ComboFix 16-01-22.01 - Joachim 23/01/2016 11:08:12.2.8 - x64 Microsoft Windows 7 Édition Familiale Premium 6.1.7601.1.1252.33.1036.18.8134.6289 [GMT 1:00] Lancé depuis: I:\ComboFix.exe SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Un nouveau point de restauration a été créé . . ((((((((((((((((((((((((((((( Fichiers créés du 2015-12-23 au 2016-01-23 )))))))))))))))))))))))))))))))))))) . . 2016-01-23 10:18 . 2016-01-23 10:18 -------- d-----w- c:\users\Default\AppData\Local\temp 2016-01-23 00:00 . 2015-09-08 07:00 4162560 ----a-w- C:\athrx.sys 2016-01-23 00:00 . 2015-09-08 07:00 3356672 ----a-w- C:\athr.sys 2016-01-22 23:57 . 2015-08-13 01:06 502256 ----a-w- c:\windows\system32\drivers\e1d62x64.sys 2016-01-22 23:57 . 2015-06-17 00:28 90608 ----a-w- c:\windows\system32\NicInstD.dll 2016-01-22 23:57 . 2014-04-19 02:18 73512 ----a-w- c:\windows\system32\e1dmsg.dll 2016-01-22 23:57 . 2014-04-18 12:17 125728 ----a-w- c:\windows\system32\NicCo4.dll 2016-01-22 23:41 . 2016-01-22 23:41 -------- d-----w- c:\users\Joachim\AppData\Roaming\TP-LINK 2016-01-22 23:41 . 2016-01-22 23:41 -------- d-----w- c:\program files (x86)\TP-LINK 2016-01-22 22:55 . 2016-01-22 22:55 -------- d-----w- C:\RegBackup 2016-01-22 22:44 . 2016-01-22 22:54 -------- d-----w- c:\users\Joachim\AppData\Roaming\ZHP 2016-01-22 22:18 . 2016-01-22 22:18 -------- d-----w- c:\windows\system32\bib 2016-01-22 22:18 . 2016-01-22 22:18 -------- d-----w- c:\users\Joachim\AppData\Local\Tempfolder 2016-01-22 22:18 . 2016-01-22 22:18 -------- d-----w- c:\users\Joachim\AppData\Roaming\LhoboAjoni 2016-01-22 22:18 . 2016-01-22 22:18 34712 ----a-w- c:\windows\system32\drivers\bsdriver.sys 2016-01-22 22:17 . 2016-01-22 22:17 -------- d-----w- C:\uninst 2016-01-22 22:17 . 2016-01-22 22:17 -------- d-----w- c:\program files (x86)\TData 2016-01-22 22:10 . 2016-01-22 22:10 -------- d-----w- c:\users\Joachim\AppData\Local\converter 2016-01-22 22:09 . 2016-01-22 22:09 -------- d-----w- c:\users\Joachim\AppData\Local\Movavi 2016-01-22 22:09 . 2016-01-22 22:09 -------- d-----w- c:\users\Joachim\AppData\Local\Suite 2016-01-22 22:07 . 2016-01-22 22:10 -------- d-----w- c:\program files (x86)\Movavi Video Suite 15 2016-01-22 22:07 . 2016-01-22 22:07 -------- d-----w- c:\programdata\Movavi Video Suite 15 2016-01-22 19:52 . 2016-01-22 22:17 61336 ----a-w- c:\windows\system32\drivers\cherimoya.sys 2016-01-14 23:02 . 2016-01-14 23:02 -------- d-----w- c:\users\Joachim\.dnx 2016-01-14 22:54 . 2016-01-14 22:54 -------- d-----w- c:\programdata\ATI 2016-01-14 22:50 . 2016-01-14 22:50 -------- d-----w- c:\program files (x86)\AMD 2016-01-13 19:23 . 2015-11-13 23:09 91648 ----a-w- c:\windows\system32\mapistub.dll 2016-01-13 19:23 . 2015-11-13 23:09 91648 ----a-w- c:\windows\system32\mapi32.dll 2016-01-13 19:23 . 2015-11-13 23:08 17920 ----a-w- c:\windows\system32\fixmapi.exe 2016-01-13 19:23 . 2015-11-13 22:50 76800 ----a-w- c:\windows\SysWow64\mapistub.dll 2016-01-13 19:23 . 2015-11-13 22:49 14336 ----a-w- c:\windows\SysWow64\fixmapi.exe 2016-01-13 19:23 . 2015-12-11 18:57 1164800 ----a-w- c:\windows\system32\aeinv.dll 2016-01-13 19:23 . 2015-12-08 19:07 624640 ----a-w- c:\windows\system32\qedit.dll 2016-01-13 19:23 . 