IBN
Participant
Nombre d'articles : 2

Merci pour tes indictions, il semble que le problème soit résolut. mais comme tu me la demandé, le rapport de UsbFix…

Encore merci!! :bravo1: :merci2:

############################## | UsbFix V 7.170 | [Nettoyage]

Utilisateur: IBNSAMSUNG (Administrateur) # IBNSAMSUNG-PC
Mis à jour le 13/05/2014 par El Desaparecido – SosVirus
Lancé à 12:03:41 | 16/05/2014

Site Web : http://www.usbfix.net/
Changelog : http://www.usbfix.net/maj/
Assistance : http://www.sosvirus.net/forum-virus-securite.html
Upload Malware : http://www.sosvirus.net/upload_malware.php
Contact : http://www.usbfix.net/contact/

PC: SAMSUNG ELECTRONICS CO., LTD. (RV415/RV415)
CPU: AMD E-350 Processor
RAM -> [Total : 3836 Mo| Free : 968 Mo]
Bios: American Megatrends Inc.
Boot: Normal boot

OS: Microsoft Windows 7 Professionnel (6.1.7601 64-Bit) Service Pack 1
WB: Windows Internet Explorer : 11.0.9600.16659
WB: Google Chrome : 34.0.1847.131

SC: Security Center [Enabled]
WU: Windows Update [Enabled]
AV: Avira Desktop [(!) Disabled | Updated]
AS: Avira Desktop [(!) Disabled | Updated]
AS: Windows Defender [Enabled | Updated]
FW: Windows FireWall [Enabled]

C: (%SystemDrive%) -> Disque fixe # 111 Go (8 Go libre(s) – 7%) [] # NTFS
D: -> Disque fixe # 164 Go (30 Go libre(s) – 18%) [] # NTFS
E: -> CD-ROM
F: -> Disque amovible # 4 Go (4 Go libre(s) – 99%) [LEXON KEY] # FAT32
G: -> CD-ROM
H: -> CD-ROM
J: -> Disque amovible # 7 Go (5 Go libre(s) – 73%) [THALES] # FAT32

