nonomajor
Nombre d'articles : 0

Voilà le rapport de la suppression :

############################## | UsbFix V 7.155 | [Suppression]

Utilisateur: Utilisateur (Administrateur) # UTILISATEUR-HP
Mis à jour le 16/12/2013 par El Desaparecido – Team SosVirus
Lancé à 22:07:23 | 19/12/2013

Site Web : http://www.usbfix.net” onclick=”window.open(this.href);return false;
Forum : https://www.sosvirus.net/” onclick=”window.open(this.href);return false;
Upload Malware : upload_malware.php
Contact : http://www.usbfix.net/contact/” onclick=”window.open(this.href);return false;

PC: Hewlett-Packard (338B)
CPU: Intel(R) Core(TM) i3 CPU M 370 @ 2.40GHz
RAM -> [Total : 3894 | Free : 2327]
Bios: Insyde
Boot: Normal boot

OS: Microsoft Windows 7 Édition Familiale Premium (6.1.7601 64-Bit) Service Pack 1
WB: Windows Internet Explorer : 11.0.9600.16476
WB: Google Chrome : 31.0.1650.63
WB: Mozilla Firefox : 22.0

SC: Security Center Service [Enabled]
WU: Windows Update Service [Enabled]
AV: ESET NOD32 Antivirus 6.0 [Enabled | Updated]
AS: Windows Defender : 6.1.7600.16385 (win7_rtm.090713-1255)
FW: Windows FireWall Service [Enabled]

C: (%systemdrive%) -> Disque fixe # 684 Go (584 Go libre(s) – 85%) [] # NTFS
D: -> Disque fixe # 15 Go (2 Go libre(s) – 11%) [RECOVERY] # NTFS
E: -> CD-ROM
F: -> Disque fixe # 99 Mo (84 Mo libre(s) – 85%) [HP_TOOLS] # FAT32
H: -> Disque amovible # 15 Go (6 Go libre(s) – 43%) [NONO] # FAT32

################## | Processus Stoppés |

Stoppé! C:Program FilesESETESET NOD32 Antivirusx86ekrn.exe (ID: 1680 |ParentID: 684)
Stoppé! C:Program FilesESETESET NOD32 Antivirusegui.exe (ID: 3688 |ParentID: 2216)
Stoppé! C:WindowsSystem32rundll32.exe (ID: 708 |ParentID: 816)
Stoppé! C:WindowsSystem32WUDFHost.exe (ID: 2796 |ParentID: 1008)
Stoppé! C:Program Files (x86)IntelIntel(R) Management Engine ComponentsLMSLMS.exe (ID: 5364 |ParentID: 684)
Stoppé! C:Windowssystem32SearchIndexer.exe (ID: 3820 |ParentID: 684)
Stoppé! C:Windowssystem32DllHost.exe (ID: 1060 |ParentID: 816)
Stoppé! C:Program FilesWIDCOMMBluetooth Softwarebtwdins.exe (ID: 3324 |ParentID: 684)
Stoppé! C:Program Files (x86)Hewlett-PackardHP Support Frameworkhpsa_service.exe (ID: 4212 |ParentID: 684)
Stoppé! C:Program FilesInternet Exploreriexplore.exe (ID: 5152 |ParentID: 5880)
Stoppé! C:Program Files (x86)Internet ExplorerIEXPLORE.EXE (ID: 2252 |ParentID: 5152)
Stoppé! C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSVC.EXE (ID: 5432 |ParentID: 684)
Stoppé! C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSvcM.exe (ID: 5196 |ParentID: 5432)
Stoppé! C:WindowsSystem32MsSpellCheckingFacility.exe (ID: 3532 |ParentID: 816)
Stoppé! C:Program Files (x86)Internet ExplorerIEXPLORE.EXE (ID: 5584 |ParentID: 5152)
Stoppé! C:Windowssystem32taskhost.exe (ID: 5656 |ParentID: 684)

