Clé USB non reconnue
Make Tacos Not War
-
Make Tacos Not War -
Make Tacos Not War -
Bonjour,
Mon ordi était récemment infecté par un virus BEAGLE qu'on m'a gentiment aidé à éradiquer. Tout est rentré dans l'ordre sauf pour ma clé USB qui n'est plus reconnue. Le problème est d'autant plus gênant qu'elle n'est pas plus reconnue sur un autre ordi. Je ne sais plus quoi faire.
Merci de votre aide.
Nino
Mon ordi était récemment infecté par un virus BEAGLE qu'on m'a gentiment aidé à éradiquer. Tout est rentré dans l'ordre sauf pour ma clé USB qui n'est plus reconnue. Le problème est d'autant plus gênant qu'elle n'est pas plus reconnue sur un autre ordi. Je ne sais plus quoi faire.
Merci de votre aide.
Nino
A voir également:
- Clé USB non reconnue
- Cle usb non reconnue - Guide
- Clé usb - Accueil - Stockage
- Formater clé usb - Guide
- Clé windows 8 - Guide
- Logiciel réparation clé usb non reconnue gratuit - Télécharger - Récupération de données
13 réponses
Salut.
--> Télécharge UsbFix (de Chiquitine29 & C_XX) sur ton Bureau.
--> Lance l'installation avec les paramètres par défaut.
--> Branche tes sources de données externes à ton PC (clé USB, disque dur externe, carte SD, etc...) sans les ouvrir.
--> Double-clique sur le raccourci UsbFix sur ton Bureau.
(Sous Vista, il faut cliquer droit sur le raccourci UsbFix et choisir Exécuter en tant qu'administrateur)
--> Choisis l'option 1 (Recherche).
--> Laisse travailler l'outil.
--> Poste le rapport UsbFix.txt.
Note : le rapport UsbFix.txt est sauvegardé à la racine du disque (C:\UsbFix.txt).
"Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool. Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
--> Télécharge UsbFix (de Chiquitine29 & C_XX) sur ton Bureau.
--> Lance l'installation avec les paramètres par défaut.
--> Branche tes sources de données externes à ton PC (clé USB, disque dur externe, carte SD, etc...) sans les ouvrir.
--> Double-clique sur le raccourci UsbFix sur ton Bureau.
(Sous Vista, il faut cliquer droit sur le raccourci UsbFix et choisir Exécuter en tant qu'administrateur)
--> Choisis l'option 1 (Recherche).
--> Laisse travailler l'outil.
--> Poste le rapport UsbFix.txt.
Note : le rapport UsbFix.txt est sauvegardé à la racine du disque (C:\UsbFix.txt).
"Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool. Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Voici le rapport
############################## | UsbFix V6.033 |
User : Nino Cioli (Administrateurs) # NINO
Update on 14/09/2009 by Chiquitine29, C_XX & Chimay8
Start at: 18:46:03 | 15/09/2009
Website : http://pagesperso-orange.fr/NosTools/index.html
Intel(R) Atom(TM) CPU N270 @ 1.60GHz
Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 3
Internet Explorer 7.0.5730.13
Windows Firewall Status : Disabled
AV : AntiVir Desktop 9.0.1.32 [ Enabled | Updated ]
C:\ -> Disque fixe local # 72,06 Go (61,99 Go free) # NTFS
D:\ -> Disque fixe local # 72,05 Go (71,99 Go free) # NTFS
############################## | Processus actifs |
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Nero\Nero8\InCD\InCDsrv.exe
C:\Program Files\Nero\Nero8\InCD\NBHRegInCDSrv.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe
C:\Program Files\EeePC\ACPI\AsEPCMon.exe
C:\Program Files\EeePC\ACPI\AsTray.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\lg_fwupdate\fwupdate.exe
C:\Program Files\Nero\Nero8\InCD\NBHGui.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ASUS\EeePC\Super Hybrid Engine\SuperHybridEngine.exe
C:\WINDOWS\system32\igfxext.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
################## | Fichiers # Dossiers infectieux |
################## | Registre # Clés Run infectieuses |
[HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System] "DisableRegistryTools"
[HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoDrives"
[HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoDrives"
################## | Registre # Mountpoints2 |
################## | ! Fin du rapport # UsbFix V6.033 ! |
############################## | UsbFix V6.033 |
User : Nino Cioli (Administrateurs) # NINO
Update on 14/09/2009 by Chiquitine29, C_XX & Chimay8
Start at: 18:46:03 | 15/09/2009
Website : http://pagesperso-orange.fr/NosTools/index.html
Intel(R) Atom(TM) CPU N270 @ 1.60GHz
Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 3
Internet Explorer 7.0.5730.13
Windows Firewall Status : Disabled
AV : AntiVir Desktop 9.0.1.32 [ Enabled | Updated ]
C:\ -> Disque fixe local # 72,06 Go (61,99 Go free) # NTFS
D:\ -> Disque fixe local # 72,05 Go (71,99 Go free) # NTFS
############################## | Processus actifs |
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Nero\Nero8\InCD\InCDsrv.exe
C:\Program Files\Nero\Nero8\InCD\NBHRegInCDSrv.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe
C:\Program Files\EeePC\ACPI\AsEPCMon.exe
C:\Program Files\EeePC\ACPI\AsTray.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\lg_fwupdate\fwupdate.exe
C:\Program Files\Nero\Nero8\InCD\NBHGui.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ASUS\EeePC\Super Hybrid Engine\SuperHybridEngine.exe
C:\WINDOWS\system32\igfxext.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
################## | Fichiers # Dossiers infectieux |
################## | Registre # Clés Run infectieuses |
[HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System] "DisableRegistryTools"
[HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoDrives"
[HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoDrives"
################## | Registre # Mountpoints2 |
################## | ! Fin du rapport # UsbFix V6.033 ! |
--> Branche tes sources de données externes à ton PC (clé USB, disque dur externe, carte SD, etc...) sans les ouvrir.
T en a branché aucunes.....
J'ai branché ma clé USB et mon disque dur externe. Windows ne les détecte pas mais ils sont branchés, je te l'assure.
