ComboFix 14-02-20.01 - MOI 2 22/02/2014 23:01:57.1.2 - x86 Microsoft Windows 7 Édition Familiale Premium 6.1.7601.1.1252.33.1036.18.2047.1376 [GMT 1:00] Lancé depuis: E:\MES DOCUMENTS\TELECHARGEMENTS\ComboFix.exe AV: Bitdefender Antivirus *Disabled/Updated* {98CD50CE-5097-4098-9669-6C401FB3969C} FW: Bitdefender Pare-feu *Enabled* {A0F6D1EB-1AF8-41C0-BD36-C575E160D1E7} SP: Bitdefender Antispyware *Disabled/Updated* {23ACB12A-76AD-4F16-ACD9-57326434DC21} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) C:\hb_45.tmp ((((((((((((((((((((((((((((( Fichiers créés du 2014-01-22 au 2014-02-22 )))))))))))))))))))))))))))))))))))) 2014-02-22 22:10:51 . 2014-02-22 22:11:01 -------- d-----w- C:\Users\MOI 2\AppData\Local\temp 2014-02-22 22:10:51 . 2014-02-22 22:10:51 -------- d-----w- C:\Users\Default\AppData\Local\temp 2014-02-17 12:51:00 . 2014-02-17 12:51:00 -------- d-----w- C:\Users\MOI 2\AppData\Roaming\DigitalSites 2014-02-13 02:04:22 . 2013-12-21 08:56:47 454656 ----a-w- C:\Windows\system32\vbscript.dll 2014-02-06 22:11:33 . 2014-02-22 18:09:01 512 ----a-w- C:\PhysicalDisk0_MBR.bin 2014-02-06 22:07:59 . 2014-02-22 18:08:59 -------- d-----w- C:\Program Files\ZHPDiag 2014-02-06 22:07:59 . 2014-02-22 18:06:59 -------- d-----w- C:\Users\MOI 2\AppData\Roaming\ZHP . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) 2014-02-21 09:01:50 . 2013-10-31 15:02:37 71048 ----a-w- C:\Windows\system32\FlashPlayerCPLApp.cpl 2014-02-21 09:01:50 . 2013-10-31 15:02:37 692616 ----a-w- C:\Windows\system32\FlashPlayerApp.exe 2014-01-08 14:54:22 . 2014-01-22 06:25:27 103424 ----a-w- C:\Windows\system32\IObitSmartDefragExtension.dll 2013-12-24 09:40:32 . 2014-01-22 06:25:19 18624 ----a-w- C:\Windows\system32\drivers\SmartDefragDriver.sys 2013-12-18 20:10:01 . 2014-01-15 21:37:04 94632 ----a-w- C:\Windows\system32\WindowsAccessBridge.dll 2013-11-27 01:14:25 . 2014-01-15 06:22:14 258560 ----a-w- C:\Windows\system32\drivers\usbhub.sys 2013-11-27 01:13:46 . 2014-01-15 06:22:14 284672 ----a-w- C:\Windows\system32\drivers\usbport.sys 2013-11-27 01:13:44 . 2014-01-15 06:22:14 76288 ----a-w- C:\Windows\system32\drivers\usbccgp.sys 2013-11-27 01:13:41 . 2014-01-15 06:22:14 43520 ----a-w- C:\Windows\system32\drivers\usbehci.sys 2013-11-27 01:13:38 . 2014-01-15 06:22:14 20480 ----a-w- C:\Windows\system32\drivers\usbohci.sys 2013-11-27 01:13:36 . 2014-01-15 06:22:14 24064 ----a-w- C:\Windows\system32\drivers\usbuhci.sys 2013-11-27 01:13:33 . 2014-01-15 06:22:14 6016 ----a-w- C:\Windows\system32\drivers\usbd.sys 2013-11-26 11:11:29 . 2014-01-15 06:22:15 240576 ----a-w- C:\Windows\system32\drivers\netio.sys 2013-11-26 10:10:21 . 2014-01-15 06:22:16 2349056 ----a-w- C:\Windows\system32\win32k.sys ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BDAgent"="C:\Program Files\Bitdefender\Bitdefender 2012\bdagent.exe" [2012-11-21 13:27:18 1199344] "ATIModeChange"="Ati2mdxx.exe" [2006-01-25 03:46:57 26112] "SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe" [2013-07-02 08:16:26 254336] "Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 16:57:26 959904] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0SmartDefragBootTime.exe [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk] path=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk backup=C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup backupExtension=.CommonStartup [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office.lnk] path=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk backup=C:\Windows\pss\Microsoft Office.lnk.CommonStartup backupExtension=.CommonStartup [HKLM\~\startupfolder\C:^Users^MOI 2^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MyPC Backup.lnk] path=C:\Users\MOI 2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk backup=C:\Windows\pss\MyPC Backup.lnk.Startup backupExtension=.Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\adm_tray.exe] 2011-02-24 18:02:18 470240 ----a-w- C:\Program Files\Acronis\DriveMonitor\adm_tray.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] 2013-11-21 16:57:26 959904 ----a-w- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonQuickMenu] 2012-04-03 12:26:14 1273448 ----a-w- C:\Program Files\Canon\Quick Menu\CNQMMAIN.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IJNetworkScannerSelectorEX] 2012-03-26 16:35:16 449168 ----a-w- C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RAMDiskForWorkstations] 2013-10-23 09:45:56 2228432 ----a-w- C:\Program Files\SoftPerfect RAM Disk\ramdiskws.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Service Planificateur2 Acronis] 2011-02-12 06:40:50 365632 ----a-w- C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan] 2009-04-14 06:43:42 604704 ----a-w- C:\Windows\SOUNDMAN.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] 2013-07-02 08:16:26 254336 ----a-w- C:\Program Files\Common Files\Java\Java Update\jusched.exe R3 avckf;avckf;C:\Windows\system32\DRIVERS\avckf.sys [2012-10-10 13:00:08 481464] R3 bdsandbox;bdsandbox;C:\Windows\system32\drivers\bdsandbox.sys [2011-11-17 15:38:34 63056] R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\system32\IEEtwCollector.exe [2014-02-06 09:47:18 108032] R3 ma-config_x86;ma-config_x86;C:\Program Files\ma-config.com\Drivers\ma-config_x86.sys [2013-10-23 15:28:54 16160] R3 RTL8192cu;NETGEAR WNA1000M N150 Wireless USB Micro Adapter;C:\Windows\system32\DRIVERS\WNA1000M.sys [2011-02-21 05:29:04 734824] R3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 21:29:24 52224] R3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-20 21:29:03 27264] R3 Update Server;BitDefender Update Server v2;C:\Program Files\Common Files\Bitdefender\Bitdefender Arrakis Server\bin\arrakis3.exe [2011-10-14 21:57:36 307544] R3 WatAdminSvc;Service Windows Activation Technologies;C:\Windows\system32\Wat\WatAdminSvc.exe [2013-10-30 20:38:23 1343400] S0 avc3;avc3;C:\Windows\system32\DRIVERS\avc3.sys [2012-10-10 13:00:04 622616] S0 SmartDefragDriver;SmartDefragDriver;C:\Windows\System32\Drivers\SmartDefragDriver.sys [2013-12-24 09:40:32 18624] S1 BdfNdisf;BitDefender Firewall NDIS 6 Filter Driver;c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [2012-07-06 13:13:14 77192] S1 bdfwfpf;bdfwfpf;C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [2011-11-14 18:16:28 90704] S1 BDVEDISK;BDVEDISK;C:\Windows\system32\DRIVERS\bdvedisk.sys [2010-01-19 17:32:40 85128] S1 SPVDPort;SoftPerfect Virtual Disk;C:\Windows\system32\DRIVERS\spvdbus.sys [2013-10-04 21:33:18 74232] S1 SPVVEngine;SoftPerfect RAM Disk;C:\Windows\system32\Drivers\spvve.sys [2013-10-04 21:33:20 280056] S2 MaConfigAgent;Ma-Config Agent;C:\Program Files\ma-config.com\MaConfigAgent.exe [2013-10-25 17:03:14 2077008] S2 UPDATESRV;BitDefender Desktop Update Service;C:\Program Files\Bitdefender\Bitdefender 2012\updatesrv.exe [2012-05-28 14:49:08 55032] S3 avchv;avchv Function Driver;C:\Windows\system32\DRIVERS\avchv.sys [2012-11-02 12:17:14 242504] [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] 2014-02-21 11:23:17 1150280 ----a-w- C:\Program Files\Google\Chrome\Application\33.0.1750.117\Installer\chrmstp.exe Contenu du dossier 'Tâches planifiées' 2014-02-22 C:\Windows\Tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-31 15:02:37 . 2014-02-21 09:01:52] 2014-02-22 C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe [2013-10-30 10:41:32 . 2013-10-30 10:41:32] 2014-02-22 C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe [2013-10-30 10:41:32 . 2013-10-30 10:41:32] ------- Examen supplémentaire ------- IE: E&xporter vers Microsoft Excel - C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 TCP: DhcpNameServer = 192.168.1.1 - - - - ORPHELINS SUPPRIMES - - - - MSConfigStartUp-Advanced SystemCare Ultimate - C:\Program Files\IObit\Advanced SystemCare Ultimate\ASCTray.exe