SnideMICA
Participant
Nombre d'articles : 3

Et voici le rapport après suppression:

############################## | UsbFix V 7.145 | [Suppression]

Utilisateur: michael (Administrateur) # MSI
Mis à jour le 17/10/2013 par El Desaparecido – Team SosVirus
Lancé à 11:59:58 | 28/10/2013

Site Web: http://www.usbfix.net/ » onclick= »window.open(this.href);return false;
Forum : http://www.sosvirus.net/ » onclick= »window.open(this.href);return false;
Upload Malware: upload_malware.php
Contact: http://www.usbfix.net/contact/ » onclick= »window.open(this.href);return false;

PC: Micro-Star International Co., Ltd. (MS-1756)
CPU: Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz
RAM -> [Total : 8081 | Free : 6881]
Bios: American Megatrends Inc.
Boot: Fail-safe boot

OS: Microsoft Windows 8 (6.2.9200 64-Bit) #
WB: Windows Internet Explorer 10.0.9200.16721

SC: Security Center Service [Enabled]
WU: Windows Update Service [(!) Disabled]
AV: Windows Defender [Enabled | Updated]
FW: Windows FireWall Service [(!) Disabled]

C: (%systemdrive%) -> Disque fixe # 545 Go (369 Go libre(s) – 68%) [OS_Install] # NTFS
D: -> Disque fixe # 134 Go (134 Go libre(s) – 100%) [Data] # NTFS
E: -> CD-ROM
F: -> Disque amovible # 15 Go (8 Go libre(s) – 56%) [USB20FD] # FAT32

################## | Regedit Run |

HKLMSOFTWARE | Run : [IAStorIcon] – C:Program Files (x86)IntelIntel(R) Rapid Storage TechnologyIAStorIconLaunch.exe « C:Program Files (x86)IntelIntel(R) Rapid Storage TechnologyIAStorIcon.exe » 60
HKLMSOFTWARE | Run : [THX Audio Control Panel] – « C:Program Files (x86)CreativeTHX TruStudio ProTHXAudioCPTHXAudio.exe » /r
HKLMSOFTWARE | Run : [UpdReg] – C:WindowsUpdReg.EXE
HKLMSOFTWARE | Run : [Super-Charger] – C:Program Files (x86)MSISuper-ChargerSuper-Charger.exe
HKLMSOFTWARE | Run : [RemoteControl10] – « C:Program Files (x86)CyberLinkPowerDVD10PDVD10Serv.exe »
HKLMSOFTWARE | Run : [SunJavaUpdateSched] – « C:Program Files (x86)Common FilesJavaJava Updatejusched.exe »
HKLMSOFTWARE | Run : [ApnTBMon] – « C:Program Files (x86)AskPartnerNetworkToolbarUpdaterTBNotifier.exe »
HKLMSOFTWAREwow6432Node | Run : [IAStorIcon] – C:Program Files (x86)IntelIntel(R) Rapid Storage TechnologyIAStorIconLaunch.exe « C:Program Files (x86)IntelIntel(R) Rapid Storage TechnologyIAStorIcon.exe » 60
HKLMSOFTWAREwow6432Node | Run : [THX Audio Control Panel] – « C:Program Files (x86)CreativeTHX TruStudio ProTHXAudioCPTHXAudio.exe » /r
HKLMSOFTWAREwow6432Node | Run : [UpdReg] – C:WindowsUpdReg.EXE
HKLMSOFTWAREwow6432Node | Run : [Super-Charger] – C:Program Files (x86)MSISuper-ChargerSuper-Charger.exe
HKLMSOFTWAREwow6432Node | Run : [RemoteControl10] – « C:Program Files (x86)CyberLinkPowerDVD10PDVD10Serv.exe »
HKLMSOFTWAREwow6432Node | Run : [SunJavaUpdateSched] – « C:Program Files (x86)Common FilesJavaJava Updatejusched.exe »
HKLMSOFTWAREwow6432Node | Run : [ApnTBMon] – « C:Program Files (x86)AskPartnerNetworkToolbarUpdaterTBNotifier.exe »
HKUS-1-5-21-1309738982-2199200788-1016268891-1002SOFTWARE | Run : [Steam] – « C:Program Files (x86)SteamSteam.exe » -silent
HKUS-1-5-21-1309738982-2199200788-1016268891-1002SOFTWARE | Run : [Overwolf] – C:Program Files (x86)OverwolfOverwolf.exe -silent
HKUS-1-5-21-1309738982-2199200788-1016268891-1002SOFTWARE | Run : [8jusched] – C:UsersPublicjusched.exe

