pierrox

modif``Internet de refonctionne toujours pas. Ni sur firefox ou internet explorer. il affiche pourtant que la connection fonctionne.`` Autant pour moi internet fonctionne, si je coupe bit defender, le pare feu de bit defender marche tellement bien que je suis obligé de le couper pour avoir internet.

Voici le rapport de Sx Checkupdate : SX Check&Update Lien vers le tutoriel : Tutoriels - Security-X - Page 1 --- Windows Version : Windows 7 64bits Service Pack : 1 UserName : Alienware 01/09/2012 19:23:35 version = v0.2.4 --- Windows Update Information : AUOptions : 4 Automatically, no notification --- Java Information : Nom : Java 7 Update 4 (64-bit) Version : 7.0.40 Java 7 Update 4 (64-bit) est à jour --- Name : FlashPlayer ActiveX Version : 11.3.300.271 Flash Player ActiveX n'est pas à jour! (11.3.300.257) Name : FlashPlayer Plugin FF Version : 11.4.402.265 Flash Player Plugin FF n'est pas à jour! (11.3.300.262) Name : FlashPlayer Plugin Version : 11.4.402.265 Flash Player Plugin n'est pas à jour! (11.3.300.257) Nom : Mozilla Firefox 15.0 (x86 fr) Version : 15.0 Java Information : Nom : Java 6 Update 29 Version : 6.0.290 Java 6 Update 29 n'est pas à jour! (6.0.320) Java Information : Nom : Java 7 Update 4 Version : 7.0.40 Java 7 Update 4 est à jour Nom : Adobe Reader X (10.1.4) - Français Version : 10.1.4 Adobe Reader n'est pas à jour! (10.1.3) Nom : Internet Explorer Version : 9.0.8112.16421

Bonjour, Depuis hier je n'ai plus internet, malgré que le modem fonctionne bien sur d'autres pc. Bit defender a reperer Trojan.Sirefef.GY, HK, GA, etc... Exatement comme un autre sujet du forum que j'ai trouvé: [Résolu] Trojan Sirefef - Forums Zebulon.fr J'ai lancer Combofix comme conseillé donc voici le rapport: ComboFix 12-08-31.08 - Alienware 01/09/2012 15:34:25.1.8 - x64 Microsoft Windows 7 Ultimate 6.1.7601.1.1252.33.1033.18.8175.5990 [GMT 2:00] Lancé depuis: c:\users\Alienware\Desktop\ComboFix.exe AV: BitDefender Antivirus *Disabled/Updated* {982ADE23-275B-0766-37C5-DE01A484098E} FW: BitDefender Pare-feu *Disabled* {A0115F06-6D34-063E-1C9A-77345A574EF5} SP: BitDefender Antispyware *Disabled/Updated* {234B3FC7-0161-08E8-0D75-E573DF034333} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . . c:\$recycle.bin\S-1-5-18\$607a45a99a582c822a328d3d08ac378a\@ c:\$recycle.bin\S-1-5-18\$607a45a99a582c822a328d3d08ac378a\L\00000004.@ c:\$recycle.bin\S-1-5-18\$607a45a99a582c822a328d3d08ac378a\n c:\$recycle.bin\S-1-5-18\$607a45a99a582c822a328d3d08ac378a\U\80000032.@ c:\$recycle.bin\S-1-5-18\$607a45a99a582c822a328d3d08ac378a\U\80000064.@ c:\$recycle.bin\S-1-5-21-1722022979-1886364117-940050502-1000\$607a45a99a582c822a328d3d08ac378a\@ c:\$recycle.bin\S-1-5-21-1722022979-1886364117-940050502-1000\$607a45a99a582c822a328d3d08ac378a\n c:\users\Alienware\AppData\Roaming\IDM\idmmzcc3 c:\users\Alienware\AppData\Roaming\IDM\idmmzcc3\chrome.manifest c:\users\Alienware\AppData\Roaming\IDM\idmmzcc3\chrome\idmmzcc.jar c:\users\Alienware\AppData\Roaming\IDM\idmmzcc3\components\idmmzcc.dll c:\users\Alienware\AppData\Roaming\IDM\idmmzcc3\components\iIDMMzCC.xpt c:\users\Alienware\AppData\Roaming\IDM\idmmzcc3\install.js c:\users\Alienware\AppData\Roaming\IDM\idmmzcc3\install.rdf c:\users\Alienware\AppData\Roaming\IDM\idmmzcc3\META-INF\manifest.mf c:\users\Alienware\AppData\Roaming\IDM\idmmzcc3\META-INF\zigbert.rsa c:\users\Alienware\AppData\Roaming\IDM\idmmzcc3\META-INF\zigbert.sf c:\windows\assembly\GAC_32\Desktop.ini c:\windows\assembly\GAC_64\Desktop.ini . . ((((((((((((((((((((((((((((( Fichiers créés du 2012-08-01 au 2012-09-01 )))))))))))))))))))))))))))))))))))) . . 