Aller au contenu

00yaa

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    4

  • Inscription

  • Dernière visite

 Type de contenu 

Tout ce qui a été posté par 00yaa

  1. 00yaa
    j'étais dans le sous-entendu. C'est clair que j'ai jouer à l'apprenti sorcier je vais même te dire, je l'ai réutiliser deux autres fois, un peu comme un ccleaner ^^
  2. 00yaa
    Merci pour ta réponse ! Je n'étais pas passé depuis un moment. Comme un joujou t’exagères, je l'ai à peine utiliser à l'aveugle une ou deux fois... Je vais de ce pas (paf la queue du chat) tester tes solutions. Heu vu qui faut fermer pleins de trucs (comme mon boulot) je posterais tout ça demain. Merci encore !.
  3. 00yaa
    Bonjour j'ai exactement le même problème que suit. "Depuis peu des sons bizarres sortent parfois de mes enceintes. Ça commence par une espèce de clochette, puis une voix de petite fille qui dit je ne sais pas quoi (ça finit par "merci"), puis une voix d'homme qui fait chut et à nouveau la cloche/machin chose. Ni Antivir ni A² ne trouvent de virus, pas plus que le scan en ligne de Panda. Mais bon, à moins que je sois sujet à des hallucinations auditives, il y a de fortes chances pour qu'une cochonnerie squatte mon ordi. " this is le rapport combboooo! ComboFix 12-03-22.01 - Charly 24/03/2012 21:36:39.1.4 - x64 Microsoft Windows 7 Édition Familiale Premium 6.1.7601.1.1252.33.1036.18.3957.2448 [GMT 1:00] Lancé depuis: c:\users\Charly\Downloads\ComboFix.exe AV: AntiVir Desktop *Disabled/Outdated* {090F9C29-64CE-6C6F-379C-5901B49A85B7} SP: AntiVir Desktop *Disabled/Outdated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Un nouveau point de restauration a été créé . . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . . C:\install.exe c:\users\Charly\AppData\Local\c30c9fb5\U c:\users\Charly\AppData\Local\c30c9fb5\U\80000000.@ c:\users\Charly\AppData\Local\c30c9fb5\U\800000cb.@ c:\users\Charly\AppData\Roaming\IDM\idmmzcc3 c:\users\Charly\AppData\Roaming\IDM\idmmzcc3\chrome.manifest c:\users\Charly\AppData\Roaming\IDM\idmmzcc3\chrome\idmmzcc.jar c:\users\Charly\AppData\Roaming\IDM\idmmzcc3\components\idmmzcc.dll c:\users\Charly\AppData\Roaming\IDM\idmmzcc3\components\iIDMMzCC.xpt c:\users\Charly\AppData\Roaming\IDM\idmmzcc3\install.js c:\users\Charly\AppData\Roaming\IDM\idmmzcc3\install.rdf c:\users\Charly\AppData\Roaming\IDM\idmmzcc3\META-INF\manifest.mf c:\users\Charly\AppData\Roaming\IDM\idmmzcc3\META-INF\zigbert.rsa c:\users\Charly\AppData\Roaming\IDM\idmmzcc3\META-INF\zigbert.sf c:\windows\assembly\tmp\U c:\windows\system32\consrv.dll c:\windows\System64 c:\windows\SysWow64\tmpDB54.tmp c:\windows\SysWow64\tmpDB55.tmp c:\windows\SysWow64\tmpEAA0.tmp c:\windows\SysWow64\tmpEAE0.tmp . . ((((((((((((((((((((((((((((( Fichiers créés du 2012-02-24 au 2012-03-24 )))))))))))))))))))))))))))))))))))) . . 2012-03-24 20:46 . 2012-03-24 20:46 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Local\temp 2012-03-24 20:46 . 2012-03-24 20:46 -------- d-----w- c:\users\TEMP\AppData\Local\temp 2012-03-24 20:46 . 2012-03-24 20:46 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-03-24 20:46 . 2012-03-24 20:46 -------- d-----w- c:\users\Administrateur\AppData\Local\temp 2012-03-24 18:43 . 2012-03-24 20:48 -------- d-----w- c:\users\Charly\AppData\Local\PMB Files 2012-03-24 18:43 . 