ComboFix 14-12-08.01 - DELL 08/12/2014  23:00:46.1.2 - x64
Microsoft Windows 7 Professionnel   6.1.7601.1.1252.33.1036.18.3070.1985 [GMT 1:00]
Lancé depuis: c:\users\DELL\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((   Fichiers créés du 2014-11-08 au 2014-12-08  ))))))))))))))))))))))))))))))))))))
.
.
2014-12-08 22:08 . 2014-12-08 22:08	--------	d-----w-	c:\users\Default\AppData\Local\temp
2014-12-08 21:14 . 2014-12-08 21:14	--------	d-----w-	C:\_OTM
2014-12-08 20:06 . 2014-12-08 21:31	512	----a-w-	C:\PhysicalDisk0_MBR.bin
2014-12-08 20:03 . 2014-12-08 21:30	--------	d-----w-	c:\users\DELL\AppData\Roaming\ZHP
2014-12-08 20:03 . 2014-12-08 20:43	--------	d-----w-	c:\program files (x86)\ZHPDiag
2014-12-08 16:21 . 2014-12-08 16:21	--------	d-sh--w-	c:\users\DELL\AppData\Local\EmieBrowserModeList
2014-12-06 10:23 . 2014-12-08 11:09	--------	d-----w-	c:\program files (x86)\ZebHelpProcess
2014-12-05 18:15 . 2014-12-05 18:15	--------	d-----w-	c:\users\DELL\AppData\Local\Skype
2014-12-05 18:15 . 2014-12-08 18:07	--------	d-----w-	c:\users\DELL\AppData\Roaming\Skype
2014-12-05 18:15 . 2014-12-05 18:15	--------	d-----w-	c:\program files (x86)\Common Files\Skype
2014-12-05 18:15 . 2014-12-05 18:15	--------	d-----r-	c:\program files (x86)\Skype
2014-12-05 18:15 . 2014-12-05 18:15	--------	d-----w-	c:\programdata\Skype
2014-12-05 17:55 . 2014-12-08 13:03	129752	----a-w-	c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-12-05 17:54 . 2014-12-06 12:10	--------	d-----w-	c:\program files (x86)\Malwarebytes Anti-Malware
2014-12-05 17:54 . 2014-12-05 17:54	--------	d-----w-	c:\programdata\Malwarebytes
2014-12-05 17:54 . 2014-11-21 05:14	63704	----a-w-	c:\windows\system32\drivers\mwac.sys
2014-12-05 17:54 . 2014-11-21 05:14	93400	----a-w-	c:\windows\system32\drivers\mbamchameleon.sys
2014-12-05 17:54 . 2014-11-21 05:14	25816	----a-w-	c:\windows\system32\drivers\mbam.sys
2014-12-05 17:32 . 2014-12-05 17:37	--------	d-----w-	c:\users\DELL\AppData\Local\System Navigator 2013
2014-12-05 17:31 . 2009-10-21 22:31	23552	----a-w-	c:\windows\system32\drivers\filedisk.sys
2014-12-05 17:31 . 2014-12-05 17:31	--------	d-----w-	c:\program files\System Navigator
2014-12-05 17:11 . 2014-11-02 04:20	11632448	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{0E18A837-A024-4034-811C-E877E07DA0A6}\mpengine.dll
2014-12-02 08:59 . 2014-12-02 08:59	--------	d-----w-	c:\users\DELL\AppData\Local\PrintersManager
2014-12-02 08:57 . 2014-12-02 08:57	--------	d-----w-	c:\users\DELL\AppData\Local\Startup
2014-12-02 08:56 . 2014-12-02 08:56	--------	d-----w-	c:\users\DELL\AppData\Roaming\Softland
2014-12-02 08:54 . 2014-12-02 08:54	--------	d-----w-	c:\programdata\Softland
2014-12-02 08:53 . 2014-12-02 08:53	--------	d-----w-	c:\program files\Softland
2014-12-02 08:53 . 2014-12-02 08:53	--------	d-----w-	c:\program files (x86)\Softland
2014-12-02 08:53 . 2014-12-02 08:53	--------	d-----w-	c:\programdata\regid.2008-09.org.wixtoolset
2014-12-01 17:42 . 2014-12-01 17:42	--------	d-----w-	c:\program files (x86)\Common Files\Bcgsoft