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Voici le rapport avec l'option 2
############################## | UsbFix V6.033 |
User : Nino Cioli (Administrateurs) # NINO
Update on 14/09/2009 by Chiquitine29, C_XX & Chimay8
Start at: 19:43:37 | 15/09/2009
Website : http://pagesperso-orange.fr/NosTools/index.html
Intel(R) Atom(TM) CPU N270 @ 1.60GHz
Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 3
Internet Explorer 7.0.5730.13
Windows Firewall Status : Enabled
AV : AntiVir Desktop 9.0.1.32 [ Enabled | Updated ]
C:\ -> Disque fixe local # 72,06 Go (62,04 Go free) # NTFS
D:\ -> Disque fixe local # 72,05 Go (71,99 Go free) # NTFS
############################## | Processus actifs |
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\logonui.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\system32\userinit.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Nero\Nero8\InCD\InCDsrv.exe
C:\Program Files\Nero\Nero8\InCD\NBHRegInCDSrv.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
################## | Fichiers # Dossiers infectieux |
################## | Registre # Clés Run infectieuses |
Supprimé ! [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System] "DisableRegistryTools"
Supprimé ! [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoDrives"
################## | Registre # Mountpoints2 |
################## | Listing des fichiers présent |
[12/05/2009 21:44|--a------|0] C:\AUTOEXEC.BAT
[27/07/2009 16:15|-rahs----|216] C:\boot.ini
[14/04/2008 14:00|-rahs----|4952] C:\Bootfont.bin
[12/05/2009 21:44|--a------|0] C:\CONFIG.SYS
[07/09/2009 17:02|--a------|1965] C:\FindyKill Sans Echec.txt
[05/09/2009 00:37|--a------|1970] C:\FindyKill2.txt
[07/09/2009 14:49|--a------|3140] C:\FindyKill3.txt
[07/09/2009 13:13|--a------|9301] C:\hijackthis2.log
[07/09/2009 14:38|--a------|9255] C:\hijackthis3.log
[12/05/2009 21:44|-rahs----|0] C:\IO.SYS
[07/09/2009 15:14|--a------|2644] C:\Last FindyKill 2.txt
[07/09/2009 15:01|--a------|2678] C:\Last FindyKill.txt
[12/05/2009 21:44|-rahs----|0] C:\MSDOS.SYS
[14/04/2008 14:00|-rahs----|47564] C:\NTDETECT.COM
[14/04/2008 14:00|-rahs----|252240] C:\ntldr
[?|?|?] C:\pagefile.sys
[04/09/2009 18:46|--a------|5350] C:\rapport.txt
[04/09/2009 17:26|--a------|13835] C:\SAFEBOOT_REPAIR.TXT
[08/09/2009 14:08|--a------|1951] C:\TCleaner.txt
[15/09/2009 19:45|--a------|3116] C:\UsbFix.txt
################## | ! Fin du rapport # UsbFix V6.033 ! |
############################## | UsbFix V6.033 |
User : Nino Cioli (Administrateurs) # NINO
Update on 14/09/2009 by Chiquitine29, C_XX & Chimay8
Start at: 19:43:37 | 15/09/2009
Website : http://pagesperso-orange.fr/NosTools/index.html
Intel(R) Atom(TM) CPU N270 @ 1.60GHz
Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 3
Internet Explorer 7.0.5730.13
Windows Firewall Status : Enabled
AV : AntiVir Desktop 9.0.1.32 [ Enabled | Updated ]
C:\ -> Disque fixe local # 72,06 Go (62,04 Go free) # NTFS
D:\ -> Disque fixe local # 72,05 Go (71,99 Go free) # NTFS
############################## | Processus actifs |
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\logonui.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\system32\userinit.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Nero\Nero8\InCD\InCDsrv.exe
C:\Program Files\Nero\Nero8\InCD\NBHRegInCDSrv.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
################## | Fichiers # Dossiers infectieux |
################## | Registre # Clés Run infectieuses |
Supprimé ! [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System] "DisableRegistryTools"
Supprimé ! [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoDrives"
################## | Registre # Mountpoints2 |
################## | Listing des fichiers présent |
[12/05/2009 21:44|--a------|0] C:\AUTOEXEC.BAT
[27/07/2009 16:15|-rahs----|216] C:\boot.ini
[14/04/2008 14:00|-rahs----|4952] C:\Bootfont.bin
[12/05/2009 21:44|--a------|0] C:\CONFIG.SYS
[07/09/2009 17:02|--a------|1965] C:\FindyKill Sans Echec.txt
[05/09/2009 00:37|--a------|1970] C:\FindyKill2.txt
[07/09/2009 14:49|--a------|3140] C:\FindyKill3.txt
[07/09/2009 13:13|--a------|9301] C:\hijackthis2.log
[07/09/2009 14:38|--a------|9255] C:\hijackthis3.log
[12/05/2009 21:44|-rahs----|0] C:\IO.SYS
[07/09/2009 15:14|--a------|2644] C:\Last FindyKill 2.txt
[07/09/2009 15:01|--a------|2678] C:\Last FindyKill.txt
[12/05/2009 21:44|-rahs----|0] C:\MSDOS.SYS
[14/04/2008 14:00|-rahs----|47564] C:\NTDETECT.COM
[14/04/2008 14:00|-rahs----|252240] C:\ntldr
[?|?|?] C:\pagefile.sys
[04/09/2009 18:46|--a------|5350] C:\rapport.txt
[04/09/2009 17:26|--a------|13835] C:\SAFEBOOT_REPAIR.TXT
[08/09/2009 14:08|--a------|1951] C:\TCleaner.txt
[15/09/2009 19:45|--a------|3116] C:\UsbFix.txt
################## | ! Fin du rapport # UsbFix V6.033 ! |
Salut,
- Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.
- Double-clique sur RSIT.exe afin de lancer le programme.
- A l'écran Disclaimer Choisis "1 months" dans le menu déroulant puis clique sur <continue>.
- Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
- Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt
Note : Les rapports sont sauvegardés dans le dossier C:\rsit.
- Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.
- Double-clique sur RSIT.exe afin de lancer le programme.
- A l'écran Disclaimer Choisis "1 months" dans le menu déroulant puis clique sur <continue>.
- Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
- Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt
Note : Les rapports sont sauvegardés dans le dossier C:\rsit.
Voici le rapport
Logfile of random's system information tool 1.06 (written by random/random)
Run by Nino Cioli at 2009-09-15 20:40:25
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 63 GB (86%) free of 74 GB
Total RAM: 1015 MB (53% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:40:36, on 15/09/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16876)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Nero\Nero8\InCD\InCDsrv.exe
C:\Program Files\Nero\Nero8\InCD\NBHRegInCDSrv.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Nino Cioli\Bureau\RSIT.exe
C:\Program Files\trend micro\Nino Cioli.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://runonce.msn.com/runonce3.aspx
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll (file missing)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (file missing)
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [AsusACPIServer] C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe
O4 - HKLM\..\Run: [AsusEPCMonitor] C:\Program Files\EeePC\ACPI\AsEPCMon.exe
O4 - HKLM\..\Run: [AsusTray] C:\Program Files\EeePC\ACPI\AsTray.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SynAsusAcpi] C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\1.0"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [LGODDFU] "C:\Program Files\lg_fwupdate\fwupdate.exe" blrun
O4 - HKLM\..\Run: [SecurDisc] C:\Program Files\Nero\Nero8\InCD\NBHGui.exe
O4 - HKLM\..\Run: [UpdatePSTShortCut] "C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: SuperHybridEngine.lnk = ?
