Sujet Précédent Sujet Suivant

PC vraiment très lent

TRENDY54 Messages postés 2 Statut Membre -  
plopus Messages postés 6113 Statut Contributeur sécurité -
Bonjour,
depuis l'installation d'un disque dur externe USB mon PC est lamentablement très lent. On me conseille de
poster un hijackthis que vous, les spécialistes peuvent analyser. Je vous remercie de ce que vous pourrez en "sortir" et ce que je peux améliorer pour utiliser mon PC.
Je consulte souvent vos forums qui sont très instructifs.
Merci de votre aide
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 07:38:46, on 02/08/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\WINDOWS\system32\dllhost.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\Program Files\Winsudate\gibsvc.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe
C:\Program Files\Fichiers communs\Goto Software\Vaderetro_Mgr.exe
C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\ALCWZRD.EXE
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre6\JAVA MAJ\bin\jusched.exe
C:\Program Files\Logitech\Logitech Vid\vid.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Fichiers communs\Logishrd\KHAL2\KHALMNPR.EXE
C:\Program Files\OrangeHSS\Launcher\Launcher.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\OrangeHSS\connectivity\connectivitymanager.exe
C:\Program Files\OrangeHSS\systray\systrayapp.exe
C:\Program Files\OrangeHSS\Deskboard\deskboard.exe
C:\Program Files\OrangeHSS\connectivity\CoreCom\CoreCom.exe
C:\Program Files\OrangeHSS\connectivity\CoreCom\OraConfigRecover.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe
C:\Program Files\eBay\eBay Toolbar2\eBayTBDaemon.exe
C:\Program Files\Registry Mechanic\RegMech.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\SearchFilterHost.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.orange.fr/portail?kw=
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.orange.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (file missing)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: eBay Toolbar Helper - {22D8E815-4A5E-4DFB-845E-AAB64207F5BD} - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\2.6\coIEPlg.dll
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file)
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\FICHIE~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: BHO Barre de Confiance - {988B07F5-7392-455A-8A1F-64935CB8B6ED} - C:\Program Files\BarreConfCMCIC\TAPBar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\JAVA MAJ\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: eBay Toolbar - {92085AD4-F48A-450D-BD93-B28CC7DF67CE} - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll
O3 - Toolbar: (no name) - {9839B3B7-3F99-4498-884D-6CFCCD251AB1} - (no file)
O3 - Toolbar: Barre de confiance - {55BDF3B0-C0A8-481A-B8A6-01CD2BE0F3FD} - C:\Program Files\BarreConfCMCIC\TAPBar.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\2.6\CoIEPlg.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [Google Quick Search Box] "C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun
O4 - HKLM\..\Run: [VadeRetro Outlook] C:\Program Files\Goto Software\Vade Retro\VrMoRegister.exe -s
O4 - HKLM\..\Run: [VRManager] C:\Program Files\Fichiers communs\Goto Software\Vaderetro_Mgr.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\JAVA MAJ\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Logitech Vid] "C:\Program Files\Logitech\Logitech Vid\vid.exe" -bootmode
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Recherche sur eBay - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O9 - Extra button: (no name) - AutorunsDisabled - (no file)
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra button: Sélection intelligente HP - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O15 - Trusted Zone: http://pfttbc.ft.motive.com
O15 - Trusted Zone: [http://]*.orange.fr
O15 - Trusted Zone: http://rw.search.ke.voila.fr
O15 - Trusted Zone: http://orange.weborama.fr
O16 - DPF: {09C21411-B9A2-4DE6-8416-4E3B58577BE0} (France Telecom MDM ActiveX Control) - http://minitelweb.minitel.com/imin_data/ocx/MDM.cab
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {1FF43AD5-2262-4C2F-81D4-26D710C3F305} (VB2S Mannequin Virtuel Control) - http://mannequin.redoute.fr/activex/Mannequin.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {34F12AFD-E9B5-492A-85D2-40FA4535BE83} (AxProdInfoCtl Class) - https://support.norton.com/sp/en/us/home/current/info
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://www.ma-config.com/activex/MaConfig_3_5_1_0.cab
O16 - DPF: {9DF1C00D-8426-4337-972C-DC042D19A916} (FTMediaPlayer Class) - http://webtv.guidetv.orange.fr/resources/OCS_8884.cab
O16 - DPF: {A9F8D9EC-3D0A-4A60-BD82-FBD64BAD370D} (DDRevision Class) - http://h20264.www2.hp.com/ediags/dd/install/HPDriverDiagnosticsxp2k.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} (CRLDownloadWrapper Class) - http://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - https://driveragent.com/files/driveragent.cab
O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} (PCPitstop Exam) - http://utilities.pcpitstop.com/optimize2/pcpitstop2.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Planificateur LiveUpdate automatique (Automatic LiveUpdate Scheduler) - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\VAScanner\comHost.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Fichiers communs\Logitech\Bluetooth\LBTServ.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Fichiers communs\Motive\McciCMService.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\FICHIE~1\SYMANT~1\CCPD-LC\symlcsvc.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe
O23 - Service: Gestionnaire de mise à jour Winsudate (WinSvc) - Winsudate - C:\Program Files\Winsudate\gibsvc.exe
A voir également:

6 réponses

Réponse 1 / 6
plopus Messages postés 6113 Statut Contributeur sécurité 293
 
Salut

tu es infecté par winsudate....

poste un RSIT pour voir + de detail :

* Télécharge Random's system information tool (RSIT) et enregistre le sur ton bureau.
http://images.malwareremoval.com/random/RSIT.exe
* Double clique sur RSIT.exe pour lancer l'outil.
* Clique sur ' continue ' à l'écran Disclaimer.
* Si l'outil HIjackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera et tu devras accepter la licence.
* Une fois le scan fini , 2 rapports vont apparaitre. Poste le contenu des 2 rapports.

( C:\RSIT\log.txt & C:\RSIT\info.txt )

(CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )
0
Réponse 2 / 6
TRENDY54 Messages postés 2 Statut Membre
 