2014-12-01 17:42 . 2014-12-01 17:42	--------	d-----w-	c:\users\DELL\AppData\Roaming\PearlMountain
2014-12-01 17:42 . 2014-12-01 17:42	--------	d-----w-	c:\programdata\PearlMountain
2014-12-01 17:42 . 2014-12-01 17:42	--------	d-----w-	c:\program files (x86)\Photo Collage Maker
2014-12-01 16:54 . 2014-12-01 16:54	--------	d-----w-	c:\users\DELL\AppData\Roaming\runic games
2014-12-01 16:43 . 2014-12-08 20:38	--------	d-----w-	c:\users\DELL\AppData\Local\CrashDumps
2014-11-21 19:02 . 2014-11-21 19:02	15872	----a-w-	c:\windows\system32\novami8.dll
2014-11-21 19:02 . 2014-11-21 19:02	18944	----a-w-	c:\windows\system32\novamn8.dll
2014-11-20 08:49 . 2014-12-06 16:35	--------	d-----w-	c:\programdata\Ashampoo
2014-11-20 07:58 . 2014-11-11 03:08	241152	----a-w-	c:\windows\system32\pku2u.dll
2014-11-20 07:58 . 2014-11-11 03:08	728064	----a-w-	c:\windows\system32\kerberos.dll
2014-11-20 07:58 . 2014-11-11 02:44	186880	----a-w-	c:\windows\SysWow64\pku2u.dll
2014-11-20 07:58 . 2014-11-11 02:44	550912	----a-w-	c:\windows\SysWow64\kerberos.dll
2014-11-18 15:30 . 2014-11-18 15:30	--------	d-----w-	c:\program files (x86)\TechSmith
2014-11-15 17:45 . 2014-11-15 17:45	--------	d-----w-	c:\users\DELL\AppData\Local\Aurora Software
2014-11-15 17:43 . 2014-11-15 17:43	--------	d-----w-	c:\program files (x86)\Aurora Software
2014-11-13 08:27 . 2014-11-13 08:27	--------	d-----w-	c:\users\DELL\AppData\Roaming\DxO Labs
2014-11-13 08:26 . 2014-11-13 08:27	--------	d-----w-	c:\users\DELL\AppData\Local\DxO_Labs
2014-11-13 08:26 . 2009-09-04 16:29	1892184	----a-w-	c:\windows\SysWow64\D3DX9_42.dll
2014-11-13 08:26 . 2009-09-04 16:29	2475352	----a-w-	c:\windows\system32\D3DX9_42.dll
2014-11-13 08:25 . 2014-11-13 08:27	--------	d-----w-	c:\programdata\DxO Labs
2014-11-13 08:25 . 2014-11-13 08:25	--------	d-----w-	c:\program files\DxO Labs
2014-11-13 07:20 . 2014-08-21 06:43	1882624	----a-w-	c:\windows\system32\msxml3.dll
2014-11-13 07:20 . 2014-08-21 06:40	2048	----a-w-	c:\windows\system32\msxml3r.dll
2014-11-13 07:20 . 2014-08-21 06:26	1237504	----a-w-	c:\windows\SysWow64\msxml3.dll
2014-11-13 07:20 . 2014-08-21 06:23	2048	----a-w-	c:\windows\SysWow64\msxml3r.dll
2014-11-13 07:20 . 2014-11-06 03:54	49664	----a-w-	c:\program files\Internet Explorer\DiagnosticsHub_is.dll
2014-11-13 07:20 . 2014-11-06 03:46	48640	----a-w-	c:\windows\system32\ieetwproxystub.dll
2014-11-13 07:20 . 2014-11-06 03:30	114688	----a-w-	c:\windows\system32\ieetwcollector.exe
2014-11-13 07:20 . 2014-11-06 03:12	47616	----a-w-	c:\windows\SysWow64\ieetwproxystub.dll
2014-11-13 07:20 . 2014-11-06 03:09	276480	----a-w-	c:\program files\Internet Explorer\DiagnosticsHub.ScriptedSandboxPlugin.dll
2014-11-13 07:18 . 2014-10-03 02:12	500224	----a-w-	c:\windows\system32\AUDIOKSE.dll
2014-11-13 07:18 . 2014-10-03 01:44	442880	----a-w-	c:\windows\SysWow64\AUDIOKSE.dll
2014-11-13 07:18 . 2014-10-03 02:11	284672	----a-w-	c:\windows\system32\EncDump.dll
2014-11-13 07:18 . 2014-10-03 02:11	680960	----a-w-	c:\windows\system32\audiosrv.dll
2014-11-13 07:18 . 2014-10-03 02:11	440832	----a-w-	c:\windows\system32\AudioEng.dll