2015-12-08 21:53 509952 ----a-w- c:\windows\SysWow64\qedit.dll 2016-01-13 19:21 . 2015-12-08 17:58 3211264 ----a-w- c:\windows\system32\win32k.sys 2016-01-12 23:21 . 2015-12-08 21:53 641536 ----a-w- c:\windows\SysWow64\advapi32.dll 2016-01-12 23:21 . 2015-12-08 19:07 879104 ----a-w- c:\windows\system32\advapi32.dll 2016-01-12 23:21 . 2015-11-17 01:11 25024 ----a-w- c:\windows\system32\CompatTelRunner.exe 2016-01-12 23:21 . 2015-11-17 01:08 705536 ----a-w- c:\windows\system32\invagent.dll 2016-01-12 23:21 . 2015-11-17 01:08 792064 ----a-w- c:\windows\system32\generaltel.dll 2016-01-12 23:21 . 2015-11-17 01:08 505856 ----a-w- c:\windows\system32\devinv.dll 2016-01-12 23:21 . 2015-11-17 01:08 76800 ----a-w- c:\windows\system32\acmigration.dll 2016-01-12 23:21 . 2015-11-17 01:08 1381376 ----a-w- c:\windows\system32\appraiser.dll 2016-01-12 23:21 . 2015-11-16 20:17 210432 ----a-w- c:\windows\system32\aepic.dll 2016-01-12 23:21 . 2015-12-08 21:52 312320 ----a-w- c:\windows\SysWow64\gdi32.dll 2016-01-12 23:21 . 2015-12-08 19:07 405504 ----a-w- c:\windows\system32\gdi32.dll 2016-01-04 20:01 . 2016-01-04 23:50 -------- d-----w- c:\program files (x86)\adslTV 2016-01-02 00:37 . 2016-01-02 00:37 -------- d-----w- c:\program files (x86)\Cheat Engine 6.3 2016-01-02 00:14 . 2016-01-06 21:27 -------- d-----w- c:\program files (x86)\Euro Truck Simulator 2 Multiplayer 2015-12-27 22:12 . 2015-12-27 22:12 -------- d-----w- c:\users\Joachim\AppData\Roaming\OpenOffice 2015-12-27 22:02 . 2015-12-27 22:03 -------- d-----w- c:\program files (x86)\OpenOffice 4 . . . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2016-01-23 00:17 . 2015-11-02 10:02 65536 ----a-w- c:\windows\system32\spu_storage.bin 2015-12-30 18:37 . 2016-01-12 23:20 44032 ----a-w- c:\windows\apppatch\acwow64.dll 2015-12-17 19:08 . 2015-12-17 19:08 144 ----a-w- c:\windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2015-12-08 19:07 . 2009-07-14 00:22 1393152 ----a-w- c:\windows\system32\WMALFXGFXDSP.dll 2015-12-05 02:19 . 2015-12-05 02:19 432864 ----a-w- c:\programdata\Microsoft\Blend\14.0\1036\ResourceCache.dll 2015-12-05 02:19 . 2015-12-05 02:19 1831840 ----a-w- c:\programdata\Microsoft\VisualStudio\14.0\1036\ResourceCache.dll 2015-11-20 18:54 . 2015-12-08 19:15 98816 ----a-w- c:\windows\system32\wudriver.dll 2015-11-20 18:54 . 2015-12-08 19:15 37888 ----a-w- c:\windows\system32\wups2.dll 2015-11-20 18:54 . 2015-12-08 19:15 36864 ----a-w- c:\windows\system32\wups.dll 2015-11-20 18:54 . 2015-12-08 19:15 3170304 ----a-w- c:\windows\system32\wucltux.dll 2015-11-20 18:54 . 2015-12-08 19:15 2609152 ----a-w- c:\windows\system32\wuaueng.dll 2015-11-20 18:54 . 2015-12-08 19:15 192512 ----a-w- c:\windows\system32\wuwebv.dll 2015-11-20 18:54 . 2015-12-08 19:15 709632 ----a-w- c:\windows\system32\wuapi.dll 2015-11-20 18:54 . 2015-12-08 19:15 91136 ----a-w- c:\windows\system32\WinSetupUI.dll 2015-11-20 18:54 . 2015-12-08 19:15 12288 ----a-w- c:\windows\system32\wu.upgrade.ps.dll 2015-11-20 18:54 . 2015-12-08 19:15 37888 ----a-w- c:\windows\system32\wuapp.exe 2015-11-20 18:54 . 2015-12-08 19:15 140288 ----a-w- c:\windows\system32\wuauclt.exe 2015-11-20 18:34 . 2015-12-08 19:15 93696 ----a-w- c:\windows\SysWow64\wudriver.dll 2015-11-20 18:34 . 