Rebonjour

merci PLOPUS pour ta réponse rapide - donc voici le bloc note du RSIT
Logfile of random's system information tool 1.06 (written by random/random)
Run by ROUSSEAU at 2009-08-02 16:12:00
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 110 GB (72%) free of 153 GB
Total RAM: 511 MB (14% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:13:43, on 02/08/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\WINDOWS\system32\dllhost.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\Program Files\Winsudate\gibsvc.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe
C:\Program Files\Fichiers communs\Goto Software\Vaderetro_Mgr.exe
C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\ALCWZRD.EXE
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre6\JAVA MAJ\bin\jusched.exe
C:\Program Files\Logitech\Logitech Vid\vid.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Fichiers communs\Logishrd\KHAL2\KHALMNPR.EXE
C:\Program Files\OrangeHSS\Launcher\Launcher.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\OrangeHSS\connectivity\connectivitymanager.exe
C:\Program Files\OrangeHSS\systray\systrayapp.exe
C:\Program Files\OrangeHSS\Deskboard\deskboard.exe
C:\Program Files\OrangeHSS\connectivity\CoreCom\CoreCom.exe
C:\Program Files\OrangeHSS\connectivity\CoreCom\OraConfigRecover.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe
C:\Program Files\eBay\eBay Toolbar2\eBayTBDaemon.exe
C:\Program Files\Registry Mechanic\RegMech.exe
C:\Program Files\Orange\LiveAssistant.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\ALCWZRD.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\PROGRA~1\FICHIE~1\SYMANT~1\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Documents and Settings\ROUSSEAU\Bureau\RSIT.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Trend Micro\HijackThis\ROUSSEAU.exe
C:\WINDOWS\system32\SearchFilterHost.exe
C:\WINDOWS\system32\SearchProtocolHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.orange.fr/portail?kw=
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.orange.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (file missing)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: eBay Toolbar Helper - {22D8E815-4A5E-4DFB-845E-AAB64207F5BD} - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\2.6\coIEPlg.dll
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file)
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\FICHIE~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: BHO Barre de Confiance - {988B07F5-7392-455A-8A1F-64935CB8B6ED} - C:\Program Files\BarreConfCMCIC\TAPBar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\JAVA MAJ\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: eBay Toolbar - {92085AD4-F48A-450D-BD93-B28CC7DF67CE} - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll
O3 - Toolbar: (no name) - {9839B3B7-3F99-4498-884D-6CFCCD251AB1} - (no file)
O3 - Toolbar: Barre de confiance - {55BDF3B0-C0A8-481A-B8A6-01CD2BE0F3FD} - C:\Program Files\BarreConfCMCIC\TAPBar.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\2.6\CoIEPlg.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [Google Quick Search Box] "C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun
O4 - HKLM\..\Run: [VadeRetro Outlook] C:\Program Files\Goto Software\Vade Retro\VrMoRegister.exe -s
O4 - HKLM\..\Run: [VRManager] C:\Program Files\Fichiers communs\Goto Software\Vaderetro_Mgr.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\JAVA MAJ\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Logitech Vid] "C:\Program Files\Logitech\Logitech Vid\vid.exe" -bootmode
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Recherche sur eBay - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O9 - Extra button: (no name) - AutorunsDisabled - (no file)
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra button: Sélection intelligente HP - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O15 - Trusted Zone: http://pfttbc.ft.motive.com
O15 - Trusted Zone: http://*.orange.fr
O15 - Trusted Zone: http://rw.search.ke.voila.fr
O15 - Trusted Zone: http://orange.weborama.fr
O16 - DPF: {09C21411-B9A2-4DE6-8416-4E3B58577BE0} (France Telecom MDM ActiveX Control) - http://minitelweb.minitel.com/imin_data/ocx/MDM.cab
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {1FF43AD5-2262-4C2F-81D4-26D710C3F305} (VB2S Mannequin Virtuel Control) - http://mannequin.redoute.fr/activex/Mannequin.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {34F12AFD-E9B5-492A-85D2-40FA4535BE83} (AxProdInfoCtl Class) - https://support.norton.com/sp/en/us/home/current/info
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://www.ma-config.com/activex/MaConfig_3_5_1_0.cab
O16 - DPF: {9DF1C00D-8426-4337-972C-DC042D19A916} (FTMediaPlayer Class) - http://webtv.guidetv.orange.fr/resources/OCS_8884.cab
O16 - DPF: {A9F8D9EC-3D0A-4A60-BD82-FBD64BAD370D} (DDRevision Class) - http://h20264.www2.hp.com/ediags/dd/install/HPDriverDiagnosticsxp2k.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} (CRLDownloadWrapper Class) - http://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - https://driveragent.com/files/driveragent.cab
O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} (PCPitstop Exam) - http://utilities.pcpitstop.com/optimize2/pcpitstop2.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Planificateur LiveUpdate automatique (Automatic LiveUpdate Scheduler) - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\VAScanner\comHost.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Fichiers communs\Logitech\Bluetooth\LBTServ.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Fichiers communs\Motive\McciCMService.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\FICHIE~1\SYMANT~1\CCPD-LC\symlcsvc.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe
O23 - Service: Gestionnaire de mise à jour Winsudate (WinSvc) - Winsudate - C:\Program Files\Winsudate\gibsvc.exe
0
Réponse 3 / 6
plopus Messages postés 6113 Statut Contributeur sécurité 293
 
re

si tu dit que cela vient deuis l'installation d'un DD externe fait ceci :

* Telecharge UsbFix de C_XX & Chiquitine29
http://sd-1.archive-host.com/membres/up/127028005715545653/UsbFix.exe

* Lance l installation avec les parametres par default
* Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) suceptible d'avoir été infectés sans les ouvrir
* Double clic sur le raccourci UsbFix sur ton bureau
* Choisi l'option 1 (recherche)
* Laisse travailler l'outil
* Ensuite post le rapport UsbFix.txt qui apparaîtra
* Note : le rapport UsbFix.txt est sauvegardé a la racine du disque

* Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus

puis

clic ici et fait ce qui est dit et poste le rapport http://www.cijoint.fr/cj200908/cijzmZ2QAY.txt

puis

Fait un scan en ligne ici avec internet explorer et poste le rapport en entier avec les lignes :
http://www.bitdefender.fr/scan_fr/scan8/ie.html?affil=3540

puis

* Télécharge Malwarebytes
https://www.commentcamarche.net/telecharger/securite/14361-malwarebytes-anti-malware/
* Fais la mise à jour du logiciel (elle se fait normalement à l'installation)
* Lance une analyse complète en cliquant sur "Exécuter un examen complet"
* Sélectionnes les disques que tu veux analyser et cliques sur "Lancer l'examen"
* L'analyse peut durer un bon moment.....
* Une fois l'analyse terminée, cliques sur "OK" puis sur "Afficher les résultats"
* Vérifies que tout est bien coché et cliques sur "Supprimer la sélection" => et ensuite sur "OK"
* Un rapport va s'ouvrir dans le bloc note... Fais un copié/collé du rapport dans ta prochaine réponse sur le forum

* Il se pourrait que certains fichiers devront être supprimés au redémarrage du PC... Faites le en cliquant sur "oui" à la question posée
0
TRENDY54
 
merci pour ton aide
donc voici la suite : rapports OTM

All processes killed
Error: Unable to interpret <processes> in the current context!
Error: Unable to interpret <explorer.exe> in the current context!
Error: Unable to interpret <TeaTimer.exe> in the current context!
========== SERVICES/DRIVERS ==========

Service\Driver WinSvc deleted successfully.
========== FILES ==========
C:\Program Files\Winsudate\gibsvc.exe moved successfully.
C:\Program Files\Winsudate moved successfully.
C:\Program Files\Winletmin moved successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64F56FC1-1272-44CD-BA6E-39723696E350}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{64F56FC1-1272-44CD-BA6E-39723696E350}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSvc\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{9839B3B7-3F99-4498-884D-6CFCCD251AB1} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9839B3B7-3F99-4498-884D-6CFCCD251AB1}\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EoEngine\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EoWeather\ deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32768 bytes

User: LocalService
->Temp folder emptied: 65984 bytes
->Temporary Internet Files folder emptied: 1057083 bytes

User: LocalService.AUTORITE NT
->Temp folder emptied: 0 bytes
File delete failed. C:\Documents and Settings\LocalService.AUTORITE NT\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
->Temporary Internet Files folder emptied: 4815449 bytes

User: NetworkService
->Temp folder emptied: 183472 bytes
File delete failed. C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
->Temporary Internet Files folder emptied: 5462855 bytes

User: ROUSSEAU
->Temp folder emptied: 8934584 bytes
->Temporary Internet Files folder emptied: 49015575 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 2473322 bytes
->Google Chrome cache emptied: 249715 bytes

User: TEMP

%systemdrive% .tmp files removed: 0 bytes
C:\WINDOWS\msdownld.tmp folder deleted successfully.
%systemroot% .tmp files removed: 39097 bytes
%systemroot%\System32 .tmp files removed: 8437760 bytes
File delete failed. C:\WINDOWS\temp\JETBFA6.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_5dc.dat scheduled to be deleted on reboot.
Windows Temp folder emptied: 254920 bytes
RecycleBin emptied: 28402542 bytes

Total Files Cleaned = 104,36 mb


OTM by OldTimer - Version 3.0.0.5 log created on 08022009_185531

Files moved on Reboot...
File C:\WINDOWS\temp\JETBFA6.tmp not found!
File C:\WINDOWS\temp\Perflib_Perfdata_5dc.dat not found!

Registry entries deleted on Reboot...

je continue tes instructions du message de 16h47 (bitdefender et malwarebytes) c'est fatidueux pour mois
mais je m'applique .... merci beaucoup
0
Réponse 4 / 6
plopus Messages postés 6113 Statut Contributeur sécurité 293
 
salut

fait USBfix avant, relis le message
0
TRENDY54
 
encore merci PLOPUS voici le rapport USBFIX

############################## | UsbFix V6.012 |

User : ROUSSEAU (Administrateurs) # ROUSSEAU
Update on 01/08/09 by Chiquitine29 & C_XX
Start at: 22:39:35 | 02/08/2009
Website : http://pagesperso-orange.fr/NosTools/index.html

Intel(R) Pentium(R) 4 CPU 2.93GHz
Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 3
Internet Explorer 8.0.6001.18702
Windows Firewall Status : Enabled
AV : Norton 360 2007 [ Enabled | Updated ]
FW : Norton 360[ Enabled ]2007

C:\ -> Disque fixe local # 149,04 Go (107,09 Go free) [HDD] # NTFS
D:\ -> Disque CD-ROM
E:\ -> Disque CD-ROM
F:\ -> Disque amovible # 121,28 Mo (116,75 Mo free) # FAT
G:\ -> Disque amovible
H:\ -> Disque amovible
I:\ -> Disque amovible
J:\ -> Disque amovible
K:\ -> Disque amovible
L:\ -> Disque fixe local # 465,76 Go (427,64 Go free) [DIVERS ET JEUX] # NTFS

