Salut,
J'ai appliqué Usbfix, ça a l'air d'aller mieux.
Le rapport Usbfix ci dessous:
############################## [ UsbFix V3.033 ]
# User : abouchou () # CONNEXIONNET
# Update on 15/06/09 by C_XX
# Start at: 13:52:21 | 28/06/2009
# Website : http://pagesperso-orange.fr/NosTools/usbfix.html
# Intel(R) Core(TM)2 Duo CPU T7100 @ 1.80GHz
# Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 2
# Internet Explorer 6.0.2900.2180
# Windows Firewall Status : Enabled
# C:\ # Disque fixe local # 29,29 Go (7,86 Go free) [SYSTEME] # NTFS
# D:\ # Disque fixe local # 82,49 Go (20,99 Go free) [DATA] # NTFS
# E:\ # Disque CD-ROM
# F:\ # Disque amovible # 3,74 Go (2,33 Go free) # FAT32
# G:\ # Disque fixe local # 465,65 Go (346,51 Go free) [My Passport] # FAT32
# W:\ # Disque amovible # 3,73 Go (2,17 Go free) # FAT32
# Y:\ # Connexion réseau
# Z:\ # Connexion réseau
############################## [ Processus actifs ]
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\NetScreen\NetScreen-Remote\IPSecMon.exe
C:\Program Files\NetScreen\NetScreen-Remote\IreIKE.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ngvpnmgr.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\SCardSvr.exe
C:\WINDOWS\system32\ROMServ.exe
C:\Program Files\Network Associates\McAfee Desktop Firewall for Windows XP\FireSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\mcshield.exe
C:\Program Files\Network Associates\Common Framework\naPrdMgr.exe
C:\Program Files\Network Associates\VirusScan\vstskmgr.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
C:\Program Files\VMware\VMware Server\vmware-authd.exe
C:\Program Files\Fichiers communs\VMware\VMware Virtual Image Editing\vmount2.exe
C:\WINDOWS\system32\vmnat.exe
C:\WINDOWS\system32\vmnetdhcp.exe
C:\Program Files\Citrix\Client ICA\ssonsvr.exe
C:\WINDOWS\system32\CCM\CcmExec.exe
C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
C:\WINDOWS\system32\userinit.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\AhnRpta.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
################## [ Fichiers # Dossiers infectieux ]
(!) Non supprimé ! C:\WINDOWS\AhnRpta.exe
Supprimé ! C:\WINDOWS\system32\nmdfgds0.dll
Supprimé ! C:\WINDOWS\system32\nmdfgds1.dll
Supprimé ! C:\WINDOWS\system32\olhrwef.exe
Supprimé ! C:\m.com
Supprimé ! D:\m.com
Supprimé ! F:\boyedt.com
Supprimé ! F:\gclwpivc.cmd
Supprimé ! F:\m.com
Supprimé ! F:\recycler\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx
G:\autorun.inf # -> fichier appelé : "G:\fsaht.cmd" ( présent ! )
Deleted ! -> G:\fsaht.cmd
Supprimé ! G:\0xuc.com
Supprimé ! G:\1ogf.exe
Supprimé ! G:\6phx.com
Supprimé ! G:\9dlvtiil.exe
Supprimé ! G:\e2.cmd
Supprimé ! G:\ej10fkdo.bat
Supprimé ! G:\eyt.exe
Supprimé ! G:\fbak.exe
Supprimé ! G:\gclwpivc.cmd
Supprimé ! G:\icxpa.cmd
Supprimé ! G:\n68mqcra.exe
Supprimé ! G:\nu.cmd
Supprimé ! G:\Setup.exe
Supprimé ! G:\sm.exe
Supprimé ! G:\sv8c2bjw.bat
Supprimé ! G:\vwewav8.com
