Rapport USB fix

mil17 -  
moment de grace Messages postés 29099 Date d'inscription   Statut Contributeur sécurité Dernière intervention   -
Bonjour à tous,
j'ai effectué la recherche avec usb fix et voici le rapport :
merci de votre aide

############################## | UsbFix V6.073 |

Update on 09/01/2010 by El Desaparecido , C_XX & Chimay8
Start at: 21:13:46 | 11/01/2010
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com

Intel(R) Core(TM)2 CPU T5500 @ 1.66GHz
Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 3
Internet Explorer 6.0.2900.5512
Windows Firewall Status : Disabled
AV : Norton AntiVirus 15.5.0.23 [ Enabled | Updated ]
FW : Norton AntiVirus[ Enabled ]15.5.0.23

C:\ -> Disque fixe local # 111,78 Go (48,2 Go free) # NTFS
D:\ -> Disque CD-ROM
E:\ -> Disque CD-ROM # 3,08 Go (0 Mo free) [DV_L900EN10] # CDFS
F:\ -> Disque amovible # 7,52 Go (1,75 Go free) [PHILIPS UFD] # FAT32
G:\ -> Disque amovible # 3,85 Go (350,54 Mo free) [KINGSTON] # FAT32
H:\ -> Disque fixe local # 465,7 Go (28,97 Go free) [MIMILDISQUE] # FAT32

############################## | Processus actifs |

C:\WINDOWS\System32\smss.exe 1228
C:\WINDOWS\system32\csrss.exe 1288
C:\WINDOWS\system32\winlogon.exe 1316
C:\WINDOWS\system32\services.exe 1372
C:\WINDOWS\system32\lsass.exe 1384
C:\WINDOWS\system32\svchost.exe 1560
C:\WINDOWS\system32\svchost.exe 1660
C:\WINDOWS\System32\svchost.exe 1700
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe 1792
C:\WINDOWS\system32\svchost.exe 1956
C:\WINDOWS\system32\svchost.exe 2020
C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe 320
C:\WINDOWS\system32\spoolsv.exe 948
C:\WINDOWS\system32\svchost.exe 1116
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe 1788
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe 1804
C:\Program Files\Bonjour\mDNSResponder.exe 1648
C:\WINDOWS\eHome\ehRecvr.exe 1944
C:\WINDOWS\eHome\ehSched.exe 192
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe 184
C:\Program Files\Java\jre6\bin\jqs.exe 712
C:\WINDOWS\system32\nvsvc32.exe 912
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe 996
C:\Program Files\SolidWorks\COSMOSFloWorks\FloWorks\binCFW\StandAloneSlv.exe 1064
C:\Program Files\Dell Support Center\bin\sprtsvc.exe 2244
C:\WINDOWS\system32\svchost.exe 2304
C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe 2344
C:\WINDOWS\system32\svchost.exe 2436
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe 2472
C:\WINDOWS\ehome\mcrdsvc.exe 2604
C:\WINDOWS\system32\dllhost.exe 2988
C:\WINDOWS\system32\wbem\wmiapsrv.exe 3080
C:\WINDOWS\System32\alg.exe 3136
C:\WINDOWS\system32\wbem\wmiprvse.exe 3172
C:\WINDOWS\ehome\ehtray.exe 3364
C:\WINDOWS\system32\rundll32.exe 3436
C:\WINDOWS\system32\RUNDLL32.EXE 3452
C:\WINDOWS\eHome\ehmsas.exe 3480
C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe 3516
C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe 3592
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe 3652
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe 3740
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe 3776
C:\Program Files\Fichiers communs\Gestionnaire d'installation SolidWorks\Scheduler\sldIMScheduler.exe 3864
C:\Program Files\Java\jre6\bin\jusched.exe 3904
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe 3948
C:\Program Files\iTunes\iTunesHelper.exe 628
C:\WINDOWS\system32\ctfmon.exe 1016
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe 1548
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe 3300
C:\Program Files\SolidWorks\SolidWorks\swScheduler\swBOEngine.exe 3512
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe 2408
C:\WINDOWS\System32\svchost.exe 3484
C:\Program Files\iPod\bin\iPodService.exe 1332
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe 1056
C:\DOCUME~1\Emile\LOCALS~1\Temp\SolidWorksLicTemp.0001 3700
C:\Program Files\Fichiers communs\SolidWorks Shared\Service\SolidWorksLicensing.exe 2088
C:\PROGRA~1\FICHIE~1\SYMANT~1\CCPD-LC\symlcsvc.exe 2608
C:\Program Files\Mozilla Firefox\firefox.exe 2520
C:\WINDOWS\explorer.exe 3388
C:\WINDOWS\system32\wbem\wmiprvse.exe 464

