Publicité
Publicité
Format du document : text/plain
Prévisualisation
ComboFix 14-04-30.01 - PATRICK 04/05/2014 12:48:48.1.2 - x64
Microsoft Windows�7 �dition Familiale Premium 6.1.7601.1.1252.33.1036.18.3932.1282 [GMT 2:00]
Lanc� depuis: C:\Users\PATRICK\Downloads\ComboFix.exe
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
C:\Users\PATRICK\OneLoupe.exe
((((((((((((((((((((((((((((( Fichiers cr��s du 2014-04-04 au 2014-05-04 ))))))))))))))))))))))))))))))))))))
2014-05-04 10:59:19 . 2014-05-04 10:59:19 -------- d-----w- C:\Users\DefaultAppPool\AppData\Local\temp
2014-05-04 10:59:19 . 2014-05-04 10:59:19 -------- d-----w- C:\Users\Default\AppData\Local\temp
2014-04-30 21:53:30 . 2014-04-30 22:24:04 -------- d-----w- C:\Program Files (x86)\Magicboss
2014-04-30 19:01:57 . 2014-04-30 19:01:57 -------- d-----w- C:\Users\PATRICK\AppData\Roaming\MPC-HC
2014-04-29 17:34:59 . 2014-05-01 17:55:17 512 ----a-w- C:\PhysicalDisk0_MBR.bin
2014-04-29 17:30:18 . 2014-05-01 17:53:02 -------- d-----w- C:\Users\PATRICK\AppData\Roaming\ZHP
2014-04-29 16:50:06 . 2014-04-29 16:50:06 -------- d-----w- C:\Users\PATRICK\AppData\Roaming\Infected Scanner
2014-04-29 14:05:45 . 2014-04-29 14:06:35 -------- d-----w- C:\Program Files (x86)\Satsuki Decoder Pack
2014-04-29 13:45:14 . 2014-04-29 13:51:18 699 ----a-w- C:\Users\PATRICK\codes.bat
2014-04-26 11:56:38 . 2014-03-12 14:00:52 338120 ----a-w- C:\Windows\system32\SecureAssist64.dll
2014-04-26 11:53:58 . 2014-04-26 16:49:33 -------- d-----w- C:\temp
2014-04-26 11:51:58 . 2014-04-27 10:27:53 -------- d-----w- C:\Program Files\003
2014-04-23 03:27:21 . 2014-05-03 01:54:17 75888 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{2DF0421E-C103-42E1-8CF9-6E2FCFBFB45D}\offreg.dll
2014-04-23 03:25:29 . 2014-04-17 03:31:46 10651704 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{2DF0421E-C103-42E1-8CF9-6E2FCFBFB45D}\mpengine.dll
2014-04-22 21:35:09 . 2014-04-22 21:35:05 29208 ----a-w- C:\Windows\system32\drivers\aswHwid.sys
2014-04-22 21:35:04 . 2014-04-22 21:35:04 43152 ----a-w- C:\Windows\avastSS.scr
2014-04-18 14:48:52 . 2014-04-18 14:48:52 -------- d-----w- C:\Program Files (x86)\UnH Solutions
2014-04-18 14:43:16 . 2014-04-18 14:43:59 -------- d-----w- C:\Users\PATRICK\AppData\Roaming\Youtube Downloader HD
2014-04-18 14:43:03 . 2014-04-18 14:43:07 -------- d-----w- C:\Program Files (x86)\Youtube Downloader HD
2014-04-14 16:04:52 . 2014-04-14 16:05:09 -------- d-----w- C:\Windows\SysWow64\Adobe
2014-04-07 12:14:39 . 2014-04-07 12:14:39 -------- d-----w- C:\Program Files (x86)\Meccano
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
2014-05-02 13:34:17 . 2012-03-14 08:57:55 70832 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-05-02 13:34:17 . 2012-03-14 08:57:55 692400 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-04-22 21:35:05 . 2013-12-24 12:28:30 85328 ----a-w- C:\Windows\system32\drivers\aswstm.sys
2014-04-22 21:35:05 . 2013-03-05 11:33:51 208416 ----a-w- C:\Windows\system32\drivers\aswVmm.sys
2014-04-22 21:35:05 . 2013-03-05 11:33:50 65776 ----a-w- C:\Windows\system32\drivers\aswRvrt.sys
2014-04-22 21:35:05 . 2012-08-30 18:03:49 423240 ----a-w- C:\Windows\system32\drivers\aswsp.sys
2014-04-22 21:35:05 . 2012-08-30 18:03:48 93568 ----a-w- C:\Windows\system32\drivers\aswRdr2.sys
2014-04-22 21:35:05 . 2012-08-30 18:03:46 1039096 ----a-w- C:\Windows\system32\drivers\aswSnx.sys
2014-04-22 21:35:05 . 2012-08-30 18:03:40 79184 ----a-w- C:\Windows\system32\drivers\aswMonFlt.sys
2014-04-22 21:35:05 . 2012-08-30 18:03:40 334648 ----a-w- C:\Windows\system32\aswBoot.exe
2014-03-21 09:46:46 . 2014-03-21 09:46:46 152848 ----a-w- C:\Windows\SysWow64\comdlg32.ocx
2014-03-11 15:46:36 . 2014-03-11 15:46:36 82432 ----a-w- C:\Users\PATRICK\AppData\Roaming\Microsoft\MSXML2\msxml4r.dll
2014-03-11 15:46:36 . 2014-03-11 15:46:36 44544 ----a-w- C:\Users\PATRICK\AppData\Roaming\Microsoft\MSXML2\msxml4a.dll
2014-03-11 15:46:36 . 2014-03-11 15:46:36 1275392 ----a-w- C:\Users\PATRICK\AppData\Roaming\Microsoft\MSXML2\msxml4.dll
2014-02-18 04:45:55 . 2012-09-04 03:59:04 88567024 ----a-w- C:\Windows\system32\MRT.exe
2014-02-08 10:28:53 . 2012-12-04 18:49:42 61440 ----a-r- C:\Users\PATRICK\AppData\Roaming\Microsoft\Installer\{11953C65-BB4E-4CA4-B0F0-2600A4B20040}\ARPPRODUCTICON.exe
2014-02-06 12:16:01 . 2014-02-14 05:43:52 23170048 ----a-w- C:\Windows\system32\mshtml.dll
2014-02-06 11:30:46 . 2014-02-14 05:44:06 2724864 ----a-w- C:\Windows\system32\mshtml.tlb
2014-02-06 11:30:12 . 2014-02-14 05:43:59 4096 ----a-w- C:\Windows\system32\ieetwcollectorres.dll
2014-02-06 11:12:09 . 2014-02-14 05:43:48 2765824 ----a-w- C:\Windows\system32\iertutil.dll
2014-02-06 11:07:39 . 2014-02-14 05:43:55 66048 ----a-w- C:\Windows\system32\iesetup.dll