O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Envoyer à Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.inoculer.com/antivirus/Msie/bitdefender.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: InCD Helper (InCDsrvR) - Nero AG - C:\Program Files\Nero\Nero8\InCD\InCDsrv.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Nero Registry InCD Service (NeroRegInCDSrv) - Nero AG - C:\Program Files\Nero\Nero8\InCD\NBHRegInCDSrv.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
Logfile of random's system information tool 1.06 (written by random/random)
Run by Nino Cioli at 2009-09-15 20:40:25
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 63 GB (86%) free of 74 GB
Total RAM: 1015 MB (53% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:40:36, on 15/09/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16876)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Nero\Nero8\InCD\InCDsrv.exe
C:\Program Files\Nero\Nero8\InCD\NBHRegInCDSrv.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Nino Cioli\Bureau\RSIT.exe
C:\Program Files\trend micro\Nino Cioli.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://runonce.msn.com/runonce3.aspx
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll (file missing)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (file missing)
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [AsusACPIServer] C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe
O4 - HKLM\..\Run: [AsusEPCMonitor] C:\Program Files\EeePC\ACPI\AsEPCMon.exe
O4 - HKLM\..\Run: [AsusTray] C:\Program Files\EeePC\ACPI\AsTray.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SynAsusAcpi] C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\1.0"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [LGODDFU] "C:\Program Files\lg_fwupdate\fwupdate.exe" blrun
O4 - HKLM\..\Run: [SecurDisc] C:\Program Files\Nero\Nero8\InCD\NBHGui.exe
O4 - HKLM\..\Run: [UpdatePSTShortCut] "C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: SuperHybridEngine.lnk = ?
O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Envoyer à Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.inoculer.com/antivirus/Msie/bitdefender.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: InCD Helper (InCDsrvR) - Nero AG - C:\Program Files\Nero\Nero8\InCD\InCDsrv.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Nero Registry InCD Service (NeroRegInCDSrv) - Nero AG - C:\Program Files\Nero\Nero8\InCD\NBHRegInCDSrv.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
* Télécharge OtmoveIT (de Old_Timer) sur ton Bureau
(c est le numéro 7 en bas de la page) :
* Double-clique sur OTMoveIt.exe pour le lancer.
* Assure toi que la case Unregister Dll's and Ocx's soit bien cochée.
* Copie la liste qui se trouve en gras dans la citation ci-dessous et colle-la dans le cadre de gauche de OTMoveIt sous Paste List of Files/Folders to move.
:processes
explorer.exe
firefox.exe
teatimer.exe
:services
mbr
:files
C:\WINDOWS\system32\tmp.txt
C:\WINDOWS\PEV.exe
:Commands
[emptytemp]
[purity]
[start explorer]
[Reboot]
# clique sur MoveIt! pour lancer la suppression.
# Le résultat apparaitra dans le cadre "Results".
# Clique sur Exit pour fermer.
# Poste le rapport situé dans C:\_OTMoveIt\MovedFiles.
# Il te sera peut-être demandé de redémarrer le pc pour achever la suppression. Si c'est le cas accepte par Yes.
(c est le numéro 7 en bas de la page) :
* Double-clique sur OTMoveIt.exe pour le lancer.
* Assure toi que la case Unregister Dll's and Ocx's soit bien cochée.
* Copie la liste qui se trouve en gras dans la citation ci-dessous et colle-la dans le cadre de gauche de OTMoveIt sous Paste List of Files/Folders to move.
:processes
explorer.exe
firefox.exe
teatimer.exe
:services
mbr
:files
C:\WINDOWS\system32\tmp.txt
C:\WINDOWS\PEV.exe
:Commands
[emptytemp]
[purity]
[start explorer]
[Reboot]
# clique sur MoveIt! pour lancer la suppression.
# Le résultat apparaitra dans le cadre "Results".
# Clique sur Exit pour fermer.
# Poste le rapport situé dans C:\_OTMoveIt\MovedFiles.
# Il te sera peut-être demandé de redémarrer le pc pour achever la suppression. Si c'est le cas accepte par Yes.
Rapport OTM:
All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
No active process named firefox.exe was found!
No active process named teatimer.exe was found!
========== SERVICES/DRIVERS ==========
Service\Driver mbr deleted successfully.
========== FILES ==========
C:\WINDOWS\system32\tmp.txt moved successfully.
C:\WINDOWS\PEV.exe moved successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: Administrateur
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 112094 bytes
->FireFox cache emptied: 17240549 bytes
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32768 bytes
User: LocalService
->Temp folder emptied: 0 bytes
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
->Temporary Internet Files folder emptied: 32902 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 553823 bytes
User: Nino Cioli
->Temp folder emptied: 676087 bytes
->Temporary Internet Files folder emptied: 1364211 bytes
->FireFox cache emptied: 38797197 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 3072 bytes
Windows Temp folder emptied: 0 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 56,09 mb
OTM by OldTimer - Version 3.0.0.6 log created on 09162009_024533
Files moved on Reboot...
Registry entries deleted on Reboot...
All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
No active process named firefox.exe was found!
No active process named teatimer.exe was found!
========== SERVICES/DRIVERS ==========
Service\Driver mbr deleted successfully.
========== FILES ==========
C:\WINDOWS\system32\tmp.txt moved successfully.
C:\WINDOWS\PEV.exe moved successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: Administrateur
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 112094 bytes
->FireFox cache emptied: 17240549 bytes
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32768 bytes
User: LocalService
->Temp folder emptied: 0 bytes
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
->Temporary Internet Files folder emptied: 32902 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 553823 bytes
User: Nino Cioli
->Temp folder emptied: 676087 bytes
->Temporary Internet Files folder emptied: 1364211 bytes
->FireFox cache emptied: 38797197 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 3072 bytes
Windows Temp folder emptied: 0 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 56,09 mb
OTM by OldTimer - Version 3.0.0.6 log created on 09162009_024533
Files moved on Reboot...
Registry entries deleted on Reboot...
Toujours pas de réponse. Personne n'a la moindre idée ?
J'ai des trucs super importants sur cette clé et je ne sais pas où chercher.
Mes ports USB semblent fonctionner correctement. Le problème a l'air de venir de la clé mais elle est indétectable...
S'il vous plaît, aidez-moi.
J'ai des trucs super importants sur cette clé et je ne sais pas où chercher.
Mes ports USB semblent fonctionner correctement. Le problème a l'air de venir de la clé mais elle est indétectable...
S'il vous plaît, aidez-moi.
Salut.
Poste un nouveau Rsit.
Poste un nouveau Rsit.
Ok voici le rapport RSIT:
Logfile of random's system information tool 1.06 (written by random/random)
Run by Nino Cioli at 2009-09-22 17:32:15
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 61 GB (82%) free of 74 GB
Total RAM: 1015 MB (32% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:32:26, on 22/09/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16876)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Nero\Nero8\InCD\InCDsrv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Nero\Nero8\InCD\NBHRegInCDSrv.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe
C:\Program Files\EeePC\ACPI\AsEPCMon.exe
C:\Program Files\EeePC\ACPI\AsTray.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\lg_fwupdate\fwupdate.exe
C:\Program Files\Nero\Nero8\InCD\NBHGui.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\igfxext.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\ASUS\EeePC\Super Hybrid Engine\SuperHybridEngine.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\iTunes\iTunes.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceHelper.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\distnoted.exe
C:\Documents and Settings\Nino Cioli\Bureau\RSIT.exe
C:\Program Files\trend micro\Nino Cioli.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://runonce.msn.com/runonce3.aspx
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll (file missing)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (file missing)
O4 - HKLM\..\Run: [AsusACPIServer] C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe
O4 - HKLM\..\Run: [AsusEPCMonitor] C:\Program Files\EeePC\ACPI\AsEPCMon.exe
O4 - HKLM\..\Run: [AsusTray] C:\Program Files\EeePC\ACPI\AsTray.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SynAsusAcpi] C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\1.0"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [LGODDFU] "C:\Program Files\lg_fwupdate\fwupdate.exe" blrun
O4 - HKLM\..\Run: [SecurDisc] C:\Program Files\Nero\Nero8\InCD\NBHGui.exe
O4 - HKLM\..\Run: [UpdatePSTShortCut] "C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - S-1-5-18 Startup: OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe (User 'Default user')
O4 - Startup: OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: SuperHybridEngine.lnk = ?