################## | Regedit Run |

04 – HKLMSOFTWARE | Run : [IAStorIcon] – C:Program Files (x86)IntelIntel(R) Rapid Storage TechnologyIAStorIcon.exe
04 – HKLMSOFTWARE | Run : [IMSS] – “C:Program Files (x86)IntelIntel(R) Management Engine ComponentsIMSSPIconStartup.exe”
04 – HKLMSOFTWARE | Run : [Easybits Recovery] – C:Program Files (x86)EasyBits For KidsezRecover.exe
04 – HKLMSOFTWARE | Run : [SunJavaUpdateSched] – “C:Program Files (x86)Common FilesJavaJava Updatejusched.exe”
04 – HKLMSOFTWARE | Run : [HP Quick Launch] – C:Program Files (x86)Hewlett-PackardHP Quick LaunchHPMSGSVC.exe
04 – HKLMSOFTWARE | Run : [HPOSD] – C:Program Files (x86)Hewlett-PackardHP On Screen DisplayHPOSD.exe
04 – HKLMSOFTWARE | Run : [HPConnectionManager] – C:Program Files (x86)Hewlett-PackardHP Connection ManagerHPCMDelayStart.exe
04 – HKLMSOFTWARE | Run : [] –
04 – HKLMSOFTWAREwow6432Node | Run : [IAStorIcon] – C:Program Files (x86)IntelIntel(R) Rapid Storage TechnologyIAStorIcon.exe
04 – HKLMSOFTWAREwow6432Node | Run : [IMSS] – “C:Program Files (x86)IntelIntel(R) Management Engine ComponentsIMSSPIconStartup.exe”
04 – HKLMSOFTWAREwow6432Node | Run : [Easybits Recovery] – C:Program Files (x86)EasyBits For KidsezRecover.exe
04 – HKLMSOFTWAREwow6432Node | Run : [SunJavaUpdateSched] – “C:Program Files (x86)Common FilesJavaJava Updatejusched.exe”
04 – HKLMSOFTWAREwow6432Node | Run : [HP Quick Launch] – C:Program Files (x86)Hewlett-PackardHP Quick LaunchHPMSGSVC.exe
04 – HKLMSOFTWAREwow6432Node | Run : [HPOSD] – C:Program Files (x86)Hewlett-PackardHP On Screen DisplayHPOSD.exe
04 – HKLMSOFTWAREwow6432Node | Run : [HPConnectionManager] – C:Program Files (x86)Hewlett-PackardHP Connection ManagerHPCMDelayStart.exe
04 – HKLMSOFTWAREwow6432Node | Run : [] –
04 – HKLMSOFTWARE | RunOnce : [] –
04 – HKLMSOFTWAREwow6432Node | RunOnce : [] –
04 – HKUS-1-5-19SOFTWARE | Run : [Sidebar] – %ProgramFiles%Windows SidebarSidebar.exe /autoRun
04 – HKUS-1-5-20SOFTWARE | Run : [Sidebar] – %ProgramFiles%Windows SidebarSidebar.exe /autoRun
04 – HKUS-1-5-21-376333598-1572624100-3799582411-1001SOFTWARE | Run : [Spotify Web Helper] – “C:UsersUtilisateurAppDataRoamingSpotifyDataSpotifyWebHelper.exe”
04 – HKUS-1-5-21-376333598-1572624100-3799582411-1001SOFTWARE | Run : [FreeCT] – C:Program Files (x86)FreeCountdownTimerFreeCountdownTimer.exe -autorun
04 – HKUS-1-5-21-376333598-1572624100-3799582411-1001SOFTWARE | Run : [Spotify] – “C:UsersUtilisateurAppDataRoamingSpotifyspotify.exe” /uri spotify:autostart
04 – HKUS-1-5-21-376333598-1572624100-3799582411-1001SOFTWARE | Run : [Sidebar] – C:Program FilesWindows Sidebarsidebar.exe /autoRun
04 – HKUS-1-5-21-376333598-1572624100-3799582411-1001SOFTWARE | Run : [Facebook Update] – “C:UsersUtilisateurAppDataLocalFacebookUpdateFacebookUpdate.exe” /c /nocrashserver
04 – HKUS-1-5-19SOFTWARE | RunOnce : [mctadmin] – C:WindowsSystem32mctadmin.exe
04 – HKUS-1-5-20SOFTWARE | RunOnce : [mctadmin] – C:WindowsSystem32mctadmin.exe

################## | Recherche générique |

(!) Fichiers temporaires supprimés. (18 Ko)

################## | Registre |

Réparé ! HKLMSOFTWAREMicrosoftWindowsCurrentVersionPoliciesExplorer|EnableShellExecuteHooks -> 0

