Auriane
Nombre d'articles : 0

Voila le rapport. Je vais aller changer mes mots de passe

############################## | UsbFix V 7.152 | [Suppression]

Utilisateur: aurianep (Administrateur) # AURIANE
Mis à jour le 20/11/2013 par El Desaparecido – Team SosVirus
Lancé à 21:07:11 | 01/12/2013

Site Web : http://www.usbfix.net » onclick= »window.open(this.href);return false;
Forum : http://www.sosvirus.net/ » onclick= »window.open(this.href);return false;
Upload Malware : upload_malware.php
Contact : http://www.usbfix.net/contact/ » onclick= »window.open(this.href);return false;

PC: ASUSTeK COMPUTER INC. (X200CA)
CPU: Intel(R) Celeron(R) CPU 1007U @ 1.50GHz
RAM -> [Total : 3982 | Free : 1943]
Bios: American Megatrends Inc.
Boot: Normal boot

OS: Microsoft Windows 8 (6.2.9200 64-Bit)
WB: Windows Internet Explorer : 10.0.9200.16736
WB: Google Chrome : 31.0.1650.57

SC: Security Center Service [Enabled]
WU: Windows Update Service [(!) Disabled]
AV: McAfee Anti-Virus et Anti-Spyware [(!) Disabled | Updated]
AS: Windows Defender : 4.3.0215.0
FW: Windows FireWall Service [Enabled]

C: (%systemdrive%) -> Disque fixe # 186 Go (131 Go libre(s) – 70%) [OS] # NTFS
D: -> Disque fixe # 258 Go (173 Go libre(s) – 67%) [Data] # NTFS
E: -> Disque amovible # 8 Go (8 Go libre(s) – 99%) [NOLIMIT] # FAT32

################## | Processus Stoppés |

Stoppé! C:Program FilesAVAST SoftwareAvastAvastSvc.exe (ID: 1348 |ParentID: 768)
Stoppé! C:Program FilesMcAfeeMSCMcAPExe.exe (ID: 428 |ParentID: 768)
Stoppé! C:windowssystem32mfevtps.exe (ID: 2492 |ParentID: 768)
Stoppé! C:Program FilesCommon FilesMcAfeeSystemCoremfefire.exe (ID: 1420 |ParentID: 768)
Stoppé! C:Program FilesCommon FilesMcAfeePlatformMcSvcHostMcSvHost.exe (ID: 3860 |ParentID: 768)
Stoppé! C:Program FilesCommon FilesMcAfeeAMCoremcshield.exe (ID: 3204 |ParentID: 768)
Stoppé! c:PROGRA~1mcafee.comagentMcUpdate.exe (ID: 980 |ParentID: 3860)
Stoppé! c:PROGRA~1mcafeemscmcupdmgr.exe (ID: 3120 |ParentID: 864)
Stoppé! c:PROGRA~1mcafeemqsqcshm.exe (ID: 3536 |ParentID: 864)
Stoppé! C:PROGRA~1McAfeeMSCMcInfo.exe (ID: 3728 |ParentID: 3860)
Stoppé! C:Program FilesCommon FilesMcAfeePlatformmcuicnt.exe (ID: 7588 |ParentID: 2800)
Stoppé! C:Program FilesAVAST SoftwareAvastAvastUI.exe (ID: 6632 |ParentID: 5864)
Stoppé! C:Program FilesMicrosoft Office 15ClientX64integratedoffice.exe (ID: 6416 |ParentID: 768)
Stoppé! C:Windowsexplorer.exe (ID: 8116 |ParentID: 2532)
Stoppé! C:Program FilesInteliCLS ClientHeciServer.exe (ID: 1796 |ParentID: 768)
Stoppé! C:WindowsSystem32spoolsv.exe (ID: 2200 |ParentID: 768)
Stoppé! C:WindowsSystem32WUDFHost.exe (ID: 7900 |ParentID: 884)
Stoppé! C:Windowssystem32DllHost.exe (ID: 3600 |ParentID: 864)
Stoppé! C:Program Files (x86)IntelIntel(R) Management Engine ComponentsLMSLMS.exe (ID: 8084 |ParentID: 768)
Stoppé! C:Windowssystem32FBAgent.exe (ID: 1636 |ParentID: 768)
Stoppé! C:Windowssystem32SearchIndexer.exe (ID: 5624 |ParentID: 768)
Stoppé! C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID: 5732 |ParentID: 7292)
Stoppé! C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID: 6352 |ParentID: 5732)
Stoppé! C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID: 2508 |ParentID: 5732)
Stoppé! C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID: 7032 |ParentID: 5732)
Stoppé! C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID: 6316 |ParentID: 5732)
Stoppé! C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID: 7208 |ParentID: 5732)
Stoppé! C:Program FilesWindowsAppsmicrosoft.windowscommunicationsapps_16.4.4406.1205_x64__8wekyb3d8bbweLiveComm.exe (ID: 6388 |ParentID: 864)
Stoppé! C:WindowsSystem32RuntimeBroker.exe (ID: 6976 |ParentID: 864)
Stoppé! C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID: 7864 |ParentID: 5732)

