khaled
Nombre d'articles : 0

voici mon rapport
merci pour votre aide
est ce que ya quelques chose à faire ou c’est terminé?
merci
############################## | UsbFix V 7.159 | [Suppression]

Utilisateur: Compaq_Propriétaire (Administrateur) # NOM-47D5A5B94AD
Mis à jour le 06/01/2014 par El Desaparecido – Team SosVirus
Lancé à 19:17:36 | 07/01/2014

Site Web : http://www.usbfix.net” onclick=”window.open(this.href);return false;
Changelog : http://www.usbfix.net/maj/” onclick=”window.open(this.href);return false;
Support : https://www.sosvirus.net/” onclick=”window.open(this.href);return false;
Upload Malware : upload_malware.php
Contact : http://www.usbfix.net/contact/” onclick=”window.open(this.href);return false;

PC: ASUSTek Computer INC. (Kelut )
CPU: AMD Athlon(tm) XP 3200+
RAM -> [Total : 511 Mo| Free : 270 Mo]
Bios: Phoenix Technologies, LTD
Boot: Fail-safe boot

OS: Microsoft Windows XP Édition familiale (5.1.2600 32-Bit) Service Pack 3
WB: Windows Internet Explorer : 8.0.6001.18702
WB: Mozilla Firefox : 26.0

SC: Security Center Service [Enabled]
WU: Windows Update Service [Enabled]
AS: Malwarebytes’ Anti-Malware : 1.75.0001
FW: Windows FireWall Service [Enabled]

C: (%systemdrive%) -> Disque fixe # 145 Go (124 Go libre(s) – 86%) [PRESARIO] # NTFS
D: -> Disque fixe # 4 Go (1 Go libre(s) – 29%) [PRESARIO_RP] # FAT32
E: -> CD-ROM
F: -> CD-ROM

################## | Processus Stoppés |

Stoppé! C:WINDOWSExplorer.EXE (ID: 756 |ParentID: 736)
Stoppé! C:Program FilesMozilla Firefoxfirefox.exe (ID: 856 |ParentID: 756)

################## | Regedit Run |

04 – HKLM..Run : [hpsysdrv] c:windowssystemhpsysdrv.exe
04 – HKLM..Run : [KBD] C:HPKBDKBD.EXE
04 – HKLM..Run : [Recguard] C:WINDOWSSMINSTRECGUARD.EXE
04 – HKLM..Run : [NvCplDaemon] RUNDLL32.EXE C:WINDOWSsystem32NvCpl.dll,NvStartup
04 – HKLM..Run : [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
04 – HKLM..Run : [VTTimer] VTTimer.exe
04 – HKLM..Run : [SiS Windows KeyHook] C:WINDOWSsystem32keyhook.exe
04 – HKLM..Run : [AGRSMMSG] AGRSMMSG.exe
04 – HKLM..Run : [PS2] C:WINDOWSsystem32ps2.exe
04 – HKLM..Run : [AlcxMonitor] ALCXMNTR.EXE
04 – HKLM..Run : [QuickTime Task] “C:Program FilesQuickTimeqttask.exe” -atboottime
04 – HKLM..Run : [ORAHSSSessionManager] C:Program FilesOrangeHSSSessionManagerSessionManager.exe
04 – HKLM..Run : [TkBellExe] “C:Program FilesFichiers communsRealUpdate_OBrealsched.exe” -osboot
04 – HKLM..Run : [avast] “C:Program FilesAVAST SoftwareAvastavastUI.exe” /nogui
04 – HKLM..Run : [Adobe ARM] “C:Program FilesFichiers communsAdobeARM1.0AdobeARM.exe”
04 – HKLM..Run : [KernelFaultCheck] %systemroot%system32dumprep 0 -k
04 – HKLM..Run : [APSDaemon] “C:Program FilesFichiers communsAppleApple Application SupportAPSDaemon.exe”
04 – HKLM..Run : [iTunesHelper] “C:Program FilesiTunesiTunesHelper.exe”
04 – HKLM..Run : [Samsung PanelMgr] C:WINDOWSSamsungPanelMgrSSMMgr.exe /autorun
04 – HKLM..Run : [3180 Scan2PC] “C:WINDOWSTwain_32SamsungCLX3180Scan2pc.exe”
04 – HKLM..Run : []
04 – HKLM..Run : [ApnUpdater] “C:Program FilesAsk.comUpdaterUpdater.exe”
04 – HKLM..Run : [KiesTrayAgent] C:Program FilesSamsungKiesKiesTrayAgent.exe
04 – HKLM..Run : [SunJavaUpdateSched] “C:Program FilesFichiers communsJavaJava Updatejusched.exe”
04 – HKLM..Run : [RZN] C:UsersPublicconhost.exe
04 – HKLM..Run : [SURVIVAL] wscript.exe //B “C:DOCUME~1COMPAQ~1LOCALS~1TempSURVIVAL.vbe”
04 – HKLM..RunOnce : []
04 – HKLM..PoliciesExplorerrun : [DOJ] C:UsersPublicconhost.exe
04 – HKLMSoftwareMicrosoftWindows NTCurrentVersionTerminal ServerInstall..Run : []
04 – HKLMSoftwareMicrosoftWindows NTCurrentVersionTerminal ServerInstall..RunOnce : []
04 – HKUS-1-5-20..Run : [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE
04 – HKUS-1-5-21-1677385283-3223505477-3794341141-1007..Run : [ctfmon.exe] C:WINDOWSsystem32ctfmon.exe
04 – HKUS-1-5-21-1677385283-3223505477-3794341141-1007..Run : [MSMSGS] “C:Program FilesMessengermsmsgs.exe” /background
04 – HKUS-1-5-21-1677385283-3223505477-3794341141-1007..Run : [MediaGet2] C:Documents and SettingsCompaq_PropriétaireLocal SettingsApplication DataMediaGet2mediaget.exe –minimized
04 – HKUS-1-5-21-1677385283-3223505477-3794341141-1007..Run : [KiesPreload] C:Program FilesSamsungKiesKies.exe /preload
04 – HKUS-1-5-21-1677385283-3223505477-3794341141-1007..Run : [KiesAirMessage] C:Program FilesSamsungKiesKiesAirMessage.exe -startup
04 – HKUS-1-5-21-1677385283-3223505477-3794341141-1007..Run : [] C:Program FilesSamsungKiesExternalFirmwareUpdateKiesPDLR.exe
04 – HKUS-1-5-21-1677385283-3223505477-3794341141-1007..Run : [SURVIVAL] wscript.exe //B “C:DOCUME~1COMPAQ~1LOCALS~1TempSURVIVAL.vbe”
04 – HKUS-1-5-21-1677385283-3223505477-3794341141-1007..Run : [APS] C:UsersPublicconhost.exe
04 – HKUS-1-5-21-1677385283-3223505477-3794341141-1007..PoliciesExplorerrun : [DOJ] C:UsersPublicconhost.exe

