geraldine
Participant
Nombre d'articles : 3

Bonsoir, merci pour ton aide, voici le rapport usbfix :

############################## | UsbFix V 7.169 | [Suppression]

Utilisateur: geraldine (Administrateur) # GERALDINE-PC
Mis à jour le 31/03/2014 par El Desaparecido – Team SosVirus
Lancé à 19:35:37 | 23/04/2014

Site Web : http://www.usbfix.net/ » onclick= »window.open(this.href);return false;
Changelog : http://www.usbfix.net/maj/ » onclick= »window.open(this.href);return false;
Support : forum-virus-securite.html
Upload Malware : upload_malware.php
Contact : http://www.usbfix.net/contact/ » onclick= »window.open(this.href);return false;

PC: Acer (JV71TR )
CPU: AMD Athlon(tm) II Dual-Core M300
RAM -> [Total : 4094 Mo| Free : 2684 Mo]
Bios: Phoenix Technologies LTD
Boot: Normal boot

OS: Microsoft Windows 7 Édition Familiale Premium (6.1.7601 64-Bit) Service Pack 1
WB: Windows Internet Explorer : 11.0.9600.17041
WB: Mozilla Firefox : 28.0

SC: Security Center [Enabled]
WU: Windows Update [Enabled]
AV: Avira Desktop [(!) Disabled | Updated]
AS: Avira Desktop [(!) Disabled | Updated]
AS: Windows Defender [Enabled | Updated]
FW: Windows FireWall [Enabled]

C: (%systemdrive%) -> Disque fixe # 454 Go (322 Go libre(s) – 71%) [ACER] # NTFS
D: -> CD-ROM
E: -> Disque amovible # 2 Go (2 Go libre(s) – 89%) [] # FAT32
F: -> Disque amovible # 4 Go (675 Mo libre(s) – 18%) [CHIQUI] # FAT

