Répondre à : Pubs intempestives et onglets qui souvrent tous seuls 2016-09-08T13:35:16+00:00
Louise
Participant
Post count: 11

Ah d’accord :/
Voilà le rapport

############################## | UsbFix V 7.169 | [Suppression]

Utilisateur: Louise (Administrateur) # PC-LOUISE
Mis à jour le 31/03/2014 par El Desaparecido – Team SosVirus
Lancé à 11:54:58 | 19/04/2014

Site Web : http://www.usbfix.net/” onclick=”window.open(this.href);return false;
Changelog : http://www.usbfix.net/maj/” onclick=”window.open(this.href);return false;
Support : forum-virus-securite.html
Upload Malware : upload_malware.php
Contact : http://www.usbfix.net/contact/” onclick=”window.open(this.href);return false;

PC: ASUSTeK COMPUTER INC. (X75VC)
CPU: Intel(R) Core(TM) i5-3230M CPU @ 2.60GHz
RAM -> [Total : 8078 Mo| Free : 5384 Mo]
Bios: American Megatrends Inc.
Boot: Normal boot

OS: Microsoft Windows 8 (6.2.9200 64-Bit)
WB: Windows Internet Explorer : 10.0.9200.16863
WB: Mozilla Firefox : 27.0.1

SC: Security Center [Enabled]
WU: Windows Update [Enabled]
AV: AVG AntiVirus Free Edition 2014 [Enabled | Updated]
AV: Windows Defender [(!) Disabled | Updated]
AS: Windows Defender [(!) Disabled | Updated]
AS: AVG AntiVirus Free Edition 2014 [Enabled | Updated]
FW: Windows FireWall [(!) Disabled]

C: (%systemdrive%) -> Disque fixe # 279 Go (170 Go libre(s) – 61%) [OS] # NTFS
D: -> Disque fixe # 398 Go (398 Go libre(s) – 100%) [Data] # NTFS
E: -> CD-ROM

################## | Processus Actif |

C:PROGRA~2AVGAVG2014avgrsa.exe (ID: 444 |ParentID: 432)
C:Program Files (x86)AVGAVG2014avgcsrva.exe (ID: 484 |ParentID: 444)
C:Windowssystem32csrss.exe (ID: 768 |ParentID: 756)
C:Windowssystem32wininit.exe (ID: 844 |ParentID: 756)
C:Windowssystem32csrss.exe (ID: 860 |ParentID: 852)
C:Windowssystem32winlogon.exe (ID: 904 |ParentID: 852)
C:Windowssystem32services.exe (ID: 952 |ParentID: 844)
C:Windowssystem32lsass.exe (ID: 960 |ParentID: 844)
C:Windowssystem32svchost.exe (ID: 500 |ParentID: 952)
C:Windowssystem32svchost.exe (ID: 864 |ParentID: 952)
C:WindowsSystem32svchost.exe (ID: 436 |ParentID: 952)
C:Windowssystem32svchost.exe (ID: 1036 |ParentID: 952)
C:Windowssystem32dwm.exe (ID: 1088 |ParentID: 904)
C:Windowssystem32svchost.exe (ID: 1112 |ParentID: 952)
C:WindowsSystem32svchost.exe (ID: 1152 |ParentID: 952)
C:Windowssystem32svchost.exe (ID: 1348 |ParentID: 952)
C:Windowssystem32svchost.exe (ID: 1700 |ParentID: 952)
C:Windowssystem32svchost.exe (ID: 1768 |ParentID: 952)
C:Program Files (x86)AVGAVG2014avgidsagent.exe (ID: 2024 |ParentID: 952)
C:Program Files (x86)AVGAVG2014avgwdsvc.exe (ID: 1148 |ParentID: 952)
C:Windowssystem32svchost.exe (ID: 2396 |ParentID: 952)
C:Program Files (x86)AVGAVG2014avgnsa.exe (ID: 2664 |ParentID: 1148)
C:Program Files (x86)AVGAVG2014avgemca.exe (ID: 2672 |ParentID: 1148)
C:Windowssystem32svchost.exe (ID: 2892 |ParentID: 952)
C:WindowsSystem32hkcmd.exe (ID: 4400 |ParentID: 3592)
C:Program Files (x86)AVGAVG2014avgui.exe (ID: 4788 |ParentID: 4924)
C:Program FilesInteliCLS ClientHeciServer.exe (ID: 1956 |ParentID: 952)
C:Windowsexplorer.exe (ID: 13144 |ParentID: 12772)
C:Windowssystem32DllHost.exe (ID: 5700 |ParentID: 500)
C:Windowssystem32SearchIndexer.exe (ID: 5296 |ParentID: 952)
C:Program Files (x86)IntelIntel(R) Management Engine ComponentsLMSLMS.exe (ID: 3948 |ParentID: 952)
C:Program FilesInternet Exploreriexplore.exe (ID: 1960 |ParentID: 13144)
C:Program Files (x86)Internet ExplorerIEXPLORE.EXE (ID: 5880 |ParentID: 1960)
C:Program Files (x86)Internet ExplorerIEXPLORE.EXE (ID: 13116 |ParentID: 1960)
C:WindowsSystem32WUDFHost.exe (ID: 10220 |ParentID: 1152)
C:WindowsSystem32RuntimeBroker.exe (ID: 11220 |ParentID: 500)
C:Windowssystem32taskeng.exe (ID: 8532 |ParentID: 1036)
C:Program FilesMicrosoft Office 15ClientX64integratedoffice.exe (ID: 9608 |ParentID: 952)
C:Windowssystem32DllHost.exe (ID: 3868 |ParentID: 500)
C:Windowssystem32wbemwmiprvse.exe (ID: 4164 |ParentID: 500)
C:Windowssystem32SearchProtocolHost.exe (ID: 12172 |ParentID: 5296)
C:Windowssystem32SearchFilterHost.exe (ID: 13228 |ParentID: 5296)

