Probleme port USB

Accélérer son PC et résoudre les problèmes de lenteur PC et Windows

Modérateur : Mods Windows

Nathan-11

Probleme port USB

par Nathan-11 »

Bonjour

J'ai un soucis avec des pilote USB sur un packard bell Imedia avec une carte mere MSI !
Lorsque je vais sur le site msi pour installer le updater IE 8 plante !
Ensuite j'ai verifier les virus en passant un coup malwarebyte et j'ai donc supprimé tout ce qu'il a trouver puis j'ai installer combofix dont voiçi le rapport :
ComboFix 10-09-08.01 - moi 09/09/2010 9:48.1.2 - x86
Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.1022.453 [GMT 2:00]
Lancé depuis: c:\documents and settings\moi\Bureau\Nathan.exe
AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Autorun.inf
C:\DelUS.bat
c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat
c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat
c:\documents and settings\moi\Application Data\PriceGong
c:\documents and settings\moi\Application Data\PriceGong\Data\1.xml
c:\documents and settings\moi\Application Data\PriceGong\Data\a.xml
c:\documents and settings\moi\Application Data\PriceGong\Data\b.xml
c:\documents and settings\moi\Application Data\PriceGong\Data\c.xml
c:\documents and settings\moi\Application Data\PriceGong\Data\d.xml
c:\documents and settings\moi\Application Data\PriceGong\Data\e.xml
c:\documents and settings\moi\Application Data\PriceGong\Data\f.xml
c:\documents and settings\moi\Application Data\PriceGong\Data\g.xml
c:\documents and settings\moi\Application Data\PriceGong\Data\h.xml
c:\documents and settings\moi\Application Data\PriceGong\Data\i.xml
c:\documents and settings\moi\Application Data\PriceGong\Data\J.xml
c:\documents and settings\moi\Application Data\PriceGong\Data\k.xml
c:\documents and settings\moi\Application Data\PriceGong\Data\l.xml
c:\documents and settings\moi\Application Data\PriceGong\Data\m.xml
c:\documents and settings\moi\Application Data\PriceGong\Data\n.xml
c:\documents and settings\moi\Application Data\PriceGong\Data\o.xml
c:\documents and settings\moi\Application Data\PriceGong\Data\p.xml
c:\documents and settings\moi\Application Data\PriceGong\Data\q.xml
c:\documents and settings\moi\Application Data\PriceGong\Data\r.xml
c:\documents and settings\moi\Application Data\PriceGong\Data\s.xml
c:\documents and settings\moi\Application Data\PriceGong\Data\t.xml
c:\documents and settings\moi\Application Data\PriceGong\Data\u.xml
c:\documents and settings\moi\Application Data\PriceGong\Data\v.xml
c:\documents and settings\moi\Application Data\PriceGong\Data\w.xml
c:\documents and settings\moi\Application Data\PriceGong\Data\x.xml
c:\documents and settings\moi\Application Data\PriceGong\Data\y.xml
c:\documents and settings\moi\Application Data\PriceGong\Data\z.xml
c:\documents and settings\moi\Bureau\Internet Explorer.lnk
c:\windows\system32\scrrnfr.dll
c:\windows\system32\Thumbs.db

----- BITS: Il y a peut-être des sites infectés -----

hxxp://au.download.windowsupj+|[email protected]:NGD_DQ{zGD_DQ{zGD_DQ{zGD_DQ{[email protected]:Nj+|Cv
.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_AVPsys


((((((((((((((((((((((((((((( Fichiers créés du 2010-08-09 au 2010-09-09 ))))))))))))))))))))))))))))))))))))
.