################## | Processus Actif |

C:Windowssystem32csrss.exe (ID: 424 |ParentID: 356)
C:Windowssystem32wininit.exe (ID: 492 |ParentID: 356)
C:Windowssystem32csrss.exe (ID: 524 |ParentID: 500)
C:Windowssystem32services.exe (ID: 556 |ParentID: 492)
C:Windowssystem32lsass.exe (ID: 572 |ParentID: 492)
C:Windowssystem32lsm.exe (ID: 580 |ParentID: 492)
C:Windowssystem32winlogon.exe (ID: 636 |ParentID: 500)
C:Windowssystem32svchost.exe (ID: 740 |ParentID: 556)
C:Windowssystem32svchost.exe (ID: 828 |ParentID: 556)
C:Windowssystem32atiesrxx.exe (ID: 872 |ParentID: 556)
C:WindowsSystem32svchost.exe (ID: 948 |ParentID: 556)
C:WindowsSystem32svchost.exe (ID: 996 |ParentID: 556)
C:Windowssystem32svchost.exe (ID: 308 |ParentID: 556)
C:Windowssystem32svchost.exe (ID: 360 |ParentID: 556)
C:Windowssystem32svchost.exe (ID: 1076 |ParentID: 556)
C:Windowssystem32atieclxx.exe (ID: 1136 |ParentID: 872)
C:WindowsSystem32spoolsv.exe (ID: 1304 |ParentID: 556)
C:Program Files (x86)AviraAntiVir Desktopsched.exe (ID: 1372 |ParentID: 556)
C:Windowssystem32svchost.exe (ID: 1516 |ParentID: 556)
C:Windowssystem32Dwm.exe (ID: 1564 |ParentID: 996)
C:WindowsExplorer.EXE (ID: 1592 |ParentID: 1556)
C:Windowssystem32taskhost.exe (ID: 1708 |ParentID: 556)
C:Program FilesLSI SoftModemagr64svc.exe (ID: 1724 |ParentID: 556)
C:Program Files (x86)AviraAntiVir Desktopavguard.exe (ID: 1820 |ParentID: 556)
C:Windowssystem32dllhost.exe (ID: 1840 |ParentID: 556)
C:Program FilesAcerAcer ePower ManagementePowerSvc.exe (ID: 1928 |ParentID: 556)
C:Program Files (x86)AcerRegistrationGregHSRW.exe (ID: 1972 |ParentID: 556)
C:Program Files (x86)NewTech InfosystemsAcer Backup ManagerIScheduleSvc.exe (ID: 1272 |ParentID: 556)
C:Program Files (x86)NewTech InfosystemsNTI Backup Now 5SchedulerSvc.exe (ID: 1908 |ParentID: 556)
C:Windowssystem32svchost.exe (ID: 2024 |ParentID: 556)
C:WindowsSystem32svchost.exe (ID: 1408 |ParentID: 556)
C:Program Files (x86)AviraAntiVir Desktopavgnt.exe (ID: 2520 |ParentID: 2380)
C:Program Files (x86)AviraAntiVir Desktopavshadow.exe (ID: 2652 |ParentID: 1820)
C:Program Files (x86)Mozilla Firefoxfirefox.exe (ID: 2744 |ParentID: 1592)
C:Windowssystem32SearchIndexer.exe (ID: 2432 |ParentID: 556)
C:WindowsSystem32alg.exe (ID: 2496 |ParentID: 556)
C:Windowssystem32svchost.exe (ID: 1468 |ParentID: 556)
C:WindowsSystem32WUDFHost.exe (ID: 3128 |ParentID: 996)
C:Program Files (x86)Mozilla Firefoxplugin-container.exe (ID: 3508 |ParentID: 2744)
C:WindowsSysWOW64MacromedFlashFlashPlayerPlugin_12_0_0_77.exe (ID: 3604 |ParentID: 3508)
C:WindowsSysWOW64MacromedFlashFlashPlayerPlugin_12_0_0_77.exe (ID: 3624 |ParentID: 3604)
C:Windowssystem32wbemwmiprvse.exe (ID: 3268 |ParentID: 740)
C:Windowssystem32SearchProtocolHost.exe (ID: 3372 |ParentID: 2432)
C:Windowssystem32SearchFilterHost.exe (ID: 3564 |ParentID: 2432)
C:Windowssystem32wbemwmiprvse.exe (ID: 3292 |ParentID: 740)

################## | Recherche générique |

Supprimé! E:Intel.vbe
Supprimé! F:Intel.vbe
Supprimé! E:pages.lnk
Supprimé! E:grue.lnk
Supprimé! E:oiseau.lnk
Supprimé! E:MATERIEL.lnk
Supprimé! E:.lnk
Supprimé! E:tetrix.lnk
Supprimé! E:Les Muffins au Chocolat.lnk
Supprimé! E:origami-top_e_ltr.lnk
Supprimé! E:156.lnk
Supprimé! E:flowerwithleaves-1.lnk
Supprimé! E:oiseau-du-paradis.lnk
Supprimé! E:origami-top_e_a4.lnk
Supprimé! E:Formes.lnk
Supprimé! E:Guide_de_securisation_windows_face_menaces_supports_amovibles.lnk
Supprimé! E:String Art-001.lnk
Supprimé! E:mushroom-mario-bros-03.lnk
Supprimé! F:82.lnk
Supprimé! F:Bkup Débuter sur PC .lnk
Supprimé! F:SKYPE.lnk
Supprimé! F:Papiers à fournir.lnk
Supprimé! F:chant2.lnk
Supprimé! F:Tarn200610_15Nore_g.lnk
Supprimé! F:.lnk
Supprimé! F:avatar.lnk
Supprimé! F:vidée-1.lnk
Supprimé! F:Débuter sur PC .lnk
Supprimé! F:2013.lnk
Supprimé! F:Ateliers jeunesse.lnk
Supprimé! F:Diversité des cadrages.lnk
Supprimé! F:video jour 2.lnk
Supprimé! F:ch3_notion_filmage.lnk
Supprimé! F:chantierété.lnk
Supprimé! F:chantierété-1.lnk
Supprimé! F:Séjour 10-13.lnk
Supprimé! F:Budget et dossier 14-17.lnk
Supprimé! F:Balade au pays des menhirs.lnk
Supprimé! F:budget Séjour 10-13.lnk
Supprimé! F:Composition3.lnk
Supprimé! F:Duverger Maryse.lnk

