Virus qui bouffe la bande passante

Virus qui bouffe la bande passante - Virus/Spywares - Windows & Software

Marsh Posté le 08-06-2012 à 00:28:10    

Bonsoir :)
 
J'ai plus de dix ordinateurs connecter en réseau dont différents antivirus sont installé (NOD32, Avast et bitdefender). Quand je me connecte avec le mien et que les autres sont etaints le téléchargement et le ping sont bon, mais quand je démarre les autres ordinateurs la bande passante chute brusquement et les ping montent comme une flèche (plus de 300 ms !!).
 
Je vais commencer par débrancher tout les ordinateurs du réseau et les rebrancher un par un pour savoir lequel des ordinateurs est infecter. Voici ci dessous un rapport de combofix de mon ordinateur personnel j'aimerais que quelqu'un y jette un coup d’œil ^^ merci d'avance et bonne soirée :)
 
ComboFix 12-06-07.03 - Shino 07/06/2012  23:02:14.1.4 - x64
Microsoft Windows 7 Édition Intégrale   6.1.7601.1.1252.33.1036.18.4075.2074 [GMT 1:00]
Lancé depuis: c:\users\Shino\Downloads\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Un nouveau point de restauration a été créé
.
.
((((((((((((((((((((((((((((((((((((   Autres suppressions   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Shino\AppData\Local\assembly\tmp
c:\users\Shino\AppData\Roaming\Rift
c:\users\Shino\AppData\Roaming\Rift\rift.cfg
.
.
(((((((((((((((((((((((((((((   Fichiers créés du 2012-05-07 au 2012-06-07  ))))))))))))))))))))))))))))))))))))
.
.
2012-06-07 18:35 . 2012-06-07 18:35 1536 ----a-w- c:\windows\SysWow64\bcevent.dll
2012-06-07 18:12 . 2007-07-27 22:31 298496 ----a-w- c:\windows\system32\drivers\NetPeeker.sys
2012-06-07 17:48 . 2012-06-07 17:48 -------- d-----w- c:\windows\Downloaded Installations
2012-06-07 17:13 . 2012-06-07 17:13 -------- d-----w- c:\users\Shino\AppData\Roaming\Locktime
2012-06-07 17:12 . 2012-06-07 17:12 -------- d-----w- c:\programdata\Locktime
2012-06-07 11:31 . 2012-06-07 11:31 770384 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcr100.dll
2012-06-07 11:31 . 2012-06-07 11:31 421200 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcp100.dll
2012-06-01 15:07 . 2012-06-07 13:16 -------- d-----w- c:\users\Shino\AppData\Roaming\Xfire
2012-06-01 15:07 . 2012-06-02 05:34 -------- d-----w- c:\programdata\Xfire
2012-06-01 07:02 . 2012-06-07 13:10 -------- d-----w- c:\program files (x86)\Diablo III
2012-06-01 07:02 . 2012-06-01 07:24 -------- d-----w- c:\program files (x86)\Common Files\Blizzard Entertainment
2012-06-01 07:02 . 2012-06-01 07:24 -------- d-----w- c:\programdata\Blizzard Entertainment
2012-06-01 06:57 . 2012-06-01 06:59 -------- d-----w- c:\programdata\Battle.net
2012-05-31 21:59 . 2012-05-31 21:59 -------- d-----w- c:\program files (x86)\GetData
2012-05-30 20:15 . 2012-05-30 20:15 -------- d-----w- c:\users\Shino\AppData\Roaming\FLEXnet
2012-05-30 20:15 . 2012-05-30 20:15 -------- d-----w- c:\users\Shino\AppData\Roaming\Zeon
2012-05-30 20:14 . 2012-05-30 20:15 -------- d-----w- c:\users\Shino\AppData\Roaming\Nuance
2012-05-30 20:13 . 2012-05-30 20:15 -------- d-----w- c:\programdata\Nuance
2012-05-30 20:12 . 2012-05-30 20:12 -------- d-----w- c:\windows\PIXTRAN
2012-05-30 20:12 . 2012-05-30 20:12 -------- d-----w- c:\programdata\zeon
2012-05-30 20:12 . 2012-05-30 20:12 -------- d-----w- c:\program files (x86)\Common Files\ScanSoft Shared
2012-05-30 20:12 . 2012-05-30 20:12 -------- d-----w- c:\programdata\FLEXnet
2012-05-29 18:28 . 2009-02-11 08:56 65536 ----a-w- c:\windows\SysWow64\pcPDisp.exe
2012-05-29 18:28 . 2009-02-11 08:56 57344 ----a-w- c:\windows\SysWow64\pcPMon.dll
2012-05-29 18:28 . 2012-05-29 18:28 -------- d-----w- c:\program files (x86)\pdfconverter.com
2012-05-29 16:35 . 2012-05-29 18:19 -------- d-----w- c:\users\Shino\AppData\Roaming\.minecraft
