ComboFix 13-09-17.01 - Alex 18/09/2013 8:07.1.4 - x64 Microsoft Windows 7 Professionnel 6.1.7601.1.1252.33.1036.18.3690.1253 [GMT 2:00] Lancé depuis: c:\users\Alex\Desktop\ComboFix.exe AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Spybot - Search and Destroy *Disabled/Outdated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0} SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . . c:\program files (x86)\Windows Live\Messenger\msacm32.dll c:\program files\Lenovo\Lenovo Solution Center\Microsoft Fix it\FixitUi\_desktop.ini c:\programdata\Roaming c:\users\Alex\AppData\Local\assembly\tmp c:\users\Alex\AppData\Local\Google\Chrome\User Data\Default\Preferences Q:\Autorun.inf . . ((((((((((((((((((((((((((((( Fichiers créés du 2013-08-18 au 2013-09-18 )))))))))))))))))))))))))))))))))))) . . 2013-09-18 07:52 . 2013-09-18 07:52 -------- d-----w- c:\users\Default\AppData\Local\temp 2013-09-17 21:24 . 2013-09-18 05:38 -------- d-----w- c:\windows\system32\catroot2 2013-09-17 20:41 . 2013-09-17 21:24 181064 ----a-w- c:\windows\PSEXESVC.EXE 2013-09-17 20:23 . 2013-09-17 20:23 -------- d-----w- c:\program files (x86)\Tweaking.com 2013-09-17 19:42 . 2013-09-17 19:42 -------- d-----w- c:\program files (x86)\FileHippo.com 2013-09-17 13:38 . 2013-09-17 13:38 -------- d-----w- c:\users\Alex\AppData\Roaming\Malwarebytes 2013-09-17 13:38 . 2013-09-17 13:38 -------- d-----w- c:\programdata\Malwarebytes 2013-09-17 13:38 . 2013-09-17 13:38 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2013-09-17 13:38 . 2013-04-04 12:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys 2013-09-17 11:45 . 2013-09-17 13:05 -------- d-----w- C:\AdwCleaner 2013-09-17 11:28 . 2013-09-17 11:28 -------- d-----w- c:\windows\system32\ljkb 2013-09-15 11:20 . 2013-09-15 11:20 -------- d-----w- C:\office.microsoft.com 2013-09-15 11:19 . 2013-09-15 11:19 -------- d-----w- C:\office15client.microsoft.com 2013-09-14 06:53 . 2013-09-14 06:53 -------- d-----w- c:\users\Alex\AppData\Local\Supremus Corporation 2013-09-14 06:52 . 2013-09-15 13:22 -------- d-----w- c:\program files\Windows Updates Downloader 2013-09-10 12:40 . 2013-09-10 12:40 -------- d-----w- C:\dotnotframework 2013-09-04 14:41 . 2013-09-04 14:41 312232 ----a-w- c:\windows\system32\javaws.exe 2013-09-04 14:41 . 2013-09-04 14:41 1093032 ----a-w- c:\windows\system32\npDeployJava1.dll 2013-09-04 14:41 . 2013-09-04 14:41 972712 ----a-w- c:\windows\system32\deployJava1.dll 2013-09-04 14:41 . 2013-09-04 14:41 108968 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll 2013-09-04 14:41 . 2013-09-04 14:41 189352 ----a-w- c:\windows\system32\javaw.exe 2013-09-04 14:41 . 2013-09-04 14:41 188840 ----a-w- c:\windows\system32\java.exe 2013-09-04 14:41 . 2013-09-04 14:41 -------- d-----w- c:\program files\Java 2013-09-04 09:14 . 2013-09-04 09:14 -------- d-----w- c:\users\Alex\AppData\Roaming\Nitro 2013-09-04 09:14 . 2013-09-04 09:14 -------- d-----w- c:\program files\Common Files\Nitro 2013-09-04 09:14 . 2013-09-04 09:14 -------- d-----w- c:\programdata\Nitro 2013-09-04 09:14 . 2013-09-04 09:14 -------- d-----w- c:\program files (x86)\Nitro 2013-09-04 09:14 . 2013-09-04 09:14 -------- d-----w- c:\program files (x86)\Common Files\Nitro 2013-09-04 09:13 . 2013-09-04 09:13 -------- d-----w- c:\users\Alex\AppData\Roaming\Downloaded Installations 2013-09-04 09:09 . 2013-09-04 09:09 -------- d-----w- c:\program files (x86)\AdultPDF 2013-09-04 06:35 . 2013-09-04 06:35 -------- d-----w- c:\users\Alex\AppData\Local\Opera Software 2013-09-04 06:35 . 2013-09-04 06:35 -------- d-----w- c:\users\Alex\AppData\Roaming\Opera Software 2013-09-04 06:35 . 2013-09-05 19:09 -------- d-----w- c:\program files (x86)\Opera 2013-09-03 22:20 . 