O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Envoyer à Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.inoculer.com/antivirus/Msie/bitdefender.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InCD Helper (InCDsrvR) - Nero AG - C:\Program Files\Nero\Nero8\InCD\InCDsrv.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: Nero Registry InCD Service (NeroRegInCDSrv) - Nero AG - C:\Program Files\Nero\Nero8\InCD\NBHRegInCDSrv.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
Logfile of random's system information tool 1.06 (written by random/random)
Run by Nino Cioli at 2009-09-22 17:32:15
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 61 GB (82%) free of 74 GB
Total RAM: 1015 MB (32% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:32:26, on 22/09/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16876)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Nero\Nero8\InCD\InCDsrv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Nero\Nero8\InCD\NBHRegInCDSrv.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe
C:\Program Files\EeePC\ACPI\AsEPCMon.exe
C:\Program Files\EeePC\ACPI\AsTray.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\lg_fwupdate\fwupdate.exe
C:\Program Files\Nero\Nero8\InCD\NBHGui.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\igfxext.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\ASUS\EeePC\Super Hybrid Engine\SuperHybridEngine.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\iTunes\iTunes.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceHelper.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\distnoted.exe
C:\Documents and Settings\Nino Cioli\Bureau\RSIT.exe
C:\Program Files\trend micro\Nino Cioli.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://runonce.msn.com/runonce3.aspx
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll (file missing)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (file missing)
O4 - HKLM\..\Run: [AsusACPIServer] C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe
O4 - HKLM\..\Run: [AsusEPCMonitor] C:\Program Files\EeePC\ACPI\AsEPCMon.exe
O4 - HKLM\..\Run: [AsusTray] C:\Program Files\EeePC\ACPI\AsTray.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SynAsusAcpi] C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\1.0"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [LGODDFU] "C:\Program Files\lg_fwupdate\fwupdate.exe" blrun
O4 - HKLM\..\Run: [SecurDisc] C:\Program Files\Nero\Nero8\InCD\NBHGui.exe
O4 - HKLM\..\Run: [UpdatePSTShortCut] "C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - S-1-5-18 Startup: OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe (User 'Default user')
O4 - Startup: OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: SuperHybridEngine.lnk = ?
O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Envoyer à Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.inoculer.com/antivirus/Msie/bitdefender.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InCD Helper (InCDsrvR) - Nero AG - C:\Program Files\Nero\Nero8\InCD\InCDsrv.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: Nero Registry InCD Service (NeroRegInCDSrv) - Nero AG - C:\Program Files\Nero\Nero8\InCD\NBHRegInCDSrv.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
/!\ Désactive tous tes logiciels de protection /!\
• Télécharge ComboFix (de sUBs) sur ton Bureau.
• Fais un clic-droit sur ComboFix.exe ( pour vista : choisis "Exécuter en temps qu'administrateur".
• Ne touche à rien pendant le scan.
• Lorsque la recherche sera terminée, un rapport apparaîtra. Poste ce rapport (C:\Combofix.txt) dans ta prochaine réponse.
Tutoriel officiel de Combofix
Voici le rapport de Combo Fix:
ComboFix 09-09-21.04 - Nino Cioli 22/09/2009 18:16.5.2 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.33.1036.18.1015.432 [GMT 2:00]
Lancé depuis: c:\documents and settings\Nino Cioli\Mes documents\Téléchargements\ComboFix.exe
AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\program files\QUAD Utilities
.
((((((((((((((((((((((((((((( Fichiers créés du 2009-08-22 au 2009-09-22 ))))))))))))))))))))))))))))))))))))
.
2009-09-22 12:00 . 2008-02-15 10:49 184320 ----a-w- c:\windows\system32\igfxres.dll
2009-09-22 11:48 . 2009-09-22 11:48 -------- d-----w- c:\program files\7-Zip
2009-09-22 11:41 . 2008-02-15 11:21 147456 ----a-w- c:\windows\system32\igfxCoIn_v4926.dll
2009-09-22 11:40 . 2007-01-13 08:46 204800 ----a-w- c:\windows\system32\igfxCoIn_v4764.dll
2009-09-22 11:22 . 2009-09-22 11:22 -------- d-----w- c:\documents and settings\All Users\Application Data\QUAD Utilities
2009-09-22 11:13 . 2009-09-22 11:13 -------- d-----w- c:\program files\ma-config.com
2009-09-22 11:13 . 2009-09-22 11:13 -------- d-----w- c:\documents and settings\All Users\Application Data\ma-config.com
2009-09-22 10:58 . 2009-09-22 10:58 -------- d-----w- c:\documents and settings\All Users\Application Data\PC Drivers HeadQuarters
2009-09-22 09:18 . 2009-09-22 09:18 -------- d-----w- c:\documents and settings\Nino Cioli\Application Data\OpenOffice.org
2009-09-22 08:50 . 2009-09-22 08:50 -------- d-----w- c:\program files\JRE
2009-09-22 08:49 . 2009-09-22 08:50 -------- d-----w- c:\program files\OpenOffice.org 3
2009-09-22 08:49 . 2009-09-22 08:49 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-09-22 08:48 . 2009-09-22 08:48 -------- d-----w- c:\program files\Java
2009-09-21 17:56 . 2009-09-21 23:18 -------- d-----w- c:\program files\adslTV
2009-09-21 12:37 . 2009-09-21 12:37 -------- d-----w- C:\Casino
2009-09-16 00:45 . 2009-09-16 00:45 -------- d-----w- C:\_OTM
2009-09-15 18:40 . 2009-09-22 15:32 -------- d-----w- c:\program files\trend micro
2009-09-15 18:40 . 2009-09-15 18:40 -------- d-----w- C:\rsit
2009-09-15 16:44 . 2009-09-15 17:45 -------- d-----w- C:\UsbFix
2009-09-08 19:01 . 2009-09-08 19:01 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Apple
2009-09-07 23:30 . 2009-07-28 14:33 55656 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2009-09-07 23:30 . 2009-03-30 08:32 96104 ----a-w- c:\windows\system32\drivers\avipbb.sys