################## | Processus Stoppés |

C:WindowsSystem32atiesrxx.exe (ID: 848|ParentID: 544)
C:WindowsSystem32atieclxx.exe (ID: 1208|ParentID: 848)
C:WindowsSystem32spoolsv.exe (ID: 1440|ParentID: 544)
C:Program Files (x86)Common FilesAdobeARM1.0armsvc.exe (ID: 1736|ParentID: 544|Système)
C:Program FilesSAMSUNGAllShare Framework DMS1.3.23AllShareFrameworkManagerDMS.exe (ID: 1756|ParentID: 544|Système)
C:Program FilesSAMSUNGAllShare Framework DMS1.3.23AllShareFrameworkDMS.exe (ID: 1788|ParentID: 1756|Système)
C:WindowsSystem32conhost.exe (ID: 1800|ParentID: 416|Système)
C:Program Files (x86)MicrosoftBingDesktopBingDesktopUpdater.exe (ID: 1828|ParentID: 544|Système)
C:Program Files (x86)BonjourmDNSResponder.exe (ID: 1884|ParentID: 544|Système)
C:Program Files (x86)Cobian Backup 11cbVSCService11.exe (ID: 1912|ParentID: 544|Système)
C:Program Files (x86)Cobian Backup 11cbService.exe (ID: 308|ParentID: 544|IBNSAMSUNG)
C:Program Filesma-config.comMaConfigAgent.exe (ID: 1412|ParentID: 544|Système)
C:Program FilesMicrosoft SQL ServerMSSQL10.SQLEXPRESSMSSQLBinnsqlservr.exe (ID: 2056|ParentID: 544|SERVICE RÉSEAU)
C:Program Files (x86)CyberLinkShared filesRichVideo.exe (ID: 2244|ParentID: 544|Système)
C:Program FilesSAMSUNGSamsung LinkSamsung Link.exe (ID: 2360|ParentID: 544|Système)
C:Program FilesSAMSUNGSamsung LinkSamsung Link.exe (ID: 2380|ParentID: 2360|Système)
C:Program Files (x86)MicrosoftBingBarSeaPort.EXE (ID: 2392|ParentID: 544|Système)
C:Program FilesMicrosoft SQL Server90Sharedsqlwriter.exe (ID: 2468|ParentID: 544|Système)
C:WindowsSysWOW64vmnat.exe (ID: 2540|ParentID: 544|Système)
C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSVC.EXE (ID: 2620|ParentID: 544|Système)
C:WindowsSysWOW64vmnetdhcp.exe (ID: 2660|ParentID: 544|Système)
C:Program Files (x86)AviraMy AviraAvira.OE.ServiceHost.exe (ID: 2736|ParentID: 544|Système)
C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSVCM.EXE (ID: 2884|ParentID: 2620|Système)
C:Program Files (x86)Common FilesPure Networks SharedPlatformnmsrvc.exe (ID: 3192|ParentID: 544|Système)
C:Program Files (x86)VMwareVMware Playervmware-authd.exe (ID: 3304|ParentID: 544|Système)
C:Program Files (x86)Common FilesVMwareUSBvmware-usbarbitrator64.exe (ID: 3364|ParentID: 544|Système)
C:WindowsSystem32taskhost.exe (ID: 204|ParentID: 544|IBNSAMSUNG)
C:WindowsSystem32taskeng.exe (ID: 4256|ParentID: 396|IBNSAMSUNG)
C:Windowsexplorer.exe (ID: 4296|ParentID: 4244|IBNSAMSUNG)
C:WindowsSystem32taskeng.exe (ID: 4984|ParentID: 396|IBNSAMSUNG)
C:Program FilesRealtekAudioHDARAVCpl64.exe (ID: 5088|ParentID: 4296|IBNSAMSUNG)
C:WindowsWindowsMobilewmdcBase.exe (ID: 5096|ParentID: 4296|IBNSAMSUNG)
C:Program Files (x86)Free Download Managerfdm.exe (ID: 5116|ParentID: 4296|IBNSAMSUNG)
C:Program Files (x86)SamsungEasy Display Managerdmhkcore.exe (ID: 4360|ParentID: 4256|IBNSAMSUNG)
C:Program Files (x86)GoogleGoogle Talkgoogletalk.exe (ID: 4452|ParentID: 4296|IBNSAMSUNG)
C:Program Files (x86)CyberLinkYouCamYCMMirage.exe (ID: 4120|ParentID: 4984|IBNSAMSUNG)
