ComboFix 14-04-30.01 - PATRICK 04/05/2014 12:48:48.1.2 - x64 Microsoft Windows 7 Édition Familiale Premium 6.1.7601.1.1252.33.1036.18.3932.1282 [GMT 2:00] Lancé depuis: C:\Users\PATRICK\Downloads\ComboFix.exe AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B} SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) C:\Users\PATRICK\OneLoupe.exe ((((((((((((((((((((((((((((( Fichiers créés du 2014-04-04 au 2014-05-04 )))))))))))))))))))))))))))))))))))) 2014-05-04 10:59:19 . 2014-05-04 10:59:19 -------- d-----w- C:\Users\DefaultAppPool\AppData\Local\temp 2014-05-04 10:59:19 . 2014-05-04 10:59:19 -------- d-----w- C:\Users\Default\AppData\Local\temp 2014-04-30 21:53:30 . 2014-04-30 22:24:04 -------- d-----w- C:\Program Files (x86)\Magicboss 2014-04-30 19:01:57 . 2014-04-30 19:01:57 -------- d-----w- C:\Users\PATRICK\AppData\Roaming\MPC-HC 2014-04-29 17:34:59 . 2014-05-01 17:55:17 512 ----a-w- C:\PhysicalDisk0_MBR.bin 2014-04-29 17:30:18 . 2014-05-01 17:53:02 -------- d-----w- C:\Users\PATRICK\AppData\Roaming\ZHP 2014-04-29 16:50:06 . 2014-04-29 16:50:06 -------- d-----w- C:\Users\PATRICK\AppData\Roaming\Infected Scanner 2014-04-29 14:05:45 . 2014-04-29 14:06:35 -------- d-----w- C:\Program Files (x86)\Satsuki Decoder Pack 2014-04-29 13:45:14 . 2014-04-29 13:51:18 699 ----a-w- C:\Users\PATRICK\codes.bat 2014-04-26 11:56:38 . 2014-03-12 14:00:52 338120 ----a-w- C:\Windows\system32\SecureAssist64.dll 2014-04-26 11:53:58 . 2014-04-26 16:49:33 -------- d-----w- C:\temp 2014-04-26 11:51:58 . 2014-04-27 10:27:53 -------- d-----w- C:\Program Files\003 2014-04-23 03:27:21 . 2014-05-03 01:54:17 75888 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{2DF0421E-C103-42E1-8CF9-6E2FCFBFB45D}\offreg.dll 2014-04-23 03:25:29 . 2014-04-17 03:31:46 10651704 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{2DF0421E-C103-42E1-8CF9-6E2FCFBFB45D}\mpengine.dll 2014-04-22 21:35:09 . 2014-04-22 21:35:05 29208 ----a-w- C:\Windows\system32\drivers\aswHwid.sys 2014-04-22 21:35:04 . 2014-04-22 21:35:04 43152 ----a-w- C:\Windows\avastSS.scr 2014-04-18 14:48:52 . 2014-04-18 14:48:52 -------- d-----w- C:\Program Files (x86)\UnH Solutions 2014-04-18 14:43:16 . 2014-04-18 14:43:59 -------- d-----w- C:\Users\PATRICK\AppData\Roaming\Youtube Downloader HD 2014-04-18 14:43:03 . 2014-04-18 14:43:07 -------- d-----w- C:\Program Files (x86)\Youtube Downloader HD 2014-04-14 16:04:52 . 2014-04-14 16:05:09 -------- d-----w- C:\Windows\SysWow64\Adobe 2014-04-07 12:14:39 . 2014-04-07 12:14:39 -------- d-----w- C:\Program Files (x86)\Meccano . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) 2014-05-02 13:34:17 . 2012-03-14 08:57:55 70832 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2014-05-02 13:34:17 . 2012-03-14 08:57:55 692400 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2014-04-22 21:35:05 . 2013-12-24 12:28:30 85328 ----a-w- C:\Windows\system32\drivers\aswstm.sys 2014-04-22 21:35:05 . 2013-03-05 11:33:51 208416 ----a-w- C:\Windows\system32\drivers\aswVmm.sys 2014-04-22 21:35:05 . 2013-03-05 11:33:50 65776 ----a-w- C:\Windows\system32\drivers\aswRvrt.sys 2014-04-22 21:35:05 . 2012-08-30 18:03:49 423240 ----a-w- C:\Windows\system32\drivers\aswsp.sys 2014-04-22 21:35:05 . 2012-08-30 18:03:48 93568 ----a-w- C:\Windows\system32\drivers\aswRdr2.sys 2014-04-22 21:35:05 . 