J'ai réussi en mode sans échec, environ 20 minutes.
Je vous est envoyé le fichier texte de ZHPDiag.
Je travaille de nuit, je regarderai mes messages demain vers 5h30, et je serai opérationnel vers 10h00.
Merci, à demain
############################## | UsbFix V 7.103 | [Suppression]
Utilisateur: eml (Administrateur) # EML-HP
Mis à jour le 03/02/2013 par El Desaparecido
Lancé à 18:34:20 | 04/02/2013
Site Web: http://sosvirus.org/index.php
Contact: contact@sosvirus.org
PC: Hewlett-Packard (p6-2059frm) (x64-based PC)
CPU: Intel(R) Core(TM) i5-2320 CPU @ 3.00GHz (2993)
RAM -> [Total : 4077 | Free : 3521]
BIOS: BIOS Date: 08/23/2011 CUP_711.rom Ver: 7.11
BOOT: Fail-safe boot
OS: Microsoft Windows 7 Édition Familiale Premium (6.1.7601 64-Bit) # Service Pack 1
WB: Windows Internet Explorer 9.0.8112.16421
SC: Security Center Service [Enabled]
WU: Windows Update Service [Enabled]
AV: avast! Antivirus [Enabled | Updated]
FW: Windows FireWall Service [(!) Disabled]
C:\ (%systemdrive%) -> Disque fixe # 1850 Go (1301 Go libre(s) - 70%) [OS] # NTFS
D:\ -> Disque fixe # 13 Go (2 Go libre(s) - 12%) [HP_RECOVERY] # NTFS
E:\ -> CD-ROM
F:\ -> Disque fixe # 466 Go (332 Go libre(s) - 71%) [Disque_Sauvegardes] # NTFS
G:\ -> Disque amovible # 7 Go (7 Go libre(s) - 90%) [ERIC] # FAT32
I:\ -> CD-ROM
################## | Processus Actif |
C:\Windows\system32\csrss.exe (540)
C:\Windows\system32\csrss.exe (608)
C:\Windows\system32\wininit.exe (616)
C:\Windows\system32\winlogon.exe (672)
C:\Windows\system32\services.exe (724)
C:\Windows\system32\lsass.exe (732)
C:\Windows\system32\lsm.exe (740)
C:\Windows\system32\svchost.exe (836)
C:\Windows\system32\svchost.exe (912)
C:\Windows\System32\svchost.exe (1008)
C:\Windows\system32\svchost.exe (436)
C:\Windows\system32\svchost.exe (612)
C:\Windows\system32\svchost.exe (800)
C:\Windows\Explorer.EXE (1304)
C:\Windows\system32\ctfmon.exe (1352)
C:\UsbFix\Go.exe (1792)
C:\Windows\system32\wbem\wmiprvse.exe (1888)
C:\Windows\System32\svchost.exe (1944)
################## | Processus Stoppés |
Stoppé! C:\Windows\Explorer.EXE (1304)
Stoppé! C:\Windows\system32\ctfmon.exe (1352)
################## | Éléments infectieux |
Supprimé! C:\$RECYCLE.BIN\S-1-5-18
Supprimé! C:\$RECYCLE.BIN\S-1-5-20
Supprimé! C:\$RECYCLE.BIN\S-1-5-21-1910840758-2371759073-1474449307-500
Supprimé! C:\$RECYCLE.BIN\S-1-5-21-3155425427-2829168655-3667697107-1001
Supprimé! C:\$RECYCLE.BIN\S-1-5-21-3155425427-2829168655-3667697107-500
Supprimé! C:\$RECYCLE.BIN\S-1-5-21-396570061-4009115023-1864921450-1000
Supprimé! C:\$RECYCLE.BIN\S-1-5-21-656246157-3880784533-2161248102-1000
Supprimé! D:\$RECYCLE.BIN\S-1-5-21-3155425427-2829168655-3667697107-1001
Supprimé! D:\$RECYCLE.BIN\S-1-5-21-3155425427-2829168655-3667697107-500
Supprimé! F:\$RECYCLE.BIN\S-1-5-21-1417038259-4274611614-918700566-1000
Supprimé! F:\$RECYCLE.BIN\S-1-5-21-2446425271-214481124-2122448197-1000
Supprimé! F:\$RECYCLE.BIN\S-1-5-21-3155425427-2829168655-3667697107-1001
Supprimé! F:\$RECYCLE.BIN\S-1-5-21-452559011-4028376522-3745246748-1004
(!) Fichiers temporaires supprimés.
