Probléme de téléchargement
Gojira
-
Utilisateur anonyme -
Utilisateur anonyme -
Bonjour,
Depuis peu, dès que je lance un téléchargement qui dépasse les 500 Mo (estimation) celui de bloque, plus ou moins rapidement. Idem pour le streaming.
Actions menées :
- Test avec Firefox, IE et Chrome : Plantage
- Test avec Free Download Manager : Plantage
- Scan avec mon antivirus (AVG) : Rien trouvé
- Scan en ligne avec Bitdefender : Rien trouvé
- Scan Spybot : Rien trouvé
- Scan Spyhunter : Rien trouvé
Parait il que poster un rapport de Hijackthis est d'usage, vous le trouverez ci-dessous :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:19:13, on 16/09/2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\PROGRA~1\AVG\AVG2012\avgrsx.exe
C:\Program Files\AVG\AVG2012\avgcsrvx.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\AVG\AVG2012\avgtray.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\AVG\AVG2012\avgwdsvc.exe
C:\WINDOWS\system32\FsUsbExService.Exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AVG\AVG2012\avgnsx.exe
C:\Program Files\AVG\AVG2012\avgemcx.exe
C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe
C:\Program Files\Free Download Manager\fdm.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files\AVG\AVG2012\avgdtiex.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Free Download Manager - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files\AVG\AVG2012\avgtray.exe"
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [] C:\\Program Files\\Windows Defender\\MpCmdRun.exe
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_11_3_300_271_Plugin.exe -update plugin
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O9 - Extra button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files\AVG\AVG2012\avgdtiex.dll
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/20061023/qtinstall.info.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {0972B098-DEE9-4279-AC7E-4BAAA029102D} (PhotoboxPhotowaysUploader5 Control) - http://assets.photobox.com/assets/v/ra3RgI_VSoCPalw7aL2ig_0fSS8.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} - http://activex.camfrogweb.com/advanced/2.0.2.20/cfweb_activex.camfrogweb.com-advanced-2.0.2.20_instmodule.exe
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {62D90588-609E-4208-A260-A6CEC45BB92C} - http://activex.camfrogweb.com/advanced/2.0.11/cfweb_activex.camfrogweb.com-advanced-2.0.11_instmodule.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1160761410693
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1167606523578
O16 - DPF: {9D190AE6-C81E-4039-8061-978EBAD10073} (F-Secure Online Scanner 3.0) - http://www.securite.neuf.fr/Ols/fscax.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {DFB5BCF1-06AE-4ABB-BFA8-1E228F41C50A} - http://www.bobtv.fr/download/cfweb_www.bobtv.fr-download_instmodule.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{CD7262F8-435F-4144-B1E0-30BFE1058E92}: NameServer = 212.30.96.108,213.203.124.146
O17 - HKLM\System\CCS\Services\Tcpip\..\{D7A511BD-C6DD-4F51-9149-750634AA6CFA}: NameServer = 109.0.66.10 109.0.66.20
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgwdsvc.exe
O23 - Service: FsUsbExService - Teruten - C:\WINDOWS\system32\FsUsbExService.Exe
O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Service Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
Si vous avez 5 minutes pour étudier mon cas, je vous en remercie.
Là je ne sais plus quoi faire.
Depuis peu, dès que je lance un téléchargement qui dépasse les 500 Mo (estimation) celui de bloque, plus ou moins rapidement. Idem pour le streaming.