2010-09-08 15:41 . 2010-09-08 15:41 -------- d-----w- c:\documents and settings\moi\Application Data\Malwarebytes
2010-09-08 15:41 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-09-08 15:41 . 2010-09-08 15:41 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2010-09-08 15:41 . 2010-09-08 15:41 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-09-08 15:41 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-09-08 14:41 . 2010-09-08 14:41 -------- d-----w- c:\documents and settings\All Users\Application Data\PC Drivers HeadQuarters
2010-09-08 13:13 . 2010-09-08 13:13 -------- d-----w- c:\documents and settings\moi\Application Data\Uniblue
2010-09-08 12:34 . 2010-09-08 14:25 -------- d-----w- c:\documents and settings\All Users\Application Data\ma-config.com
2010-09-08 12:34 . 2010-09-08 14:23 -------- d-----w- c:\program files\ma-config.com
2010-08-28 11:40 . 2010-09-07 14:52 165584 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-08-28 11:40 . 2010-09-07 14:47 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-08-28 11:40 . 2010-09-07 14:52 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-08-28 11:40 . 2010-09-07 14:47 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-08-28 11:40 . 2010-09-07 14:47 100176 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2010-08-28 11:40 . 2010-09-07 14:47 94544 ----a-w- c:\windows\system32\drivers\aswmon.sys
2010-08-28 11:40 . 2010-09-07 14:46 28880 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2010-08-28 11:40 . 2010-09-07 15:12 38848 ----a-w- c:\windows\avastSS.scr
2010-08-28 11:40 . 2010-09-07 15:11 167592 ----a-w- c:\windows\system32\aswBoot.exe
2010-08-28 11:40 . 2010-08-28 11:40 -------- d-----w- c:\program files\Alwil Software
2010-08-28 11:40 . 2010-08-28 11:40 -------- d-----w- c:\documents and settings\All Users\Application Data\Alwil Software
2010-08-23 21:03 . 2006-10-26 17:56 33104 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\msonpppr.dll
2010-08-23 21:03 . 2006-10-26 17:56 32592 ----a-w- c:\windows\system32\msonpmon.dll
2010-08-23 20:59 . 2010-08-23 20:59 -------- d-----w- c:\documents and settings\moi\Local Settings\Application Data\Microsoft Help
2010-08-23 20:58 . 2010-08-23 21:52 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2010-08-16 16:42 . 2010-08-16 16:42 -------- d-----w- c:\program files\SFR

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-09 07:57 . 2009-05-15 13:03 -------- d-----w- c:\program files\SPAMfighter
2010-09-09 07:27 . 2010-06-12 09:54 -------- d-----w- c:\program files\Messenger_Plus_Live_France
2010-09-08 14:25 . 2008-05-05 09:18 -------- d-----w- c:\program files\Fichiers communs\Java
2010-09-08 14:24 . 2009-06-02 15:32 -------- d-----w- c:\program files\Microsoft Silverlight
2010-09-08 12:33 . 2008-05-05 09:18 -------- d-----w- c:\program files\Java
2010-09-07 13:26 . 2008-05-07 14:40 -------- d-----w- c:\documents and settings\moi\Application Data\U3
2010-09-05 12:23 . 2010-05-09 08:55 664 ----a-w- c:\windows\system32\d3d9caps.dat
2010-09-03 17:13 . 2010-04-18 13:41 -------- d-----w- c:\documents and settings\moi\Application Data\vlc
2010-08-24 08:02 . 2008-05-06 06:14 99048 ----a-w- c:\documents and settings\moi\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-08-16 16:19 . 2008-05-05 09:32 -------- d-----w- c:\program files\Google
2010-08-16 16:13 . 2008-05-05 09:32 -------- d-----w- c:\program files\Picasa2
2010-08-16 16:13 . 2008-05-12 11:08 -------- d-----w- c:\program files\NBPROF
2010-08-16 16:13 . 2009-06-12 16:40 -------- d-----w- c:\program files\NBCONS
2010-08-16 16:13 . 2008-05-05 09:08 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-08-16 16:13 . 2008-05-07 17:59 -------- dcsh--w- c:\program files\Fichiers communs\WindowsLiveInstaller
2010-08-16 16:13 . 2008-05-05 09:25 -------- d-----w- c:\program files\Fichiers communs\Symantec Shared
2010-08-16 16:12 . 2008-05-05 09:22 -------- d-----w- c:\program files\AOL 9.0
2010-08-15 15:52 . 2004-09-23 16:12 85644 ----a-w- c:\windows\system32\perfc00C.dat
2010-08-15 15:52 . 2004-09-23 16:12 513498 ----a-w- c:\windows\system32\perfh00C.dat
2010-08-14 07:30 . 2010-08-14 07:30 503808 ----a-w- c:\documents and settings\moi\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-1cf9000d-n\msvcp71.dll
2010-08-14 07:30 . 2010-08-14 07:30 499712 ----a-w- c:\documents and settings\moi\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-1cf9000d-n\jmc.dll
2010-08-14 07:30 . 2010-08-14 07:30 348160 ----a-w- c:\documents and settings\moi\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-1cf9000d-n\msvcr71.dll
2010-08-14 07:30 . 2010-08-14 07:30 61440 ----a-w- c:\documents and settings\moi\Application Data\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-4f6732e7-n\decora-sse.dll
2010-08-14 07:30 . 2010-08-14 07:30 12800 ----a-w- c:\documents and settings\moi\Application Data\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-4f6732e7-n\decora-d3d.dll
2010-07-27 16:36 . 2008-08-28 14:48 -------- d-----w- c:\documents and settings\moi\Application Data\Skype
2010-07-27 16:24 . 2008-08-29 16:27 -------- d-----w- c:\documents and settings\moi\Application Data\skypePM
2010-07-23 13:43 . 2008-05-13 13:48 -------- d-----w- c:\documents and settings\moi\Application Data\Vso
2010-07-17 03:00 . 2010-05-03 07:53 423656 ----a-w- c:\windows\system32\deployJava1.dll
2010-07-14 11:22 . 2010-04-12 10:17 1 ----a-w- c:\documents and settings\moi\Application Data\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2010-06-30 12:32 . 2004-09-23 16:11 149504 ----a-w- c:\windows\system32\schannel.dll
2010-06-24 12:25 . 2004-09-23 16:11 916480 ----a-w- c:\windows\system32\wininet.dll
2010-06-24 09:02 . 2004-09-23 16:11 1852032 ----a-w- c:\windows\system32\win32k.sys
2010-06-21 15:27 . 2004-09-23 16:11 354304 ----a-w- c:\windows\system32\drivers\srv.sys
2010-06-19 12:47 . 2008-05-07 20:52 95920 ----a-w- c:\documents and settings\Michel\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-06-17 14:03 . 2004-09-23 16:10 80384 ----a-w- c:\windows\system32\iccvid.dll
2010-06-14 14:31 . 2004-09-23 17:07 744448 ----a-w- c:\windows\pchealth\helpctr\binaries\helpsvc.exe
2010-06-14 07:42 . 2004-09-23 16:10 1172480 ----a-w- c:\windows\system32\msxml3.dll
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0F6E720A-1A6B-40E1-A294-1D4D19F156C8}]
2009-10-15 08:53 165184 ----a-w- c:\program files\SFR\Kit\SFRNavErrorHelper.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{59994074-c06d-4a75-9768-49e5a8c21264}"= "c:\program files\Messenger_Plus_Live_France\tbMes0.dll" [2010-09-08 2735200]

