############################## | UsbFix 7.060 | [Recherche] Utilisateur: Administrateur (Administrateur) # SWEET-6BD100D2B Mis à jour le 22/09/2011 par El Desaparecido Lancé à 20:16:47 | 29/09/2011 Site Web: http://eldesaparecido.com Fichier suspect ? : http://eldesaparecido.com/support.php Contact: contact@eldesaparecido.com PC: NVIDIA (AWRDACPI) (X86-based PC) # Desktop Computer CPU: AMD Athlon(tm) XP 2800+ (2079) RAM -> [ Total : 1023 | Free : 534 ] BIOS: Phoenix - AwardBIOS v6.00PG BOOT: Normal boot OS: Microsoft Windows XP Professionnel (5.1.2600 32-Bit) # Service Pack 2 WB: Windows Internet Explorer 7.0.5730.11 SC: Security Center Service [ (!) Disabled ] WU: Windows Update Service [ Enabled ] FW: Windows FireWall Service [ Enabled ] C:\ (%systemdrive%) -> Disque fixe # 29 Go (17 Go libre(s) - 59%) [XP] # NTFS D:\ -> Disque fixe # 47 Go (8 Go libre(s) - 16%) [TRANSIT] # NTFS E:\ -> Disque fixe # 233 Go (77 Go libre(s) - 33%) [DATA] # NTFS F:\ -> CD-ROM G:\ -> CD-ROM H:\ -> CD-ROM I:\ -> Disque fixe # 153 Go (113 Go libre(s) - 74%) [ACER] # FAT32 ################## | Processus Actif | C:\WINDOWS\System32\smss.exe (928) C:\WINDOWS\system32\winlogon.exe (1068) C:\WINDOWS\system32\services.exe (1112) C:\WINDOWS\system32\lsass.exe (1124) C:\WINDOWS\system32\Ati2evxx.exe (1292) C:\WINDOWS\system32\svchost.exe (1308) C:\WINDOWS\System32\svchost.exe (1528) C:\WINDOWS\system32\Ati2evxx.exe (1668) C:\WINDOWS\Explorer.EXE (1928) C:\WINDOWS\system32\spoolsv.exe (352) C:\Program Files\Avira\AntiVir Desktop\sched.exe (444) C:\WINDOWS\Mixer.exe (540) C:\Program Files\Unlocker\UnlockerAssistant.exe (560) C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe (608) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (660) C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe (668) C:\Program Files\Norton Ghost\Agent\VProTray.exe (676) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE (692) C:\WINDOWS\system32\ctfmon.exe (708) C:\Program Files\DAEMON Tools\daemon.exe (744) C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (776) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe (1372) C:\Program Files\Avira\AntiVir Desktop\avguard.exe (1596) C:\Program Files\Java\jre6\bin\jqs.exe (1664) C:\Program Files\Norton Ghost\Agent\VProSvc.exe (1160) C:\Program Files\Macrium\Reflect\ReflectService.exe (1820) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (1564) C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe (1980) C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe (2036) C:\WINDOWS\system32\svchost.exe (648) C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe (2476) C:\Program Files\Norton Ghost\Shared\Drivers\SymSnapService.exe (2676) C:\WINDOWS\System32\svchost.exe (1268) C:\WINDOWS\system32\NOTEPAD.EXE (1044) C:\UsbFix\UsbFix.exe (2388) c:\program files\avira\antivir desktop\avcenter.exe (2832) ################## | Éléments infectieux | ################## | Registre | Présent! HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\explorer|forceclassiccontrolpanel Présent! HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\explorer|NoResolveSearch ################## | Mountpoints2 | ################## | Listing | [21/01/2011 - 21:27:15 | A | 0] C:\AUTOEXEC.BAT [21/01/2011 - 21:21:00 | SH | 212] C:\boot.ini [07/09/2002 - 02:00:00 | RASH | 4952] C:\Bootfont.bin [21/01/2011 - 21:27:15 | A | 0] C:\CONFIG.SYS [21/01/2011 - 21:29:24 | D ] C:\Documents and Settings [21/01/2011 - 21:27:15 | RASH | 0] C:\IO.SYS [09/07/2011 - 12:27:15 | A | 313] C:\moduleName.txt [21/01/2011 - 21:27:15 | RASH | 0] C:\MSDOS.SYS [21/01/2011 - 21:40:17 | RHD ] C:\MSOCache [04/08/2004 - 04:38:34 | RASH | 47564] C:\NTDETECT.COM [04/08/2004 - 04:59:44 | RASH | 251712] C:\ntldr [29/09/2011 - 19:27:57 | ASH | 1610612736] C:\pagefile.sys [21/09/2011 - 18:36:08 | RD ] C:\Program Files [21/01/2011 - 23:06:08 | SHD ] C:\RECYCLER [21/01/2011 - 21:29:17 | SHD ] C:\System Volume Information [28/09/2011 - 18:51:35 | A | 102470] C:\TDSSKiller.2.6.2.0_28.09.2011_18.47.07_log.txt [29/09/2011 - 20:19:45 | D ] C:\UsbFix [29/09/2011 - 20:21:41 | A | 3256] C:\UsbFix.txt [21/09/2011 - 18:36:52 | D ] C:\WINDOWS [21/01/2011 - 21:48:01 | A | 15021] C:\WPI_Log.txt [26/09/2004 - 22:44:08 | D ] D:\bibliotheque nero [21/01/2011 - 19:05:24 | RD ] D:\Favoris-saved [21/09/2011 - 17:54:32 | D ] D:\Mes Sites Web [22/09/2004 - 02:12:23 | HD ] D:\msdownld.tmp [21/09/2011 - 18:29:37 | A | 125480696] D:\NGH150_AllWin_FrenchTryBuy30.exe [21/01/2011 - 23:10:27 | SHD ] D:\RECYCLER [21/01/2011 - 22:04:49 | SHD ] D:\System Volume Information [21/09/2011 - 17:54:33 | ASH | 16384] D:\Thumbs.db [21/09/2011 - 23:23:55 | D ] D:\virigifab [21/09/2011 - 18:43:30 | RHD ] D:\VProRecovery [01/01/2009 - 17:27:51 | D ] E:\b-commun [11/08/2011 - 23:23:23 | D ] E:\b-patou [29/09/2011 - 19:55:01 | D ] E:\b-yoann [16/10/2006 - 18:58:24 | D ] E:\Camescope [21/09/2011 - 18:00:36 | D ] E:\conneries [11/08/2011 - 23:23:26 | D ] E:\DivX [20/07/2011 - 21:46:54 | D ] E:\Documents [01/12/2007 - 22:53:04 | D ] E:\DVDtheque [21/01/2011 - 17:06:22 | D ] E:\ER5 [26/09/2007 - 14:59:41 | A | 129] E:\Lecteur CD.lnk [22/01/2011 - 01:21:48 | A | 884] E:\liste soft.txt [25/02/2011 - 09:41:54 | D ] E:\Mariage [21/08/2006 - 23:08:56 | D ] E:\Mes clips video [23/01/2010 - 17:35:37 | D ] E:\Mes Music [25/01/2011 - 18:49:11 | D ] E:\Mes photos [29/09/2011 - 20:13:54 | D ] E:\Outlook [25/01/2011 - 13:39:06 | D ] E:\OutlookExpress [21/01/2011 - 17:22:29 | D ] E:\Papeterie [22/08/2006 - 00:06:24 | SHD ] E:\Recycled [24/01/2011 - 16:33:02 | SHD ] E:\RECYCLER [11/08/2011 - 23:23:27 | D ] E:\site web [26/01/2011 - 11:00:32 | D ] E:\Softs Downloaded [09/07/2011 - 09:53:19 | D ] E:\Solidworks Data [22/01/2011 - 00:23:12 | SHD ] E:\System Volume Information [21/09/2011 - 18:07:10 | D ] E:\TRANSIT [04/12/2008 - 23:11:59 | D ] E:\WUTemp [21/01/2011 - 18:01:53 | D ] E:\x_ARCHIVES [20/04/2004 - 11:31:54 | A | 5] I:\xpsp2.id [31/12/2005 - 18:42:40 | SHD ] I:\FOUND.000 [04/06/2005 - 10:36:56 | D ] I:\GUIDE [20/04/2004 - 11:31:54 | A | 5] I:\fr.id [16/08/2004 - 10:02:46 | D ] I:\sysinfo [05/08/2004 - 05:00:00 | AD ] I:\i386 [05/08/2004 - 05:00:00 | AD ] I:\VALUEADD [05/08/2004 - 05:00:00 | AD ] I:\dotnetfx [10/02/2006 - 08:47:26 | SHD ] I:\FOUND.001 [25/05/2006 - 23:06:36 | SHD ] I:\FOUND.002 [25/09/2006 - 20:44:40 | SHD ] I:\FOUND.003 [04/06/2005 - 10:37:18 | SH | 512] I:\BOOTSECT.DOS [19/10/2007 - 17:17:14 | SHD ] I:\FOUND.004 [24/11/2008 - 19:16:48 | SHD ] I:\FOUND.005 [12/01/2009 - 18:50:12 | SHD ] I:\FOUND.006 [04/03/2009 - 12:35:12 | SHD ] I:\FOUND.007 [31/03/2009 - 12:44:22 | SHD ] I:\FOUND.008 [01/04/2009 - 12:27:50 | SHD ] I:\FOUND.009 [28/05/2009 - 18:57:38 | SHD ] I:\FOUND.010 [28/05/2009 - 20:16:28 | SHD ] I:\FOUND.011 [29/05/2009 - 18:24:48 | SHD ] I:\FOUND.012 [05/05/2003 - 10:31:58 | D ] I:\WINDOWS [30/05/2009 - 11:00:36 | SHD ] I:\FOUND.013 [05/08/2004 - 05:00:00 | RASH | 4952] I:\Bootfont.bin [16/11/2008 - 11:27:14 | RASH | 252240] I:\ntldr [05/08/2004 - 05:00:00 | RASH | 47564] I:\NTDETECT.COM [04/06/2005 - 10:46:58 | D ] I:\DRV [14/07/2009 - 20:14:40 | SHD ] I:\FOUND.014 [01/08/2009 - 15:02:14 | SHD ] I:\FOUND.015 [04/06/2005 - 11:19:28 | RASH | 216] I:\boot.ini [04/06/2005 - 10:47:32 | D ] I:\Documents and Settings [04/06/2005 - 10:52:50 | RD ] I:\Program Files [04/06/2005 - 10:53:38 | A | 0] I:\CONFIG.SYS [04/06/2005 - 10:53:38 | A | 0] I:\AUTOEXEC.BAT [04/06/2005 - 10:53:38 | RASH | 0] I:\IO.SYS [04/06/2005 - 10:53:38 | RASH | 0] I:\MSDOS.SYS [22/08/2009 - 23:47:06 | D ] I:\f61e1af4b8e22bd8703b38a37e82e0 [22/08/2009 - 23:47:12 | D ] I:\63289564ff2fd462b8d8f78a [23/08/2009 - 14:32:56 | D ] I:\00ff40539b78294d17 [24/08/2009 - 21:00:04 | D ] I:\7862547622bec26901 [24/08/2009 - 21:00:12 | D ] I:\d4e353f6906a1258f762266277 [31/12/2009 - 10:45:18 | SHD ] I:\FOUND.016 [07/01/2010 - 12:45:24 | SHD ] I:\FOUND.017 [21/01/2010 - 12:49:30 | SHD ] I:\FOUND.018 [25/01/2010 - 12:40:24 | SHD ] I:\FOUND.019 [22/02/2010 - 12:27:52 | SHD ] I:\FOUND.020 [10/03/2010 - 12:49:26 | SHD ] I:\FOUND.021 [15/03/2010 - 12:43:36 | SHD ] I:\FOUND.022 [26/05/2010 - 12:21:26 | SHD ] I:\FOUND.023 [28/06/2010 - 12:30:04 | SHD ] I:\FOUND.024 [12/07/2010 - 12:19:08 | SHD ] I:\FOUND.025 [25/07/2010 - 10:48:50 | SHD ] I:\FOUND.026 [05/08/2010 - 13:10:10 | SHD ] I:\FOUND.027 [03/10/2010 - 11:34:04 | SHD ] I:\FOUND.028 [03/10/2010 - 14:38:06 | SHD ] I:\FOUND.029 [24/10/2010 - 11:16:32 | SHD ] I:\FOUND.030 [09/11/2010 - 17:33:42 | SHD ] I:\FOUND.031 [12/11/2010 - 06:42:44 | SHD ] I:\FOUND.032 [14/11/2010 - 16:31:50 | SHD ] I:\FOUND.033 [15/11/2010 - 20:13:52 | A | 90] I:\error.log [24/11/2010 - 19:16:50 | SHD ] I:\FOUND.034 [29/11/2010 - 12:16:26 | SHD ] I:\FOUND.035 [29/11/2010 - 18:34:28 | SHD ] I:\FOUND.036 [03/01/2011 - 18:33:30 | SHD ] I:\FOUND.037 [05/06/2011 - 10:19:54 | SHD ] I:\FOUND.038 [21/08/2011 - 09:50:30 | SHD ] I:\FOUND.039 [04/09/2011 - 09:28:34 | SHD ] I:\FOUND.040 [22/09/2011 - 21:25:20 | SHD ] I:\FOUND.041 [04/06/2005 - 10:57:32 | SHD ] I:\System Volume Information [21/05/2003 - 17:20:16 | D ] I:\Acer [04/06/2005 - 11:13:18 | SHD ] I:\Recycled [19/09/2011 - 12:14:28 | ASH | 536399872] I:\hiberfil.sys [28/07/2005 - 14:21:20 | D ] I:\Config.Msi [30/07/2005 - 10:44:34 | D ] I:\MWASPINT [12/01/2006 - 21:06:38 | D ] I:\Toolbox Parts [19/09/2011 - 12:14:22 | ASH | 841678848] I:\pagefile.sys [09/07/2008 - 12:17:28 | A | 6] I:\ISACER.ID [12/04/2010 - 19:53:10 | A | 230424] I:\img2-001.raw [11/11/2008 - 22:53:38 | AH | 244] I:\sqmnoopt00.sqm [11/11/2008 - 22:53:38 | AH | 268] I:\sqmdata00.sqm [10/12/2008 - 12:37:16 | AH | 244] I:\sqmnoopt01.sqm [10/12/2008 - 12:37:16 | AH | 268] I:\sqmdata01.sqm [31/12/2008 - 16:33:56 | A | 510] I:\updatedatfix.log [17/02/2009 - 12:23:00 | D ] I:\Application Data [22/03/2009 - 18:01:50 | D ] I:\Smart-Shopper [27/03/2009 - 12:24:50 | D ] I:\acer.OEM-CA7AE9A064A [22/02/2010 - 12:39:24 | A | 368] I:\content_update_notification.xml [07/04/2009 - 19:41:38 | D ] I:\report [16/04/2009 - 12:22:36 | D ] I:\cs ################## | Vaccin | (!) Cet ordinateur n'est pas vacciné! ################## | E.O.F |