################## | Registre |
################## | Mountpoints2 |
Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{6d78cc06-3181-11e1-b8d5-2c41388c4366}
Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{8f4ee34f-5641-11e1-a6ba-2c41388c4366}
################## | Listing |
[04/02/2013 - 18:39:48 | SHD ] C:\$RECYCLE.BIN
[01/02/2013 - 11:48:14 | D ] C:\Abi & Jérémy
[04/08/2012 - 13:46:18 | N | 11266] C:\AddDCEC.tmp.rtf
[03/02/2013 - 22:16:22 | N | 33638] C:\AdwCleaner[R1].txt
[03/02/2013 - 22:25:10 | N | 33330] C:\AdwCleaner[S1].txt
[11/06/2012 - 15:18:54 | D ] C:\Anuman Interactive
[11/02/2011 - 18:00:42 | N | 8192] C:\BOOTSECT.BAK
[14/07/2009 - 06:08:56 | SHD ] C:\Documents and Settings
[04/12/2012 - 16:36:27 | D ] C:\Download
[01/02/2013 - 10:05:12 | D ] C:\EDF-EAU
[04/02/2013 - 11:16:40 | D ] C:\Eric
[07/11/2007 - 07:00:40 | N | 17734] C:\eula.1028.txt
[07/11/2007 - 07:00:40 | N | 17734] C:\eula.1031.txt
[07/11/2007 - 07:00:40 | N | 10134] C:\eula.1033.txt
[07/11/2007 - 07:00:40 | N | 17734] C:\eula.1036.txt
[07/11/2007 - 07:00:40 | N | 17734] C:\eula.1040.txt
[07/11/2007 - 07:00:40 | N | 118] C:\eula.1041.txt
[07/11/2007 - 07:00:40 | N | 17734] C:\eula.1042.txt
[07/11/2007 - 07:00:40 | N | 17734] C:\eula.2052.txt
[07/11/2007 - 07:00:40 | N | 17734] C:\eula.3082.txt
[04/02/2013 - 10:51:06 | D ] C:\Films
[28/09/2012 - 08:18:41 | D ] C:\found.000
[07/11/2007 - 07:00:40 | N | 1110] C:\globdata.ini
[21/11/2011 - 16:04:29 | D ] C:\Généalogie Chelet
[03/05/2012 - 20:42:28 | N | 65048] C:\Hardware.txt
[04/02/2013 - 18:31:51 | ASH | 3206148096] C:\hiberfil.sys
[24/10/2011 - 00:15:46 | D ] C:\hp
[02/05/2012 - 11:56:02 | D ] C:\Impôts
[07/11/2007 - 07:03:18 | N | 562688] C:\install.exe
[07/11/2007 - 07:00:40 | N | 843] C:\install.ini
[07/11/2007 - 07:03:18 | N | 76304] C:\install.res.1028.dll
[07/11/2007 - 07:03:18 | N | 96272] C:\install.res.1031.dll
[07/11/2007 - 07:03:18 | N | 91152] C:\install.res.1033.dll
[07/11/2007 - 07:03:18 | N | 97296] C:\install.res.1036.dll
[07/11/2007 - 07:03:18 | N | 95248] C:\install.res.1040.dll
[07/11/2007 - 07:03:18 | N | 81424] C:\install.res.1041.dll
[07/11/2007 - 07:03:18 | N | 79888] C:\install.res.1042.dll
[07/11/2007 - 07:03:18 | N | 75792] C:\install.res.2052.dll
[07/11/2007 - 07:03:18 | N | 96272] C:\install.res.3082.dll