[HKEY_CLASSES_ROOT\clsid\{59994074-c06d-4a75-9768-49e5a8c21264}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Picasa Media Detector"="c:\program files\Picasa2\PicasaMediaDetector.exe" [2008-02-26 443968]
"updateMgr"="c:\program files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 313472]
"Connexion SFR 9props.exe"="c:\program files\SFR\Kit\9props.exe" [2009-10-15 959808]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-04-27 7573504]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-04-27 86016]
"Easy-PrintToolBox"="c:\program files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE" [2004-01-14 409600]
"BJCFD"="c:\program files\BroadJump\Client Foundation\CFD.exe" [2003-01-27 376912]
"RealTray"="c:\program files\Real\RealPlayer\RealPlay.exe" [2008-05-05 26112]
"SPAMfighter Agent"="c:\program files\SPAMfighter\SFAgent.exe" [2009-03-12 326792]
"Ad-Watch"="c:\program files\Lavasoft\Ad-Aware\AAWTray.exe" [2010-03-22 524632]
"REGSHAVE"="c:\program files\REGSHAVE\REGSHAVE.EXE" [2002-02-04 53248]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-09-07 2838912]
"SunJavaUpdateSched"="c:\program files\Fichiers communs\Java\Java Update\jusched.exe" [2010-05-14 248552]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Lancement rapide d'Adobe Reader.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2008-4-23 29696]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
2005-05-03 16:43 69632 ----a-w- c:\windows\Alcmtr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DetectorApp]
2005-10-20 04:15 102400 ----a-w- c:\program files\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray]
2005-09-29 12:01 67584 ----a-w- c:\windows\ehome\ehtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EmailChecker]
2003-07-02 09:13 40960 ----a-w- c:\apps\EmailChecker\ech.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EULA]
2006-09-29 12:14 18944 ----a-w- c:\apps\PB_TB\EULALauncher.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMJPMIG8.1]
2004-08-10 12:00 208952 ----a-w- c:\windows\ime\IMJP8_1\imjpmig.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 02:34 1695232 ------w- c:\program files\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
2006-04-27 22:47 1519616 ----a-w- c:\windows\system32\nwiz.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002A]
2004-08-10 12:00 455168 ----a-w- c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002ASync]
2004-08-10 12:00 455168 ----a-w- c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Picasa Media Detector]
2008-02-26 01:23 443968 ----a-w- c:\program files\Picasa2\PicasaMediaDetector.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
2006-05-18 12:27 16207872 ----a-w- c:\windows\RTHDCPL.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
2006-05-16 16:04 2879488 ----a-w- c:\windows\SkyTel.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmpcSys]
2005-11-17 07:51 975360 ------w- c:\apps\SMP\SMPSYS.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2005-06-03 01:52 36975 ----a-w- c:\program files\Java\jre1.5.0_04\bin\jusched.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%ProgramFiles%\\AOL 9.0\\aol.exe"=
"%ProgramFiles%\\UBISOFT\\Splinter Cell Pandora Tomorrow\\logo_ubi.exe"=
"%ProgramFiles%\\UBISOFT\\Splinter Cell Pandora Tomorrow\\pandora.exe"=
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\APPS\\skype\\Phone\\Skype.exe"=