2014-02-06 11:06:47 . 2014-02-14 05:43:54 48640 ----a-w- C:\Windows\system32\ieetwproxystub.dll
2014-02-06 10:57:16 . 2014-02-14 05:43:58 53760 ----a-w- C:\Windows\system32\jsproxy.dll
2014-02-06 10:56:03 . 2014-02-14 05:43:59 33792 ----a-w- C:\Windows\system32\iernonce.dll
2014-02-06 10:52:11 . 2014-02-14 05:44:02 574976 ----a-w- C:\Windows\system32\ieui.dll
2014-02-06 10:49:03 . 2014-02-14 05:43:56 139264 ----a-w- C:\Windows\system32\ieUnatt.exe
2014-02-06 10:48:45 . 2014-02-14 05:43:54 111616 ----a-w- C:\Windows\system32\ieetwcollector.exe
2014-02-06 10:48:11 . 2014-02-14 05:43:52 708608 ----a-w- C:\Windows\system32\jscript9diag.dll
2014-02-06 10:32:49 . 2014-02-14 05:44:00 218624 ----a-w- C:\Windows\system32\ie4uinit.exe
2014-02-06 10:20:26 . 2014-02-14 05:44:06 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-02-06 10:17:15 . 2014-02-14 05:44:04 195584 ----a-w- C:\Windows\system32\msrating.dll
2014-02-06 10:11:37 . 2014-02-14 05:43:35 5768704 ----a-w- C:\Windows\system32\jscript9.dll
2014-02-06 10:01:36 . 2014-02-14 05:43:56 61952 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-02-06 10:00:46 . 2014-02-14 05:43:54 51200 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2014-02-06 09:57:13 . 2014-02-14 05:43:57 627200 ----a-w- C:\Windows\system32\msfeeds.dll
2014-02-06 09:50:32 . 2014-02-14 05:43:43 2041856 ----a-w- C:\Windows\system32\inetcpl.cpl
2014-02-06 09:47:22 . 2014-02-14 05:43:56 112128 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2014-02-06 09:46:27 . 2014-02-14 05:43:52 553472 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2014-02-06 09:25:36 . 2014-02-14 05:43:35 4244480 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-02-06 09:24:52 . 2014-02-14 05:43:46 2334208 ----a-w- C:\Windows\system32\wininet.dll
2014-02-06 09:22:13 . 2014-02-14 05:43:40 13051392 ----a-w- C:\Windows\system32\ieframe.dll
2014-02-06 09:09:30 . 2014-02-14 05:43:43 1964032 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-02-06 08:55:46 . 2014-02-14 05:43:45 1393664 ----a-w- C:\Windows\system32\urlmon.dll
2014-02-06 08:41:35 . 2014-02-14 05:43:47 1820160 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-02-06 08:40:06 . 2014-02-14 05:43:51 817664 ----a-w- C:\Windows\system32\ieapfltr.dll
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
*Note* les �l�ments vides & les �l�ments initiaux l�gitimes ne sont pas list�s
REGEDIT4
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2014-04-05 04:40:37 223432 ----a-w- C:\Users\PATRICK\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2014-04-05 04:40:37 223432 ----a-w- C:\Users\PATRICK\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2014-04-05 04:40:37 223432 ----a-w- C:\Users\PATRICK\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"="C:\Program Files (x86)\RocketDock\RocketDock.exe" [2007-09-02 11:58:52 495616]
"MyTomTomSA.exe"="C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe" [2013-01-07 12:42:10 451656]
"UberIcon"="C:\Program Files (x86)\UberIcon\UberIcon Manager.exe" [2007-08-17 18:10:04 159744]
"DAEMON Tools Pro Agent"="C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" [2012-10-23 08:25:10 3108480]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2010-11-21 03:24:51 1475584]
"ApplePhotoStreams"="C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe" [2013-11-20 14:43:14 59720]
"SkyDrive"="C:\Users\PATRICK\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" [2014-04-05 04:40:35 257224]
"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe" [2014-02-10 16:46:14 20922016]
"CCleaner"="C:\Program Files\CCleaner\CCleaner64.exe" [2014-04-17 16:53:08 6152472]
"NumCapsScroll Indicator"="C:\Users\PATRICK\Downloads\NumCapsScroll Indicator\NumCapsScroll Indicator.exe" [2011-06-01 17:29:10 1431818]
"KeyboardLeds.exe"="C:\Program Files (x86)\Keyboard LEDs\KeyboardLeds.exe" [2012-09-06 00:46:12 912896]
"Magic Boss Key"="C:\Program Files (x86)\Magicboss\mgboss.exe" [2011-02-23 13:17:16 355840]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"LManager"="C:\Program Files (x86)\Launch Manager\LManager.exe" [2012-03-02 07:59:24 1106512]
"APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2014-02-12 19:57:54 43848]
"EEventManager"="C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe" [2009-12-03 09:12:12 976320]
"Nikon Message Center 2"="C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe" [2011-10-30 14:44:36 571392]
"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 16:57:26 959904]
"WTClient"="WTClient.exe" [2013-03-04 12:24:03 40960]
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 07:16:26 254336]
"AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe" [2014-04-22 21:35:00 3873704]
"QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe" [2014-01-17 15:24:00 421888]
"iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe" [2014-02-21 02:54:40 152392]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableSecureUIAPath"= 1 (0x1)
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux7"=wdmaud.drv
R2 aswStm;aswStm;C:\Windows\system32\drivers\aswStm.sys;C:\Windows\SYSNATIVE\drivers\aswStm.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 KinoniSvc;Kinoni Service;C:\Program Files (x86)\Kinoni\EpocCam_and_Barcode_drivers\KinoniSvc.exe;C:\Program Files (x86)\Kinoni\EpocCam_and_Barcode_drivers\KinoniSvc.exe [x]
R2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe;C:\Program Files (x86)\Skype\Updater\Updater.exe [x]
R3 BthAudioHF;Service BthAudioHF;C:\Windows\system32\DRIVERS\BthAudioHF.sys;C:\Windows\SYSNATIVE\DRIVERS\BthAudioHF.sys [x]
R3 BthAvrcp;Profil AVRCP Bluetooth;C:\Windows\system32\DRIVERS\BthAvrcp.sys;C:\Windows\SYSNATIVE\DRIVERS\BthAvrcp.sys [x]
R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\system32\DRIVERS\clwvd.sys;C:\Windows\SYSNATIVE\DRIVERS\clwvd.sys [x]
R3 csr_a2dp;Profil AV Bluetooth;C:\Windows\system32\drivers\bthav.sys;C:\Windows\SYSNATIVE\drivers\bthav.sys [x]
R3 DCDhcpService;DCDhcpService;C:\Program Files (x86)\Packard Bell\WDAgent\DCDhcpService.exe;C:\Program Files (x86)\Packard Bell\WDAgent\DCDhcpService.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\system32\IEEtwCollector.exe;C:\Windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 JLTECH0227;Dual Mode Camera;C:\Windows\system32\Drivers\jl2005c.sys;C:\Windows\SYSNATIVE\Drivers\jl2005c.sys [x]
R3 ma-config_amd64;ma-config_amd64;C:\Program Files\ma-config.com\Drivers\ma-config_amd64.sys;C:\Program Files\ma-config.com\Drivers\ma-config_amd64.sys [x]
R3 ManyCam;ManyCam Virtual Webcam;C:\Windows\system32\DRIVERS\mcvidrv.sys;C:\Windows\SYSNATIVE\DRIVERS\mcvidrv.sys [x]
R3 mcaudrv_simple;ManyCam Virtual Microphone;C:\Windows\system32\drivers\mcaudrv_x64.sys;C:\Windows\SYSNATIVE\drivers\mcaudrv_x64.sys [x]
R3 Netaapl;Apple Mobile Device Ethernet Service;C:\Windows\system32\DRIVERS\netaapl64.sys;C:\Windows\SYSNATIVE\DRIVERS\netaapl64.sys [x]
R3 PAC207;SoC PC-Camera;C:\Windows\system32\DRIVERS\PFC027.SYS;C:\Windows\SYSNATIVE\DRIVERS\PFC027.SYS [x]
R3 PTSimHid;PenTablet Simulated HID MiniDriver;C:\Windows\system32\DRIVERS\PTSimHid.sys;C:\Windows\SYSNATIVE\DRIVERS\PTSimHid.sys [x]
R3 RTL8192cu;Realtek RTL8192CU Wireless LAN 802.11n USB 2.0 Network Adapter;C:\Windows\system32\DRIVERS\rtwlanu.sys;C:\Windows\SYSNATIVE\DRIVERS\rtwlanu.sys [x]
R3 ss_bbus;SAMSUNG USB Mobile Device (WDM);C:\Windows\system32\DRIVERS\ss_bbus.sys;C:\Windows\SYSNATIVE\DRIVERS\ss_bbus.sys [x]
R3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);C:\Windows\system32\DRIVERS\ss_bmdfl.sys;C:\Windows\SYSNATIVE\DRIVERS\ss_bmdfl.sys [x]
R3 ss_bmdm;SAMSUNG USB Mobile Modem;C:\Windows\system32\DRIVERS\ss_bmdm.sys;C:\Windows\SYSNATIVE\DRIVERS\ss_bmdm.sys [x]
R3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys;C:\Windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys;C:\Windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Service Windows Activation Technologies;C:\Windows\system32\Wat\WatAdminSvc.exe;C:\Windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S1 aswKbd;aswKbd; [x]
S1 aswSnx;aswSnx;C:\Windows\system32\drivers\aswSnx.sys;C:\Windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;C:\Windows\system32\drivers\aswSP.sys;C:\Windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\system32\DRIVERS\dtsoftbus01.sys;C:\Windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe;C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [x]
S2 aswHwid;avast! HardwareID;C:\Windows\system32\drivers\aswHwid.sys;C:\Windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;C:\Windows\system32\drivers\aswMonFlt.sys;C:\Windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 DsiWMIService;Dritek WMI Service;C:\Program Files (x86)\Launch Manager\dsiwmis.exe;C:\Program Files (x86)\Launch Manager\dsiwmis.exe [x]
S2 ePowerSvc;ePower Service;C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe;C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [x]
S2 GREGService;GREGService;C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe;C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe [x]
S2 HFGService;Handsfree Headset Service;C:\Windows\system32\svchost.exe;C:\Windows\SYSNATIVE\svchost.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe;C:\Program Files\Intel\iCLS Client\HeciServer.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 Live Updater Service;Live Updater Service;C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe;C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [x]
