PeeWhy
Participant
Nombre d'articles : 11

Bonjour et merci pour le support rapide !!!
Alors voila le rapport de UsbFix
Je procède maintenant avec ZHPDiag

À bientôt et merci encore :merci2:

############################## | UsbFix V 7.169 | [Suppression]

Utilisateur: HTSI (Administrateur) # HTSI-4WZAU439R0
Mis à jour le 31/03/2014 par El Desaparecido – Team SosVirus
Lancé à 09:26:50 | 08/05/2014

Site Web : http://www.usbfix.net/ » onclick= »window.open(this.href);return false;
Changelog : http://www.usbfix.net/maj/ » onclick= »window.open(this.href);return false;
Support : forum-virus-securite.html
Upload Malware : upload_malware.php
Contact : http://www.usbfix.net/contact/ » onclick= »window.open(this.href);return false;

PC: Dell Inc. (0XF961)
CPU: Intel(R) Pentium(R) 4 CPU 2.80GHz
RAM -> [Total : 2558 Mo| Free : 1683 Mo]
Bios: Dell Inc.
Boot: Normal boot

OS: Microsoft Windows XP Professionnel (5.1.2600 32-Bit) Service Pack 3
WB: Windows Internet Explorer : 7.0.5730.13
WB: Google Chrome : 34.0.1847.131
WB: Mozilla Firefox : 28.0

SC: Security Center [Enabled]
WU: Windows Update [Enabled]

FW: Windows FireWall [Enabled]

C: (%systemdrive%) -> Disque fixe # 75 Go (45 Go libre(s) – 60%) [] # NTFS
D: -> CD-ROM
F: -> Disque amovible # 15 Go (535 Mo libre(s) – 4%) [Lexar] # FAT32

################## | Processus Actif |

C:WINDOWSSystem32smss.exe (ID: 600 |ParentID: 4)
C:WINDOWSsystem32csrss.exe (ID: 660 |ParentID: 600)
C:WINDOWSsystem32winlogon.exe (ID: 692 |ParentID: 600)
C:WINDOWSsystem32services.exe (ID: 736 |ParentID: 692)
C:WINDOWSsystem32lsass.exe (ID: 748 |ParentID: 692)
C:WINDOWSsystem32Ati2evxx.exe (ID: 920 |ParentID: 736)
C:WINDOWSsystem32svchost.exe (ID: 956 |ParentID: 736)
C:WINDOWSsystem32svchost.exe (ID: 1068 |ParentID: 736)
C:WINDOWSSystem32svchost.exe (ID: 1164 |ParentID: 736)
C:WINDOWSSystem32svchost.exe (ID: 1256 |ParentID: 736)
C:WINDOWSsystem32Ati2evxx.exe (ID: 1348 |ParentID: 692)
C:WINDOWSSystem32svchost.exe (ID: 1360 |ParentID: 736)
C:Program FilesAVAST SoftwareAvastAvastSvc.exe (ID: 1456 |ParentID: 736)
C:WINDOWSsystem32spoolsv.exe (ID: 1620 |ParentID: 736)
C:WINDOWSExplorer.EXE (ID: 2036 |ParentID: 1972)
C:WINDOWSSystem32svchost.exe (ID: 648 |ParentID: 736)
C:Program FilesBonjourmDNSResponder.exe (ID: 1792 |ParentID: 736)
C:Program FilesLogitechSetPointPSetPoint.exe (ID: 1876 |ParentID: 2036)
C:Program FilesSpybot – Search & Destroy 2SDTray.exe (ID: 1924 |ParentID: 2036)
C:Program FilesFichiers communsJavaJava Updatejusched.exe (ID: 1948 |ParentID: 2036)
C:Program FilesBrotherBrmfcmonBrMfcWnd.exe (ID: 1956 |ParentID: 2036)
C:Program FilesAVAST SoftwareAvastAvastUI.exe (ID: 168 |ParentID: 2036)
C:Program FilesBrotherControlCenter3brccMCtl.exe (ID: 172 |ParentID: 1988)
C:WINDOWSsystem32ctfmon.exe (ID: 2020 |ParentID: 2036)
C:Program FilesFichiers communsLogiShrdKHAL3KHALMNPR.EXE (ID: 1056 |ParentID: 1876)
C:Program FilesJavajre7binjqs.exe (ID: 2096 |ParentID: 736)
C:Program FilesSpybot – Search & Destroy 2SDFSSvc.exe (ID: 2208 |ParentID: 736)
C:Program FilesBrotherBrmfcmonBrMfcmon.exe (ID: 2464 |ParentID: 1956)
C:Program FilesAnalog DevicesSoundMAXspkrmon.exe (ID: 2672 |ParentID: 736)
C:WINDOWSSystem32svchost.exe (ID: 2696 |ParentID: 736)
C:Program FilesTeamViewerVersion9TeamViewer_Service.exe (ID: 2724 |ParentID: 736)
C:Program FilesSpybot – Search & Destroy 2SDUpdSvc.exe (ID: 2820 |ParentID: 736)
C:WINDOWSSystem32alg.exe (ID: 3920 |ParentID: 736)
C:Program FilesTeamViewerVersion9TeamViewer.exe (ID: 740 |ParentID: 2724)
C:Program FilesTeamViewerVersion9tv_w32.exe (ID: 424 |ParentID: 2724)
C:WINDOWSsystem32wuauclt.exe (ID: 1796 |ParentID: 1164)
C:Program FilesGoogleChromeApplicationchrome.exe (ID: 2496 |ParentID: 3708)
C:Program FilesGoogleChromeApplicationchrome.exe (ID: 3220 |ParentID: 2496)
C:WINDOWSsystem32wbemwmiprvse.exe (ID: 412 |ParentID: 956)