2009-09-07 23:30 . 2009-02-13 10:28 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys
2009-09-07 23:30 . 2009-02-13 10:17 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys
2009-09-07 23:30 . 2009-09-07 23:30 -------- d-----w- c:\program files\Avira
2009-09-07 23:30 . 2009-09-07 23:30 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira
2009-09-07 14:30 . 2009-09-08 10:26 -------- d-----w- C:\Backups
2009-09-07 14:18 . 2009-09-07 14:24 -------- d-----w- C:\CCM
2009-09-07 13:23 . 2009-09-08 10:17 -------- d-----w- c:\program files\SpywareGuard
2009-09-04 16:31 . 2009-09-08 10:26 -------- d-----w- c:\windows\ERUNT
2009-09-04 15:56 . 2009-09-04 15:56 -------- d-----w- c:\documents and settings\Administrateur\Application Data\Malwarebytes
2009-09-04 15:55 . 2009-09-04 15:55 -------- d-----w- c:\documents and settings\Administrateur\Local Settings\Application Data\Mozilla
2009-09-04 15:51 . 2009-09-04 15:51 -------- d-----w- c:\documents and settings\Nino Cioli\Application Data\Malwarebytes
2009-09-04 15:50 . 2009-09-04 15:50 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-09-03 22:55 . 2009-09-03 22:57 -------- d-----w- c:\windows\avxoscan
2009-09-03 22:51 . 2009-09-03 22:51 -------- d-----w- c:\windows\BDOSCAN8
2009-09-03 22:49 . 2009-09-03 22:49 -------- d-----w- c:\documents and settings\Nino Cioli\Local Settings\Application Data\Winamp Toolbar
2009-09-03 11:59 . 2009-09-04 10:14 -------- d-----w- c:\program files\C4U
2009-09-03 11:59 . 1997-11-19 13:49 303616 ----a-w- c:\windows\IsUninst.exe
2009-09-03 11:59 . 2009-09-03 11:59 -------- d-----w- c:\documents and settings\Nino Cioli\WINDOWS
2009-08-31 16:44 . 2009-08-31 16:44 -------- d-----w- c:\documents and settings\Nino Cioli\Application Data\dvdcss
2009-08-31 16:44 . 2009-09-21 18:09 -------- d-----w- c:\documents and settings\Nino Cioli\Application Data\vlc
2009-08-31 16:43 . 2009-08-31 16:43 -------- d-----w- c:\program files\VideoLAN
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-09-22 16:11 . 2009-05-12 21:31 76482 ----a-w- c:\windows\system32\perfc00C.dat
2009-09-22 16:11 . 2009-05-12 21:31 468608 ----a-w- c:\windows\system32\perfh00C.dat
2009-09-22 11:56 . 2009-05-12 19:55 -------- d-----w- c:\program files\Intel
2009-09-22 11:56 . 2009-05-12 20:04 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-09-22 10:59 . 2009-07-27 14:17 42952 ----a-w- c:\documents and settings\Nino Cioli\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-09-11 19:01 . 2009-07-28 21:51 -------- d-----w- c:\documents and settings\Nino Cioli\Application Data\Winamp
2009-08-27 09:46 . 2009-05-12 20:49 -------- d-----w- c:\program files\Fichiers communs\Adobe
2009-08-18 15:32 . 2009-05-12 20:04 5884416 ----a-w- c:\windows\system32\drivers\RtkHDAud.sys
2009-08-18 11:48 . 2009-05-12 20:05 348160 ----a-w- c:\windows\vncutil.exe
2009-08-18 11:44 . 2009-05-12 19:55 53248 ----a-w- c:\windows\system32\CSVer.dll
2009-08-14 12:08 . 2009-05-12 20:04 18702336 ----a-w- c:\windows\RTHDCPL.EXE
2009-08-07 13:13 . 2009-08-07 13:01 -------- d-----w- c:\documents and settings\Nino Cioli\Application Data\Apple Computer
2009-08-07 13:03 . 2009-08-07 12:58 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple
2009-08-07 13:00 . 2009-08-07 13:00 -------- d-----w- c:\program files\iTunes
2009-08-07 13:00 . 2009-08-07 13:00 -------- d-----w- c:\program files\iPod
2009-08-07 13:00 . 2009-08-07 12:58 -------- d-----w- c:\program files\Fichiers communs\Apple
2009-08-07 13:00 . 2009-08-07 12:59 -------- d-----w- c:\program files\QuickTime
2009-08-07 12:59 . 2009-08-07 12:59 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple Computer
2009-08-07 12:59 . 2009-08-07 12:59 -------- d-----w- c:\program files\Apple Software Update
2009-08-05 14:10 . 2009-05-12 20:04 831488 ----a-w- c:\windows\RtlExUpd.dll
2009-08-04 12:31 . 2009-05-12 20:04 2170880 ----a-w- c:\windows\MicCal.exe
2009-07-31 19:15 . 2009-07-31 19:15 -------- d-----w- c:\program files\MSXML 4.0
2009-07-31 17:26 . 2009-07-31 17:25 -------- d-----w- c:\program files\ZC2.10
2009-07-29 10:41 . 2009-07-28 13:57 -------- d-----w- c:\program files\lg_fwupdate
2009-07-28 21:53 . 2009-07-28 21:51 -------- d-----w- c:\program files\Winamp
2009-07-28 14:00 . 2009-07-28 13:45 -------- d-----w- c:\program files\CyberLink
2009-07-28 13:59 . 2009-07-28 13:54 -------- d-----w- c:\program files\Fichiers communs\Nero
2009-07-28 13:54 . 2009-07-28 13:54 -------- d-----w- c:\program files\Nero
2009-07-28 13:54 . 2009-07-28 13:54 -------- d-----w- c:\documents and settings\All Users\Application Data\Nero
2009-07-28 13:48 . 2009-07-28 13:44 -------- d-----w- c:\documents and settings\All Users\Application Data\Temp
2009-07-28 13:46 . 2009-07-28 13:46 -------- d-----w- c:\documents and settings\Nino Cioli\Application Data\CyberLink
2009-07-28 13:44 . 2009-07-28 13:44 -------- d-----w- c:\documents and settings\All Users\Application Data\CyberLink
2009-07-27 14:19 . 2009-07-27 14:19 0 ----a-w- c:\windows\nsreg.dat
2009-07-27 13:09 . 2009-04-28 01:59 44032 ----a-w- c:\windows\system32\drivers\l1c51x86.sys
2009-07-21 14:40 . 2009-05-12 20:04 41472 ----a-w- c:\windows\system32\RtkCoInstXP.dll
2009-07-09 10:16 . 2009-08-07 12:59 39424 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2009-07-09 10:16 . 2009-08-07 12:59 2060288 ----a-w- c:\windows\system32\usbaaplrc.dll
2009-06-29 15:57 . 2009-05-12 21:31 827392 ------w- c:\windows\system32\wininet.dll
2009-06-29 15:57 . 2009-05-12 21:31 78336 ----a-w- c:\windows\system32\ieencode.dll
2009-06-29 15:57 . 2009-05-12 21:31 17408 ----a-w- c:\windows\system32\corpol.dll
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\NBHShellExt]
@="{8D2223A2-B3C6-4e32-B096-CDD11F628C60}"
[HKEY_CLASSES_ROOT\CLSID\{8D2223A2-B3C6-4e32-B096-CDD11F628C60}]
2008-02-28 15:39 97064 ----a-w- c:\program files\Nero\Nero8\InCD\NBHShx.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-13 1695232]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885408]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AsusACPIServer"="c:\program files\EeePC\ACPI\AsAcpiSvr.exe" [2009-04-16 630784]
