Moutss
Participant
Nombre d'articles : 3

Bonjour Lilidurhone et merci de ton aide! :)

Voici le rapport suite à la suppression:

############################## | UsbFix V 7.152 | [Suppression]

Utilisateur: Mélanie (Administrateur) # PC-MÉLANIE
Mis à jour le 20/11/2013 par El Desaparecido – Team SosVirus
Lancé à 11:09:59 | 26/11/2013

Site Web : http://www.usbfix.net » onclick= »window.open(this.href);return false;
Forum : http://www.sosvirus.net/ » onclick= »window.open(this.href);return false;
Upload Malware : upload_malware.php
Contact : http://www.usbfix.net/contact/ » onclick= »window.open(this.href);return false;

PC: Packard Bell (EG50_HC_HR)
CPU: Intel(R) Celeron(R) CPU B830 @ 1.80GHz
RAM -> [Total : 3909 | Free : 2318]
Bios: Packard Bell
Boot: Normal boot

OS: Microsoft Windows 8.1 (6.3.9600 64-Bit)
WB: Windows Internet Explorer : 11.0.9600.16438
WB: Google Chrome : 31.0.1650.57

SC: Security Center Service [Enabled]
WU: Windows Update Service [(!) Disabled]
AV: Windows Defender [Enabled | Updated]
AS: Windows Defender : 4.3.9600.16384 (winblue_rtm.130821-1623)
FW: Windows FireWall Service [Enabled]

C: (%systemdrive%) -> Disque fixe # 279 Go (188 Go libre(s) – 67%) [Packard Bell] # NTFS
D: -> CD-ROM
E: -> Disque amovible # 7 Go (6 Go libre(s) – 83%) [USB DISK] # FAT32