############################## | Processus actifs |

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\WINDOWS\system32\dllhost.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe
C:\Program Files\Fichiers communs\Goto Software\Vaderetro_Mgr.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\ALCWZRD.EXE
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre6\JAVA MAJ\bin\jusched.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\Program Files\Logitech\Logitech Vid\vid.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Fichiers communs\Logishrd\KHAL2\KHALMNPR.EXE
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\PROGRA~1\FICHIE~1\SYMANT~1\CCPD-LC\symlcsvc.exe
C:\Program Files\OrangeHSS\Launcher\Launcher.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
C:\Program Files\OrangeHSS\connectivity\connectivitymanager.exe
C:\Program Files\OrangeHSS\systray\systrayapp.exe
C:\Program Files\OrangeHSS\Deskboard\deskboard.exe
C:\Program Files\OrangeHSS\connectivity\CoreCom\CoreCom.exe
C:\Program Files\OrangeHSS\connectivity\CoreCom\OraConfigRecover.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\eBay\eBay Toolbar2\eBayTBDaemon.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\SearchFilterHost.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

################## | Fichiers # Dossiers infectieux |


################## | Other |

Suspect ! C:\DFH\DFH.EXE
Suspect ! L:\VLC\vlc.exe

################## | Registre # Clés Run infectieuses |

Présent ! HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\taskmgr.exe

################## | Registre # Mountpoints2 |

HKCU\..\..\Explorer\MountPoints2\{eb934fac-18e6-11db-aee8-00032f4a1eb7}
Shell\AutoRun\command =F:\InstallTomTomHOME.exe

################## | Cracks / Keygens / Serials |


################## | ! Fin du rapport # UsbFix V6.012 ! |
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 6
plopus Messages postés 6113 Statut Contributeur sécurité 293
 
salut

* Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) susceptible d'avoir été infectés sans les ouvrir
* Double clic sur le raccourci UsbFix présent sur ton bureau
* choisi l'option 2 ( Suppression )
* Ton bureau disparaîtra et le pc redémarrera .
* Au redémarrage , UsbFix scannera ton pc , laisse travailler l'outil.
* Ensuite post le rapport UsbFix.txt qui apparaîtra avec le bureau .
* Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque.( C:\UsbFix.txt )

( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )

et ensuite tu continue la procedure avec le scan en ligne et malwarebyte

P.S : pour malwarebyte tu peux faire un scan rapide sa mettra 20min pas + ;)
0
TRENDY54
 
Bonsoir PLOPUS

encore un nouveau post comme préconisé mais mon PC c'est encore pire qu'avant
. J'ai bien appliqué tous vos conseils et suivi fidèlement toutes vos directives.
je commence à être inquiète. Mais merci quand même.

############################## | UsbFix V6.012 |

User : ROUSSEAU (Administrateurs) # ROUSSEAU
Update on 01/08/09 by Chiquitine29 & C_XX
Start at: 20:24:34 | 03/08/2009
Website : http://pagesperso-orange.fr/NosTools/index.html

Intel(R) Pentium(R) 4 CPU 2.93GHz
Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 3
Internet Explorer 8.0.6001.18702
Windows Firewall Status : Enabled
AV : Norton 360 2007 [ Enabled | Updated ]
FW : Norton 360[ Enabled ]2007

C:\ -> Disque fixe local # 149,04 Go (106,18 Go free) [HDD] # NTFS
D:\ -> Disque CD-ROM
E:\ -> Disque CD-ROM
F:\ -> Disque amovible # 121,28 Mo (116,75 Mo free) # FAT
G:\ -> Disque amovible
H:\ -> Disque amovible
I:\ -> Disque amovible
J:\ -> Disque amovible
L:\ -> Disque fixe local # 465,76 Go (427,64 Go free) [DIVERS ET JEUX] # NTFS

############################## | Processus actifs |

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\WINDOWS\system32\dllhost.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\imapi.exe
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\SearchFilterHost.exe

################## | Fichiers # Dossiers infectieux |


################## | Registre # Clés Run infectieuses |

Supprimé ! HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\taskmgr.exe

################## | Registre # Mountpoints2 |

Supprimé ! HKCU\...\Explorer\MountPoints2\{eb934fac-18e6-11db-aee8-00032f4a1eb7}\Shell\AutoRun\Command