Actions menées :
- Test avec Firefox, IE et Chrome : Plantage
- Test avec Free Download Manager : Plantage
- Scan avec mon antivirus (AVG) : Rien trouvé
- Scan en ligne avec Bitdefender : Rien trouvé
- Scan Spybot : Rien trouvé
- Scan Spyhunter : Rien trouvé
Parait il que poster un rapport de Hijackthis est d'usage, vous le trouverez ci-dessous :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:19:13, on 16/09/2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\PROGRA~1\AVG\AVG2012\avgrsx.exe
C:\Program Files\AVG\AVG2012\avgcsrvx.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\AVG\AVG2012\avgtray.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\AVG\AVG2012\avgwdsvc.exe
C:\WINDOWS\system32\FsUsbExService.Exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AVG\AVG2012\avgnsx.exe
C:\Program Files\AVG\AVG2012\avgemcx.exe
C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe
C:\Program Files\Free Download Manager\fdm.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files\AVG\AVG2012\avgdtiex.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Free Download Manager - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files\AVG\AVG2012\avgtray.exe"
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [] C:\\Program Files\\Windows Defender\\MpCmdRun.exe
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_11_3_300_271_Plugin.exe -update plugin
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O9 - Extra button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files\AVG\AVG2012\avgdtiex.dll
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/20061023/qtinstall.info.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {0972B098-DEE9-4279-AC7E-4BAAA029102D} (PhotoboxPhotowaysUploader5 Control) - http://assets.photobox.com/assets/v/ra3RgI_VSoCPalw7aL2ig_0fSS8.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} - http://activex.camfrogweb.com/advanced/2.0.2.20/cfweb_activex.camfrogweb.com-advanced-2.0.2.20_instmodule.exe
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {62D90588-609E-4208-A260-A6CEC45BB92C} - http://activex.camfrogweb.com/advanced/2.0.11/cfweb_activex.camfrogweb.com-advanced-2.0.11_instmodule.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1160761410693
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1167606523578
O16 - DPF: {9D190AE6-C81E-4039-8061-978EBAD10073} (F-Secure Online Scanner 3.0) - http://www.securite.neuf.fr/Ols/fscax.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {DFB5BCF1-06AE-4ABB-BFA8-1E228F41C50A} - http://www.bobtv.fr/download/cfweb_www.bobtv.fr-download_instmodule.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{CD7262F8-435F-4144-B1E0-30BFE1058E92}: NameServer = 212.30.96.108,213.203.124.146
O17 - HKLM\System\CCS\Services\Tcpip\..\{D7A511BD-C6DD-4F51-9149-750634AA6CFA}: NameServer = 109.0.66.10 109.0.66.20
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgwdsvc.exe
O23 - Service: FsUsbExService - Teruten - C:\WINDOWS\system32\FsUsbExService.Exe
O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Service Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
Si vous avez 5 minutes pour étudier mon cas, je vous en remercie.
Là je ne sais plus quoi faire.
A voir également:
- Probléme de téléchargement
- Site de telechargement - Accueil - Outils
- Telechargement - Télécharger - Traitement de texte
- Téléchargement - Télécharger - Compression & Décompression
- Telechargement film d'action complet en francais - Télécharger - TV & Vidéo
- Adobe Reader - Télécharger - PDF
30 réponses
ComboFix 12-09-16.01 - christophe 18/09/2012 0:17:36.2.2 - x86 MINIMAL
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.33.1036.18.2047.1771 [GMT 2:00]
Lancé depuis: C:\Documents and Settings\christophe\Bureau\Christophe.exe
AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
C:\Documents and Settings\All Users\Application Data\TEMP
C:\Documents and Settings\christophe\WINDOWS
C:\WINDOWS\system32\ctfmon(2).exe
C:\WINDOWS\system32\dllcache\wmpvis.dll
C:\WINDOWS\system32\drivers\etc\hosts.ics
C:\WINDOWS\system32\drivers\etc\hosts.txt
C:\WINDOWS\system32\ijl11.dll
C:\WINDOWS\system32\regobj.dll
C:\WINDOWS\system32\rnaph.dll
C:\WINDOWS\system32\SET1E.tmp
C:\WINDOWS\system32\SET30.tmp
C:\WINDOWS\system32\SET33.tmp
C:\WINDOWS\system32\SET35.tmp
C:\WINDOWS\system32\SET37.tmp
C:\WINDOWS\system32\URTTemp
C:\WINDOWS\system32\URTTemp\fusion.dll
C:\WINDOWS\system32\URTTemp\mscoree.dll
C:\WINDOWS\system32\URTTemp\mscoree.dll.local
C:\WINDOWS\system32\URTTemp\mscorsn.dll