2009-01-25 11:14 17272 ----a-w- c:\windows\system32\sdnclean64.exe 2013-09-03 12:31 . 2013-09-03 12:34 -------- d-----w- c:\program files (x86)\AppCleaner 2013-08-29 12:21 . 2013-08-29 12:21 -------- d-----w- c:\users\Alex\AppData\Local\Apps 2013-08-29 12:21 . 2013-08-30 09:54 -------- d-----w- c:\users\Alex\AppData\Local\Deployment 2013-08-25 13:31 . 2013-08-25 13:31 -------- d-----w- C:\$WINDOWS.~LS 2013-08-25 13:29 . 2013-08-25 13:33 -------- d-----w- C:\$UPGRADE.~OS 2013-08-25 13:29 . 2013-08-25 13:29 -------- d-----w- C:\$WINDOWS.~BT 2013-08-25 12:06 . 2013-08-25 12:06 283200 ------w- c:\windows\system32\drivers\dtsoftbus01.sys 2013-08-25 12:06 . 2013-08-25 12:15 -------- d-----w- c:\users\Alex\AppData\Roaming\DAEMON Tools Lite 2013-08-25 12:06 . 2013-08-25 12:06 -------- d-----w- c:\program files (x86)\DAEMON Tools Lite 2013-08-25 12:06 . 2013-08-25 12:15 -------- d-----w- c:\programdata\DAEMON Tools Lite 2013-08-25 07:19 . 2013-08-25 07:19 -------- d-----w- c:\program files (x86)\MSECache 2013-08-20 20:25 . 2013-08-25 07:27 -------- d-----w- c:\program files\SmartPCFixer . . . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2013-09-13 23:17 . 2013-03-19 15:46 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2013-09-13 23:17 . 2013-03-19 15:46 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2013-09-13 01:26 . 2013-03-12 15:26 564432 ----a-w- c:\programdata\Microsoft\ClickToRun\{9AC08E99-230B-47e8-9721-4577B7F124EA}\integrator.exe 2013-08-30 07:48 . 2013-06-28 15:59 378944 ----a-w- c:\windows\system32\drivers\aswSP.sys 2013-08-30 07:48 . 2013-06-28 15:59 72016 ----a-w- c:\windows\system32\drivers\aswRdr2.sys 2013-08-30 07:48 . 2013-06-28 15:59 64288 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2013-08-30 07:48 . 2013-06-28 15:59 204880 ----a-w- c:\windows\system32\drivers\aswVmm.sys 2013-08-30 07:48 . 2013-06-28 15:59 1030952 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2013-08-30 07:48 . 2013-06-28 15:58 65336 ----a-w- c:\windows\system32\drivers\aswRvrt.sys 2013-08-30 07:48 . 2013-06-28 15:59 33400 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2013-08-30 07:48 . 2013-06-28 15:58 80816 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2013-08-30 07:47 . 2013-06-28 15:58 41664 ----a-w- c:\windows\avastSS.scr 2013-08-30 07:47 . 2013-06-28 15:58 287840 ----a-w- c:\windows\system32\aswBoot.exe 2013-08-05 14:14 . 2013-03-12 18:35 78161360 ------w- c:\windows\system32\MRT.exe 2013-07-26 04:48 . 2013-03-03 17:46 17936 ----a-w- c:\windows\system32\nitrolocalui2.dll 2013-07-08 11:47 . 2013-07-03 21:22 3510 ------w- C:\FixitRegBackup.reg 2013-07-08 11:45 . 2013-07-08 11:45 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll 2013-07-08 11:45 . 2013-07-08 11:45 867240 ----a-w- c:\windows\SysWow64\npDeployJava1.dll 2013-07-08 11:45 . 2013-07-08 11:45 789416 ----a-w- c:\windows\SysWow64\deployJava1.dll 2013-07-06 07:43 . 2013-07-06 07:43 59816 ------r- c:\users\Alex\AppData\Roaming\Microsoft\Installer\{47C4D20F-1A75-44F4-BF51-479C3119BEEF}\ARPPRODUCTICON.exe 2013-07-06 07:43 . 2013-07-06 07:43 59816 ------r- c:\users\Alex\AppData\Roaming\Microsoft\Installer\{1D2FF661-4402-4D75-AA40-B23FCAF81D32}\ARPPRODUCTICON.exe 2013-06-27 11:53 . 2009-07-13 23:19 328704 ------w- c:\windows\system32\services.exe 2013-06-27 11:49 . 2013-06-27 11:49 225280 ----a-w- c:\programdata\Microsoft\Media Tools\MediaIconsOverlays.dll . . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1] @="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}" [HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}] 2013-03-12 16:02 220632 ------w- c:\users\Alex\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2] @="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}" [HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}] 2013-03-12 16:02 220632 ------w- c:\users\Alex\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3] @="{BBACC218-34EA-4666-9D7A-C78F2274A524}" [HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}] 2013-03-12 16:02 220632 ------w- c:\users\Alex\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "IMSS"="c:\program files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" [2012-03-06 133400] "USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-04-13 291608] "RotateImage"="c:\program files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe" [2008-10-30 55808] "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-08-30 4858968] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) "EnableSecureUIAPath"= 1 (0x1) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows] "LoadAppInit_DLLs"=1 (0x1) . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean64.exe . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" . R1 sadoidfp;sadoidfp;c:\windows\system32\drivers\sadoidfp.sys;c:\windows\SYSNATIVE\drivers\sadoidfp.sys [x] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x] R2 HyperW7Svc;HyperW7 Service;c:\program files\Lenovo\RapidBoot\HyperW7Svc64.exe;c:\program files\Lenovo\RapidBoot\HyperW7Svc64.exe [x] R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x] R3 AMPPALP;Protocole Intel(r) Centrino(r) Wireless Bluetooth(r) + High Speed;c:\windows\system32\DRIVERS\amppal.sys;c:\windows\SYSNATIVE\DRIVERS\amppal.sys [x] R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x] R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x] R3 Fastboot;Fastboot;c:\windows\system32\DRIVERS\Fastboot.sys;c:\windows\SYSNATIVE\DRIVERS\Fastboot.sys [x] R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [x] R3 intaud_WaveExtensible;Intel WiDi Audio Device;c:\windows\system32\drivers\intelaud.sys;c:\windows\SYSNATIVE\drivers\intelaud.sys [x] R3 IntcDAud;Son Intel(R) pour écrans;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x] R3 intelsba;Intel(R) Small Business Advantage;c:\program files\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe;c:\program files\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe [x] R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x] R3 NisSrv;NisSrv;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x] R3 Power Manager DBC Service;Power Manager DBC Service;c:\program files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE;c:\program files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE [x] R3 PwmEWSvc;Cisco EnergyWise Enabler;c:\program files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE;c:\program files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE [x] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x] R3 SmbDrvIntel;SmbDrvIntel;c:\windows\system32\DRIVERS\Smb_driver_Intel.sys;c:\windows\SYSNATIVE\DRIVERS\Smb_driver_Intel.sys [x] R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x] R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x] R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x] R4 VIPAppService;VIPAppService;c:\program files (x86)\Symantec\VIP Access Client\VIPAppService.exe;c:\program files (x86)\Symantec\VIP Access Client\VIPAppService.exe [x] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x] S0 aswRvrt;aswRvrt; [x] S0 aswVmm;aswVmm; [x] S0 iusb3hcs;Pilote de commutateur de contrôleur d'hôte Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x] S0 TPDIGIMN;TPDIGIMN;c:\windows\System32\DRIVERS\ApsHM64.sys;c:\windows\SYSNATIVE\DRIVERS\ApsHM64.sys [x] S1 aswSnx;aswSnx; [x] S1 aswSP;aswSP; [x] S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x] S1 PHCORE;PHCORE;c:\program