################## | Listing des fichiers présent |

[03/08/2009 20:21|--a------|15900] -> C:\aaw7boot.log
[06/12/2008 08:49|--a------|1829] -> C:\AutoSetup.log
[12/07/2006 22:32|-rahs----|215] -> C:\BOOT.BAK
[27/07/2009 21:03|--ahs----|308] -> C:\BOOT.INI
[05/08/2004 14:00|-rahs----|4952] -> C:\Bootfont.bin
[05/08/2004 14:00|-rahs----|263488] -> C:\cmldr
[05/09/2008 09:45|--a------|2232] -> C:\drmHeader.bin
[12/07/2006 22:24|--a------|5580] -> C:\DWNLOG.TXT
[12/07/2009 18:04|--a------|0] -> C:\FileIn.Cns
[12/07/2009 18:04|--a------|0] -> C:\FileOut.Cns
[07/12/2008 00:03|--a------|1752] -> C:\FRAGLIST.HTM
[06/12/2008 10:13|--a------|115] -> C:\FtpCmd.txt
[18/07/2006 08:38|-rahs----|0] -> C:\IO.SYS
[08/05/2009 06:48|--a------|13763] -> C:\JavaRa.log
[06/03/2008 22:55|--a------|5152] -> C:\lvcoinst.log
[12/07/2006 22:24|--a------|5580] -> C:\MCDLOG.TXT
[23/01/2007 06:42|-ra------|6641614] -> C:\money2 Sauvegarde 0.mbf
[23/01/2007 07:54|-ra------|6998053] -> C:\money2 Sauvegarde 1.mbf
[28/01/2007 08:59|-ra------|7018543] -> C:\money2 Sauvegarde 2.mbf
[19/09/2007 22:50|-ra------|7182423] -> C:\money2 Sauvegarde 3.mbf
[06/10/2007 16:18|-ra------|7219295] -> C:\money2 Sauvegarde 4.mbf
[07/03/2008 07:33|-ra------|7575733] -> C:\money2 Sauvegarde 5.mbf
[07/03/2008 07:35|-ra------|7551150] -> C:\money2 Sauvegarde 6.mbf
[04/07/2008 15:53|-ra------|8132926] -> C:\money2 Sauvegarde 7.mbf
[02/08/2009 12:05|--a------|8884224] -> C:\money2.mny
[18/07/2006 08:38|-rahs----|0] -> C:\MSDOS.SYS
[05/08/2004 14:00|-rahs----|47564] -> C:\NTDETECT.COM
[13/05/2008 06:47|-rahs----|252240] -> C:\ntldr
[?|?|?] -> C:\pagefile.sys
[20/05/2008 06:47|--ah-----|232] -> C:\sqmdata00.sqm
[05/09/2008 14:37|--ah-----|232] -> C:\sqmdata01.sqm
[17/09/2008 20:16|--ah-----|232] -> C:\sqmdata02.sqm
[18/09/2008 07:33|--ah-----|232] -> C:\sqmdata03.sqm
[18/09/2008 10:06|--ah-----|232] -> C:\sqmdata04.sqm
[24/09/2008 05:54|--ah-----|232] -> C:\sqmdata05.sqm
[16/10/2008 20:25|--ah-----|232] -> C:\sqmdata06.sqm
[01/01/2009 08:50|--ah-----|232] -> C:\sqmdata07.sqm
[01/01/2009 20:40|--ah-----|232] -> C:\sqmdata08.sqm
[07/01/2009 06:49|--ah-----|232] -> C:\sqmdata09.sqm
[21/01/2009 21:55|--ah-----|232] -> C:\sqmdata10.sqm
[25/01/2009 19:18|--ah-----|232] -> C:\sqmdata11.sqm
[08/03/2009 23:35|--ah-----|268] -> C:\sqmdata12.sqm
[20/05/2008 06:47|--ah-----|244] -> C:\sqmnoopt00.sqm
[05/09/2008 14:37|--ah-----|244] -> C:\sqmnoopt01.sqm
[17/09/2008 20:16|--ah-----|244] -> C:\sqmnoopt02.sqm
[18/09/2008 07:33|--ah-----|244] -> C:\sqmnoopt03.sqm
[18/09/2008 10:06|--ah-----|244] -> C:\sqmnoopt04.sqm
[24/09/2008 05:54|--ah-----|244] -> C:\sqmnoopt05.sqm
[16/10/2008 20:25|--ah-----|244] -> C:\sqmnoopt06.sqm
[01/01/2009 08:50|--ah-----|244] -> C:\sqmnoopt07.sqm
[01/01/2009 20:40|--ah-----|244] -> C:\sqmnoopt08.sqm
[07/01/2009 06:49|--ah-----|244] -> C:\sqmnoopt09.sqm
[21/01/2009 21:55|--ah-----|244] -> C:\sqmnoopt10.sqm
[25/01/2009 19:18|--ah-----|244] -> C:\sqmnoopt11.sqm
[08/03/2009 23:35|--ah-----|244] -> C:\sqmnoopt12.sqm
[06/04/2009 06:19|--a------|594] -> C:\updatedatfix.log
[12/07/2006 22:24|--a------|0] -> C:\UPDFLOP.TAG
[03/08/2009 20:34|--a------|6249] -> C:\UsbFix.txt
[08/07/2007 14:35|--a------|0] -> F:\rw15.tmp
[09/07/2007 12:16|--a------|0] -> F:\rw16.tmp
[09/07/2007 18:05|--a------|36] -> F:\ttgo.bif
[09/07/2007 18:06|--a------|132566] -> F:\connect2internet.db
[09/07/2007 18:06|--a------|58] -> F:\connect2internetdb.ver
[09/07/2007 18:06|--a------|277376] -> F:\connect2internet.so
[09/07/2007 18:09|--a------|32] -> F:\ttdesk.ver
[15/07/2007 07:54|--a------|0] -> F:\rw17.tmp
[21/07/2007 17:44|--a------|0] -> F:\rw18.tmp
[28/07/2007 16:57|--a------|0] -> F:\rw19.tmp
[04/08/2007 18:37|--a------|0] -> F:\rw1A.tmp
[11/08/2007 06:44|--a------|0] -> F:\rw1B.tmp
[11/08/2007 18:20|--a------|0] -> F:\rw1C.tmp
[18/08/2007 11:38|--a------|0] -> F:\rw1D.tmp
[26/08/2007 08:52|--a------|0] -> F:\rw1E.tmp
[01/09/2007 11:42|--a------|0] -> F:\rw1F.tmp
[09/09/2007 09:12|--a------|0] -> F:\rw20.tmp
[15/09/2007 18:19|--a------|0] -> F:\rw21.tmp
[22/09/2007 18:03|--a------|0] -> F:\rw22.tmp
[07/10/2007 07:28|--a------|0] -> F:\rw23.tmp
[07/10/2007 07:31|--a------|0] -> F:\rw24.tmp
[21/10/2007 17:47|--a------|0] -> F:\rw25.tmp
[28/10/2007 11:09|--a------|0] -> F:\rw26.tmp
[03/11/2007 10:57|--a------|0] -> F:\rw27.tmp
[04/11/2007 09:04|--a------|0] -> F:\rw28.tmp
[11/11/2007 10:39|--a------|0] -> F:\rw29.tmp
[11/11/2007 19:05|--a------|0] -> F:\rw2A.tmp
[16/11/2007 06:36|--a------|0] -> F:\rw2B.tmp
[17/11/2007 19:25|--a------|0] -> F:\rw2C.tmp
[24/11/2007 08:36|--a------|0] -> F:\rw2D.tmp
[09/12/2007 11:44|--a------|0] -> F:\rw2E.tmp
[16/12/2007 19:15|--a------|0] -> F:\rw2F.tmp
[22/12/2007 07:07|--a------|0] -> F:\rw30.tmp
[26/12/2007 08:34|--a------|0] -> F:\rw31.tmp
[02/01/2008 10:19|--a------|0] -> F:\rw32.tmp
[02/01/2008 19:17|--a------|0] -> F:\rw33.tmp
[03/01/2008 09:59|--a------|0] -> F:\rw34.tmp
[06/01/2008 11:49|--a------|0] -> F:\rw35.tmp
[13/01/2008 10:57|--a------|0] -> F:\rw36.tmp
[20/01/2008 10:51|--a------|0] -> F:\rw37.tmp
[26/01/2008 19:33|--a------|0] -> F:\rw38.tmp
[02/02/2008 19:51|--a------|0] -> F:\rw39.tmp
[04/02/2008 07:57|--a------|0] -> F:\rw3A.tmp
[04/02/2008 08:02|--a------|0] -> F:\rw3B.tmp
[09/02/2008 16:28|--a------|0] -> F:\rw3C.tmp
[16/02/2008 17:57|--a------|0] -> F:\rw3D.tmp
[24/02/2008 17:44|--a------|0] -> F:\rw3E.tmp
[01/03/2008 10:49|--a------|0] -> F:\rw3F.tmp
[05/03/2008 19:56|--a------|0] -> F:\rw40.tmp
[07/03/2008 06:36|--a------|0] -> F:\rw41.tmp
[08/03/2008 09:17|--a------|0] -> F:\rw42.tmp
[08/03/2008 18:53|--a------|0] -> F:\rw43.tmp
[16/03/2008 10:24|--a------|0] -> F:\rw44.tmp
[24/03/2008 19:19|--a------|0] -> F:\rw45.tmp
[29/03/2008 10:04|--a------|0] -> F:\rw46.tmp
[30/03/2008 07:44|--a------|296] -> F:\WMPInfo.xml
[05/04/2008 19:53|--a------|0] -> F:\rw47.tmp
[12/04/2008 09:20|--a------|0] -> F:\rw48.tmp
[19/04/2008 17:40|--a------|0] -> F:\rw49.tmp
[26/04/2008 09:31|--a------|0] -> F:\rw4A.tmp
[01/05/2008 13:48|--a------|0] -> F:\rw4B.tmp
[02/05/2008 08:57|--a------|0] -> F:\rw4C.tmp
[03/05/2008 09:11|--a------|0] -> F:\rw4D.tmp
[05/05/2008 07:42|--a------|0] -> F:\rw4E.tmp
[10/05/2008 10:25|--a------|0] -> F:\rw4F.tmp
[11/05/2008 10:35|--a------|0] -> F:\rw50.tmp
[17/05/2008 08:34|--a------|0] -> F:\rw51.tmp
[24/05/2008 18:26|--a------|0] -> F:\rw52.tmp
[31/05/2008 09:55|--a------|0] -> F:\rw53.tmp
[07/06/2008 18:01|--a------|0] -> F:\rw54.tmp
[14/06/2008 10:41|--a------|0] -> F:\rw55.tmp
[21/06/2008 17:35|--a------|0] -> F:\rw56.tmp
[28/06/2008 16:40|--a------|0] -> F:\rw57.tmp
[01/07/2008 10:30|--a------|0] -> F:\rw58.tmp
[02/07/2008 15:06|--a------|0] -> F:\rw59.tmp
[04/07/2008 15:53|--a------|0] -> F:\rw5A.tmp