################## | Processus Stoppés |

Stoppé! C:WINDOWSSystem32spoolsv.exe (ID: 1048 |ParentID: 604)
Stoppé! C:Program Files (x86)Common FilesAppleMobile Device SupportAppleMobileDeviceService.exe (ID: 1228 |ParentID: 604)
Stoppé! C:Program Files (x86)Qualcomm AtherosBluetooth Suiteadminservice.exe (ID: 1272 |ParentID: 604)
Stoppé! C:Program FilesBonjourmDNSResponder.exe (ID: 1328 |ParentID: 604)
Stoppé! C:WINDOWSsystem32dashost.exe (ID: 1368 |ParentID: 968)
Stoppé! C:Program Files (x86)Launch Managerdsiwmis.exe (ID: 1380 |ParentID: 604)
Stoppé! C:Program FilesInteliCLS ClientHeciServer.exe (ID: 1408 |ParentID: 604)
Stoppé! C:Program Files (x86)IntelIntel(R) Management Engine ComponentsDALjhi_service.exe (ID: 1424 |ParentID: 604)
Stoppé! C:WindowsRfBtnSvc64.exe (ID: 1492 |ParentID: 604)
Stoppé! C:WindowsSystem32WUDFHost.exe (ID: 2000 |ParentID: 968)
Stoppé! C:WINDOWSsystem32DllHost.exe (ID: 2672 |ParentID: 672)
Stoppé! C:Program Files (x86)Launch ManagerLMutilps32.exe (ID: 2928 |ParentID: 1380)
Stoppé! C:WINDOWSsystem32taskhostex.exe (ID: 2996 |ParentID: 864)
Stoppé! C:WINDOWSExplorer.EXE (ID: 2624 |ParentID: 2500)
Stoppé! C:Program Files (x86)Launch ManagerLManager.exe (ID: 2400 |ParentID: 2084)
Stoppé! C:Program Files (x86)GoogleUpdate1.3.21.165GoogleCrashHandler.exe (ID: 2668 |ParentID: 3036)
Stoppé! C:Program Files (x86)Launch ManagerMMDx64Fx.exe (ID: 1620 |ParentID: 2400)
Stoppé! C:WINDOWSsystem32igfxext.exe (ID: 1764 |ParentID: 672)
Stoppé! C:WINDOWSsystem32SearchIndexer.exe (ID: 2448 |ParentID: 604)
Stoppé! C:Program Files (x86)GoogleUpdate1.3.21.165GoogleCrashHandler64.exe (ID: 1264 |ParentID: 3036)
Stoppé! C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID: 2748 |ParentID: 2084)
Stoppé! C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID: 796 |ParentID: 2748)
Stoppé! C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID: 2484 |ParentID: 2748)
Stoppé! C:Program Files (x86)Qualcomm AtherosBluetooth SuiteBtvStack.exe (ID: 2252 |ParentID: 2624)
Stoppé! C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID: 3040 |ParentID: 2748)
Stoppé! C:WindowsSystem32igfxtray.exe (ID: 2832 |ParentID: 2624)
Stoppé! C:WindowsSystem32hkcmd.exe (ID: 3104 |ParentID: 2624)
Stoppé! C:Program Files (x86)Qualcomm AtherosBluetooth SuiteActivateDesktop.exe (ID: 3168 |ParentID: 2252)
Stoppé! C:WindowsSystem32igfxpers.exe (ID: 3248 |ParentID: 2624)
Stoppé! C:Program FilesElantechETDCtrl.exe (ID: 3320 |ParentID: 2624)
Stoppé! C:Program FilesRealtekAudioHDARAVCpl64.exe (ID: 3436 |ParentID: 2624)
Stoppé! C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID: 3692 |ParentID: 2748)
Stoppé! C:UsersMélanieAppDataRoamingcacaowebcacaoweb.exe (ID: 3728 |ParentID: 2624)
Stoppé! C:Program Files (x86)Common FilesAppleInternet ServicesiCloudServices.exe (ID: 3740 |ParentID: 2624)
Stoppé! C:Program Files (x86)Common FilesAppleInternet ServicesApplePhotoStreams.exe (ID: 3816 |ParentID: 2624)
Stoppé! C:Program FilesElantechETDCtrlHelper.exe (ID: 3856 |ParentID: 3320)
Stoppé! C:WindowsSystem32StikyNot.exe (ID: 3904 |ParentID: 2624)
Stoppé! C:Program FilesPackard BellPackard Bell Power ManagementePowerTray.exe (ID: 3932 |ParentID: 864)
Stoppé! C:Program Files (x86)OpenOffice.org 3programsoffice.exe (ID: 2140 |ParentID: 4008)
Stoppé! C:Program Files (x86)iTunesiTunesHelper.exe (ID: 3516 |ParentID: 3968)
Stoppé! C:Program Files (x86)OpenOffice.org 3programsoffice.bin (ID: 3572 |ParentID: 2140)
Stoppé! C:Program FilesiPodbiniPodService.exe (ID: 3684 |ParentID: 604)
Stoppé! C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID: 3656 |ParentID: 2748)
Stoppé! C:Program Files (x86)Common FilesAppleInternet ServicesAPSDaemon.exe (ID: 3988 |ParentID: 672)
Stoppé! C:Program Files (x86)IntelIntel(R) Management Engine ComponentsLMSLMS.exe (ID: 668 |ParentID: 604)
Stoppé! C:Program Files (x86)NeroUpdateNASvc.exe (ID: 4000 |ParentID: 604)
Stoppé! C:Program Files (x86)IntelIntel(R) Management Engine ComponentsUNSUNS.exe (ID: 4100 |ParentID: 604)
Stoppé! C:Program FilesPackard BellPackard Bell Power ManagementePowerSvc.exe (ID: 4132 |ParentID: 604)
Stoppé! C:Program FilesWindows Media Playerwmpnetwk.exe (ID: 4200 |ParentID: 604)
Stoppé! C:WINDOWSsystem32igfxsrvc.exe (ID: 4400 |ParentID: 672)
Stoppé! C:Program FilesPackard BellPackard Bell Power ManagementePowerEvent.exe (ID: 4488 |ParentID: 4132)
Stoppé! C:Program FilesWindowsAppsMicrosoft.Reader_6.3.9600.16422_x64__8wekyb3d8bbweglcnd.exe (ID: 4972 |ParentID: 672)
Stoppé! C:WindowsSystem32RuntimeBroker.exe (ID: 5000 |ParentID: 672)
Stoppé! C:WindowsSystem32UserAccountBroker.exe (ID: 2728 |ParentID: 672)
Stoppé! C:WINDOWSsystem32wwahost.exe (ID: 4184 |ParentID: 672)
Stoppé! C:Program FilesWindows NTAccessoriesWORDPAD.EXE (ID: 4592 |ParentID: 2624)
Stoppé! C:WINDOWSsplwow64.exe (ID: 4064 |ParentID: 3572)

