Répondre à : Rapport d’Usbfix 2016-09-08T13:22:31+00:00
soso02
Post count: 0

Comment on fait pour verrouiller ce que je poste ici et que d’autres ne puissent pas lire svp?

############################## | UsbFix V 7.152 | [Suppression]

Utilisateur: Anne-sophie (Administrateur) # ANNE-SOPHIE-PC
Mis à jour le 20/11/2013 par El Desaparecido – Team SosVirus
Lancé à 16:25:05 | 01/12/2013

Site Web : http://www.usbfix.net” onclick=”window.open(this.href);return false;
Forum : https://www.sosvirus.net/” onclick=”window.open(this.href);return false;
Upload Malware : upload_malware.php
Contact : http://www.usbfix.net/contact/” onclick=”window.open(this.href);return false;

PC: Packard Bell (EasyNote TK85)
CPU: Intel(R) Core(TM) i3 CPU M 370 @ 2.40GHz
RAM -> [Total : 2807 | Free : 798]
Bios: Packard Bell
Boot: Normal boot

OS: Microsoft Windows 7 Édition Familiale Premium (6.1.7601 64-Bit) Service Pack 1
WB: Windows Internet Explorer : 10.0.9200.16736
WB: Google Chrome : 31.0.1650.57

SC: Security Center Service [Enabled]
WU: Windows Update Service [Enabled]
AV: Avira Desktop [(!) Disabled | Updated]
AS: Windows Defender : 6.1.7600.16385 (win7_rtm.090713-1255)
FW: Windows FireWall Service [Enabled]

C: (%systemdrive%) -> Disque fixe # 453 Go (190 Go libre(s) – 42%) [Packard Bell] # NTFS
D: -> CD-ROM
E: -> CD-ROM
F: -> Disque amovible # 8 Go (6 Go libre(s) – 83%) [GENE] # FAT32
G: -> Disque amovible # 7 Go (5 Go libre(s) – 69%) [USB2] # FAT32
T: -> CD-ROM

################## | Processus Stoppés |

Stoppé! C:Program Files (x86)AviraAntiVir Desktopsched.exe (ID: 1496 |ParentID: 708)
Stoppé! C:Program Files (x86)AviraAntiVir Desktopavguard.exe (ID: 1884 |ParentID: 708)
Stoppé! C:Program Files (x86)AviraAntiVir Desktopavshadow.exe (ID: 3596 |ParentID: 1884)
Stoppé! C:Program Files (x86)AviraAntiVir Desktopavgnt.exe (ID: 3864 |ParentID: 3628)
Stoppé! C:Windowsexplorer.exe (ID: 6760 |ParentID: 764)
Stoppé! C:WindowsSystem32rundll32.exe (ID: 3176 |ParentID: 884)
Stoppé! C:WindowsMicrosoft.NetFramework64v3.0WPFPresentationFontCache.exe (ID: 7884 |ParentID: 708)
Stoppé! C:WindowsSystem32WUDFHost.exe (ID: 7496 |ParentID: 592)
Stoppé! C:Program Files (x86)IntelIntel(R) Management Engine ComponentsLMSLMS.exe (ID: 7276 |ParentID: 708)
Stoppé! C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSVC.EXE (ID: 7596 |ParentID: 708)
Stoppé! C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSvcM.exe (ID: 6328 |ParentID: 7596)
Stoppé! C:Windowssystem32SearchIndexer.exe (ID: 7720 |ParentID: 708)
Stoppé! C:Program FilesWindows Media Playerwmpnetwk.exe (ID: 6116 |ParentID: 708)
Stoppé! C:WindowsSystem32spoolsv.exe (ID: 6212 |ParentID: 708)
Stoppé! C:Program Files (x86)Common FilesAppleMobile Device SupportAppleMobileDeviceService.exe (ID: 1172 |ParentID: 708)
Stoppé! C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID: 1860 |ParentID: 6760)
Stoppé! C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID: 3460 |ParentID: 1860)
Stoppé! C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID: 2392 |ParentID: 1860)
Stoppé! C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID: 2164 |ParentID: 1860)
Stoppé! C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID: 1728 |ParentID: 1860)
Stoppé! C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID: 2728 |ParentID: 1860)
Stoppé! C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID: 7072 |ParentID: 1860)
Stoppé! C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID: 3156 |ParentID: 1860)
Stoppé! C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID: 2112 |ParentID: 1860)
Stoppé! C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID: 7892 |ParentID: 1860)
Stoppé! C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID: 4064 |ParentID: 1860)
Stoppé! C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID: 3008 |ParentID: 1860)
Stoppé! C:Windowssplwow64.exe (ID: 6608 |ParentID: 564)
Stoppé! C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID: 6560 |ParentID: 1860)
Stoppé! C:Windowssystem32DllHost.exe (ID: 8116 |ParentID: 884)
Stoppé! C:Windowssystem32DllHost.exe (ID: 6628 |ParentID: 884)
Stoppé! C:Windowssystem32SearchProtocolHost.exe (ID: 1944 |ParentID: 7720)
Stoppé! C:Windowssystem32SearchFilterHost.exe (ID: 5544 |ParentID: 7720)