C:\WINDOWS\system32\URTTemp\mscorwks.dll
C:\WINDOWS\system32\URTTemp\msvcr71.dll
C:\WINDOWS\system32\URTTemp\regtlib.exe
Une copie infectée de C:\WINDOWS\system32\kernel32.dll a été trouvée et désinfectée
Copie restaurée à partir de - C:\WINDOWS\$hf_mig$\KB959426\SP3QFE\kernel32.dll
\\.\PhysicalDrive0 - Bootkit Sinowal was found and disinfected
\\.\PhysicalDrive0 - Bootkit Sinowal was found and disinfected
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Service_npf
-------\Service_xcpip
-------\Service_xpsec
((((((((((((((((((((((((((((( Fichiers créés du 2012-08-17 au 2012-09-17 ))))))))))))))))))))))))))))))))))))
2012-09-17 21:19:06 . 2012-09-17 21:27:13 -------- d-----w- C:\Documents and Settings\christophe\Application Data\Free Download Manager
2012-09-17 17:15:07 . 2012-09-17 17:15:07 -------- d-----w- C:\Documents and Settings\christophe\Application Data\Malwarebytes
2012-09-17 17:14:43 . 2012-09-17 17:14:46 -------- d-----w- C:\Program Files\Malwarebytes' Anti-Malware
2012-09-17 17:14:43 . 2012-09-17 17:14:43 -------- d-----w- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2012-09-17 17:14:43 . 2012-09-07 15:04:46 22856 ----a-w- C:\WINDOWS\system32\drivers\mbam.sys
2012-09-16 09:54:02 . 2012-09-17 20:25:38 -------- d-----w- C:\Pre_Scan
2012-09-15 22:56:02 . 2012-09-15 22:56:02 -------- d-----w- C:\Program Files\Trend Micro
2012-09-09 10:29:39 . 2012-09-09 10:29:51 -------- d-----w- C:\Program Files\Free Download Manager
2012-08-29 16:36:45 . 2012-08-29 16:36:46 -------- d-----w- C:\Program Files\Microsoft Silverlight
2012-08-29 15:00:32 . 2012-08-29 15:01:09 -------- d-----w- C:\Documents and Settings\All Users\Application Data\Battle.net
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
2012-08-14 21:35:40 . 2012-05-13 09:31:44 426184 ----a-w- C:\WINDOWS\system32\FlashPlayerApp.exe
2012-08-14 21:35:39 . 2011-08-21 07:25:01 70344 ----a-w- C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2012-07-06 13:59:05 . 2003-04-24 12:00:00 78336 ----a-w- C:\WINDOWS\system32\browser.dll
2012-07-04 14:05:18 . 2006-10-13 15:59:42 139784 ----a-w- C:\WINDOWS\system32\drivers\rdpwd.sys
2012-07-03 18:27:23 . 2003-04-24 12:00:00 1866240 ----a-w- C:\WINDOWS\system32\win32k.sys
2012-07-02 17:39:50 . 2003-04-24 12:00:00 916992 ----a-w- C:\WINDOWS\system32\wininet.dll
2012-07-02 17:39:48 . 2003-04-24 12:00:00 43520 ------w- C:\WINDOWS\system32\licmgr10.dll
2012-07-02 17:39:47 . 2003-04-24 12:00:00 1469440 ------w- C:\WINDOWS\system32\inetcpl.cpl
2012-07-02 12:05:43 . 2006-10-13 16:12:07 385024 ----a-w- C:\WINDOWS\system32\html.iec
2012-09-07 15:39:17 . 2012-09-07 15:39:06 266720 ----a-w- C:\Program Files\mozilla firefox\components\browsercomps.dll
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-12-11 14:38:30 98304]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2008-04-14 02:33:59 15360]
"DWQueuedReporting"="C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" [2010-02-28 00:09:14 519584]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2011-12-16 00:17:57 136176 ----atw- C:\Documents and Settings\christophe\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"C:\\Program Files\\Samsung\\Samsung New PC Studio\\npsasvr.exe"=
"C:\\Program Files\\Samsung\\Samsung New PC Studio\\npsvsvr.exe"=
"C:\\WINDOWS\\system32\\PnkBstrA.exe"=
"C:\\WINDOWS\\system32\\PnkBstrB.exe"=
"C:\\Program Files\\Logitech\\Logitech Vid\\Vid.exe"=
"C:\\Program Files\\Ubisoft\\Ubisoft Game Launcher\\UbisoftGameLauncher.exe"=
"C:\\Program Files\\raidcall\\raidcall.exe"=
"C:\\Program Files\\Electronic Arts\\Crytek\\Crysis 2\\bin32\\Crysis2.exe"=
"C:\\Documents and Settings\\All Users\\Application Data\\Battle.net\\Agent\\Agent.1040\\Agent.exe"=
"C:\\Documents and Settings\\All Users\\Application Data\\Battle.net\\Agent\\Agent.1267\\Agent.exe"=
"C:\\WINDOWS\\system32\\msiexec.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:Remote Desktop
"65533:TCP"= 65533:TCP:Services
"52344:TCP"= 52344:TCP:Services
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\WINDOWS\system32\drivers\dtsoftbus01.sys [12/06/2011 17:17:27 218688]
R2 FsUsbExService;FsUsbExService;C:\WINDOWS\system32\FsUsbExService.Exe [01/04/2011 19:20:48 238952]
R3 DAdderFltr;DeathAdder Mouse;C:\WINDOWS\system32\drivers\dadder.sys [09/01/2008 20:13:28 10880]
R3 FsUsbExDisk;FsUsbExDisk;C:\WINDOWS\system32\FsUsbExDisk.Sys [01/04/2011 19:20:48 36608]
S0 AVGIDSHX;AVGIDSHX;C:\WINDOWS\system32\DRIVERS\avgidshx.sys --> C:\WINDOWS\system32\DRIVERS\avgidshx.sys [?]