2014-11-13 07:18 . 2014-10-03 02:11	296448	----a-w-	c:\windows\system32\AudioSes.dll
2014-11-13 07:18 . 2014-10-03 01:44	374784	----a-w-	c:\windows\SysWow64\AudioEng.dll
2014-11-13 07:18 . 2014-10-03 01:44	195584	----a-w-	c:\windows\SysWow64\AudioSes.dll
2014-11-13 07:18 . 2014-10-18 02:05	861696	----a-w-	c:\windows\system32\oleaut32.dll
2014-11-13 07:18 . 2014-10-18 01:33	571904	----a-w-	c:\windows\SysWow64\oleaut32.dll
2014-11-13 07:18 . 2014-10-25 01:57	77824	----a-w-	c:\windows\system32\packager.dll
2014-11-13 07:18 . 2014-10-25 01:32	67584	----a-w-	c:\windows\SysWow64\packager.dll
2014-11-11 09:51 . 2014-11-11 09:51	364512	----a-w-	c:\windows\system32\aswBoot.exe
2014-11-11 09:51 . 2014-11-11 09:51	43152	----a-w-	c:\windows\avastSS.scr
2014-11-11 09:35 . 2014-11-11 09:37	--------	d-----w-	c:\users\DELL\AppData\Local\Google
2014-11-11 09:35 . 2014-11-11 09:36	--------	d-----w-	c:\program files (x86)\Google
.
.
.
((((((((((((((((((((((((((((((((((   Compte-rendu de Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-12-01 17:48 . 2014-10-15 08:29	71344	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-12-01 17:48 . 2014-10-15 08:29	701104	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2014-12-01 16:36 . 2014-10-07 17:23	1050432	----a-w-	c:\windows\system32\drivers\aswsnx.sys
2014-11-24 13:04 . 2010-11-21 03:27	275080	------w-	c:\windows\system32\MpSigStub.exe
2014-11-13 07:21 . 2014-10-07 13:39	103374192	----a-w-	c:\windows\system32\MRT.exe
2014-11-11 09:51 . 2014-10-07 17:23	436624	----a-w-	c:\windows\system32\drivers\aswsp.sys
2014-11-11 09:51 . 2014-10-07 17:23	267632	----a-w-	c:\windows\system32\drivers\aswVmm.sys
2014-11-11 09:51 . 2014-10-07 17:23	116728	----a-w-	c:\windows\system32\drivers\aswStm.sys
2014-11-11 09:51 . 2014-10-07 17:23	83280	----a-w-	c:\windows\system32\drivers\aswMonFlt.sys
2014-11-11 09:51 . 2014-10-07 17:23	65776	----a-w-	c:\windows\system32\drivers\aswRvrt.sys
2014-11-11 09:51 . 2014-10-07 17:23	29208	----a-w-	c:\windows\system32\drivers\aswHwid.sys
2014-11-11 09:51 . 2014-10-07 17:23	93568	----a-w-	c:\windows\system32\drivers\aswRdr2.sys
2014-10-27 09:47 . 2014-10-08 22:46	80208	----a-w-	c:\windows\system32\drivers\eagleGet.sys
2014-10-15 08:20 . 2014-10-15 08:21	98216	----a-w-	c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-10-07 15:35 . 2014-10-07 15:35	194048	----a-w-	c:\windows\SysWow64\elshyph.dll
2014-10-07 15:35 . 2014-10-07 15:35	71680	----a-w-	c:\windows\SysWow64\RegisterIEPKEYs.exe
2014-10-07 15:35 . 2014-10-07 15:35	645120	----a-w-	c:\windows\SysWow64\jsIntl.dll
2014-10-07 15:35 . 2014-10-07 15:35	62464	----a-w-	c:\windows\SysWow64\tdc.ocx
2014-10-07 15:35 . 2014-10-07 15:35	235008	----a-w-	c:\windows\system32\elshyph.dll
2014-10-07 15:35 . 2014-10-07 15:35	182272	----a-w-	c:\windows\SysWow64\msls31.dll
2014-10-07 15:35 . 2014-10-07 15:35	337408	----a-w-	c:\windows\SysWow64\html.iec
2014-10-07 15:35 . 2014-10-07 15:35	74240	----a-w-	c:\windows\SysWow64\SetIEInstalledDate.exe
2014-10-07 15:35 . 2014-10-07 15:35	48640	----a-w-	c:\windows\SysWow64\mshtmler.dll
2014-10-07 15:35 . 2014-10-07 15:35	36352	----a-w-	c:\windows\SysWow64\imgutil.dll