2015-12-08 19:15 30208 ----a-w- c:\windows\SysWow64\wups.dll 2015-11-20 18:34 . 2015-12-08 19:15 174080 ----a-w- c:\windows\SysWow64\wuwebv.dll 2015-11-20 18:34 . 2015-12-08 19:15 573440 ----a-w- c:\windows\SysWow64\wuapi.dll 2015-11-20 18:33 . 2015-12-08 19:15 35328 ----a-w- c:\windows\SysWow64\wuapp.exe 2015-11-20 09:03 . 2015-11-20 09:03 12357200 ----a-w- c:\programdata\Microsoft\VisualStudioSecondaryInstaller\14.0\installers\TypeScriptV5\en\0\TypeScript_Full.exe 2015-11-19 20:31 . 2015-11-19 20:31 222376 ----a-w- c:\windows\SysWow64\VSPerf140.dll 2015-11-19 20:31 . 2015-11-19 20:31 19136 ----a-w- c:\programdata\Microsoft\Phone Tools\CoreCon\12.0\SDKFilesVer.dll 2015-11-19 20:31 . 2015-11-19 20:31 19136 ----a-w- c:\programdata\Microsoft\Phone Tools\CoreCon\12.0\addons\NonSDKAddonVer.dll 2015-11-19 20:31 . 2015-11-19 20:31 19136 ----a-w- c:\programdata\Microsoft\Phone Tools\CoreCon\12.0\3082\NonSDKAddonLangVer.dll 2015-11-19 20:31 . 2015-11-19 20:31 19136 ----a-w- c:\programdata\Microsoft\Phone Tools\CoreCon\12.0\2052\NonSDKAddonLangVer.dll 2015-11-19 20:31 . 2015-11-19 20:31 19136 ----a-w- c:\programdata\Microsoft\Phone Tools\CoreCon\12.0\1049\NonSDKAddonLangVer.dll 2015-11-19 20:31 . 2015-11-19 20:31 19136 ----a-w- c:\programdata\Microsoft\Phone Tools\CoreCon\12.0\1042\NonSDKAddonLangVer.dll 2015-11-19 20:31 . 2015-11-19 20:31 19136 ----a-w- c:\programdata\Microsoft\Phone Tools\CoreCon\12.0\1041\NonSDKAddonLangVer.dll 2015-11-19 20:31 . 2015-11-19 20:31 19136 ----a-w- c:\programdata\Microsoft\Phone Tools\CoreCon\12.0\1040\NonSDKAddonLangVer.dll 2015-11-19 20:31 . 2015-11-19 20:31 19136 ----a-w- c:\programdata\Microsoft\Phone Tools\CoreCon\12.0\1036\NonSDKAddonLangVer.dll 2015-11-19 20:31 . 2015-11-19 20:31 19136 ----a-w- c:\programdata\Microsoft\Phone Tools\CoreCon\12.0\1033\NonSDKAddonLangVer.dll 2015-11-19 20:31 . 2015-11-19 20:31 19136 ----a-w- c:\programdata\Microsoft\Phone Tools\CoreCon\12.0\1031\NonSDKAddonLangVer.dll 2015-11-19 20:31 . 2015-11-19 20:31 19136 ----a-w- c:\programdata\Microsoft\Phone Tools\CoreCon\12.0\1028\NonSDKAddonLangVer.dll 2015-11-19 20:31 . 2015-11-19 20:31 1825984 ----a-w- c:\windows\SysWow64\VsGraphicsHelper.dll 2015-11-19 19:02 . 2015-11-19 19:02 3189960 ----a-w- c:\windows\system32\VSGraphicsHelper.dll 2015-11-18 07:55 . 2015-11-18 07:55 107784 ----a-w- c:\windows\system32\amdave64.dll 2015-11-18 07:55 . 2015-11-18 07:55 100568 ----a-w- c:\windows\SysWow64\amdave32.dll 2015-11-18 07:55 . 2015-11-18 07:55 141792 ----a-w- c:\windows\system32\amdhcp64.dll 2015-11-18 07:55 . 2015-11-18 07:55 128384 ----a-w- c:\windows\SysWow64\amdhcp32.dll 2015-11-18 07:55 . 2015-11-18 07:55 78432 ----a-w- c:\windows\system32\atimpc64.dll 2015-11-18 07:55 . 2015-11-18 07:55 78432 ----a-w- c:\windows\system32\amdpcom64.dll 2015-11-18 07:55 . 2015-11-18 07:55 71704 ----a-w- c:\windows\SysWow64\atimpc32.dll 2015-11-18 07:55 . 2015-11-18 07:55 71704 ----a-w- c:\windows\SysWow64\amdpcom32.dll 2015-11-18 07:55 . 2015-08-28 03:04 152056 ----a-w- c:\windows\system32\atiuxp64.dll 2015-11-18 07:55 . 2015-11-18 07:55 133016 ----a-w- c:\windows\SysWow64\atiuxpag.dll 2015-11-18 07:55 . 2015-11-18 07:55 120656 ----a-w- c:\windows\system32\atiu9p64.dll 2015-11-18 07:55 . 