C:Program Files (x86)SamsungEasy Display ManagerWifiManager.exe (ID: 1580|ParentID: 4256|IBNSAMSUNG)
C:Program Files (x86)GoogleDrivegoogledrivesync.exe (ID: 2568|ParentID: 4296|IBNSAMSUNG)
C:UsersIBNSAMSUNGAppDataRoaminguTorrentuTorrent.exe (ID: 1528|ParentID: 4296|IBNSAMSUNG)
C:Program Files (x86)PrtScrPrtScr.exe (ID: 2460|ParentID: 4296|IBNSAMSUNG)
C:Program Files (x86)GoogleUpdate1.3.24.7GoogleCrashHandler.exe (ID: 2436|ParentID: 5012|Système)
C:Program Files (x86)GoogleUpdate1.3.24.7GoogleCrashHandler64.exe (ID: 5136|ParentID: 5012|Système)
C:Program Files (x86)Common FilesResearch In MotionUSB DriversRIMBBLaunchAgent.exe (ID: 5216|ParentID: 3300|IBNSAMSUNG)
C:UsersIBNSAMSUNGAppDataRoamingDropboxbinDropbox.exe (ID: 5244|ParentID: 4296|IBNSAMSUNG)
C:Program Files (x86)Common FilesJavaJava Updatejusched.exe (ID: 5264|ParentID: 3300|IBNSAMSUNG)
C:Program Files (x86)Common FilesPure Networks SharedPlatformnmctxth.exe (ID: 5320|ParentID: 3300|IBNSAMSUNG)
C:Program Files (x86)Pure NetworksNetwork Magicnmapp.exe (ID: 5356|ParentID: 3300|IBNSAMSUNG)
C:Program Files (x86)AviraMy AviraAvira.OE.Systray.exe (ID: 5392|ParentID: 3300|IBNSAMSUNG)
C:Program Files (x86)Common FilesResearch In MotionUSB DriversBbDevMgr.exe (ID: 5664|ParentID: 544|Système)
C:Program Files (x86)GoogleDrivegoogledrivesync.exe (ID: 5900|ParentID: 2568|IBNSAMSUNG)
C:Program FilesWindows Media Playerwmpnetwk.exe (ID: 3932|ParentID: 544|SERVICE RÉSEAU)
C:Program Files (x86)SamsungSamsung Recovery Solution 5WCScheduler.exe (ID: 5944|ParentID: 4256|IBNSAMSUNG)
C:Program Files (x86)SamsungMovie Color EnhancerMovieColorEnhancer.exe (ID: 3564|ParentID: 4984|IBNSAMSUNG)
C:Program Files (x86)CyberLinkPower2GoCLMLSvc.exe (ID: 6020|ParentID: 4460|IBNSAMSUNG)
C:Program Files (x86)SamsungSamsung Support CenterSSCKbdHk.exe (ID: 6064|ParentID: 4256|IBNSAMSUNG)
C:Program Files (x86)SamsungEasySpeedUpManagerEasySpeedUpManager.exe (ID: 3764|ParentID: 4256|IBNSAMSUNG)
C:WindowsSystem32SearchIndexer.exe (ID: 808|ParentID: 544|Système)
C:Program Files (x86)SamsungSamsung Update PlusSUPBackground.exe (ID: 4232|ParentID: 4256|IBNSAMSUNG)
C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID: 1992|ParentID: 4296|IBNSAMSUNG)
C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID: 708|ParentID: 1992|IBNSAMSUNG)
C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID: 5548|ParentID: 1992|IBNSAMSUNG)
C:WindowsSystem32SearchProtocolHost.exe (ID: 6772|ParentID: 808|Système)
C:WindowsSystem32wuauclt.exe (ID: 3652|ParentID: 396|IBNSAMSUNG)
C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID: 7652|ParentID: 1992|IBNSAMSUNG)
C:UsersIBNSAMSUNGAppDataLocalGoogleGoogle Talk Plugingoogletalkplugin.exe (ID: 7916|ParentID: 7624|IBNSAMSUNG)
C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID: 7020|ParentID: 1992|IBNSAMSUNG)
C:WindowsSysWOW64notepad.exe (ID: 6920|ParentID: 6760|IBNSAMSUNG)
C:WindowsSystem32msiexec.exe (ID: 3500|ParentID: 544|Système)
C:WindowsSystem32taskhost.exe (ID: 4816|ParentID: 544|SERVICE LOCAL)