S2 gupdate;Service Google Update (gupdate);C:\Program Files\Google\Update\GoogleUpdate.exe [09/07/2012 17:14:13 116648]
S2 WinDefend;Windows Defender;C:\Program Files\Windows Defender\MsMpEng.exe [03/11/2006 19:19:58 13592]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [13/05/2012 11:31:44 250056]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver;C:\WINDOWS\system32\drivers\ssadadb.sys [01/04/2011 19:22:56 30312]
S3 AVGIDSDriver;AVGIDSDriver;C:\WINDOWS\system32\DRIVERS\avgidsdriverx.sys --> C:\WINDOWS\system32\DRIVERS\avgidsdriverx.sys [?]
S3 AVGIDSFilter;AVGIDSFilter;C:\WINDOWS\system32\DRIVERS\avgidsfilterx.sys --> C:\WINDOWS\system32\DRIVERS\avgidsfilterx.sys [?]
S3 AVGIDSShim;AVGIDSShim;C:\WINDOWS\system32\DRIVERS\avgidsshimx.sys --> C:\WINDOWS\system32\DRIVERS\avgidsshimx.sys [?]
S3 gupdatem;Service Google Update (gupdatem);C:\Program Files\Google\Update\GoogleUpdate.exe [09/07/2012 17:14:13 116648]
S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [26/04/2012 11:35:52 114144]
S3 npggsvc;nProtect GameGuard Service;C:\WINDOWS\system32\GameMon.des -service --> C:\WINDOWS\system32\GameMon.des -service [?]
S3 PID_0920;Labtec WebCam(PID_0920);C:\WINDOWS\system32\drivers\LV532AV.SYS [17/03/2007 21:16:50 163328]
S3 RTLWUSB;Realtek RTL8187 Wireless 802.11g 54Mbps USB 2.0 Network Adapter;C:\WINDOWS\system32\drivers\RTL8187.sys [13/10/2006 21:34:12 176128]
S3 SjyPkt;SjyPkt;C:\WINDOWS\system32\drivers\SjyPkt.sys [13/10/2006 21:34:11 13532]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);C:\WINDOWS\system32\drivers\ssadbus.sys [01/04/2011 19:22:55 96488]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);C:\WINDOWS\system32\drivers\ssadmdfl.sys [01/04/2011 19:22:57 12776]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers;C:\WINDOWS\system32\drivers\ssadmdm.sys [01/04/2011 19:22:57 121576]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);C:\WINDOWS\system32\drivers\ssadserd.sys [01/04/2011 19:22:59 98152]
S4 sptd;sptd;C:\WINDOWS\system32\drivers\sptd.sys [31/12/2006 10:33:17 436792]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
getPlusHelper REG_MULTI_SZ getPlusHelper
Contenu du dossier 'Tâches planifiées'
2012-09-17 C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-13 09:31:44 . 2012-08-14 21:35:44]
2012-05-28 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34:12 . 2008-07-30 10:34:12]
2012-09-17 C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
- C:\Program Files\Google\Update\GoogleUpdate.exe [2012-07-09 15:14:13 . 2012-07-09 15:13:56]
2012-09-17 C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
- C:\Program Files\Google\Update\GoogleUpdate.exe [2012-07-09 15:14:13 . 2012-07-09 15:13:56]
2012-09-17 C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1482476501-1844823847-839522115-1004Core.job
- C:\Documents and Settings\christophe\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-12-16 00:18:02 . 2011-12-16 00:17:57]
2012-09-17 C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1482476501-1844823847-839522115-1004UA.job
- C:\Documents and Settings\christophe\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-12-16 00:18:02 . 2011-12-16 00:17:57]
------- Examen supplémentaire -------
uStart Page = hxxp://www.google.fr/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - C:\WINDOWS\system32\GPhotos.scr/200
IE: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
IE: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
IE: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
IE: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
TCP: Interfaces\{CD7262F8-435F-4144-B1E0-30BFE1058E92}: NameServer = 212.30.96.108,213.203.124.146
DPF: {0972B098-DEE9-4279-AC7E-4BAAA029102D} - hxxp://assets.photobox.com/assets/v/ra3RgI_VSoCPalw7aL2ig_0fSS8.cab