2015-11-18 07:55 102616 ----a-w- c:\windows\SysWow64\atiu9pag.dll 2015-11-18 07:55 . 2015-08-28 03:04 1479768 ----a-w- c:\windows\system32\aticfx64.dll 2015-11-18 07:55 . 2015-11-18 07:55 1217576 ----a-w- c:\windows\SysWow64\aticfx32.dll 2015-11-18 07:54 . 2015-08-28 03:04 12101120 ----a-w- c:\windows\system32\atidxx64.dll 2015-11-18 07:54 . 2015-11-18 07:54 10226528 ----a-w- c:\windows\SysWow64\atidxx32.dll 2015-11-18 07:54 . 2015-11-18 07:54 7931152 ----a-w- c:\windows\SysWow64\atiumdva.dll 2015-11-18 07:54 . 2015-11-18 07:54 7408936 ----a-w- c:\windows\SysWow64\atiumdag.dll 2015-11-18 07:54 . 2015-11-18 07:54 8895768 ----a-w- c:\windows\system32\atiumd6a.dll 2015-11-18 07:54 . 2015-11-18 07:54 8779872 ----a-w- c:\windows\system32\atiumd64.dll 2015-11-18 07:52 . 2015-11-18 07:52 297672 ----a-w- c:\windows\system32\drivers\amdacpksd.sys 2015-11-18 07:49 . 2015-11-18 07:49 21661696 ----a-w- c:\windows\system32\drivers\atikmdag.sys 2015-11-18 07:44 . 2015-11-18 07:44 235008 ----a-w- c:\windows\system32\clinfo.exe 2015-11-18 07:44 . 2015-11-18 07:44 995342 ----a-w- c:\windows\SysWow64\amdocl_as32.exe 2015-11-18 07:44 . 2015-11-18 07:44 798734 ----a-w- c:\windows\SysWow64\amdocl_ld32.exe 2015-11-18 07:44 . 2015-11-18 07:44 47785472 ----a-w- c:\windows\system32\amdocl64.dll 2015-11-18 07:44 . 2015-11-18 07:44 1187342 ----a-w- c:\windows\system32\amdocl_as64.exe 2015-11-18 07:44 . 2015-11-18 07:44 1061902 ----a-w- c:\windows\system32\amdocl_ld64.exe 2015-11-18 07:43 . 2015-11-18 07:43 39712768 ----a-w- c:\windows\SysWow64\amdocl.dll 2015-11-18 07:42 . 2015-11-18 07:42 65024 ----a-w- c:\windows\system32\OpenCL.dll 2015-11-18 07:42 . 2015-11-18 07:42 59392 ----a-w- c:\windows\SysWow64\OpenCL.dll 2015-11-18 07:40 . 2015-11-18 07:40 27535872 ----a-w- c:\windows\system32\amdocl12cl64.dll 2015-11-18 07:40 . 2015-11-18 07:40 22318592 ----a-w- c:\windows\SysWow64\amdocl12cl.dll 2015-11-18 07:20 . 2015-11-18 07:20 675328 ----a-w- c:\windows\system32\amdlvr64.dll 2015-11-18 07:19 . 2015-11-18 07:19 560640 ----a-w- c:\windows\SysWow64\amdlvr32.dll 2015-11-18 07:19 . 2015-11-18 07:19 127488 ----a-w- c:\windows\system32\mantle64.dll 2015-11-18 07:19 . 2015-11-18 07:19 113664 ----a-w- c:\windows\SysWow64\mantle32.dll 2015-11-18 07:19 . 2015-11-18 07:19 6728192 ----a-w- c:\windows\system32\amdmantle64.dll 2015-11-18 07:14 . 2015-11-18 07:14 5290496 ----a-w- c:\windows\SysWow64\amdmantle32.dll 2015-11-18 07:13 . 2015-11-18 07:13 30767616 ----a-w- c:\windows\system32\atio6axx.dll 2015-11-18 07:10 . 2015-11-18 07:10 96256 ----a-w- c:\windows\system32\mantleaxl64.dll 2015-11-18 07:10 . 2015-11-18 07:10 89088 ----a-w- c:\windows\SysWow64\mantleaxl32.dll 2015-11-18 07:07 . 2015-11-18 07:07 25312768 ----a-w- c:\windows\SysWow64\atioglxx.dll 2015-11-18 07:06 . 2015-11-18 07:06 50688 ----a-w- c:\windows\system32\amdmmcl6.dll 2015-11-18 07:06 . 2015-11-18 07:06 39424 ----a-w- c:\windows\SysWow64\amdmmcl.dll 2015-11-18 07:03 . 2015-11-18 07:03 367104 ----a-w- c:\windows\system32\atiapfxx.exe 2015-11-18 07:03 . 2015-11-18 07:03 62464 ----a-w- c:\windows\system32\aticalrt64.dll 2015-11-18 07:03 . 2015-11-18 07:03 52224 ----a-w- c:\windows\SysWow64\aticalrt.dll 2015-11-18 07:03 . 