################## | Elements infectieux |

E:\autorun.inf
F:\e9naq.exe

################## | Registre |

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "cdoosoft"

################## | Mountpoints2 |

HKCU\..\..\Explorer\MountPoints2\{53a9922c-dea8-11de-bb15-00188bac6378}
Shell\AutoRun\command =F:\AurLaunch\LaunchScreen.exe

HKCU\..\..\Explorer\MountPoints2\{577ff9bd-e336-11de-bb19-00188bac6378}
Shell\AutoRun\command =F:\2id9.exe
Shell\open\Command =F:\2id9.exe

HKCU\..\..\Explorer\MountPoints2\{577ff9c0-e336-11de-bb19-00188bac6378}
Shell\AutoRun\command =F:\2id9.exe
Shell\open\Command =F:\2id9.exe

HKCU\..\..\Explorer\MountPoints2\{5c93f4a8-ddb1-11de-bb11-00188bac6378}
Shell\AutoRun\command =F:\Memorybar.exe

HKCU\..\..\Explorer\MountPoints2\{5c93f4a9-ddb1-11de-bb11-00188bac6378}
Shell\AutoRun\command =G:\q3kku.exe
Shell\open\Command =G:\q3kku.exe

################## | Cracks > Keygens > Serials |

"H:\Sauvegarde\Norton antivirus 2008 15.5.0.23 license 3 years EDGE\keygen_noUPX.exe"
01/09/2009 21:46 |Size 172032 |Crc32 7d560217 |Md5 d32d0321660d1db330311d2e75e56c76

"H:\Sauvegarde\AVS Video Converter v6.3.1.367 + Crack [RH]\AVS Video Converter v6.3.1.367\AVSVideoConverter.6.3.1.367.exe"
04/07/2009 06:04 |Size 47799280 |Crc32 5ffc4c32 |Md5 c2c932071581d85cfd2ee8d067073018

"H:\Sauvegarde\AVS Video Converter v6.3.1.367 + Crack [RH]\AVS Video Converter v6.3.1.367\Crack\AVSVideoConverter.exe"
05/07/2009 03:10 |Size 10938440 |Crc32 f20db4a0 |Md5 ff1dfdd0e18887d2bea92c2d48ee82f6

"H:\LOGICIEL\Ahead.Nero.v7.7.5.1.Multilingual.Incl.Keymaker-EMBRACE\keygen.exe"
12/03/2007 14:03 |Size 118784 |Crc32 52ce3b97 |Md5 a2fcfa38b381163e372a3f195541a848

"H:\Sauvegarde\Ulead.PhotoImpact.12 fr+ Crack+Patch+Addons.zip"
-> Contain : Patch.exe 10240 DFLT-F 46% 5576 02-10-2006 20:13:48 f7636727

"H:\Sauvegarde\Ulead.PhotoImpact.12 fr+ Crack+Patch+Addons.zip"
-> Contain : upi12_tbyb_(f).exe

"H:\Sauvegarde\Ulead.PhotoImpact.12 fr+ Crack+Patch+Addons.zip"
-> Contain : crack\Iedit.exe

"H:\Sauvegarde\Ulead.PhotoImpact.12 fr+ Crack+Patch+Addons.zip"
-> Contain : crack\Iedit_.exe

"H:\Sauvegarde\AVS Video Converter v6.3.1.367 + Crack [RH]\AVS.VC.6.3.1.367_[RH].rar"
-> contain : AVS Video Converter v6.3.1.367\AVSVideoConverter.6.3.1.367.exe

"H:\Sauvegarde\AVS Video Converter v6.3.1.367 + Crack [RH]\AVS.VC.6.3.1.367_[RH].rar"
-> contain : AVS Video Converter v6.3.1.367\Crack\AVSVideoConverter.exe

################## | ! Fin du rapport # UsbFix V6.073 ! |
Configuration: Windows XP
Firefox 3.5.6

13 réponses

  1. moment de grace Messages postés 29099 Date d'inscription   Statut Contributeur sécurité Dernière intervention   2 274
     
    bonjour

    ● Relance UsbFix

    ● Dans le menu principale cette fois choisit l'option2

    Le menu démarrer et les icônes vont à nouveau disparaître.. c'est normal.

    Si un message te demande de redémarrer l'ordinateur fais le ...

    ● Au redémarrage, le fix se relance... laisses l'opération s'effectuer.

    ● Le bloc note s'ouvre avec un rapport, envoies le dans la prochaine réponse

    UsbFix peut te demander d'uploader un dossier compressé à cette adresse : https://www.ionos.fr/?affiliate_id=77097

    Il est enregistré sur ton bureau.