S2 MaConfigAgent;Ma-Config Agent;C:\Program Files\ma-config.com\MaConfigAgent.exe;C:\Program Files\ma-config.com\MaConfigAgent.exe [x]
S2 TeamViewer9;TeamViewer 9;C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe;C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [x]
S3 b57xdbd;Broadcom xD Picture Bus Driver Service;C:\Windows\system32\DRIVERS\b57xdbd.sys;C:\Windows\SYSNATIVE\DRIVERS\b57xdbd.sys [x]
S3 b57xdmp;Broadcom xD Picture vstorp client drv;C:\Windows\system32\DRIVERS\b57xdmp.sys;C:\Windows\SYSNATIVE\DRIVERS\b57xdmp.sys [x]
S3 bScsiMSa;bScsiMSa;C:\Windows\system32\DRIVERS\bScsiMSa.sys;C:\Windows\SYSNATIVE\DRIVERS\bScsiMSa.sys [x]
S3 bScsiSDa;bScsiSDa;C:\Windows\system32\DRIVERS\bScsiSDa.sys;C:\Windows\SYSNATIVE\DRIVERS\bScsiSDa.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;C:\Windows\system32\DRIVERS\ETD.sys;C:\Windows\SYSNATIVE\DRIVERS\ETD.sys [x]
S3 InputFilter_Hid_FlexDef2b;Siliten HID Devices(FlexDef2b) Driver Service;C:\Windows\system32\DRIVERS\InputFilter_FlexDef2b.sys;C:\Windows\SYSNATIVE\DRIVERS\InputFilter_FlexDef2b.sys [x]
S3 IntcDAud;Son Intel(R) pour �crans;C:\Windows\system32\DRIVERS\IntcDAud.sys;C:\Windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;C:\Windows\system32\DRIVERS\k57nd60a.sys;C:\Windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x]
S3 PTSimBus;PenTablet Bus Enumerator;C:\Windows\system32\DRIVERS\PTSimBus.sys;C:\Windows\SYSNATIVE\DRIVERS\PTSimBus.sys [x]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys;C:\Windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
S3 WSDScan;Prise en charge de la num�risation WSD via UMB;C:\Windows\system32\DRIVERS\WSDScan.sys;C:\Windows\SYSNATIVE\DRIVERS\WSDScan.sys [x]
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
iissvcs REG_MULTI_SZ w3svc was
apphost REG_MULTI_SZ apphostsvc
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-04-25 06:55:24 1078088 ----a-w- C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\Installer\chrmstp.exe
Contenu du dossier 'T�ches planifi�es'
2014-05-04 C:\Windows\Tasks\Adobe Flash Player Updater.job
- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-14 08:57:55 . 2014-05-02 13:34:17]
2014-05-04 C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-14 06:24:51 . 2013-05-14 06:24:48]
2014-05-04 C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-14 06:24:51 . 2013-05-14 06:24:48]
2014-05-03 C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3216922189-3069402670-1419407614-1000Core.job
- C:\Users\PATRICK\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-30 17:23:49 . 2012-08-30 17:23:48]
2014-05-04 C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3216922189-3069402670-1419407614-1000UA.job
- C:\Users\PATRICK\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-30 17:23:49 . 2012-08-30 17:23:48]
--------- X64 Entries -----------
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2014-04-05 04:40:48 262344 ----a-w- C:\Users\PATRICK\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2014-04-05 04:40:48 262344 ----a-w- C:\Users\PATRICK\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2014-04-05 04:40:48 262344 ----a-w- C:\Users\PATRICK\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-04-22 21:35:05 290888 ----a-w- C:\Program Files\AVAST Software\Avast\ashShA64.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="C:\Windows\system32\igfxtray.exe" [2012-02-20 04:18:16 170264]
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe" [2012-02-20 04:18:10 398616]
"Persistence"="C:\Windows\system32\igfxpers.exe" [2012-02-20 04:18:14 440600]
"Power Management"="C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe" [2012-02-07 15:53:48 1829768]
"RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-06-11 09:28:02 12503184]
"ClocX"="C:\Program Files\ClocX\ClocX.exe" [2013-01-14 16:01:00 2713600]
"Monitor"="C:\Windows\PixArt\PAC207\Monitor.exe" [2006-11-03 10:01:16 319488]
------- Examen suppl�mentaire -------
uStart Page = about:blank
uLocal Page = C:\Windows\system32\blank.htm
mStart Page = about:blank
mLocal Page = C:\Windows\SysWOW64\blank.htm
mDefault_Page_URL = hxxp://www.google.com
uInternet Settings,ProxyOverride = *.local
IE: E&xporter vers Microsoft Excel - C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - C:\Users\PATRICK\AppData\Roaming\Mozilla\Firefox\Profiles\11jsoyw0.default\
FF - prefs.js: browser.search.selectedEngine -
- - - - ORPHELINS SUPPRIMES - - - -
Toolbar-Locked - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
ShellIconOverlayIdentifiers-{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} - (no file)
HKLM-Run-ETDCtrl - C:\Program Files (x86)\Elantech\ETDCtrl.exe