files\Lenovo\RapidBoot\PHCORE64.SYS;c:\program files\Lenovo\RapidBoot\PHCORE64.SYS [x] S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [x] S2 aswFsBlk;aswFsBlk; [x] S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x] S2 BingDesktopUpdate;Bing Desktop Update service;c:\program files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe;c:\program files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [x] S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [x] S2 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [x] S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [x] S2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [x] S2 CxAudMsg;Conexant Audio Message Service;c:\windows\system32\CxAudMsg64.exe;c:\windows\SYSNATIVE\CxAudMsg64.exe [x] S2 FastbootService;FastbootService;c:\program files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe;c:\program files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe [x] S2 FPLService;TrueSuiteService;c:\program files\Lenovo Fingerprint Reader\TrueSuiteService.exe;c:\program files\Lenovo Fingerprint Reader\TrueSuiteService.exe [x] S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x] S2 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [x] S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x] S2 LENOVO.CAMMUTE;Lenovo Camera Mute;c:\program files\Lenovo\Communications Utility\CAMMUTE.exe;c:\program files\Lenovo\Communications Utility\CAMMUTE.exe [x] S2 LENOVO.MICMUTE;Lenovo Microphone Mute;c:\program files\LENOVO\HOTKEY\MICMUTE.exe;c:\program files\LENOVO\HOTKEY\MICMUTE.exe [x] S2 LENOVO.TPKNRSVC;Lenovo Keyboard Noise Reduction;c:\program files\Lenovo\Communications Utility\TPKNRSVC.exe;c:\program files\Lenovo\Communications Utility\TPKNRSVC.exe [x] S2 LENOVO.TVTVCAM;ThinkVantage Virtual Camera Controller;c:\program files\Lenovo\Communications Utility\vcamsvc.exe;c:\program files\Lenovo\Communications Utility\vcamsvc.exe [x] S2 Lenovo.VIRTSCRLSVC;Lenovo Auto Scroll;c:\program files\LENOVO\VIRTSCRL\lvvsst.exe;c:\program files\LENOVO\VIRTSCRL\lvvsst.exe [x] S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x] S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x] S2 NitroDriverReadSpool2;NitroPDFDriverCreatorReadSpool2;c:\program files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe;c:\program files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe [x] S2 NitroReaderDriverReadSpool3;NitroPDFReaderDriverCreatorReadSpool3;c:\program files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe;c:\program files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe [x] S2 OfficeSvc;Service Microsoft Office;c:\program files\Microsoft Office 15\ClientX64\integratedoffice.exe;c:\program files\Microsoft Office 15\ClientX64\integratedoffice.exe [x] S2 SAService;Conexant SmartAudio service;c:\windows\system32\SAsrv.exe;c:\windows\SYSNATIVE\SAsrv.exe [x] S2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [x] S2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [x] S2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [x] S2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [x] S2 TPHKLOAD;Lenovo Hotkey Client Loader;c:\program files\LENOVO\HOTKEY\TPHKLOAD.exe;c:\program files\LENOVO\HOTKEY\TPHKLOAD.exe [x] S2 TPHKSVC;Incrustation;c:\program files\LENOVO\HOTKEY\TPHKSVC.exe;c:\program files\LENOVO\HOTKEY\TPHKSVC.exe [x] S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x] S2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [x] S3 5U877;5U877;c:\windows\system32\DRIVERS\5U877.sys;c:\windows\SYSNATIVE\DRIVERS\5U877.sys [x] S3 AMPPAL;Carte réseau virtuelle Intel(r) Centrino(r) Wireless Bluetooth(r) + High Speed;c:\windows\system32\DRIVERS\AMPPAL.sys;c:\windows\SYSNATIVE\DRIVERS\AMPPAL.sys [x] S3 btmaudio;Intel Bluetooth Audio Service;c:\windows\system32\drivers\btmaud.sys;c:\windows\SYSNATIVE\drivers\btmaud.sys [x] S3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys;c:\windows\SYSNATIVE\DRIVERS\btmaux.sys [x] S3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys;c:\windows\SYSNATIVE\DRIVERS\btmhsf.sys [x] S3 ibtfltcoex;ibtfltcoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys;c:\windows\SYSNATIVE\DRIVERS\iBtFltCoex.sys [x] S3 iusb3hub;Pilote de concentrateur Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x] S3 iusb3xhc;Pilote du contrôleur d'hôte extensible Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x] S3 iwdbus;IWD Bus Enumerator;c:\windows\system32\DRIVERS\iwdbus.sys;c:\windows\SYSNATIVE\DRIVERS\iwdbus.sys [x] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x] S3 RSP2STOR;Realtek PCIE CardReader Driver - P2;c:\windows\system32\DRIVERS\RtsP2Stor.sys;c:\windows\SYSNATIVE\DRIVERS\RtsP2Stor.sys [x] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x] S3 SmbDrvI;SmbDrvI;c:\windows\system32\DRIVERS\Smb_driver_Intel.sys;c:\windows\SYSNATIVE\DRIVERS\Smb_driver_Intel.sys [x] S3 TrueService;TrueAPI Service component;c:\program files\Common Files\AuthenTec\TrueService.exe;c:\program files\Common Files\AuthenTec\TrueService.exe [x] S3 TVTI2C;Lenovo SM bus driver;c:\windows\system32\DRIVERS\Tvti2c.sys;c:\windows\SYSNATIVE\DRIVERS\Tvti2c.sys [x] S3 tvtvcamd;Camera Plus (VGA Resolution Maximum);c:\windows\system32\DRIVERS\tvtvcamd.sys;c:\windows\SYSNATIVE\DRIVERS\tvtvcamd.sys [x] . . --- Autres Services/Pilotes en mémoire --- . *NewlyCreated* - WS2IFSL . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] 2013-09-05 05:00 1177552 ----a-w- c:\program files (x86)\Google\Chrome\Application\29.0.1547.66\Installer\chrmstp.exe . Contenu du dossier 'Tâches planifiées' . 2013-09-18 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-19 23:17] . 2013-09-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-08-30 09:54] . 2013-09-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-08-30 09:54] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1] @="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}" [HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}] 2013-03-12 16:02 244696 ------w- c:\users\Alex\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2] @="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}" [HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}] 2013-03-12 16:02 244696 ------w- c:\users\Alex\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3] @="{BBACC218-34EA-4666-9D7A-C78F2274A524}" [HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}] 2013-03-12 16:02 244696 ------w- c:\users\Alex\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)] @="{8BA85C75-763B-4103-94EB-9470F12FE0F7}" [HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}] 2013-09-13 01:33 2328776 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)] @="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}" [HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}] 2013-09-13 01:33 2328776 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)] @="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}" [HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}] 2013-09-13 01:33 2328776 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2013-08-30 07:47 133840 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncBackedUp] @="{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}" [HKEY_CLASSES_ROOT\CLSID\{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}] 2012-05-14 17:39 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncPending] @="{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}" [HKEY_CLASSES_ROOT\CLSID\{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}] 