Hiketsu
Nombre d'articles : 0

Bonsoir Hawx ! merci de prendre de ton temps pour m’aider :)
Voici le rapport !

[spoiler:3grgubhl]############################## | UsbFix V 7.127 | [Suppression]

Utilisateur: Lu'crôut (Administrateur) # LUCRÔUT-PC
Mis à jour le 05/06/2013 par El Desaparecido
Lancé à 00:29:16 | 10/06/2013

Site Web: http://sosvirus.org/” onclick=”window.open(this.href);return false;
Upload Malware: http://upload.sosvirus.org/” onclick=”window.open(this.href);return false;
Contact: contact@sosvirus.org

PC: Packard Bell (EasyNote TM86 ) (x64-based PC)
CPU: Intel(R) Core(TM) i3 CPU M 330 @ 2.13GHz (2133)
RAM -> [Total : 3959 | Free : 1580]
BIOS: InsydeH2O Version V1.02
BOOT: Normal boot

OS: Microsoft Windows 7 Édition Familiale Premium (6.1.7601 64-Bit) # Service Pack 1
WB: Windows Internet Explorer 10.0.9200.16576

SC: Security Center Service [(!) Disabled]
WU: Windows Update Service [Enabled]
AV: AntiVir Desktop [Enabled | Updated]
FW: Windows FireWall Service [(!) Disabled]

C: (%systemdrive%) -> Disque fixe # 454 Go (237 Go libre(s) – 52%) [Packard Bell] # NTFS
D: -> CD-ROM
E: -> CD-ROM
F: -> Disque amovible # 2 Go (2 Go libre(s) – 97%) [] # FAT