################## | Regedit Run |

04 – HKLMSOFTWARE | Run : [LManager] –
04 – HKLMSOFTWARE | Run : [APSDaemon] – « C:Program Files (x86)Common FilesAppleApple Application SupportAPSDaemon.exe »
04 – HKLMSOFTWARE | Run : [iTunesHelper] – « C:Program Files (x86)iTunesiTunesHelper.exe »
04 – HKLMSOFTWAREwow6432Node | Run : [LManager] –
04 – HKLMSOFTWAREwow6432Node | Run : [APSDaemon] – « C:Program Files (x86)Common FilesAppleApple Application SupportAPSDaemon.exe »
04 – HKLMSOFTWAREwow6432Node | Run : [iTunesHelper] – « C:Program Files (x86)iTunesiTunesHelper.exe »
04 – HKLMSOFTWARE | RunOnce : [] –
04 – HKLMSOFTWAREwow6432Node | RunOnce : [] –
04 – HKLMSOFTWARE | PoliciesExplorerrun : [BtvStack] – « C:Program Files (x86)Qualcomm AtherosBluetooth SuiteBtvStack.exe »
04 – HKUS-1-5-21-2113385430-2581958625-133521667-1001SOFTWARE | Run : [GoogleChromeAutoLaunch_48BA7C306166B3A58F8B9004FB77E856] – « C:Program Files (x86)GoogleChromeApplicationchrome.exe » –no-startup-window
04 – HKUS-1-5-21-2113385430-2581958625-133521667-1001SOFTWARE | Run : [Facebook Update] – « C:UsersMélanieAppDataLocalFacebookUpdateFacebookUpdate.exe » /c /nocrashserver
04 – HKUS-1-5-21-2113385430-2581958625-133521667-1001SOFTWARE | Run : [uTorrent] – « C:UsersMélanieAppDataRoaminguTorrentuTorrent.exe » /MINIMIZED
04 – HKUS-1-5-21-2113385430-2581958625-133521667-1001SOFTWARE | Run : [cacaoweb] – « C:UsersMélanieAppDataRoamingcacaowebcacaoweb.exe » -noplayer
04 – HKUS-1-5-21-2113385430-2581958625-133521667-1001SOFTWARE | Run : [iCloudServices] – C:Program Files (x86)Common FilesAppleInternet ServicesiCloudServices.exe
04 – HKUS-1-5-21-2113385430-2581958625-133521667-1001SOFTWARE | Run : [ApplePhotoStreams] – C:Program Files (x86)Common FilesAppleInternet ServicesApplePhotoStreams.exe
04 – HKUS-1-5-21-2113385430-2581958625-133521667-1001SOFTWARE | Run : [RESTART_STICKY_NOTES] – C:WindowsSystem32StikyNot.exe

################## | Recherche générique |

Supprimé! E:Copie de strasbourg structure .lnk
Supprimé! E:problématique.lnk
Supprimé! E:zoom_sante_no36.lnk
Supprimé! E:Dossier SPAD.lnk
Supprimé! E:SPAD 2013.lnk
Supprimé! E:Exercices_Serie_1.lnk
Supprimé! E:VERGNON Mélanie.lnk
Supprimé! E:CUS.lnk

(!) Fichiers temporaires supprimés.