[07/07/2008 19:23|--a------|0] -> F:\rw5B.tmp
[12/07/2008 14:45|--a------|0] -> F:\rw5C.tmp
[12/07/2008 19:32|--a------|0] -> F:\rw5D.tmp
[14/07/2008 06:50|--a------|0] -> F:\rw5E.tmp
[20/07/2008 07:58|--a------|0] -> F:\rw5F.tmp
[20/07/2008 18:38|--a------|0] -> F:\rw60.tmp
[26/07/2008 11:47|--a------|0] -> F:\rw61.tmp
[02/08/2008 12:08|--a------|0] -> F:\rw62.tmp
[04/08/2008 06:32|--a------|0] -> F:\rw63.tmp
[09/08/2008 06:39|--a------|0] -> F:\rw64.tmp
[09/08/2008 21:38|--a------|0] -> F:\rw65.tmp
[13/08/2008 18:05|--a------|0] -> F:\rw66.tmp
[24/08/2008 08:44|--a------|0] -> F:\rw67.tmp
[31/08/2008 10:20|--a------|0] -> F:\rw68.tmp
[06/09/2008 18:53|--a------|0] -> F:\rw69.tmp
[14/09/2008 10:08|--a------|0] -> F:\rw6A.tmp
[28/09/2008 11:29|--a------|0] -> F:\rw6B.tmp
[04/10/2008 10:49|--a------|0] -> F:\rw6C.tmp
[05/10/2008 17:29|--a------|0] -> F:\rw6D.tmp
[11/10/2008 17:29|--a------|0] -> F:\rw6E.tmp
[18/10/2008 18:20|--a------|0] -> F:\rw6F.tmp
[25/10/2008 18:15|--a------|0] -> F:\rw70.tmp
[02/11/2008 11:02|--a------|0] -> F:\rw71.tmp
[08/11/2008 11:21|--a------|0] -> F:\rw72.tmp
[15/11/2008 11:24|--a------|0] -> F:\rw73.tmp
[13/07/2006 04:38|--a------|987] -> F:\Microsoft Money.lnk
[22/11/2008 18:54|--a------|0] -> F:\rw74.tmp
[29/11/2008 17:50|--a------|0] -> F:\rw75.tmp
[07/12/2008 08:48|--a------|0] -> F:\rw76.tmp
[11/12/2008 10:37|--a------|0] -> F:\rw77.tmp
[15/12/2008 11:24|--a------|0] -> F:\rw78.tmp
[19/12/2008 18:58|--a------|0] -> F:\rw79.tmp
[23/12/2008 10:17|--a------|0] -> F:\rw7A.tmp
[25/12/2008 09:14|--a------|0] -> F:\rw7B.tmp
[31/12/2008 18:34|--a------|0] -> F:\rw7C.tmp
[02/01/2009 09:34|--a------|0] -> F:\rw7D.tmp
[02/01/2009 18:38|--a------|0] -> F:\rw7E.tmp
[03/01/2009 11:19|--a------|0] -> F:\rw7F.tmp
[05/01/2009 07:31|--a------|0] -> F:\rw80.tmp
[05/01/2009 14:37|--a------|0] -> F:\rw81.tmp
[06/01/2009 08:23|--a------|0] -> F:\rw82.tmp
[07/01/2009 09:07|--a------|0] -> F:\rw83.tmp
[09/01/2009 13:54|--a------|0] -> F:\rw84.tmp
[12/01/2009 10:44|--a------|0] -> F:\rw85.tmp
[13/01/2009 07:57|--a------|0] -> F:\rw86.tmp
[14/01/2009 06:37|--a------|0] -> F:\rw87.tmp
[14/01/2009 07:06|--a------|0] -> F:\rw88.tmp
[15/01/2009 18:24|--a------|0] -> F:\rw89.tmp
[17/01/2009 09:11|--a------|0] -> F:\rw8A.tmp
[19/01/2009 09:07|--a------|0] -> F:\rw8B.tmp
[19/01/2009 18:12|--a------|0] -> F:\rw8C.tmp
[23/01/2009 08:07|--a------|0] -> F:\rw8D.tmp
[24/01/2009 09:28|--a------|0] -> F:\rw8E.tmp
[29/11/2008 18:49|--a------|18432] -> F:\HUISSIERS.xlr
[25/01/2009 18:39|--a------|0] -> F:\rw8F.tmp
[26/01/2009 08:20|--a------|0] -> F:\rw90.tmp
[27/01/2009 08:37|--a------|0] -> F:\rw91.tmp
[29/01/2009 08:25|--a------|0] -> F:\rw92.tmp
[29/01/2009 09:53|--a------|0] -> F:\rw93.tmp
[30/01/2009 09:34|--a------|0] -> F:\rw94.tmp
[07/02/2009 09:20|--a------|0] -> F:\rw95.tmp
[13/02/2009 07:50|--a------|0] -> F:\rw96.tmp
[15/02/2009 09:16|--a------|0] -> F:\rw97.tmp
[22/02/2009 09:16|--a------|0] -> F:\rw98.tmp
[28/02/2009 18:04|--a------|0] -> F:\rw99.tmp
[06/03/2009 09:11|--a------|0] -> F:\rw9A.tmp
[08/03/2009 08:17|--a------|0] -> F:\rw9B.tmp
[10/03/2009 20:01|--a------|0] -> F:\rw9C.tmp
[12/03/2009 09:25|--a------|0] -> F:\rw9D.tmp
[13/03/2009 09:36|--a------|0] -> F:\rw9E.tmp
[14/03/2009 08:16|--a------|0] -> F:\rw9F.tmp
[21/03/2009 18:37|--a------|0] -> F:\rwA0.tmp
[28/03/2009 17:24|--a------|0] -> F:\rwA1.tmp
[04/04/2009 10:18|--a------|0] -> F:\rwA2.tmp
[10/04/2009 09:12|--a------|0] -> F:\rwA3.tmp
[10/04/2009 11:52|--a------|0] -> F:\rwA4.tmp
[18/04/2009 09:22|--a------|0] -> F:\rwA5.tmp
[25/04/2009 11:45|--a------|0] -> F:\rwA6.tmp
[02/05/2009 08:16|--a------|0] -> F:\rwA7.tmp
[08/05/2009 21:14|--a------|0] -> F:\rwA8.tmp
[21/05/2009 10:53|--a------|0] -> F:\rwA9.tmp
[24/05/2009 08:49|--a------|0] -> F:\rwAA.tmp
[06/06/2009 19:06|--a------|0] -> F:\rwAB.tmp
[11/06/2009 08:52|--a------|0] -> F:\rwAC.tmp
[13/06/2009 09:06|--a------|0] -> F:\rwAD.tmp
[20/06/2009 10:48|--a------|0] -> F:\rwAE.tmp
[23/06/2009 08:50|--a------|0] -> F:\rwAF.tmp
[30/06/2009 09:33|--a------|0] -> F:\rwB0.tmp
[30/06/2009 09:38|--a------|0] -> F:\rwB1.tmp
[02/07/2009 08:33|--a------|0] -> F:\rwB2.tmp
[02/07/2009 11:23|--a------|0] -> F:\rwB3.tmp
[02/07/2009 15:34|--a------|0] -> F:\rwB4.tmp
[06/07/2009 09:14|--a------|0] -> F:\rwB5.tmp
[07/07/2009 16:59|--a------|0] -> F:\rwB6.tmp
[10/07/2009 15:12|--a------|0] -> F:\rwB7.tmp
[12/07/2009 07:52|--a------|0] -> F:\rwB8.tmp
[12/07/2009 08:44|--a------|0] -> F:\rwB9.tmp
[13/07/2009 08:40|--a------|0] -> F:\rwBA.tmp
[15/07/2009 09:18|--a------|0] -> F:\rwBB.tmp
[18/07/2009 09:19|--a------|0] -> F:\rwBC.tmp
[01/08/2009 10:13|--a------|0] -> F:\rwBD.tmp
[02/08/2009 12:05|--a------|0] -> F:\rwBE.tmp
[07/04/2007 18:12|--a------|0] -> F:\rw1.tmp
[02/08/2009 12:05|--a------|1832367] -> F:\money2 Sauvegarder d1.mbf
[07/04/2007 18:42|--a------|0] -> F:\rw2.tmp
[15/04/2007 10:03|--a------|0] -> F:\rw3.tmp
[21/04/2007 18:53|--a------|0] -> F:\rw4.tmp
[28/04/2007 06:34|--a------|0] -> F:\rw5.tmp
[05/05/2007 17:15|--a------|0] -> F:\rw6.tmp
[06/05/2007 11:16|--a------|0] -> F:\rw7.tmp
[06/05/2007 18:57|--a------|0] -> F:\rw8.tmp
[12/05/2007 10:49|--a------|0] -> F:\rw9.tmp
[13/05/2007 16:53|--a------|0] -> F:\rwA.tmp
[27/05/2007 11:39|--a------|0] -> F:\rwB.tmp
[27/05/2007 12:15|--a------|0] -> F:\rwC.tmp
[27/05/2007 12:15|--a------|0] -> F:\rwD.tmp
[28/05/2007 07:34|--a------|0] -> F:\rwE.tmp
[02/06/2007 18:22|--a------|0] -> F:\rwF.tmp
[09/06/2007 17:16|--a------|0] -> F:\rw10.tmp
[16/06/2007 12:10|--a------|0] -> F:\rw11.tmp
[17/06/2007 08:04|--a------|0] -> F:\rw12.tmp
[24/06/2007 09:16|--a------|0] -> F:\rw13.tmp
[27/06/2007 17:23|--a------|0] -> F:\rw14.tmp
[21/04/2009 06:48|---------|53191] -> L:\AUTERLOR.xps
[15/07/2009 07:59|---------|313586] -> L:\cc_20090715_075853.reg
[20/07/2009 16:46|---------|60] -> L:\Copie de desktop.ini
[20/07/2009 16:46|---------|80] -> L:\desktop.ini
[16/07/2009 10:52|--a------|1513] -> L:\Freecell.lnk
[20/02/2009 06:42|--a------|680] -> L:\Kikoo.lnk
[01/10/2006 06:58|--a------|1698] -> L:\Le Jeu du Pendu.lnk
[22/03/2009 08:17|---------|954] -> L:\Mes dossiers de partage.lnk
[13/07/2006 05:38|--a------|987] -> L:\Microsoft Money.lnk
[18/07/2009 09:19|---------|9083431] -> L:\Money2 Sauvegarde.mbf
[23/12/2008 19:46|--a------|646] -> L:\Raccourci vers MES VENTES EBAY.lnk
[28/12/2008 08:52|--a------|957] -> L:\Raccourci vers VENTES 2008.lnk
[18/07/2009 07:00|--a------|1482] -> L:\Solitaire.lnk
[15/07/2009 18:33|--a------|1493] -> L:\Spider Solitaire.lnk
[14/07/2009 16:45|--a------|768] -> L:\Trainz Simulator 2009 - World Builder Edition.lnk
[01/07/2009 08:54|---------|16742799] -> L:\vlc-0.9.9-win32.exe
[01/12/2006 15:38|--a------|1527] -> L:\WordBiz.lnk