2014-10-07 15:35 . 2014-10-07 15:35	24576	----a-w-	c:\windows\SysWow64\licmgr10.dll
2014-10-07 15:35 . 2014-10-07 15:35	151552	----a-w-	c:\windows\SysWow64\iexpress.exe
2014-10-07 15:35 . 2014-10-07 15:35	139264	----a-w-	c:\windows\SysWow64\wextract.exe
2014-10-07 15:35 . 2014-10-07 15:35	13312	----a-w-	c:\windows\SysWow64\mshta.exe
2014-10-07 15:35 . 2014-10-07 15:35	111616	----a-w-	c:\windows\SysWow64\IEAdvpack.dll
2014-10-07 15:35 . 2014-10-07 15:35	942592	----a-w-	c:\windows\system32\jsIntl.dll
2014-10-07 15:35 . 2014-10-07 15:35	90112	----a-w-	c:\windows\system32\SetIEInstalledDate.exe
2014-10-07 15:35 . 2014-10-07 15:35	86016	----a-w-	c:\windows\SysWow64\iesysprep.dll
2014-10-07 15:35 . 2014-10-07 15:35	86016	----a-w-	c:\windows\system32\RegisterIEPKEYs.exe
2014-10-07 15:35 . 2014-10-07 15:35	52224	----a-w-	c:\windows\system32\msfeedsbs.dll
2014-10-07 15:35 . 2014-10-07 15:35	48640	----a-w-	c:\windows\system32\mshtmler.dll
2014-10-07 15:35 . 2014-10-07 15:35	247808	----a-w-	c:\windows\system32\msls31.dll
2014-10-07 15:35 . 2014-10-07 15:35	13312	----a-w-	c:\windows\system32\msfeedssync.exe
2014-10-07 15:35 . 2014-10-07 15:35	131072	----a-w-	c:\windows\system32\IEAdvpack.dll
2014-10-07 15:35 . 2014-10-07 15:35	105984	----a-w-	c:\windows\system32\iesysprep.dll
2014-10-07 15:35 . 2014-10-07 15:35	81408	----a-w-	c:\windows\system32\icardie.dll
2014-10-07 15:35 . 2014-10-07 15:35	77312	----a-w-	c:\windows\system32\tdc.ocx
2014-10-07 15:35 . 2014-10-07 15:35	62464	----a-w-	c:\windows\system32\pngfilt.dll
2014-10-07 15:35 . 2014-10-07 15:35	616104	----a-w-	c:\windows\system32\ieapfltr.dat
2014-10-07 15:35 . 2014-10-07 15:35	413696	----a-w-	c:\windows\system32\html.iec
2014-10-07 15:35 . 2014-10-07 15:35	30208	----a-w-	c:\windows\system32\licmgr10.dll
2014-10-07 15:35 . 2014-10-07 15:35	243200	----a-w-	c:\windows\system32\webcheck.dll
2014-10-07 15:35 . 2014-10-07 15:35	235520	----a-w-	c:\windows\system32\url.dll
2014-10-07 15:35 . 2014-10-07 15:35	167424	----a-w-	c:\windows\system32\iexpress.exe
2014-10-07 15:35 . 2014-10-07 15:35	147968	----a-w-	c:\windows\system32\occache.dll
2014-10-07 15:35 . 2014-10-07 15:35	143872	----a-w-	c:\windows\system32\wextract.exe
2014-10-07 15:35 . 2014-10-07 15:35	13824	----a-w-	c:\windows\system32\mshta.exe
2014-10-07 15:35 . 2014-10-07 15:35	101376	----a-w-	c:\windows\system32\inseng.dll
2014-10-07 15:35 . 2014-10-07 15:35	774144	----a-w-	c:\windows\system32\jscript.dll
2014-10-07 15:35 . 2014-10-07 15:35	48128	----a-w-	c:\windows\system32\imgutil.dll
2014-10-07 15:35 . 2014-10-07 15:35	135680	----a-w-	c:\windows\system32\iepeers.dll
2014-10-07 15:24 . 2014-10-07 15:24	9728	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-10-07 15:24 . 2014-10-07 15:24	9728	---ha-w-	c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-10-07 15:24 . 2014-10-07 15:24	648192	----a-w-	c:\windows\system32\d3d10level9.dll
2014-10-07 15:24 . 2014-10-07 15:24	604160	----a-w-	c:\windows\SysWow64\d3d10level9.dll