    Merci de l'envoyer à l'adresse indiquée afin d'aider l'auteur de UsbFix dans ses recherches.

    Merci

    ..................

    ensuite

    • Télécharge Random's System Information Tool (RSIT) de Random/Random.

    http://images.malwareremoval.com/random/RSIT.exe

    • Enregistre le sur ton Bureau.

    • Double clique sur RSIT.exe pour lancer l'outil.

    • Clique sur "Continue" à l'écran Disclaimer.

    • Si l'outil HijackThis n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu s'il te le demande)

    et tu devras accepter la licence.

    • Une fois le scan terminé, deux rapports vont apparaître : poste les dans deux messages séparés stp

    Les rapports se trouvent à cet endroit:
    C:\rsit\info.txt
    C:\rsit\log.txt

    0
  2. mil17
     
    ok, merci de la réponse, je fais la démarche et je poste le prochain rapport.
    0
  3. mil17
     
    voilà j'ai fini la démarche 2 voici le nouveau rapport :

    ntel(R) Core(TM)2 CPU T5500 @ 1.66GHz
    Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 3
    Internet Explorer 6.0.2900.5512
    Windows Firewall Status : Disabled
    AV : Norton AntiVirus 15.5.0.23 [ Enabled | Updated ]
    FW : Norton AntiVirus[ Enabled ]15.5.0.23

    C:\ -> Disque fixe local # 111,78 Go (48,17 Go free) # NTFS
    D:\ -> Disque CD-ROM
    E:\ -> Disque CD-ROM
    F:\ -> Disque amovible # 7,52 Go (1,75 Go free) [PHILIPS UFD] # FAT32
    G:\ -> Disque amovible # 3,85 Go (350,54 Mo free) [KINGSTON] # FAT32

    ############################## | Processus actifs |

    C:\WINDOWS\System32\smss.exe 1220
    C:\WINDOWS\system32\csrss.exe 1288
    C:\WINDOWS\system32\winlogon.exe 1324
    C:\WINDOWS\system32\services.exe 1368
    C:\WINDOWS\system32\lsass.exe 1380
    C:\WINDOWS\system32\svchost.exe 1528
    C:\WINDOWS\system32\svchost.exe 1616
    C:\WINDOWS\System32\svchost.exe 1676
    C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe 1920
    C:\WINDOWS\system32\svchost.exe 1964
    C:\WINDOWS\system32\svchost.exe 1996
    C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe 308
    C:\WINDOWS\system32\spoolsv.exe 1012
    C:\WINDOWS\system32\svchost.exe 1116
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe 1448
    C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe 1384
    C:\Program Files\Bonjour\mDNSResponder.exe 1748
    C:\WINDOWS\eHome\ehRecvr.exe 1896
    C:\WINDOWS\eHome\ehSched.exe 1952
    C:\Program Files\Intel\Wireless\Bin\EvtEng.exe 192
    C:\Program Files\Google\Update\GoogleUpdate.exe 712
    C:\WINDOWS\Explorer.EXE 776
    C:\Program Files\Google\Update\GoogleUpdate.exe 788
    C:\Program Files\Java\jre6\bin\jqs.exe 944
    C:\WINDOWS\system32\nvsvc32.exe 2120
    C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe 2140
    C:\Program Files\SolidWorks\COSMOSFloWorks\FloWorks\binCFW\StandAloneSlv.exe 2152
    C:\Program Files\Dell Support Center\bin\sprtsvc.exe 2216
    C:\WINDOWS\system32\svchost.exe 2304
    C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe 2344
    C:\WINDOWS\system32\svchost.exe 2428
    C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe 2464
    C:\WINDOWS\ehome\mcrdsvc.exe 2512
    C:\WINDOWS\system32\wuauclt.exe 2960
    C:\WINDOWS\system32\dllhost.exe 3192
    C:\WINDOWS\system32\wbem\wmiprvse.exe 3400
    C:\WINDOWS\System32\alg.exe 3492
    C:\WINDOWS\system32\wbem\wmiapsrv.exe 3604
    C:\WINDOWS\system32\wbem\wmiprvse.exe 3632

    ################## | Elements infectieux |

    Supprimé ! C:\Recycler\S-1-5-21-117609710-1580436667-839522115-1003
    Supprimé ! F:\e9naq.exe

    ################## | Registre |

    Supprimé ! [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "cdoosoft"