2012-05-29 04:17 . 2012-05-29 04:17 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D0C5CFA7-3BCE-4DF4-8BF6-CB72E000D7FE}\offreg.dll
2012-05-16 11:29 . 2012-05-16 11:29 -------- d-----w- c:\users\Shino\AppData\Local\Funcom
2012-05-16 11:29 . 2012-05-16 11:29 -------- d-----w- c:\programdata\media center programs
2012-05-16 02:01 . 2012-05-16 02:01 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2012-05-15 21:46 . 2012-05-27 16:52 -------- d-----w- c:\program files (x86)\Microsoft Works
2012-05-15 21:43 . 2012-05-15 21:43 -------- d-----w- c:\users\Shino\AppData\Local\Microsoft Help
2012-05-15 21:43 . 2012-05-27 16:53 -------- d-----w- c:\programdata\Microsoft Help
2012-05-15 21:42 . 2012-05-15 21:42 -------- d-----r- C:\MSOCache
2012-05-11 19:01 . 2012-03-03 06:35 1544704 ----a-w- c:\windows\system32\DWrite.dll
2012-05-11 19:01 . 2012-03-03 05:31 1077248 ----a-w- c:\windows\SysWow64\DWrite.dll
2012-05-11 19:01 . 2012-03-31 06:05 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-05-11 19:01 . 2012-03-31 03:10 3146240 ----a-w- c:\windows\system32\win32k.sys
2012-05-11 19:01 . 2012-03-31 04:39 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-05-11 19:01 . 2012-03-31 04:39 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-05-09 16:14 . 2012-05-21 11:06 -------- d-----w- c:\users\Shino\AppData\Roaming\abgx360
2012-05-09 16:13 . 2012-05-09 16:13 -------- d-----w- c:\program files (x86)\abgx360
2012-05-09 15:36 . 2012-03-30 11:35 1918320 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-05-09 15:36 . 2012-03-31 05:42 1732096 ----a-w- c:\program files\Windows Journal\NBDoc.DLL
2012-05-09 15:36 . 2012-03-31 05:40 1367552 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2012-05-09 15:36 . 2012-03-31 04:29 936960 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2012-05-09 15:36 . 2012-03-31 05:40 1402880 ----a-w- c:\program files\Windows Journal\JNWDRV.dll
2012-05-09 15:36 . 2012-03-31 05:40 1393664 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll
2012-05-09 15:01 . 2012-03-17 07:58 75120 ----a-w- c:\windows\system32\drivers\partmgr.sys
.
.
.
((((((((((((((((((((((((((((((((((   Compte-rendu de Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-05-05 22:13 . 2012-05-05 22:13 2306328 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
2012-05-05 21:29 . 2012-05-05 21:29 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2012-05-05 21:29 . 2012-05-05 21:29 639312 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2012-05-05 04:55 . 2012-04-16 22:55 70304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-05-05 04:55 . 2012-04-16 22:55 419488 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-05-05 04:55 . 2012-05-05 04:55 8744608 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2012-05-04 13:19 . 2012-04-13 11:48 283304 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2012-05-04 13:19 . 2012-04-13 11:40 283304 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2012-05-04 13:18 . 2012-04-13 11:40 280904 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2012-05-03 02:55 . 2012-05-03 02:55 42392 ----a-w- c:\windows\SysWow64\xfcodec.dll
2012-05-03 02:55 . 2012-05-03 02:55 28056 ----a-w- c:\windows\system32\xfcodec64.dll
2012-04-13 12:01 . 2012-04-13 11:39 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2012-04-13 08:46 . 2012-04-23 19:15 8917360 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D0C5CFA7-3BCE-4DF4-8BF6-CB72E000D7FE}\mpengine.dll
2012-03-29 17:37 . 2012-03-11 21:30 466456 ----a-w- c:\windows\system32\wrap_oal.dll
2012-03-29 17:37 . 2012-03-11 21:30 444952 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2012-03-29 17:37 . 2012-03-11 21:30 122904 ----a-w- c:\windows\system32\OpenAL32.dll
2012-03-29 17:37 . 2012-03-11 21:30 109080 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2012-03-23 12:14 . 2012-03-23 12:14 1060864 ----a-w- c:\windows\SysWow64\mfc71.dll