"AsusEPCMonitor"="c:\program files\EeePC\ACPI\AsEPCMon.exe" [2009-03-13 98304]
"AsusTray"="c:\program files\EeePC\ACPI\AsTray.exe" [2009-04-16 118784]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-03-06 1434920]
"SynAsusAcpi"="c:\program files\Synaptics\SynTP\SynAsusAcpi.exe" [2009-03-06 79144]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2007-03-14 71216]
"LanguageShortcut"="c:\program files\CyberLink\PowerDVD\Language\Language.exe" [2007-01-08 52256]
"UCam_Menu"="c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2008-12-03 218408]
"NeroFilterCheck"="c:\program files\Fichiers communs\Nero\Lib\NeroCheck.exe" [2009-03-10 570664]
"LGODDFU"="c:\program files\lg_fwupdate\fwupdate.exe" [2008-10-01 548864]
"SecurDisc"="c:\program files\Nero\Nero8\InCD\NBHGui.exe" [2008-02-28 2049320]
"UpdatePSTShortCut"="c:\program files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" [2009-04-07 210216]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2009-07-01 37888]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-05-26 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-07-13 292128]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-14 39792]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-09-22 149280]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-02-15 135168]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-15 159744]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-15 131072]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-04 186904]
"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.EXE [2009-08-14 18702336]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\Nino Cioli\Menu D‚marrer\Programmes\D‚marrage\
OpenOffice.org 3.1.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2009-8-18 384000]
c:\documents and settings\Nino Cioli\Menu D‚marrer\Programmes\D‚marrage\
OpenOffice.org 3.1.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2009-8-18 384000]
c:\documents and settings\Nino Cioli\Menu D‚marrer\Programmes\D‚marrage\
OpenOffice.org 3.1.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2009-8-18 384000]
c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
SuperHybridEngine.lnk - c:\program files\ASUS\EeePC\Super Hybrid Engine\SuperHybridEngine.exe [2009-5-12 376832]
c:\documents and settings\Nino Cioli\Menu D‚marrer\Programmes\D‚marrage\
OpenOffice.org 3.1.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2009-8-18 384000]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"2432:TCP"= 2432:TCP:yxavcvq
R2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\Avira\AntiVir Desktop\sched.exe [08/09/2009 01:30 108289]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [12/05/2009 22:58 55152]
R2 NeroRegInCDSrv;Nero Registry InCD Service;c:\program files\Nero\Nero8\InCD\NBHRegInCDSrv.exe [28/02/2008 17:39 53032]
R3 AsusACPI;ASUS ACPI Driver;c:\windows\system32\drivers\ASUSACPI.SYS [12/05/2009 22:08 10752]
R3 L1c;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller;c:\windows\system32\drivers\l1c51x86.sys [28/04/2009 03:59 44032]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [12/05/2009 22:04 1684736]
S3 fsssvc;Windows Live Contrôle parental;c:\program files\Windows Live\Family Safety\fsssvc.exe [06/02/2009 18:08 533360]
S3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\maconfservice.exe [01/09/2009 08:07 234864]
S3 RT80x86;Ralink 802.11n Wireless Driver;c:\windows\system32\drivers\rt2860.sys [12/05/2009 22:06 966912]
S3 SRS_PremiumSound_Service;SRS Labs Premium Sound;c:\windows\system32\drivers\SRS_PremiumSound_i386.sys [12/05/2009 23:14 232872]
S3 uvclf;uvclf;c:\windows\system32\drivers\uvclf.sys [28/04/2009 07:47 39040]
.
Contenu du dossier 'Tâches planifiées'
2009-09-08 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]
.
.
------- Examen supplémentaire -------
.
IE: &Winamp Search - c:\documents and settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Envoyer au périphérique &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Envoyer à Bluetooth - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - hxxp://www.zebulon.fr/scan8/oscan8.cab
FF - ProfilePath - c:\documents and settings\Nino Cioli\Application Data\Mozilla\Firefox\Profiles\9bst3ivl.default\
FF - plugin: c:\program files\ma-config.com\nphardwaredetection.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
.
- - - - ORPHELINS SUPPRIMES - - - -
AddRemove-Winamp Toolbar - c:\program files\Winamp Toolbar\uninstall.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-09-22 18:24
Windows 5.1.2600 Service Pack 3 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
.
--------------------- DLLs chargées dans les processus actifs ---------------------
- - - - - - - > 'explorer.exe'(1100)
c:\program files\Nero\Nero8\InCD\NBHShx.dll
c:\program files\Nero\Nero8\InCD\NBHStr.dll
c:\program files\Fichiers communs\Nero\Shared\NL3\AdvrCntr3.dll
c:\program files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.dll
c:\program files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.FRA
c:\windows\system32\eappprxy.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Heure de fin: 2009-09-22 18:26
ComboFix-quarantined-files.txt 2009-09-22 16:26
Avant-CF: 63 809 228 800 octets libres
Après-CF: 63 826 989 056 octets libres
WindowsXP-KB310994-SP2-Home-BootDisk-FRA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP dition familiale" /noexecute=optin /fastdetect
224 --- E O F --- 2009-07-31 19:16
ComboFix 09-09-21.04 - Nino Cioli 22/09/2009 18:16.5.2 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.33.1036.18.1015.432 [GMT 2:00]
Lancé depuis: c:\documents and settings\Nino Cioli\Mes documents\Téléchargements\ComboFix.exe
AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\program files\QUAD Utilities
.
((((((((((((((((((((((((((((( Fichiers créés du 2009-08-22 au 2009-09-22 ))))))))))))))))))))))))))))))))))))
.