    ################## | Mountpoints2 |

    Supprimé ! HKCU\...\Explorer\MountPoints2\{53a9922c-dea8-11de-bb15-00188bac6378}\Shell\AutoRun\Command
    Supprimé ! HKCU\...\Explorer\MountPoints2\{577ff9bd-e336-11de-bb19-00188bac6378}\Shell\AutoRun\Command
    Supprimé ! HKCU\...\Explorer\MountPoints2\{577ff9c0-e336-11de-bb19-00188bac6378}\Shell\AutoRun\Command
    Supprimé ! HKCU\...\Explorer\MountPoints2\{5c93f4a8-ddb1-11de-bb11-00188bac6378}\Shell\AutoRun\Command
    Supprimé ! HKCU\...\Explorer\MountPoints2\{5c93f4a9-ddb1-11de-bb11-00188bac6378}\Shell\AutoRun\Command

    ################## | Listing des fichiers présent |

    [04/11/2009 20:53|--a------|0] C:\AUTOEXEC.BAT
    [04/11/2009 20:43|---hs----|209] C:\boot.ini
    [10/08/2004 13:00|-rahs----|4952] C:\Bootfont.bin
    [04/11/2009 20:53|--a------|0] C:\CONFIG.SYS
    [04/11/2009 20:53|-rahs----|0] C:\IO.SYS
    [04/11/2009 20:53|-rahs----|0] C:\MSDOS.SYS
    [10/08/2004 13:00|-rahs----|47564] C:\NTDETECT.COM
    [18/11/2009 01:19|-rahs----|252240] C:\ntldr
    [?|?|?] C:\pagefile.sys
    [05/01/2010 17:42|--a------|11] C:\trace.ini
    [11/01/2010 21:54|--a------|4036] C:\UsbFix.txt
    [30/10/2009 10:17|--a------|1011] F:\Raccourci vers 4452-1-0-310-PERRIER@0BTP-PL.lnk
    [07/01/2010 00:54|--a------|270735872] F:\Comment c'est fait une tuile ( sans voix off ).avi
    [07/01/2010 00:30|--a------|270735872] F:\Comment c'est fait une tuile.avi
    [10/01/2010 16:17|--a------|732737536] F:\L'.Ǹtrange.Histoire.De.Benjamin.Button.Truefrench.DVDRiP.avi

    ################## | Vaccination |

    # C:\autorun.inf -> Dossier créé par UsbFix.
    # F:\autorun.inf -> Dossier créé par UsbFix.
    # G:\autorun.inf -> Dossier créé par UsbFix.

    ################## | Crack > Keygen > Serial |

    ################## | ! Fin du rapport # UsbFix V6.073 ! |
    0
  4. moment de grace Messages postés 29099 Date d'inscription   Statut Contributeur sécurité Dernière intervention   2 274
     
    vu

    tu peux enchainer sur RSIT
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. mil17
     
    Mercri encore de ton aide, alors j'ai telecharger rsit et réaliser un rapport :

    Logfile of random's system information tool 1.06 (written by random/random)
    Run by Emile at 2010-01-11 22:50:52
    Microsoft Windows XP Professionnel Service Pack 3
    System drive C: has 49 GB (43%) free of 114 GB
    Total RAM: 2046 MB (66% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 22:50:55, on 11/01/2010
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\WINDOWS\eHome\ehRecvr.exe
    C:\WINDOWS\eHome\ehSched.exe
    C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    C:\Program Files\SolidWorks\COSMOSFloWorks\FloWorks\binCFW\StandAloneSlv.exe
    C:\Program Files\Dell Support Center\bin\sprtsvc.exe
    C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
    C:\WINDOWS\system32\dllhost.exe
    C:\WINDOWS\system32\wbem\wmiapsrv.exe
    C:\WINDOWS\ehome\ehtray.exe
    C:\WINDOWS\eHome\ehmsas.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
    C:\Program Files\Dell Support Center\bin\sprtcmd.exe
    C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe
    C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
    C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\Fichiers communs\Gestionnaire d'installation SolidWorks\Scheduler\sldIMScheduler.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
    C:\Program Files\SolidWorks\SolidWorks\swScheduler\swBOEngine.exe
    C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
    C:\WINDOWS\System32\svchost.exe
    C:\DOCUME~1\Emile\LOCALS~1\Temp\SolidWorksLicTemp.0001
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Fichiers communs\SolidWorks Shared\Service\SolidWorksLicensing.exe
    C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Documents and Settings\Emile\Mes documents\Téléchargements\RSIT.exe
    C:\Program Files\trend micro\Emile.exe