2012-03-19 17:45 . 2012-03-19 17:39 2228 ----a-w- c:\windows\system32\ASOROSet.bin
2012-03-18 20:47 . 2012-03-18 20:47 419840 ----a-w- c:\windows\system32\systemcplx64.dll
2012-03-18 20:47 . 2012-03-18 20:47 13824 ----a-w- c:\windows\SysWow64\slwga.dll
2012-03-17 10:22 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2012-03-17 10:22 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2012-03-14 12:54 . 2012-05-02 23:58 571312 ----a-w- c:\windows\SysWow64\Codejock.SkinFramework.Unicode.v13.0.0.ocx
2012-03-14 12:54 . 2012-05-02 23:58 2262960 ----a-w- c:\windows\SysWow64\Codejock.CommandBars.v13.0.0.ocx
2012-03-13 19:53 . 2012-03-11 21:50 53248 ----a-r- c:\users\Shino\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2012-03-13 19:53 . 2012-03-11 21:49 18960 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
2012-03-12 02:17 . 2012-03-12 02:17 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2012-03-12 02:17 . 2012-03-12 02:17 161792 ----a-w- c:\windows\SysWow64\msls31.dll
2012-03-12 02:17 . 2012-03-12 02:17 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2012-03-12 02:17 . 2012-03-12 02:17 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2012-03-12 02:17 . 2012-03-12 02:17 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll
2012-03-12 02:17 . 2012-03-12 02:17 85504 ----a-w- c:\windows\system32\iesetup.dll
2012-03-12 02:17 . 2012-03-12 02:17 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2012-03-12 02:17 . 2012-03-12 02:17 76800 ----a-w- c:\windows\system32\tdc.ocx
2012-03-12 02:17 . 2012-03-12 02:17 74752 ----a-w- c:\windows\SysWow64\iesetup.dll
2012-03-12 02:17 . 2012-03-12 02:17 63488 ----a-w- c:\windows\SysWow64\tdc.ocx
2012-03-12 02:17 . 2012-03-12 02:17 603648 ----a-w- c:\windows\system32\vbscript.dll
2012-03-12 02:17 . 2012-03-12 02:17 49664 ----a-w- c:\windows\system32\imgutil.dll
2012-03-12 02:17 . 2012-03-12 02:17 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2012-03-12 02:17 . 2012-03-12 02:17 48640 ----a-w- c:\windows\system32\mshtmler.dll
2012-03-12 02:17 . 2012-03-12 02:17 448512 ----a-w- c:\windows\system32\html.iec
2012-03-12 02:17 . 2012-03-12 02:17 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2012-03-12 02:17 . 2012-03-12 02:17 367104 ----a-w- c:\windows\SysWow64\html.iec
2012-03-12 02:17 . 2012-03-12 02:17 35840 ----a-w- c:\windows\SysWow64\imgutil.dll
2012-03-12 02:17 . 2012-03-12 02:17 30720 ----a-w- c:\windows\system32\licmgr10.dll
2012-03-12 02:17 . 2012-03-12 02:17 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll
2012-03-12 02:17 . 2012-03-12 02:17 222208 ----a-w- c:\windows\system32\msls31.dll
2012-03-12 02:17 . 2012-03-12 02:17 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2012-03-12 02:17 . 2012-03-12 02:17 165888 ----a-w- c:\windows\system32\iexpress.exe
2012-03-12 02:17 . 2012-03-12 02:17 160256 ----a-w- c:\windows\system32\wextract.exe
2012-03-12 02:17 . 2012-03-12 02:17 152064 ----a-w- c:\windows\SysWow64\wextract.exe
2012-03-12 02:17 . 2012-03-12 02:17 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2012-03-12 02:17 . 2012-03-12 02:17 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2012-03-12 02:17 . 2012-03-12 02:17 135168 ----a-w- c:\windows\system32\IEAdvpack.dll
2012-03-12 02:17 . 2012-03-12 02:17 12288 ----a-w- c:\windows\system32\mshta.exe
2012-03-12 02:17 . 2012-03-12 02:17 11776 ----a-w- c:\windows\SysWow64\mshta.exe
2012-03-12 02:17 . 2012-03-12 02:17 114176 ----a-w- c:\windows\system32\admparse.dll
2012-03-12 02:17 . 2012-03-12 02:17 111616 ----a-w- c:\windows\system32\iesysprep.dll
2012-03-12 02:17 . 2012-03-12 02:17 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2012-03-12 02:17 . 2012-03-12 02:17 101888 ----a-w- c:\windows\SysWow64\admparse.dll