AddRemove-3ae45191-685e-47ec-a3aa-2014761040f0 - C:\PROGRA~3\INSTAL~2\{5C18E~1\Setup.exe
Microsoft Windows�7 �dition Familiale Premium 6.1.7601.1.1252.33.1036.18.3932.1282 [GMT 2:00]
Lanc� depuis: C:\Users\PATRICK\Downloads\ComboFix.exe
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
C:\Users\PATRICK\OneLoupe.exe
((((((((((((((((((((((((((((( Fichiers cr��s du 2014-04-04 au 2014-05-04 ))))))))))))))))))))))))))))))))))))
2014-05-04 10:59:19 . 2014-05-04 10:59:19 -------- d-----w- C:\Users\DefaultAppPool\AppData\Local\temp
2014-05-04 10:59:19 . 2014-05-04 10:59:19 -------- d-----w- C:\Users\Default\AppData\Local\temp
2014-04-30 21:53:30 . 2014-04-30 22:24:04 -------- d-----w- C:\Program Files (x86)\Magicboss
2014-04-30 19:01:57 . 2014-04-30 19:01:57 -------- d-----w- C:\Users\PATRICK\AppData\Roaming\MPC-HC
2014-04-29 17:34:59 . 2014-05-01 17:55:17 512 ----a-w- C:\PhysicalDisk0_MBR.bin
2014-04-29 17:30:18 . 2014-05-01 17:53:02 -------- d-----w- C:\Users\PATRICK\AppData\Roaming\ZHP
2014-04-29 16:50:06 . 2014-04-29 16:50:06 -------- d-----w- C:\Users\PATRICK\AppData\Roaming\Infected Scanner
2014-04-29 14:05:45 . 2014-04-29 14:06:35 -------- d-----w- C:\Program Files (x86)\Satsuki Decoder Pack
2014-04-29 13:45:14 . 2014-04-29 13:51:18 699 ----a-w- C:\Users\PATRICK\codes.bat
2014-04-26 11:56:38 . 2014-03-12 14:00:52 338120 ----a-w- C:\Windows\system32\SecureAssist64.dll
2014-04-26 11:53:58 . 2014-04-26 16:49:33 -------- d-----w- C:\temp
2014-04-26 11:51:58 . 2014-04-27 10:27:53 -------- d-----w- C:\Program Files\003
2014-04-23 03:27:21 . 2014-05-03 01:54:17 75888 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{2DF0421E-C103-42E1-8CF9-6E2FCFBFB45D}\offreg.dll
2014-04-23 03:25:29 . 2014-04-17 03:31:46 10651704 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{2DF0421E-C103-42E1-8CF9-6E2FCFBFB45D}\mpengine.dll
2014-04-22 21:35:09 . 2014-04-22 21:35:05 29208 ----a-w- C:\Windows\system32\drivers\aswHwid.sys
2014-04-22 21:35:04 . 2014-04-22 21:35:04 43152 ----a-w- C:\Windows\avastSS.scr
2014-04-18 14:48:52 . 2014-04-18 14:48:52 -------- d-----w- C:\Program Files (x86)\UnH Solutions
2014-04-18 14:43:16 . 2014-04-18 14:43:59 -------- d-----w- C:\Users\PATRICK\AppData\Roaming\Youtube Downloader HD
2014-04-18 14:43:03 . 2014-04-18 14:43:07 -------- d-----w- C:\Program Files (x86)\Youtube Downloader HD
2014-04-14 16:04:52 . 2014-04-14 16:05:09 -------- d-----w- C:\Windows\SysWow64\Adobe
2014-04-07 12:14:39 . 2014-04-07 12:14:39 -------- d-----w- C:\Program Files (x86)\Meccano
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
2014-05-02 13:34:17 . 2012-03-14 08:57:55 70832 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-05-02 13:34:17 . 2012-03-14 08:57:55 692400 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-04-22 21:35:05 . 2013-12-24 12:28:30 85328 ----a-w- C:\Windows\system32\drivers\aswstm.sys
2014-04-22 21:35:05 . 2013-03-05 11:33:51 208416 ----a-w- C:\Windows\system32\drivers\aswVmm.sys
2014-04-22 21:35:05 . 2013-03-05 11:33:50 65776 ----a-w- C:\Windows\system32\drivers\aswRvrt.sys
2014-04-22 21:35:05 . 2012-08-30 18:03:49 423240 ----a-w- C:\Windows\system32\drivers\aswsp.sys
2014-04-22 21:35:05 . 2012-08-30 18:03:48 93568 ----a-w- C:\Windows\system32\drivers\aswRdr2.sys
2014-04-22 21:35:05 . 2012-08-30 18:03:46 1039096 ----a-w- C:\Windows\system32\drivers\aswSnx.sys
2014-04-22 21:35:05 . 2012-08-30 18:03:40 79184 ----a-w- C:\Windows\system32\drivers\aswMonFlt.sys
2014-04-22 21:35:05 . 2012-08-30 18:03:40 334648 ----a-w- C:\Windows\system32\aswBoot.exe
2014-03-21 09:46:46 . 2014-03-21 09:46:46 152848 ----a-w- C:\Windows\SysWow64\comdlg32.ocx
2014-03-11 15:46:36 . 2014-03-11 15:46:36 82432 ----a-w- C:\Users\PATRICK\AppData\Roaming\Microsoft\MSXML2\msxml4r.dll
2014-03-11 15:46:36 . 2014-03-11 15:46:36 44544 ----a-w- C:\Users\PATRICK\AppData\Roaming\Microsoft\MSXML2\msxml4a.dll
2014-03-11 15:46:36 . 2014-03-11 15:46:36 1275392 ----a-w- C:\Users\PATRICK\AppData\Roaming\Microsoft\MSXML2\msxml4.dll
2014-02-18 04:45:55 . 2012-09-04 03:59:04 88567024 ----a-w- C:\Windows\system32\MRT.exe
2014-02-08 10:28:53 . 2012-12-04 18:49:42 61440 ----a-r- C:\Users\PATRICK\AppData\Roaming\Microsoft\Installer\{11953C65-BB4E-4CA4-B0F0-2600A4B20040}\ARPPRODUCTICON.exe
2014-02-06 12:16:01 . 2014-02-14 05:43:52 23170048 ----a-w- C:\Windows\system32\mshtml.dll
2014-02-06 11:30:46 . 2014-02-14 05:44:06 2724864 ----a-w- C:\Windows\system32\mshtml.tlb
2014-02-06 11:30:12 . 2014-02-14 05:43:59 4096 ----a-w- C:\Windows\system32\ieetwcollectorres.dll
2014-02-06 11:12:09 . 2014-02-14 05:43:48 2765824 ----a-w- C:\Windows\system32\iertutil.dll
2014-02-06 11:07:39 . 2014-02-14 05:43:55 66048 ----a-w- C:\Windows\system32\iesetup.dll