DPF: {62D90588-609E-4208-A260-A6CEC45BB92C} - hxxp://activex.camfrogweb.com/advanced/2.0.11/cfweb_activex.camfrogweb.com-advanced-2.0.11_instmodule.exe
DPF: {DFB5BCF1-06AE-4ABB-BFA8-1E228F41C50A} - hxxp://www.bobtv.fr/download/cfweb_www.bobtv.fr-download_instmodule.exe
FF - ProfilePath - C:\Documents and Settings\christophe\Application Data\Mozilla\Firefox\Profiles\du8zphbj.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/
FF - prefs.js: network.proxy.type - 0
- - - - ORPHELINS SUPPRIMES - - - -
AddRemove-01_Simmental - C:\Program Files\Samsung\USB Drivers\01_Simmental\Uninstall.exe
AddRemove-02_Siberian - C:\Program Files\Samsung\USB Drivers\02_Siberian\Uninstall.exe
AddRemove-03_Swallowtail - C:\Program Files\Samsung\USB Drivers\03_Swallowtail\Uninstall.exe
AddRemove-04_semseyite - C:\Program Files\Samsung\USB Drivers\04_semseyite\Uninstall.exe
AddRemove-05_Sloan - C:\Program Files\Samsung\USB Drivers\05_Sloan\Uninstall.exe
AddRemove-06_Spencer - C:\Program Files\Samsung\USB Drivers\06_Spencer\Uninstall.exe
AddRemove-07_Schorl - C:\Program Files\Samsung\USB Drivers\07_Schorl\Uninstall.exe
AddRemove-08_EMPChipset - C:\Program Files\Samsung\USB Drivers\08_EMPChipset\Uninstall.exe
AddRemove-09_Hsp - C:\Program Files\Samsung\USB Drivers\09_Hsp\Uninstall.exe
AddRemove-11_HSP_Plus_Default - C:\Program Files\Samsung\USB Drivers\11_HSP_Plus_Default\Uninstall.exe
AddRemove-16_Shrewsbury - C:\Program Files\Samsung\USB Drivers\16_Shrewsbury\Uninstall.exe
AddRemove-17_EMP_Chipset2 - C:\Program Files\Samsung\USB Drivers\17_EMP_Chipset2\Uninstall.exe
AddRemove-18_Zinia_Serial_Driver - C:\Program Files\Samsung\USB Drivers\18_Zinia_Serial_Driver\Uninstall.exe
AddRemove-19_VIA_driver - C:\Program Files\Samsung\USB Drivers\19_VIA_driver\Uninstall.exe
AddRemove-20_NXP_Driver - C:\Program Files\Samsung\USB Drivers\20_NXP_Driver\Uninstall.exe
AddRemove-21_Searsburg - C:\Program Files\Samsung\USB Drivers\21_Searsburg\Uninstall.exe
AddRemove-22_WiBro_WiMAX - C:\Program Files\Samsung\USB Drivers\22_WiBro_WiMAX\Uninstall.exe
Bonne nuit
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.33.1036.18.2047.1771 [GMT 2:00]
Lancé depuis: C:\Documents and Settings\christophe\Bureau\Christophe.exe
AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
C:\Documents and Settings\All Users\Application Data\TEMP
C:\Documents and Settings\christophe\WINDOWS
C:\WINDOWS\system32\ctfmon(2).exe
C:\WINDOWS\system32\dllcache\wmpvis.dll
C:\WINDOWS\system32\drivers\etc\hosts.ics
C:\WINDOWS\system32\drivers\etc\hosts.txt
C:\WINDOWS\system32\ijl11.dll
C:\WINDOWS\system32\regobj.dll
C:\WINDOWS\system32\rnaph.dll
C:\WINDOWS\system32\SET1E.tmp
C:\WINDOWS\system32\SET30.tmp
C:\WINDOWS\system32\SET33.tmp
C:\WINDOWS\system32\SET35.tmp
C:\WINDOWS\system32\SET37.tmp
C:\WINDOWS\system32\URTTemp
C:\WINDOWS\system32\URTTemp\fusion.dll
C:\WINDOWS\system32\URTTemp\mscoree.dll
C:\WINDOWS\system32\URTTemp\mscoree.dll.local
C:\WINDOWS\system32\URTTemp\mscorsn.dll
C:\WINDOWS\system32\URTTemp\mscorwks.dll
C:\WINDOWS\system32\URTTemp\msvcr71.dll
C:\WINDOWS\system32\URTTemp\regtlib.exe
Une copie infectée de C:\WINDOWS\system32\kernel32.dll a été trouvée et désinfectée
Copie restaurée à partir de - C:\WINDOWS\$hf_mig$\KB959426\SP3QFE\kernel32.dll
\\.\PhysicalDrive0 - Bootkit Sinowal was found and disinfected
\\.\PhysicalDrive0 - Bootkit Sinowal was found and disinfected
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Service_npf
-------\Service_xcpip
-------\Service_xpsec
((((((((((((((((((((((((((((( Fichiers créés du 2012-08-17 au 2012-09-17 ))))))))))))))))))))))))))))))))))))
2012-09-17 21:19:06 . 2012-09-17 21:27:13 -------- d-----w- C:\Documents and Settings\christophe\Application Data\Free Download Manager