################## | Vaccination |

# C:\autorun.inf ( # Not infected ) -> Folder created by UsbFix.
# F:\autorun.inf ( # Not infected ) -> Folder created by UsbFix.
# L:\autorun.inf ( # Not infected ) -> Folder created by UsbFix.

################## | Cracks / Keygens / Serials |


################## | ! Fin du rapport # UsbFix V6.012 ! |
0
TRENDY54
 
Bonsoir PLOPUS

encore un nouveau post comme préconisé mais mon PC c'est encore pire qu'avant
. J'ai bien appliqué tous vos conseils et suivi fidèlement toutes vos directives.
je commence à être inquiète. Mais merci quand même.

############################## | UsbFix V6.012 |

User : ROUSSEAU (Administrateurs) # ROUSSEAU
Update on 01/08/09 by Chiquitine29 & C_XX
Start at: 20:24:34 | 03/08/2009
Website : http://pagesperso-orange.fr/NosTools/index.html

Intel(R) Pentium(R) 4 CPU 2.93GHz
Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 3
Internet Explorer 8.0.6001.18702
Windows Firewall Status : Enabled
AV : Norton 360 2007 [ Enabled | Updated ]
FW : Norton 360[ Enabled ]2007

C:\ -> Disque fixe local # 149,04 Go (106,18 Go free) [HDD] # NTFS
D:\ -> Disque CD-ROM
E:\ -> Disque CD-ROM
F:\ -> Disque amovible # 121,28 Mo (116,75 Mo free) # FAT
G:\ -> Disque amovible
H:\ -> Disque amovible
I:\ -> Disque amovible
J:\ -> Disque amovible
L:\ -> Disque fixe local # 465,76 Go (427,64 Go free) [DIVERS ET JEUX] # NTFS

############################## | Processus actifs |

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\WINDOWS\system32\dllhost.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\imapi.exe
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\SearchFilterHost.exe

################## | Fichiers # Dossiers infectieux |


################## | Registre # Clés Run infectieuses |

Supprimé ! HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\taskmgr.exe

################## | Registre # Mountpoints2 |

Supprimé ! HKCU\...\Explorer\MountPoints2\{eb934fac-18e6-11db-aee8-00032f4a1eb7}\Shell\AutoRun\Command