################## | Registre |

Réparé ! HKLMSOFTWAREMicrosoftWindowsCurrentVersionPoliciesExplorer|NoActiveDesktop -> 0
Réparé ! HKLMSOFTWAREMicrosoftWindowsCurrentVersionPoliciesExplorer|NoActiveDesktopChanges -> 0

################## | Listing |

[13/11/2013 – 10:10:55 | SHD ] C:$Recycle.Bin
[06/02/2013 – 19:29:18 | D ] C:4d Extensions
[18/06/2013 – 13:18:29 | N | 1] C:BOOTNXT
[06/02/2013 – 19:29:19 | D ] C:Database
[22/08/2013 – 15:45:52 | SHD ] C:Documents and Settings
[26/11/2013 – 10:12:46 | ASH | 3279335424] C:hiberfil.sys
[03/08/2012 – 12:18:43 | D ] C:Intel
[06/02/2013 – 19:29:25 | D ] C:Licenses
[06/02/2013 – 19:40:10 | D ] C:Modalisa60
[27/12/2012 – 17:12:59 | RHD ] C:MSOCache
[26/12/2012 – 05:53:24 | D ] C:OEM
[21/02/2013 – 22:12:50 | D ] C:Open Office
[26/11/2013 – 10:12:49 | ASH | 738197504] C:pagefile.sys
[22/08/2013 – 16:22:35 | D ] C:PerfLogs
[12/11/2013 – 23:01:13 | D ] C:Program Files
[12/11/2013 – 23:01:20 | D ] C:Program Files (x86)
[12/11/2013 – 23:01:29 | HD ] C:ProgramData
[12/11/2013 – 22:46:54 | SHD ] C:Recovery
[27/08/2012 – 23:25:00 | D ] C:sources
[26/11/2013 – 10:12:49 | ASH | 268435456] C:swapfile.sys
[22/11/2013 – 10:46:16 | SHD ] C:System Volume Information
[26/11/2013 – 11:10:44 | D ] C:UsbFix
[26/11/2013 – 11:10:46 | A | 9871] C:UsbFix [Clean 3] PC-MÉLANIE.txt
[26/11/2013 – 09:55:17 | N | 10270] C:UsbFix [Scan 1] PC-MÉLANIE.txt
[26/11/2013 – 10:11:51 | N | 7414] C:UsbFix [Scan 2] PC-MÉLANIE.txt
[12/11/2013 – 23:01:29 | RD ] C:Users
[18/11/2013 – 17:45:46 | D ] C:Windows
[18/11/2013 – 19:14:15 | D ] C:Windows.old
[01/01/1980 – 00:00:00 | N | 21] E:.cm0012
[01/01/1980 – 00:00:00 | N | 32768] E:.cmdb
[13/09/2013 – 00:09:14 | N | 517512] E:Billets_FOIRE_EUROPEENNE_2013_010002176.pdf
[14/11/2013 – 10:06:26 | N | 7622] E:histoEdi.pdf
[13/09/2013 – 00:12:04 | N | 445184] E:Billets_FOIRE_EUROPEENNE_2013_010002177.pdf
[14/11/2013 – 10:02:08 | SHD ] E:System Volume Information
[18/09/2013 – 08:41:52 | N | 140020] E:Exercices_Serie_1.pdf
[25/09/2013 – 21:52:54 | N | 66573] E:1314EXCELDossier_1.pdf
[25/09/2013 – 21:53:14 | N | 267283] E:DOC_FD_INDCVI_2007-2.pdf
[25/09/2013 – 21:53:18 | N | 146432] E:elts_cor_POP-R2004-DATA_Web.xls
[25/09/2013 – 21:53:14 | N | 6397440] E:Elts_cor_donexceldossier2strasV9703.xls
[25/09/2013 – 21:53:44 | N | 142336] E:POP-R2004-DATA_Web.xls