################## | Processus Stoppés |

Stoppé! C:Program FilesWindows DefenderMsMpEng.exe (ID 840 |ParentID 528)
Stoppé! C:WindowsExplorer.EXE (ID 1028 |ParentID 980)
Stoppé! C:Windowssystem32ctfmon.exe (ID 1060 |ParentID 1028)
Stoppé! C:Windowshelppane.exe (ID 1284 |ParentID 640)
Stoppé! C:Windowssystem32DllHost.exe (ID 1320 |ParentID 640)

################## | Éléments infectieux |

Supprimé! C:UsersmichaelAppDataRoaming94372403ak.tmp
Supprimé! C:UsersmichaelAppDataRoaming94372403
Supprimé! C:UsersmichaelAppDataRoamingmichael-wchelper.dll
Supprimé! C:UsersmichaelAppDataLocalTempmichael7
Supprimé! C:UsersmichaelAppDataLocalTempmichael8
Supprimé! F:Autorun.inf

(!) Fichiers temporaires supprimés.

################## | Registre |

################## | Listing |

[17/07/2013 – 21:50:51 | SHD ] C:$Recycle.Bin
[26/08/2013 – 20:50:20 | D ] C:AdwCleaner
[28/10/2013 – 11:00:55 | RASHD ] C:Autorun.inf
[26/07/2012 – 04:44:30 | RASH | 398156] C:bootmgr
[02/06/2012 – 15:30:55 | N | 1] C:BOOTNXT
[28/10/2013 – 10:53:46 | SHD ] C:Config.Msi
[26/07/2012 – 08:22:08 | SHD ] C:Documents and Settings
[26/10/2013 – 08:47:40 | N | 0] C:END
[01/08/2013 – 00:34:49 | D ] C:Fraps
[28/10/2013 – 11:58:48 | ASH | 6778503168] C:hiberfil.sys
[16/10/2012 – 15:48:38 | D ] C:Intel
[28/10/2013 – 11:58:48 | ASH | 1275068416] C:pagefile.sys
[26/07/2012 – 08:33:46 | D ] C:PerfLogs
[19/10/2013 – 17:00:38 | D ] C:Program Files
[28/10/2013 – 10:45:33 | D ] C:Program Files (x86)
[28/10/2013 – 10:13:17 | HD ] C:ProgramData
[17/07/2013 – 21:50:49 | D ] C:Riot Games
[27/10/2013 – 16:13:08 | D ] C:SIERRA
[14/08/2012 – 13:28:32 | D ] C:sources
[16/10/2012 – 16:30:48 | D ] C:SuperChargerProfile
[28/10/2013 – 11:58:48 | ASH | 268435456] C:swapfile.sys
[26/10/2013 – 09:12:12 | SHD ] C:System Volume Information
[16/10/2012 – 15:55:22 | D ] C:temp
[28/10/2013 – 12:03:34 | D ] C:UsbFix
[28/10/2013 – 10:25:32 | N | 10059] C:UsbFix [Clean 1] MSI.txt
[28/10/2013 – 10:48:52 | N | 3484] C:UsbFix [Clean 4] MSI.txt
[28/10/2013 – 11:01:05 | N | 11167] C:UsbFix [Clean 5] MSI.txt
[28/10/2013 – 11:47:57 | N | 9112] C:UsbFix [Clean 6] MSI.txt
[28/10/2013 – 12:04:34 | A | 5484] C:UsbFix [Clean 7] MSI.txt
[28/10/2013 – 11:43:38 | N | 10289] C:UsbFix [Scan 1] MSI.txt
[17/07/2013 – 21:18:17 | RD ] C:Users
[28/10/2013 – 10:53:47 | D ] C:Windows
[17/07/2013 – 21:50:51 | SHD ] D:$RECYCLE.BIN
[28/10/2013 – 11:00:55 | RASHD ] D:Autorun.inf