################## | El Desaparecido Section |

HKLMSOFTWARE | Run : [IAStorIcon] – C:Program Files (x86)IntelIntel(R) Rapid Storage TechnologyIAStorIcon.exe
HKLMSOFTWARE | Run : [BackupManagerTray] – “C:Program Files (x86)NewTech InfosystemsPackard Bell MyBackupBackupManagerTray.exe” -h -k
HKLMSOFTWARE | Run : [LManager] – C:Program Files (x86)Launch ManagerLManager.exe
HKLMSOFTWARE | Run : [DivXUpdate] – “C:Program Files (x86)DivXDivX UpdateDivXUpdate.exe” /CHECKNOW
HKLMSOFTWARE | Run : [DivX Download Manager] – “C:Program Files (x86)DivXDivX Plus Web PlayerDDmService.exe” start
HKLMSOFTWARE | Run : [mumservice] – C:Program FilesMotorolaSoftware Updatemumservice.exe
HKLMSOFTWARE | Run : [MFP Manager] – C:Program Files (x86)MFP ServerMFPAgent.exe -CheckAutoRun
HKLMSOFTWARE | Run : [Server Application] – C:Windowssystem32ServoApp.exe
HKLMSOFTWARE | Run : [GDI Manager] – “C:Program Files (x86)MFP ServerAppCommonMFPAgent.exe”
HKLMSOFTWARE | Run : [SunJavaUpdateSched] – “C:Program Files (x86)Common FilesJavaJava Updatejusched.exe”
HKLMSOFTWARE | Run : [QuickTime Task] – “C:Program Files (x86)QuickTimeQTTask.exe” -atboottime
HKLMSOFTWARE | Run : [iTunesHelper] – “C:Program Files (x86)iTunesiTunesHelper.exe”
HKLMSOFTWARE | Run : [Adobe ARM] – “C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe”
HKLMSOFTWARE | Run : [avast] – “C:Program FilesAVAST SoftwareAvastavastUI.exe” /nogui
HKLMSOFTWAREwow6432Node | Run : [IAStorIcon] – C:Program Files (x86)IntelIntel(R) Rapid Storage TechnologyIAStorIcon.exe
HKLMSOFTWAREwow6432Node | Run : [BackupManagerTray] – “C:Program Files (x86)NewTech InfosystemsPackard Bell MyBackupBackupManagerTray.exe” -h -k
HKLMSOFTWAREwow6432Node | Run : [LManager] – C:Program Files (x86)Launch ManagerLManager.exe
HKLMSOFTWAREwow6432Node | Run : [DivXUpdate] – “C:Program Files (x86)DivXDivX UpdateDivXUpdate.exe” /CHECKNOW
HKLMSOFTWAREwow6432Node | Run : [DivX Download Manager] – “C:Program Files (x86)DivXDivX Plus Web PlayerDDmService.exe” start
HKLMSOFTWAREwow6432Node | Run : [mumservice] – C:Program FilesMotorolaSoftware Updatemumservice.exe
HKLMSOFTWAREwow6432Node | Run : [MFP Manager] – C:Program Files (x86)MFP ServerMFPAgent.exe -CheckAutoRun
HKLMSOFTWAREwow6432Node | Run : [Server Application] – C:Windowssystem32ServoApp.exe
HKLMSOFTWAREwow6432Node | Run : [GDI Manager] – “C:Program Files (x86)MFP ServerAppCommonMFPAgent.exe”
HKLMSOFTWAREwow6432Node | Run : [SunJavaUpdateSched] – “C:Program Files (x86)Common FilesJavaJava Updatejusched.exe”
HKLMSOFTWAREwow6432Node | Run : [QuickTime Task] – “C:Program Files (x86)QuickTimeQTTask.exe” -atboottime
HKLMSOFTWAREwow6432Node | Run : [iTunesHelper] – “C:Program Files (x86)iTunesiTunesHelper.exe”
HKLMSOFTWAREwow6432Node | Run : [Adobe ARM] – “C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe”
HKLMSOFTWAREwow6432Node | Run : [avast] – “C:Program FilesAVAST SoftwareAvastavastUI.exe” /nogui
HKLMSOFTWARE | RunOnce : [] –
HKLMSOFTWAREwow6432Node | RunOnce : [] –
HKUS-1-5-19SOFTWARE | Run : [Sidebar] – %ProgramFiles%Windows SidebarSidebar.exe /autoRun
HKUS-1-5-20SOFTWARE | Run : [Sidebar] – %ProgramFiles%Windows SidebarSidebar.exe /autoRun
HKUS-1-5-21-1214210514-4104578939-908626983-1000SOFTWARE | Run : [msnmsgr] – “C:Program Files (x86)Windows LiveMessengermsnmsgr.exe” /background
HKUS-1-5-21-1214210514-4104578939-908626983-1000SOFTWARE | Run : [Facebook Update] – “C:UsersLu'crôutAppDataLocalFacebookUpdateFacebookUpdate.exe” /c /nocrashserver
HKUS-1-5-21-1214210514-4104578939-908626983-1000SOFTWARE | Run : [EPSON SX430 Series] – C:Windowssystem32spoolDRIVERSx643E_IATIHAE.EXE /FU “C:UsersLU'CRU~1AppDataLocalTempE_SBC6B.tmp” /EF “HKCU”
HKUS-1-5-21-1214210514-4104578939-908626983-1000SOFTWARE | Run : [swg] – “C:Program Files (x86)GoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe”
HKUS-1-5-21-1214210514-4104578939-908626983-1000SOFTWARE | Run : [Connexion SFR 9props.exe] – “C:Program Files (x86)SFRKit9props.exe” /trayicon
HKUS-1-5-21-1214210514-4104578939-908626983-1000SOFTWARE | Run : [EPSON Stylus SX400 Series] – C:Windowssystem32spoolDRIVERSx643E_IATIEGE.EXE /FU “C:WindowsTEMPE_S8823.tmp” /EF “HKCU”
HKUS-1-5-21-1214210514-4104578939-908626983-1000SOFTWARE | Run : [Spotify] – “C:UsersLu'crôutAppDataRoamingSpotifySpotify.exe” /uri spotify:autostart
HKUS-1-5-21-1214210514-4104578939-908626983-1000SOFTWARE | Run : [Spotify Web Helper] – “C:UsersLu'crôutAppDataRoamingSpotifyDataSpotifyWebHelper.exe”
HKUS-1-5-19SOFTWARE | RunOnce : [mctadmin] – C:WindowsSystem32mctadmin.exe
HKUS-1-5-20SOFTWARE | RunOnce : [mctadmin] – C:WindowsSystem32mctadmin.exe