2012-03-24 18:45 -------- d-----w- c:\programdata\PMB Files 2012-03-24 18:42 . 2012-03-24 18:42 -------- d-----w- c:\program files (x86)\Pando Networks 2012-03-21 21:47 . 2012-03-21 21:47 -------- d-----w- C:\Download 2012-03-21 21:45 . 2012-03-21 21:45 -------- d-----w- C:\Nexon 2012-03-20 22:53 . 2012-03-20 22:53 -------- d-----w- c:\users\Charly\AppData\Local\UnShade 2012-03-20 22:53 . 2012-03-20 22:53 31232 ----a-w- c:\windows\system32\drivers\tap0901.sys 2012-03-18 11:15 . 2008-04-28 11:03 47160 ----a-w- c:\windows\system32\drivers\AmdTools64.sys 2012-03-18 11:15 . 2012-03-18 11:16 -------- d-----w- c:\program files (x86)\AMD GPU Clock Tool 2012-03-17 19:44 . 2012-03-23 23:54 -------- d-----w- c:\program files (x86)\Monte Cristo 2012-03-17 02:18 . 2012-03-17 02:18 -------- d-----w- c:\program files\Proxy Labs 2012-03-16 19:44 . 2012-03-16 19:53 -------- d-----w- c:\users\Charly\AppData\Local\Your Freedom 2012-03-16 19:44 . 2012-03-16 19:44 -------- d-----w- c:\program files (x86)\Your Freedom 2012-03-15 03:17 . 2011-11-19 15:20 5559152 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-03-15 03:17 . 2011-11-19 14:50 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe 2012-03-15 03:17 . 2011-11-19 14:50 3913584 ----a-w- c:\windows\SysWow64\ntoskrnl.exe 2012-03-14 17:36 . 2012-02-03 04:34 3145728 ----a-w- c:\windows\system32\win32k.sys 2012-03-14 17:35 . 2012-02-10 06:36 1544192 ----a-w- c:\windows\system32\DWrite.dll 2012-03-14 17:35 . 2012-02-10 05:38 1077248 ----a-w- c:\windows\SysWow64\DWrite.dll 2012-03-14 17:33 . 2012-02-17 06:38 1031680 ----a-w- c:\windows\system32\rdpcore.dll 2012-03-14 17:33 . 2012-02-17 05:34 826880 ----a-w- c:\windows\SysWow64\rdpcore.dll 2012-03-14 17:33 . 2012-02-17 04:58 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys 2012-03-14 17:33 . 2012-02-17 04:57 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys 2012-03-14 17:33 . 2012-01-25 06:38 77312 ----a-w- c:\windows\system32\rdpwsx.dll 2012-03-14 17:33 . 2012-01-25 06:38 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll 2012-03-14 17:33 . 2012-01-25 06:33 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe 2012-03-13 21:33 . 2012-03-13 21:33 -------- d-----w- c:\users\Charly\AppData\Roaming\Unity 2012-03-10 23:11 . 2012-03-10 23:12 -------- d-----w- c:\program files (x86)\Quake HD 2012-03-06 17:20 . 2012-03-13 21:12 -------- d-----w- c:\users\Charly\AppData\Local\Unity 2012-03-04 17:02 . 2012-03-04 17:12 -------- d-----w- c:\users\Charly\AppData\Roaming\Red Alert 3 2012-03-04 13:58 . 2012-03-04 13:58 -------- d-----w- c:\program files\CCleaner 2012-03-04 01:01 . 2012-03-04 01:01 -------- d-----w- c:\windows\system32\SPReview 2012-03-04 01:01 . 2012-03-04 01:01 -------- d-----w- c:\windows\system32\EventProviders 2012-03-04 00:53 . 2010-11-05 01:57 48976 ----a-w- c:\windows\system32\netfxperf.dll 2012-03-04 00:53 . 2010-11-05 01:57 1942856 ----a-w- c:\windows\system32\dfshim.dll 2012-03-04 00:53 . 2010-11-05 01:58 1130824 ----a-w- c:\windows\SysWow64\dfshim.dll 2012-03-04 00:53 . 2010-11-20 13:27 12288 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll 2012-03-04 00:53 . 2010-11-20 13:27 3715584 ----a-w- c:\windows\system32\mstscax.dll 2012-03-04 00:53 . 2010-11-20 13:26 1838080 ----a-w- c:\windows\system32\d3d10warp.dll 2012-03-04 00:53 . 2010-11-20 11:07 59392 ----a-w- c:\windows\system32\drivers\TsUsbFlt.sys 2012-03-04 00:53 . 