[07/02/2012 - 13:07:47 | N | 14890] C:\Installer.log
[04/05/2012 - 14:17:47 | D ] C:\Kreapixel
[04/06/2012 - 14:51:25 | D ] C:\Lit
[07/02/2012 - 12:37:36 | N | 90] C:\LogiSetup.log
[04/02/2013 - 12:28:43 | D ] C:\Marie Laure
[30/08/2012 - 08:03:05 | D ] C:\Morgane
[07/06/2012 - 09:35:46 | RHD ] C:\MSOCache
[11/10/2012 - 12:56:48 | D ] C:\NVIDIA
[23/10/2011 - 23:28:42 | N | 0] C:\OS
[04/02/2013 - 18:31:55 | ASH | 4274868224] C:\pagefile.sys
[04/05/2012 - 17:30:15 | D ] C:\Pb avast
[03/02/2013 - 18:56:24 | N | 512] C:\PhysicalDisk0_MBR.bin
[04/01/2013 - 10:35:44 | D ] C:\Program Files
[03/02/2013 - 22:24:56 | D ] C:\Program Files (x86)
[03/02/2013 - 22:24:53 | HD ] C:\ProgramData
[11/01/2013 - 12:25:16 | D ] C:\PV
[11/02/2011 - 20:24:35 | SHD ] C:\Recovery
[01/02/2013 - 12:06:27 | D ] C:\sauvegarde jeremy
[06/06/2012 - 16:06:35 | N | 4] C:\ScrubRetValFile.txt
[19/11/2012 - 09:20:03 | D ] C:\SWSETUP
[01/02/2013 - 19:35:28 | SHD ] C:\System Volume Information
[19/11/2011 - 10:07:03 | D ] C:\SYSTEM.SAV
[21/11/2011 - 16:01:07 | D ] C:\Thermomix
[09/10/2012 - 13:18:06 | D ] C:\TVO
[04/02/2013 - 14:50:42 | D ] C:\Téléchargement
[11/07/2012 - 09:46:36 | D ] C:\ubuntu
[04/02/2013 - 18:39:49 | D ] C:\UsbFix
[04/02/2013 - 12:00:19 | N | 5895] C:\UsbFix [Scan 1] eml.txt
[04/02/2013 - 12:05:46 | N | 6194] C:\UsbFix [Scan 2] eml.txt
[04/02/2013 - 15:17:35 | N | 6234] C:\UsbFix [Scan 3] eml.txt
[04/02/2013 - 12:29:43 | N | 9908] C:\UsbFix[Clean 1] eml.txt
[04/02/2013 - 13:09:45 | N | 9359] C:\UsbFix[Clean 2] eml.txt
[04/02/2013 - 13:56:42 | N | 8959] C:\UsbFix[Clean 3] eml.txt
[04/02/2013 - 15:18:00 | N | 9749] C:\UsbFix[Clean 4] eml.txt
[04/02/2013 - 18:40:21 | A | 7039] C:\UsbFix[Clean 5] eml.txt
[10/07/2012 - 17:26:55 | D ] C:\Users
[07/11/2007 - 07:00:40 | N | 5686] C:\vcredist.bmp
[07/11/2007 - 07:09:22 | N | 1442522] C:\VC_RED.cab
[07/11/2007 - 07:12:28 | N | 232960] C:\VC_RED.MSI
[03/02/2013 - 22:28:08 | D ] C:\Windows
[01/06/2011 - 10:25:47 | N | 16876872] C:\winzip155.exe
[31/12/2011 - 14:09:19 | D ] C:\YoutubeMusicDownloader
[03/02/2013 - 19:49:30 | D ] C:\ZHP
[04/02/2013 - 18:39:49 | SHD ] D:\$RECYCLE.BIN
[19/11/2011 - 09:56:21 | SHD ] D:\boot
[20/11/2010 - 07:40:07 | ASH | 383786] D:\bootmgr
[19/11/2011 - 09:56:20 | N | 0] D:\BT_HP.FLG