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [12/06/2009 16:23 64160]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [28/08/2010 13:40 165584]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [28/08/2010 13:40 17744]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [18/01/2009 23:34 1029456]
R2 SPAMfighter Update Service;SPAMfighter Update Service;c:\program files\SPAMfighter\sfus.exe [12/03/2009 10:44 184968]
R3 3xHybrid;ASUSTek SAA713x PCI Card;c:\windows\system32\drivers\3xHybrid.sys [05/05/2008 11:09 882688]
R3 X10Hid;X10 Hid Device;c:\windows\system32\drivers\x10hid.sys [05/05/2008 11:11 7040]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [21/02/2010 15:15 135664]
S3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\maconfservice.exe [13/08/2010 14:43 259440]
.
Contenu du dossier 'Tâches planifiées'

2010-07-19 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-01-18 15:23]

2010-09-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-21 13:15]

2010-09-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-21 13:15]
.
.
------- Examen supplémentaire -------
.
uInternet Connection Wizard,ShellNext = hxxp://format.packardbell.com/cgi-bin/redirect/?country=FR&range=AD&phase=8&key=IESTART
uInternet Settings,ProxyOverride = 127.0.0.1
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\moi\Application Data\Mozilla\Firefox\Profiles\ew8szkkf.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2567681&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/
FF - prefs.js: keyword.URL - hxxp://redirecterror.sfr.fr/?q=
FF - component: c:\documents and settings\moi\Application Data\Mozilla\Firefox\Profiles\ew8szkkf.default\extensions\{59994074-c06d-4a75-9768-49e5a8c21264}\components\FFExternalAlert.dll
FF - component: c:\documents and settings\moi\Application Data\Mozilla\Firefox\Profiles\ew8szkkf.default\extensions\{59994074-c06d-4a75-9768-49e5a8c21264}\components\RadioWMPCore.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\ma-config.com\nphardwaredetection.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Picasa2\npPicasa3.dll
FF - plugin: c:\program files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: c:\webclient\np_orfc.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- PARAMETRES FIREFOX ----
FF - user.js: yahoo.homepage.dontask - true
FF - user.js: keyword.URL - hxxp://redirecterror.sfr.fr/?q=
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
- - - - ORPHELINS SUPPRIMES - - - -

Toolbar-Locked - (no file)
HKCU-Run-RegistryBooster - c:\program files\Uniblue\RegistryBooster\launcher.exe
MSConfigStartUp-ISUSPM Startup - c:\progra~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe
MSConfigStartUp-ISUSScheduler - c:\program files\Fichiers communs\InstallShield\UpdateService\issch.exe
AddRemove-Messenger_Plus_Live_France Toolbar - c:\progra~1\MESSEN~3\UNWISE.EXE



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-09-09 09:56
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\Ø•€|ÿÿÿÿ•€|ù•9~*]
"C040110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'explorer.exe'(2224)
c:\progra~1\WINDOW~3\wmpband.dll
c:\windows\system32\eappprxy.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\program files\Microsoft Office\OFFICE11\msohev.dll
c:\program files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\progra~1\FICHIE~1\AOL\ACS\AOLacsd.exe
c:\windows\eHome\ehRecvr.exe
c:\windows\eHome\ehSched.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\nvsvc32.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
c:\program files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe
c:\progra~1\COMMON~1\X10\Common\x10nets.exe
c:\windows\ehome\mcrdsvc.exe
c:\windows\system32\dllhost.exe
c:\windows\system32\wbem\unsecapp.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\windows\system32\msiexec.exe
.
**************************************************************************
.
Heure de fin: 2010-09-09 10:02:17 - La machine a redémarré
ComboFix-quarantined-files.txt 2010-09-09 08:02

Avant-CF: 240 200 392 704 octets libres
Après-CF: 240 450 990 080 octets libres

WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Windows XP Media Center Edition" /noexecute=optin /fastdetect