2010-11-20 12:19 3215872 ----a-w- c:\windows\SysWow64\mstscax.dll 2012-03-04 00:51 . 2010-11-20 12:17 4247040 ----a-w- c:\program files (x86)\Windows NT\Accessories\wordpad.exe 2012-03-04 00:50 . 2010-11-20 13:27 303616 ----a-w- c:\windows\system32\scansetting.dll 2012-03-04 00:49 . 2010-11-20 13:27 624128 ----a-w- c:\windows\system32\qedit.dll 2012-03-04 00:48 . 2010-11-20 13:27 215040 ----a-w- c:\windows\system32\wpdwcn.dll 2012-03-04 00:47 . 2010-11-20 12:59 3072 ----a-w- c:\windows\system32\drivers\fr-FR\serscan.sys.mui 2012-03-04 00:47 . 2010-11-20 13:26 399872 ----a-w- c:\windows\system32\dpx.dll 2012-03-04 00:47 . 2010-11-20 12:21 189952 ----a-w- c:\windows\SysWow64\wdscore.dll 2012-03-04 00:47 . 2010-11-20 12:21 189952 ----a-w- c:\windows\SysWow64\sqmapi.dll 2012-03-04 00:47 . 2010-11-20 12:21 363008 ----a-w- c:\windows\SysWow64\wbemcomn.dll 2012-03-04 00:47 . 2010-11-20 12:21 189952 ----a-w- c:\program files (x86)\Windows Portable Devices\sqmapi.dll 2012-03-04 00:47 . 2010-11-20 12:19 606208 ----a-w- c:\windows\SysWow64\wbem\fastprox.dll 2012-03-04 00:44 . 2010-11-20 13:27 529408 ----a-w- c:\windows\system32\wbemcomn.dll 2012-03-04 00:44 . 2010-11-20 13:27 244736 ----a-w- c:\program files\Windows Portable Devices\sqmapi.dll 2012-03-04 00:44 . 2010-11-20 13:27 244736 ----a-w- c:\windows\system32\sqmapi.dll 2012-03-03 09:21 . 2012-03-03 09:21 -------- d-----w- c:\program files (x86)\ma-config.com 2012-03-03 09:21 . 2012-03-03 09:21 -------- d-----w- c:\programdata\ma-config.com 2012-03-02 22:39 . 2012-01-04 10:44 509952 ----a-w- c:\windows\system32\ntshrui.dll 2012-03-02 19:41 . 2012-03-02 19:41 -------- d-----w- c:\windows\SysWow64\wbem\en-US 2012-03-02 19:41 . 2012-03-02 19:41 -------- d-----w- c:\windows\system32\wbem\en-US 2012-03-02 17:09 . 2012-03-02 17:09 -------- d-----w- c:\users\Charly\AppData\Local\Microsoft Help 2012-03-02 15:46 . 2011-03-11 06:34 1359872 ----a-w- c:\windows\system32\mfc42u.dll 2012-03-02 15:45 . 2011-09-29 16:29 1923952 ----a-w- c:\windows\system32\drivers\tcpip.sys 2012-03-02 15:44 . 2011-10-26 05:25 1572864 ----a-w- c:\windows\system32\quartz.dll 2012-03-02 15:44 . 2011-10-26 04:32 1328128 ----a-w- c:\windows\SysWow64\quartz.dll 2012-03-02 15:44 . 2011-10-26 05:25 366592 ----a-w- c:\windows\system32\qdvd.dll 2012-03-02 15:44 . 2011-10-26 04:32 514560 ----a-w- c:\windows\SysWow64\qdvd.dll 2012-03-02 15:44 . 2011-11-17 06:41 1731920 ----a-w- c:\windows\system32\ntdll.dll 2012-03-02 15:44 . 2011-11-17 05:38 1292080 ----a-w- c:\windows\SysWow64\ntdll.dll 2012-03-02 15:44 . 2011-05-03 05:29 976896 ----a-w- c:\windows\system32\inetcomm.dll 2012-03-02 15:44 . 2011-05-03 04:30 741376 ----a-w- c:\windows\SysWow64\inetcomm.dll 2012-03-02 15:44 . 2011-04-29 03:06 467456 ----a-w- c:\windows\system32\drivers\srv.sys 2012-03-02 15:44 . 2011-04-29 03:05 410112 ----a-w- c:\windows\system32\drivers\srv2.sys 2012-03-02 15:44 . 2011-04-29 03:05 168448 ----a-w- c:\windows\system32\drivers\srvnet.sys 2012-03-02 15:41 . 2011-02-12 11:34 267776 ----a-w- c:\windows\system32\FXSCOVER.exe 2012-03-02 15:41 . 2010-11-20 13:25 974336 ----a-w- c:\windows\system32\WFS.exe 2012-03-02 15:41 . 2011-11-19 14:58 77312 ----a-w- c:\windows\system32\packager.dll 2012-03-02 15:41 . 2011-11-19 14:01 67072 ----a-w- c:\windows\SysWow64\packager.dll 2012-03-02 15:32 . 