################## | Regedit Run |

04 – HKLMSOFTWARE | Run : [mcpltui_exe] – « C:Program FilesMcAfee.comAgentmcagent.exe » /runkey
04 – HKLMSOFTWARE | Run : [Adobe ARM] – « C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe »
04 – HKLMSOFTWARE | Run : [SunJavaUpdateSched] – « C:Program Files (x86)Common FilesJavaJava Updatejusched.exe »
04 – HKLMSOFTWARE | Run : [avast] – « C:Program FilesAVAST SoftwareAvastavastUI.exe » /nogui
04 – HKLMSOFTWARE | Run : [Iminent] – C:Program Files (x86)IminentIminent.exe /warmup « F77F87E5-A6BD-4922-A530-EDF63D7E9F8C »
04 – HKLMSOFTWARE | Run : [IminentMessenger] – C:Program Files (x86)IminentIminent.Messengers.exe
04 – HKLMSOFTWARE | Run : [DivXMediaServer] – C:Program Files (x86)DivXDivX Media ServerDivXMediaServer.exe
04 – HKLMSOFTWARE | Run : [DivXUpdate] – « C:Program Files (x86)DivXDivX UpdateDivXUpdate.exe » /CHECKNOW
04 – HKLMSOFTWAREwow6432Node | Run : [mcpltui_exe] – « C:Program FilesMcAfee.comAgentmcagent.exe » /runkey
04 – HKLMSOFTWAREwow6432Node | Run : [Adobe ARM] – « C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe »
04 – HKLMSOFTWAREwow6432Node | Run : [SunJavaUpdateSched] – « C:Program Files (x86)Common FilesJavaJava Updatejusched.exe »
04 – HKLMSOFTWAREwow6432Node | Run : [avast] – « C:Program FilesAVAST SoftwareAvastavastUI.exe » /nogui
04 – HKLMSOFTWAREwow6432Node | Run : [Iminent] – C:Program Files (x86)IminentIminent.exe /warmup « F77F87E5-A6BD-4922-A530-EDF63D7E9F8C »
04 – HKLMSOFTWAREwow6432Node | Run : [IminentMessenger] – C:Program Files (x86)IminentIminent.Messengers.exe
04 – HKLMSOFTWAREwow6432Node | Run : [DivXMediaServer] – C:Program Files (x86)DivXDivX Media ServerDivXMediaServer.exe
04 – HKLMSOFTWAREwow6432Node | Run : [DivXUpdate] – « C:Program Files (x86)DivXDivX UpdateDivXUpdate.exe » /CHECKNOW
04 – HKLMSOFTWARE | RunOnce : [] –
04 – HKLMSOFTWAREwow6432Node | RunOnce : [] –
04 – HKUS-1-5-21-28175745-856189450-3141033118-1001SOFTWARE | Run : [iTunesHelper] – wscript.exe //B « C:UsersaurianepAppDataLocalTempiTunesHelper.vbe »

################## | Recherche générique |

Supprimé! C:UsersaurianepAppDataLocalTempiTunesHelper.vbe
Supprimé! C:UsersaurianepAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupiTunesHelper.vbe
Supprimé! E:iTunesHelper.vbe
Supprimé! C:ProgramDataSetStretch.VBS

(!) Fichiers temporaires supprimés.