Supprimé ! G:\xh319r9b.bat
Supprimé ! G:\3.cmd
Supprimé ! G:\w.com
Supprimé ! G:\i.cmd
Supprimé ! G:\autorun.inf
Supprimé ! W:\0bcobed.exe
Supprimé ! W:\1ogf.exe
Supprimé ! W:\6phx.com
Supprimé ! W:\ej10fkdo.bat
Supprimé ! W:\fsaht.cmd
Supprimé ! W:\gbm6n.exe
Supprimé ! W:\gpcdt.cmd
Supprimé ! W:\husyu8n.exe
Supprimé ! W:\jm3cx96.bat
Supprimé ! W:\log.exe
Supprimé ! W:\vwewav8.com
Supprimé ! W:\m.com
Supprimé ! W:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013\service.exe
Supprimé ! W:\recycler\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx
Supprimé ! "W:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013"
################## [ Registre # Clés Run infectieuses ]
Supprimé ! HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "cdoosoft"
Supprimé ! HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks "{BB4C402F-882A-4526-8C08-51278EA437C1}"
Supprimé ! HKUS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run "cdoosoft"
################## [ Registre # Mountpoints2 ]
################## [ Listing des fichiers présent ]
[25/11/2008 17:07|---------|1024] - C:\.rnd
[26/03/2009 21:41|---------|10698380] - C:\82_no artist - Daddy Yankee _ Ella Me Levanto.wav
[26/09/2007 15:15|---------|319] - C:\ag_FRRENN0X00671.ini
[21/05/2008 11:11|---------|281144] - C:\annonce
[11/06/2007 15:01|---------|0] - C:\AUTOEXEC.BAT
[12/06/2007 15:16|-r-hs----|212] - C:\boot.ini
[05/08/2004 14:00|-r-hs----|4952] - C:\Bootfont.bin
[22/06/2009 08:06|-r-hs----|106074] - C:\cahpcg.cmd
[11/06/2007 15:01|---------|0] - C:\CONFIG.SYS
[12/06/2009 08:43|--a------|347] - C:\CONNEXIONNET-secu.txt
[07/02/2008 23:50|---------|125] - C:\CountCyclesWMVDecLog.txt
[19/08/2008 09:18|---------|348] - C:\FRRENN0X00671-secu.txt
[11/06/2007 15:01|-r-hs----|0] - C:\IO.SYS
[11/06/2007 15:01|-r-hs----|0] - C:\MSDOS.SYS
[28/06/2009 13:55|--a------|14920] - C:\MyVat.txt
[05/08/2004 14:00|-r-hs----|47564] - C:\NTDETECT.COM
[05/08/2004 14:00|-r-hs----|251712] - C:\ntldr
[?|?|?] - C:\pagefile.sys
[28/06/2009 13:47|--a------|224955] - C:\ptdebug.txt
[18/05/2009 21:29|---------|39992] - C:\report.zip
[27/03/2009 23:27|---h-----|268] - C:\sqmdata00.sqm
[28/03/2009 10:53|---h-----|268] - C:\sqmdata01.sqm
[30/03/2009 01:19|---h-----|268] - C:\sqmdata02.sqm
[22/04/2009 09:34|---h-----|232] - C:\sqmdata03.sqm
[25/05/2009 16:55|--ah-----|268] - C:\sqmdata04.sqm
[25/05/2009 19:56|--ah-----|268] - C:\sqmdata05.sqm
[26/05/2009 09:48|--ah-----|268] - C:\sqmdata06.sqm
[26/05/2009 16:18|--ah-----|268] - C:\sqmdata07.sqm
[05/06/2009 09:35|--ah-----|232] - C:\sqmdata08.sqm
[22/06/2009 07:42|--ah-----|232] - C:\sqmdata09.sqm
[22/06/2009 10:36|--ah-----|232] - C:\sqmdata10.sqm
[26/11/2008 16:57|---h-----|232] - C:\sqmdata11.sqm
[25/12/2008 04:49|---h-----|232] - C:\sqmdata12.sqm
[08/01/2009 10:35|---h-----|232] - C:\sqmdata13.sqm
[08/01/2009 16:12|---h-----|268] - C:\sqmdata14.sqm