################## | Recherche générique |

(!) Fichiers temporaires supprimés.

################## | Registre |

################## | Regedit Run |

F2 – HKLM..Winlogon : [Shell] Explorer.exe
F2 – [x64] HKLM..Winlogon : [Shell] Explorer.exe
F2 – HKLM..Winlogon : [Userinit] C:WINDOWSsystem32userinit.exe,
F2 – [x64] HKLM..Winlogon : [Userinit] C:WINDOWSsystem32userinit.exe,
04 – HKCU..Run : [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe
04 – HKLM..Run : [IgfxTray] C:WINDOWSSystem32igfxtray.exe
04 – HKLM..Run : [HotKeysCmds] C:WINDOWSSystem32hkcmd.exe
04 – HKLM..Run : [Adobe ARM] « C:Program FilesFichiers communsAdobeARM1.0AdobeARM.exe »
04 – HKLM..Run : [EvtMgr6] C:Program FilesLogitechSetPointPSetPoint.exe /launchGaming
04 – HKLM..Run : [SDTray] « C:Program FilesSpybot – Search & Destroy 2SDTray.exe »
04 – HKLM..Run : [SunJavaUpdateSched] « C:Program FilesFichiers communsJavaJava Updatejusched.exe »
04 – HKLM..Run : [BrMfcWnd] C:Program FilesBrotherBrmfcmonBrMfcWnd.exe /AUTORUN
04 – HKLM..Run : [SetDefPrt] C:Program FilesBrotherBrmfl06aBrStDvPt.exe
04 – HKLM..Run : [ControlCenter3] C:Program FilesBrotherControlCenter3brctrcen.exe /autorun
04 – HKLM..Run : [AvastUI.exe] « C:Program FilesAVAST SoftwareAvastAvastUI.exe » /nogui
04 – HKLM..Run : [QuickTime Task] « C:Program FilesQuickTimeQTTask.exe » -atboottime
04 – HKLMSoftwareMicrosoftWindows NTCurrentVersionTerminal ServerInstall..Run : []
04 – HKLMSoftwareMicrosoftWindows NTCurrentVersionTerminal ServerInstall..RunOnce : []
04 – HKUS-1-5-19..Run : [CTFMON.EXE] C:WINDOWSSystem32CTFMON.EXE
04 – HKUS-1-5-20..Run : [CTFMON.EXE] C:WINDOWSSystem32CTFMON.EXE
04 – HKUS-1-5-21-1645522239-706699826-682003330-1003..Run : [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe
04 – HKUS-1-5-18..Run : [CTFMON.EXE] C:WINDOWSSystem32CTFMON.EXE
04 – HKUS-1-5-18..Run : [DWQueuedReporting] « C:PROGRA~1FICHIE~1MICROS~1DWdwtrig20.exe » -t