################## | Regedit Run |

04 – HKLMSOFTWARE | Run : [IAStorIcon] – C:Program Files (x86)IntelIntel(R) Rapid Storage TechnologyIAStorIcon.exe
04 – HKLMSOFTWARE | Run : [BackupManagerTray] – “C:Program Files (x86)NewTech InfosystemsPackard Bell MyBackupBackupManagerTray.exe” -h -k
04 – HKLMSOFTWARE | Run : [VideoWebCamera] – “C:Program Files (x86)VideoWebCameraVideoWebCamera.exe” -a
04 – HKLMSOFTWARE | Run : [LManager] – C:Program Files (x86)Launch ManagerLManager.exe
04 – HKLMSOFTWARE | Run : [ExpressFiles] – “C:Program Files (x86)ExpressFilesExpressFiles.exe” -tray
04 – HKLMSOFTWARE | Run : [SwitchBoard] – C:Program Files (x86)Common FilesAdobeSwitchBoardSwitchBoard.exe
04 – HKLMSOFTWARE | Run : [AdobeCS6ServiceManager] – “C:Program Files (x86)Common FilesAdobeCS6ServiceManagerCS6ServiceManager.exe” -launchedbylogin
04 – HKLMSOFTWARE | Run : [] –
04 – HKLMSOFTWARE | Run : [Acrobat Assistant 8.0] – “C:Program Files (x86)AdobeAcrobat 10.0AcrobatAcrotray.exe”
04 – HKLMSOFTWARE | Run : [APSDaemon] – “C:Program Files (x86)Common FilesAppleApple Application SupportAPSDaemon.exe”
04 – HKLMSOFTWARE | Run : [QuickTime Task] – “C:Program Files (x86)QuickTimeQTTask.exe” -atboottime
04 – HKLMSOFTWARE | Run : [Adobe ARM] – “C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe”
04 – HKLMSOFTWARE | Run : [Adobe Acrobat Speed Launcher] – “C:Program Files (x86)AdobeAcrobat 10.0AcrobatAcrobat_sl.exe”
04 – HKLMSOFTWARE | Run : [HP Software Update] – C:Program Files (x86)HpHP Software UpdateHPWuSchd2.exe
04 – HKLMSOFTWARE | Run : [avgnt] – “C:Program Files (x86)AviraAntiVir Desktopavgnt.exe” /min
04 – HKLMSOFTWARE | Run : [PWRISOVM.EXE] – C:Program Files (x86)PowerISOPWRISOVM.EXE
04 – HKLMSOFTWARE | Run : [iTunesHelper] – “C:Program Files (x86)iTunesiTunesHelper.exe”
04 – HKLMSOFTWAREwow6432Node | Run : [IAStorIcon] – C:Program Files (x86)IntelIntel(R) Rapid Storage TechnologyIAStorIcon.exe
04 – HKLMSOFTWAREwow6432Node | Run : [BackupManagerTray] – “C:Program Files (x86)NewTech InfosystemsPackard Bell MyBackupBackupManagerTray.exe” -h -k
04 – HKLMSOFTWAREwow6432Node | Run : [VideoWebCamera] – “C:Program Files (x86)VideoWebCameraVideoWebCamera.exe” -a
04 – HKLMSOFTWAREwow6432Node | Run : [LManager] – C:Program Files (x86)Launch ManagerLManager.exe