[06/02/2009 04:25|---h-----|232] - C:\sqmdata15.sqm
[06/02/2009 10:23|---h-----|232] - C:\sqmdata16.sqm
[06/02/2009 11:44|---h-----|232] - C:\sqmdata17.sqm
[06/03/2009 15:51|---h-----|232] - C:\sqmdata18.sqm
[20/03/2009 15:37|---h-----|268] - C:\sqmdata19.sqm
[27/03/2009 23:27|---h-----|244] - C:\sqmnoopt00.sqm
[28/03/2009 10:53|---h-----|244] - C:\sqmnoopt01.sqm
[30/03/2009 01:19|---h-----|244] - C:\sqmnoopt02.sqm
[22/04/2009 09:34|---h-----|244] - C:\sqmnoopt03.sqm
[25/05/2009 16:55|--ah-----|244] - C:\sqmnoopt04.sqm
[25/05/2009 19:56|--ah-----|244] - C:\sqmnoopt05.sqm
[26/05/2009 09:48|--ah-----|244] - C:\sqmnoopt06.sqm
[26/05/2009 16:18|--ah-----|244] - C:\sqmnoopt07.sqm
[05/06/2009 09:35|--ah-----|244] - C:\sqmnoopt08.sqm
[22/06/2009 07:42|--ah-----|244] - C:\sqmnoopt09.sqm
[22/06/2009 10:36|--ah-----|244] - C:\sqmnoopt10.sqm
[26/11/2008 16:57|---h-----|244] - C:\sqmnoopt11.sqm
[25/12/2008 04:49|---h-----|244] - C:\sqmnoopt12.sqm
[08/01/2009 10:35|---h-----|244] - C:\sqmnoopt13.sqm
[08/01/2009 16:12|---h-----|244] - C:\sqmnoopt14.sqm
[06/02/2009 04:25|---h-----|244] - C:\sqmnoopt15.sqm
[06/02/2009 10:23|---h-----|244] - C:\sqmnoopt16.sqm
[06/02/2009 11:44|---h-----|244] - C:\sqmnoopt17.sqm
[06/03/2009 15:51|---h-----|244] - C:\sqmnoopt18.sqm
[20/03/2009 15:37|---h-----|244] - C:\sqmnoopt19.sqm
[14/05/2009 09:57|--a------|1399] - C:\tomixca_cert.pem
[19/05/2009 09:11|-r-hs----|105436] - C:\ukvr.bat
[28/06/2009 13:22|-r-hs----|106748] - C:\uo10sn.cmd
[28/06/2009 13:55|--a------|8165] - C:\UsbFix.txt
[26/09/2007 15:15|---------|1208] - C:\VSFRRENN0X00671.ini
[01/10/2008 23:15|---------|135] - C:\VundoFix.txt
[24/06/2009 06:38|-r-hs----|106209] - C:\xbvv6o.com
[27/09/2007 17:18|---------|146] - C:\YServer.txt
[18/05/2009 21:29|---------|254986] - C:\_crash.dmp
[18/05/2009 21:29|---------|119248] - C:\_crash.log
[04/02/2008 19:24|--a------|197222400] - D:\ASR_3.3_SP9.3.iso
[22/06/2009 08:06|-r-hs----|106074] - D:\cahpcg.cmd
[18/12/2008 13:20|--a------|3727149056] - D:\eiab26-dvd7_0_0b3929-generic-1.iso
[26/11/2007 14:44|--a------|5246] - D:\ks.cfg
[18/12/2008 13:22|--a------|630] - D:\md5 sum.txt
[31/07/2008 00:52|--a------|734033920] - D:\Menace 2 society[DVDRIP]XVID,MPEG(KNIGHTY1973)1993.avi
[25/06/2008 00:06|--a------|4224100352] - D:\MRF_6.2.1.iso
[25/07/2008 11:29|--a------|4411650048] - D:\MRF_6.3.1.iso
[18/03/2003 21:14|--a------|499712] - D:\msvcp71.dll
[26/11/2007 14:08|--a------|2334046208] - D:\RHEL4_U4_i386_kickstart.ISO
[19/05/2009 09:11|-r-hs----|105436] - D:\ukvr.bat
[28/06/2009 13:22|-r-hs----|106748] - D:\uo10sn.cmd
[24/06/2009 06:38|-r-hs----|106209] - D:\xbvv6o.com
[22/06/2009 08:06|-r-hs----|106074] - F:\cahpcg.cmd
[28/06/2009 13:22|-r-hs----|106748] - F:\uo10sn.cmd
[24/04/2004 12:38|--a------|37888] - G:\JSTART.exe
[16/07/2008 09:14|--a------|42760] - G:\WDInstaller.xml
[08/07/2008 11:53|--a------|1760039] - G:\WDSetup.exe
################## [ Vaccination ]