################## | Listing des fichiers présent |

[03/08/2009 20:21|--a------|15900] -> C:\aaw7boot.log
[06/12/2008 08:49|--a------|1829] -> C:\AutoSetup.log
[12/07/2006 22:32|-rahs----|215] -> C:\BOOT.BAK
[27/07/2009 21:03|--ahs----|308] -> C:\BOOT.INI
[05/08/2004 14:00|-rahs----|4952] -> C:\Bootfont.bin
[05/08/2004 14:00|-rahs----|263488] -> C:\cmldr
[05/09/2008 09:45|--a------|2232] -> C:\drmHeader.bin
[12/07/2006 22:24|--a------|5580] -> C:\DWNLOG.TXT
[12/07/2009 18:04|--a------|0] -> C:\FileIn.Cns
[12/07/2009 18:04|--a------|0] -> C:\FileOut.Cns
[07/12/2008 00:03|--a------|1752] -> C:\FRAGLIST.HTM
[06/12/2008 10:13|--a------|115] -> C:\FtpCmd.txt
[18/07/2006 08:38|-rahs----|0] -> C:\IO.SYS
[08/05/2009 06:48|--a------|13763] -> C:\JavaRa.log
[06/03/2008 22:55|--a------|5152] -> C:\lvcoinst.log
[12/07/2006 22:24|--a------|5580] -> C:\MCDLOG.TXT
[23/01/2007 06:42|-ra------|6641614] -> C:\money2 Sauvegarde 0.mbf
[23/01/2007 07:54|-ra------|6998053] -> C:\money2 Sauvegarde 1.mbf
[28/01/2007 08:59|-ra------|7018543] -> C:\money2 Sauvegarde 2.mbf
[19/09/2007 22:50|-ra------|7182423] -> C:\money2 Sauvegarde 3.mbf
[06/10/2007 16:18|-ra------|7219295] -> C:\money2 Sauvegarde 4.mbf
[07/03/2008 07:33|-ra------|7575733] -> C:\money2 Sauvegarde 5.mbf
[07/03/2008 07:35|-ra------|7551150] -> C:\money2 Sauvegarde 6.mbf
[04/07/2008 15:53|-ra------|8132926] -> C:\money2 Sauvegarde 7.mbf
[02/08/2009 12:05|--a------|8884224] -> C:\money2.mny
[18/07/2006 08:38|-rahs----|0] -> C:\MSDOS.SYS
[05/08/2004 14:00|-rahs----|47564] -> C:\NTDETECT.COM
[13/05/2008 06:47|-rahs----|252240] -> C:\ntldr
[?|?|?] -> C:\pagefile.sys
[20/05/2008 06:47|--ah-----|232] -> C:\sqmdata00.sqm
[05/09/2008 14:37|--ah-----|232] -> C:\sqmdata01.sqm
[17/09/2008 20:16|--ah-----|232] -> C:\sqmdata02.sqm
[18/09/2008 07:33|--ah-----|232] -> C:\sqmdata03.sqm
[18/09/2008 10:06|--ah-----|232] -> C:\sqmdata04.sqm
[24/09/2008 05:54|--ah-----|232] -> C:\sqmdata05.sqm
[16/10/2008 20:25|--ah-----|232] -> C:\sqmdata06.sqm
[01/01/2009 08:50|--ah-----|232] -> C:\sqmdata07.sqm
[01/01/2009 20:40|--ah-----|232] -> C:\sqmdata08.sqm
[07/01/2009 06:49|--ah-----|232] -> C:\sqmdata09.sqm
[21/01/2009 21:55|--ah-----|232] -> C:\sqmdata10.sqm
[25/01/2009 19:18|--ah-----|232] -> C:\sqmdata11.sqm
[08/03/2009 23:35|--ah-----|268] -> C:\sqmdata12.sqm
[20/05/2008 06:47|--ah-----|244] -> C:\sqmnoopt00.sqm
[05/09/2008 14:37|--ah-----|244] -> C:\sqmnoopt01.sqm
[17/09/2008 20:16|--ah-----|244] -> C:\sqmnoopt02.sqm
[18/09/2008 07:33|--ah-----|244] -> C:\sqmnoopt03.sqm
[18/09/2008 10:06|--ah-----|244] -> C:\sqmnoopt04.sqm
[24/09/2008 05:54|--ah-----|244] -> C:\sqmnoopt05.sqm
[16/10/2008 20:25|--ah-----|244] -> C:\sqmnoopt06.sqm
[01/01/2009 08:50|--ah-----|244] -> C:\sqmnoopt07.sqm
[01/01/2009 20:40|--ah-----|244] -> C:\sqmnoopt08.sqm
[07/01/2009 06:49|--ah-----|244] -> C:\sqmnoopt09.sqm
[21/01/2009 21:55|--ah-----|244] -> C:\sqmnoopt10.sqm
[25/01/2009 19:18|--ah-----|244] -> C:\sqmnoopt11.sqm
[08/03/2009 23:35|--ah-----|244] -> C:\sqmnoopt12.sqm
[06/04/2009 06:19|--a------|594] -> C:\updatedatfix.log
[12/07/2006 22:24|--a------|0] -> C:\UPDFLOP.TAG
[03/08/2009 20:34|--a------|6249] -> C:\UsbFix.txt
[08/07/2007 14:35|--a------|0] -> F:\rw15.tmp
[09/07/2007 12:16|--a------|0] -> F:\rw16.tmp
[09/07/2007 18:05|--a------|36] -> F:\ttgo.bif
[09/07/2007 18:06|--a------|132566] -> F:\connect2internet.db
[09/07/2007 18:06|--a------|58] -> F:\connect2internetdb.ver
[09/07/2007 18:06|--a------|277376] -> F:\connect2internet.so
[09/07/2007 18:09|--a------|32] -> F:\ttdesk.ver
[15/07/2007 07:54|--a------|0] -> F:\rw17.tmp
[21/07/2007 17:44|--a------|0] -> F:\rw18.tmp
[28/07/2007 16:57|--a------|0] -> F:\rw19.tmp
[04/08/2007 18:37|--a------|0] -> F:\rw1A.tmp
[11/08/2007 06:44|--a------|0] -> F:\rw1B.tmp
[11/08/2007 18:20|--a------|0] -> F:\rw1C.tmp
[18/08/2007 11:38|--a------|0] -> F:\rw1D.tmp
[26/08/2007 08:52|--a------|0] -> F:\rw1E.tmp
[01/09/2007 11:42|--a------|0] -> F:\rw1F.tmp
[09/09/2007 09:12|--a------|0] -> F:\rw20.tmp
[15/09/2007 18:19|--a------|0] -> F:\rw21.tmp
[22/09/2007 18:03|--a------|0] -> F:\rw22.tmp
[07/10/2007 07:28|--a------|0] -> F:\rw23.tmp
[07/10/2007 07:31|--a------|0] -> F:\rw24.tmp
[21/10/2007 17:47|--a------|0] -> F:\rw25.tmp
[28/10/2007 11:09|--a------|0] -> F:\rw26.tmp
[03/11/2007 10:57|--a------|0] -> F:\rw27.tmp
[04/11/2007 09:04|--a------|0] -> F:\rw28.tmp
[11/11/2007 10:39|--a------|0] -> F:\rw29.tmp
[11/11/2007 19:05|--a------|0] -> F:\rw2A.tmp
[16/11/2007 06:36|--a------|0] -> F:\rw2B.tmp
[17/11/2007 19:25|--a------|0] -> F:\rw2C.tmp
[24/11/2007 08:36|--a------|0] -> F:\rw2D.tmp
[09/12/2007 11:44|--a------|0] -> F:\rw2E.tmp
[16/12/2007 19:15|--a------|0] -> F:\rw2F.tmp
[22/12/2007 07:07|--a------|0] -> F:\rw30.tmp
[26/12/2007 08:34|--a------|0] -> F:\rw31.tmp
[02/01/2008 10:19|--a------|0] -> F:\rw32.tmp
[02/01/2008 19:17|--a------|0] -> F:\rw33.tmp
[03/01/2008 09:59|--a------|0] -> F:\rw34.tmp
[06/01/2008 11:49|--a------|0] -> F:\rw35.tmp
[13/01/2008 10:57|--a------|0] -> F:\rw36.tmp
[20/01/2008 10:51|--a------|0] -> F:\rw37.tmp
[26/01/2008 19:33|--a------|0] -> F:\rw38.tmp
[02/02/2008 19:51|--a------|0] -> F:\rw39.tmp
[04/02/2008 07:57|--a------|0] -> F:\rw3A.tmp
[04/02/2008 08:02|--a------|0] -> F:\rw3B.tmp
[09/02/2008 16:28|--a------|0] -> F:\rw3C.tmp
[16/02/2008 17:57|--a------|0] -> F:\rw3D.tmp
[24/02/2008 17:44|--a------|0] -> F:\rw3E.tmp
[01/03/2008 10:49|--a------|0] -> F:\rw3F.tmp
[05/03/2008 19:56|--a------|0] -> F:\rw40.tmp
[07/03/2008 06:36|--a------|0] -> F:\rw41.tmp
[08/03/2008 09:17|--a------|0] -> F:\rw42.tmp
[08/03/2008 18:53|--a------|0] -> F:\rw43.tmp
[16/03/2008 10:24|--a------|0] -> F:\rw44.tmp
[24/03/2008 19:19|--a------|0] -> F:\rw45.tmp
[29/03/2008 10:04|--a------|0] -> F:\rw46.tmp
[30/03/2008 07:44|--a------|296] -> F:\WMPInfo.xml
[05/04/2008 19:53|--a------|0] -> F:\rw47.tmp
[12/04/2008 09:20|--a------|0] -> F:\rw48.tmp
[19/04/2008 17:40|--a------|0] -> F:\rw49.tmp
[26/04/2008 09:31|--a------|0] -> F:\rw4A.tmp
[01/05/2008 13:48|--a------|0] -> F:\rw4B.tmp
[02/05/2008 08:57|--a------|0] -> F:\rw4C.tmp
[03/05/2008 09:11|--a------|0] -> F:\rw4D.tmp
[05/05/2008 07:42|--a------|0] -> F:\rw4E.tmp
[10/05/2008 10:25|--a------|0] -> F:\rw4F.tmp
[11/05/2008 10:35|--a------|0] -> F:\rw50.tmp
[17/05/2008 08:34|--a------|0] -> F:\rw51.tmp
[24/05/2008 18:26|--a------|0] -> F:\rw52.tmp
[31/05/2008 09:55|--a------|0] -> F:\rw53.tmp
[07/06/2008 18:01|--a------|0] -> F:\rw54.tmp
[14/06/2008 10:41|--a------|0] -> F:\rw55.tmp
[21/06/2008 17:35|--a------|0] -> F:\rw56.tmp
[28/06/2008 16:40|--a------|0] -> F:\rw57.tmp
[01/07/2008 10:30|--a------|0] -> F:\rw58.tmp
[02/07/2008 15:06|--a------|0] -> F:\rw59.tmp
[04/07/2008 15:53|--a------|0] -> F:\rw5A.tmp
[07/07/2008 19:23|--a------|0] -> F:\rw5B.tmp
[12/07/2008 14:45|--a------|0] -> F:\rw5C.tmp
[12/07/2008 19:32|--a------|0] -> F:\rw5D.tmp
[14/07/2008 06:50|--a------|0] -> F:\rw5E.tmp
[20/07/2008 07:58|--a------|0] -> F:\rw5F.tmp
[20/07/2008 18:38|--a------|0] -> F:\rw60.tmp
