valou08
Participant
Nombre d'articles : 5

Et voilà le rapport:

############################## | UsbFix V 7.151 | [Suppression]

Utilisateur: valou08 (Administrateur) # VAIO
Mis à jour le 19/11/2013 par El Desaparecido – Team SosVirus
Lancé à 12:37:31 | 20/11/2013

Site Web : http://www.usbfix.net » onclick= »window.open(this.href);return false;
Forum : http://www.sosvirus.net/ » onclick= »window.open(this.href);return false;
Upload Malware : upload_malware.php
Contact : http://www.usbfix.net/contact/ » onclick= »window.open(this.href);return false;

PC: Sony Corporation (VAIO)
CPU: Intel(R) Pentium(R) CPU B980 @ 2.40GHz
RAM -> [Total : 4043 | Free : 2593]
Bios: Insyde Corp.
Boot: Normal boot

OS: Microsoft Windows 8 (6.2.9200 64-Bit)
WB: Windows Internet Explorer : 10.0.9200.16721
WB: Google Chrome : 31.0.1650.57
WB: Mozilla Firefox : 25.0.1

SC: Security Center Service [(!) Disabled]
WU: Windows Update Service [(!) Disabled]
AV: Protection antivirus et antispyware McAfee [(!) Disabled | Updated]
AS: Windows Defender : 4.3.0215.0
FW: Windows FireWall Service [(!) Disabled]

C: (%systemdrive%) -> Disque fixe # 434 Go (267 Go libre(s) – 61%) [] # NTFS
D: -> CD-ROM
E: -> Disque amovible # 15 Go (13 Go libre(s) – 91%) [INTENSO] # FAT32
F: -> CD-ROM
G: -> Disque amovible # 983 Mo (983 Mo libre(s) – 100%) [HYBRID] # FAT