04 – HKLMSOFTWAREwow6432Node | Run : [ExpressFiles] – “C:Program Files (x86)ExpressFilesExpressFiles.exe” -tray
04 – HKLMSOFTWAREwow6432Node | Run : [SwitchBoard] – C:Program Files (x86)Common FilesAdobeSwitchBoardSwitchBoard.exe
04 – HKLMSOFTWAREwow6432Node | Run : [AdobeCS6ServiceManager] – “C:Program Files (x86)Common FilesAdobeCS6ServiceManagerCS6ServiceManager.exe” -launchedbylogin
04 – HKLMSOFTWAREwow6432Node | Run : [] –
04 – HKLMSOFTWAREwow6432Node | Run : [Acrobat Assistant 8.0] – “C:Program Files (x86)AdobeAcrobat 10.0AcrobatAcrotray.exe”
04 – HKLMSOFTWAREwow6432Node | Run : [APSDaemon] – “C:Program Files (x86)Common FilesAppleApple Application SupportAPSDaemon.exe”
04 – HKLMSOFTWAREwow6432Node | Run : [QuickTime Task] – “C:Program Files (x86)QuickTimeQTTask.exe” -atboottime
04 – HKLMSOFTWAREwow6432Node | Run : [Adobe ARM] – “C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe”
04 – HKLMSOFTWAREwow6432Node | Run : [Adobe Acrobat Speed Launcher] – “C:Program Files (x86)AdobeAcrobat 10.0AcrobatAcrobat_sl.exe”
04 – HKLMSOFTWAREwow6432Node | Run : [HP Software Update] – C:Program Files (x86)HpHP Software UpdateHPWuSchd2.exe
04 – HKLMSOFTWAREwow6432Node | Run : [avgnt] – “C:Program Files (x86)AviraAntiVir Desktopavgnt.exe” /min
04 – HKLMSOFTWAREwow6432Node | Run : [PWRISOVM.EXE] – C:Program Files (x86)PowerISOPWRISOVM.EXE
04 – HKLMSOFTWAREwow6432Node | Run : [iTunesHelper] – “C:Program Files (x86)iTunesiTunesHelper.exe”
04 – HKLMSOFTWARE | RunOnce : [] –
04 – HKLMSOFTWAREwow6432Node | RunOnce : [] –
04 – HKUS-1-5-19SOFTWARE | Run : [Sidebar] – %ProgramFiles%Windows SidebarSidebar.exe /autoRun
04 – HKUS-1-5-20SOFTWARE | Run : [Sidebar] – %ProgramFiles%Windows SidebarSidebar.exe /autoRun
04 – HKUS-1-5-21-1131571616-3074295612-1661069531-1000SOFTWARE | Run : [msnmsgr] – “C:Program Files (x86)Windows LiveMessengermsnmsgr.exe” /background
04 – HKUS-1-5-21-1131571616-3074295612-1661069531-1000SOFTWARE | Run : [DAEMON Tools Lite] – “C:Program Files (x86)DAEMON Tools LiteDTLite.exe” -autorun
04 – HKUS-1-5-21-1131571616-3074295612-1661069531-1000SOFTWARE | Run : [RESTART_STICKY_NOTES] – C:WindowsSystem32StikyNot.exe
04 – HKUS-1-5-19SOFTWARE | RunOnce : [mctadmin] – C:WindowsSystem32mctadmin.exe
04 – HKUS-1-5-20SOFTWARE | RunOnce : [mctadmin] – C:WindowsSystem32mctadmin.exe