2012-08-30 18:03:46 1039096 ----a-w- C:\Windows\system32\drivers\aswSnx.sys 2014-04-22 21:35:05 . 2012-08-30 18:03:40 79184 ----a-w- C:\Windows\system32\drivers\aswMonFlt.sys 2014-04-22 21:35:05 . 2012-08-30 18:03:40 334648 ----a-w- C:\Windows\system32\aswBoot.exe 2014-03-21 09:46:46 . 2014-03-21 09:46:46 152848 ----a-w- C:\Windows\SysWow64\comdlg32.ocx 2014-03-11 15:46:36 . 2014-03-11 15:46:36 82432 ----a-w- C:\Users\PATRICK\AppData\Roaming\Microsoft\MSXML2\msxml4r.dll 2014-03-11 15:46:36 . 2014-03-11 15:46:36 44544 ----a-w- C:\Users\PATRICK\AppData\Roaming\Microsoft\MSXML2\msxml4a.dll 2014-03-11 15:46:36 . 2014-03-11 15:46:36 1275392 ----a-w- C:\Users\PATRICK\AppData\Roaming\Microsoft\MSXML2\msxml4.dll 2014-02-18 04:45:55 . 2012-09-04 03:59:04 88567024 ----a-w- C:\Windows\system32\MRT.exe 2014-02-08 10:28:53 . 2012-12-04 18:49:42 61440 ----a-r- C:\Users\PATRICK\AppData\Roaming\Microsoft\Installer\{11953C65-BB4E-4CA4-B0F0-2600A4B20040}\ARPPRODUCTICON.exe 2014-02-06 12:16:01 . 2014-02-14 05:43:52 23170048 ----a-w- C:\Windows\system32\mshtml.dll 2014-02-06 11:30:46 . 2014-02-14 05:44:06 2724864 ----a-w- C:\Windows\system32\mshtml.tlb 2014-02-06 11:30:12 . 2014-02-14 05:43:59 4096 ----a-w- C:\Windows\system32\ieetwcollectorres.dll 2014-02-06 11:12:09 . 2014-02-14 05:43:48 2765824 ----a-w- C:\Windows\system32\iertutil.dll 2014-02-06 11:07:39 . 2014-02-14 05:43:55 66048 ----a-w- C:\Windows\system32\iesetup.dll 2014-02-06 11:06:47 . 2014-02-14 05:43:54 48640 ----a-w- C:\Windows\system32\ieetwproxystub.dll 2014-02-06 10:57:16 . 2014-02-14 05:43:58 53760 ----a-w- C:\Windows\system32\jsproxy.dll 2014-02-06 10:56:03 . 2014-02-14 05:43:59 33792 ----a-w- C:\Windows\system32\iernonce.dll 2014-02-06 10:52:11 . 2014-02-14 05:44:02 574976 ----a-w- C:\Windows\system32\ieui.dll 2014-02-06 10:49:03 . 2014-02-14 05:43:56 139264 ----a-w- C:\Windows\system32\ieUnatt.exe 2014-02-06 10:48:45 . 2014-02-14 05:43:54 111616 ----a-w- C:\Windows\system32\ieetwcollector.exe 2014-02-06 10:48:11 . 2014-02-14 05:43:52 708608 ----a-w- C:\Windows\system32\jscript9diag.dll 2014-02-06 10:32:49 . 2014-02-14 05:44:00 218624 ----a-w- C:\Windows\system32\ie4uinit.exe 2014-02-06 10:20:26 . 2014-02-14 05:44:06 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2014-02-06 10:17:15 . 2014-02-14 05:44:04 195584 ----a-w- C:\Windows\system32\msrating.dll 2014-02-06 10:11:37 . 2014-02-14 05:43:35 5768704 ----a-w- C:\Windows\system32\jscript9.dll 2014-02-06 10:01:36 . 2014-02-14 05:43:56 61952 ----a-w- C:\Windows\SysWow64\iesetup.dll 2014-02-06 10:00:46 . 2014-02-14 05:43:54 51200 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll 2014-02-06 09:57:13 . 2014-02-14 05:43:57 627200 ----a-w- C:\Windows\system32\msfeeds.dll 2014-02-06 09:50:32 . 2014-02-14 05:43:43 2041856 ----a-w- C:\Windows\system32\inetcpl.cpl 2014-02-06 09:47:22 . 2014-02-14 05:43:56 112128 ----a-w- C:\Windows\SysWow64\ieUnatt.exe 2014-02-06 09:46:27 . 2014-02-14 05:43:52 553472 ----a-w- C:\Windows\SysWow64\jscript9diag.dll 2014-02-06 09:25:36 . 2014-02-14 05:43:35 4244480 ----a-w- C:\Windows\SysWow64\jscript9.dll 2014-02-06 09:24:52 . 2014-02-14 05:43:46 2334208 ----a-w- C:\Windows\system32\wininet.dll 2014-02-06 09:22:13 . 2014-02-14 05:43:40 13051392 ----a-w- C:\Windows\system32\ieframe.dll 2014-02-06 09:09:30 . 