2012-09-17 17:15:07 . 2012-09-17 17:15:07 -------- d-----w- C:\Documents and Settings\christophe\Application Data\Malwarebytes
2012-09-17 17:14:43 . 2012-09-17 17:14:46 -------- d-----w- C:\Program Files\Malwarebytes' Anti-Malware
2012-09-17 17:14:43 . 2012-09-17 17:14:43 -------- d-----w- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2012-09-17 17:14:43 . 2012-09-07 15:04:46 22856 ----a-w- C:\WINDOWS\system32\drivers\mbam.sys
2012-09-16 09:54:02 . 2012-09-17 20:25:38 -------- d-----w- C:\Pre_Scan
2012-09-15 22:56:02 . 2012-09-15 22:56:02 -------- d-----w- C:\Program Files\Trend Micro
2012-09-09 10:29:39 . 2012-09-09 10:29:51 -------- d-----w- C:\Program Files\Free Download Manager
2012-08-29 16:36:45 . 2012-08-29 16:36:46 -------- d-----w- C:\Program Files\Microsoft Silverlight
2012-08-29 15:00:32 . 2012-08-29 15:01:09 -------- d-----w- C:\Documents and Settings\All Users\Application Data\Battle.net
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
2012-08-14 21:35:40 . 2012-05-13 09:31:44 426184 ----a-w- C:\WINDOWS\system32\FlashPlayerApp.exe
2012-08-14 21:35:39 . 2011-08-21 07:25:01 70344 ----a-w- C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2012-07-06 13:59:05 . 2003-04-24 12:00:00 78336 ----a-w- C:\WINDOWS\system32\browser.dll
2012-07-04 14:05:18 . 2006-10-13 15:59:42 139784 ----a-w- C:\WINDOWS\system32\drivers\rdpwd.sys
2012-07-03 18:27:23 . 2003-04-24 12:00:00 1866240 ----a-w- C:\WINDOWS\system32\win32k.sys
2012-07-02 17:39:50 . 2003-04-24 12:00:00 916992 ----a-w- C:\WINDOWS\system32\wininet.dll
2012-07-02 17:39:48 . 2003-04-24 12:00:00 43520 ------w- C:\WINDOWS\system32\licmgr10.dll
2012-07-02 17:39:47 . 2003-04-24 12:00:00 1469440 ------w- C:\WINDOWS\system32\inetcpl.cpl
2012-07-02 12:05:43 . 2006-10-13 16:12:07 385024 ----a-w- C:\WINDOWS\system32\html.iec
2012-09-07 15:39:17 . 2012-09-07 15:39:06 266720 ----a-w- C:\Program Files\mozilla firefox\components\browsercomps.dll
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-12-11 14:38:30 98304]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2008-04-14 02:33:59 15360]
"DWQueuedReporting"="C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" [2010-02-28 00:09:14 519584]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2011-12-16 00:17:57 136176 ----atw- C:\Documents and Settings\christophe\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"C:\\Program Files\\Samsung\\Samsung New PC Studio\\npsasvr.exe"=
"C:\\Program Files\\Samsung\\Samsung New PC Studio\\npsvsvr.exe"=
"C:\\WINDOWS\\system32\\PnkBstrA.exe"=
"C:\\WINDOWS\\system32\\PnkBstrB.exe"=
"C:\\Program Files\\Logitech\\Logitech Vid\\Vid.exe"=
"C:\\Program Files\\Ubisoft\\Ubisoft Game Launcher\\UbisoftGameLauncher.exe"=
"C:\\Program Files\\raidcall\\raidcall.exe"=
"C:\\Program Files\\Electronic Arts\\Crytek\\Crysis 2\\bin32\\Crysis2.exe"=
"C:\\Documents and Settings\\All Users\\Application Data\\Battle.net\\Agent\\Agent.1040\\Agent.exe"=
"C:\\Documents and Settings\\All Users\\Application Data\\Battle.net\\Agent\\Agent.1267\\Agent.exe"=
"C:\\WINDOWS\\system32\\msiexec.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:Remote Desktop
"65533:TCP"= 65533:TCP:Services
"52344:TCP"= 52344:TCP:Services
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\WINDOWS\system32\drivers\dtsoftbus01.sys [12/06/2011 17:17:27 218688]
R2 FsUsbExService;FsUsbExService;C:\WINDOWS\system32\FsUsbExService.Exe [01/04/2011 19:20:48 238952]
R3 DAdderFltr;DeathAdder Mouse;C:\WINDOWS\system32\drivers\dadder.sys [09/01/2008 20:13:28 10880]
R3 FsUsbExDisk;FsUsbExDisk;C:\WINDOWS\system32\FsUsbExDisk.Sys [01/04/2011 19:20:48 36608]
S0 AVGIDSHX;AVGIDSHX;C:\WINDOWS\system32\DRIVERS\avgidshx.sys --> C:\WINDOWS\system32\DRIVERS\avgidshx.sys [?]