2014-10-07 15:24 . 2014-10-07 15:24	5632	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-10-07 15:24 . 2014-10-07 15:24	5632	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-10-07 15:24 . 2014-10-07 15:24	5632	---ha-w-	c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-10-07 15:24 . 2014-10-07 15:24	5632	---ha-w-	c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-10-07 15:24 . 2014-10-07 15:24	522752	----a-w-	c:\windows\system32\XpsGdiConverter.dll
2014-10-07 15:24 . 2014-10-07 15:24	4096	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
2014-10-07 15:24 . 2014-10-07 15:24	4096	---ha-w-	c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2014-10-07 15:24 . 2014-10-07 15:24	364544	----a-w-	c:\windows\SysWow64\XpsGdiConverter.dll
2014-10-07 15:24 . 2014-10-07 15:24	363008	----a-w-	c:\windows\system32\dxgi.dll
2014-10-07 15:24 . 2014-10-07 15:24	3584	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-10-07 15:24 . 2014-10-07 15:24	3584	---ha-w-	c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-10-07 15:24 . 2014-10-07 15:24	333312	----a-w-	c:\windows\system32\d3d10_1core.dll
2014-10-07 15:24 . 2014-10-07 15:24	3072	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
2014-10-07 15:24 . 2014-10-07 15:24	3072	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-10-07 15:24 . 2014-10-07 15:24	3072	---ha-w-	c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2014-10-07 15:24 . 2014-10-07 15:24	3072	---ha-w-	c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-10-07 15:24 . 2014-10-07 15:24	296960	----a-w-	c:\windows\system32\d3d10core.dll
2014-10-07 15:24 . 2014-10-07 15:24	293376	----a-w-	c:\windows\SysWow64\dxgi.dll
2014-10-07 15:24 . 2014-10-07 15:24	2560	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-10-07 15:24 . 2014-10-07 15:24	2560	---ha-w-	c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-10-07 15:24 . 2014-10-07 15:24	249856	----a-w-	c:\windows\SysWow64\d3d10_1core.dll
2014-10-07 15:24 . 2014-10-07 15:24	245248	----a-w-	c:\windows\system32\WindowsCodecsExt.dll
2014-10-07 15:24 . 2014-10-07 15:24	221184	----a-w-	c:\windows\system32\UIAnimation.dll
2014-10-07 15:24 . 2014-10-07 15:24	220160	----a-w-	c:\windows\SysWow64\d3d10core.dll
2014-10-07 15:24 . 2014-10-07 15:24	207872	----a-w-	c:\windows\SysWow64\WindowsCodecsExt.dll
2014-10-07 15:24 . 2014-10-07 15:24	194560	----a-w-	c:\windows\system32\d3d10_1.dll
2014-10-07 15:24 . 2014-10-07 15:24	187392	----a-w-	c:\windows\SysWow64\UIAnimation.dll
2014-10-07 15:24 . 2014-10-07 15:24	1682432	----a-w-	c:\windows\system32\XpsPrint.dll
2014-10-07 15:24 . 2014-10-07 15:24	1643520	----a-w-	c:\windows\system32\DWrite.dll
2014-10-07 15:24 . 2014-10-07 15:24	161792	----a-w-	c:\windows\SysWow64\d3d10_1.dll
2014-10-07 15:24 . 2014-10-07 15:24	1247744	----a-w-	c:\windows\SysWow64\DWrite.dll
2014-10-07 15:24 . 2014-10-07 15:24	1238528	----a-w-	c:\windows\system32\d3d10.dll
2014-10-07 15:24 . 2014-10-07 15:24	1175552	----a-w-	c:\windows\system32\FntCache.dll
2014-10-07 15:24 . 2014-10-07 15:24	1158144	----a-w-	c:\windows\SysWow64\XpsPrint.dll
2014-10-07 15:24 . 2014-10-07 15:24	1080832	----a-w-	c:\windows\SysWow64\d3d10.dll