################## | Recherche générique |

(!) Fichiers temporaires supprimés.

################## | Registre |

################## | Regedit Run |

F2 – HKLM..Winlogon : [Shell] explorer.exe
F2 – [x64] HKLM..Winlogon : [Shell] explorer.exe
F2 – HKLM..Winlogon : [Userinit] userinit.exe
F2 – [x64] HKLM..Winlogon : [Userinit] C:Windowssystem32userinit.exe,
04 – HKCU..Run : [AdobeBridge]
04 – HKCU..Run : [Sony PC Companion] “C:Program Files (x86)SonySony PC CompanionPCCompanion.exe” /Background
04 – HKCU..Run : [HP Deskjet 3050A J611 series (NET)] “C:Program FilesHPHP Deskjet 3050A J611 seriesBinScanToPCActivationApp.exe” -deviceID “CN3791CMF205WK:NW” -scfn “HP Deskjet 3050A J611 series (NET)” -AutoStart 1
04 – HKCU..Run : [Spotify] “C:UsersLouiseAppDataRoamingSpotifySpotify.exe” /uri spotify:autostart
04 – HKCU..Run : [Spotify Web Helper] “C:UsersLouiseAppDataRoamingSpotifyDataSpotifyWebHelper.exe”
04 – HKLM..Run : [Adobe Reader Speed Launcher] “C:Program Files (x86)AdobeReader 10.0ReaderReader_sl.exe”
04 – HKLM..Run : [Adobe ARM] “C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe”
04 – HKLM..Run : [ASUSPRP] “C:Program Files (x86)ASUSAPRPAPRP.EXE”
04 – HKLM..Run : [ASUSWebStorage] C:Program Files (x86)ASUSWebStorage Sync Agent1.1.10.123AsusWSPanel.exe /S
04 – HKLM..Run : [mcui_exe] “C:Program FilesMcAfee.comAgentmcagent.exe” /runkey
04 – HKLM..Run : [RemoteControl10] “C:Program Files (x86)CyberLinkPowerDVD10PDVD10Serv.exe”
04 – HKLM..Run : [BDRegion] C:Program Files (x86)CyberlinkShared filesbrs.exe
04 – HKLM..Run : [AVG_UI] “C:Program Files (x86)AVGAVG2014avgui.exe” /TRAYONLY
04 – HKLM..Run : [BCSSync] “C:Program Files (x86)Microsoft OfficeOffice14BCSSync.exe” /DelayServices
04 – HKLM..Run : [SwitchBoard] C:Program Files (x86)Common FilesAdobeSwitchBoardSwitchBoard.exe
04 – HKLM..Run : [AdobeCS6ServiceManager] “C:Program Files (x86)Common FilesAdobeCS6ServiceManagerCS6ServiceManager.exe” -launchedbylogin
04 – HKLM..Run : [HP Software Update] C:Program Files (x86)HpHP Software UpdateHPWuSchd2.exe
04 – HKLM..Run : []
04 – HKLM..RunOnce : []
04 – [x64] HKLM..Run : [IgfxTray] C:Windowssystem32igfxtray.exe
04 – [x64] HKLM..Run : [HotKeysCmds] C:Windowssystem32hkcmd.exe
04 – [x64] HKLM..Run : [RTHDVCPL] C:Program FilesRealtekAudioHDARAVCpl64.exe -s
04 – [x64] HKLM..Run : [AdobeAAMUpdater-1.0] “C:Program Files (x86)Common FilesAdobeOOBEPDAppUWAUpdaterStartupUtility.exe”
04 – HKUS-1-5-21-3436731335-4286099936-529172577-1002..Run : [AdobeBridge]
04 – HKUS-1-5-21-3436731335-4286099936-529172577-1002..Run : [Sony PC Companion] “C:Program Files (x86)SonySony PC CompanionPCCompanion.exe” /Background
04 – HKUS-1-5-21-3436731335-4286099936-529172577-1002..Run : [HP Deskjet 3050A J611 series (NET)] “C:Program FilesHPHP Deskjet 3050A J611 seriesBinScanToPCActivationApp.exe” -deviceID “CN3791CMF205WK:NW” -scfn “HP Deskjet 3050A J611 series (NET)” -AutoStart 1
04 – HKUS-1-5-21-3436731335-4286099936-529172577-1002..Run : [Spotify] “C:UsersLouiseAppDataRoamingSpotifySpotify.exe” /uri spotify:autostart
04 – HKUS-1-5-21-3436731335-4286099936-529172577-1002..Run : [Spotify Web Helper] “C:UsersLouiseAppDataRoamingSpotifyDataSpotifyWebHelper.exe”