################## | Recherche générique |

Supprimé! C:Documents and SettingsCompaq_PropriétaireApplication DataCompaq_Propriétairev3.4.2.2.vbs
Supprimé! C:Documents and SettingsCompaq_PropriétaireMenu DémarrerProgrammesDémarrageSURVIVAL.vbe
Supprimé! C:Documents and SettingsCompaq_PropriétaireMenu DémarrerProgrammesDémarrageconhost.exe
Supprimé! C:DOCUME~1COMPAQ~1LOCALS~1TempSURVIVAL.vbe
Supprimé! C:DOCUME~1COMPAQ~1LOCALS~1TempDATA.exe
Supprimé! C:Documents and SettingsCompaq_PropriétaireApplication DataBC593D9B6-01-2014
Supprimé! C:Documents and SettingsCompaq_PropriétaireApplication DataBC593D9B7-01-2014
Supprimé! C:Documents and SettingsCompaq_PropriétaireApplication DataBC593D9Bak.tmp
Supprimé! C:Documents and SettingsCompaq_PropriétaireApplication DataBC593D9B
Supprimé! C:DOCUME~1COMPAQ~1LOCALS~1TempCompaq_Propriétaire7
Supprimé! C:DOCUME~1COMPAQ~1LOCALS~1TempCompaq_Propriétaire8
Supprimé! C:DOCUME~1COMPAQ~1LOCALS~1Temp5555etilqs_7OoXdBUc14ideje.pif
Supprimé! C:DOCUME~1COMPAQ~1LOCALS~1Temp575tilqs_7OoXdBUc14ideje.pif
Supprimé! C:DOCUME~1COMPAQ~1LOCALS~1Tempetilqs_7OoXdBUc14ideje.pif
Supprimé! C:DOCUME~1COMPAQ~1LOCALS~1TempzoXdBUc14ideje.pif
Supprimé! C:DOCUME~1COMPAQ~1LOCALS~1TempWinhorest.exe

(!) Fichiers temporaires supprimés.