################## | Listing |

[19/12/2013 – 17:39:48 | N | 11 Ko] – C:UsbFix [Scan 1] UTILISATEUR-HP.txt
[19/12/2013 – 17:44:14 | N | 7 Ko] – C:UsbFix [Scan 2] UTILISATEUR-HP.txt
[19/12/2013 – 21:40:17 | N | 8 Ko] – C:UsbFix [Scan 3] UTILISATEUR-HP.txt
[19/12/2013 – 22:08:58 | A | 6 Ko] – C:UsbFix [Clean 1] UTILISATEUR-HP.txt
[19/12/2013 – 17:22:24 | ASH | 2990484 Ko] – C:hiberfil.sys
[19/12/2013 – 17:22:28 | ASH | 3987312 Ko] – C:pagefile.sys
[04/04/2013 – 09:13:21 | D] – C:SYSTEM.SAV
[04/04/2013 – 09:20:21 | SHD] – C:$Recycle.Bin
[14/07/2009 – 04:20:08 | D] – C:PerfLogs
[14/07/2009 – 06:08:56 | SHD] – C:Documents and Settings
[21/11/2010 – 04:23:51 | RASH | 375 Ko] – C:bootmgr
[15/05/2011 – 11:36:32 | SHD] – C:boot
[30/12/2011 – 01:37:57 | D] – C:Intel
[30/12/2011 – 01:58:37 | D] – C:HP
[04/04/2013 – 09:12:45 | D] – C:Users
[04/04/2013 – 09:13:15 | SHD] – C:Recovery
[10/04/2013 – 17:23:38 | RHD] – C:MSOCache
[23/04/2013 – 20:59:09 | D] – C:Boonty
[15/06/2013 – 20:35:58 | D] – C:HP_TOOLS_mountHPSF
[17/08/2013 – 13:44:59 | D] – C:SWSetup
[19/09/2013 – 09:26:58 | HD] – C:ProgramData
[02/11/2013 – 18:26:50 | D] – C:Program Files
[27/11/2013 – 02:14:56 | D] – C:Windows
[11/12/2013 – 20:07:40 | D] – C:Program Files (x86)
[16/12/2013 – 00:00:37 | SHD] – C:System Volume Information
[19/12/2013 – 22:07:25 | D] – C:UsbFix
[30/01/2012 – 00:08:24 | N | 0 Ko] – D:HPSF_Rep.txt
[23/05/2010 – 13:55:46 | RASH | 0 Ko] – D:Desktop.ini
[19/12/2013 – 21:40:17 | RASHD] – D:Autorun.inf
[03/11/2012 – 19:45:38 | N | 0 Ko] – D:HP_WSD.dat
[25/12/2011 – 12:10:44 | SHD] – D:$RECYCLE.BIN
[14/07/2009 – 19:39:00 | RASH | 375 Ko] – D:bootmgr
[25/12/2011 – 12:10:39 | D] – D:hp
[25/12/2011 – 12:10:39 | RASHD] – D:boot
[25/12/2011 – 12:10:39 | RSHD] – D:preload
[25/12/2011 – 12:10:39 | D] – D:RM_Reserve
[25/12/2011 – 12:10:39 | D] – D:FactoryUpdate
[04/04/2013 – 09:27:20 | SHD] – D:System Volume Information
[24/08/2013 – 06:50:43 | RSD] – D:recovery
[30/01/2012 – 00:08:26 | N | 0 Ko] – F:HPSF_Rep.txt
[19/12/2013 – 21:40:18 | RASHD] – F:Autorun.inf
[03/11/2012 – 19:45:40 | N | 0 Ko] – F:HP_WSD.dat
[30/12/2011 – 02:05:28 | SHD] – F:$RECYCLE.BIN
[19/08/2013 – 15:56:00 | D] – F:Hewlett-Packard
[19/11/2013 – 13:21:10 | N | 33985 Ko] – H:Crapaud2e-G1-201113.WAV
[19/12/2013 – 10:15:52 | SHD] – H:.Trashes
[19/12/2013 – 10:15:52 | SH | 4 Ko] – H:._.Trashes
[19/12/2013 – 10:15:52 | SHD] – H:.Spotlight-V100
[19/12/2013 – 21:40:18 | RASHD] – H:Autorun.inf
[19/12/2013 – 10:15:52 | D] – H:.fseventsd
[06/12/2013 – 11:56:48 | N | 1176 Ko | 8B38B4BA040FC338EB4E1DAE73721260] – H:UsbFix.exe
[12/12/2013 – 11:01:26 | N | 13 Ko] – H:virus sur usb.docx
[10/09/2012 – 10:39:10 | D] – H:Intégration CRAPO
[27/04/2013 – 20:48:50 | D] – H:DéguiZmot’ 2013
[27/04/2013 – 20:49:04 | D] – H:Soirée BDE (29 mars 2012)
[06/09/2013 – 08:12:46 | D] – H:Intégration POP MOT’
[30/10/2013 – 09:53:00 | D] – H:WEI 2013′

################## | Vaccin |

D:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
F:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
H:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)

################## | E.O.F | http://www.usbfix.net” onclick=”window.open(this.href);return false; – https://www.sosvirus.net” onclick=”window.open(this.href);return false; |