2012-09-01 13:39 . 2012-09-01 13:39 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-08-30 13:36 . 2012-08-30 13:36 -------- d-----w- c:\program files (x86)\Aurora 2012-08-28 10:47 . 2012-08-28 10:47 -------- d-----w- c:\users\UpdatusUser 2012-08-28 10:46 . 2012-09-01 13:40 -------- d-----w- c:\programdata\NVIDIA 2012-08-28 10:46 . 2012-08-22 12:17 891240 ----a-w- c:\windows\system32\nvvsvc.exe 2012-08-28 10:46 . 2012-08-22 12:17 63336 ----a-w- c:\windows\system32\nvshext.dll 2012-08-28 10:46 . 2012-08-22 12:17 118120 ----a-w- c:\windows\system32\nvmctray.dll 2012-08-28 10:46 . 2012-08-22 12:17 3492915 ----a-w- c:\windows\system32\nvcoproc.bin 2012-08-28 10:46 . 2012-08-22 12:17 2557800 ----a-w- c:\windows\system32\nvsvcr.dll 2012-08-28 10:46 . 2012-08-22 12:17 3266920 ----a-w- c:\windows\system32\nvsvc64.dll 2012-08-28 10:46 . 2012-08-22 12:17 6198120 ----a-w- c:\windows\system32\nvcpl.dll 2012-08-28 10:46 . 2012-08-22 13:46 60776 ----a-w- c:\windows\system32\OpenCL.dll 2012-08-28 10:46 . 2012-08-28 10:46 -------- d-----w- c:\programdata\NVIDIA Corporation 2012-08-28 07:44 . 2012-08-28 07:52 -------- d-----w- c:\program files (x86)\GUILD WARS 2012-08-28 07:44 . 2012-08-28 07:44 -------- d-----w- c:\programdata\Media Center Programs 2012-08-27 14:50 . 2012-08-28 09:00 -------- d-----w- c:\program files (x86)\Guild Wars 2 2012-08-23 20:19 . 2012-08-23 20:19 -------- d-----w- c:\users\Alienware\AppData\Local\Chromium 2012-08-22 23:11 . 2012-08-22 23:11 6349 ----a-w- C:\STF54A7.tmp 2012-08-22 22:28 . 2012-08-22 22:28 6349 ----a-w- C:\STF86BC.tmp 2012-08-22 22:07 . 2012-08-22 22:07 6349 ----a-w- C:\STFD26A.tmp 2012-08-22 22:05 . 2012-08-22 22:05 6323 ----a-w- C:\STFB4EB.tmp 2012-08-22 22:04 . 2012-08-22 22:04 6323 ----a-w- C:\STF4DFD.tmp 2012-08-15 07:35 . 2012-05-05 08:36 503808 ----a-w- c:\windows\system32\srcore.dll 2012-08-15 07:35 . 2012-02-11 06:43 751104 ----a-w- c:\windows\system32\win32spl.dll 2012-08-15 07:35 . 2012-02-11 06:36 559104 ----a-w- c:\windows\system32\spoolsv.exe 2012-08-15 07:35 . 2012-02-11 06:36 67072 ----a-w- c:\windows\splwow64.exe 2012-08-15 07:35 . 2012-07-04 22:16 73216 ----a-w- c:\windows\system32\netapi32.dll 2012-08-15 07:35 . 2012-07-04 22:13 59392 ----a-w- c:\windows\system32\browcli.dll 2012-08-15 07:35 . 2012-07-04 22:13 136704 ----a-w- c:\windows\system32\browser.dll 2012-08-15 07:35 . 2012-07-04 21:14 41984 ----a-w- c:\windows\SysWow64\browcli.dll 2012-08-15 07:35 . 2012-07-18 18:15 3148800 ----a-w- c:\windows\system32\win32k.sys 2012-08-15 07:35 . 2012-05-14 05:26 956928 ----a-w- c:\windows\system32\localspl.dll 2012-08-09 09:59 . 2012-08-09 09:59 -------- d-----w- c:\users\Alienware\AppData\Roaming\LoneSurvivor . . . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2012-09-01 13:42 . 2011-11-13 17:04 25640 ----a-w- c:\windows\gdrv.sys 2012-08-30 20:25 . 2012-04-03 16:20 696520 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2012-08-30 20:25 . 2011-11-13 21:05 73416 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-08-22 13:46 . 2012-08-28 10:46 52584 ----a-w- c:\windows\SysWow64\OpenCL.dll 2012-08-22 13:46 . 2012-08-28 10:44 830312 ----a-w- c:\windows\SysWow64\nvumdshim.dll 2012-08-22 13:46 . 2012-08-28 10:44 7626088 ----a-w- c:\windows\SysWow64\nvcuda.dll 2012-08-22 13:46 . 2012-08-28 10:44 6100328 ----a-w- c:\windows\SysWow64\nvopencl.dll 2012-08-22 13:46 . 2012-08-28 10:44 2573672 ----a-w- c:\windows\SysWow64\nvcuvid.dll 2012-08-22 13:46 . 