2014-02-14 05:43:43 1964032 ----a-w- C:\Windows\SysWow64\inetcpl.cpl 2014-02-06 08:55:46 . 2014-02-14 05:43:45 1393664 ----a-w- C:\Windows\system32\urlmon.dll 2014-02-06 08:41:35 . 2014-02-14 05:43:47 1820160 ----a-w- C:\Windows\SysWow64\wininet.dll 2014-02-06 08:40:06 . 2014-02-14 05:43:51 817664 ----a-w- C:\Windows\system32\ieapfltr.dll ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1] @="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}" [HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}] 2014-04-05 04:40:37 223432 ----a-w- C:\Users\PATRICK\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2] @="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}" [HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}] 2014-04-05 04:40:37 223432 ----a-w- C:\Users\PATRICK\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3] @="{BBACC218-34EA-4666-9D7A-C78F2274A524}" [HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}] 2014-04-05 04:40:37 223432 ----a-w- C:\Users\PATRICK\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RocketDock"="C:\Program Files (x86)\RocketDock\RocketDock.exe" [2007-09-02 11:58:52 495616] "MyTomTomSA.exe"="C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe" [2013-01-07 12:42:10 451656] "UberIcon"="C:\Program Files (x86)\UberIcon\UberIcon Manager.exe" [2007-08-17 18:10:04 159744] "DAEMON Tools Pro Agent"="C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" [2012-10-23 08:25:10 3108480] "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2010-11-21 03:24:51 1475584] "ApplePhotoStreams"="C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe" [2013-11-20 14:43:14 59720] "SkyDrive"="C:\Users\PATRICK\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" [2014-04-05 04:40:35 257224] "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe" [2014-02-10 16:46:14 20922016] "CCleaner"="C:\Program Files\CCleaner\CCleaner64.exe" [2014-04-17 16:53:08 6152472] "NumCapsScroll Indicator"="C:\Users\PATRICK\Downloads\NumCapsScroll Indicator\NumCapsScroll Indicator.exe" [2011-06-01 17:29:10 1431818] "KeyboardLeds.exe"="C:\Program Files (x86)\Keyboard LEDs\KeyboardLeds.exe" [2012-09-06 00:46:12 912896] "Magic Boss Key"="C:\Program Files (x86)\Magicboss\mgboss.exe" [2011-02-23 13:17:16 355840] [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "LManager"="C:\Program Files (x86)\Launch Manager\LManager.exe" [2012-03-02 07:59:24 1106512] "APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2014-02-12 19:57:54 43848] "EEventManager"="C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe" [2009-12-03 09:12:12 976320] "Nikon Message Center 2"="C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe" [2011-10-30 14:44:36 571392] "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 16:57:26 959904] "WTClient"="WTClient.exe" [2013-03-04 12:24:03 40960] "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 07:16:26 254336] "AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe" [2014-04-22 21:35:00 3873704] "QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe" [2014-01-17 15:24:00 421888] "iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe" [2014-02-21 02:54:40 152392] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableSecureUIAPath"= 1 (0x1) [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows] "LoadAppInit_DLLs"=1 (0x1) [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "aux7"=wdmaud.drv R2 aswStm;aswStm;C:\Windows\system32\drivers\aswStm.sys;C:\Windows\SYSNATIVE\drivers\aswStm.sys [x] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x] R2 KinoniSvc;Kinoni Service;C:\Program Files (x86)\Kinoni\EpocCam_and_Barcode_drivers\KinoniSvc.exe;C:\Program Files (x86)\Kinoni\EpocCam_and_Barcode_drivers\KinoniSvc.exe [x] R2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe;C:\Program Files (x86)\Skype\Updater\Updater.exe [x] R3 BthAudioHF;Service BthAudioHF;C:\Windows\system32\DRIVERS\BthAudioHF.sys;C:\Windows\SYSNATIVE\DRIVERS\BthAudioHF.sys [x] R3 BthAvrcp;Profil AVRCP Bluetooth;C:\Windows\system32\DRIVERS\BthAvrcp.sys;C:\Windows\SYSNATIVE\DRIVERS\BthAvrcp.sys [x] R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\system32\DRIVERS\clwvd.sys;C:\Windows\SYSNATIVE\DRIVERS\clwvd.sys [x] R3 csr_a2dp;Profil AV Bluetooth;C:\Windows\system32\drivers\bthav.sys;C:\Windows\SYSNATIVE\drivers\bthav.sys [x] R3 DCDhcpService;DCDhcpService;C:\Program Files (x86)\Packard Bell\WDAgent\DCDhcpService.exe;C:\Program Files (x86)\Packard Bell\WDAgent\DCDhcpService.exe [x] R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\system32\IEEtwCollector.exe;C:\Windows\SYSNATIVE\IEEtwCollector.exe [x] R3 JLTECH0227;Dual Mode Camera;C:\Windows\system32\Drivers\jl2005c.sys;C:\Windows\SYSNATIVE\Drivers\jl2005c.sys [x] R3 ma-config_amd64;ma-config_amd64;C:\Program Files\ma-config.com\Drivers\ma-config_amd64.sys;C:\Program Files\ma-config.com\Drivers\ma-config_amd64.sys [x] R3 ManyCam;ManyCam Virtual Webcam;C:\Windows\system32\DRIVERS\mcvidrv.sys;C:\Windows\SYSNATIVE\DRIVERS\mcvidrv.sys [x] R3 mcaudrv_simple;ManyCam Virtual Microphone;C:\Windows\system32\drivers\mcaudrv_x64.sys;C:\Windows\SYSNATIVE\drivers\mcaudrv_x64.sys [x] R3 Netaapl;Apple Mobile Device Ethernet Service;C:\Windows\system32\DRIVERS\netaapl64.sys;C:\Windows\SYSNATIVE\DRIVERS\netaapl64.sys [x] R3 PAC207;SoC PC-Camera;C:\Windows\system32\DRIVERS\PFC027.SYS;C:\Windows\SYSNATIVE\DRIVERS\PFC027.SYS [x] R3 PTSimHid;PenTablet Simulated HID MiniDriver;C:\Windows\system32\DRIVERS\PTSimHid.sys;C:\Windows\SYSNATIVE\DRIVERS\PTSimHid.sys [x] R3 RTL8192cu;Realtek RTL8192CU Wireless LAN 802.11n USB 2.0 Network Adapter;C:\Windows\system32\DRIVERS\rtwlanu.sys;C:\Windows\SYSNATIVE\DRIVERS\rtwlanu.sys [x] R3 ss_bbus;SAMSUNG USB Mobile Device (WDM);C:\Windows\system32\DRIVERS\ss_bbus.sys;C:\Windows\SYSNATIVE\DRIVERS\ss_bbus.sys [x] R3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);C:\Windows\system32\DRIVERS\ss_bmdfl.sys;C:\Windows\SYSNATIVE\DRIVERS\ss_bmdfl.sys [x] R3 ss_bmdm;SAMSUNG USB Mobile Modem;C:\Windows\system32\DRIVERS\ss_bmdm.sys;C:\Windows\SYSNATIVE\DRIVERS\ss_bmdm.sys [x] R3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys;C:\Windows\SYSNATIVE\drivers\tsusbflt.sys [x] R3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys;C:\Windows\SYSNATIVE\drivers\TsUsbGD.sys [x] R3 WatAdminSvc;Service Windows Activation Technologies;C:\Windows\system32\Wat\WatAdminSvc.exe;C:\Windows\SYSNATIVE\Wat\WatAdminSvc.exe [x] S0 aswRvrt;avast! Revert; [x] S0 aswVmm;avast! VM Monitor; [x] S1 aswKbd;aswKbd; [x] S1 aswSnx;aswSnx;C:\Windows\system32\drivers\aswSnx.sys;C:\Windows\SYSNATIVE\drivers\aswSnx.sys [x] S1 aswSP;aswSP;C:\Windows\system32\drivers\aswSP.sys;C:\Windows\SYSNATIVE\drivers\aswSP.sys [x] S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\system32\DRIVERS\dtsoftbus01.sys;C:\Windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x] S2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe;C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [x] S2 aswHwid;avast! HardwareID;C:\Windows\system32\drivers\aswHwid.sys;C:\Windows\SYSNATIVE\drivers\aswHwid.sys [x] S2 aswMonFlt;aswMonFlt;C:\Windows\system32\drivers\aswMonFlt.sys;C:\Windows\SYSNATIVE\drivers\aswMonFlt.sys [x] S2 DsiWMIService;Dritek WMI Service;C:\Program Files (x86)\Launch Manager\dsiwmis.exe;C:\Program Files (x86)\Launch Manager\dsiwmis.exe [x] S2 ePowerSvc;ePower Service;C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe;C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [x] S2 GREGService;GREGService;C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe;C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe [x] S2 HFGService;Handsfree Headset Service;C:\Windows\system32\svchost.exe;C:\Windows\SYSNATIVE\svchost.exe [x] S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x] S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe;C:\Program Files\Intel\iCLS Client\HeciServer.exe [x] S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x] S2 Live Updater Service;Live Updater Service;C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe;C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [x] S2 MaConfigAgent;Ma-Config Agent;C:\Program Files\ma-config.com\MaConfigAgent.exe;C:\Program Files\ma-config.com\MaConfigAgent.exe [x] S2 TeamViewer9;TeamViewer 9;C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe;C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [x] S3 b57xdbd;Broadcom xD Picture Bus Driver Service;C:\Windows\system32\DRIVERS\b57xdbd.sys;C:\Windows\SYSNATIVE\DRIVERS\b57xdbd.sys [x] S3 b57xdmp;Broadcom xD Picture vstorp client drv;C:\Windows\system32\DRIVERS\b57xdmp.sys;C:\Windows\SYSNATIVE\DRIVERS\b57xdmp.sys [x] S3 bScsiMSa;bScsiMSa;C:\Windows\system32\DRIVERS\bScsiMSa.sys;C:\Windows\SYSNATIVE\DRIVERS\bScsiMSa.sys [x] S3 bScsiSDa;bScsiSDa;C:\Windows\system32\DRIVERS\bScsiSDa.sys;C:\Windows\SYSNATIVE\DRIVERS\bScsiSDa.sys [x] S3 ETD;ELAN PS/2 Port Input Device;C:\Windows\system32\DRIVERS\ETD.sys;C:\Windows\SYSNATIVE\DRIVERS\ETD.sys [x] S3 InputFilter_Hid_FlexDef2b;Siliten HID Devices(FlexDef2b) Driver Service;C:\Windows\system32\DRIVERS\InputFilter_FlexDef2b.sys;C:\Windows\SYSNATIVE\DRIVERS\InputFilter_FlexDef2b.sys [x] S3 IntcDAud;Son Intel(R) pour écrans;C:\Windows\system32\DRIVERS\IntcDAud.sys;C:\Windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x] S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;C:\Windows\system32\DRIVERS\k57nd60a.sys;C:\Windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x] S3 PTSimBus;PenTablet Bus Enumerator;C:\Windows\system32\DRIVERS\PTSimBus.sys;C:\Windows\SYSNATIVE\DRIVERS\PTSimBus.sys [x] S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys;C:\Windows\SYSNATIVE\Drivers\usbaapl64.sys [x] S3 WSDScan;Prise en charge de la numérisation WSD via UMB;C:\Windows\system32\DRIVERS\WSDScan.sys;C:\Windows\SYSNATIVE\DRIVERS\WSDScan.sys [x] [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost] iissvcs REG_MULTI_SZ w3svc was apphost REG_MULTI_SZ apphostsvc [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] 2014-04-25 06:55:24 1078088 ----a-w- C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\Installer\chrmstp.exe Contenu du dossier 'Tâches planifiées' 2014-05-04 C:\Windows\Tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-14 08:57:55 . 