Elise
Participant
Nombre d'articles : 17

Waaah, quelle rapidité, merci bien :D

et voici le rapport d’usbfix :
[spoiler:3pzeuo6i]############################## | UsbFix V 7.127 | [Suppression]

Utilisateur: Elise (Administrateur) # GPRSTGMJ-SAMA
Mis à jour le 05/06/2013 par El Desaparecido
Lancé à 21:30:15 | 14/06/2013

Site Web: http://sosvirus.org/ » onclick= »window.open(this.href);return false;
Upload Malware: http://upload.sosvirus.org/ » onclick= »window.open(this.href);return false;
Contact: contact@sosvirus.org

PC: ASUSTeK Computer INC. (1001PX) (X86-based PC)
CPU: Intel(R) Atom(TM) CPU N450 @ 1.66GHz (1666)
RAM -> [Total : 2038 | Free : 1076]
BIOS: BIOS Date: 02/10/10 21:30:41 Ver: 08.00.12
BOOT: Normal boot

OS: Microsoft Windows XP Édition familiale (5.1.2600 32-Bit) # Service Pack 3
WB: Windows Internet Explorer 8.0.6001.18702

SC: Security Center Service [Enabled]
WU: Windows Update Service [Enabled]
FW: Windows FireWall Service [Enabled]

C: (%systemdrive%) -> Disque fixe # 80 Go (38 Go libre(s) – 48%) [] # NTFS
D: -> Disque fixe # 62 Go (60 Go libre(s) – 97%) [] # NTFS
E: -> Disque amovible # 2 Go (2 Go libre(s) – 100%) [] # FAT
F: -> Disque amovible # 2 Go (2 Go libre(s) – 87%) [] # FAT

################## | El Desaparecido Section |

HKLMSOFTWARE | Run : [SynTPEnh] – %ProgramFiles%SynapticsSynTPSynTPEnh.exe
HKLMSOFTWARE | Run : [IgfxTray] – C:WINDOWSsystem32igfxtray.exe
HKLMSOFTWARE | Run : [HotKeysCmds] – C:WINDOWSsystem32hkcmd.exe
HKLMSOFTWARE | Run : [Persistence] – C:WINDOWSsystem32igfxpers.exe
HKLMSOFTWARE | Run : [SynAsusAcpi] – %ProgramFiles%SynapticsSynTPSynAsusAcpi.exe
HKLMSOFTWARE | Run : [AsusACPIServer] – C:Program FilesEeePCACPIAsAcpiSvr.exe
HKLMSOFTWARE | Run : [AsusEPCMonitor] – C:Program FilesEeePCACPIAsEPCMon.exe
HKLMSOFTWARE | Run : [AsusTray] – C:Program FilesEeePCACPIAsTray.exe
HKLMSOFTWARE | Run : [CapsHook] – C:Program FilesEeePCCapsHookCapsHook.exe
HKLMSOFTWARE | Run : [RTHDCPL] – RTHDCPL.EXE
HKLMSOFTWARE | Run : [Panda Security URL Filtering] – « C:Documents and SettingsAll UsersApplication DataPanda Security URL FilteringPanda_URL_Filtering.exe »
HKLMSOFTWARE | Run : [DivXMediaServer] – C:Program FilesDivXDivX Media ServerDivXMediaServer.exe
HKLMSOFTWARE | Run : [QuickTime Task] – « C:Program FilesQuickTimeQTTask.exe » -atboottime
HKLMSOFTWARE | Run : [APSDaemon] – « C:Program FilesFichiers communsAppleApple Application SupportAPSDaemon.exe »
HKLMSOFTWARE | Run : [PSUAMain] – « C:Program FilesPanda SecurityPanda Cloud AntivirusPSUAMain.exe » /LaunchSysTray
HKLMSOFTWARE | Run : [SunJavaUpdateSched] – « C:Program FilesFichiers communsJavaJava Updatejusched.exe »
HKLMSOFTWARE | Run : [Adobe ARM] – « C:Program FilesFichiers communsAdobeARM1.0AdobeARM.exe »
HKLMSOFTWARE | RunOnce : [] –
HKUS-1-5-19SOFTWARE | Run : [CTFMON.EXE] – C:WINDOWSsystem32CTFMON.EXE
HKUS-1-5-20SOFTWARE | Run : [CTFMON.EXE] – C:WINDOWSsystem32CTFMON.EXE
HKUS-1-5-21-183612933-190524706-2072853216-1006SOFTWARE | Run : [CTFMON.EXE] – C:WINDOWSsystem32ctfmon.exe
HKUS-1-5-18SOFTWARE | Run : [CTFMON.EXE] – C:WINDOWSsystem32CTFMON.EXE
HKUS-1-5-18SOFTWARE | RunOnce : [panda2_0dn] – reg.exe delete « HKCUSoftwareAppDataLowSoftwarepanda2_0dn » /f
HKUS-1-5-18SOFTWARE | RunOnce : [panda2_0dn_XP] – reg.exe delete « HKCUSoftwarepanda2_0dn » /f
HKUS-1-5-18SOFTWARE | RunOnce : [panda4_0dn] – reg.exe delete « HKCUSoftwareAppDataLowSoftwarepanda4_0dn » /f
HKUS-1-5-18SOFTWARE | RunOnce : [panda4_0dn_XP] – reg.exe delete « HKCUSoftwarepanda4_0dn » /f