################## | Recherche générique |

Supprimé! F:RECYCLER.lnk
Supprimé! F:familles de mots.lnk
Supprimé! F:antonymes_synonymes (1).lnk
Supprimé! F:Mulholland.lnk
Supprimé! F:Louxor J’adore.lnk
Supprimé! F:Tenses wheel.lnk
Supprimé! F:Arguments anti.lnk
Supprimé! F:Planning école.lnk
Supprimé! F:manuel scolaire.lnk
Supprimé! F:Nouvelle Grammaire du Francais – cours de civilisation française de la Sorbonne(1).lnk
Supprimé! F:STAGE_DE_PAUW.lnk
Supprimé! F:Stage novembre gene.lnk
Supprimé! F:vocportrait.lnk
Supprimé! F:Nouveau dossier.lnk
Supprimé! F:1.lnk
Supprimé! F:14909345-une-version-noir-et-blanc-d-39-un-portrait-d-39-un-homme-pointant-vers-la-gauche.jpeg.lnk
Supprimé! F:can-stock-photo_csp10361671.lnk
Supprimé! F:black-31133_640.lnk
Supprimé! F:14911642-une-version-noir-et-blanc-d-39-un-portrait-d-39-un-homme-vetu-d-39-une-chemise-une-cravate-et-un-tab.lnk
Supprimé! F:man-cartoon-portrait-one-from.lnk
Supprimé! F:can-stock-photo_csp6672442.lnk
Supprimé! F:xavier.lnk
Supprimé! F:39afcb26a18048c7019fe81439f373784adc4bbc42113.lnk
Supprimé! F:1209864614.lnk
Supprimé! F:14909345-une-version-noir-et-blanc-d-39-un-portrait-d-39-un-homme-pointant-vers-la-gauche.lnk
Supprimé! C:UsersANNE-S~1AppDataLocalTempavgnt.exe
Supprimé! F:iTunesHelper.vbe
Supprimé! G:1L8prJDN.vbs
Non supprimé ! G:AUTORUN.INF
Supprimé! F:RecyclerS-5-3-42-2819952290-8240758988-879315005-3665

(!) Fichiers temporaires supprimés.

################## | Référence de comparaison MD5 |

Md5 : 32BEF3BB4B558ADE6CF41113628FC86D -> F:iTunesHelper.vbe
Md5 : 1E4C04178390096C24BFAEF2C46650BC -> G:1L8prJDN.vbs

################## | Comparaison MD5 |

################## | Registre |

Réparé ! HKLMSOFTWAREMicrosoftWindowsCurrentVersionPoliciesExplorer|NoActiveDesktop -> 0
Réparé ! HKLMSOFTWAREMicrosoftWindowsCurrentVersionPoliciesExplorer|NoActiveDesktopChanges -> 0
Supprimé! HKUS-1-5-21-1131571616-3074295612-1661069531-1000Software….Mountpoints2{32f85851-6918-11e2-b306-88ae1d840f2d}