S2 gupdate;Service Google Update (gupdate);C:\Program Files\Google\Update\GoogleUpdate.exe [09/07/2012 17:14:13 116648]
S2 WinDefend;Windows Defender;C:\Program Files\Windows Defender\MsMpEng.exe [03/11/2006 19:19:58 13592]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [13/05/2012 11:31:44 250056]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver;C:\WINDOWS\system32\drivers\ssadadb.sys [01/04/2011 19:22:56 30312]
S3 AVGIDSDriver;AVGIDSDriver;C:\WINDOWS\system32\DRIVERS\avgidsdriverx.sys --> C:\WINDOWS\system32\DRIVERS\avgidsdriverx.sys [?]
S3 AVGIDSFilter;AVGIDSFilter;C:\WINDOWS\system32\DRIVERS\avgidsfilterx.sys --> C:\WINDOWS\system32\DRIVERS\avgidsfilterx.sys [?]
S3 AVGIDSShim;AVGIDSShim;C:\WINDOWS\system32\DRIVERS\avgidsshimx.sys --> C:\WINDOWS\system32\DRIVERS\avgidsshimx.sys [?]
S3 gupdatem;Service Google Update (gupdatem);C:\Program Files\Google\Update\GoogleUpdate.exe [09/07/2012 17:14:13 116648]
S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [26/04/2012 11:35:52 114144]
S3 npggsvc;nProtect GameGuard Service;C:\WINDOWS\system32\GameMon.des -service --> C:\WINDOWS\system32\GameMon.des -service [?]
S3 PID_0920;Labtec WebCam(PID_0920);C:\WINDOWS\system32\drivers\LV532AV.SYS [17/03/2007 21:16:50 163328]
S3 RTLWUSB;Realtek RTL8187 Wireless 802.11g 54Mbps USB 2.0 Network Adapter;C:\WINDOWS\system32\drivers\RTL8187.sys [13/10/2006 21:34:12 176128]
S3 SjyPkt;SjyPkt;C:\WINDOWS\system32\drivers\SjyPkt.sys [13/10/2006 21:34:11 13532]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);C:\WINDOWS\system32\drivers\ssadbus.sys [01/04/2011 19:22:55 96488]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);C:\WINDOWS\system32\drivers\ssadmdfl.sys [01/04/2011 19:22:57 12776]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers;C:\WINDOWS\system32\drivers\ssadmdm.sys [01/04/2011 19:22:57 121576]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);C:\WINDOWS\system32\drivers\ssadserd.sys [01/04/2011 19:22:59 98152]
S4 sptd;sptd;C:\WINDOWS\system32\drivers\sptd.sys [31/12/2006 10:33:17 436792]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
getPlusHelper REG_MULTI_SZ getPlusHelper
Contenu du dossier 'Tâches planifiées'
2012-09-17 C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-13 09:31:44 . 2012-08-14 21:35:44]
2012-05-28 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34:12 . 2008-07-30 10:34:12]
2012-09-17 C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
- C:\Program Files\Google\Update\GoogleUpdate.exe [2012-07-09 15:14:13 . 2012-07-09 15:13:56]
2012-09-17 C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
- C:\Program Files\Google\Update\GoogleUpdate.exe [2012-07-09 15:14:13 . 2012-07-09 15:13:56]
2012-09-17 C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1482476501-1844823847-839522115-1004Core.job
- C:\Documents and Settings\christophe\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-12-16 00:18:02 . 2011-12-16 00:17:57]
2012-09-17 C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1482476501-1844823847-839522115-1004UA.job
- C:\Documents and Settings\christophe\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-12-16 00:18:02 . 2011-12-16 00:17:57]
------- Examen supplémentaire -------
uStart Page = hxxp://www.google.fr/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - C:\WINDOWS\system32\GPhotos.scr/200
IE: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
IE: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
IE: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
IE: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
TCP: Interfaces\{CD7262F8-435F-4144-B1E0-30BFE1058E92}: NameServer = 212.30.96.108,213.203.124.146
DPF: {0972B098-DEE9-4279-AC7E-4BAAA029102D} - hxxp://assets.photobox.com/assets/v/ra3RgI_VSoCPalw7aL2ig_0fSS8.cab