[25/09/2013 – 22:01:50 | N | 277759] E:1314EXCELDossier_2-2.pdf
[28/09/2013 – 17:56:54 | N | 2693120] E:1011donexceldossier2strasV9703.xls
[28/09/2013 – 18:05:06 | D ] E:SPAD 2013
[29/09/2013 – 22:51:14 | N | 4299776] E:EXEL Lundi 23 09.xls
[30/09/2013 – 08:50:54 | N | 219648] E:VERGNON Mélanie.xls
[30/09/2013 – 10:54:32 | N | 6434304] E:Elts_cor_donexceldossier2strasV9703(1) (Enregistré automatiquement).xls
[01/10/2013 – 15:25:36 | D ] E:CUS
[02/10/2013 – 11:48:08 | N | 9889] E:Classeur1.xlsx
[02/10/2013 – 11:48:26 | N | 9679] E:Classeur10.xlsx
[02/10/2013 – 11:48:46 | N | 9869] E:Classeur5.xlsx
[02/10/2013 – 11:49:06 | N | 14110] E:Classeur6.xlsx
[02/10/2013 – 11:49:22 | N | 12577] E:Classeur4.xlsx
[02/10/2013 – 11:49:38 | N | 10774] E:Classeur3.xlsx
[02/10/2013 – 11:49:58 | N | 14108] E:Classeur7.xlsx
[02/10/2013 – 11:50:10 | N | 10038] E:Classeur8.xlsx
[02/10/2013 – 11:50:24 | N | 9892] E:Classeur9.xlsx
[04/10/2013 – 10:38:38 | N | 367402486] E:The.Vampire.Diaries.S05E01.FASTSUB.VOSTFR.HDTV.XviD-F4ST.avi
[04/10/2013 – 16:51:34 | N | 19840] E:Copie de strasbourg structure .xlsx
[09/10/2013 – 10:44:32 | N | 12082] E:problématique.xlsx
[10/10/2013 – 09:47:56 | N | 57517] E:Devoir de démographie final.odt
[11/10/2013 – 17:42:42 | N | 273593974] E:The.Vampire.Diaries.S05E02.FASTSUB.VOSTFR.HDTV.x264-F4ST.mp4
[16/10/2013 – 10:42:24 | N | 1381633] E:zoom_sante_no36.pdf
[16/10/2013 – 11:47:50 | N | 15835] E:Dossier SPAD.docx
[18/10/2013 – 12:04:06 | N | 219843049] E:The.Vampire.Diaries.S05E03.FASTSUB.VOSTFR.HDTV.x264-F4ST.mp4
[18/10/2013 – 12:00:16 | N | 4452] E:The.Vampire.Diaries.S05E03.FASTSUB.VOSTFR.HDTV.x264-F4ST.torrent
[25/10/2013 – 09:13:06 | N | 252237312] E:The.Vampire.Diaries.S05E04.FASTSUB.VOSTFR.HDTV.x264-F4ST.mp4
[25/10/2013 – 09:09:38 | N | 5072] E:The.Vampire.Diaries.S05E04.FASTSUB.VOSTFR.HDTV.x264-F4ST.torrent
[01/11/2013 – 11:15:18 | N | 221252142] E:The.Vampire.Diaries.S05E05.FASTSUB.VOSTFR.HDTV.x264-F4ST.mp4
[01/11/2013 – 11:02:58 | N | 4492] E:The.Vampire.Diaries.S05E05.FASTSUB.VOSTFR.HDTV.x264-F4ST.torrent
[06/09/2013 – 18:23:14 | N | 8419] E:Notification.pdf

################## | Vaccin |

E:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)

################## | E.O.F | http://www.usbfix.net » onclick= »window.open(this.href);return false; – http://www.sosvirus.net » onclick= »window.open(this.href);return false; |