################## | Listing |

[21/10/2010 – 19:51:19 | SHD ] C:$Recycle.Bin
[24/11/2010 – 01:18:41 | D ] C:5c0a522accc53d27a7372b5fc0
[14/07/2010 – 10:48:04 | RASH | 8192] C:BOOTSECT.BAK
[14/07/2009 – 06:08:56 | SHD ] C:Documents and Settings
[28/09/2010 – 20:05:45 | D ] C:Dokumente und Einstellungen
[01/12/2013 – 09:39:24 | ASH | 2207285248] C:hiberfil.sys
[19/04/2013 – 13:47:34 | D ] C:Intel
[06/08/2013 – 19:06:07 | D ] C:Kreapixel
[31/10/2010 – 14:29:43 | RHD ] C:MSOCache
[28/09/2010 – 20:29:00 | D ] C:OEM
[01/12/2013 – 09:39:32 | ASH | 2943049728] C:pagefile.sys
[14/07/2009 – 04:20:08 | D ] C:PerfLogs
[11/11/2013 – 11:26:25 | D ] C:Program Files
[01/12/2013 – 14:44:48 | D ] C:Program Files (x86)
[11/11/2013 – 11:26:24 | HD ] C:ProgramData
[28/09/2010 – 20:05:45 | D ] C:Programme
[28/09/2010 – 20:05:46 | SHD ] C:Recovery
[27/11/2013 – 22:29:28 | SHD ] C:System Volume Information
[01/12/2013 – 16:33:55 | D ] C:UsbFix
[01/12/2013 – 16:34:00 | A | 12169] C:UsbFix [Clean 1] ANNE-SOPHIE-PC.txt
[01/12/2013 – 15:10:17 | N | 15556] C:UsbFix [Scan 1] ANNE-SOPHIE-PC.txt
[19/06/2012 – 22:00:54 | N | 3023] C:user.js
[28/09/2010 – 20:07:27 | RD ] C:Users
[27/11/2013 – 06:25:37 | D ] C:Windows
[22/04/2013 – 21:57:24 | N | 147762] F:familles de mots.pdf
[22/04/2013 – 21:16:08 | N | 270537] F:antonymes_synonymes (1).pdf
[07/03/2013 – 10:34:06 | N | 674871296] F:Mulholland.Drive.5BDivX.Fr.French.Francais5D.avi
[08/11/2010 – 07:15:18 | N | 4833001] F:Louxor J’adore.mp3
[09/08/2013 – 10:04:26 | D ] F:STAGE_DE_PAUW
[13/08/2013 – 22:11:20 | N | 800955] F:Tenses wheel.pdf
[28/08/2013 – 15:26:24 | N | 102015] F:Arguments anti.docx
[23/09/2013 – 21:17:44 | N | 22040] F:Planning école.docx
[08/10/2013 – 10:00:34 | N | 389644] F:manuel scolaire.docx
[08/11/2013 – 00:19:20 | N | 96914954] F:Nouvelle Grammaire du Francais – cours de civilisation française de la Sorbonne(1).pdf
[25/10/2013 – 19:09:46 | D ] F:Stage novembre gene
[12/11/2013 – 11:11:16 | D ] F:Nouveau dossier
[12/11/2013 – 10:57:38 | N | 49734] F:1.jpg
[12/11/2013 – 10:59:44 | N | 24228] F:14909345-une-version-noir-et-blanc-d-39-un-portrait-d-39-un-homme-pointant-vers-la-gauche.jpg
[12/11/2013 – 11:00:08 | N | 27185] F:can-stock-photo_csp10361671.jpg
[12/11/2013 – 11:00:54 | N | 73801] F:black-31133_640.png
[18/05/2010 – 10:14:56 | SHD ] F:RECYCLER
[12/11/2013 – 11:02:28 | N | 6816] F:14911642-une-version-noir-et-blanc-d-39-un-portrait-d-39-un-homme-vetu-d-39-une-chemise-une-cravate-et-un-tab.jpg
[12/11/2013 – 11:01:54 | N | 34945] F:man-cartoon-portrait-one-from.jpg
[12/11/2013 – 11:03:12 | N | 31392] F:can-stock-photo_csp6672442.jpg
[12/11/2013 – 11:16:46 | N | 9291] F:xavier.png
[12/11/2013 – 11:17:28 | N | 12847] F:39afcb26a18048c7019fe81439f373784adc4bbc42113.jpg
[12/11/2013 – 11:04:28 | N | 143456] F:1209864614.jpg