2012-03-02 15:39 -------- d-----w- c:\users\Charly\AppData\Roaming\Systweak 2012-03-02 15:32 . 2012-02-24 15:43 18816 ----a-w- c:\windows\system32\roboot64.exe 2012-02-27 00:18 . 2012-03-24 00:44 -------- d-----w- c:\programdata\FreeWifiManager 2012-02-27 00:18 . 2012-02-27 00:18 -------- d-----w- c:\program files (x86)\FreeWifi Manager . . . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2012-03-21 21:45 . 2011-10-25 21:00 235 ----a-w- c:\windows\SysWow64\nxEuUninstall.bat 2012-03-21 21:45 . 2011-10-25 21:00 446464 ----a-w- c:\windows\NEXON_EU_DownloaderUpdater.exe 2012-03-04 01:25 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll 2012-03-04 01:25 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll 2012-03-03 16:26 . 2011-06-30 14:55 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-02-17 12:16 . 2012-02-17 12:16 356352 ----a-w- c:\windows\system32\sbcrreag.dll 2012-02-17 12:15 . 2012-02-17 12:15 315392 ----a-w- c:\windows\SysWow64\sbcrreag.dll 2012-01-25 12:11 . 2012-01-19 22:17 282880 ----a-w- c:\windows\SysWow64\PnkBstrB.exe 2012-01-25 12:11 . 2010-06-13 12:19 282880 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr 2012-01-25 12:11 . 2012-01-19 22:17 281880 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0 2012-01-19 22:16 . 2012-01-19 22:16 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe 2011-12-27 23:56 . 2011-12-27 22:04 4142 ----a-w- c:\windows\SysWow64\ealregsnapshot1.reg . . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar] "{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files (x86)\ConduitEngine\ConduitEngin0.dll" [2010-11-29 3908192] "{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2011-04-15 1487240] . [HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}] . [HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1] [HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd] . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IDMan"="c:\program files (x86)\Internet Download Manager\IDMan.exe" [2010-01-29 3179952] "DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2011-11-10 3514176] "Rainlendar2"="c:\program files (x86)\Rainlendar2\Rainlendar2.exe" [2011-08-12 2433024] "KPeerNexonEU"="c:\nexon\NEXON_EU_Downloader\nxEULauncher.exe" [2012-03-21 438272] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-09-08 343168] "IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-03-03 284696] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696] "avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2011-04-21 281768] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ FreeWifi Manager.lnk - c:\program files (x86)\FreeWifi Manager\FWM_Start.exe [2011-1-31 302171] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "HideSCAHealth"= 1 (0x1) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk /p \??\F:\0autocheck autochk * . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-disabled] "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" "DellSupportCenter"="c:\program files (x86)\Dell Support Center\bin\sprtcmd.exe" /P dellsupportcenter "Desktop Disc Tool"="c:\program files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe" "Dell Webcam Central"="c:\program files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2 "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "ControlCenter3"=c:\program files (x86)\Brother\ControlCenter3\brctrcen.exe /autorun "BrMfcWnd"=c:\program files (x86)\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" -atboottime "PWRISOVM.EXE"=c:\program files (x86)\PowerISO\PWRISOVM.EXE "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" "LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start "PDVDDXSrv"="c:\program files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe" "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" "5D8.exe"=c:\program files (x86)\LP\838C\5D8.exe "6B0.exe"=c:\program files (x86)\LP\A3DC\6B0.exe "262.exe"=c:\program files (x86)\LP\F38C\262.exe "5DD.exe"=c:\program files (x86)\LP\63AC\5DD.exe "894.exe"=c:\program files (x86)\LP\33FC\894.exe "8AA.exe"=c:\program files (x86)\LP\03BC\8AA.exe . R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-03 13336] R3 atillk64;atillk64;c:\program files (x86)\AMD GPU Clock Tool\atillk64.sys [x] R3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [x] R3 driverhardwarev2x64;driverhardwarev2x64;c:\program files (x86)\ma-config.com\Drivers\driverhardwarev2x64.sys [2011-07-21 16640] R3 dump_wmimmc;dump_wmimmc;c:\program files (x86)\eFusion\BlackShot\system\GameGuard\dump_wmimmc.sys [x] R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys [x] R3 ENTECH64;ENTECH64;c:\windows\system32\DRIVERS\ENTECH64.sys [x] R3 GGSAFERDriver;GGSAFER Driver;c:\program files (x86)\Garena Messenger\Room\safedrv.sys [x] R3 maconfservice;Ma-Config Service;c:\program files (x86)\ma-config.com\maconfservice.exe [2011-11-25 311928] R3 NLNdisPT;NetLimiter Ndis Protocol Service;c:\windows\system32\DRIVERS\nlndis.sys [x] R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x] R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x] R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x] R4 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928] S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x] S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x] S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_d29e7c5b1ea33de7\AESTSr64.exe [2009-03-02 89600] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x] S2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2011-04-21 136360] S2 AntiVirWebService;Avira AntiVir WebGuard;c:\program files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [2011-05-09 428200] S2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe [2009-06-09 155648] S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368] S3 Acceler;Accelerometer Service;c:\windows\system32\DRIVERS\Acceler.sys [x] S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x] S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x] S3 AmdTools64;AMD Special Tools Driver;c:\windows\system32\DRIVERS\AmdTools64.sys [x] S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x] S3 NLNdisMP;NLNdisMP;c:\windows\system32\DRIVERS\nlndis.sys [x] S3 O2MDGRDR;O2MDGRDR;c:\windows\system32\DRIVERS\o2mdgx64.sys [x] S3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [x] . . Contenu du dossier 'Tâches planifiées' . 2012-03-24 c:\windows\Tasks\GlaryInitialize.job - c:\program files (x86)\Glary Utilities\initialize.exe [2012-02-12 18:33] . 