Combofix s'est lancé tout de même, et voici le rapport :
ComboFix 14-10-04.01 - Vincent 09/10/2014 19:07:50.1.4 - x64
Microsoft Windows 7 Édition Familiale Premium 6.1.7601.1.1252.33.1036.18.3885.1237 [GMT 2:00]
Lancé depuis: c:\users\Vincent\Pictures\twitter\ComboFix.exe
AV: Norton Internet Security *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton Internet Security *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Norton Internet Security *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\esupport\eDriver\Software\ASUS\MultiFrame\XP32_Vista32_Vista64_Win7_32_Win7_64_1.0.0021\Desktop_.ini
c:\program files (x86)\Common Files\ASPG_icon.ico
c:\programdata\ma-config.com\Logs\activex.txt
c:\programdata\ma-config.com\Logs\mcdetection.txt
c:\programdata\ma-config.com\Logs\mcstubuser.txt
c:\programdata\ma-config.com\mcbase.db
c:\programdata\ma-config.com\server.pem
c:\users\Vincent\AppData\Local\Adobe\downloader.dll
c:\users\Vincent\AppData\Local\Adobe\gccheck.exe
c:\users\Vincent\AppData\Local\Adobe\gtbcheck.exe
c:\users\Vincent\AppData\Roaming\Love
c:\users\Vincent\AppData\Roaming\Love\mari0\options.txt
c:\users\Vincent\AppData\Roaming\Vincentlog.dat
c:\users\Vincent\bbkeyswin.exe
c:\users\Vincent\Desktop\Search.lnk
c:\users\Vincent\Documents\~WRL0228.tmp
c:\users\Vincent\Documents\~WRL3469.tmp
c:\windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe
c:\windows\msvcr71.dll
c:\windows\SysWow64\install
c:\programdata\ma-config.com . . . . impossible à supprimer
c:\programdata\ma-config.com\Logs\maconfservice.txt . . . . impossible à supprimer
c:\programdata\ma-config.com\Logs\websocketpp.log . . . . impossible à supprimer
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2014-09-09 au 2014-10-09 ))))))))))))))))))))))))))))))))))))
.
.
2074-05-07 17:38 . 2006-11-21 19:48 203576 ------w- c:\program files (x86)\Microsoft Games\Age of Empires III\autopatcher2.exe
2014-10-09 16:27 . 2014-10-09 16:27 -------- d-----w- c:\program files (x86)\LPT
2014-10-09 16:25 . 2014-10-09 16:26 -------- d-----w- c:\users\Vincent\AppData\Local\LPT
2014-10-09 16:25 . 2014-10-09 16:25 -------- d-----w- c:\users\Vincent\AppData\Local\Smartbar
2014-10-09 16:25 . 2014-10-09 16:25 -------- d-----w- c:\program files (x86)\CrystalDiskInfo
2014-10-09 16:25 . 2014-10-09 16:25 -------- d-----w- c:\users\Vincent\AppData\Roaming\OpenCandy
2014-10-09 16:00 . 2014-10-09 16:00 34808 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2014-10-09 16:00 . 2014-10-09 16:00 -------- d-----w- c:\programdata\RogueKiller
2014-10-08 12:00 . 2014-10-08 12:00 157384 ----a-w- c:\windows\system32\drivers\ESETOlmarikOlmascoCleaner.sys
2014-10-08 09:52 . 2014-10-08 14:24 52550 ----a-w- c:\windows\SysWow64\epfwdata.bin
2014-10-08 09:21 . 2014-10-08 09:21 -------- d-----w- c:\program files\ESET
2014-10-07 22:20 . 2014-10-08 11:37 122584 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-10-07 22:20 . 2014-10-08 09:19 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2014-10-07 22:20 . 2014-10-07 22:20 -------- d-----w- c:\programdata\Malwarebytes
2014-10-07 22:20 . 2014-05-12 05:26 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-10-07 22:20 . 2014-05-12 05:26 91352 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-10-07 22:20 . 2014-05-12 05:25 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-10-07 22:18 . 2014-10-07 22:18 -------- d-----w- c:\users\Vincent\AppData\Roaming\ZHP
2014-10-07 22:18 . 2014-10-07 22:18 -------- d-----w- c:\program files (x86)\ZHPDiag
2014-10-07 21:33 . 2014-10-07 21:33 -------- d-----w- c:\programdata\AVAST Software
2014-10-07 20:58 . 2014-10-07 20:58 -------- d-----w- c:\users\Vincent\AppData\Roaming\Oracle