(!) Fichiers temporaires supprimés.

################## | Registre |

################## | Regedit Run |

F2 – HKLM..Winlogon : [Shell] explorer.exe
F2 – [x64] HKLM..Winlogon : [Shell] explorer.exe
F2 – HKLM..Winlogon : [Userinit] userinit.exe
F2 – [x64] HKLM..Winlogon : [Userinit] C:Windowssystem32userinit.exe,
04 – HKLM..Run : [avgnt] « C:Program Files (x86)AviraAntiVir Desktopavgnt.exe » /min
04 – HKUS-1-5-19..Run : [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /autoRun
04 – HKUS-1-5-20..Run : [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /autoRun
04 – HKUS-1-5-19..RunOnce : [mctadmin] C:WindowsSystem32mctadmin.exe
04 – HKUS-1-5-20..RunOnce : [mctadmin] C:WindowsSystem32mctadmin.exe
04 – HKUS-1-5-18..RunOnce : [SPReview] « C:WindowsSystem32SPReviewSPReview.exe » /sp:1 /errorfwlink: »http://go.microsoft.com/fwlink/?LinkID=122915″ /build:7601

################## | Listing |

[09/04/2014 – 11:34:14 | SHD] – C:$Recycle.Bin
[07/09/2010 – 21:40:35 | D] – C:2442818779eeba4ec7913ddb95
[30/06/2011 – 00:18:25 | D] – C:247bcece466c4925c488eabef4
[19/09/2012 – 21:39:09 | D] – C:7675407a112a26e48c86ea6d1c59d3
[16/04/2014 – 01:35:53 | D] – C:AdwCleaner
[31/08/2010 – 16:14:26 | D] – C:BOOK
[08/02/2014 – 16:22:19 | D] – C:Boonty
[14/07/2009 – 03:38:58 | RASH | 375 Ko] – C:bootmgr
[27/07/2009 – 22:40:53 | RASH | 8 Ko] – C:BOOTSECT.BAK
[21/04/2014 – 19:16:26 | D] – C:Config.Msi
[12/01/2011 – 23:52:39 | D] – C:de37fbfd350fc1e367d18eabdb3a59
[09/04/2014 – 13:05:42 | N | 2 Ko | 7AC69781DC5C6F6036D9C2B22E85F9C7] – C:DelFix.txt
[14/07/2009 – 07:08:56 | SD] – C:Documents and Settings
[07/11/2007 – 09:00:40 | N | 17 Ko | 9147A93F43D8E58218EBCB15FDA888C9] – C:eula.1028.txt
[07/11/2007 – 09:00:40 | N | 17 Ko | 9147A93F43D8E58218EBCB15FDA888C9] – C:eula.1031.txt
[07/11/2007 – 09:00:40 | N | 10 Ko | 99C22D4A31F4EAD4351B71D6F4E5F6A1] – C:eula.1033.txt
[07/11/2007 – 09:00:40 | N | 17 Ko | 9147A93F43D8E58218EBCB15FDA888C9] – C:eula.1036.txt
[07/11/2007 – 09:00:40 | N | 17 Ko | 9147A93F43D8E58218EBCB15FDA888C9] – C:eula.1040.txt
[07/11/2007 – 09:00:40 | N | 0 Ko | 9B15A3A055CC6E67EA191A1B7885649A] – C:eula.1041.txt
[07/11/2007 – 09:00:40 | N | 17 Ko | 9147A93F43D8E58218EBCB15FDA888C9] – C:eula.1042.txt