################## | Listing |

[27/11/2013 – 20:04:59 | D] – C:$AVG
[10/03/2014 – 11:34:37 | SHD] – C:$Recycle.Bin
[19/04/2014 – 10:34:59 | D] – C:AdwCleaner
[27/11/2012 – 15:00:09 | SHD] – C:Boot
[26/07/2012 – 05:44:30 | RASH | 389 Ko] – C:bootmgr
[02/06/2012 – 16:30:55 | N | 0 Ko] – C:BOOTNXT
[26/07/2012 – 09:22:08 | SHD] – C:Documents and Settings
[18/06/2013 – 17:20:50 | D] – C:eSupport
[19/04/2014 – 11:06:01 | D] – C:FRST
[19/04/2014 – 10:36:02 | ASH | 6617148 Ko] – C:hiberfil.sys
[18/06/2013 – 17:01:05 | D] – C:Intel
[28/09/2013 – 19:02:40 | RHD] – C:MSOCache
[19/04/2014 – 10:36:02 | ASH | 1245184 Ko] – C:pagefile.sys
[26/07/2012 – 09:33:46 | D] – C:PerfLogs
[19/04/2014 – 10:34:59 | D] – C:Program Files
[18/04/2014 – 23:02:48 | D] – C:Program Files (x86)
[19/04/2014 – 10:30:04 | HD] – C:ProgramData
[18/04/2014 – 23:36:19 | D] – C:Shortcut_Module
[07/09/2013 – 23:39:17 | D] – C:sources
[19/04/2014 – 10:36:03 | ASH | 262144 Ko] – C:swapfile.sys
[16/04/2014 – 01:15:42 | SHD] – C:System Volume Information
[19/04/2014 – 11:53:04 | D] – C:UsbFix
[19/04/2014 – 11:39:43 | N | 17 Ko | 8D5DD97B42A1624B679CE10D4EC54FC3] – C:UsbFix [Clean 2] PC-LOUISE.txt
[19/04/2014 – 11:55:14 | A | 8 Ko | 838BDD809FDF30DC39C2D1B1A954225E] – C:UsbFix [Clean 4] PC-LOUISE.txt
[15/11/2013 – 20:33:47 | D] – C:Users
[19/04/2014 – 11:05:46 | D] – C:Windows
[22/05/2013 – 04:07:22 | N | 6146 Ko] – C:X75VB.BIN
[22/05/2013 – 03:13:28 | N | 6146 Ko] – C:X75VBP.BIN
[26/02/2013 – 05:19:54 | N | 6146 Ko] – C:X75VC.BIN
[26/02/2013 – 05:26:50 | N | 6146 Ko] – C:X75VCP.BIN
[07/09/2013 – 21:30:49 | SHD] – D:$RECYCLE.BIN
[28/09/2013 – 19:03:57 | D] – D:IDE
[18/06/2013 – 16:56:47 | SHD] – D:System Volume Information

################## | Vaccin |

D:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)

################## | E.O.F | http://www.usbfix.net/” onclick=”window.open(this.href);return false; – https://www.sosvirus.net” onclick=”window.open(this.href);return false; |