2014-10-07 20:57 . 2014-10-07 20:57 -------- d-----w- c:\program files (x86)\Common Files\Java
2014-10-07 20:57 . 2014-07-25 10:55 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-10-07 20:47 . 2014-10-09 17:23 -------- d-----w- c:\programdata\ma-config.com
2014-10-07 20:47 . 2014-10-07 20:47 -------- d-----w- c:\program files\ma-config.com
2014-10-07 19:48 . 2014-10-07 19:48 -------- d-----w- c:\program files (x86)\RamBoost XP
2014-10-04 10:05 . 2014-01-09 02:22 5694464 ----a-w- c:\windows\SysWow64\mstscax.dll
2014-10-04 10:05 . 2014-01-03 22:44 6574592 ----a-w- c:\windows\system32\mstscax.dll
2014-10-01 10:28 . 2014-09-25 02:08 371712 ----a-w- c:\windows\system32\qdvd.dll
2014-10-01 10:28 . 2014-09-25 01:40 519680 ----a-w- c:\windows\SysWow64\qdvd.dll
2014-09-25 15:57 . 2014-09-25 15:57 -------- d-----w- c:\program files (x86)\Common Files\Skype
2014-09-24 06:35 . 2014-09-09 22:11 2048 ----a-w- c:\windows\system32\tzres.dll
2014-09-24 06:35 . 2014-09-09 21:47 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2014-09-11 18:56 . 2014-06-27 02:08 2777088 ----a-w- c:\windows\system32\msmpeg2vdec.dll
2014-09-11 18:56 . 2014-06-27 01:45 2285056 ----a-w- c:\windows\SysWow64\msmpeg2vdec.dll
2014-09-11 12:30 . 2014-08-01 11:53 1031168 ----a-w- c:\windows\system32\TSWorkspace.dll
2014-09-11 12:30 . 2014-08-01 11:35 793600 ----a-w- c:\windows\SysWow64\TSWorkspace.dll
2014-09-11 12:30 . 2014-06-24 03:29 2565120 ----a-w- c:\windows\system32\d3d10warp.dll
2014-09-11 12:30 . 2014-06-24 02:59 1987584 ----a-w- c:\windows\SysWow64\d3d10warp.dll
2014-09-11 12:30 . 2014-07-07 02:06 728064 ----a-w- c:\windows\system32\kerberos.dll
2014-09-11 12:30 . 2014-07-07 02:06 1460736 ----a-w- c:\windows\system32\lsasrv.dll
2014-09-11 12:30 . 2014-07-07 01:40 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2014-09-11 12:30 . 2014-07-07 01:40 550912 ----a-w- c:\windows\SysWow64\kerberos.dll
2014-09-11 12:30 . 2014-07-07 01:39 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2014-09-11 12:30 . 2014-09-05 02:10 578048 ----a-w- c:\windows\system32\aepdu.dll
2014-09-11 12:30 . 2014-09-05 02:05 424448 ----a-w- c:\windows\system32\aeinv.dll
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-09-12 19:49 . 2013-09-12 10:00 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-09-12 19:49 . 2013-09-12 10:00 701104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-09-11 18:57 . 2010-12-31 14:13 101694776 ----a-w- c:\windows\system32\MRT.exe
2014-08-23 02:07 . 2014-08-28 00:02 404480 ----a-w- c:\windows\system32\gdi32.dll
2014-08-23 01:45 . 2014-08-28 00:02 311808 ----a-w- c:\windows\SysWow64\gdi32.dll
2014-08-23 00:59 . 2014-08-28 00:02 3163648 ----a-w- c:\windows\system32\win32k.sys
2014-07-25 00:35 . 2014-07-25 00:35 875688 ----a-w- c:\windows\SysWow64\msvcr120_clr0400.dll
2014-07-24 21:47 . 2014-07-24 21:47 869544 ----a-w- c:\windows\system32\msvcr120_clr0400.dll
2014-07-14 02:02 . 2014-08-15 10:00 1216000 ----a-w- c:\windows\system32\rpcrt4.dll
2014-07-14 01:40 . 2014-08-15 10:00 664064 ----a-w- c:\windows\SysWow64\rpcrt4.dll
2009-04-08 17:31 . 2009-04-08 17:31 106496 ----a-w- c:\program files (x86)\Common Files\CPInstallAction.dll
2008-08-12 04:45 . 2008-08-12 04:45 155648 ----a-w- c:\program files (x86)\Common Files\MSIactionall.dll
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{31ad400d-1b06-4e33-a59a-90c2c140cba0}]
2010-11-05 01:58 297808 ----a-w- c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-02 00:08 143360 ----a-w- c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Syncables"="c:\program files (x86)\syncables\syncables desktop\Syncables.exe" [2010-04-05 370480]