################## | Processus Stoppés |

Stoppé! C:Windowssystem32atiesrxx.exe (ID: 348 |ParentID: 788)
Stoppé! C:Windowssystem32atieclxx.exe (ID: 1128 |ParentID: 348)
Stoppé! C:Program FilesAVAST SoftwareAvastAvastSvc.exe (ID: 1488 |ParentID: 788)
Stoppé! C:WindowsSystem32spoolsv.exe (ID: 1700 |ParentID: 788)
Stoppé! C:Program Files (x86)Common FilesAppleMobile Device SupportAppleMobileDeviceService.exe (ID: 1876 |ParentID: 788)
Stoppé! C:Program Files (x86)Bluetooth Suiteadminservice.exe (ID: 1908 |ParentID: 788)
Stoppé! C:Program FilesBonjourmDNSResponder.exe (ID: 1944 |ParentID: 788)
Stoppé! C:Windowssystem32dashost.exe (ID: 2032 |ParentID: 1248)
Stoppé! C:Program FilesInteliCLS ClientHeciServer.exe (ID: 1336 |ParentID: 788)
Stoppé! C:Program Files (x86)IntelIntel(R) Management Engine ComponentsDALjhi_service.exe (ID: 1028 |ParentID: 788)
Stoppé! C:Program Files (x86)SonyPlayMemories HomePMBDeviceInfoProvider.exe (ID: 1796 |ParentID: 788)
Stoppé! C:Program Files (x86)SonyVAIO Control CenterVESMgr.exe (ID: 2144 |ParentID: 788)
Stoppé! C:Program Files (x86)Bluetooth SuiteAth_CoexAgent.exe (ID: 2200 |ParentID: 788)
Stoppé! C:Program Files (x86)SonyVAIO Control CenterVESMgrSub.exe (ID: 2220 |ParentID: 2144)
Stoppé! C:Program Files (x86)SonyVAIO Control CenterVESMgrSub.exe (ID: 2228 |ParentID: 2144)
Stoppé! C:WindowsSysWOW64DllHost.exe (ID: 2784 |ParentID: 920)
Stoppé! C:Windowssystem32taskhostex.exe (ID: 3228 |ParentID: 788)
Stoppé! C:WindowsExplorer.EXE (ID: 3344 |ParentID: 3292)
Stoppé! C:Program FilesSynapticsSynTPSynTPEnh.exe (ID: 3464 |ParentID: 788)
Stoppé! C:Program FilesSonyVAIO GateVAIO Gate.exe (ID: 3592 |ParentID: 788)
Stoppé! C:Program Files (x86)SonyVAIO Control CenterNetworkSettingNetworkClient.EXE (ID: 3604 |ParentID: 788)
Stoppé! C:WindowsSystem32WUDFHost.exe (ID: 3668 |ParentID: 1248)
Stoppé! C:PROGRAM FILESSYNAPTICSSYNTPSYNTPHELPER.EXE (ID: 3944 |ParentID: 3620)
Stoppé! C:Windowssystem32DllHost.exe (ID: 4016 |ParentID: 920)
Stoppé! C:Windowssystem32SearchIndexer.exe (ID: 2844 |ParentID: 788)
Stoppé! C:Program FilesRealtekAudioHDARAVBg64.exe (ID: 3628 |ParentID: 3344)
Stoppé! C:Program Files (x86)SkypePhoneSkype.exe (ID: 2896 |ParentID: 3344)
Stoppé! C:Program Files (x86)HPDigital Imagingbinhpqtra08.exe (ID: 3656 |ParentID: 3344)
Stoppé! C:Program Files (x86)SonyISB UtilityISBMgr.exe (ID: 340 |ParentID: 3760)
Stoppé! C:Program Files (x86)SonyPlayMemories HomePMBVolumeWatcher.exe (ID: 3812 |ParentID: 3760)
Stoppé! C:Program Files (x86)HPHP Software Updatehpwuschd2.exe (ID: 1176 |ParentID: 3760)
Stoppé! C:Program Files (x86)Mozilla Firefoxfirefox.exe (ID: 2168 |ParentID: 3344)
Stoppé! C:Program Files (x86)HPDigital ImagingbinhpqSTE08.exe (ID: 872 |ParentID: 3656)
Stoppé! C:Program Files (x86)iTunesiTunesHelper.exe (ID: 2868 |ParentID: 3760)
Stoppé! C:Program Files (x86)HPDigital Imagingbinhpqbam08.exe (ID: 3888 |ParentID: 920)
Stoppé! C:Program FilesAVAST SoftwareAvastAvastUI.exe (ID: 3200 |ParentID: 3760)
Stoppé! C:Program FilesiPodbiniPodService.exe (ID: 632 |ParentID: 788)
Stoppé! C:Program Files (x86)HPDigital Imagingbinhpqgpc01.exe (ID: 3808 |ParentID: 920)
Stoppé! C:Program Files (x86)Bluetooth SuiteBtTray.exe (ID: 4996 |ParentID: 3548)
Stoppé! C:Program Files (x86)Bluetooth SuiteBtvStack.exe (ID: 5004 |ParentID: 3548)
Stoppé! C:Program Files (x86)RealtekRealtek PCIE Card ReaderRIconMan.exe (ID: 4272 |ParentID: 788)
Stoppé! C:Program Files (x86)IntelIntel(R) Management Engine ComponentsFWServiceIntelMeFWService.exe (ID: 1168 |ParentID: 788)
Stoppé! C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticMOM.exe (ID: 4428 |ParentID: 1052)
Stoppé! C:Program Files (x86)IntelIntel(R) Management Engine ComponentsLMSLMS.exe (ID: 4468 |ParentID: 788)
Stoppé! C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticCCC.exe (ID: 4772 |ParentID: 4428)
Stoppé! C:Program FilesSonyVAIO CareVCPerfService.exe (ID: 4796 |ParentID: 788)
Stoppé! C:Program FilesSonyVAIO UpdateVAIOUpdt.exe (ID: 5256 |ParentID: 788)
Stoppé! C:Program FilesSonyVAIO Carelistener.exe (ID: 5264 |ParentID: 4796)
Stoppé! C:Program FilesSonyVAIO UpdateVUAgent.exe (ID: 5364 |ParentID: 788)
Stoppé! C:Program Files (x86)IntelIntel(R) Management Engine ComponentsUNSUNS.exe (ID: 5744 |ParentID: 788)
Stoppé! C:Program FilesWindows Media Playerwmpnetwk.exe (ID: 5796 |ParentID: 788)
Stoppé! C:Program FilesSonyVAIO Improvementvim.exe (ID: 4868 |ParentID: 788)
Stoppé! C:Program FilesSonyVAIO Improvementvim.exe (ID: 2208 |ParentID: 788)
Stoppé! C:Program FilesSonyVAIO CareVCSystemTray.exe (ID: 3576 |ParentID: 788)
Stoppé! C:Program FilesSonyVAIO CareVCService.exe (ID: 5244 |ParentID: 788)
Stoppé! C:Program FilesSonyVAIO CareVCAgent.exe (ID: 5752 |ParentID: 5244)
Stoppé! C:Windowssystem32SearchProtocolHost.exe (ID: 5124 |ParentID: 2844)
Stoppé! C:Windowssystem32SearchFilterHost.exe (ID: 60 |ParentID: 2844)

