RSG145
Participant
Nombre d'articles : 12

Bonsoir :hello:

Voici tout d’abord le nouveau rapport USBFix en mode sans échec

############################## | UsbFix V 7.159 | [Suppression]

Utilisateur: Thierry (Administrateur) # PCBUREAU
Mis à jour le 06/01/2014 par El Desaparecido – Team SosVirus
Lancé à 19:09:22 | 09/01/2014

Site Web : http://www.usbfix.net » onclick= »window.open(this.href);return false;
Changelog : http://www.usbfix.net/maj/ » onclick= »window.open(this.href);return false;
Support : http://www.sosvirus.net/ » onclick= »window.open(this.href);return false;
Upload Malware : upload_malware.php
Contact : http://www.usbfix.net/contact/ » onclick= »window.open(this.href);return false;

PC: MSI (IONA)
CPU: Intel(R) Core(TM) i7 CPU 860 @ 2.80GHz
RAM -> [Total : 8151 Mo| Free : 6970 Mo]
Bios: American Megatrends Inc.
Boot: Fail-safe boot

OS: Microsoft Windows 7 Édition Familiale Premium (6.1.7601 64-Bit) Service Pack 1
WB: Windows Internet Explorer : 11.0.9600.16476
WB: Google Chrome : 31.0.1650.63

SC: Security Center Service [Enabled]
WU: Windows Update Service [Enabled]
AS: Windows Defender : 6.1.7600.16385 (win7_rtm.090713-1255)
AS: Malwarebytes’ Anti-Malware : 1.75.0001
FW: Windows FireWall Service [(!) Disabled]

C: (%systemdrive%) -> Disque fixe # 1386 Go (1214 Go libre(s) – 88%) [HP] # NTFS
D: -> Disque fixe # 11 Go (2 Go libre(s) – 14%) [FACTORY_IMAGE] # NTFS
E: -> Disque fixe # 1397 Go (1218 Go libre(s) – 87%) [HP2] # NTFS
F: -> CD-ROM
K: -> Disque amovible # 15 Go (10 Go libre(s) – 66%) [FLASH DRIVE] # FAT32
L: -> Disque amovible # 4 Go (4 Go libre(s) – 98%) [USB DISK] # FAT32

################## | Processus Stoppés |

Stoppé! C:Windowssystem32userinit.exe (ID: 728 |ParentID: 644)
Stoppé! C:WindowsExplorer.EXE (ID: 544 |ParentID: 728)
Stoppé! C:Windowssystem32ctfmon.exe (ID: 1060 |ParentID: 544)
Stoppé! C:Windowssystem32DllHost.exe (ID: 1096 |ParentID: 696)

################## | Regedit Run |

04 – HKLM..Run : [hpsysdrv] c:program files (x86)hewlett-packardHP odometerhpsysdrv.exe
04 – HKLM..Run : [BATINDICATOR] C:Program Files (x86)Hewlett-PackardHP MAINSTREAM KEYBOARDBATINDICATOR.exe
04 – HKLM..Run : [LaunchHPOSIAPP] C:Program Files (x86)Hewlett-PackardHP MAINSTREAM KEYBOARDLaunchApp.exe
04 – HKLM..Run : [HP Remote Solution] %ProgramFiles%Hewlett-PackardHP Remote SolutionHP_Remote_Solution.exe
04 – HKLM..Run : [IAStorIcon] C:Program Files (x86)IntelIntel(R) Rapid Storage TechnologyIAStorIcon.exe
04 – HKLM..Run : [mcui_exe] « C:Program FilesMcAfee.comAgentmcagent.exe » /runkey
04 – HKLM..Run : [Adobe ARM] « C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe »
04 – HKLM..Run : [ApnUpdater] « C:Program Files (x86)Ask.comUpdaterUpdater.exe »
04 – HKLM..Run : [HP Software Update] C:Program Files (x86)HPHP Software UpdateHPWuSchd2.exe
04 – HKLM..Run : []
04 – HKLM..Run : [SunJavaUpdateSched] « C:Program Files (x86)Common FilesJavaJava Updatejusched.exe »
04 – HKLM..Run : [mcpltui_exe] « C:Program FilesMcAfee.comAgentmcagent.exe » /runkey
04 – HKLM64..Run : [NvCplDaemon] RUNDLL32.EXE C:Windowssystem32NvCpl.dll,NvStartup
04 – HKLM64..Run : [SmartMenu] C:Program FilesHewlett-PackardHP MediaSmartSmartMenu.exe /background
04 – HKLM64..Run : [PC-Doctor for Windows localizer] C:Program FilesPC-Doctor for Windowslocalizer.exe
04 – HKUS-1-5-19..Run : [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /autoRun
04 – HKUS-1-5-20..Run : [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /autoRun
04 – HKUS-1-5-21-3996975368-2883083243-2639967671-1001..Run : [Akamai NetSession Interface] « C:UsersThierryAppDataLocalAkamainetsession_win.exe »
04 – HKUS-1-5-19..RunOnce : [mctadmin] C:WindowsSystem32mctadmin.exe
04 – HKUS-1-5-20..RunOnce : [mctadmin] C:WindowsSystem32mctadmin.exe

################## | Recherche générique |

Supprimé! K:SURVIVAL.vbe
Supprimé! L:SURVIVAL.vbe
Supprimé! K:Docs Caroline.lnk
Supprimé! K:Docs Francoise.lnk
Supprimé! K:Docs Thierry.lnk
Supprimé! K:Autorun.inf.lnk
Supprimé! L:Autorun.inf.lnk

(!) Fichiers temporaires supprimés.