- - End Of File - - 3E95CC6452C02744208E7F924D3150D2
puis un coup de hijackthis :
ComboFix 10-09-08.01 - moi 09/09/2010 9:48.1.2 - x86
Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.1022.453 [GMT 2:00]
Lancé depuis: c:\documents and settings\moi\Bureau\Nathan.exe
AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Autorun.inf
C:\DelUS.bat
c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat
c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat
c:\documents and settings\moi\Application Data\PriceGong
c:\documents and settings\moi\Application Data\PriceGong\Data\1.xml
c:\documents and settings\moi\Application Data\PriceGong\Data\a.xml
c:\documents and settings\moi\Application Data\PriceGong\Data\b.xml
c:\documents and settings\moi\Application Data\PriceGong\Data\c.xml
c:\documents and settings\moi\Application Data\PriceGong\Data\d.xml
c:\documents and settings\moi\Application Data\PriceGong\Data\e.xml
c:\documents and settings\moi\Application Data\PriceGong\Data\f.xml
c:\documents and settings\moi\Application Data\PriceGong\Data\g.xml
c:\documents and settings\moi\Application Data\PriceGong\Data\h.xml
c:\documents and settings\moi\Application Data\PriceGong\Data\i.xml
c:\documents and settings\moi\Application Data\PriceGong\Data\J.xml
c:\documents and settings\moi\Application Data\PriceGong\Data\k.xml
c:\documents and settings\moi\Application Data\PriceGong\Data\l.xml
c:\documents and settings\moi\Application Data\PriceGong\Data\m.xml
c:\documents and settings\moi\Application Data\PriceGong\Data\n.xml
c:\documents and settings\moi\Application Data\PriceGong\Data\o.xml
c:\documents and settings\moi\Application Data\PriceGong\Data\p.xml
c:\documents and settings\moi\Application Data\PriceGong\Data\q.xml
c:\documents and settings\moi\Application Data\PriceGong\Data\r.xml
c:\documents and settings\moi\Application Data\PriceGong\Data\s.xml
c:\documents and settings\moi\Application Data\PriceGong\Data\t.xml
c:\documents and settings\moi\Application Data\PriceGong\Data\u.xml
c:\documents and settings\moi\Application Data\PriceGong\Data\v.xml
c:\documents and settings\moi\Application Data\PriceGong\Data\w.xml
c:\documents and settings\moi\Application Data\PriceGong\Data\x.xml
c:\documents and settings\moi\Application Data\PriceGong\Data\y.xml
c:\documents and settings\moi\Application Data\PriceGong\Data\z.xml
c:\documents and settings\moi\Bureau\Internet Explorer.lnk
c:\windows\system32\scrrnfr.dll
c:\windows\system32\Thumbs.db

----- BITS: Il y a peut-être des sites infectés -----

hxxp://au.download.windowsupj+|[email protected]:NGD_DQ{zGD_DQ{zGD_DQ{zGD_DQ{[email protected]:Nj+|Cv
.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_AVPsys


((((((((((((((((((((((((((((( Fichiers créés du 2010-08-09 au 2010-09-09 ))))))))))))))))))))))))))))))))))))
.

2010-09-08 15:41 . 2010-09-08 15:41 -------- d-----w- c:\documents and settings\moi\Application Data\Malwarebytes
2010-09-08 15:41 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-09-08 15:41 . 2010-09-08 15:41 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2010-09-08 15:41 . 2010-09-08 15:41 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-09-08 15:41 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-09-08 14:41 . 2010-09-08 14:41 -------- d-----w- c:\documents and settings\All Users\Application Data\PC Drivers HeadQuarters
2010-09-08 13:13 . 2010-09-08 13:13 -------- d-----w- c:\documents and settings\moi\Application Data\Uniblue
2010-09-08 12:34 . 2010-09-08 14:25 -------- d-----w- c:\documents and settings\All Users\Application Data\ma-config.com
2010-09-08 12:34 . 2010-09-08 14:23 -------- d-----w- c:\program files\ma-config.com
2010-08-28 11:40 . 2010-09-07 14:52 165584 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-08-28 11:40 . 2010-09-07 14:47 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-08-28 11:40 . 2010-09-07 14:52 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-08-28 11:40 . 2010-09-07 14:47 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-08-28 11:40 . 2010-09-07 14:47 100176 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2010-08-28 11:40 . 2010-09-07 14:47 94544 ----a-w- c:\windows\system32\drivers\aswmon.sys
2010-08-28 11:40 . 2010-09-07 14:46 28880 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2010-08-28 11:40 . 2010-09-07 15:12 38848 ----a-w- c:\windows\avastSS.scr
2010-08-28 11:40 . 2010-09-07 15:11 167592 ----a-w- c:\windows\system32\aswBoot.exe
2010-08-28 11:40 . 2010-08-28 11:40 -------- d-----w- c:\program files\Alwil Software
2010-08-28 11:40 . 2010-08-28 11:40 -------- d-----w- c:\documents and settings\All Users\Application Data\Alwil Software
2010-08-23 21:03 . 2006-10-26 17:56 33104 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\msonpppr.dll
2010-08-23 21:03 . 2006-10-26 17:56 32592 ----a-w- c:\windows\system32\msonpmon.dll
2010-08-23 20:59 . 2010-08-23 20:59 -------- d-----w- c:\documents and settings\moi\Local Settings\Application Data\Microsoft Help
2010-08-23 20:58 . 2010-08-23 21:52 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2010-08-16 16:42 . 2010-08-16 16:42 -------- d-----w- c:\program files\SFR