################## | Registre |

Supprimé! HKCUSoftwareHolaa
Supprimé! HKLMSoftwareSURVIVAL
Réparé ! HKCUSoftwareMicrosoftWindowsCurrentVersionExplorerAdvanced|Start_ShowRecentDocs -> 1
Supprimé! HKUS-1-5-21-1677385283-3223505477-3794341141-1007SoftwareMicrosoftWindowsCurrentVersionRun|APS
Supprimé! HKUS-1-5-21-1677385283-3223505477-3794341141-1007SoftwareMicrosoftWindowsCurrentVersionPoliciesExplorerRun|DOJ
Supprimé! HKUS-1-5-21-1677385283-3223505477-3794341141-1007SoftwareMicrosoftWindowsCurrentVersionRun|SURVIVAL
Supprimé! HKLMSoftwareMicrosoftWindowsCurrentVersionPoliciesExplorerRun|DOJ
Supprimé! HKLMSoftwareMicrosoftWindowsCurrentVersionRun|RZN
Supprimé! HKLMSoftwareMicrosoftWindowsCurrentVersionRun|SURVIVAL
Supprimé! HKUS-1-5-21-1677385283-3223505477-3794341141-1007Software….Mountpoints2{29d5f64d-4280-11e0-a94e-00112fc4ed14}
Supprimé! HKUS-1-5-21-1677385283-3223505477-3794341141-1007Software….Mountpoints2{4eb228fc-60b2-11de-a8d2-00112fc4ed14}

################## | UsbFix – Information |

UsbFix a détecté sur votre ordinateur, une infection qui dispose d’une fonction de Keylogger.
Après désinfection par UsbFix, veuillez modifier tous vos mots de passe.
Si vous avez effectué des achats sur internet,
veuillez contacter votre banque afin d’envisager une opposition sur votre carte bancaire.