[30/10/2012 – 03:26:34 | SHD ] D:System Volume Information
[02/10/2012 – 10:16:02 | D ] F:LOST.DIR
[02/10/2012 – 16:11:52 | N | 44032] F:DIPriv 3.wps
[28/09/2012 – 22:04:22 | N | 17920] F:DEIDH 2.wps
[05/10/2012 – 16:18:20 | N | 27648] F:DEIDH 3.wps
[02/03/2013 – 13:25:20 | N | 34697] F:Redaction memoire.docx
[28/10/2013 – 11:58:30 | D ] F:FOUND.000
[28/10/2013 – 11:58:44 | N | 3036] F:BOOTEX.LOG
[20/04/2013 – 16:27:34 | N | 29959] F:photo.jpeg
[20/04/2013 – 16:38:56 | N | 143534] F:memoire definitif.docx
[20/04/2013 – 16:01:22 | N | 40225] F:1 – page de Garde.docx
[18/09/2009 – 19:53:20 | D ] F:Propellerhead
[14/07/2013 – 03:01:40 | D ] F:Grosse Roche
[09/09/2012 – 16:09:36 | N | 780508750] F:PromeTheusWonder.avi
[09/09/2013 – 22:04:08 | D ] F:Cours_DIP
[11/03/2012 – 12:21:06 | N | 730614616] F:_Cityfr.com_tmb.t-artist.avi
[29/07/2012 – 17:50:46 | N | 736604160] F:The.Pirates.Band.Of.Misfits.2012.FRENCH.R5.MD.XViD.VH.avi
[29/07/2012 – 19:41:40 | N | 733138944] F:VOSTFRJackas(1).avi
[09/09/2013 – 23:09:52 | N | 10188324] F:TD 2 – Les competences de lEtat.zip
[07/12/2012 – 13:36:32 | D ] F:DJ Yoda – Chop Suey (2012)
[16/10/2012 – 14:59:08 | D ] F:Beastie Boys – Check Your Head (2007)
[21/08/2013 – 04:57:10 | N | 645476] F:DossierInscription_Année_Spéciale_Gestion_des_Entreprises_et_des_Administrations (1).pdf
[01/10/2012 – 15:44:22 | N | 13950042] F:1.avi.MTS.AVI
[09/09/2013 – 22:01:58 | N | 13955964] F:TD 1 – Creation de lEtat en droit international.zip
[25/11/2012 – 16:19:58 | N | 739402154] F:Cockneys Vs.Zombies.2012.LiMiTED.FANSUB.VOSTFR.DVDRiP.XViD-ARTEFAC-Top-Film.Net.avi
[11/02/2013 – 14:50:10 | D ] F:Parov Stelar – The Princess CD2 (2012)
[11/02/2013 – 14:50:54 | D ] F:Parov Stelar – The Princess CD1 (2012)
[09/09/2013 – 23:10:00 | N | 9862797] F:TD 3 – Les libertes de la mer.zip
[09/09/2013 – 23:10:04 | N | 4359067] F:TD 4 – Les libertes de lair.zip
[09/09/2013 – 22:01:24 | D ] F:Cours DIP
[21/10/2013 – 06:32:52 | N | 71054143] F:carte de séjour.rtf
[21/10/2013 – 06:24:12 | N | 18574] F:semestre 1.docx
[14/09/2012 – 04:57:32 | D ] F:Nouveau dossier

################## | Vaccin |

C:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
D:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
F:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)

################## | E.O.F | http://www.usbfix.net » onclick= »window.open(this.href);return false; – http://www.sosvirus.net » onclick= »window.open(this.href);return false; |