2012-08-28 10:44 2422120 ----a-w- c:\windows\SysWow64\nvapi.dll 2012-08-22 13:46 . 2012-08-28 10:44 202600 ----a-w- c:\windows\SysWow64\nvinit.dll 2012-08-22 13:46 . 2012-08-28 10:44 19828584 ----a-w- c:\windows\SysWow64\nvoglv32.dll 2012-08-22 13:46 . 2012-08-28 10:44 1866088 ----a-w- c:\windows\SysWow64\nvcuvenc.dll 2012-08-22 13:46 . 2012-08-28 10:44 17559912 ----a-w- c:\windows\SysWow64\nvcompiler.dll 2012-08-22 13:46 . 2012-08-28 10:44 15291752 ----a-w- c:\windows\SysWow64\nvd3dum.dll 2012-08-22 13:46 . 2012-08-28 10:44 12465512 ----a-w- c:\windows\SysWow64\nvwgf2um.dll 2012-08-22 04:16 . 2012-08-22 04:16 429416 ----a-w- c:\windows\SysWow64\nvStreaming.exe 2012-08-15 22:01 . 2011-11-18 17:39 62134624 ----a-w- c:\windows\system32\MRT.exe 2012-06-29 00:09 . 2012-08-15 22:04 1129472 ----a-w- c:\windows\SysWow64\wininet.dll 2012-06-29 00:00 . 2012-08-15 22:04 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb 2012-06-09 05:43 . 2012-07-11 09:31 14172672 ----a-w- c:\windows\system32\shell32.dll 2012-06-06 18:59 . 2012-06-06 18:59 1070152 ----a-w- c:\windows\SysWow64\MSCOMCTL.OCX 2012-06-06 06:06 . 2012-07-11 09:31 2004480 ----a-w- c:\windows\system32\msxml6.dll 2012-06-06 06:06 . 2012-07-11 09:31 1881600 ----a-w- c:\windows\system32\msxml3.dll 2012-06-06 06:02 . 2012-07-11 09:31 1133568 ----a-w- c:\windows\system32\cdosys.dll 2012-06-06 05:05 . 2012-07-11 09:31 1390080 ----a-w- c:\windows\SysWow64\msxml6.dll 2012-06-06 05:05 . 2012-07-11 09:31 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll 2012-06-06 05:03 . 2012-07-11 09:31 805376 ----a-w- c:\windows\SysWow64\cdosys.dll . . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2011-10-31 21:02 94208 ----a-w- c:\users\Alienware\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2011-10-31 21:02 94208 ----a-w- c:\users\Alienware\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2011-10-31 21:02 94208 ----a-w- c:\users\Alienware\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ISUSPM Startup"="c:\progra~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe" [2005-02-17 221184] "DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\daemon.exe" [2009-04-23 691656] "AirVideoServer"="c:\program files (x86)\AirVideoServer\AirVideoServer.exe" [2010-09-13 4917384] "ccleaner"="c:\program files (x86)\CCleaner\CCleaner64.exe" [2012-04-24 4711744] "Facebook Update"="c:\users\Alienware\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2012-07-11 138096] "Spotify Web Helper"="c:\users\Alienware\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2012-08-19 1193176] "MobileDocuments"="c:\program files (x86)\Common Files\Apple\Internet Services\ubd.exe" [2012-02-23 59240] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "ISUSScheduler"="c:\program files (x86)\Common Files\InstallShield\UpdateService\issch.exe" [2005-02-17 81920] "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-20 59240] "GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040] "AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992] "SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096] "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888] "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-12-08 421736] "CherryKeyMan"="c:\program files (x86)\Cherry\KeyMan\KeyMan.exe" [2010-09-28 254004] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296] . c:\users\Alienware\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Dropbox.lnk - c:\users\Alienware\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-5-24 