[21/10/2013 – 21:02:52 | D ] G:projet AS
[22/10/2012 – 13:24:36 | SH | 4096] G:._.Trashes
[22/10/2012 – 13:24:36 | SHD ] G:.Trashes
[21/02/2013 – 16:14:30 | N | 25600] G:~WRL0001.tmp
[06/10/2013 – 18:12:24 | D ] G:ndls
[22/10/2012 – 13:24:38 | SHD ] G:.Spotlight-V100
[24/09/2013 – 11:38:10 | D ] G:Journalisme
[24/10/2012 – 13:30:54 | N | 95151] G:._Fleurs.psd
[23/02/2013 – 17:41:10 | N | 26112] G:~WRL0002.tmp
[25/02/2013 – 18:37:26 | N | 260767] G:._Bell MT
[04/11/2012 – 19:47:40 | N | 4096] G:._travail anne so defoort bon !!.docx
[17/12/2012 – 14:10:12 | SHD ] G:.TemporaryItems
[17/12/2012 – 14:10:12 | SH | 4096] G:._.TemporaryItems
[24/04/2013 – 15:11:38 | N | 4176] G:._piouu.ai
[27/03/2013 – 15:17:46 | N | 4176] G:._refaire.ai
[22/04/2013 – 10:17:48 | N | 4176] G:._Exercice 4.ai
[25/02/2013 – 19:32:26 | N | 18075] G:._silhouette.psd
[25/02/2013 – 19:29:00 | N | 4096] G:._gourdin-gonflable.jpg
[27/11/2013 – 11:53:22 | D ] G:problème raccourcis virus
[06/03/2013 – 10:22:32 | N | 62371] G:._bon nature.psd
[06/03/2013 – 10:23:04 | N | 128482] G:._final doc avec fond.psd
[22/04/2013 – 08:25:34 | N | 4096] G:._Exercice 4_PROCEDE.pdf
[04/11/2013 – 08:54:44 | D ] G:Cinémania
[27/03/2013 – 15:15:08 | N | 4176] G:._Exercice cropcircle.ai
[25/03/2013 – 16:25:42 | N | 4176] G:._Exercice 1.ai
[25/03/2013 – 17:40:42 | N | 4176] G:._Exercice 2.ai
[03/05/2013 – 15:15:16 | N | 4096] G:._Les Restos du Cœur Belgique .docx
[22/04/2013 – 10:17:40 | N | 4176] G:._Casteele Anne-Sophie Masque chinois.ai
[10/04/2013 – 13:17:52 | D ] G:affaire de julie et océane photoshop
[24/09/2013 – 13:43:26 | N | 4096] G:._CV-Etudiante 2013.doc
[24/09/2013 – 13:34:28 | D ] G:site Web Casteele A-S Dreamweaver
[25/11/2013 – 12:39:16 | N | 5774] G:Cinémania.html
[04/11/2013 – 10:17:20 | N | 4096] G:._Cinémania.html
[13/05/2013 – 13:29:58 | N | 4176] G:._Casteele Anne-Sophie Masque chinois noir et blanc.ai
[24/08/2010 – 17:25:10 | D ] G:Utility_TEW-421PC_423PI WHQL
[13/05/2013 – 13:29:56 | N | 4176] G:._Casteele Anne-Sophie Masque chinois couleur.ai
[29/04/2013 – 08:48:46 | N | 4176] G:._exercice5-COLORIAGE.ai
[30/09/2013 – 13:36:40 | D ] G:photo avec océ
[29/04/2013 – 10:23:00 | N | 4176] G:._travail sur la couleur.ai
[25/11/2013 – 16:54:00 | N | 4096] G:._économie 1.fcp
[21/09/2012 – 14:21:00 | H | 16] G:AUTORUN.INF
[25/11/2013 – 16:55:02 | N | 4096] G:._économie 1 – copie.fcp
[07/05/2013 – 18:26:42 | N | 132] G:.~lock.mouvement punk.odt#
[13/05/2013 – 13:29:50 | N | 4176] G:._casteele anne-sophie exercices 6,2.ai
[13/05/2013 – 15:18:38 | N | 4176] G:._EXERCICE7.ai

################## | Vaccin |

F:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)

################## | E.O.F | http://www.usbfix.net” onclick=”window.open(this.href);return false; – https://www.sosvirus.net” onclick=”window.open(this.href);return false; |