2012-03-11 23:22 . 2011-03-28 17:36 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2012-03-11 21:26 . 2012-03-11 21:26 16896 ----a-w- c:\windows\AsTaskSched.dll
.
.
(((((((((((((((((((((((((((((((((   Points de chargement Reg   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés  
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"IDMan"="d:\program files (x86)\Internet Download Manager\IDMan.exe" [2011-06-23 3380632]
"ISUSPM"="c:\programdata\FLEXnet\Connect\11\ISUSPM.exe" [2009-05-05 222496]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"WinampAgent"="d:\program files (x86)\Winamp\winampa.exe" [2011-12-09 74752]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-03-27 37296]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]
"avast"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2012-03-07 4241512]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"PCE Print Dispatcher"="c:\windows\system32\pcPDisp.exe" [2009-02-11 65536]
"PDFHook"="d:\program files (x86)\Nuance\PDF Professional 7\pdfpro7hook.exe" [2011-04-28 1770784]
"PDF7 Registry Controller"="d:\program files (x86)\Nuance\PDF Professional 7\RegistryController.exe" [2011-04-28 138528]
"Nuance PDF Converter Professional 7-reminder"="d:\program files (x86)\Nuance\PDF Professional 7\Ereg\Ereg.exe" [2011-04-21 333088]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ    kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R1 NetPeeker;NetPeeker;c:\windows\System32\Drivers\NetPeeker.sys [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Service Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-04-29 116648]
R2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;e:\program files (x86)\Hi-Rez Studios\HiPatchService.exe [2012-04-05 8704]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-05-03 158856]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-05 257696]
R3 androidusb;ADB Interface Driver;c:\windows\system32\Drivers\androidusb.sys [x]
R3 ATHDFU;Atheros Valkyrie USB BootROM;c:\windows\system32\Drivers\AthDfu.sys [x]
R3 gupdatem;Service Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-04-29 116648]
R3 IDMWFP;IDMWFP;c:\windows\system32\DRIVERS\idmwfp.sys [x]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-06-07 113120]
R3 NLNdisMP;NLNdisMP;c:\windows\system32\DRIVERS\nlndis.sys [x]
R3 NLNdisPT;NetLimiter Ndis Protocol Service;c:\windows\system32\DRIVERS\nlndis.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 hotcore3;hotcore3;c:\windows\SysWOW64\drivers\hotcore3.sys [2008-01-21 36368]
S1 aswKbd;aswKbd; [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe [2010-10-27 52896]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-02-10 2348352]
S2 PDFProFiltSrv;PDFProFiltSrv;d:\program files (x86)\Nuance\PDF Professional 7\PDFProFiltSrv.exe [2011-04-28 134432]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-02-09 382272]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys [x]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys [x]
S3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [x]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [x]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys [x]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys [x]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys [x]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys [x]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys [x]
S3 e1cexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver C;c:\windows\system32\DRIVERS\e1c62x64.sys [x]
S3 MEIx64;Intel(R) Management Engine Interface ;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]
S4 nltdi;nltdi;c:\program files\NetLimiter 3\nltdi.sys [x]
.
.
Contenu du dossier 'Tâches planifiées'
.
2012-06-07 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-16 04:55]
.