2014-10-07 15:24 . 2014-10-07 15:24	10752	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-10-07 15:24 . 2014-10-07 15:24	10752	---ha-w-	c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-09-25 02:08 . 2014-10-07 13:19	371712	----a-w-	c:\windows\system32\qdvd.dll
2014-09-25 01:40 . 2014-10-07 13:19	519680	----a-w-	c:\windows\SysWow64\qdvd.dll
2014-09-09 22:11 . 2014-10-07 13:19	2048	----a-w-	c:\windows\system32\tzres.dll
.
.
(((((((((((((((((((((((((((((((((   Points de chargement Reg   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-12-01 5226600]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]
"OTM"="c:\users\DELL\Desktop\OTM.exe" [2014-07-17 522240]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableSecureUIAPath"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute	REG_MULTI_SZ   	autocheck autochk /k:C *
.
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 eagleGet;eagleGet;c:\windows\system32\Drivers\eagleGet.sys;c:\windows\SYSNATIVE\Drivers\eagleGet.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys;c:\windows\SYSNATIVE\DRIVERS\revoflt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 DeepFrz;DeepFrz; [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 NovaPdfServer;novaPDF Server;c:\program files\Softland\novaPDF 8\Server\novapdfs.exe;c:\program files\Softland\novaPDF 8\Server\novapdfs.exe [x]
.
.
Contenu du dossier 'Tâches planifiées'
.
2014-12-08 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-10-15 17:48]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-11-11 09:51	860984	----a-w-	c:\program files\AVAST Software\Avast\ashShA64.dll
.
------- Examen supplémentaire -------
.
uLocal Page = c:\windows\SysWOW64\blank.htm
uStart Page = https://www.google.fr/
mStart Page = hxxp://www.google.com/
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Bar = hxxp://www.google.com/
mCustomizeSearch = hxxp://www.google.com/
IE: Download all links with EagleGet - c:\program files (x86)\EagleGet\IEGraberBHO.dll/202
IE: Download with EagleGet - c:\program files (x86)\EagleGet\IEGraberBHO.dll/201
TCP: DhcpNameServer = 192.168.0.254
FF - ProfilePath - c:\users\DELL\AppData\Roaming\Mozilla\Firefox\Profiles\wj0ol7hf.default\
.
- - - - ORPHELINS SUPPRIMES - - - -
.
SafeBoot-DFServ
.
.
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_239_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_239_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_15_0_0_239_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_15_0_0_239_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_239.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.15"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_239.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_239.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_239.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Heure de fin: 2014-12-08  23:12:44
ComboFix-quarantined-files.txt  2014-12-08 22:12
.
Avant-CF: 123 353 677 824 octets libres
Après-CF: 122 824 867 840 octets libres
.
- - End Of File - - 56CA336162D9AA5F4881AAA41F42EBEF
A36C5E4F47E84449FF07ED3517B43A31