"Browser Infrastructure Helper"="c:\users\Vincent\AppData\Local\Smartbar\Application\Smartbar.exe" [2014-08-27 29696]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2010-06-25 6806144]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2010-05-03 170624]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"Wireless Console 3"="c:\program files (x86)\ASUS\Wireless Console 3\wcourier.exe" [2010-07-02 1597440]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-01-21 91520]
"AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-08-21 959176]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\3.8.150\SSScheduler.exe [2014-4-9 332016]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ESETOlmarikOlmascoCleaner]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ESETOlmarikOlmascoCleaner.sys]
@="Driver"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [x]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys;c:\windows\SYSNATIVE\Drivers\ssadadb.sys [x]
R3 Bulk;HDJBulk;c:\windows\system32\Drivers\HDJBulk.sys;c:\windows\SYSNATIVE\Drivers\HDJBulk.sys [x]
R3 ESETOlmarikOlmascoCleaner;ESET Olmarik/Olmasco Cleaner;c:\windows\system32\Drivers\ESETOlmarikOlmascoCleaner.sys;c:\windows\SYSNATIVE\Drivers\ESETOlmarikOlmascoCleaner.sys [x]
R3 HDJAsioK;HDJAsioK;c:\windows\system32\Drivers\HDJAsioK.sys;c:\windows\SYSNATIVE\Drivers\HDJAsioK.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 ma-config_amd64;ma-config_amd64;c:\program files\ma-config.com\Drivers\ma-config_amd64.sys;c:\program files\ma-config.com\Drivers\ma-config_amd64.sys [x]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\3.8.150\McCHSvc.exe;c:\program files\McAfee Security Scan\3.8.150\McCHSvc.exe [x]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys;c:\windows\SYSNATIVE\DRIVERS\netaapl64.sys [x]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys;c:\windows\SYSNATIVE\DRIVERS\SiSG664.sys [x]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssadbus.sys [x]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdfl.sys [x]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdm.sys [x]
R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys;c:\windows\SYSNATIVE\DRIVERS\ssadserd.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 lullaby;lullaby;c:\windows\system32\DRIVERS\lullaby.sys;c:\windows\SYSNATIVE\DRIVERS\lullaby.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe;c:\windows\SYSNATIVE\FBAgent.exe [x]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 HerculesDJControlMP3;Hercules DJ Control MP3;c:\program files\Hercules\Audio\DJ Console Series\drivers\amd64\HerculesDJControlMP3.EXE;c:\program files\Hercules\Audio\DJ Console Series\drivers\amd64\HerculesDJControlMP3.EXE [x]
S2 LPTSystemUpdater;LPT System Updater Service;c:\program files (x86)\LPT\srpts.exe;c:\program files (x86)\LPT\srpts.exe [x]
S2 MaConfigAgent;Ma-Config Agent;c:\program files\ma-config.com\MaConfigAgent.exe;c:\program files\ma-config.com\MaConfigAgent.exe [x]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys;c:\windows\SYSNATIVE\DRIVERS\Impcd.sys [x]
S3 IntcDAud;Son Intel(R) pour écrans;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys;c:\windows\SYSNATIVE\DRIVERS\jmcr.sys [x]
S3 JME;JMicron Ethernet Adapter NDIS6.20 Driver (Amd64 Bits);c:\windows\system32\DRIVERS\JME.sys;c:\windows\SYSNATIVE\DRIVERS\JME.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
.
.
--- Autres Services/Pilotes en mémoire ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-09-25 08:00 1096520 ----a-w- c:\program files (x86)\Google\Chrome\Application\37.0.2062.124\Installer\chrmstp.exe
.