2014-02-06 11:06:47 . 2014-02-14 05:43:54 48640 ----a-w- C:\Windows\system32\ieetwproxystub.dll
2014-02-06 10:57:16 . 2014-02-14 05:43:58 53760 ----a-w- C:\Windows\system32\jsproxy.dll
2014-02-06 10:56:03 . 2014-02-14 05:43:59 33792 ----a-w- C:\Windows\system32\iernonce.dll
2014-02-06 10:52:11 . 2014-02-14 05:44:02 574976 ----a-w- C:\Windows\system32\ieui.dll
2014-02-06 10:49:03 . 2014-02-14 05:43:56 139264 ----a-w- C:\Windows\system32\ieUnatt.exe
2014-02-06 10:48:45 . 2014-02-14 05:43:54 111616 ----a-w- C:\Windows\system32\ieetwcollector.exe
2014-02-06 10:48:11 . 2014-02-14 05:43:52 708608 ----a-w- C:\Windows\system32\jscript9diag.dll
2014-02-06 10:32:49 . 2014-02-14 05:44:00 218624 ----a-w- C:\Windows\system32\ie4uinit.exe
2014-02-06 10:20:26 . 2014-02-14 05:44:06 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-02-06 10:17:15 . 2014-02-14 05:44:04 195584 ----a-w- C:\Windows\system32\msrating.dll
2014-02-06 10:11:37 . 2014-02-14 05:43:35 5768704 ----a-w- C:\Windows\system32\jscript9.dll
2014-02-06 10:01:36 . 2014-02-14 05:43:56 61952 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-02-06 10:00:46 . 2014-02-14 05:43:54 51200 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2014-02-06 09:57:13 . 2014-02-14 05:43:57 627200 ----a-w- C:\Windows\system32\msfeeds.dll
2014-02-06 09:50:32 . 2014-02-14 05:43:43 2041856 ----a-w- C:\Windows\system32\inetcpl.cpl
2014-02-06 09:47:22 . 2014-02-14 05:43:56 112128 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2014-02-06 09:46:27 . 2014-02-14 05:43:52 553472 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2014-02-06 09:25:36 . 2014-02-14 05:43:35 4244480 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-02-06 09:24:52 . 2014-02-14 05:43:46 2334208 ----a-w- C:\Windows\system32\wininet.dll
2014-02-06 09:22:13 . 2014-02-14 05:43:40 13051392 ----a-w- C:\Windows\system32\ieframe.dll
2014-02-06 09:09:30 . 2014-02-14 05:43:43 1964032 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-02-06 08:55:46 . 2014-02-14 05:43:45 1393664 ----a-w- C:\Windows\system32\urlmon.dll
2014-02-06 08:41:35 . 2014-02-14 05:43:47 1820160 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-02-06 08:40:06 . 2014-02-14 05:43:51 817664 ----a-w- C:\Windows\system32\ieapfltr.dll
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
*Note* les �l�ments vides & les �l�ments initiaux l�gitimes ne sont pas list�s
REGEDIT4
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2014-04-05 04:40:37 223432 ----a-w- C:\Users\PATRICK\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2014-04-05 04:40:37 223432 ----a-w- C:\Users\PATRICK\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2014-04-05 04:40:37 223432 ----a-w- C:\Users\PATRICK\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"="C:\Program Files (x86)\RocketDock\RocketDock.exe" [2007-09-02 11:58:52 495616]
"MyTomTomSA.exe"="C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe" [2013-01-07 12:42:10 451656]
"UberIcon"="C:\Program Files (x86)\UberIcon\UberIcon Manager.exe" [2007-08-17 18:10:04 159744]
"DAEMON Tools Pro Agent"="C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" [2012-10-23 08:25:10 3108480]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2010-11-21 03:24:51 1475584]
"ApplePhotoStreams"="C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe" [2013-11-20 14:43:14 59720]
"SkyDrive"="C:\Users\PATRICK\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" [2014-04-05 04:40:35 257224]
"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe" [2014-02-10 16:46:14 20922016]
"CCleaner"="C:\Program Files\CCleaner\CCleaner64.exe" [2014-04-17 16:53:08 6152472]
"NumCapsScroll Indicator"="C:\Users\PATRICK\Downloads\NumCapsScroll Indicator\NumCapsScroll Indicator.exe" [2011-06-01 17:29:10 1431818]
"KeyboardLeds.exe"="C:\Program Files (x86)\Keyboard LEDs\KeyboardLeds.exe" [2012-09-06 00:46:12 912896]
"Magic Boss Key"="C:\Program Files (x86)\Magicboss\mgboss.exe" [2011-02-23 13:17:16 355840]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"LManager"="C:\Program Files (x86)\Launch Manager\LManager.exe" [2012-03-02 07:59:24 1106512]
"APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2014-02-12 19:57:54 43848]
"EEventManager"="C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe" [2009-12-03 09:12:12 976320]
"Nikon Message Center 2"="C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe" [2011-10-30 14:44:36 571392]
"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 16:57:26 959904]
"WTClient"="WTClient.exe" [2013-03-04 12:24:03 40960]
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 07:16:26 254336]
"AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe" [2014-04-22 21:35:00 3873704]
"QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe" [2014-01-17 15:24:00 421888]
"iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe" [2014-02-21 02:54:40 152392]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableSecureUIAPath"= 1 (0x1)
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux7"=wdmaud.drv
R2 aswStm;aswStm;C:\Windows\system32\drivers\aswStm.sys;C:\Windows\SYSNATIVE\drivers\aswStm.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 KinoniSvc;Kinoni Service;C:\Program Files (x86)\Kinoni\EpocCam_and_Barcode_drivers\KinoniSvc.exe;C:\Program Files (x86)\Kinoni\EpocCam_and_Barcode_drivers\KinoniSvc.exe [x]
R2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe;C:\Program Files (x86)\Skype\Updater\Updater.exe [x]
R3 BthAudioHF;Service BthAudioHF;C:\Windows\system32\DRIVERS\BthAudioHF.sys;C:\Windows\SYSNATIVE\DRIVERS\BthAudioHF.sys [x]
R3 BthAvrcp;Profil AVRCP Bluetooth;C:\Windows\system32\DRIVERS\BthAvrcp.sys;C:\Windows\SYSNATIVE\DRIVERS\BthAvrcp.sys [x]
R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\system32\DRIVERS\clwvd.sys;C:\Windows\SYSNATIVE\DRIVERS\clwvd.sys [x]
R3 csr_a2dp;Profil AV Bluetooth;C:\Windows\system32\drivers\bthav.sys;C:\Windows\SYSNATIVE\drivers\bthav.sys [x]
R3 DCDhcpService;DCDhcpService;C:\Program Files (x86)\Packard Bell\WDAgent\DCDhcpService.exe;C:\Program Files (x86)\Packard Bell\WDAgent\DCDhcpService.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\system32\IEEtwCollector.exe;C:\Windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 JLTECH0227;Dual Mode Camera;C:\Windows\system32\Drivers\jl2005c.sys;C:\Windows\SYSNATIVE\Drivers\jl2005c.sys [x]
R3 ma-config_amd64;ma-config_amd64;C:\Program Files\ma-config.com\Drivers\ma-config_amd64.sys;C:\Program Files\ma-config.com\Drivers\ma-config_amd64.sys [x]
R3 ManyCam;ManyCam Virtual Webcam;C:\Windows\system32\DRIVERS\mcvidrv.sys;C:\Windows\SYSNATIVE\DRIVERS\mcvidrv.sys [x]
R3 mcaudrv_simple;ManyCam Virtual Microphone;C:\Windows\system32\drivers\mcaudrv_x64.sys;C:\Windows\SYSNATIVE\drivers\mcaudrv_x64.sys [x]
R3 Netaapl;Apple Mobile Device Ethernet Service;C:\Windows\system32\DRIVERS\netaapl64.sys;C:\Windows\SYSNATIVE\DRIVERS\netaapl64.sys [x]
R3 PAC207;SoC PC-Camera;C:\Windows\system32\DRIVERS\PFC027.SYS;C:\Windows\SYSNATIVE\DRIVERS\PFC027.SYS [x]
R3 PTSimHid;PenTablet Simulated HID MiniDriver;C:\Windows\system32\DRIVERS\PTSimHid.sys;C:\Windows\SYSNATIVE\DRIVERS\PTSimHid.sys [x]
R3 RTL8192cu;Realtek RTL8192CU Wireless LAN 802.11n USB 2.0 Network Adapter;C:\Windows\system32\DRIVERS\rtwlanu.sys;C:\Windows\SYSNATIVE\DRIVERS\rtwlanu.sys [x]
R3 ss_bbus;SAMSUNG USB Mobile Device (WDM);C:\Windows\system32\DRIVERS\ss_bbus.sys;C:\Windows\SYSNATIVE\DRIVERS\ss_bbus.sys [x]
R3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);C:\Windows\system32\DRIVERS\ss_bmdfl.sys;C:\Windows\SYSNATIVE\DRIVERS\ss_bmdfl.sys [x]
R3 ss_bmdm;SAMSUNG USB Mobile Modem;C:\Windows\system32\DRIVERS\ss_bmdm.sys;C:\Windows\SYSNATIVE\DRIVERS\ss_bmdm.sys [x]
R3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys;C:\Windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys;C:\Windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Service Windows Activation Technologies;C:\Windows\system32\Wat\WatAdminSvc.exe;C:\Windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S1 aswKbd;aswKbd; [x]
S1 aswSnx;aswSnx;C:\Windows\system32\drivers\aswSnx.sys;C:\Windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;C:\Windows\system32\drivers\aswSP.sys;C:\Windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\system32\DRIVERS\dtsoftbus01.sys;C:\Windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe;C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [x]
S2 aswHwid;avast! HardwareID;C:\Windows\system32\drivers\aswHwid.sys;C:\Windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;C:\Windows\system32\drivers\aswMonFlt.sys;C:\Windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 DsiWMIService;Dritek WMI Service;C:\Program Files (x86)\Launch Manager\dsiwmis.exe;C:\Program Files (x86)\Launch Manager\dsiwmis.exe [x]
S2 ePowerSvc;ePower Service;C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe;C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [x]
S2 GREGService;GREGService;C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe;C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe [x]
S2 HFGService;Handsfree Headset Service;C:\Windows\system32\svchost.exe;C:\Windows\SYSNATIVE\svchost.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe;C:\Program Files\Intel\iCLS Client\HeciServer.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 Live Updater Service;Live Updater Service;C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe;C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [x]