################## | Regedit Run |

04 – HKLMSOFTWARE | Run : [StartCCC] – « C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticCLIStart.exe » MSRun
04 – HKLMSOFTWARE | Run : [ISBMgr.exe] – « C:Program Files (x86)SonyISB UtilityISBMgr.exe »
04 – HKLMSOFTWARE | Run : [PMBVolumeWatcher] – C:Program Files (x86)SonyPlayMemories HomePMBVolumeWatcher.exe
04 – HKLMSOFTWARE | Run : [Adobe Reader Speed Launcher] – « c:Program Files (x86)AdobeReader 10.0ReaderReader_sl.exe »
04 – HKLMSOFTWARE | Run : [Adobe ARM] – « c:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe »
04 – HKLMSOFTWARE | Run : [Intel AppUp(SM) center] – « C:Program Files (x86)IntelIntelAppStorebinismagent.exe » –domain-id F0399437-FD0C-4A48-B101-F0314A6172E4
04 – HKLMSOFTWARE | Run : [GrooveMonitor] – « C:Program Files (x86)Microsoft OfficeOffice12GrooveMonitor.exe »
04 – HKLMSOFTWARE | Run : [HP Software Update] – C:Program Files (x86)HPHP Software UpdateHPWuSchd2.exe
04 – HKLMSOFTWARE | Run : [APSDaemon] – « C:Program Files (x86)Common FilesAppleApple Application SupportAPSDaemon.exe »
04 – HKLMSOFTWARE | Run : [beid] – « C:Program Files (x86)Belgium Identity Cardbeid35gui.exe » /startup
04 – HKLMSOFTWARE | Run : [QuickTime Task] – « C:Program Files (x86)QuickTimeQTTask.exe » -atboottime
04 – HKLMSOFTWARE | Run : [iTunesHelper] – « C:Program Files (x86)iTunesiTunesHelper.exe »
04 – HKLMSOFTWARE | Run : [AvastUI.exe] – « C:Program FilesAVAST SoftwareAvastAvastUI.exe » /nogui
04 – HKLMSOFTWAREwow6432Node | Run : [StartCCC] – « C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticCLIStart.exe » MSRun
04 – HKLMSOFTWAREwow6432Node | Run : [ISBMgr.exe] – « C:Program Files (x86)SonyISB UtilityISBMgr.exe »
04 – HKLMSOFTWAREwow6432Node | Run : [PMBVolumeWatcher] – C:Program Files (x86)SonyPlayMemories HomePMBVolumeWatcher.exe
04 – HKLMSOFTWAREwow6432Node | Run : [Adobe Reader Speed Launcher] – « c:Program Files (x86)AdobeReader 10.0ReaderReader_sl.exe »
04 – HKLMSOFTWAREwow6432Node | Run : [Adobe ARM] – « c:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe »
04 – HKLMSOFTWAREwow6432Node | Run : [Intel AppUp(SM) center] – « C:Program Files (x86)IntelIntelAppStorebinismagent.exe » –domain-id F0399437-FD0C-4A48-B101-F0314A6172E4
04 – HKLMSOFTWAREwow6432Node | Run : [GrooveMonitor] – « C:Program Files (x86)Microsoft OfficeOffice12GrooveMonitor.exe »
04 – HKLMSOFTWAREwow6432Node | Run : [HP Software Update] – C:Program Files (x86)HPHP Software UpdateHPWuSchd2.exe
04 – HKLMSOFTWAREwow6432Node | Run : [APSDaemon] – « C:Program Files (x86)Common FilesAppleApple Application SupportAPSDaemon.exe »
04 – HKLMSOFTWAREwow6432Node | Run : [beid] – « C:Program Files (x86)Belgium Identity Cardbeid35gui.exe » /startup
04 – HKLMSOFTWAREwow6432Node | Run : [QuickTime Task] – « C:Program Files (x86)QuickTimeQTTask.exe » -atboottime
04 – HKLMSOFTWAREwow6432Node | Run : [iTunesHelper] – « C:Program Files (x86)iTunesiTunesHelper.exe »
04 – HKLMSOFTWAREwow6432Node | Run : [AvastUI.exe] – « C:Program FilesAVAST SoftwareAvastAvastUI.exe » /nogui
04 – HKLMSOFTWARE | RunOnce : [] –
04 – HKLMSOFTWAREwow6432Node | RunOnce : [] –
04 – HKUS-1-5-21-3336193131-428724718-2682413929-1001SOFTWARE | Run : [Skype] – « C:Program Files (x86)SkypePhoneSkype.exe » /minimized /regrun
04 – HKUS-1-5-21-3336193131-428724718-2682413929-1001SOFTWARE | Run : [Google Update] –

################## | Recherche générique |

Non supprimé ! F:autorun.inf

(!) Fichiers temporaires supprimés.

