576 . . [6.1.7601.17592] .. c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17592_none_6ddf4b9812a7d84d\ntoskrnl.exe
[7] 2011-10-19 . D385343510B75545EC5DB3A64C2D2492 . 3912576 . . [6.1.7601.21701] .. c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.21701_none_6ec9394b2b7d606e\ntoskrnl.exe
[7] 2011-10-19 . D9FD1D6337F15AAF2012C69909615DB5 . 3901824 . . [6.1.7600.16792] .. c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.16792_none_6bf8ee9215816c61\ntoskrnl.exe
[7] 2011-10-19 . 0F4A148499CC6FA5D84A0F1587869051 . 3911552 . . [6.1.7600.20941] .. c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.20941_none_6cb79c952e776446\ntoskrnl.exe
[7] 2011-10-19 . 776201760B5692F10DDA3BE85B54F213 . 3901824 . . [6.1.7600.16695] .. c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.16695_none_6bfbed8a157ebb3f\ntoskrnl.exe
[7] 2011-10-19 . C6169F5FDC8399E0C6C0729AB6EF2EF8 . 3911552 . . [6.1.7600.20826] .. c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.20826_none_6cd23bf92e62adf0\ntoskrnl.exe
[7] 2010-11-20 . 2088D9994332583EDB3C561DE31EA5AD . 3911040 . . [6.1.7601.17514] .. c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17514_none_6e37cb8c12652b73\ntoskrnl.exe
[7] 2009-07-14 . B9D673F7707219DFD264891A26C21ECB . 3899472 . . [6.1.7600.16385] .. c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.16385_none_6c06b7c41576a7d9\ntoskrnl.exe
.
(((((((((((((((((((((((((((((((((   Points de chargement Reg   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2012-11-08 17:32	220632	----a-w-	c:\users\olivier\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2012-11-08 17:32	220632	----a-w-	c:\users\olivier\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2012-11-08 17:32	220632	----a-w-	c:\users\olivier\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM"="c:\programdata\FLEXnet\Connect\11\ISUSPM.exe" [2009-05-05 222496]
"RocketDock"="c:\program files (x86)\RocketDock\RocketDock.exe" [2007-09-02 495616]
"OrangeInside"="c:\users\olivier\AppData\Roaming\Orange\OrangeInside\one\OrangeInside.exe" [2012-11-16 1530520]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ASUSPRP"="c:\program files (x86)\ASUS\APRP\APRP.EXE" [2011-10-19 3331312]
"ASUSWebStorage"="c:\program files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe" [2011-07-29 737104]
"ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2010-08-17 5732992]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2010-10-07 170624]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"Wireless Console 3"="c:\program files (x86)\ASUS\Wireless Console 3\wcourier.exe" [2010-09-23 1601536]
"AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2012-06-25 1073352]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
.
c:\users\olivier\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Rainmeter.lnk - c:\program files\Rainmeter\Rainmeter.exe [2012-12-9 41136]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
AsusVibeLauncher.lnk - c:\program files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe [2011-10-19 549040]
WDDMStatus.lnk - c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe [2009-11-13 2119488]
WDSmartWare.lnk - c:\program files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe [2009-11-13 9117504]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"HideClock "= 1 (0x1)
"HideSCAPower "= 1 (0x1)
"HideSCANetwork"= 1 (0x1)
"HideSCAVolume"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 Orange update Core Service;Orange update Core Service;c:\program files (x86)\Orange\OrangeUpdate\Service\OUCore.exe [2012-09-18 1082016]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
R3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504]
R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2012-08-09 1255736]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys [2009-02-13 14464]
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [2012-03-14 62496]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [2012-10-08 30056]
S1 ATKWMIACPIIO;ATKWMIACPI Driver;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2010-07-26 17024]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-12-05 283200]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2012-03-14 209768]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2012-03-14 148528]
S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys [2012-03-14 38288]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [2010-11-30 379520]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [2012-03-07 913144]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-12-14 398184]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-14 682344]
S2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-10-02 3064000]
S2 TomTomHOMEService;TomTomHOMEService;c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2012-12-05 92632]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [2010-11-29 16120]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-10-06 2655768]
S2 WDDMService;WD SmartWare Drive Manager Service;c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [2009-11-13 129536]
S2 WDSmartWareBackgroundService;WD SmartWare Background Service;c:\program files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [2009-06-16 20480]
S3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [2010-08-11 44032]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-14 317440]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [2010-08-24 76912]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-12-14 24176]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys [2010-10-14 1147232]
S3 Point64;Microsoft Mouse and Keyboard Center Filter Driver;c:\windows\system32\DRIVERS\point64.sys [2012-06-26 46176]
.
.
Contenu du dossier 'Tâches planifiées'
.
2013-02-16 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-12 17:27]
.
2013-02-16 c:\windows\Tasks\GlaryInitialize.job
- c:\program files (x86)\Glary Utilities\initialize.exe [2012-08-09 14:58]
.