S2 MaConfigAgent;Ma-Config Agent;C:\Program Files\ma-config.com\MaConfigAgent.exe;C:\Program Files\ma-config.com\MaConfigAgent.exe [x]
S2 TeamViewer9;TeamViewer 9;C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe;C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [x]
S3 b57xdbd;Broadcom xD Picture Bus Driver Service;C:\Windows\system32\DRIVERS\b57xdbd.sys;C:\Windows\SYSNATIVE\DRIVERS\b57xdbd.sys [x]
S3 b57xdmp;Broadcom xD Picture vstorp client drv;C:\Windows\system32\DRIVERS\b57xdmp.sys;C:\Windows\SYSNATIVE\DRIVERS\b57xdmp.sys [x]
S3 bScsiMSa;bScsiMSa;C:\Windows\system32\DRIVERS\bScsiMSa.sys;C:\Windows\SYSNATIVE\DRIVERS\bScsiMSa.sys [x]
S3 bScsiSDa;bScsiSDa;C:\Windows\system32\DRIVERS\bScsiSDa.sys;C:\Windows\SYSNATIVE\DRIVERS\bScsiSDa.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;C:\Windows\system32\DRIVERS\ETD.sys;C:\Windows\SYSNATIVE\DRIVERS\ETD.sys [x]
S3 InputFilter_Hid_FlexDef2b;Siliten HID Devices(FlexDef2b) Driver Service;C:\Windows\system32\DRIVERS\InputFilter_FlexDef2b.sys;C:\Windows\SYSNATIVE\DRIVERS\InputFilter_FlexDef2b.sys [x]
S3 IntcDAud;Son Intel(R) pour �crans;C:\Windows\system32\DRIVERS\IntcDAud.sys;C:\Windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;C:\Windows\system32\DRIVERS\k57nd60a.sys;C:\Windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x]
S3 PTSimBus;PenTablet Bus Enumerator;C:\Windows\system32\DRIVERS\PTSimBus.sys;C:\Windows\SYSNATIVE\DRIVERS\PTSimBus.sys [x]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys;C:\Windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
S3 WSDScan;Prise en charge de la num�risation WSD via UMB;C:\Windows\system32\DRIVERS\WSDScan.sys;C:\Windows\SYSNATIVE\DRIVERS\WSDScan.sys [x]
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
iissvcs REG_MULTI_SZ w3svc was
apphost REG_MULTI_SZ apphostsvc
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-04-25 06:55:24 1078088 ----a-w- C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\Installer\chrmstp.exe
Contenu du dossier 'T�ches planifi�es'
2014-05-04 C:\Windows\Tasks\Adobe Flash Player Updater.job
- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-14 08:57:55 . 2014-05-02 13:34:17]
2014-05-04 C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-14 06:24:51 . 2013-05-14 06:24:48]
2014-05-04 C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-14 06:24:51 . 2013-05-14 06:24:48]
2014-05-03 C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3216922189-3069402670-1419407614-1000Core.job
- C:\Users\PATRICK\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-30 17:23:49 . 2012-08-30 17:23:48]
2014-05-04 C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3216922189-3069402670-1419407614-1000UA.job
- C:\Users\PATRICK\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-30 17:23:49 . 2012-08-30 17:23:48]
--------- X64 Entries -----------
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2014-04-05 04:40:48 262344 ----a-w- C:\Users\PATRICK\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2014-04-05 04:40:48 262344 ----a-w- C:\Users\PATRICK\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2014-04-05 04:40:48 262344 ----a-w- C:\Users\PATRICK\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-04-22 21:35:05 290888 ----a-w- C:\Program Files\AVAST Software\Avast\ashShA64.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="C:\Windows\system32\igfxtray.exe" [2012-02-20 04:18:16 170264]
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe" [2012-02-20 04:18:10 398616]
"Persistence"="C:\Windows\system32\igfxpers.exe" [2012-02-20 04:18:14 440600]
"Power Management"="C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe" [2012-02-07 15:53:48 1829768]
"RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-06-11 09:28:02 12503184]
"ClocX"="C:\Program Files\ClocX\ClocX.exe" [2013-01-14 16:01:00 2713600]
"Monitor"="C:\Windows\PixArt\PAC207\Monitor.exe" [2006-11-03 10:01:16 319488]
------- Examen suppl�mentaire -------
uStart Page = about:blank
uLocal Page = C:\Windows\system32\blank.htm
mStart Page = about:blank
mLocal Page = C:\Windows\SysWOW64\blank.htm
mDefault_Page_URL = hxxp://www.google.com
uInternet Settings,ProxyOverride = *.local
IE: E&xporter vers Microsoft Excel - C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - C:\Users\PATRICK\AppData\Roaming\Mozilla\Firefox\Profiles\11jsoyw0.default\
FF - prefs.js: browser.search.selectedEngine -
- - - - ORPHELINS SUPPRIMES - - - -
Toolbar-Locked - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
ShellIconOverlayIdentifiers-{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} - (no file)
HKLM-Run-ETDCtrl - C:\Program Files (x86)\Elantech\ETDCtrl.exe
AddRemove-3ae45191-685e-47ec-a3aa-2014761040f0 - C:\PROGRA~3\INSTAL~2\{5C18E~1\Setup.exe