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-09 07:57 . 2009-05-15 13:03 -------- d-----w- c:\program files\SPAMfighter
2010-09-09 07:27 . 2010-06-12 09:54 -------- d-----w- c:\program files\Messenger_Plus_Live_France
2010-09-08 14:25 . 2008-05-05 09:18 -------- d-----w- c:\program files\Fichiers communs\Java
2010-09-08 14:24 . 2009-06-02 15:32 -------- d-----w- c:\program files\Microsoft Silverlight
2010-09-08 12:33 . 2008-05-05 09:18 -------- d-----w- c:\program files\Java
2010-09-07 13:26 . 2008-05-07 14:40 -------- d-----w- c:\documents and settings\moi\Application Data\U3
2010-09-05 12:23 . 2010-05-09 08:55 664 ----a-w- c:\windows\system32\d3d9caps.dat
2010-09-03 17:13 . 2010-04-18 13:41 -------- d-----w- c:\documents and settings\moi\Application Data\vlc
2010-08-24 08:02 . 2008-05-06 06:14 99048 ----a-w- c:\documents and settings\moi\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-08-16 16:19 . 2008-05-05 09:32 -------- d-----w- c:\program files\Google
2010-08-16 16:13 . 2008-05-05 09:32 -------- d-----w- c:\program files\Picasa2
2010-08-16 16:13 . 2008-05-12 11:08 -------- d-----w- c:\program files\NBPROF
2010-08-16 16:13 . 2009-06-12 16:40 -------- d-----w- c:\program files\NBCONS
2010-08-16 16:13 . 2008-05-05 09:08 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-08-16 16:13 . 2008-05-07 17:59 -------- dcsh--w- c:\program files\Fichiers communs\WindowsLiveInstaller
2010-08-16 16:13 . 2008-05-05 09:25 -------- d-----w- c:\program files\Fichiers communs\Symantec Shared
2010-08-16 16:12 . 2008-05-05 09:22 -------- d-----w- c:\program files\AOL 9.0
2010-08-15 15:52 . 2004-09-23 16:12 85644 ----a-w- c:\windows\system32\perfc00C.dat
2010-08-15 15:52 . 2004-09-23 16:12 513498 ----a-w- c:\windows\system32\perfh00C.dat
2010-08-14 07:30 . 2010-08-14 07:30 503808 ----a-w- c:\documents and settings\moi\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-1cf9000d-n\msvcp71.dll
2010-08-14 07:30 . 2010-08-14 07:30 499712 ----a-w- c:\documents and settings\moi\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-1cf9000d-n\jmc.dll
2010-08-14 07:30 . 2010-08-14 07:30 348160 ----a-w- c:\documents and settings\moi\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-1cf9000d-n\msvcr71.dll
2010-08-14 07:30 . 2010-08-14 07:30 61440 ----a-w- c:\documents and settings\moi\Application Data\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-4f6732e7-n\decora-sse.dll
2010-08-14 07:30 . 2010-08-14 07:30 12800 ----a-w- c:\documents and settings\moi\Application Data\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-4f6732e7-n\decora-d3d.dll
2010-07-27 16:36 . 2008-08-28 14:48 -------- d-----w- c:\documents and settings\moi\Application Data\Skype
2010-07-27 16:24 . 2008-08-29 16:27 -------- d-----w- c:\documents and settings\moi\Application Data\skypePM
2010-07-23 13:43 . 2008-05-13 13:48 -------- d-----w- c:\documents and settings\moi\Application Data\Vso
2010-07-17 03:00 . 2010-05-03 07:53 423656 ----a-w- c:\windows\system32\deployJava1.dll
2010-07-14 11:22 . 2010-04-12 10:17 1 ----a-w- c:\documents and settings\moi\Application Data\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2010-06-30 12:32 . 2004-09-23 16:11 149504 ----a-w- c:\windows\system32\schannel.dll
2010-06-24 12:25 . 2004-09-23 16:11 916480 ----a-w- c:\windows\system32\wininet.dll
2010-06-24 09:02 . 2004-09-23 16:11 1852032 ----a-w- c:\windows\system32\win32k.sys
2010-06-21 15:27 . 2004-09-23 16:11 354304 ----a-w- c:\windows\system32\drivers\srv.sys
2010-06-19 12:47 . 2008-05-07 20:52 95920 ----a-w- c:\documents and settings\Michel\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-06-17 14:03 . 2004-09-23 16:10 80384 ----a-w- c:\windows\system32\iccvid.dll
2010-06-14 14:31 . 2004-09-23 17:07 744448 ----a-w- c:\windows\pchealth\helpctr\binaries\helpsvc.exe
2010-06-14 07:42 . 2004-09-23 16:10 1172480 ----a-w- c:\windows\system32\msxml3.dll
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0F6E720A-1A6B-40E1-A294-1D4D19F156C8}]
2009-10-15 08:53 165184 ----a-w- c:\program files\SFR\Kit\SFRNavErrorHelper.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{59994074-c06d-4a75-9768-49e5a8c21264}"= "c:\program files\Messenger_Plus_Live_France\tbMes0.dll" [2010-09-08 2735200]