Contenu du dossier 'Tâches planifiées'
.
2014-10-09 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-12 19:49]
.
2013-08-23 c:\windows\Tasks\ASUS SmartLogon Console Sensor.job
- c:\program files (x86)\ASUS\SmartLogon\sensorsrv.exe [2009-07-31 17:38]
.
2014-10-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-04 16:40]
.
2014-10-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-04 16:40]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-01 23:52 159744 ----a-w- c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt1_64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Logitech Download Assistant"="c:\windows\System32\LogiLDA.dll" [2010-11-03 1580368]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2013-02-22 168944]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2013-02-22 394224]
"Persistence"="c:\windows\system32\igfxpers.exe" [2013-02-22 418800]
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6YBCFyuyOThLNxuJHRGdLyjU-hj94CQ_wITnGoF9CHkg_4JFvOJ6dTFeBM84xjZIE4QDyuY00xSSVu7DVfRdeRynTZq_Qyu9ZexRDKkGqWe7FjONKkZLzbu7K_DV_-1c7SQT0J9aVJKo9RgMiNTGccR-sGBypJeScN2U_cTWQR2lw,,
uLocal Page = c:\windows\system32\blank.htm
mDefault_Search_URL = hxxp://www.google.com
mDefault_Page_URL = about:blank
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://www.google.com
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6YBCFyuyOThLNxuJHRGdLyjU-hj94CQ_wITnGoF9CHkg_4JFvOJ6dTFeBM84xjZIE4QDyuY00xSSVu3ZM-N5iHaFmsF9lEGnSGXGyYRlPkGR4WinrUJtdn883MaqGTq_wJZU8ullsinH5BdlrImeY3_jmXt1lZr-IMcPHDVWzGJsg,,&q={searchTerms}
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {{90EAE591-7E7E-434a-8E28-ECFD00071806} - c:\program files (x86)\PokerStars.FR\PokerStarsUpdate.exe
TCP: DhcpNameServer = 192.168.1.254
FF - ProfilePath - c:\users\Vincent\AppData\Roaming\Mozilla\Firefox\Profiles\17qmdtpa.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97&q=
.
- - - - ORPHELINS SUPPRIMES - - - -
.
Toolbar-Locked - (no file)
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\SRS Premium Sound.lnk - c:\windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe /f=srs_premium_sound_nopreset.zip /h
SafeBoot-38354178.sys
HKLM_Wow6432Node-ActiveSetup-{16N4M1RL-Y24A-1CGG-7452-C4GED80OI54S} - c:\windows\system32\install\server.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
HKLM-Run-Setwallpaper - c:\programdata\SetWallpaper.cmd
AddRemove-8461-7759-5462-8226 - c:\program files (x86)\Vuze\uninstall.exe
AddRemove-K_Series_ScreenSaver_EN - c:\windows\system32\K_Series_ScreenSaver_EN.scr
.
.
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_USERS\S-1-5-21-1910040821-2578611048-1998619339-1002\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-1910040821-2578611048-1998619339-1002\Software\SecuROM\License information*]
"datasecu"=hex:85,70,e7,f4,45,7c,10,11,02,ea,9a,06,ed,22,c7,5c,88,cc,70,da,bf,
79,f6,26,51,d1,c0,9d,e1,76,8d,31,35,e8,11,45,63,b8,ae,88,2f,73,cb,1c,8b,3b,\
"rkeysecu"=hex:a1,d0,90,55,2b,aa,d8,40,5f,72,98,f4,a3,c1,98,6c
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Autres processus actifs ------------------------
.
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
c:\program files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files (x86)\LPT\srptsl.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
c:\windows\AsScrPro.exe
c:\program files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
c:\program files (x86)\ASUS\ControlDeck\ControlDeck.exe
c:\users\Vincent\AppData\Local\LPT\srptm.exe
.
**************************************************************************
.
Heure de fin: 2014-10-09 19:32:37 - La machine a redémarré
ComboFix-quarantined-files.txt 2014-10-09 17:32
.
Avant-CF: 21 280 260 096 octets libres
Après-CF: 21 068 627 968 octets libres
.
- - End Of File - - FFD572192AF74738AAD3D914172F5E58