    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\FICHIE~1\SYMANT~1\IDS\IPSBHO.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
    O4 - HKLM\..\Run: [NVHotkey] rundll32.exe nvHotkey.dll,Start
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton AntiVirus\osCheck.exe"
    O4 - HKLM\..\Run: [dellsupportcenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P dellsupportcenter
    O4 - HKLM\..\Run: [SigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\stsystra.exe
    O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
    O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [SolidWorks_CheckForUpdates] "C:\Program Files\Fichiers communs\Gestionnaire d'installation SolidWorks\Scheduler\sldIMScheduler.exe" /scheduler
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 52\axcmd.exe" /automount
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Startup: Moteur du Planificateur de tâches SolidWorks.lnk = C:\Program Files\SolidWorks\SolidWorks\swScheduler\swBOEngine.exe
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
    O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
    O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
    O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
    O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    O23 - Service: Remote Solver for COSMOSFloWorks 2007 - Unknown owner - C:\Program Files\SolidWorks\COSMOSFloWorks\FloWorks\binCFW\StandAloneSlv.exe
    O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files\Fichiers communs\SolidWorks Shared\Service\SolidWorksLicensing.exe
    O23 - Service: SupportSoft Sprocket Service (DellSupportCenter) (sprtsvc_DellSupportCenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
    O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
    O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\FICHIE~1\SYMANT~1\CCPD-LC\symlcsvc.exe
    O23 - Service: Intel(R) PROSet/Wireless SSO Service (WLANKEEPER) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
    0
  7. mil17
     
    excuse moi, j'avais oublié de rebrancher mes clé usb voilà:

    Logfile of random's system information tool 1.06 (written by random/random)
    Run by Emile at 2010-01-11 22:55:45
    Microsoft Windows XP Professionnel Service Pack 3
    System drive C: has 49 GB (43%) free of 114 GB
    Total RAM: 2046 MB (64% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 22:55:47, on 11/01/2010
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\WINDOWS\eHome\ehRecvr.exe
    C:\WINDOWS\eHome\ehSched.exe
    C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    C:\Program Files\SolidWorks\COSMOSFloWorks\FloWorks\binCFW\StandAloneSlv.exe
    C:\Program Files\Dell Support Center\bin\sprtsvc.exe
    C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
    C:\WINDOWS\system32\dllhost.exe
    C:\WINDOWS\system32\wbem\wmiapsrv.exe
    C:\WINDOWS\ehome\ehtray.exe
    C:\WINDOWS\eHome\ehmsas.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
    C:\Program Files\Dell Support Center\bin\sprtcmd.exe
    C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe
    C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
    C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\Fichiers communs\Gestionnaire d'installation SolidWorks\Scheduler\sldIMScheduler.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
    C:\Program Files\SolidWorks\SolidWorks\swScheduler\swBOEngine.exe
    C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
    C:\WINDOWS\System32\svchost.exe
    C:\DOCUME~1\Emile\LOCALS~1\Temp\SolidWorksLicTemp.0001
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Fichiers communs\SolidWorks Shared\Service\SolidWorksLicensing.exe
    C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Documents and Settings\Emile\Mes documents\Téléchargements\RSIT.exe
    C:\Program Files\trend micro\Emile.exe

    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\FICHIE~1\SYMANT~1\IDS\IPSBHO.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
    O4 - HKLM\..\Run: [NVHotkey] rundll32.exe nvHotkey.dll,Start
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton AntiVirus\osCheck.exe"
    O4 - HKLM\..\Run: [dellsupportcenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P dellsupportcenter
    O4 - HKLM\..\Run: [SigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\stsystra.exe
    O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
    O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [SolidWorks_CheckForUpdates] "C:\Program Files\Fichiers communs\Gestionnaire d'installation SolidWorks\Scheduler\sldIMScheduler.exe" /scheduler
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 52\axcmd.exe" /automount
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Startup: Moteur du Planificateur de tâches SolidWorks.lnk = C:\Program Files\SolidWorks\SolidWorks\swScheduler\swBOEngine.exe
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
    O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
    O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
    O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
    O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    O23 - Service: Remote Solver for COSMOSFloWorks 2007 - Unknown owner - C:\Program Files\SolidWorks\COSMOSFloWorks\FloWorks\binCFW\StandAloneSlv.exe
    O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files\Fichiers communs\SolidWorks Shared\Service\SolidWorksLicensing.exe
    O23 - Service: SupportSoft Sprocket Service (DellSupportCenter) (sprtsvc_DellSupportCenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
    O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
    O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\FICHIE~1\SYMANT~1\CCPD-LC\symlcsvc.exe
    O23 - Service: Intel(R) PROSet/Wireless SSO Service (WLANKEEPER) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
    0
  8. moment de grace Messages postés 29099 Date d'inscription   Statut Contributeur sécurité Dernière intervention   2 274
     
    pour les cles, c'est réglé

    en revanche il me manque celui ci C:\rsit\info.txt
    0
  9. moment de grace Messages postés 29099 Date d'inscription   Statut Contributeur sécurité Dernière intervention   2 274
     