2012-05-14 17:39 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncRoot] @="{A759AFF6-5851-457D-A540-F4ECED148351}" [HKEY_CLASSES_ROOT\CLSID\{A759AFF6-5851-457D-A540-F4ECED148351}] 2012-05-14 17:39 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncShared] @="{1574C9EF-7D58-488F-B358-8B78C1538F51}" [HKEY_CLASSES_ROOT\CLSID\{1574C9EF-7D58-488F-B358-8B78C1538F51}] 2012-05-14 17:39 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "LENOVO.TPKNRRES"="c:\program files\Lenovo\Communications Utility\TPKNRRES.exe" [2013-05-29 293672] "BLEServicesCtrl"="c:\program files (x86)\Intel\Bluetooth\BleServicesCtrl.exe" [2012-05-31 184112] "BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2012-06-18 11586944] "AcWin7Hlpr"="c:\program files (x86)\Lenovo\Access Connections\AcTBenabler.exe" [2013-03-18 63784] "SmartAudio"="c:\program files\CONEXANT\SAII\SACpl.exe" [2012-06-13 1647616] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2013-06-05 407536] "Persistence"="c:\windows\system32\igfxpers.exe" [2013-06-05 444400] . ------- Examen supplémentaire ------- . uStart Page = hxxp://www.google.com uLocal Page = c:\windows\system32\blank.htm mStart Page = hxxp://www.google.com mLocal Page = c:\windows\SysWOW64\blank.htm uSearchAssistant = hxxp://www.google.com IE: &Envoyer à OneNote - c:\progra~2\MICROS~3\Office14\ONBttnIE.dll/105 IE: E&xport to Microsoft Excel - c:\program files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000 IE: E&xporter vers Microsoft Excel - c:\progra~2\MICROS~3\Office14\EXCEL.EXE/3000 IE: Envoyer à Bluetooth - c:\program files (x86)\Intel\Bluetooth\btSendToObject.htm IE: Se&nd to OneNote - c:\program files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105 TCP: DhcpNameServer = 192.168.1.1 . - - - - ORPHELINS SUPPRIMES - - - - . Toolbar-Locked - (no file) Notify-SDWinLogon - SDWinLogon.dll Toolbar-Locked - (no file) ShellIconOverlayIdentifiers-{1EC23CFF-4C58-458f-924C-8519AEF61B32} - (no file) AddRemove-DSite - c:\users\Alex\AppData\Roaming\DSite\UpdateProc\UpdateTask.exe . . . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\Fastboot] "ImagePath"=multi:"System32\DRIVERS\Fastboot.sys\00" . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\Fastboot] "ImagePath"=multi:"System32\DRIVERS\Fastboot.sys\00" . ------------------------ Autres processus actifs ------------------------ . c:\program files\AVAST Software\Avast\AvastSvc.exe c:\program files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe c:\windows\SysWOW64\SAsrv.exe c:\program files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe c:\program files (x86)\Lenovo\Access Connections\AcSvc.exe c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe c:\program files (x86)\Lenovo\Rescue and Recovery\rrservice.exe c:\program files (x86)\Common Files\Lenovo\Scheduler\scheduler_proxy.exe c:\program files (x86)\TeamViewer\Version8\TeamViewer.exe c:\program files (x86)\TeamViewer\Version8\tv_w32.exe c:\program files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe c:\progra~1\Lenovo\HOTKEY\TPONSCR.EXE c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe c:\program files (x86)\Common Files\Protexis\License Service\PsiService_2.exe c:\program files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe c:\program files (x86)\Lenovo\message center plus\mcplaunch.exe . ************************************************************************** . Heure de fin: 2013-09-18 10:19:10 - La machine a redémarré ComboFix-quarantined-files.txt 2013-09-18 08:18 . Avant-CF: 281 884 151 808 octets libres Après-CF: 281 480 785 920 octets libres . - - End Of File - - 3347067D20F338E52094155ECF0A3D40