[07/11/2007 – 09:00:40 | N | 17 Ko | 9147A93F43D8E58218EBCB15FDA888C9] – C:eula.2052.txt
[07/11/2007 – 09:00:40 | N | 17 Ko | 9147A93F43D8E58218EBCB15FDA888C9] – C:eula.3082.txt
[07/11/2007 – 09:00:40 | N | 1 Ko] – C:globdata.ini
[23/04/2014 – 19:25:48 | ASH | 3144468 Ko] – C:hiberfil.sys
[14/04/2014 – 16:14:01 | D] – C:inetpub
[07/11/2007 – 09:00:40 | N | 1 Ko] – C:install.ini
[29/10/2009 – 06:08:09 | RHD] – C:MSOCache
[28/11/2012 – 19:57:09 | D] – C:MyWinLockerData
[08/09/2013 – 17:03:12 | D] – C:oem
[23/04/2014 – 19:25:51 | ASH | 4192624 Ko] – C:pagefile.sys
[08/01/2010 – 15:48:54 | N | 7 Ko] – C:Patch.rev
[21/03/2014 – 03:35:36 | D] – C:PerfLogs
[16/04/2014 – 00:21:35 | N | 1 Ko] – C:PhysicalDisk0_MBR.bin
[08/09/2013 – 16:46:49 | N | 0 Ko] – C:Preload.rev
[17/04/2014 – 00:46:51 | D] – C:Program Files
[20/04/2014 – 19:09:13 | D] – C:Program Files (x86)
[19/04/2014 – 04:56:02 | HD] – C:ProgramData
[21/01/2013 – 12:02:48 | D] – C:PS_CS2_FR_NonRet
[08/09/2013 – 16:45:36 | SHD] – C:Recovery
[08/09/2013 – 17:00:37 | N | 2 Ko] – C:RHDSetup.log
[09/12/2012 – 23:10:22 | N | 0 Ko | 9B0C2880A30AC166DBF1AC18FC0146A1] – C:SetSearchAndHomepageInBrowserLog.txt
[26/09/2013 – 20:40:51 | D] – C:StarBurnPortable
[22/04/2014 – 13:26:17 | SHD] – C:System Volume Information
[23/04/2014 – 19:33:13 | D] – C:UsbFix
[23/04/2014 – 01:26:03 | N | 9 Ko | F3DBC4C6FD87B2D9BD641C129EA75394] – C:UsbFix [Clean 2] GERALDINE-PC.txt
[23/04/2014 – 02:16:49 | N | 13 Ko | 6196AB2AD44C26A7EC05E9434A1BC9B1] – C:UsbFix [Clean 4] GERALDINE-PC.txt
[23/04/2014 – 02:23:42 | N | 12 Ko | 10E3C2789F0CF6ED110EFA2243E1895A] – C:UsbFix [Clean 6] GERALDINE-PC.txt
[23/04/2014 – 19:39:39 | A | 10 Ko | 9856BECE45A1CB71982EB3C1B9B6E53F] – C:UsbFix [Clean 8] GERALDINE-PC.txt
[18/04/2014 – 01:04:18 | N | 7 Ko | 65ED49736ED9CCEE0185CA37E26B0514] – C:UsbFix [Scan 1] GERALDINE-PC.txt
[22/04/2014 – 13:33:31 | N | 6 Ko | B450780FB5BA1F16B0BAD9B75ADD18E0] – C:UsbFix [Scan 2] GERALDINE-PC.txt
[23/04/2014 – 01:30:18 | N | 6 Ko | 576FAAE9EE2C1BF7DEE438546B3C6908] – C:UsbFix [Scan 3] GERALDINE-PC.txt
[08/09/2013 – 18:37:41 | D] – C:User Data
[29/12/2011 – 01:22:11 | N | 0 Ko] – C:user.js
[08/09/2013 – 16:46:19 | D] – C:Users
[07/11/2007 – 09:00:40 | N | 6 Ko] – C:vcredist.bmp
[07/11/2007 – 09:50:40 | N | 1883 Ko] – C:VC_RED.cab