[HKEY_CLASSES_ROOT\clsid\{59994074-c06d-4a75-9768-49e5a8c21264}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Picasa Media Detector"="c:\program files\Picasa2\PicasaMediaDetector.exe" [2008-02-26 443968]
"updateMgr"="c:\program files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 313472]
"Connexion SFR 9props.exe"="c:\program files\SFR\Kit\9props.exe" [2009-10-15 959808]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-04-27 7573504]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-04-27 86016]
"Easy-PrintToolBox"="c:\program files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE" [2004-01-14 409600]
"BJCFD"="c:\program files\BroadJump\Client Foundation\CFD.exe" [2003-01-27 376912]
"RealTray"="c:\program files\Real\RealPlayer\RealPlay.exe" [2008-05-05 26112]
"SPAMfighter Agent"="c:\program files\SPAMfighter\SFAgent.exe" [2009-03-12 326792]
"Ad-Watch"="c:\program files\Lavasoft\Ad-Aware\AAWTray.exe" [2010-03-22 524632]
"REGSHAVE"="c:\program files\REGSHAVE\REGSHAVE.EXE" [2002-02-04 53248]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-09-07 2838912]
"SunJavaUpdateSched"="c:\program files\Fichiers communs\Java\Java Update\jusched.exe" [2010-05-14 248552]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Lancement rapide d'Adobe Reader.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2008-4-23 29696]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
2005-05-03 16:43 69632 ----a-w- c:\windows\Alcmtr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DetectorApp]
2005-10-20 04:15 102400 ----a-w- c:\program files\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray]
2005-09-29 12:01 67584 ----a-w- c:\windows\ehome\ehtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EmailChecker]
2003-07-02 09:13 40960 ----a-w- c:\apps\EmailChecker\ech.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EULA]
2006-09-29 12:14 18944 ----a-w- c:\apps\PB_TB\EULALauncher.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMJPMIG8.1]
2004-08-10 12:00 208952 ----a-w- c:\windows\ime\IMJP8_1\imjpmig.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 02:34 1695232 ------w- c:\program files\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
2006-04-27 22:47 1519616 ----a-w- c:\windows\system32\nwiz.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002A]
2004-08-10 12:00 455168 ----a-w- c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002ASync]
2004-08-10 12:00 455168 ----a-w- c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Picasa Media Detector]
2008-02-26 01:23 443968 ----a-w- c:\program files\Picasa2\PicasaMediaDetector.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
2006-05-18 12:27 16207872 ----a-w- c:\windows\RTHDCPL.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
2006-05-16 16:04 2879488 ----a-w- c:\windows\SkyTel.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmpcSys]
2005-11-17 07:51 975360 ------w- c:\apps\SMP\SMPSYS.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2005-06-03 01:52 36975 ----a-w- c:\program files\Java\jre1.5.0_04\bin\jusched.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%ProgramFiles%\\AOL 9.0\\aol.exe"=
"%ProgramFiles%\\UBISOFT\\Splinter Cell Pandora Tomorrow\\logo_ubi.exe"=
"%ProgramFiles%\\UBISOFT\\Splinter Cell Pandora Tomorrow\\pandora.exe"=
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\APPS\\skype\\Phone\\Skype.exe"=