2009-09-22 12:00 . 2008-02-15 10:49 184320 ----a-w- c:\windows\system32\igfxres.dll
2009-09-22 11:48 . 2009-09-22 11:48 -------- d-----w- c:\program files\7-Zip
2009-09-22 11:41 . 2008-02-15 11:21 147456 ----a-w- c:\windows\system32\igfxCoIn_v4926.dll
2009-09-22 11:40 . 2007-01-13 08:46 204800 ----a-w- c:\windows\system32\igfxCoIn_v4764.dll
2009-09-22 11:22 . 2009-09-22 11:22 -------- d-----w- c:\documents and settings\All Users\Application Data\QUAD Utilities
2009-09-22 11:13 . 2009-09-22 11:13 -------- d-----w- c:\program files\ma-config.com
2009-09-22 11:13 . 2009-09-22 11:13 -------- d-----w- c:\documents and settings\All Users\Application Data\ma-config.com
2009-09-22 10:58 . 2009-09-22 10:58 -------- d-----w- c:\documents and settings\All Users\Application Data\PC Drivers HeadQuarters
2009-09-22 09:18 . 2009-09-22 09:18 -------- d-----w- c:\documents and settings\Nino Cioli\Application Data\OpenOffice.org
2009-09-22 08:50 . 2009-09-22 08:50 -------- d-----w- c:\program files\JRE
2009-09-22 08:49 . 2009-09-22 08:50 -------- d-----w- c:\program files\OpenOffice.org 3
2009-09-22 08:49 . 2009-09-22 08:49 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-09-22 08:48 . 2009-09-22 08:48 -------- d-----w- c:\program files\Java
2009-09-21 17:56 . 2009-09-21 23:18 -------- d-----w- c:\program files\adslTV
2009-09-21 12:37 . 2009-09-21 12:37 -------- d-----w- C:\Casino
2009-09-16 00:45 . 2009-09-16 00:45 -------- d-----w- C:\_OTM
2009-09-15 18:40 . 2009-09-22 15:32 -------- d-----w- c:\program files\trend micro
2009-09-15 18:40 . 2009-09-15 18:40 -------- d-----w- C:\rsit
2009-09-15 16:44 . 2009-09-15 17:45 -------- d-----w- C:\UsbFix
2009-09-08 19:01 . 2009-09-08 19:01 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Apple
2009-09-07 23:30 . 2009-07-28 14:33 55656 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2009-09-07 23:30 . 2009-03-30 08:32 96104 ----a-w- c:\windows\system32\drivers\avipbb.sys
2009-09-07 23:30 . 2009-02-13 10:28 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys
2009-09-07 23:30 . 2009-02-13 10:17 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys
2009-09-07 23:30 . 2009-09-07 23:30 -------- d-----w- c:\program files\Avira
2009-09-07 23:30 . 2009-09-07 23:30 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira
2009-09-07 14:30 . 2009-09-08 10:26 -------- d-----w- C:\Backups
2009-09-07 14:18 . 2009-09-07 14:24 -------- d-----w- C:\CCM
2009-09-07 13:23 . 2009-09-08 10:17 -------- d-----w- c:\program files\SpywareGuard
2009-09-04 16:31 . 2009-09-08 10:26 -------- d-----w- c:\windows\ERUNT
2009-09-04 15:56 . 2009-09-04 15:56 -------- d-----w- c:\documents and settings\Administrateur\Application Data\Malwarebytes
2009-09-04 15:55 . 2009-09-04 15:55 -------- d-----w- c:\documents and settings\Administrateur\Local Settings\Application Data\Mozilla
2009-09-04 15:51 . 2009-09-04 15:51 -------- d-----w- c:\documents and settings\Nino Cioli\Application Data\Malwarebytes
2009-09-04 15:50 . 2009-09-04 15:50 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-09-03 22:55 . 2009-09-03 22:57 -------- d-----w- c:\windows\avxoscan
2009-09-03 22:51 . 2009-09-03 22:51 -------- d-----w- c:\windows\BDOSCAN8
2009-09-03 22:49 . 2009-09-03 22:49 -------- d-----w- c:\documents and settings\Nino Cioli\Local Settings\Application Data\Winamp Toolbar
2009-09-03 11:59 . 2009-09-04 10:14 -------- d-----w- c:\program files\C4U
2009-09-03 11:59 . 1997-11-19 13:49 303616 ----a-w- c:\windows\IsUninst.exe
2009-09-03 11:59 . 2009-09-03 11:59 -------- d-----w- c:\documents and settings\Nino Cioli\WINDOWS
2009-08-31 16:44 . 2009-08-31 16:44 -------- d-----w- c:\documents and settings\Nino Cioli\Application Data\dvdcss
2009-08-31 16:44 . 2009-09-21 18:09 -------- d-----w- c:\documents and settings\Nino Cioli\Application Data\vlc
2009-08-31 16:43 . 2009-08-31 16:43 -------- d-----w- c:\program files\VideoLAN
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-09-22 16:11 . 2009-05-12 21:31 76482 ----a-w- c:\windows\system32\perfc00C.dat
2009-09-22 16:11 . 2009-05-12 21:31 468608 ----a-w- c:\windows\system32\perfh00C.dat
2009-09-22 11:56 . 2009-05-12 19:55 -------- d-----w- c:\program files\Intel
2009-09-22 11:56 . 2009-05-12 20:04 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-09-22 10:59 . 2009-07-27 14:17 42952 ----a-w- c:\documents and settings\Nino Cioli\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-09-11 19:01 . 2009-07-28 21:51 -------- d-----w- c:\documents and settings\Nino Cioli\Application Data\Winamp
2009-08-27 09:46 . 2009-05-12 20:49 -------- d-----w- c:\program files\Fichiers communs\Adobe
2009-08-18 15:32 . 2009-05-12 20:04 5884416 ----a-w- c:\windows\system32\drivers\RtkHDAud.sys
2009-08-18 11:48 . 2009-05-12 20:05 348160 ----a-w- c:\windows\vncutil.exe
2009-08-18 11:44 . 2009-05-12 19:55 53248 ----a-w- c:\windows\system32\CSVer.dll
2009-08-14 12:08 . 2009-05-12 20:04 18702336 ----a-w- c:\windows\RTHDCPL.EXE
2009-08-07 13:13 . 2009-08-07 13:01 -------- d-----w- c:\documents and settings\Nino Cioli\Application Data\Apple Computer
2009-08-07 13:03 . 2009-08-07 12:58 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple
2009-08-07 13:00 . 2009-08-07 13:00 -------- d-----w- c:\program files\iTunes
2009-08-07 13:00 . 2009-08-07 13:00 -------- d-----w- c:\program files\iPod
2009-08-07 13:00 . 2009-08-07 12:58 -------- d-----w- c:\program files\Fichiers communs\Apple
2009-08-07 13:00 . 2009-08-07 12:59 -------- d-----w- c:\program files\QuickTime
2009-08-07 12:59 . 2009-08-07 12:59 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple Computer
2009-08-07 12:59 . 2009-08-07 12:59 -------- d-----w- c:\program files\Apple Software Update
2009-08-05 14:10 . 2009-05-12 20:04 831488 ----a-w- c:\windows\RtlExUpd.dll
2009-08-04 12:31 . 2009-05-12 20:04 2170880 ----a-w- c:\windows\MicCal.exe
2009-07-31 19:15 . 2009-07-31 19:15 -------- d-----w- c:\program files\MSXML 4.0
2009-07-31 17:26 . 2009-07-31 17:25 -------- d-----w- c:\program files\ZC2.10
2009-07-29 10:41 . 2009-07-28 13:57 -------- d-----w- c:\program files\lg_fwupdate
2009-07-28 21:53 . 2009-07-28 21:51 -------- d-----w- c:\program files\Winamp
2009-07-28 14:00 . 2009-07-28 13:45 -------- d-----w- c:\program files\CyberLink
2009-07-28 13:59 . 2009-07-28 13:54 -------- d-----w- c:\program files\Fichiers communs\Nero
2009-07-28 13:54 . 2009-07-28 13:54 -------- d-----w- c:\program files\Nero
2009-07-28 13:54 . 2009-07-28 13:54 -------- d-----w- c:\documents and settings\All Users\Application Data\Nero
2009-07-28 13:48 . 2009-07-28 13:44 -------- d-----w- c:\documents and settings\All Users\Application Data\Temp
2009-07-28 13:46 . 2009-07-28 13:46 -------- d-----w- c:\documents and settings\Nino Cioli\Application Data\CyberLink