    il me manque celui ci C:\rsit\info.txt

    Téléchargez MalwareByte's Anti-Malware

    http://www.malwarebytes.org/mbam/program/mbam-setup.exe

    . Enregistres le sur le bureau
    . Double cliques sur le fichier téléchargé pour lancer le processus d'installation.
    . Dans l'onglet "mise à jour", cliques sur le bouton Recherche de mise à jour
    . Si le pare-feu demande l'autorisation de se connecter pour malwarebytes, accepte
    . Une fois la mise à jour terminé
    . Rend-toi dans l'onglet, Recherche
    . Sélectionnes Exécuter un examen complet
    . Cliques sur Rechercher
    . Le scan démarre.
    . A la fin de l'analyse, un message s'affiche : L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.
    . Cliques sur Ok pour poursuivre.
    . Si des malwares ont été détectés, clique sur Afficher les résultats
    . Sélectionnes tout (ou laisses cochés) et cliques sur Supprimer la sélection Malwarebytes va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.
    . Malwarebytes va ouvrir le bloc-notes et y copier le rapport d'analyse.
    . Rends toi dans l'onglet rapport/log
    . Tu cliques dessus pour l'afficher, une fois affiché
    . Tu cliques sur edition en haut du boc notes, et puis sur sélectionner tous
    . Tu recliques sur edition et puis sur copier et tu reviens sur le forum et dans ta réponse
    . tu cliques droit dans le cadre de la reponse et coller

    Si tu as besoin d'aide regarde ces tutoriels :
    Aide: https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
    http://www.infos-du-net.com/forum/278396-11-tuto-malwarebytes-anti-malware-mbam

    0
  10. mil17
     
    OK ça marche je ne vois plus aucun problème avec mes clé usb, je vais quand même faire la manip de malwarebyte. mais pour le fichier info, c'est pas grave je ferai sans, car j'ai pas trop envie d'afficher le contenu de mon ordinateur sur le net. mais merci quand même.
    0
  11. moment de grace Messages postés 29099 Date d'inscription   Statut Contributeur sécurité Dernière intervention   2 274
     
    ok j'attend MBAM

    quant au fichier info qu'il serait bien tu postes

    personne ne les comprends, pas même beaucoup d'informaticiens....

    n'apparait que des renseignement liés aux applications de ton pc
    0
  12. mil17
     
    bonsoir voilà le rapport de MBAM

    Malwarebytes' Anti-Malware 1.44
    Version de la base de données: 3549
    Windows 5.1.2600 Service Pack 3
    Internet Explorer 6.0.2900.5512

    12/01/2010 23:01:13
    mbam-log-2010-01-12 (23-01-13).txt

    Type de recherche: Examen complet (C:\|F:\|H:\|)
    Eléments examinés: 346226
    Temps écoulé: 2 hour(s), 34 minute(s), 53 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 0
    Valeur(s) du Registre infectée(s): 0
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 0
    Fichier(s) infecté(s): 83

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Valeur(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    (Aucun élément nuisible détecté)