[07/11/2007 – 09:53:12 | N | 237 Ko] – C:VC_RED.MSI
[23/04/2014 – 09:32:05 | D] – C:Windows
[16/04/2014 – 14:41:14 | D] – E:fin2siecle(skual)
[01/08/2013 – 15:11:46 | D] – E:Assistance SFR
[17/04/2014 – 15:27:40 | N | 0 Ko | 4A2073651052C488EF8BFD852F0C645A] – E:.velo.txt
[22/04/2014 – 17:35:44 | N | 67 Ko] – E:Les Muffins au Chocolat.docx
[21/04/2014 – 14:27:58 | N | 333 Ko] – E:origami-top_e_ltr.pdf
[21/04/2014 – 13:57:42 | N | 2827 Ko] – E:pages.pdf
[21/04/2014 – 18:41:40 | N | 51 Ko] – E:flowerwithleaves-1.pdf
[21/04/2014 – 14:24:44 | N | 1056 Ko] – E:grue.pdf
[01/08/2013 – 16:17:52 | D] – E:Kit
[21/04/2014 – 14:22:16 | N | 5 Ko] – E:oiseau.pdf
[21/04/2014 – 14:23:16 | N | 33 Ko] – E:oiseau-du-paradis.pdf
[21/04/2014 – 14:27:22 | N | 330 Ko] – E:origami-top_e_a4.pdf
[20/04/2014 – 19:44:46 | N | 17 Ko] – E:MATERIEL.docx
[19/04/2014 – 06:37:54 | N | 1325 Ko] – E:Formes.docx
[18/04/2014 – 02:32:30 | N | 13439 Ko] – E:Guide_de_securisation_windows_face_menaces_supports_amovibles.rtf
[17/04/2014 – 20:57:40 | N | 384 Ko] – E:String Art-001.JPG
[29/09/2013 – 15:23:10 | N | 235 Ko] – E:tetrix.jpg
[22/04/2014 – 11:12:48 | N | 150 Ko] – E:mushroom-mario-bros-03.jpg
[19/04/2014 – 11:55:54 | N | 56 Ko] – E:156.pdf
[17/10/2010 – 01:33:30 | D] – F:CAJ
[02/09/2013 – 14:59:58 | D] – F:driver km
[08/03/2011 – 13:30:14 | D] – F:w
[20/10/2011 – 12:28:08 | D] – F:geraldine2
[04/01/2012 – 17:42:30 | N | 417 Ko] – F:Bkup Débuter sur PC .doc
[13/12/2011 – 03:40:06 | N | 13 Ko] – F:82.gif
[20/09/2013 – 18:39:08 | N | 14 Ko] – F:Papiers à fournir.docx
[18/04/2014 – 17:32:04 | N | 905 Ko] – F:Tarn200610_15Nore_g.jpg
[19/01/2013 – 13:27:20 | N | 270 Ko] – F:SKYPE.docx
[17/11/2011 – 01:24:16 | N | 0 Ko] – F:._Composition de base .doc
[05/01/2012 – 12:43:20 | N | 0 Ko] – F:._Débuter sur PC .doc
[05/01/2012 – 12:44:40 | N | 0 Ko] – F:._prog.doc
[05/01/2012 – 12:09:34 | N | 0 Ko] – F:._Bkup Débuter sur PC .doc
[16/12/2011 – 13:35:24 | D] – F:Sans titre.workflow
[20/03/2012 – 19:41:40 | N | 397 Ko] – F:vidée-1.jpg
[02/02/2011 – 18:29:00 | D] – F:Portable Inkscape.app
[17/04/2013 – 17:45:08 | D] – F:Photo CAJ
[05/01/2012 – 12:43:14 | N | 400 Ko] – F:Débuter sur PC .doc
[10/01/2012 – 17:19:24 | N | 151 Ko] – F:Ateliers jeunesse.docx