# C:\autorun.inf ( # Not infected ) -> Folder created by UsbFix.
# D:\autorun.inf ( # Not infected ) -> Folder created by UsbFix.
# F:\autorun.inf ( # Not infected ) -> Folder created by UsbFix.
# G:\autorun.inf ( # Not infected ) -> Folder created by UsbFix.
# W:\autorun.inf ( # Not infected ) -> Folder created by UsbFix.
################## [ ! Fin du rapport # UsbFix V3.033 ! ]
Le nouveau rapport hijackthis:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:10:29, on 28/06/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\NetScreen\NetScreen-Remote\IPSecMon.exe
C:\Program Files\NetScreen\NetScreen-Remote\IreIKE.exe
C:\WINDOWS\system32\ngvpnmgr.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\ROMServ.exe
C:\Program Files\Network Associates\McAfee Desktop Firewall for Windows XP\FireSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\mcshield.exe
C:\Program Files\Network Associates\VirusScan\vstskmgr.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
C:\Program Files\VMware\VMware Server\vmware-authd.exe
C:\Program Files\Fichiers communs\VMware\VMware Virtual Image Editing\vmount2.exe
C:\WINDOWS\system32\vmnat.exe
C:\WINDOWS\system32\vmnetdhcp.exe
C:\Program Files\Citrix\Client ICA\ssonsvr.exe
C:\WINDOWS\system32\CCM\CcmExec.exe
C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
C:\WINDOWS\AhnRpta.exe
C:\Program Files\VMware\VMware Server\vmserverdWin32.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
O4 - HKLM\..\Run: [AccelerometerSysTrayApplet] C:\WINDOWS\system32\AccelerometerSt.exe
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [Network Associates Error Reporting Service] "C:\Program Files\Fichiers communs\Network Associates\TalkBack\tbmon.exe"
O4 - HKLM\..\Run: [McAfeeFireTray] C:\Program Files\Network Associates\McAfee Desktop Firewall for Windows XP\Firetray.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [Communicator] "C:\Program Files\Microsoft Office Communicator\Communicator.exe" (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Collector.lnk = C:\Program Files\teraterm\Collector\Collector.exe
O4 - Startup: TeraTerm Menu.lnk = C:\Program Files\teraterm\ttpmenu.exe
O4 - Global Startup: Agent Program Neighborhood.lnk = C:\Program Files\Citrix\Client ICA\pnagent.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: NetScreen-Remote.lnk = C:\Program Files\NetScreen\NetScreen-Remote\SafeCfg.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Livre de reliures HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Sélection intelligente HP - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: iLO 2 Remote Console Applet - https://172.17.128.226/dvc.cab
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {CBCF8AB4-8A12-4A8A-A22D-36480B41DC78} (eDataInstall ActiveX control, Version 4.0) - http://coopnet.multimedia-conference.orange-business.com/...
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = ad2.ad.alcatel.com,or.cit.alcatel.fr,snr.ansf.alcatel.fr,netfr.alcatel.fr,dc-m.alcatel-lucent.com
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = ad2.ad.alcatel.com,or.cit.alcatel.fr,snr.ansf.alcatel.fr,netfr.alcatel.fr,dc-m.alcatel-lucent.com
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: lfmsdy.dll c:\windows\system32\rotawapo.dll c:\windows\system32\fogiguzu.dll c:\windows\system32\fesorega.dll c:\windows\system32\zodetego.dll c:\windows\system32\wahayaga.dll c:\windows\system32\nutowuko.dll c:\windows\system32\vetajume.dll c:\windows\system32\gofizesa.dll c:\windows\system32\buyetuza.dll c:\windows\system32\hadezabi.dll c:\windows\system32\yozezuna.dll c:\windows\system32\ravebavi.dll c:\windows\system32\mohafilu.dll c:\windows\system32\lehuguwe.dll c:\windows\system32\ruyutave.dll c:\windows\system32\vuwupajo.dll c:\windows\system32\sujegaru.dll c:\windows\system32\fuweyofa.dll c:\windows\system32\dimisawo.dll c:\windows\system32\dafanole.dll c:\windows\system32\janifedu.dll c:\windows\system32\pisefire.dll c:\windows\system32\yutobayu.dll c:\windows\system32\gehufidu.dll c:\windows\system32\dutudari.dll c:\windows\system32\goralaro.dll c:\windows\system32\yesileya.dll c:\windows\system32\lebenesa.dll c:\windows\system32\movoyari.dll c:\windows\system32\hilemebu.dll c:\
O21 - SSODL: SSODL - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\yejedotu.dll (file missing)
O22 - SharedTaskScheduler: STS - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\yejedotu.dll (file missing)
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: EEPROM Service Module (EEPROMService) - Unknown owner - C:\WINDOWS\system32\ROMServ.exe
O23 - Service: McAfee Desktop Firewall Service (FireSvc) - Networks Associates Technology, Inc. - C:\Program Files\Network Associates\McAfee Desktop Firewall for Windows XP\FireSvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: SafeNet Monitor Service (IPSECMON) - SafeNet - C:\Program Files\NetScreen\NetScreen-Remote\IPSecMon.exe
O23 - Service: SafeNet IKE Service (IreIKE) - SafeNet - C:\Program Files\NetScreen\NetScreen-Remote\IreIKE.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - McAfee, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - McAfee, Inc. - C:\Program Files\Network Associates\VirusScan\mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\vstskmgr.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Aventail VPN Client (NgVpnMgr) - Aventail Corporation - C:\WINDOWS\system32\ngvpnmgr.exe
O23 - Service: OracleOraHome81ClientCache - Unknown owner - C:\ORACLE\ora81\BIN\ONRSD.EXE
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files\VMware\VMware Server\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\WINDOWS\system32\vmnetdhcp.exe
O23 - Service: VMware Virtual Mount Manager Extended (vmount2) - VMware, Inc. - C:\Program Files\Fichiers communs\VMware\VMware Virtual Image Editing\vmount2.exe
O23 - Service: VMware Registration Service (vmserverdWin32) - VMware, Inc. - C:\Program Files\VMware\VMware Server\vmserverdWin32.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\WINDOWS\system32\vmnat.exe
End of file - 14511 bytes
Comment formater un pc