[26/07/2008 11:47|--a------|0] -> F:\rw61.tmp
[02/08/2008 12:08|--a------|0] -> F:\rw62.tmp
[04/08/2008 06:32|--a------|0] -> F:\rw63.tmp
[09/08/2008 06:39|--a------|0] -> F:\rw64.tmp
[09/08/2008 21:38|--a------|0] -> F:\rw65.tmp
[13/08/2008 18:05|--a------|0] -> F:\rw66.tmp
[24/08/2008 08:44|--a------|0] -> F:\rw67.tmp
[31/08/2008 10:20|--a------|0] -> F:\rw68.tmp
[06/09/2008 18:53|--a------|0] -> F:\rw69.tmp
[14/09/2008 10:08|--a------|0] -> F:\rw6A.tmp
[28/09/2008 11:29|--a------|0] -> F:\rw6B.tmp
[04/10/2008 10:49|--a------|0] -> F:\rw6C.tmp
[05/10/2008 17:29|--a------|0] -> F:\rw6D.tmp
[11/10/2008 17:29|--a------|0] -> F:\rw6E.tmp
[18/10/2008 18:20|--a------|0] -> F:\rw6F.tmp
[25/10/2008 18:15|--a------|0] -> F:\rw70.tmp
[02/11/2008 11:02|--a------|0] -> F:\rw71.tmp
[08/11/2008 11:21|--a------|0] -> F:\rw72.tmp
[15/11/2008 11:24|--a------|0] -> F:\rw73.tmp
[13/07/2006 04:38|--a------|987] -> F:\Microsoft Money.lnk
[22/11/2008 18:54|--a------|0] -> F:\rw74.tmp
[29/11/2008 17:50|--a------|0] -> F:\rw75.tmp
[07/12/2008 08:48|--a------|0] -> F:\rw76.tmp
[11/12/2008 10:37|--a------|0] -> F:\rw77.tmp
[15/12/2008 11:24|--a------|0] -> F:\rw78.tmp
[19/12/2008 18:58|--a------|0] -> F:\rw79.tmp
[23/12/2008 10:17|--a------|0] -> F:\rw7A.tmp
[25/12/2008 09:14|--a------|0] -> F:\rw7B.tmp
[31/12/2008 18:34|--a------|0] -> F:\rw7C.tmp
[02/01/2009 09:34|--a------|0] -> F:\rw7D.tmp
[02/01/2009 18:38|--a------|0] -> F:\rw7E.tmp
[03/01/2009 11:19|--a------|0] -> F:\rw7F.tmp
[05/01/2009 07:31|--a------|0] -> F:\rw80.tmp
[05/01/2009 14:37|--a------|0] -> F:\rw81.tmp
[06/01/2009 08:23|--a------|0] -> F:\rw82.tmp
[07/01/2009 09:07|--a------|0] -> F:\rw83.tmp
[09/01/2009 13:54|--a------|0] -> F:\rw84.tmp
[12/01/2009 10:44|--a------|0] -> F:\rw85.tmp
[13/01/2009 07:57|--a------|0] -> F:\rw86.tmp
[14/01/2009 06:37|--a------|0] -> F:\rw87.tmp
[14/01/2009 07:06|--a------|0] -> F:\rw88.tmp
[15/01/2009 18:24|--a------|0] -> F:\rw89.tmp
[17/01/2009 09:11|--a------|0] -> F:\rw8A.tmp
[19/01/2009 09:07|--a------|0] -> F:\rw8B.tmp
[19/01/2009 18:12|--a------|0] -> F:\rw8C.tmp
[23/01/2009 08:07|--a------|0] -> F:\rw8D.tmp
[24/01/2009 09:28|--a------|0] -> F:\rw8E.tmp
[29/11/2008 18:49|--a------|18432] -> F:\HUISSIERS.xlr
[25/01/2009 18:39|--a------|0] -> F:\rw8F.tmp
[26/01/2009 08:20|--a------|0] -> F:\rw90.tmp
[27/01/2009 08:37|--a------|0] -> F:\rw91.tmp
[29/01/2009 08:25|--a------|0] -> F:\rw92.tmp
[29/01/2009 09:53|--a------|0] -> F:\rw93.tmp
[30/01/2009 09:34|--a------|0] -> F:\rw94.tmp
[07/02/2009 09:20|--a------|0] -> F:\rw95.tmp
[13/02/2009 07:50|--a------|0] -> F:\rw96.tmp
[15/02/2009 09:16|--a------|0] -> F:\rw97.tmp
[22/02/2009 09:16|--a------|0] -> F:\rw98.tmp
[28/02/2009 18:04|--a------|0] -> F:\rw99.tmp
[06/03/2009 09:11|--a------|0] -> F:\rw9A.tmp
[08/03/2009 08:17|--a------|0] -> F:\rw9B.tmp
[10/03/2009 20:01|--a------|0] -> F:\rw9C.tmp
[12/03/2009 09:25|--a------|0] -> F:\rw9D.tmp
[13/03/2009 09:36|--a------|0] -> F:\rw9E.tmp
[14/03/2009 08:16|--a------|0] -> F:\rw9F.tmp
[21/03/2009 18:37|--a------|0] -> F:\rwA0.tmp
[28/03/2009 17:24|--a------|0] -> F:\rwA1.tmp
[04/04/2009 10:18|--a------|0] -> F:\rwA2.tmp
[10/04/2009 09:12|--a------|0] -> F:\rwA3.tmp
[10/04/2009 11:52|--a------|0] -> F:\rwA4.tmp
[18/04/2009 09:22|--a------|0] -> F:\rwA5.tmp
[25/04/2009 11:45|--a------|0] -> F:\rwA6.tmp
[02/05/2009 08:16|--a------|0] -> F:\rwA7.tmp
[08/05/2009 21:14|--a------|0] -> F:\rwA8.tmp
[21/05/2009 10:53|--a------|0] -> F:\rwA9.tmp
[24/05/2009 08:49|--a------|0] -> F:\rwAA.tmp
[06/06/2009 19:06|--a------|0] -> F:\rwAB.tmp
[11/06/2009 08:52|--a------|0] -> F:\rwAC.tmp
[13/06/2009 09:06|--a------|0] -> F:\rwAD.tmp
[20/06/2009 10:48|--a------|0] -> F:\rwAE.tmp
[23/06/2009 08:50|--a------|0] -> F:\rwAF.tmp
[30/06/2009 09:33|--a------|0] -> F:\rwB0.tmp
[30/06/2009 09:38|--a------|0] -> F:\rwB1.tmp
[02/07/2009 08:33|--a------|0] -> F:\rwB2.tmp
[02/07/2009 11:23|--a------|0] -> F:\rwB3.tmp
[02/07/2009 15:34|--a------|0] -> F:\rwB4.tmp
[06/07/2009 09:14|--a------|0] -> F:\rwB5.tmp
[07/07/2009 16:59|--a------|0] -> F:\rwB6.tmp
[10/07/2009 15:12|--a------|0] -> F:\rwB7.tmp
[12/07/2009 07:52|--a------|0] -> F:\rwB8.tmp
[12/07/2009 08:44|--a------|0] -> F:\rwB9.tmp
[13/07/2009 08:40|--a------|0] -> F:\rwBA.tmp
[15/07/2009 09:18|--a------|0] -> F:\rwBB.tmp
[18/07/2009 09:19|--a------|0] -> F:\rwBC.tmp
[01/08/2009 10:13|--a------|0] -> F:\rwBD.tmp
[02/08/2009 12:05|--a------|0] -> F:\rwBE.tmp
[07/04/2007 18:12|--a------|0] -> F:\rw1.tmp
[02/08/2009 12:05|--a------|1832367] -> F:\money2 Sauvegarder d1.mbf
[07/04/2007 18:42|--a------|0] -> F:\rw2.tmp
[15/04/2007 10:03|--a------|0] -> F:\rw3.tmp
[21/04/2007 18:53|--a------|0] -> F:\rw4.tmp
[28/04/2007 06:34|--a------|0] -> F:\rw5.tmp
[05/05/2007 17:15|--a------|0] -> F:\rw6.tmp
[06/05/2007 11:16|--a------|0] -> F:\rw7.tmp
[06/05/2007 18:57|--a------|0] -> F:\rw8.tmp
[12/05/2007 10:49|--a------|0] -> F:\rw9.tmp
[13/05/2007 16:53|--a------|0] -> F:\rwA.tmp
[27/05/2007 11:39|--a------|0] -> F:\rwB.tmp
[27/05/2007 12:15|--a------|0] -> F:\rwC.tmp
[27/05/2007 12:15|--a------|0] -> F:\rwD.tmp
[28/05/2007 07:34|--a------|0] -> F:\rwE.tmp
[02/06/2007 18:22|--a------|0] -> F:\rwF.tmp
[09/06/2007 17:16|--a------|0] -> F:\rw10.tmp
[16/06/2007 12:10|--a------|0] -> F:\rw11.tmp
[17/06/2007 08:04|--a------|0] -> F:\rw12.tmp
[24/06/2007 09:16|--a------|0] -> F:\rw13.tmp
[27/06/2007 17:23|--a------|0] -> F:\rw14.tmp
[21/04/2009 06:48|---------|53191] -> L:\AUTERLOR.xps
[15/07/2009 07:59|---------|313586] -> L:\cc_20090715_075853.reg
[20/07/2009 16:46|---------|60] -> L:\Copie de desktop.ini
[20/07/2009 16:46|---------|80] -> L:\desktop.ini
[16/07/2009 10:52|--a------|1513] -> L:\Freecell.lnk
[20/02/2009 06:42|--a------|680] -> L:\Kikoo.lnk
[01/10/2006 06:58|--a------|1698] -> L:\Le Jeu du Pendu.lnk
[22/03/2009 08:17|---------|954] -> L:\Mes dossiers de partage.lnk
[13/07/2006 05:38|--a------|987] -> L:\Microsoft Money.lnk
[18/07/2009 09:19|---------|9083431] -> L:\Money2 Sauvegarde.mbf
[23/12/2008 19:46|--a------|646] -> L:\Raccourci vers MES VENTES EBAY.lnk
[28/12/2008 08:52|--a------|957] -> L:\Raccourci vers VENTES 2008.lnk
[18/07/2009 07:00|--a------|1482] -> L:\Solitaire.lnk
[15/07/2009 18:33|--a------|1493] -> L:\Spider Solitaire.lnk
[14/07/2009 16:45|--a------|768] -> L:\Trainz Simulator 2009 - World Builder Edition.lnk
[01/07/2009 08:54|---------|16742799] -> L:\vlc-0.9.9-win32.exe
[01/12/2006 15:38|--a------|1527] -> L:\WordBiz.lnk

################## | Vaccination |

# C:\autorun.inf ( # Not infected ) -> Folder created by UsbFix.
# F:\autorun.inf ( # Not infected ) -> Folder created by UsbFix.
# L:\autorun.inf ( # Not infected ) -> Folder created by UsbFix.

################## | Cracks / Keygens / Serials |


################## | ! Fin du rapport # UsbFix V6.012 ! |
0
Réponse 6 / 6
plopus Messages postés 6113 Statut Contributeur sécurité 293
 
mais non t'inquiete pas

fait malwarebyte puis le scan en ligne sa devrait aller mieux
0