################## | Processus Stoppés |

Stoppé! C:WINDOWSsystem32spoolsv.exe (640)
Stoppé! C:Program FilesJavajre7binjqs.exe (888)
Stoppé! C:Program FilesPanda SecurityPanda Cloud AntivirusPSANHost.exe (928)
Stoppé! C:Program FilesPanda SecurityPanda Cloud AntivirusPSUAService.exe (976)
Stoppé! C:WINDOWSExplorer.EXE (952)
Stoppé! C:Program FilesSynapticsSynTPSynTPEnh.exe (2308)
Stoppé! C:WINDOWSsystem32igfxtray.exe (2316)
Stoppé! C:WINDOWSsystem32hkcmd.exe (2324)
Stoppé! C:WINDOWSsystem32igfxsrvc.exe (2372)
Stoppé! C:Program FilesEeePCACPIAsAcpiSvr.exe (2388)
Stoppé! C:Program FilesEeePCACPIAsEPCMon.exe (2408)
Stoppé! C:Program FilesEeePCACPIAsTray.exe (2424)
Stoppé! C:Program FilesEeePCCapsHookCapsHook.exe (2476)
Stoppé! C:WINDOWSRTHDCPL.EXE (2512)
Stoppé! C:Documents and SettingsAll UsersApplication DataPanda Security URL FilteringPanda_URL_Filtering.exe (2524)
Stoppé! C:WINDOWSsystem32igfxext.exe (2596)
Stoppé! C:Program FilesPanda SecurityPanda Cloud AntivirusPSUAMain.exe (2604)
Stoppé! C:Program FilesFichiers communsJavaJava Updatejusched.exe (2648)
Stoppé! C:WINDOWSsystem32ctfmon.exe (2692)
Stoppé! C:Program FilesASUSEeePCSuper Hybrid EngineSuperHybridEngine.exe (2744)
Stoppé! C:Program FilesOpenOffice.org 3programsoffice.exe (2800)
Stoppé! C:Program FilesOpenOffice.org 3programsoffice.bin (2820)
Stoppé! C:Program FilesMozilla Firefoxfirefox.exe (3164)
Stoppé! C:WINDOWSsystem32wuauclt.exe (3368)
Stoppé! C:Program FilesSkypePhoneSkype.exe (3736)
Stoppé! C:Program FilesMozilla Thunderbirdthunderbird.exe (2284)
Stoppé! C:Program FilesMozilla Firefoxplugin-container.exe (1416)
Stoppé! C:WINDOWSsystem32wscntfy.exe (1088)

################## | Éléments infectieux |

Supprimé! C:DOCUME~1EliseLOCALS~1TempLanceur.vbs
Supprimé! C:DOCUME~1EliseLOCALS~1Temp14998uninstall.exe
Supprimé! C:DOCUME~1EliseLOCALS~1Temp23225uninstall.exe
Supprimé! C:DOCUME~1EliseLOCALS~1Temp74163uninstall.exe
Supprimé! C:DOCUME~1EliseLOCALS~1Temp7za.exe
Supprimé! E:_WNQG.init
Supprimé! E:desktop.ini
Supprimé! E:Thumbs.db
Supprimé! F:_WEPVQU.init
Supprimé! F:autorun.inf
Supprimé! F:desktop.ini
Supprimé! F:Thumbs.db

(!) Fichiers temporaires supprimés.