2012-03-20 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2972693053-1124965474-2753540043-1000Core1cd06e433bc1f33.job - c:\users\Charly\AppData\Local\Google\Update\GoogleUpdate.exe [2012-03-13 21:13] . . --------- x86-64 ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2009-12-14 487424] "Broadcom Wireless Manager UI"="c:\program files\Dell\Dell Wireless WLAN Card\WLTRAY.exe" [2009-07-17 4968960] "QuickSet"="c:\program files\Dell\QuickSet\QuickSet.exe" [2009-11-03 3168336] "cFosSpeed"="c:\program files\Topos\cFosSpeed\cFosSpeed.exe" [2009-10-30 1343704] "combofix"="c:\combofix\CF25716.3XE" [2010-11-20 345088] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "LoadAppInit_DLLs"=0x0 . ------- Examen supplémentaire ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://www.google.fr/ mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyServer = http=127.0.0.1:53778 IE: E&xporter vers Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000 IE: Télécharger avec IDM - c:\program files (x86)\Internet Download Manager\IEExt.htm IE: Télécharger le contenu de video FLV avec IDM - c:\program files (x86)\Internet Download Manager\IEGetVL.htm IE: Télécharger tous les liens avec IDM - c:\program files (x86)\Internet Download Manager\IEGetAll.htm IE: {{725EC34E-943C-4df6-B0B2-FBDE7F242276} - c:\users\Charly\Desktop\PartyPoker.fr.lnk LSP: c:\program files (x86)\Avira\AntiVir Desktop\avsda.dll Trusted Zone: clonewarsadventures.com Trusted Zone: freerealms.com Trusted Zone: soe.com Trusted Zone: sony.com TCP: DhcpNameServer = 109.0.66.10 109.0.66.20 FF - ProfilePath - c:\users\Charly\AppData\Roaming\Mozilla\Firefox\Profiles\j4k7dg3g.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2851639&SearchSource=3&q={searchTerms} FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/ FF - prefs.js: keyword.URL - hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=caa82a940000000000000026b9b5de39&tlver=1.4.35.10&affID=100842 FF - prefs.js: network.proxy.type - 0 FF - Ext: Skype Click to Call: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} - c:\program files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} FF - Ext: British English Dictionary: en-GB@dictionaries.addons.mozilla.org - %profile%\extensions\en-GB@dictionaries.addons.mozilla.org FF - Ext: Ghostery: firefox@ghostery.com - %profile%\extensions\firefox@ghostery.com FF - Ext: uTorrentBar_FR Community Toolbar: {05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} - %profile%\extensions\{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} FF - Ext: Image Zoom: {1A2D0EC4-75F5-4c91-89C4-3656F6E44B68} - %profile%\extensions\{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68} FF - Ext: Pearl Crescent Page Saver Basic: {c151d79e-e61b-4a90-a887-5a46d38fba99} - %profile%\extensions\{c151d79e-e61b-4a90-a887-5a46d38fba99} FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} FF - Ext: cacaoweb: cacaoweb@cacaoweb.org - %profile%\extensions\cacaoweb@cacaoweb.org FF - Ext: IDM CC: mozilla_cc@internetdownloadmanager.com - c:\users\Charly\AppData\Roaming\IDM\idmmzcc3 . - - - - ORPHELINS SUPPRIMES - - - - . URLSearchHooks-{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} - (no file) Toolbar-Locked - (no file) SafeBoot-mcmscsvc SafeBoot-MCODS BHO-{F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - (no file) Toolbar-Locked - (no file) WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file) HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe AddRemove-Battlelog Web Plugins - c:\program files (x86)\Battlelog Web Plugins\uninstall.exe . . . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\npggsvc] "ImagePath"="c:\windows\system32\GameMon.des -service" . --------------------- CLES DE REGISTRE BLOQUEES --------------------- . [HKEY_USERS\S-1-5-21-2972693053-1124965474-2753540043-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*] @Allowed: (Read) (RestrictedCode) "??"=hex:7b,f3,a4,5b,09,5f,e7,ff,0f,f8,b5,bb,b9,7c,e7,85,46,91,0f,d3,25,5f,05, 22,d6,b9,6f,8b,56,62,ab,b9,ad,0e,66,ca,19,82,b1,89,dd,e7,65,31,6d,ad,ac,24,\ "??"=hex:ef,c7,53,27,30,b3,bf,90,33,39,c9,e3,25,dd,af,f8 . [HKEY_USERS\S-1-5-21-2972693053-1124965474-2753540043-1000\Software\SecuROM\License information*] "datasecu"=hex:02,b3,28,d2,43,2d,f4,97,99,77,bf,64,e8,cc,e1,07,a0,b2,27,b2,b1, da,c5,c2,6a,be,d4,c5,6a,5a,cb,61,00,eb,be,ec,5b,2c,55,2d,8a,92,53,7a,ad,5b,\ "rkeysecu"=hex:ba,ae,f8,9b,59,9e,06,19,2e,73,c8,49,7a,3d,a3,4f . [HKEY_USERS\S-1-5-21-2972693053-1124965474-2753540043-1000_Classes\Wow6432Node\CLSID\{18396b2e-46da-4797-a061-03e3e998c1c4}] @Denied: (Full) (Everyone) @Allowed: (Read) (RestrictedCode) "Model"=dword:00000111 "Therad"=dword:00000018 "MData"=hex(0):73,d5,cf,b8,a4,07,89,80,31,e4,35,6b,2a,ca,fe,43,b6,1f,81,1f,5a, 1b,4d,36,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,\ . [HKEY_USERS\S-1-5-21-2972693053-1124965474-2753540043-1000_Classes\Wow6432Node\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}] @Denied: (Full) (Everyone) @Allowed: (Read) (RestrictedCode) "scansk"=hex(0):01,91,df,ba,10,49,ea,d9,cd,06,59,8f,a2,be,a1,2b,3f,c7,b0,a4,e7, 92,dd,bf,2d,6a,9f,ad,3d,d5,e4,6d,6f,c0,70,fe,3b,d8,87,c1,00,00,00,00,00,00,\ . [HKEY_USERS\S-1-5-21-2972693053-1124965474-2753540043-1000_Classes\Wow6432Node\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}] @Denied: (Full) (Everyone) "scansk"=hex(0):ba,33,aa,4a,35,15,b4,85,0c,2f,31,4c,c1,2c,21,de,40,e2,53,2b,e3, fd,6c,1b,7c,29,ba,46,4b,af,df,26,b8,f5,77,98,6d,be,85,29,00,00,00,00,00,00,\ . [HKEY_USERS\S-1-5-21-2972693053-1124965474-2753540043-1000_Classes\Wow6432Node\CLSID\{9358a965-94bb-4ecd-901b-b090c9e9ce0f}] @Denied: (Full) (Everyone) @Allowed: (Read) (RestrictedCode) "Model"=dword:000000a1 "Therad"=dword:0000001d . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11f_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11f_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11f.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11f.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11f.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11f.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Autres processus actifs ------------------------ . c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe c:\program files (x86)\IObit\Game Booster 3\gbtray.exe c:\nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe c:\program files (x86)\FreeWifi Manager\FreeWifi_Manager.exe c:\windows\system32\DRIVERS\o2flash.exe c:\windows\SysWOW64\PnkBstrA.exe c:\program files (x86)\Internet Download Manager\IEMonitor.exe c:\program files (x86)\Dell Support Center\bin\sprtsvc.exe . ************************************************************************** . Heure de fin: 2012-03-24 21:57:49 - La machine a redémarré ComboFix-quarantined-files.txt 2012-03-24 20:57 . Avant-CF: 139 044 847 616 octets libres Après-CF: 138 240 208 896 octets libres . - - End Of File - - 165B70EAF312C7C72913192364340B10
×
×
  • Créer...