2013-02-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-09-09 09:55]
.
2013-02-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-09-09 09:55]
.
2013-02-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-785524233-2855249315-1631952545-1001Core.job
- c:\users\olivier\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-09 16:28]
.
2013-02-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-785524233-2855249315-1631952545-1001UA.job
- c:\users\olivier\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-09 16:28]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2012-11-08 17:32	244696	----a-w-	c:\users\olivier\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2012-11-08 17:32	244696	----a-w-	c:\users\olivier\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2012-11-08 17:32	244696	----a-w-	c:\users\olivier\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2011-05-25 07:09	227840	----a-w-	c:\program files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2011-05-25 07:09	227840	----a-w-	c:\program files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2010-08-11 324096]
"IntelTBRunOnce"="wscript.exe" [2009-07-14 168960]
"IntelliType Pro"="c:\program files\Microsoft Device Center\itype.exe" [2012-06-26 1464928]
"IntelliPoint"="c:\program files\Microsoft Device Center\ipoint.exe" [2012-06-26 2004584]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2012-03-07 4081008]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-09-20 444904]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-03-01 2189416]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-12-14 172144]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-12-14 399984]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-12-14 441968]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Examen supplémentaire -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://r.orange.fr/r/Ohome_portail?ref=O_OI_defaultPage_IE
mDefault_Page_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com
IE: ajouter cette page à vos favoris Orange - c:\users\olivier\AppData\Roaming\Orange\OrangeInside\src\addfavorites_html\addfavorites.html
IE: E&xporter vers Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: envoyer le texte sélectionné par sms - c:\users\olivier\AppData\Roaming\Orange\OrangeInside\src\sendsmsselectedtext_html\sendsmsselectedtext.html
IE: envoyer par sms - c:\users\olivier\AppData\Roaming\Orange\OrangeInside\src\sendsms_html\sendsms.html
IE: envoyer un mail - c:\users\olivier\AppData\Roaming\Orange\OrangeInside\src\sendmail_html\sendmail.html
IE: orange.fr - c:\users\olivier\AppData\Roaming\Orange\OrangeInside\src\orange_html\orange.html
IE: rechercher le texte sélectionné - c:\users\olivier\AppData\Roaming\Orange\OrangeInside\src\selectedsearch_html\selectedsearch.html
IE: traduire la page - c:\users\olivier\AppData\Roaming\Orange\OrangeInside\src\translate_html\translate.html
IE: traduire le texte sélectionné - c:\users\olivier\AppData\Roaming\Orange\OrangeInside\src\translateSelectedText_html\translateSelectedText.html
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\olivier\AppData\Roaming\Mozilla\Firefox\Profiles\tyjvqwe4.default\
FF - prefs.js: browser.search.defaulturl - 
FF - prefs.js: browser.search.selectedEngine - Orange
FF - prefs.js: browser.startup.homepage - hxxp://r.orange.fr/r/Ohome_portail?ref=O_OI_defaultPage_FF
FF - prefs.js: network.proxy.type - 4
.
- - - - ORPHELINS SUPPRIMES - - - -
.
Toolbar-Locked - (no file)
Toolbar-Locked - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
HKLM-Run-SynAsusAcpi - c:\program files (x86)\Synaptics\SynTP\SynAsusAcpi.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_USERS\S-1-5-21-785524233-2855249315-1631952545-1001_Classes\Wow6432Node\CLSID\{5509cd8e-2d7a-46bd-8a70-65d2d839d02a}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"Model"=dword:0000014a
"Therad"=dword:0000001b
.
[HKEY_USERS\S-1-5-21-785524233-2855249315-1631952545-1001_Classes\Wow6432Node\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"scansk"=hex(0):f2,39,ea,20,43,14,5e,5d,51,f5,48,21,23,2f,a6,c9,a1,39,6b,98,de,
   8c,75,4a,c8,04,83,a6,95,cf,54,ae,b8,31,85,3e,4c,68,71,db,00,00,00,00,00,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_149_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_149_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_149_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_149_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_149.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_149.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_149.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_149.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Autres processus actifs ------------------------
.
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
c:\program files (x86)\DAEMON Tools Pro\DTShellHlp.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\windows\SysWOW64\DllHost.exe
c:\progra~2\Orange\ASSIST~1\ASSIST~1.EXE
c:\program files (x86)\ASUS\ASUS Live Update\ALU.exe
c:\progra~2\Orange\ASSIST~1\dist\ST2.exe
.
**************************************************************************
.
Heure de fin: 2013-02-16  17:08:21 - La machine a redémarré
ComboFix-quarantined-files.txt  2013-02-16 16:08
.
Avant-CF: 118 045 016 064 octets libres
Après-CF: 117 768 208 384 octets libres
.
- - End Of File - - 0921A0D604916F971BD7ED2E069A9C9F