################## | Autorun |

F:DJ3050A_J611_1315.lnk -> F:123.vbe – VirusTotal – (22/52)
J:4New.lnk -> J:123.vbe – VirusTotal – (22/52)
J:3HEAT.lnk -> J:123.vbe – VirusTotal – (22/52)
J:2Mau.lnk -> J:123.vbe – VirusTotal – (22/52)
J:1DAVY.lnk -> J:123.vbe – VirusTotal – (22/52)
J:5Africa.lnk -> J:123.vbe – VirusTotal – (22/52)

################## | Recherche générique |

Supprimé! F:DJ3050A_J611_1315.lnk
Supprimé! J:1DAVY.lnk
Supprimé! J:2Mau.lnk
Supprimé! J:3HEAT.lnk
Supprimé! J:4New.lnk
Supprimé! J:5Africa.lnk
Supprimé! F:123.vbe
Supprimé! J:123.vbe

(!) Fichiers temporaires supprimés.

################## | Registre |

################## | Regedit Run |

F2 – HKLM..Winlogon : [Shell] explorer.exe
F2 – [x64] HKLM..Winlogon : [Shell] Explorer.exe
F2 – HKLM..Winlogon : [Userinit] userinit.exe
F2 – [x64] HKLM..Winlogon : [Userinit] C:Windowssystem32userinit.exe,
04 – HKCU..Run : [Free Download Manager] « C:Program Files (x86)Free Download Managerfdm.exe » -autorun
04 – HKCU..Run : [googletalk] « C:Program Files (x86)GoogleGoogle Talkgoogletalk.exe » /autostart
04 – HKCU..Run : [GoogleDriveSync] « C:Program Files (x86)GoogleDrivegoogledrivesync.exe » /autostart
04 – HKCU..Run : [uTorrent] « C:UsersIBNSAMSUNGAppDataRoaminguTorrentuTorrent.exe » /MINIMIZED
04 – HKCU..Run : [PrtScr by FireStarter] C:Program Files (x86)PrtScrPrtScr.exe /Tray
04 – HKLM..Run : [avgnt] « C:Program Files (x86)AviraAntiVir Desktopavgnt.exe » /min
04 – HKLM..Run : [RIMBBLaunchAgent.exe] C:Program Files (x86)Common FilesResearch In MotionUSB DriversRIMBBLaunchAgent.exe
04 – HKLM..Run : [SunJavaUpdateSched] « C:Program Files (x86)Common FilesJavaJava Updatejusched.exe »
04 – HKLM..Run : [SwitchBoard] C:Program Files (x86)Common FilesAdobeSwitchBoardSwitchBoard.exe
04 – HKLM..Run : [nmctxth] « C:Program Files (x86)Common FilesPure Networks SharedPlatformnmctxth.exe »
04 – HKLM..Run : [nmapp] « C:Program Files (x86)Pure NetworksNetwork Magicnmapp.exe » -autorun -nosplash
04 – HKLM..Run : [Avira Systray] C:Program Files (x86)AviraMy AviraAvira.OE.Systray.exe
04 – [x64] HKLM..Run : [RtHDVCpl] C:Program FilesRealtekAudioHDARAVCpl64.exe -s
04 – [x64] HKLM..Run : [Windows Mobile-based device management] %WINDIR%WindowsMobilewmdcBase.exe
04 – HKUS-1-5-21-623651093-2367840519-1666833322-1000..Run : [Free Download Manager] « C:Program Files (x86)Free Download Managerfdm.exe » -autorun
04 – HKUS-1-5-21-623651093-2367840519-1666833322-1000..Run : [googletalk] « C:Program Files (x86)GoogleGoogle Talkgoogletalk.exe » /autostart
04 – HKUS-1-5-21-623651093-2367840519-1666833322-1000..Run : [GoogleDriveSync] « C:Program Files (x86)GoogleDrivegoogledrivesync.exe » /autostart
04 – HKUS-1-5-21-623651093-2367840519-1666833322-1000..Run : [uTorrent] « C:UsersIBNSAMSUNGAppDataRoaminguTorrentuTorrent.exe » /MINIMIZED
04 – HKUS-1-5-21-623651093-2367840519-1666833322-1000..Run : [PrtScr by FireStarter] C:Program Files (x86)PrtScrPrtScr.exe /Tray

################## | C: %SystemDrive% – Disque Fixe (NTFS) |

[16/05/2014 – 09:44:15 | N | 1 Ko] – C:FyK_Kill.txt
[16/05/2014 – 10:47:13 | N | 42 Ko] – C:ComboFix.txt
[16/05/2014 – 10:49:29 | ASH | 3928128 Ko] – C:hiberfil.sys
[16/05/2014 – 10:49:34 | ASH | 3928128 Ko] – C:pagefile.sys
[23/01/2013 – 20:14:46 | N | 0 Ko] – C:License_Time.rdat
[23/01/2013 – 20:14:46 | N | 0 Ko] – C:RB.rdat
[14/05/2014 – 15:01:59 | D] – C:Config.Msi
[13/11/2012 – 14:50:37 | N | 2 Ko] – C:RHDSetup.log
[13/11/2012 – 16:59:38 | N | 0 Ko] – C:setup.log
[30/12/2013 – 16:52:51 | N | 0 Ko] – C:trace.ini
[05/01/2002 – 03:38:38 | N | 54 Ko | VirusTotal – (0/52)] – C:msvci70.dll
[16/05/2014 – 10:35:50 | SHD] – C:$RECYCLE.BIN
[14/07/2009 – 04:20:08 | D] – C:PerfLogs
[14/07/2009 – 06:08:56 | SHD] – C:Documents and Settings
[13/11/2012 – 14:27:18 | D] – C:Recovery
[13/11/2012 – 14:27:29 | D] – C:Users
[13/11/2012 – 15:27:13 | D] – C:CIMTEMP
[13/11/2012 – 16:00:46 | RD] – C:MSOCache
[16/05/2013 – 12:18:16 | D] – C:535bc158ebdb373a7240e042
[16/05/2013 – 12:18:26 | D] – C:2866f1a86cefd3dc4b
[16/05/2013 – 12:21:37 | D] – C:f7bd401e01e4f68de2cbb7f3ebbd2b94
[08/06/2013 – 15:52:31 | D] – C:itshfbc
[21/06/2013 – 15:03:38 | D] – C:60051e8b784e6461a2
[21/06/2013 – 15:04:14 | D] – C:5bd030c97733b80b1f5b6a54
[27/06/2013 – 17:23:37 | N | 0 Ko] – C:END
[12/08/2013 – 11:55:12 | D] – C:AMD
[21/08/2013 – 16:00:35 | D] – C:odid32
[02/10/2013 – 15:37:21 | D] – C:Downloads
[06/02/2014 – 07:38:35 | D] – C:log
[10/03/2014 – 12:17:29 | D] – C:Upload
[11/03/2014 – 17:00:37 | D] – C:MAP_PMS
[06/05/2014 – 11:17:58 | D] – C:wamp
[06/05/2014 – 11:36:14 | D] – C:Program Files
[15/05/2014 – 11:12:26 | D] – C:Program Files (x86)
[15/05/2014 – 11:12:34 | D] – C:ProgramData
[16/05/2014 – 09:44:09 | D] – C:FyK
[16/05/2014 – 10:09:01 | SHD] – C:System Volume Information
[16/05/2014 – 10:35:54 | D] – C:Windows
[16/05/2014 – 10:47:18 | D] – C:Qoobox
[16/05/2014 – 12:03:00 | D] – C:UsbFix
[16/05/2014 – 12:06:51 | D] – C:TEMP