DPF: {62D90588-609E-4208-A260-A6CEC45BB92C} - hxxp://activex.camfrogweb.com/advanced/2.0.11/cfweb_activex.camfrogweb.com-advanced-2.0.11_instmodule.exe
DPF: {DFB5BCF1-06AE-4ABB-BFA8-1E228F41C50A} - hxxp://www.bobtv.fr/download/cfweb_www.bobtv.fr-download_instmodule.exe
FF - ProfilePath - C:\Documents and Settings\christophe\Application Data\Mozilla\Firefox\Profiles\du8zphbj.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/
FF - prefs.js: network.proxy.type - 0
- - - - ORPHELINS SUPPRIMES - - - -
AddRemove-01_Simmental - C:\Program Files\Samsung\USB Drivers\01_Simmental\Uninstall.exe
AddRemove-02_Siberian - C:\Program Files\Samsung\USB Drivers\02_Siberian\Uninstall.exe
AddRemove-03_Swallowtail - C:\Program Files\Samsung\USB Drivers\03_Swallowtail\Uninstall.exe
AddRemove-04_semseyite - C:\Program Files\Samsung\USB Drivers\04_semseyite\Uninstall.exe
AddRemove-05_Sloan - C:\Program Files\Samsung\USB Drivers\05_Sloan\Uninstall.exe
AddRemove-06_Spencer - C:\Program Files\Samsung\USB Drivers\06_Spencer\Uninstall.exe
AddRemove-07_Schorl - C:\Program Files\Samsung\USB Drivers\07_Schorl\Uninstall.exe
AddRemove-08_EMPChipset - C:\Program Files\Samsung\USB Drivers\08_EMPChipset\Uninstall.exe
AddRemove-09_Hsp - C:\Program Files\Samsung\USB Drivers\09_Hsp\Uninstall.exe
AddRemove-11_HSP_Plus_Default - C:\Program Files\Samsung\USB Drivers\11_HSP_Plus_Default\Uninstall.exe
AddRemove-16_Shrewsbury - C:\Program Files\Samsung\USB Drivers\16_Shrewsbury\Uninstall.exe
AddRemove-17_EMP_Chipset2 - C:\Program Files\Samsung\USB Drivers\17_EMP_Chipset2\Uninstall.exe
AddRemove-18_Zinia_Serial_Driver - C:\Program Files\Samsung\USB Drivers\18_Zinia_Serial_Driver\Uninstall.exe
AddRemove-19_VIA_driver - C:\Program Files\Samsung\USB Drivers\19_VIA_driver\Uninstall.exe
AddRemove-20_NXP_Driver - C:\Program Files\Samsung\USB Drivers\20_NXP_Driver\Uninstall.exe
AddRemove-21_Searsburg - C:\Program Files\Samsung\USB Drivers\21_Searsburg\Uninstall.exe
AddRemove-22_WiBro_WiMAX - C:\Program Files\Samsung\USB Drivers\22_WiBro_WiMAX\Uninstall.exe
Bonne nuit
Hello,
Etant mauvais au copier/coller, on va faire cette méthode :
http://pjjoint.malekal.com/files.php?id=20120918_f15z12l7l8u9
Etant mauvais au copier/coller, on va faire cette méthode :
http://pjjoint.malekal.com/files.php?id=20120918_f15z12l7l8u9
Fais analyser le(s) fichier(s) suivants sur Virustotal :
Virus Total
clique sur "Parcourir" et trouve puis selectionne ce(s) fichier(s) :
C:\WINDOWS\system32\drivers\SjyPkt.sys
* Clique maintenant sur Envoyer le fichier. et laisse travailler tant que "Situation actuelle : en cours d'analyse" est affiché.
* Il est possible que le fichier soit mis en file d'attente en raison d'un grand nombre de demandes d'analyses. En ce cas, il te faudra patienter sans actualiser la page.
* Lorsque l'analyse est terminée colle le lien de(s)( la) page(s) dans ta prochaine réponse.
Virus Total
clique sur "Parcourir" et trouve puis selectionne ce(s) fichier(s) :
C:\WINDOWS\system32\drivers\SjyPkt.sys
* Clique maintenant sur Envoyer le fichier. et laisse travailler tant que "Situation actuelle : en cours d'analyse" est affiché.
* Il est possible que le fichier soit mis en file d'attente en raison d'un grand nombre de demandes d'analyses. En ce cas, il te faudra patienter sans actualiser la page.
* Lorsque l'analyse est terminée colle le lien de(s)( la) page(s) dans ta prochaine réponse.
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Et voila :
https://www.virustotal.com/file/24d602b7ddf7718a1f149d35b24c2345d0dde6e8b8a7fdf35062c24a6d13226d/analysis/
https://www.virustotal.com/file/24d602b7ddf7718a1f149d35b24c2345d0dde6e8b8a7fdf35062c24a6d13226d/analysis/
https://www.virustotal.com/file/24d602b7ddf7718a1f149d35b24c2345d0dde6e8b8a7fdf35062c24a6d13226d/analysis/1347990263/