################## | Processus Stoppés |

Stoppé! C:Windowssystem32nvvsvc.exe (912)
Stoppé! C:Program FilesAVAST SoftwareAvastAvastSvc.exe (1320)
Stoppé! C:Windowssystem32nvvsvc.exe (1368)
Stoppé! C:Program FilesAVAST SoftwareAvastafwServ.exe (1476)
Stoppé! C:WindowsSystem32spoolsv.exe (1748)
Stoppé! C:Program Files (x86)Common FilesAdobeARM1.0armsvc.exe (1904)
Stoppé! C:Program Files (x86)Common FilesAppleMobile Device SupportAppleMobileDeviceService.exe (1928)
Stoppé! C:Program Files (x86)BonjourmDNSResponder.exe (1956)
Stoppé! C:Program Files (x86)Motorola Media LinkLiteNServiceEntry.exe (1672)
Stoppé! C:Program Files (x86)Launch Managerdsiwmis.exe (2120)
Stoppé! C:Program FilesPackard BellPackard Bell Power ManagementePowerSvc.exe (2148)
Stoppé! C:WindowsMicrosoft.NetFramework64v3.0WPFPresentationFontCache.exe (2172)
Stoppé! C:Program Files (x86)Packard BellRegistrationGregHSRW.exe (2224)
Stoppé! C:Program Files (x86)IntelIntel(R) Management Engine ComponentsLMSLMS.exe (2260)
Stoppé! C:Program Files (x86)MotorolaMotoHelperMotoHelperService.exe (2288)
Stoppé! C:Program Files (x86)NewTech InfosystemsPackard Bell MyBackupIScheduleSvc.exe (2344)
Stoppé! C:Program Files (x86)Microsoft Application Virtualization Clientsftvsa.exe (2640)
Stoppé! C:Program FilesPackard BellPackard Bell UpdaterUpdaterService.exe (2760)
Stoppé! C:Program Files (x86)Microsoft Application Virtualization Clientsftlist.exe (2788)
Stoppé! C:Program Files (x86)IntelIntel(R) Rapid Storage TechnologyIAStorDataMgrSvc.exe (2860)
Stoppé! C:Program Files (x86)Common FilesMicrosoft SharedVirtualization HandlerCVHSVC.EXE (3040)
Stoppé! C:Windowssystem32SearchIndexer.exe (3124)
Stoppé! C:Windowssystem32taskhost.exe (3456)
Stoppé! C:Program Files (x86)MotorolaMotoHelperMotoHelperAgent.exe (2236)
Stoppé! C:Program FilesSynapticsSynTPSynTPEnh.exe (3948)
Stoppé! C:Program FilesRealtekAudioHDARAVCpl64.exe (3984)
Stoppé! C:Program FilesPackard BellPackard Bell Power ManagementePowerTray.exe (3860)
Stoppé! C:Program Files (x86)Windows LiveMessengermsnmsgr.exe (3896)
Stoppé! C:UsersLu'crôutAppDataLocalFacebookUpdateFacebookUpdate.exe (3992)
Stoppé! C:WindowsSystem32spooldriversx643E_IATIHAE.EXE (752)
Stoppé! C:Program Files (x86)SFRKit9props.exe (3008)
Stoppé! C:WindowsSystem32spooldriversx643E_IATIEGE.EXE (544)
Stoppé! C:UsersLu'crôutAppDataRoamingSpotifyspotify.exe (2680)
Stoppé! C:UsersLu'crôutAppDataRoamingSpotifyDataSpotifyWebHelper.exe (2160)
Stoppé! C:Program Files (x86)IntelIntel(R) Rapid Storage TechnologyIAStorIcon.exe (3356)
Stoppé! C:Program Files (x86)Video Web CameraVideoWebCamera.exe (2692)
Stoppé! C:Program FilesSynapticsSynTPSynTPHelper.exe (3908)
Stoppé! C:Program Files (x86)NewTech InfosystemsPackard Bell MyBackupBackupManagerTray.exe (2712)
Stoppé! C:Program Files (x86)Launch ManagerLManager.exe (3272)
Stoppé! C:Program Files (x86)DivXDivX UpdateDivXUpdate.exe (3712)
Stoppé! C:Program Files (x86)Launch ManagerMMDx64Fx.exe (2736)
Stoppé! C:Program Files (x86)DivXDivX Plus Web PlayerDDMService.exe (4100)
Stoppé! C:Program FilesPackard BellPackard Bell Power ManagementePowerEvent.exe (4128)
Stoppé! C:Program Files (x86)MFP ServerAppCommonMFPAgent.exe (4216)
Stoppé! C:Program Files (x86)Common FilesJavaJava Updatejusched.exe (4252)
Stoppé! C:Windowssystem32ServoApp.exe (4268)
Stoppé! C:Program Files (x86)Launch ManagerLMworker.exe (4304)
Stoppé! C:Program Files (x86)iTunesiTunesHelper.exe (4360)
Stoppé! C:Program FilesAVAST SoftwareAvastAvastUI.exe (4460)
Stoppé! C:Program Files (x86)OpenOffice.org 3programsoffice.exe (1236)
Stoppé! C:Program FilesWindows Media Playerwmpnetwk.exe (128)
Stoppé! C:Program Files (x86)OpenOffice.org 3programsoffice.bin (4584)
Stoppé! C:Program FilesiPodbiniPodService.exe (4704)
Stoppé! C:Program Files (x86)IntelIntel(R) Management Engine ComponentsUNSUNS.exe (5116)
Stoppé! C:Program Files (x86)Mozilla Firefoxfirefox.exe (3388)
Stoppé! C:Program Files (x86)Mozilla Firefoxplugin-container.exe (5676)
Stoppé! C:WindowsSysWOW64MacromedFlashFlashPlayerPlugin_11_7_700_202.exe (3472)
Stoppé! C:WindowsSysWOW64MacromedFlashFlashPlayerPlugin_11_7_700_202.exe (252)
Stoppé! C:WindowsSystem32WUDFHost.exe (5052)
Stoppé! C:Windowssystem32taskeng.exe (5944)