2015-11-18 07:03 55808 ----a-w- c:\windows\system32\aticalcl64.dll 2015-11-18 07:03 . 2015-11-18 07:03 49152 ----a-w- c:\windows\SysWow64\aticalcl.dll 2015-11-18 07:03 . 2015-11-18 07:03 15716352 ----a-w- c:\windows\system32\aticaldd64.dll 2015-11-18 07:02 . 2015-11-18 07:02 14302208 ----a-w- c:\windows\SysWow64\aticaldd.dll 2015-11-18 06:59 . 2015-11-18 06:59 442368 ----a-w- c:\windows\system32\atidemgy.dll 2015-11-18 06:59 . 2015-11-18 06:59 160256 ----a-w- c:\windows\system32\atieah64.exe 2015-11-18 06:59 . 2015-11-18 06:59 143872 ----a-w- c:\windows\SysWow64\atieah32.exe 2015-11-18 06:59 . 2015-11-18 06:59 204800 ----a-w- c:\windows\system32\amdgfxinfo64.dll 2015-11-18 06:59 . 2015-11-18 06:59 189952 ----a-w- c:\windows\SysWow64\amdgfxinfo32.dll 2015-11-18 06:59 . 2015-11-18 06:59 674816 ----a-w- c:\windows\system32\atieclxx.exe 2015-11-18 06:59 . 2015-11-18 06:59 29696 ----a-w- c:\windows\system32\atimuixx.dll 2015-11-18 06:58 . 2015-11-18 06:58 246784 ----a-w- c:\windows\system32\atiesrxx.exe 2015-11-18 06:58 . 2015-11-18 06:58 190976 ----a-w- c:\windows\system32\atitmm64.dll 2015-11-18 06:56 . 2015-11-18 06:56 865792 ----a-w- c:\windows\system32\coinst_15.20.dll . . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AlcoholAutomount"="c:\program files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" [2015-03-12 39376] "OneSwarm"="c:\program files (x86)\OneSwarm\OneSwarm.exe" [2011-05-23 510976] "DAEMON Tools Lite Automount"="c:\program files\DAEMON Tools Lite\DTAgent.exe" [2015-06-18 4468056] "Steam"="c:\program files (x86)\Steam\steam.exe" [2015-12-14 3013712] "CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2015-10-19 8551848] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2014-08-25 293872] "EaseUS EPM tray"="c:\program files (x86)\EaseUS\EaseUS Partition Master 10.8\bin\EpmNews.exe" [2015-09-16 2089056] "Razer Synapse"="c:\program files (x86)\Razer\Synapse\RzSynapse.exe" [2015-09-29 592704] "Raptr"="c:\program files (x86)\Raptr\raptrstub.exe" [2015-12-11 56080] "Live Update"="c:\program files (x86)\MSI\Live Update\Live Update.exe" [2015-10-07 11324368] "StartCCC"="c:\program files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" [2015-11-18 767176] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ TP-LINK Wireless Configuration Utility.lnk - c:\program files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe -nogui [2016-1-23 846848] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) . R2 AsSysCtrlService;ASUS System Control Service;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [x] R2 AxAutoMntSrv;Alcohol Virtual Drive Auto-mount Service;c:\program files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe;c:\program files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [x] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x] R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service;c:\windows\system32\igfxCUIService.exe;c:\windows\SYSNATIVE\igfxCUIService.exe [x] R3 cpuz137;cpuz137;c:\users\Joachim\AppData\Local\Temp\cpuz137\cpuz137_x64.sys;c:\users\Joachim\AppData\Local\Temp\cpuz137\cpuz137_x64.sys [x] R3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys;c:\windows\SYSNATIVE\epmntdrv.sys [x] R3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys;c:\windows\SYSNATIVE\EuGdiDrv.sys [x] R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x] R3 IntcDAud;Son Intel(R) pour écrans;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x] R3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\SocketHeciServer.exe;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [x] R3 MSICDSetup;MSICDSetup;d:\cdriver64.sys;d:\CDriver64.sys [x] R3 NTIOLib_1_0_C;NTIOLib_1_0_C;d:\ntiolib_x64.sys;d:\NTIOLib_X64.sys [x] R3 RTCore64;RTCore64;c:\program files (x86)\MSI Afterburner\RTCore64.sys;c:\program files (x86)\MSI Afterburner\RTCore64.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x] R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x] R4 TunngleService;TunngleService;c:\program files (x86)\Tunngle\TnglCtrl.exe;c:\program files (x86)\Tunngle\TnglCtrl.exe [x] R4 VSStandardCollectorService140;Visual Studio Standard Collector Service;c:\program files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe;c:\program files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [x] R4 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x] S0 iaStorA;iaStorA;c:\windows\system32\DRIVERS\iaStorA.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorA.sys [x] S0 iaStorF;iaStorF;c:\windows\system32\DRIVERS\iaStorF.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorF.sys [x] S0 iusb3hcs;Pilote de commutateur de contrôleur d'hôte Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x] S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x] S1 bsdriver;bsdriver;c:\windows\system32\drivers\bsdriver.sys;c:\windows\SYSNATIVE\drivers\bsdriver.sys [x] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x] S2 amdacpksd;ACP Kernel Service Driver;c:\windows\system32\drivers\amdacpksd.sys;c:\windows\SYSNATIVE\drivers\amdacpksd.sys [x] S2 amdacpusrsvc;ACP User Service;c:\program files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe;c:\program files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [x] S2 asComSvc;ASUS Com Service;c:\program files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe;c:\program files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [x] S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x] S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x] S2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;c:\windows\system32\IProsetMonitor.exe;c:\windows\SYSNATIVE\IProsetMonitor.exe [x] S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x] S2 MSI_LiveUpdate_Service;MSI_LiveUpdate_Service;c:\program files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe;c:\program files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [x] S2 RadeonPro Support Service;RadeonPro Support Service;c:\program files (x86)\RadeonPro\RadeonProSupport.exe;c:\program files (x86)\RadeonPro\RadeonProSupport.exe [x] S2 Razer Chroma SDK Service;Razer Chroma SDK Service;c:\program files (x86)\Razer Chroma SDK\bin\RzSDKService.exe;c:\program files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [x] S2 Razer Game Scanner Service;Razer Game Scanner;c:\program files (x86)\Razer\Razer Services\GSS\GameScannerService.exe;c:\program files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [x] S2 