[24/10/2011 - 01:43:38 | N | 492] D:\CSP.DAT
[24/10/2011 - 01:55:06 | N | 13230] D:\DeployRp.log
[05/05/2012 - 12:18:45 | D ] D:\hp
[05/05/2012 - 12:18:45 | N | 0] D:\hpdrcu.prc
[05/02/2012 - 11:18:35 | N | 20] D:\HPSF_Rep.txt
[05/11/2012 - 09:48:34 | N | 8] D:\HP_WSD.dat
[19/11/2011 - 09:56:10 | N | 44] D:\language.ini
[19/11/2011 - 09:56:21 | SHD ] D:\preload
[19/11/2011 - 09:56:21 | SD ] D:\Recovery
[24/10/2011 - 01:55:06 | N | 0] D:\RPCONFIG.LOG
[29/07/2012 - 18:01:22 | SHD ] D:\System Volume Information
[04/02/2013 - 18:39:48 | SHD ] F:\$RECYCLE.BIN
[26/11/2012 - 10:43:58 | N | 2127615] F:\Bilan triennal 2009-2010-2011.pptx
[14/12/2012 - 12:28:27 | D ] F:\dossier mlaure
[10/09/2012 - 15:58:31 | D ] F:\Films
[26/07/2012 - 16:18:54 | D ] F:\Perso
[14/12/2012 - 13:07:20 | D ] F:\Plannings prev et réalisés par AGENTS
[14/12/2012 - 13:07:45 | D ] F:\projet noel
[26/11/2012 - 17:12:19 | N | 790016] F:\Retour sur 3 ans aux APS.pub
[30/09/2012 - 09:29:13 | D ] F:\sivu
[25/08/2012 - 07:11:43 | SHD ] F:\System Volume Information
[26/07/2012 - 16:19:32 | D ] F:\Trekstor
[26/11/2012 - 10:46:10 | | 165] F:\~$Bilan triennal 2009-2010-2011 - Copie.pptx
[24/06/2011 - 11:52:52 | N | 15218] G:\ldlinux.sys
[02/07/2011 - 12:21:58 | N | 4096] G:\._.Trashes
[01/01/2010 - 00:00:20 | D ] G:\BUDA
[02/07/2011 - 12:21:58 | HD ] G:\.Trashes
[02/07/2011 - 12:21:58 | D ] G:\.Spotlight-V100
[02/07/2011 - 12:21:58 | D ] G:\.fseventsd
[31/08/2012 - 19:00:50 | D ] G:\Nouveau dossier
[27/06/2012 - 22:55:26 | D ] G:\Excel
[31/08/2012 - 17:43:34 | D ] G:\Photos
[19/01/2013 - 11:51:40 | D ] G:\foto
[17/07/2012 - 20:11:24 | D ] G:\Généalogie
[04/08/2012 - 14:41:46 | D ] G:\SMRTNTKY
[27/06/2012 - 22:54:36 | D ] G:\Candia
[27/06/2012 - 22:54:10 | D ] G:\Perso
[31/08/2012 - 19:01:04 | D ] G:\Week avec Jérèm et Abi (Aout 2012)
[17/07/2012 - 20:11:38 | D ] G:\EVEREST_Ultimate_Edition_v5.50_2225
[12/09/2012 - 21:09:52 | D ] G:\Formation Excel
[21/06/2012 - 15:59:08 | D ] G:\SYS
################## | Vaccin |
C:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
D:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
F:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
G:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
################## | E.O.F |