################## | Éléments infectieux |

Supprimé! F:DM.lnk
Supprimé! F:._CV.doc.lnk
Supprimé! F:LaunchU3.exe.lnk
Supprimé! F:PROJET.lnk
Supprimé! F:Université de Cergy.docx.lnk
Supprimé! F:bookmarks.html.lnk
Supprimé! F:edc-2011-aalphacim-corrige-caledonie.pdf.lnk
Supprimé! F:Chapitre 6 Suivre les moyens de paiement et la trésorerie.docx.lnk
Supprimé! F:License(1).avastlic.lnk
Supprimé! F:Chapitre 6 Suivre les moyens de paiement et la trésorerie.xlsx.lnk
Supprimé! F:Nouveau Document Microsoft Word.doc.lnk
Supprimé! F:WMPInfo.xml.lnk
Supprimé! F:BOURSE 2012.lnk
Supprimé! F:Francais synthese.lnk
Supprimé! F:Informatique-secrétariat.lnk
Supprimé! F:System.lnk
Supprimé! F:K-LiteCODECSsFull.lnk
Supprimé! F:FD – HEUZE.lnk
Supprimé! F:Documents.lnk
Supprimé! F:A Rush Of Blood To The Head.lnk
Supprimé! F:.Trashes.lnk
Supprimé! F:.Spotlight-V100.lnk
Supprimé! F:babybidouofficiel.lnk
Supprimé! F:Anglais.lnk
Supprimé! F:CCF STAGE.lnk
Supprimé! F:CCF.lnk
Supprimé! F:cv-lettre de motiv.lnk
Supprimé! C:Program Files (x86)LP
Supprimé! C:UsersLU'CRU~1AppDataLocalTempins474C.tmp.exe
Supprimé! C:UsersLU'CRU~1AppDataLocalTempins5734.tmp.exe
Supprimé! C:UsersLU'CRU~1AppDataLocalTempcheck_hotfix_for_vista.vbs
Supprimé! C:UsersLU'CRU~1AppDataLocalTemp3774.exe
Supprimé! C:WindowsTasksAt2.job
Supprimé! C:WindowsTasksAt3.job
Supprimé! C:WindowsTasksAt4.job
Supprimé! C:WindowsTasksAt5.job
Supprimé! C:WindowsTasksAt6.job
Supprimé! C:WindowsTasksAt7.job
Supprimé! C:WindowsTasksAt8.job
Supprimé! C:WindowsTasksAt9.job
Supprimé! C:WindowsTasksAt10.job
Supprimé! C:WindowsTasksAt11.job
Supprimé! C:WindowsTasksAt12.job
Supprimé! C:WindowsTasksAt13.job
Supprimé! C:WindowsTasksAt14.job
Supprimé! C:WindowsTasksAt15.job
Supprimé! C:WindowsTasksAt16.job
Supprimé! C:WindowsTasksAt17.job
Supprimé! C:WindowsTasksAt18.job
Supprimé! C:WindowsTasksAt19.job
Supprimé! C:WindowsTasksAt20.job
Non supprimé ! E:autorun.inf

(!) Fichiers temporaires supprimés.

################## | Registre |

################## | Mountpoints2 |

Supprimé! HKCU….ExplorerMountPoints2{0a7975f5-92a8-11e0-82dc-705ab6c82103}
Supprimé! HKCU….ExplorerMountPoints2{a3e20c64-9427-11df-8ca6-705ab6c82103}
Supprimé! HKCU….ExplorerMountPoints2{ac46c931-683e-11e0-987d-705ab6c82103}