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [12/06/2009 16:23 64160]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [28/08/2010 13:40 165584]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [28/08/2010 13:40 17744]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [18/01/2009 23:34 1029456]
R2 SPAMfighter Update Service;SPAMfighter Update Service;c:\program files\SPAMfighter\sfus.exe [12/03/2009 10:44 184968]
R3 3xHybrid;ASUSTek SAA713x PCI Card;c:\windows\system32\drivers\3xHybrid.sys [05/05/2008 11:09 882688]
R3 X10Hid;X10 Hid Device;c:\windows\system32\drivers\x10hid.sys [05/05/2008 11:11 7040]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [21/02/2010 15:15 135664]
S3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\maconfservice.exe [13/08/2010 14:43 259440]
.
Contenu du dossier 'Tâches planifiées'

2010-07-19 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-01-18 15:23]

2010-09-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-21 13:15]

2010-09-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-21 13:15]
.
.
------- Examen supplémentaire -------
.
uInternet Connection Wizard,ShellNext = hxxp://format.packardbell.com/cgi-bin/redirect/?country=FR&range=AD&phase=8&key=IESTART
uInternet Settings,ProxyOverride = 127.0.0.1
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\moi\Application Data\Mozilla\Firefox\Profiles\ew8szkkf.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2567681&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/
FF - prefs.js: keyword.URL - hxxp://redirecterror.sfr.fr/?q=
FF - component: c:\documents and settings\moi\Application Data\Mozilla\Firefox\Profiles\ew8szkkf.default\extensions\{59994074-c06d-4a75-9768-49e5a8c21264}\components\FFExternalAlert.dll
FF - component: c:\documents and settings\moi\Application Data\Mozilla\Firefox\Profiles\ew8szkkf.default\extensions\{59994074-c06d-4a75-9768-49e5a8c21264}\components\RadioWMPCore.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\ma-config.com\nphardwaredetection.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Picasa2\npPicasa3.dll
FF - plugin: c:\program files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: c:\webclient\np_orfc.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- PARAMETRES FIREFOX ----
FF - user.js: yahoo.homepage.dontask - true
FF - user.js: keyword.URL - hxxp://redirecterror.sfr.fr/?q=
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
- - - - ORPHELINS SUPPRIMES - - - -

Toolbar-Locked - (no file)
HKCU-Run-RegistryBooster - c:\program files\Uniblue\RegistryBooster\launcher.exe
MSConfigStartUp-ISUSPM Startup - c:\progra~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe
MSConfigStartUp-ISUSScheduler - c:\program files\Fichiers communs\InstallShield\UpdateService\issch.exe
AddRemove-Messenger_Plus_Live_France Toolbar - c:\progra~1\MESSEN~3\UNWISE.EXE



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-09-09 09:56
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\Ø•€|ÿÿÿÿ•€|ù•9~*]
"C040110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'explorer.exe'(2224)
c:\progra~1\WINDOW~3\wmpband.dll
c:\windows\system32\eappprxy.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\program files\Microsoft Office\OFFICE11\msohev.dll
c:\program files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\progra~1\FICHIE~1\AOL\ACS\AOLacsd.exe
c:\windows\eHome\ehRecvr.exe
c:\windows\eHome\ehSched.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\nvsvc32.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
c:\program files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe
c:\progra~1\COMMON~1\X10\Common\x10nets.exe
c:\windows\ehome\mcrdsvc.exe
c:\windows\system32\dllhost.exe
c:\windows\system32\wbem\unsecapp.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\windows\system32\msiexec.exe
.
**************************************************************************
.
Heure de fin: 2010-09-09 10:02:17 - La machine a redémarré
ComboFix-quarantined-files.txt 2010-09-09 08:02

Avant-CF: 240 200 392 704 octets libres
Après-CF: 240 450 990 080 octets libres

WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Windows XP Media Center Edition" /noexecute=optin /fastdetect

- - End Of File - - 3E95CC6452C02744208E7F924D3150D2
j'ai fixé les noname et filemissing !
Que faire de plus !
PS : j'ai meme reinitialisé IE8
SkyTech

Re: Probleme port USB

par SkyTech »

Salut,

Si tu pouvais poster les logs de MalwareBytes & HijackThis. PDT_019
Avatar de l’utilisateur
Topxm
Messages : 7942
Inscription : 08 nov. 2007 22:53
Localisation : Cognac !!!!!

Re: Probleme port USB

par Topxm »

Salut,

Je pige pas trop le rapport entre ComboFix / un problème USB / le tout posté section optimisation ...
Image
  • Sujets similaires
    Réponses
    Vues
    Dernier message

Revenir à « Accélérer Windows et problème de lenteur PC »