2009-07-28 13:44 . 2009-07-28 13:44 -------- d-----w- c:\documents and settings\All Users\Application Data\CyberLink
2009-07-27 14:19 . 2009-07-27 14:19 0 ----a-w- c:\windows\nsreg.dat
2009-07-27 13:09 . 2009-04-28 01:59 44032 ----a-w- c:\windows\system32\drivers\l1c51x86.sys
2009-07-21 14:40 . 2009-05-12 20:04 41472 ----a-w- c:\windows\system32\RtkCoInstXP.dll
2009-07-09 10:16 . 2009-08-07 12:59 39424 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2009-07-09 10:16 . 2009-08-07 12:59 2060288 ----a-w- c:\windows\system32\usbaaplrc.dll
2009-06-29 15:57 . 2009-05-12 21:31 827392 ------w- c:\windows\system32\wininet.dll
2009-06-29 15:57 . 2009-05-12 21:31 78336 ----a-w- c:\windows\system32\ieencode.dll
2009-06-29 15:57 . 2009-05-12 21:31 17408 ----a-w- c:\windows\system32\corpol.dll
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\NBHShellExt]
@="{8D2223A2-B3C6-4e32-B096-CDD11F628C60}"
[HKEY_CLASSES_ROOT\CLSID\{8D2223A2-B3C6-4e32-B096-CDD11F628C60}]
2008-02-28 15:39 97064 ----a-w- c:\program files\Nero\Nero8\InCD\NBHShx.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-13 1695232]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885408]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AsusACPIServer"="c:\program files\EeePC\ACPI\AsAcpiSvr.exe" [2009-04-16 630784]
"AsusEPCMonitor"="c:\program files\EeePC\ACPI\AsEPCMon.exe" [2009-03-13 98304]
"AsusTray"="c:\program files\EeePC\ACPI\AsTray.exe" [2009-04-16 118784]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-03-06 1434920]
"SynAsusAcpi"="c:\program files\Synaptics\SynTP\SynAsusAcpi.exe" [2009-03-06 79144]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2007-03-14 71216]
"LanguageShortcut"="c:\program files\CyberLink\PowerDVD\Language\Language.exe" [2007-01-08 52256]
"UCam_Menu"="c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2008-12-03 218408]
"NeroFilterCheck"="c:\program files\Fichiers communs\Nero\Lib\NeroCheck.exe" [2009-03-10 570664]
"LGODDFU"="c:\program files\lg_fwupdate\fwupdate.exe" [2008-10-01 548864]
"SecurDisc"="c:\program files\Nero\Nero8\InCD\NBHGui.exe" [2008-02-28 2049320]
"UpdatePSTShortCut"="c:\program files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" [2009-04-07 210216]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2009-07-01 37888]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-05-26 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-07-13 292128]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-14 39792]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-09-22 149280]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-02-15 135168]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-15 159744]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-15 131072]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-04 186904]
"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.EXE [2009-08-14 18702336]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\Nino Cioli\Menu D‚marrer\Programmes\D‚marrage\
OpenOffice.org 3.1.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2009-8-18 384000]
c:\documents and settings\Nino Cioli\Menu D‚marrer\Programmes\D‚marrage\
OpenOffice.org 3.1.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2009-8-18 384000]
c:\documents and settings\Nino Cioli\Menu D‚marrer\Programmes\D‚marrage\
OpenOffice.org 3.1.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2009-8-18 384000]
c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
SuperHybridEngine.lnk - c:\program files\ASUS\EeePC\Super Hybrid Engine\SuperHybridEngine.exe [2009-5-12 376832]
c:\documents and settings\Nino Cioli\Menu D‚marrer\Programmes\D‚marrage\
OpenOffice.org 3.1.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2009-8-18 384000]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"2432:TCP"= 2432:TCP:yxavcvq
R2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\Avira\AntiVir Desktop\sched.exe [08/09/2009 01:30 108289]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [12/05/2009 22:58 55152]
R2 NeroRegInCDSrv;Nero Registry InCD Service;c:\program files\Nero\Nero8\InCD\NBHRegInCDSrv.exe [28/02/2008 17:39 53032]
R3 AsusACPI;ASUS ACPI Driver;c:\windows\system32\drivers\ASUSACPI.SYS [12/05/2009 22:08 10752]
R3 L1c;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller;c:\windows\system32\drivers\l1c51x86.sys [28/04/2009 03:59 44032]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [12/05/2009 22:04 1684736]
S3 fsssvc;Windows Live Contrôle parental;c:\program files\Windows Live\Family Safety\fsssvc.exe [06/02/2009 18:08 533360]
S3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\maconfservice.exe [01/09/2009 08:07 234864]
S3 RT80x86;Ralink 802.11n Wireless Driver;c:\windows\system32\drivers\rt2860.sys [12/05/2009 22:06 966912]
S3 SRS_PremiumSound_Service;SRS Labs Premium Sound;c:\windows\system32\drivers\SRS_PremiumSound_i386.sys [12/05/2009 23:14 232872]
S3 uvclf;uvclf;c:\windows\system32\drivers\uvclf.sys [28/04/2009 07:47 39040]
.
Contenu du dossier 'Tâches planifiées'
2009-09-08 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]
.
.
------- Examen supplémentaire -------
.
IE: &Winamp Search - c:\documents and settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Envoyer au périphérique &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Envoyer à Bluetooth - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - hxxp://www.zebulon.fr/scan8/oscan8.cab
FF - ProfilePath - c:\documents and settings\Nino Cioli\Application Data\Mozilla\Firefox\Profiles\9bst3ivl.default\
FF - plugin: c:\program files\ma-config.com\nphardwaredetection.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
.
- - - - ORPHELINS SUPPRIMES - - - -
AddRemove-Winamp Toolbar - c:\program files\Winamp Toolbar\uninstall.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-09-22 18:24
Windows 5.1.2600 Service Pack 3 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
.
--------------------- DLLs chargées dans les processus actifs ---------------------
- - - - - - - > 'explorer.exe'(1100)
c:\program files\Nero\Nero8\InCD\NBHShx.dll
c:\program files\Nero\Nero8\InCD\NBHStr.dll
c:\program files\Fichiers communs\Nero\Shared\NL3\AdvrCntr3.dll
c:\program files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.dll
c:\program files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.FRA
c:\windows\system32\eappprxy.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Heure de fin: 2009-09-22 18:26
ComboFix-quarantined-files.txt 2009-09-22 16:26
Avant-CF: 63 809 228 800 octets libres
Après-CF: 63 826 989 056 octets libres
WindowsXP-KB310994-SP2-Home-BootDisk-FRA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP dition familiale" /noexecute=optin /fastdetect
224 --- E O F --- 2009-07-31 19:16