################## | Listing |

[15/07/2010 – 15:52:37 | SHD ] C:$Recycle.Bin
[19/02/2012 – 18:56:32 | D ] C:b5dca594329839ce3617afe37eab
[29/01/2012 – 20:32:34 | D ] C:Binaries
[29/01/2010 – 22:50:54 | N | 8192] C:BOOTSECT.BAK
[29/05/2013 – 21:36:01 | D ] C:Config.Msi
[14/07/2009 – 07:08:56 | SHD ] C:Documents and Settings
[05/09/2001 – 22:00:58 | N | 1700352] C:gdiplus.dll
[09/06/2013 – 14:10:08 | ASH | 3113308160] C:hiberfil.sys
[29/01/2010 – 23:02:57 | D ] C:Intel
[29/01/2010 – 23:16:28 | RHD ] C:MSOCache
[17/09/2010 – 22:11:27 | D ] C:Need4Video files
[25/06/2010 – 18:56:06 | D ] C:OEM
[03/02/2011 – 21:06:54 | D ] C:OutputFolder
[09/06/2013 – 14:10:13 | ASH | 4151078912] C:pagefile.sys
[14/07/2009 – 05:20:08 | D ] C:PerfLogs
[02/12/2012 – 15:37:47 | D ] C:Program Files
[25/05/2013 – 00:14:32 | D ] C:Program Files (x86)
[10/04/2013 – 16:57:44 | HD ] C:ProgramData
[25/06/2010 – 18:54:19 | SHD ] C:Recovery
[16/03/2010 – 04:03:32 | N | 3230] C:RHDSetup.log
[03/06/2013 – 06:50:25 | SHD ] C:System Volume Information
[10/06/2013 – 00:29:47 | D ] C:Temp
[10/06/2013 – 00:37:24 | D ] C:UsbFix
[10/06/2013 – 00:37:36 | A | 14048] C:UsbFix [Clean 1] LUCRÔUT-PC.txt
[27/05/2012 – 03:00:55 | N | 237] C:user.js
[28/06/2010 – 12:20:50 | D ] C:Users
[29/05/2013 – 21:47:57 | D ] C:Windows
[06/05/2008 – 14:26:23 | R | 309] E:autorun.inf
[23/10/2007 – 09:45:39 | R | 1336632] E:LaunchU3.exe
[06/05/2008 – 14:11:20 | R | 5600229] E:LaunchPad.zip
[09/12/2012 – 16:53:22 | D ] F:DM
[29/01/2013 – 14:40:56 | D ] F:PROJET
[29/09/2008 – 13:10:52 | N | 4096] F:._CV.doc
[29/01/2013 – 14:42:14 | D ] F:BOURSE 2012
[04/04/2013 – 13:49:22 | D ] F:Francais synthese
[10/09/2009 – 08:57:34 | D ] F:Informatique-secrétariat
[09/03/2012 – 19:29:10 | N | 12687] F:Université de Cergy.docx
[30/09/2008 – 16:53:16 | HD ] F:System
[30/09/2008 – 16:53:18 | D ] F:K-LiteCODECSsFull
[28/06/2012 – 20:34:14 | D ] F:FD – HEUZE
[30/09/2008 – 16:53:24 | D ] F:Documents
[30/09/2008 – 16:53:42 | D ] F:A Rush Of Blood To The Head
[30/09/2008 – 16:53:58 | HD ] F:.Trashes
[30/09/2008 – 16:55:34 | D ] F:.Spotlight-V100
[23/10/2007 – 09:45:40 | N | 1336632] F:LaunchU3.exe
[15/03/2012 – 16:46:20 | D ] F:babybidouofficiel
[11/04/2013 – 20:48:28 | D ] F:Anglais
[13/12/2012 – 15:36:02 | D ] F:CCF STAGE
[02/05/2012 – 09:41:16 | D ] F:CCF
[19/03/2013 – 08:59:32 | N | 354152] F:edc-2011-aalphacim-corrige-caledonie.pdf
[02/07/2010 – 15:09:20 | N | 330577] F:bookmarks.html
[08/04/2013 – 10:23:52 | N | 22558] F:Chapitre 6 Suivre les moyens de paiement et la trésorerie.docx
[08/10/2011 – 12:51:28 | N | 1643] F:License(1).avastlic
[08/04/2013 – 10:23:22 | N | 13633] F:Chapitre 6 Suivre les moyens de paiement et la trésorerie.xlsx
[28/01/2013 – 10:37:52 | N | 403] F:Lecteur de CD – Raccourci.lnk
[30/11/2008 – 13:20:52 | N | 24576] F:Nouveau Document Microsoft Word.doc
[29/01/2009 – 22:01:14 | N | 296] F:WMPInfo.xml
[15/10/2009 – 11:08:40 | D ] F:cv-lettre de motiv

################## | Vaccin |

C:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
F:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)

################## | E.O.F | https://www.usb-antivirus.com/fr/ |[/spoiler:3grgubhl]