rzpmgrk;rzpmgrk;c:\windows\system32\drivers\rzpmgrk.sys;c:\windows\SYSNATIVE\drivers\rzpmgrk.sys [x] S2 rzpnk;rzpnk;c:\windows\system32\drivers\rzpnk.sys;c:\windows\SYSNATIVE\drivers\rzpnk.sys [x] S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x] S3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service;c:\program files\DAEMON Tools Lite\DiscSoftBusService.exe;c:\program files\DAEMON Tools Lite\DiscSoftBusService.exe [x] S3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus;c:\windows\system32\DRIVERS\dtlitescsibus.sys;c:\windows\SYSNATIVE\DRIVERS\dtlitescsibus.sys [x] S3 e1dexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver D;c:\windows\system32\DRIVERS\e1d62x64.sys;c:\windows\SYSNATIVE\DRIVERS\e1d62x64.sys [x] S3 iusb3hub;Pilote de concentrateur Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x] S3 iusb3xhc;Pilote du contrôleur d'hôte extensible Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x] S3 rzendpt;rzendpt;c:\windows\system32\DRIVERS\rzendpt.sys;c:\windows\SYSNATIVE\DRIVERS\rzendpt.sys [x] S3 rzudd;Razer Keyboard Driver;c:\windows\system32\DRIVERS\rzudd.sys;c:\windows\SYSNATIVE\DRIVERS\rzudd.sys [x] S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\DRIVERS\tap0901t.sys;c:\windows\SYSNATIVE\DRIVERS\tap0901t.sys [x] . . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] 2016-01-15 01:07 1006920 ----a-w- c:\program files (x86)\Google\Chrome\Application\47.0.2526.111\Installer\chrmstp.exe . Contenu du dossier 'Tâches planifiées' . 2016-01-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2015-11-01 18:51] . 2016-01-23 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2015-11-01 18:51] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2014-09-02 7636696] "IAStorIcon"="c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" [2014-05-28 36352] "AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [BU] "Sound+"="c:\program files\Sound+\Sound+.exe" [BU] . ------- Examen supplémentaire ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://www.google.com mLocal Page = c:\windows\SysWOW64\blank.htm mDefault_Search_URL = hxxp://www.google.com mDefault_Page_URL = hxxp://www.google.com mStart Page = hxxp://www.google.com mSearch Page = hxxp://www.google.com FF - ProfilePath - c:\users\Joachim\AppData\Roaming\Mozilla\Firefox\Profiles\xclcfvsu.default\ . - - - - ORPHELINS SUPPRIMES - - - - . Wow6432Node-HKLM-Run- - (no file) AddRemove-{8048A5DF-8A70-5BE1-954B-E0FDE1BD0D0D} - c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe . . . --------------------- CLES DE REGISTRE BLOQUEES --------------------- . [HKEY_USERS\S-1-5-21-2771695186-3722811097-3333097191-1000\Software\SecuROM\License information*] @Allowed: (Read) (RestrictedCode) "datasecu"=hex:a4,9e,de,16,0f,f6,41,dc,87,dc,87,76,83,76,53,98,27,1a,6d,cc,f8, d1,f8,6a,1f,97,d5,80,e4,c3,53,2d,ff,8e,f9,3c,1b,e3,08,d5,c1,7f,bf,49,f3,ba,\ "rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Heure de fin: 2016-01-23 11:20:03 ComboFix-quarantined-files.txt 2016-01-23 10:20 ComboFix2.txt 2016-01-22 23:33 . Avant-CF: 88 839 270 400 octets libres Après-CF: 88 727 035 904 octets libres . - - End Of File - - 7C6752CB1142E8C4BB431570ABA140C8 5FB38429D5D77768867C76DCBDB35194