################## | Listing |

[10/10/2013 – 08:58:31 | D] – C:7eb05db4ce4866a8027dbf066735fd
[14/11/2010 – 14:26:32 | A | 0 Ko] – C:AUTOEXEC.BAT
[14/08/2013 – 09:00:13 | RASH | 0 Ko] – C:boot.ini
[30/08/2002 – 08:00:00 | N | 5 Ko] – C:Bootfont.bin
[10/01/2014 – 09:29:51 | D] – C:Brother
[10/01/2014 – 09:31:30 | N | 0 Ko] – C:Brxpinst.log
[18/08/2011 – 03:07:02 | D] – C:c5928bc964f2659e062e42a0dcc3
[14/11/2010 – 14:26:32 | N | 0 Ko] – C:CONFIG.SYS
[05/12/2010 – 11:49:59 | D] – C:dell
[10/04/2014 – 10:16:54 | D] – C:Documents and Settings
[18/12/2010 – 17:27:47 | D] – C:f4f5192bac6c38384e550aa4b1
[14/11/2010 – 14:26:32 | RASH | 0 Ko] – C:IO.SYS
[22/01/2014 – 10:08:27 | D] – C:Maxis
[14/11/2010 – 14:26:32 | RASH | 0 Ko] – C:MSDOS.SYS
[18/12/2010 – 17:16:39 | N | 46 Ko | B2DE3452DE03674C6CEC68B8C8CE7C78] – C:NTDETECT.COM
[18/12/2010 – 17:37:54 | RASH | 246 Ko] – C:ntldr
[08/05/2014 – 08:22:44 | ASH | 2095104 Ko] – C:pagefile.sys
[08/05/2014 – 08:43:46 | D] – C:Program Files
[08/04/2011 – 17:07:38 | SHD] – C:RECYCLER
[27/02/2014 – 11:49:52 | D] – C:Spacekace
[31/01/2014 – 10:28:53 | SHD] – C:System Volume Information
[06/05/2014 – 08:51:20 | D] – C:UsbFix
[17/04/2014 – 09:06:09 | N | 7 Ko | 0BB8C16E0D8EE62826730C4B2C23E7D6] – C:UsbFix [Clean 2] HTSI-4WZAU439R0.txt
[06/05/2014 – 08:50:34 | N | 8 Ko | 95B7920D88FF0886B13D72FFB07C81CF] – C:UsbFix [Clean 4] HTSI-4WZAU439R0.txt
[08/05/2014 – 09:27:41 | A | 7 Ko | AA93F408EB8955B8CDF450E6FB42E9AD] – C:UsbFix [Clean 6] HTSI-4WZAU439R0.txt
[06/05/2014 – 08:51:37 | N | 4 Ko | 1F85DA27353082B2E0743C23CF823F19] – C:UsbFix [Listing 1] HTSI-4WZAU439R0.txt
[17/04/2014 – 08:59:40 | N | 6 Ko | 78A03476E4F14946482BC69E075DBF13] – C:UsbFix [Scan 1] HTSI-4WZAU439R0.txt
[05/05/2014 – 11:19:38 | N | 6 Ko | 408386D9ED125F865D1DE60B608FDE68] – C:UsbFix [Scan 2] HTSI-4WZAU439R0.txt
[30/04/2014 – 08:28:15 | D] – C:WINDOWS
[22/04/2014 – 17:28:50 | D] – F:chansons
[22/04/2014 – 17:38:24 | D] – F:Downloads
[22/04/2014 – 17:41:00 | D] – F:IMPOT 2009
[22/04/2014 – 17:41:12 | D] – F:ImpôtRapide
[22/04/2014 – 17:42:12 | D] – F:Audio CD (D)
[22/04/2014 – 17:44:56 | D] – F:Mes images
[22/04/2014 – 18:06:00 | D] – F:Musique Jean
[22/04/2014 – 18:06:12 | D] – F:My Pictures
[22/04/2014 – 18:06:26 | D] – F:nathalie
[22/04/2014 – 18:07:30 | D] – F:Nouveau dossier
[22/04/2014 – 18:09:16 | D] – F:photo lynx
[22/04/2014 – 18:09:48 | D] – F:Samuel
[22/04/2014 – 18:10:22 | D] – F:simonjpg
[15/04/2014 – 15:46:14 | N | 14 Ko] – F:cv samuel.odt
[22/04/2014 – 18:13:42 | D] – F:musique zune
[08/02/2014 – 20:47:06 | N | 0 Ko] – F:Parametres de securite reseau.txt.bitcrypt
[22/04/2014 – 18:14:42 | D] – F:photo
[22/04/2014 – 18:17:12 | D] – F:Kodak Pictures
[23/04/2014 – 00:31:26 | SHD] – F:System Volume Information

################## | Vaccin |

F:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)

################## | E.O.F | http://www.usbfix.net/ » onclick= »window.open(this.href);return false; – http://www.sosvirus.net » onclick= »window.open(this.href);return false;