[16/03/2011 – 02:50:06 | N | 0 Ko] – F:._page photo.doc
[27/02/2012 – 16:00:32 | N | 47 Ko] – F:Diversité des cadrages.doc
[29/02/2012 – 13:27:10 | N | 0 Ko] – F:._Diversité des cadrages.doc
[30/05/2012 – 02:29:06 | N | 1094 Ko] – F:chant2.pub
[11/10/2012 – 18:03:38 | N | 7 Ko] – F:avatar.jpg
[18/04/2011 – 14:29:08 | N | 0 Ko] – F:._Copie de secours de page 2.doc
[18/04/2011 – 16:03:14 | N | 0 Ko] – F:._page 2.doc
[19/10/2011 – 12:22:26 | N | 33 Ko] – F:video jour 2.doc
[18/05/2011 – 12:24:54 | D] – F:clavier pages 123
[18/05/2011 – 12:24:58 | D] – F:messagerie
[15/07/2013 – 14:53:46 | D] – F:Kit
[18/05/2011 – 12:25:36 | N | 59 Ko] – F:._Image1.jpg
[12/06/2012 – 23:32:12 | D] – F:été 2012
[18/05/2011 – 12:25:40 | N | 51 Ko] – F:._Image3.jpg
[28/06/2012 – 19:30:22 | D] – F:séjours 2012
[18/05/2011 – 12:25:46 | N | 42 Ko] – F:._Image2.jpg
[27/02/2012 – 16:03:54 | N | 363 Ko] – F:ch3_notion_filmage.doc
[29/02/2012 – 13:27:28 | N | 0 Ko] – F:._ch3_notion_filmage.doc
[29/02/2012 – 13:34:32 | N | 0 Ko] – F:._initiation recap.doc
[29/02/2012 – 13:35:04 | N | 0 Ko] – F:._Les bases de la prise de .doc
[31/05/2011 – 10:45:58 | N | 0 Ko] – F:._Les outils OpenOffice.doc
[03/10/2011 – 16:45:06 | N | 0 Ko] – F:._PPJeunesse.doc
[29/06/2011 – 13:40:22 | N | 0 Ko] – F:._dossier ate.doc
[02/10/2011 – 17:06:50 | N | 0 Ko] – F:._liens .doc
[29/05/2012 – 20:13:08 | N | 681 Ko] – F:chantierété.pub
[29/05/2012 – 18:53:26 | N | 680 Ko] – F:chantierété-1.pub
[29/06/2011 – 13:40:54 | N | 0 Ko] – F:._CoursPresentation.doc
[04/06/2012 – 02:38:32 | N | 38 Ko] – F:Séjour 10-13.doc
[19/06/2012 – 12:46:50 | N | 19 Ko] – F:Budget et dossier 14-17.docx
[12/06/2012 – 00:47:56 | N | 558 Ko] – F:Balade au pays des menhirs.pdf
[19/06/2012 – 01:16:56 | N | 41 Ko] – F:budget Séjour 10-13.docx
[05/10/2012 – 17:46:56 | N | 1817 Ko] – F:Composition3.pub
[05/12/2012 – 11:33:42 | N | 35 Ko] – F:Duverger Maryse.doc
[21/12/2012 – 17:39:08 | N | 79 Ko] – F:2013.docx

################## | Vaccin |

E:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
F:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)

################## | E.O.F | http://www.usbfix.net/ » onclick= »window.open(this.href);return false; – http://www.sosvirus.net » onclick= »window.open(this.href);return false; |