    Fichier(s) infecté(s):
    C:\System Volume Information\_restore{3BD24C2F-EBAE-49AC-8A8F-DF4574ED269D}\RP44\A0007264.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3BD24C2F-EBAE-49AC-8A8F-DF4574ED269D}\RP27\A0003055.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3BD24C2F-EBAE-49AC-8A8F-DF4574ED269D}\RP28\A0003326.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3BD24C2F-EBAE-49AC-8A8F-DF4574ED269D}\RP29\A0003336.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3BD24C2F-EBAE-49AC-8A8F-DF4574ED269D}\RP29\A0003678.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3BD24C2F-EBAE-49AC-8A8F-DF4574ED269D}\RP29\A0003680.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3BD24C2F-EBAE-49AC-8A8F-DF4574ED269D}\RP30\A0003688.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3BD24C2F-EBAE-49AC-8A8F-DF4574ED269D}\RP31\A0003715.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3BD24C2F-EBAE-49AC-8A8F-DF4574ED269D}\RP32\A0003763.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3BD24C2F-EBAE-49AC-8A8F-DF4574ED269D}\RP34\A0003886.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3BD24C2F-EBAE-49AC-8A8F-DF4574ED269D}\RP35\A0003920.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3BD24C2F-EBAE-49AC-8A8F-DF4574ED269D}\RP36\A0004011.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3BD24C2F-EBAE-49AC-8A8F-DF4574ED269D}\RP36\A0004086.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3BD24C2F-EBAE-49AC-8A8F-DF4574ED269D}\RP36\A0004090.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3BD24C2F-EBAE-49AC-8A8F-DF4574ED269D}\RP36\A0004112.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3BD24C2F-EBAE-49AC-8A8F-DF4574ED269D}\RP36\A0004120.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3BD24C2F-EBAE-49AC-8A8F-DF4574ED269D}\RP36\A0004123.dll (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3BD24C2F-EBAE-49AC-8A8F-DF4574ED269D}\RP36\A0004161.exe (Malware.Tool) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3BD24C2F-EBAE-49AC-8A8F-DF4574ED269D}\RP36\A0004250.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3BD24C2F-EBAE-49AC-8A8F-DF4574ED269D}\RP36\A0004252.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3BD24C2F-EBAE-49AC-8A8F-DF4574ED269D}\RP36\A0004302.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3BD24C2F-EBAE-49AC-8A8F-DF4574ED269D}\RP36\A0004304.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3BD24C2F-EBAE-49AC-8A8F-DF4574ED269D}\RP37\A0004308.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3BD24C2F-EBAE-49AC-8A8F-DF4574ED269D}\RP38\A0004379.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3BD24C2F-EBAE-49AC-8A8F-DF4574ED269D}\RP38\A0004382.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3BD24C2F-EBAE-49AC-8A8F-DF4574ED269D}\RP38\A0005157.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3BD24C2F-EBAE-49AC-8A8F-DF4574ED269D}\RP38\A0005160.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3BD24C2F-EBAE-49AC-8A8F-DF4574ED269D}\RP38\A0005880.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3BD24C2F-EBAE-49AC-8A8F-DF4574ED269D}\RP38\A0005884.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3BD24C2F-EBAE-49AC-8A8F-DF4574ED269D}\RP38\A0005885.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3BD24C2F-EBAE-49AC-8A8F-DF4574ED269D}\RP38\A0005882.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3BD24C2F-EBAE-49AC-8A8F-DF4574ED269D}\RP38\A0005925.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3BD24C2F-EBAE-49AC-8A8F-DF4574ED269D}\RP38\A0005932.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3BD24C2F-EBAE-49AC-8A8F-DF4574ED269D}\RP39\A0005953.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3BD24C2F-EBAE-49AC-8A8F-DF4574ED269D}\RP39\A0005966.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3BD24C2F-EBAE-49AC-8A8F-DF4574ED269D}\RP40\A0005978.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3BD24C2F-EBAE-49AC-8A8F-DF4574ED269D}\RP41\A0006099.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3BD24C2F-EBAE-49AC-8A8F-DF4574ED269D}\RP42\A0006107.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3BD24C2F-EBAE-49AC-8A8F-DF4574ED269D}\RP43\A0006133.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3BD24C2F-EBAE-49AC-8A8F-DF4574ED269D}\RP45\A0007655.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3BD24C2F-EBAE-49AC-8A8F-DF4574ED269D}\RP45\A0007656.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3BD24C2F-EBAE-49AC-8A8F-DF4574ED269D}\RP45\A0007659.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3BD24C2F-EBAE-49AC-8A8F-DF4574ED269D}\RP46\A0008566.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3BD24C2F-EBAE-49AC-8A8F-DF4574ED269D}\RP46\A0007661.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3BD24C2F-EBAE-49AC-8A8F-DF4574ED269D}\RP46\A0008565.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3BD24C2F-EBAE-49AC-8A8F-DF4574ED269D}\RP46\A0008571.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3BD24C2F-EBAE-49AC-8A8F-DF4574ED269D}\RP46\A0008573.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3BD24C2F-EBAE-49AC-8A8F-DF4574ED269D}\RP46\A0008579.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3BD24C2F-EBAE-49AC-8A8F-DF4574ED269D}\RP46\A0008582.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3BD24C2F-EBAE-49AC-8A8F-DF4574ED269D}\RP46\A0008583.