################## | Référence de comparaison MD5 |

Md5 : E1E37E7138B0593E29B2F92A453749CB -> C:UsersAll UsersSetStretch.VBS
Md5 : E1E37E7138B0593E29B2F92A453749CB -> C:ProgramDataSetStretch.VBS
Md5 : E4332D4E396A69533553966AD2836584 -> C:UsersaurianepAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupiTunesHelper.vbe
Md5 : E4332D4E396A69533553966AD2836584 -> C:UsersaurianepAppDataLocalTempiTunesHelper.vbe
Md5 : E4332D4E396A69533553966AD2836584 -> E:iTunesHelper.vbe
Md5 : E4332D4E396A69533553966AD2836584 -> C:UsersaurianepAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupiTunesHelper.vbe

################## | Comparaison MD5 |

################## | Registre |

Réparé ! HKLMSOFTWAREMicrosoftWindowsCurrentVersionPoliciesExplorer|NoActiveDesktop -> 0
Réparé ! HKLMSOFTWAREMicrosoftWindowsCurrentVersionPoliciesExplorer|NoActiveDesktopChanges -> 0
Supprimé! HKUS-1-5-21-28175745-856189450-3141033118-1001SoftwareMicrosoftWindowsCurrentVersionRun|iTunesHelper

################## | Listing |

[05/10/2013 – 14:43:33 | SHD ] C:$Recycle.Bin
[08/08/2013 – 10:36:55 | D ] C:AsusVibeData
[26/04/2013 – 09:05:33 | SD ] C:Boot
[26/07/2012 – 04:44:30 | RAS | 398156] C:bootmgr
[02/06/2012 – 15:30:55 | N | 1] C:BOOTNXT
[26/07/2012 – 08:22:08 | SHD ] C:Documents and Settings
[14/11/2013 – 13:24:04 | N | 0] C:END
[08/08/2013 – 10:36:42 | D ] C:eSupport
[26/11/2013 – 21:15:20 | ASH | 3340218368] C:hiberfil.sys
[08/08/2013 – 10:23:07 | D ] C:Intel
[26/11/2013 – 21:15:23 | ASH | 4294967296] C:pagefile.sys
[26/07/2012 – 08:33:46 | D ] C:PerfLogs
[29/11/2013 – 19:03:52 | D ] C:Program Files
[29/11/2013 – 19:03:52 | D ] C:Program Files (x86)
[01/12/2013 – 21:09:08 | D ] C:ProgramData
[06/10/2013 – 20:45:00 | D ] C:sources
[26/11/2013 – 21:15:23 | ASH | 268435456] C:swapfile.sys
[28/11/2013 – 11:12:55 | SHD ] C:System Volume Information
[01/12/2013 – 21:08:55 | D ] C:UsbFix
[01/12/2013 – 21:09:12 | A | 8243] C:UsbFix [Clean 3] AURIANE.txt
[01/12/2013 – 20:48:07 | N | 12866] C:UsbFix [Scan 1] AURIANE.txt
[30/09/2013 – 08:45:54 | RD ] C:Users
[01/12/2013 – 20:39:43 | D ] C:Windows
[17/06/2013 – 02:10:18 | N | 6293504] C:X200CA.BIN
[06/06/2013 – 03:09:25 | N | 6293504] C:X200CAP.BIN
[02/10/2013 – 19:34:41 | SHD ] D:$RECYCLE.BIN
[09/10/2013 – 07:34:11 | D ] D:18fd397672e019d53a
[14/10/2013 – 16:13:53 | D ] D:Documents
[19/11/2013 – 12:50:53 | D ] D:Films
[08/08/2013 – 10:16:22 | SHD ] D:System Volume Information
[19/11/2013 – 12:51:30 | D ] D:Séries

################## | Vaccin |

E:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)

################## | E.O.F | http://www.usbfix.net » onclick= »window.open(this.href);return false; – http://www.sosvirus.net » onclick= »window.open(this.href);return false; |