27112840] Stardock ObjectDock.lnk - c:\program files (x86)\Stardock\ObjectDock\ObjectDock.exe [2011-11-13 3444008] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 gupdate;Service Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-07-27 116648] R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-03 160944] R3 AppleChargerSrv;AppleChargerSrv;c:\windows\system32\AppleChargerSrv.exe [2010-04-06 31272] R3 Arrakis3;BitDefender Serveur Arrakis;c:\program files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe [2009-10-19 278224] R3 BITCOMET_HELPER_SERVICE;BitComet Disk Boost Service;c:\program files\BitComet\tools\BitCometService.exe [2010-12-28 1296728] R3 etdrv;etdrv;c:\windows\etdrv.sys [2011-11-13 25640] R3 EverestDriver;Lavalys EVEREST Kernel Driver;c:\program files (x86)\Lavalys\EVEREST Corporate Edition\kerneld.amd64 [2007-10-16 20608] R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-05-05 1432400] R3 gupdatem;Service Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-07-27 116648] R3 GVTDrv64;GVTDrv64;c:\windows\GVTDrv64.sys [2012-01-18 30528] R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;c:\windows\system32\DRIVERS\LEqdUsb.Sys [2011-09-02 76056] R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;c:\windows\system32\DRIVERS\LHidEqd.Sys [2011-09-02 15128] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 20992] R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096] R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392] R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x] R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2011-08-02 51712] R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x] R3 wacmoumonitor;Wacom Mode Helper;c:\windows\system32\DRIVERS\wacmoumonitor.sys [2011-09-08 13312] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-11-14 1255736] S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2009-07-09 55280] S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x] S1 AppleCharger;AppleCharger;c:\windows\system32\DRIVERS\AppleCharger.sys [2011-01-10 21104] S1 BdfNdisf;BitDefender Firewall NDIS 6 Filter Driver;c:\windows\system32\DRIVERS\BdfNdisf6.sys [2011-11-14 88144] S1 bdfwfpf;bdfwfpf;c:\program files\Common Files\BitDefender\BitDefender Firewall\bdfwfpf.sys [2011-11-14 89680] S2 3d-io License Server v2.0;3d-io License Server v2.0;c:\program files (x86)\3d-io plugins\licensing_v2\ActiveLockServerV2.exe [2009-12-15 34816] S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960] S2 BDVEDISK;BDVEDISK;c:\program files\BitDefender\BitDefender 2010\bdvedisk.sys [2010-01-19 103944] S2 DES2 Service;DES2 Service for Energy Saving.;c:\program files (x86)\GIGABYTE\EnergySaver2\des2svr.exe [2009-06-17 68136] S2 mi-raysat_3dsmax2011_32;mental ray 3.8 Satellite for Autodesk 3ds Max 2011 32-bit 32-bit;c:\program files (x86)\Autodesk\3ds Max 2011\mentalimages\satellite\raysat_3dsmax2011_32server.exe [2010-03-10 86016] S2 mi-raysat_3dsmax2011_64;mental ray 3.8 Satellite for Autodesk 3ds Max 2011 64-bit 64-bit;c:\program files\Autodesk\3ds Max 2011\mentalimages\satellite\raysat_3dsmax2011_64server.exe [2010-03-10 86016] S2 mi-raysat_3dsmax2013_64;mental ray 3.10 Satellite for Autodesk 3ds Max 2013 64-bit;c:\program files\Autodesk\3ds Max 2013\NVIDIA\raysat_3dsmax2013_64server.exe [2011-09-14 86016] S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-08-22 1258856] S2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-08-13 3064000] S2 Smart TimeLock;Smart TimeLock Service;c:\program