2012-06-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-04-29 14:33]
.
2012-06-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-04-29 14:33]
.
2012-06-07 c:\windows\Tasks\RegClean Pro_DEFAULT.job
- c:\program files (x86)\RegClean Pro\RegCleanPro.exe [2012-03-12 13:14]
.
2012-06-06 c:\windows\Tasks\RegClean Pro_UPDATES.job
- c:\program files (x86)\RegClean Pro\RegCleanPro.exe [2012-03-12 13:14]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-03-07 00:15 135408 ----a-w- c:\program files\Alwil Software\Avast5\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IDM Shell Extension]
@="{CDC95B92-E27C-4745-A8C5-64A52A78855D}"
[HKEY_CLASSES_ROOT\CLSID\{CDC95B92-E27C-4745-A8C5-64A52A78855D}]
2011-05-30 16:50 22408 ----a-w- d:\program files (x86)\Internet Download Manager\IDMShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CmPCIaudio"="c:\windows\Syswow64\CMICNFG3.dll" [2008-10-02 7700480]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Examen supplémentaire -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Ajouter le contenu des liens sélectionnés à un fichier PDF existant - d:\program files (x86)\Nuance\PDF Professional 7\Bin\ZeonIEFavClient.dll/ZeonIEAppendSelLinks.HTML
IE: Ajouter le contenu du lien à un fichier PDF existant - d:\program files (x86)\Nuance\PDF Professional 7\Bin\ZeonIEFavClient.dll/ZeonIEAppend.HTML
IE: Ajouter à un fichier PDF existant - d:\program files (x86)\Nuance\PDF Professional 7\Bin\ZeonIEFavClient.dll/ZeonIEAppend.HTML
IE: Créer des fichiers PDF à partir des liens sélectionnés - d:\program files (x86)\Nuance\PDF Professional 7\Bin\ZeonIEFavClient.dll/ZeonIECaptureSelLinks.HTML
IE: Créer un fichier PDF - d:\program files (x86)\Nuance\PDF Professional 7\Bin\ZeonIEFavClient.dll/ZeonIECapture.HTML
IE: Créer un fichier PDF depuis le contenu du lien - d:\program files (x86)\Nuance\PDF Professional 7\Bin\ZeonIEFavClient.dll/ZeonIECapture.HTML
IE: E&xporter vers Microsoft Excel - c:\progra~2\MICROS~4\Office12\EXCEL.EXE/3000
IE: Ouvrir avec Nuance PDF Converter 7 - d:\program files (x86)\Nuance\PDF Professional 7\cnvres_fre.dll /100
IE: Télécharger avec IDM - d:\program files (x86)\Internet Download Manager\IEExt.htm
IE: Télécharger tous les liens avec IDM - d:\program files (x86)\Internet Download Manager\IEGetAll.htm
TCP: DhcpNameServer = 208.67.222.222 41.221.20.4
FF - ProfilePath - c:\users\Shino\AppData\Roaming\Mozilla\Firefox\Profiles\tz13inhw.default\
.
- - - - ORPHELINS SUPPRIMES - - - -
.
Wow6432Node-HKLM-Run-NetPeeker - c:\program files (x86)\NetPeeker\NPGUI.exe
AddRemove-Battlelog Web Plugins - c:\program files (x86)\Battlelog Web Plugins\uninstall.exe
AddRemove-NetPeeker 3.10 - c:\program files (x86)\NetPeeker\uninstall.exe
.
.
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_USERS\S-1-5-21-3418422251-1881525583-2938252674-1000_Classes\Wow6432Node\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):3d,53,91,70,3a,d0,80,09,40,6f,cf,cc,19,d0,9b,a2,c8,34,3c,a5,86,
   53,54,3f,89,4b,28,33,2f,b5,76,c2,45,fd,87,7e,da,9f,68,6b,00,00,00,00,00,00,\
.
[HKEY_USERS\S-1-5-21-3418422251-1881525583-2938252674-1000_Classes\Wow6432Node\CLSID\{9cade6d1-eb2d-4715-bcc4-382e369ab0fd}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"Model"=dword:00000089
"Therad"=dword:0000000c
"MData"=hex(0):73,d5,cf,b8,a4,07,89,80,31,e4,35,6b,2a,ca,fe,43,b6,1f,81,1f,5a,
   1b,4d,36,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Heure de fin: 2012-06-07  23:07:37
ComboFix-quarantined-files.txt  2012-06-07 22:07
.
Avant-CF: 39 953 989 632 octets libres
Après-CF: 39 942 205 440 octets libres
.
- - End Of File - - 4A90FC63AAD9A49FD5F0CFF850C4A70C

Reply

Marsh Posté le 08-06-2012 à 00:28:10   

Reply

Sujets relatifs:

Leave a Replay

Make sure you enter the(*)required information where indicate.HTML code is not allowed