################## | Registre |

################## | Listing |

[02/01/2011 – 19:46:22 | SHD] – C:$Recycle.Bin
[08/01/2014 – 20:21:22 | RASHD] – C:Autorun.inf
[14/07/2009 – 06:08:56 | SHD] – C:Documents and Settings
[07/09/2010 – 22:12:50 | N | 0 Ko | 0168645847484AF1F37D413AF65B9A7F] – C:FINIS_IT.TXT
[10/12/2012 – 17:22:10 | D] – C:found.000
[09/01/2014 – 19:08:49 | ASH | 6260028 Ko] – C:hiberfil.sys
[31/10/2011 – 13:26:13 | D] – C:hp
[04/01/2010 – 16:16:35 | D] – C:Intel
[05/09/2010 – 08:39:28 | RHD] – C:MSOCache
[09/01/2014 – 19:08:51 | ASH | 8346704 Ko] – C:pagefile.sys
[14/07/2009 – 04:20:08 | D] – C:PerfLogs
[12/10/2013 – 20:34:14 | D] – C:Program Files
[09/01/2014 – 18:54:53 | D] – C:Program Files (x86)
[24/12/2013 – 18:33:06 | HD] – C:ProgramData
[05/01/2014 – 20:41:20 | SHD] – C:System Volume Information
[09/01/2014 – 19:09:24 | D] – C:UsbFix
[08/01/2014 – 20:21:23 | N | 11 Ko | 793DF1D51466BF330510BC7CAEB97022] – C:UsbFix [Clean 1] PCBUREAU.txt
[09/01/2014 – 19:17:31 | A | 5 Ko | 09289E29A5043C1079E68E3F3E794C96] – C:UsbFix [Clean 2] PCBUREAU.txt
[08/01/2014 – 20:00:26 | N | 13 Ko | B4312D31F61CBB848BBE62589A88422D] – C:UsbFix [Scan 2] PCBUREAU.txt
[01/09/2010 – 20:42:21 | D] – C:Users
[09/01/2014 – 19:08:49 | D] – C:Windows
[01/09/2010 – 20:42:24 | SHD] – D:$RECYCLE.BIN
[08/01/2014 – 20:21:22 | RASHD] – D:Autorun.inf
[22/08/2010 – 16:18:13 | SHD] – D:boot
[13/07/2009 – 18:39:00 | ASH | 375 Ko] – D:bootmgr
[22/08/2010 – 16:18:11 | N | 0 Ko] – D:BT_HP.FLG
[05/01/2010 – 02:11:51 | N | 0 Ko] – D:CSP.DAT
[05/01/2010 – 02:24:08 | N | 15 Ko] – D:DeployRp.log
[19/09/2010 – 17:05:36 | D] – D:hp
[22/08/2010 – 16:18:02 | N | 0 Ko] – D:language.ini
[22/08/2010 – 16:18:14 | SHD] – D:preload
[22/08/2010 – 16:18:14 | SD] – D:Recovery
[05/01/2010 – 02:24:07 | N | 0 Ko] – D:RPCONFIG.LOG
[05/01/2014 – 20:48:44 | SHD] – D:System Volume Information
[01/09/2010 – 20:42:24 | SHD] – E:$RECYCLE.BIN
[08/01/2014 – 20:21:22 | RASHD] – E:Autorun.inf
[10/12/2013 – 23:59:12 | D] – E:d3a4abdc02eb8be7ac716bfb
[21/07/2012 – 09:02:10 | D] – E:Firefox
[04/01/2014 – 20:31:20 | N | 1 Ko] – E:MediaID.bin
[04/01/2014 – 20:31:40 | D] – E:PCBUREAU
[05/01/2014 – 20:48:21 | SHD] – E:System Volume Information
[05/01/2014 – 19:06:03 | D] – E:WindowsImageBackup
[05/01/2014 – 18:24:34 | D] – K:Docs Caroline
[05/01/2014 – 18:25:16 | D] – K:Docs Francoise
[05/01/2014 – 18:27:02 | D] – K:Docs Thierry
[08/01/2014 – 20:21:24 | SHD] – K:Autorun.inf
[08/01/2014 – 20:21:24 | SHD] – L:Autorun.inf

################## | Vaccin |

D:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
E:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
K:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
L:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)

################## | E.O.F | http://www.usbfix.net » onclick= »window.open(this.href);return false; – http://www.sosvirus.net » onclick= »window.open(this.href);return false; |