files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe [2009-10-13 114688] S2 SplashtopRemoteService;Splashtop® Remote Service;c:\program files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe [2012-06-15 548264] S2 SSUService;Splashtop Software Updater Service;c:\program files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe [2012-03-15 370504] S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-08-22 382312] S2 TabletServicePen;TabletServicePen;c:\program files\Tablet\Pen\Pen_Tablet.exe [2011-09-08 6583160] S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-07-16 2673064] S2 TouchServicePen;Wacom Consumer Touch Service;c:\program files\Tablet\Pen\Pen_TouchService.exe [2011-09-08 528760] S3 BDFM;BDFM;c:\windows\system32\DRIVERS\bdfm.sys [2010-01-29 163936] S3 Cherry Device Interface;Cherry Device Interface;c:\program files (x86)\Cherry\CDI\cdi.exe [2010-08-25 577582] S3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;c:\windows\system32\Drivers\EtronHub3.sys [2011-03-07 40832] S3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;c:\windows\system32\Drivers\EtronXHCI.sys [2011-03-07 65280] S3 MEIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344] S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [2012-07-03 189288] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-01-13 413800] . . Contenu du dossier 'Tâches planifiées' . 2012-08-31 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1722022979-1886364117-940050502-1000Core.job - c:\users\Alienware\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-05-02 22:34] . 2012-09-01 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1722022979-1886364117-940050502-1000UA.job - c:\users\Alienware\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-05-02 22:34] . 2012-09-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-07-27 17:52] . 2012-09-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-07-27 17:52] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{45d30484-7ded-43d9-957a-d2fd1f046511}] 2010-11-05 01:57 444752 ----a-w- c:\windows\System32\mscoree.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{1d09c093-f71e-43c3-b948-19316cbd695e}"= "mscoree.dll" [2010-11-05 444752] . [HKEY_CLASSES_ROOT\CLSID\{1d09c093-f71e-43c3-b948-19316cbd695e}] [HKEY_CLASSES_ROOT\tGBandObj.tGBandObjClass] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2011-10-31 21:02 97792 ----a-w- c:\users\Alienware\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2011-10-31 21:02 97792 ----a-w- c:\users\Alienware\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2011-10-31 21:02 97792 ----a-w- c:\users\Alienware\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4] @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}] 2011-10-31 21:02 97792 ----a-w- c:\users\Alienware\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-02-11 11776104] "EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2011-10-07 1744152] "BitDefender Antiphishing Helper 32"="c:\program files\BitDefender\BitDefender 2010\Antispam32\IEShow.exe" [2009-10-19 71152] "BitDefender Antiphishing Helper"="c:\program files\BitDefender\BitDefender 2010\IEShow.exe" [2009-10-19 76296] "BDAgent"="c:\program files\BitDefender\BitDefender 2010\bdagent.exe" [2012-05-23 1702496] "AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "LoadAppInit_DLLs"=0x1 "AppInit_DLLs"=c:\windows\System32\acaptuser64.dll . ------- Examen supplémentaire ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://www.google.fr/ mStart Page = about:blank mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = *.local IE: Ajouter la cible du lien à un fichier PDF existant - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: Ajouter à un fichier PDF existant - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html IE: Convertir au format Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html IE: Convertir la cible du lien au format Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000 IE: Tout télécharger avec BitComet - c:\program files\BitComet\BitComet.exe/AddAllLink.htm IE: Télécharger avec BitComet - c:\program files\BitComet\BitComet.exe/AddLink.htm IE: Télécharger avec IDM - c:\program files (x86)\Internet Download Manager\IEExt.htm IE: Télécharger le contenu de video FLV avec IDM - c:\program files (x86)\Internet Download Manager\IEGetVL.htm IE: Télécharger tous les liens avec IDM - c:\program files (x86)\Internet Download Manager\IEGetAll.htm TCP: DhcpNameServer = 192.168.1.1 FF - ProfilePath - c:\users\Alienware\AppData\Roaming\Mozilla\Firefox\Profiles\4lqk8fdm.default\ FF - prefs.js: browser.search.selectedEngine - Search the web (Babylon) FF - prefs.js: browser.startup.homepage - about:home . . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\EverestDriver] "ImagePath"="\??\c:\program files (x86)\Lavalys\EVEREST Corporate Edition\kerneld.amd64" . --------------------- CLES DE REGISTRE BLOQUEES --------------------- . [HKEY_USERS\.Default\Software\SetID\Internal] @Denied: (A 2) (LocalSystem) "DATA"="<settings expireTime=\"0\" productStatus=\"1\" obSize=\"0\" InstallTS=\"2145870353\" isSubsc=\"0\" version=\"12.0.1\" timeDiff=\"1\" oldDevice=\"\" authStatus_ts=\"0\" />" "Device"="yM29zbvPzMnLvrm+x8fPzce+zro=" . [HKEY_USERS\S-1-5-21-1722022979-1886364117-940050502-1000_Classes\Wow6432Node\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}] @Denied: (Full) (Everyone) "scansk"=hex(0):94,58,3c,c0,4d,1f,46,84,ec,63,12,05,7c,ca,a8,aa,86,66,3e,44,79, ef,4d,58,cd,b7,13,f5,96,63,17,ed,23,ba,e3,5f,6f,67,c0,07,00,00,00,00,00,00,\ . [HKEY_USERS\S-1-5-21-1722022979-1886364117-940050502-1000_Classes\Wow6432Node\CLSID\{ef0a1428-59b3-4374-8c7c-65f792e4b37f}] @Denied: (Full) (Everyone) @Allowed: (Read) (RestrictedCode) "Model"=dword:0000005d "Therad"=dword:0000001e . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BEB3C0C7-B648-4257-96D9-B5D024816E27}\Version*Version] "Version"=hex:56,83,87,a1,5f,55,aa,b0,33,87,40,66,df,40,e8,f4,1f,90,ab,92,3e, 00,69,53,a2,c8,2b,05,5e,e7,07,fc,71,38,c5,52,87,60,55,4f,dc,5e,9b,c7,e9,de,\ . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Minnetonka Audio Software\SurCode Dolby Digital Premiere\Version*Version] "Version"=hex:56,83,87,a1,5f,55,aa,b0,33,87,40,66,df,40,e8,f4,1f,90,ab,92,3e, 00,69,53,a2,c8,2b,05,5e,e7,07,fc,71,38,c5,52,87,60,55,4f,dc,5e,9b,c7,e9,de,\ . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Autres processus actifs ------------------------ . c:\program files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\program files (x86)\GIGABYTE\Smart6\Timelock\AlarmClock.exe c:\program files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe c:\program files (x86)\TeamViewer\Version7\TeamViewer.exe c:\program files (x86)\TeamViewer\Version7\tv_w32.exe . ************************************************************************** . Heure de fin: 2012-09-01 15:52:23 - La machine a redémarré ComboFix-quarantined-files.txt 2012-09-01 13:52 . Avant-CF: 18 011 152 384 bytes free Après-CF: 17 760 006 144 bytes free . - - End Of File - - B980ED5205A221307898CAF6AFDAC923