################## | D: – Disque Fixe (NTFS) |

[24/06/2012 – 11:26:33 | N | 0 Ko] – D:Lynksys IBN.txt
[29/08/2013 – 20:09:30 | N | 3028114 Ko] – D:SW_DVD5_Windows_Svr_DC_EE_SE_Web_2008R2_64-bit_French_X15-59758.ISO
[21/04/2010 – 13:56:18 | N | 2948 Ko | VirusTotal – (0/47)] – D:Windows 7 Activation Hors-Ligne v1.3.3.exe
[07/08/2013 – 14:11:00 | N | 116728 Ko | VirusTotal – (0/27)] – D:710_b042_multilanguage.exe
[30/08/2013 – 15:21:04 | N | 1492 Ko | VirusTotal – (0/49)] – D:sp40945.exe
[30/08/2013 – 15:21:46 | N | 1615 Ko | VirusTotal – (0/50)] – D:sp44398.exe
[15/05/2014 – 13:46:31 | N | 55707 Ko | VirusTotal – (0/34)] – D:DJ3050A_J611_1315.exe
[13/11/2012 – 14:27:55 | D] – D:$RECYCLE.BIN
[09/12/2013 – 15:13:09 | N | 1 Ko] – D:MediaID.bin
[12/06/2012 – 20:07:19 | D] – D:KeyGen Nero 7 Premium
[16/05/2013 – 12:13:37 | D] – D:6201a3398cd84f481b6851
[16/05/2013 – 12:13:55 | D] – D:d3d645a5046d0ecf8f7dccb5ce7
[30/05/2013 – 21:57:41 | D] – D:SAMSUNG LINK
[02/10/2013 – 15:48:52 | D] – D:Virtual Machine
[31/10/2013 – 16:13:27 | D] – D:KIAROSE
[17/12/2013 – 10:15:49 | D] – D:Videos
[17/12/2013 – 11:08:06 | D] – D:CNSS EVA GABON
[18/12/2013 – 10:07:50 | D] – D:DE BUREAU
[18/12/2013 – 13:04:23 | D] – D:Downloads
[07/01/2014 – 14:13:49 | D] – D:TORRENTS
[09/01/2014 – 22:14:59 | D] – D:INSTALLATION PC
[24/03/2014 – 16:05:29 | D] – D:IBNSAMSUNG-PC
[30/04/2014 – 18:52:42 | D] – D:A Trier
[08/05/2014 – 13:00:06 | D] – D:SiteWeb
[12/05/2014 – 14:32:45 | D] – D:CONFIGURATION MOTOROLA
[13/05/2014 – 09:30:31 | SHD] – D:System Volume Information
[13/05/2014 – 11:07:39 | D] – D:iTube Studio Converted
[14/05/2014 – 09:12:21 | D] – D:iTube Studio Downloaded
[15/05/2014 – 17:03:01 | D] – D:Logiciels de Nettoyage PC

################## | F: – Disque USB (FAT32) |

[15/05/2014 – 13:46:32 | N | 55707 Ko | VirusTotal – (0/34)] – F:DJ3050A_J611_1315.exe

################## | J: – Disque USB (FAT32) |

[29/08/2013 – 16:32:20 | D] – J:1DAVY
[29/08/2013 – 16:34:58 | D] – J:2Mau
[11/10/2013 – 16:06:16 | D] – J:3HEAT
[16/12/2013 – 16:02:06 | D] – J:4New
[15/02/2014 – 18:20:56 | D] – J:5Africa

################## | Vaccin |

D:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
F:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
J:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)

################## | E.O.F | http://www.sosvirus.net/ | http://www.usbfix.net/ |