################## | Registre |

################## | Mountpoints2 |

################## | Listing |

[21/12/2011 – 18:29:33 | N | 0] C:x0304A000.sfl
[17/07/2010 – 00:48:35 | D ] C:7e9db9b6829b1e946c8a51748c2324
[14/06/2013 – 20:32:43 | N | 25219] C:AdwCleaner[R1].txt
[14/06/2013 – 20:34:22 | N | 25152] C:AdwCleaner[S1].txt
[15/12/2009 – 07:11:48 | N | 0] C:AUTOEXEC.BAT
[14/06/2013 – 17:53:28 | RASHD ] C:autorun.inf
[14/05/2013 – 09:25:16 | N | 216] C:boot.ini
[14/04/2008 – 14:00:00 | N | 4952] C:Bootfont.bin
[14/06/2013 – 20:35:34 | D ] C:Config.Msi
[15/12/2009 – 07:11:48 | N | 0] C:CONFIG.SYS
[14/05/2013 – 08:26:08 | D ] C:Documents and Settings
[10/03/2010 – 14:49:52 | D ] C:Intel
[15/12/2009 – 07:11:48 | N | 0] C:IO.SYS
[15/12/2009 – 07:11:48 | N | 0] C:MSDOS.SYS
[06/04/2011 – 23:51:23 | D ] C:MyHosts
[06/04/2011 – 23:51:24 | N | 230] C:MyHosts.txt
[14/04/2008 – 14:00:00 | N | 47564] C:NTDETECT.COM
[14/04/2008 – 14:00:00 | N | 252240] C:ntldr
[14/06/2013 – 20:35:35 | ASH | 1598029824] C:pagefile.sys
[14/06/2013 – 20:49:09 | N | 512] C:PhysicalDisk0_MBR.bin
[14/06/2013 – 20:41:18 | D ] C:Program Files
[16/07/2010 – 04:28:56 | SHD ] C:RECYCLER
[16/07/2010 – 04:02:52 | SHD ] C:System Volume Information
[03/11/2011 – 22:31:52 | D ] C:temp
[09/05/2013 – 12:37:55 | D ] C:TMP
[14/06/2013 – 21:38:03 | D ] C:UsbFix
[14/06/2013 – 21:39:06 | A | 7215] C:UsbFix [Clean 1] GPRSTGMJ-SAMA.txt
[14/06/2013 – 20:16:29 | D ] C:WINDOWS
[14/06/2013 – 20:49:12 | D ] C:ZHP
[14/10/2011 – 07:57:50 | D ] D:8861bd5d042b83bf7
[12/04/2012 – 08:18:32 | D ] D:4b132a5b26d70fe1276e8e6b
[14/06/2012 – 13:20:45 | D ] D:6b414713182b793630ed3e29
[14/06/2013 – 17:53:28 | RASHD ] D:autorun.inf
[14/05/2013 – 10:07:36 | D ] D:FFOutput
[24/04/2011 – 17:35:10 | D ] D:qq
[11/06/2013 – 13:41:51 | D ] D:READS website updates
[15/07/2010 – 22:32:03 | SHD ] D:RECYCLER
[16/07/2010 – 03:54:23 | SHD ] D:System Volume Information
[14/06/2013 – 18:33:02 | D ] E: 
[11/06/2013 – 17:44:00 | N | 512] F:NIKON001.DSC
[14/06/2013 – 12:52:08 | D ] F:MISC
[10/05/2013 – 14:05:30 | D ] F: 
[25/11/2011 – 15:43:00 | D ] F:NCFL
[01/02/2012 – 22:42:42 | D ] F:.fseventsd
[01/02/2012 – 22:42:42 | D ] F:.Trashes
[11/10/2009 – 02:46:10 | D ] F:DCIM

################## | Vaccin |

C:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
D:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
E:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
F:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)

################## | E.O.F | https://www.usb-antivirus.com/fr/ |[/spoiler:3pzeuo6i]

C’est bon ?