Info : infection-dinihou-vous-explique-son-fonctionnement-t4852.html

################## | Listing |

[11/05/2012 – 14:13:18 | D] – C:7e70005c964106e6fd046b3e1e62bcd
[04/04/2011 – 13:42:23 | D] – C:9d5e62bb7e9235df6d40c7791abf
[01/01/2004 – 22:51:46 | A | 0 Ko] – C:AUTOEXEC.BAT
[13/02/2009 – 17:05:31 | N | 0 Ko] – C:BOOT.BAK
[15/02/2009 – 09:47:45 | ASH | 0 Ko] – C:boot.ini
[04/08/2004 – 20:00:00 | N | 5 Ko] – C:Bootfont.bin
[23/03/2011 – 15:33:16 | D] – C:cf99a43733bdad52a08161406a8f14a4
[15/02/2009 – 09:47:44 | D] – C:cmdcons
[04/08/2004 – 20:00:00 | N | 257 Ko] – C:cmldr
[07/11/2013 – 14:55:20 | D] – C:Config.Msi
[01/01/2004 – 22:51:46 | N | 0 Ko] – C:CONFIG.SYS
[07/01/2014 – 18:20:02 | D] – C:Documents and Settings
[29/06/2013 – 09:18:51 | D] – C:found.000
[03/04/2009 – 14:36:59 | D] – C:HE4_DEMO
[08/01/2010 – 14:58:27 | D] – C:HIPPOCRATE DOSSIER
[03/04/2009 – 14:30:48 | D] – C:HOSVS2
[14/02/2009 – 00:55:35 | D] – C:hp
[06/01/2011 – 15:25:34 | N | 0 Ko] – C:hpfr5550.xml
[15/08/2009 – 10:04:22 | N | 0 Ko] – C:hpothb07.dat
[15/08/2009 – 09:56:48 | N | 1 Ko] – C:hpothb07.tif
[01/01/2004 – 22:51:46 | N | 0 Ko] – C:IO.SYS
[01/01/2004 – 22:51:46 | N | 0 Ko] – C:MSDOS.SYS
[04/08/2004 – 20:00:00 | N | 46 Ko | B2DE3452DE03674C6CEC68B8C8CE7C78] – C:NTDETECT.COM
[09/04/2009 – 10:34:17 | RASH | 246 Ko] – C:ntldr
[07/01/2014 – 19:15:19 | ASH | 786432 Ko] – C:pagefile.sys
[07/01/2014 – 15:09:01 | D] – C:Program Files
[20/03/2012 – 15:00:30 | D] – C:Python22
[03/12/2009 – 14:20:54 | D] – C:pyxvital
[13/02/2009 – 17:14:17 | SHD] – C:RECYCLER
[13/02/2009 – 17:10:26 | D] – C:sysprep
[31/12/2013 – 13:06:04 | SHD] – C:System Volume Information
[01/01/2004 – 23:57:58 | D] – C:system.sav
[24/07/2009 – 15:14:35 | D] – C:temp
[30/10/2009 – 11:11:23 | N | 0 Ko] – C:trace.ini
[07/01/2014 – 19:17:38 | D] – C:UsbFix
[07/01/2014 – 19:02:18 | N | 5 Ko | A0B7A9C61511C488B1F34345A8EB68E5] – C:UsbFix [Clean 1] NOM-47D5A5B94AD.txt
[07/01/2014 – 19:28:29 | A | 9 Ko | 0A0BEE43F3183F34CA2CC038C873A43C] – C:UsbFix [Clean 2] NOM-47D5A5B94AD.txt
[19/01/2012 – 16:07:51 | N | 1 Ko] – C:user.js
[31/12/2013 – 15:00:35 | D] – C:Users
[26/02/2010 – 12:54:40 | D] – C:whotel
[07/01/2014 – 18:19:47 | D] – C:WINDOWS
[27/07/2001 – 21:07:38 | SH | 0 Ko] – D:AUTOEXEC.BAT
[07/01/2014 – 18:25:46 | RASHD] – D:Autorun.inf
[09/01/2002 – 10:52:30 | SH | 0 Ko] – D:BOOT.INI
[17/08/2004 – 15:33:18 | D] – D:cmdcons
[17/08/2001 – 00:26:26 | N | 232 Ko] – D:CMLDR
[27/07/2001 – 21:07:38 | N | 0 Ko] – D:CONFIG.SYS
[09/09/2002 – 14:14:14 | SH | 0 Ko] – D:Desktop.ini
[15/08/2009 – 10:49:44 | N | 0 Ko] – D:hpothb07.tif
[15/08/2009 – 10:49:44 | N | 0 Ko] – D:hpothb07.dat
[30/04/2004 – 13:00:38 | N | 72 Ko | 7485132ACD6949B35A7D5B508A978930] – D:Info.exe
[27/07/2001 – 21:07:38 | N | 0 Ko] – D:IO.SYS
[17/08/2004 – 15:29:46 | D] – D:MiniNT
[27/07/2001 – 21:07:38 | N | 0 Ko] – D:MSDOS.SYS
[25/07/2001 – 13:00:00 | N | 44 Ko | 1D8A88961544A20F98632D852434ABB3] – D:NTDETECT.COM
[25/07/2001 – 13:00:00 | SH | 218 Ko] – D:NTLDR
[19/08/2004 – 15:11:04 | SHD] – D:PRELOAD
[29/04/2004 – 14:37:18 | SH | 4 Ko] – D:Thumbs.db
[03/03/2003 – 12:41:48 | N | 86 Ko] – D:Warning.bmp
[19/08/2004 – 00:10:54 | N | 0 Ko] – D:BLOCK.RIN
[10/09/2002 – 00:21:08 | N | 8 Ko] – D:Folder.htt
[25/01/2002 – 01:21:24 | N | 0 Ko] – D:GRAPH16
[30/04/2001 – 03:16:46 | N | 0 Ko] – D:Graph
[15/12/2006 – 01:42:12 | N | 0 Ko] – D:HPCD.sys
[13/02/2009 – 16:32:38 | D] – D:I386
[15/12/2006 – 01:42:12 | N | 1 Ko] – D:Master.log
[16/08/2001 – 22:32:24 | N | 0 Ko] – D:NTFS
[18/08/2004 – 23:45:40 | N | 0 Ko] – D:SAVEFILE.DIR
[30/04/2001 – 03:16:46 | N | 0 Ko] – D:SVGA
[13/02/2009 – 16:47:38 | D] – D:Tools
[17/08/2001 – 22:00:00 | N | 0 Ko] – D:WIN51
[21/01/2001 – 22:00:00 | N | 0 Ko] – D:WIN51.B2
[24/07/2001 – 22:00:00 | N | 0 Ko] – D:WIN51.RC1
[25/07/2001 – 03:47:04 | N | 0 Ko] – D:WIN51.RC2
[17/08/2001 – 22:00:00 | N | 0 Ko] – D:WIN51IC
[19/03/2001 – 22:00:00 | N | 0 Ko] – D:WIN51IC.B2
[24/07/2001 – 22:00:00 | N | 0 Ko] – D:WIN51IC.RC1
[24/07/2001 – 22:00:00 | N | 0 Ko] – D:WIN51IC.RC2
[16/08/2001 – 22:00:00 | N | 0 Ko] – D:WIN51IP
[21/01/2001 – 22:00:00 | N | 0 Ko] – D:WIN51IP.B2
[25/07/2001 – 03:47:04 | N | 0 Ko] – D:WIN51IP.RC2
[16/08/2001 – 20:17:02 | N | 0 Ko] – D:WINBOM.INI
[13/02/2009 – 16:48:24 | D] – D:hp
[02/03/2003 – 21:46:06 | SH | 109 Ko] – D:protect.ed
[13/02/2009 – 16:48:32 | D] – D:Réinstallation Système
[13/02/2009 – 16:48:32 | N | 0 Ko] – D:USER
[13/02/2009 – 17:11:54 | SHD] – D:System Volume Information
[13/02/2009 – 17:14:18 | D] – D:Recycled

################## | Vaccin |

D:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)

################## | E.O.F | http://www.usbfix.net” onclick=”window.open(this.href);return false; – https://www.sosvirus.net” onclick=”window.open(this.href);return false; |