################## | Registre |

Réparé ! HKLMSOFTWAREMicrosoftWindowsCurrentVersionPoliciesExplorer|NoActiveDesktop -> 0
Réparé ! HKLMSOFTWAREMicrosoftWindowsCurrentVersionPoliciesExplorer|NoActiveDesktopChanges -> 0

################## | Listing |

[28/11/2012 – 18:47:22 | SHD ] C:$Recycle.Bin
[17/11/2013 – 13:09:05 | D ] C:AdwCleaner
[26/07/2012 – 04:44:30 | RASH | 398156] C:bootmgr
[02/06/2012 – 15:30:55 | N | 1] C:BOOTNXT
[23/03/2013 – 12:14:31 | D ] C:Documentation
[26/07/2012 – 08:22:08 | SHD ] C:Documents and Settings
[08/08/2013 – 11:13:21 | D ] C:Downloads
[20/03/2013 – 12:44:39 | D ] C:drivers
[20/11/2013 – 11:35:24 | N | 64100] C:Extras.Txt
[22/09/2012 – 19:46:32 | N | 123580] C:firecore.log
[17/01/2013 – 22:12:40 | D ] C:found.000
[11/04/2013 – 20:21:09 | D ] C:found.001
[09/05/2013 – 20:33:50 | D ] C:found.002
[20/11/2013 – 12:12:25 | ASH | 3391741952] C:hiberfil.sys
[22/09/2012 – 19:03:38 | D ] C:Intel
[02/12/2012 – 11:16:03 | RHD ] C:MSOCache
[20/11/2013 – 11:35:14 | N | 233052] C:OTL.Txt
[20/11/2013 – 12:12:28 | ASH | 4294967296] C:pagefile.sys
[26/07/2012 – 08:33:46 | D ] C:PerfLogs
[20/11/2013 – 11:06:22 | N | 512] C:PhysicalMBR.bin
[17/11/2013 – 18:16:01 | D ] C:Program Files
[17/11/2013 – 18:55:42 | D ] C:Program Files (x86)
[20/11/2013 – 12:05:38 | HD ] C:ProgramData
[22/09/2012 – 19:08:40 | N | 2227] C:RHDSetup.log
[22/09/2012 – 18:58:48 | D ] C:sources
[20/11/2013 – 12:12:28 | ASH | 268435456] C:swapfile.sys
[20/11/2013 – 11:31:38 | SHD ] C:System Volume Information
[17/10/2013 – 20:03:13 | D ] C:Update
[20/11/2013 – 12:38:34 | D ] C:UsbFix
[20/11/2013 – 12:38:37 | A | 11660] C:UsbFix [Clean 1] VAIO.txt
[28/11/2012 – 18:42:55 | RD ] C:Users
[20/11/2013 – 12:12:28 | D ] C:Windows
[20/11/2013 – 12:05:37 | D ] C:_OTL
[17/11/2013 – 10:11:50 | N | 365252624] E:Supernatural.S08E15.FRENCH.DVDRIP.XviD-ArRoWs.zone-telechargement.com.avi
[16/11/2013 – 16:51:58 | N | 365039632] E:Supernatural.S08E12.FRENCH.DVDRIP.XviD-ArRoWs.zone-telechargement.com.avi
[16/11/2013 – 18:25:46 | N | 365217808] E:Supernatural.S08E13.FRENCH.DVDRIP.XviD-ArRoWs.zone-telechargement.com.avi
[16/11/2013 – 19:40:16 | N | 364875792] E:Supernatural.S08E14.FRENCH.DVDRIP.XviD-ArRoWs.zone-telechargement.com.avi
[20/11/2013 – 10:22:52 | RASHD ] E:Autorun.inf
[12/02/2007 – 20:53:42 | R | 277] F:autorun.inf
[13/02/2007 – 02:33:37 | R | 1110016] F:LaunchU3.exe
[13/02/2007 – 03:23:09 | R | 4558081] F:LaunchPad.zip
[25/10/2012 – 08:11:34 | N | 30720] G:motivation-arbsa.doc
[20/11/2013 – 10:22:54 | RASHD ] G:Autorun.inf

################## | Vaccin |

E:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
G:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)

################## | E.O.F | http://www.usbfix.net » onclick= »window.open(this.href);return false; – http://www.sosvirus.net » onclick= »window.open(this.href);return false; |