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3BD24C2F-EBAE-49AC-8A8F-DF4574ED269D}\RP47\A0008584.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3BD24C2F-EBAE-49AC-8A8F-DF4574ED269D}\RP47\A0009026.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3BD24C2F-EBAE-49AC-8A8F-DF4574ED269D}\RP47\A0009028.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3BD24C2F-EBAE-49AC-8A8F-DF4574ED269D}\RP47\A0009039.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3BD24C2F-EBAE-49AC-8A8F-DF4574ED269D}\RP47\A0009041.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3BD24C2F-EBAE-49AC-8A8F-DF4574ED269D}\RP48\A0009048.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3BD24C2F-EBAE-49AC-8A8F-DF4574ED269D}\RP48\A0009069.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\UsbFix\Quarantine\F\e9naq.exe.UsbFix (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    H:\Sauvegarde\Norton antivirus 2008 15.5.0.23 license 3 years EDGE\keygen_noUPX.exe (Malware.Tool) -> Quarantined and deleted successfully.
    H:\System Volume Information\_restore{6DE267CA-B8E6-4F6E-A7EA-1F63F57FA17F}\RP409\A0140948.exe (Worm.Magania) -> Quarantined and deleted successfully.
    H:\System Volume Information\_restore{6DE267CA-B8E6-4F6E-A7EA-1F63F57FA17F}\RP409\A0141949.exe (Worm.Magania) -> Quarantined and deleted successfully.
    H:\System Volume Information\_restore{6DE267CA-B8E6-4F6E-A7EA-1F63F57FA17F}\RP451\A0173176.exe (Worm.Magania) -> Quarantined and deleted successfully.
    H:\System Volume Information\_restore{6DE267CA-B8E6-4F6E-A7EA-1F63F57FA17F}\RP451\A0173179.exe (Worm.Magania) -> Quarantined and deleted successfully.
    H:\System Volume Information\_restore{6DE267CA-B8E6-4F6E-A7EA-1F63F57FA17F}\RP451\A0173180.exe (Worm.Magania) -> Quarantined and deleted successfully.
    H:\System Volume Information\_restore{3BD24C2F-EBAE-49AC-8A8F-DF4574ED269D}\RP27\A0003057.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    H:\System Volume Information\_restore{3BD24C2F-EBAE-49AC-8A8F-DF4574ED269D}\RP28\A0003328.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    H:\System Volume Information\_restore{3BD24C2F-EBAE-49AC-8A8F-DF4574ED269D}\RP29\A0003338.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    H:\System Volume Information\_restore{3BD24C2F-EBAE-49AC-8A8F-DF4574ED269D}\RP39\A0005962.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    H:\System Volume Information\_restore{3BD24C2F-EBAE-49AC-8A8F-DF4574ED269D}\RP40\A0005980.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    H:\System Volume Information\_restore{3BD24C2F-EBAE-49AC-8A8F-DF4574ED269D}\RP41\A0006101.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    H:\System Volume Information\_restore{3BD24C2F-EBAE-49AC-8A8F-DF4574ED269D}\RP42\A0006109.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    H:\System Volume Information\_restore{3BD24C2F-EBAE-49AC-8A8F-DF4574ED269D}\RP43\A0006135.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    H:\System Volume Information\_restore{3BD24C2F-EBAE-49AC-8A8F-DF4574ED269D}\RP44\A0007266.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    H:\System Volume Information\_restore{3BD24C2F-EBAE-49AC-8A8F-DF4574ED269D}\RP45\A0007657.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    H:\System Volume Information\_restore{3BD24C2F-EBAE-49AC-8A8F-DF4574ED269D}\RP46\A0007663.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    H:\System Volume Information\_restore{3BD24C2F-EBAE-49AC-8A8F-DF4574ED269D}\RP46\A0008568.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    H:\System Volume Information\_restore{3BD24C2F-EBAE-49AC-8A8F-DF4574ED269D}\RP46\A0008572.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    H:\System Volume Information\_restore{3BD24C2F-EBAE-49AC-8A8F-DF4574ED269D}\RP46\A0008581.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    H:\System Volume Information\_restore{3BD24C2F-EBAE-49AC-8A8F-DF4574ED269D}\RP47\A0008586.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    H:\System Volume Information\_restore{3BD24C2F-EBAE-49AC-8A8F-DF4574ED269D}\RP58\A0014275.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    H:\System Volume Information\_restore{3BD24C2F-EBAE-49AC-8A8F-DF4574ED269D}\RP91\A0031112.dll (Trojan.Agent) -> Quarantined and deleted successfully.
    H:\System Volume Information\_restore{3BD24C2F-EBAE-49AC-8A8F-DF4574ED269D}\RP91\A0031113.dll (Trojan.Agent) -> Quarantined and deleted successfully.
    H:\System Volume Information\_restore{3BD24C2F-EBAE-49AC-8A8F-DF4574ED269D}\RP91\A0031114.dll (Trojan.Agent) -> Quarantined and deleted successfully.
    0
  13. moment de grace Messages postés 29099 Date d'inscription   Statut Contributeur sécurité Dernière intervention   2 274
     
    ok tout va bien mais surtout pas restaurer pour l'instant ton ordi

    - comment va le pc ?
    - conseil: mieux vaut antivir efficace et gratuit que norton cracké
    0
    1. mil17
       
      bonjour,

      Merci pour ton aide, mon ordi fonctionne impeccable et plus de problème avec mes supports USB! je pense que je vais suivre ton conseille pour antivir.

      merci encore
      0
  14. moment de grace Messages postés 29099 Date d'inscription   Statut Contributeur sécurité Dernière intervention   2 274
     
    ok vides la quarantaine de MBAM si ce n'est pas déjà fait

    relances RSIT et postes juste le rapport log
    0