2014-05-02 13:34:17] 2014-05-04 C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-14 06:24:51 . 2013-05-14 06:24:48] 2014-05-04 C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-14 06:24:51 . 2013-05-14 06:24:48] 2014-05-03 C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3216922189-3069402670-1419407614-1000Core.job - C:\Users\PATRICK\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-30 17:23:49 . 2012-08-30 17:23:48] 2014-05-04 C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3216922189-3069402670-1419407614-1000UA.job - C:\Users\PATRICK\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-30 17:23:49 . 2012-08-30 17:23:48] --------- X64 Entries ----------- [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1] @="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}" [HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}] 2014-04-05 04:40:48 262344 ----a-w- C:\Users\PATRICK\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2] @="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}" [HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}] 2014-04-05 04:40:48 262344 ----a-w- C:\Users\PATRICK\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3] @="{BBACC218-34EA-4666-9D7A-C78F2274A524}" [HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}] 2014-04-05 04:40:48 262344 ----a-w- C:\Users\PATRICK\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2014-04-22 21:35:05 290888 ----a-w- C:\Program Files\AVAST Software\Avast\ashShA64.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="C:\Windows\system32\igfxtray.exe" [2012-02-20 04:18:16 170264] "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" [2012-02-20 04:18:10 398616] "Persistence"="C:\Windows\system32\igfxpers.exe" [2012-02-20 04:18:14 440600] "Power Management"="C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe" [2012-02-07 15:53:48 1829768] "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-06-11 09:28:02 12503184] "ClocX"="C:\Program Files\ClocX\ClocX.exe" [2013-01-14 16:01:00 2713600] "Monitor"="C:\Windows\PixArt\PAC207\Monitor.exe" [2006-11-03 10:01:16 319488] ------- Examen supplémentaire ------- uStart Page = about:blank uLocal Page = C:\Windows\system32\blank.htm mStart Page = about:blank mLocal Page = C:\Windows\SysWOW64\blank.htm mDefault_Page_URL = hxxp://www.google.com uInternet Settings,ProxyOverride = *.local IE: E&xporter vers Microsoft Excel - C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000 TCP: DhcpNameServer = 192.168.1.1 FF - ProfilePath - C:\Users\PATRICK\AppData\Roaming\Mozilla\Firefox\Profiles\11jsoyw0.default\ FF - prefs.js: browser.search.selectedEngine - - - - - ORPHELINS SUPPRIMES - - - - Toolbar-Locked - (no file) HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start Toolbar-Locked - (no file) ShellIconOverlayIdentifiers-{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} - (no file) HKLM-Run-ETDCtrl - C:\Program Files (x86)\Elantech\ETDCtrl.exe AddRemove-3ae45191-685e-47ec-a3aa-2014761040f0 - C:\PROGRA~3\INSTAL~2\{5C18E~1\Setup.exe