Répondre à : Chose bizzare sur mes clé usb 2016-09-08T13:41:21+00:00
Gianni94
Participant
Nombre d'articles : 13

2éme Rapport

############################## | UsbFix V 7.171 | [Nettoyage]

Utilisateur: Pandi (Administrateur) # PANDI-HP
Mis à jour le 18/05/2014 par El Desaparecido – SosVirus
Lancé à 21:01:32 | 18/05/2014

Site Web : http://www.usbfix.net/
Changelog : http://www.usbfix.net/maj/
Assistance : https://www.sosvirus.net/aide-nettoyage-pc/
Upload Malware : https://www.sosvirus.net/upload_malware.php
Contact : http://www.usbfix.net/contact/

PC: MSI (2A9C)
CPU: Intel(R) Core(TM) i3 CPU 550 @ 3.20GHz
RAM -> [Total : 3959 Mo| Free : 1991 Mo]
Bios: American Megatrends Inc.
Boot: Normal boot

OS: Microsoft Windows 7 Édition Familiale Premium (6.1.7601 64-Bit) Service Pack 1
WB: Windows Internet Explorer : 11.0.9600.17107
WB: Google Chrome : 34.0.1847.131
WB: Safari : 534.57.2

SC: Security Center [Enabled]
WU: Windows Update [Enabled]
AV: Norton Internet Security [(!) Disabled | (!) Outdated]
AS: Windows Defender [Enabled | Updated]
AS: Norton Internet Security [(!) Disabled | (!) Outdated]
FW: Norton Internet Security [(!) Disabled]
FW: Windows FireWall [Enabled]

C: (%SystemDrive%) -> Disque fixe # 918 Go (477 Go libre(s) – 52%) [OS] # NTFS
D: -> Disque fixe # 14 Go (2 Go libre(s) – 12%) [HP_RECOVERY] # NTFS
E: -> CD-ROM
F: -> Disque amovible # 15 Go (1 Go libre(s) – 8%) [CORSAIR] # FAT32
H: -> CD-ROM
I: -> Disque fixe # 931 Go (2 Go libre(s) – 0%) [LaCie] # NTFS
L: -> Disque fixe # 698 Go (12 Go libre(s) – 2%) [LaCie] # FAT32
M: -> Disque fixe # 466 Go (174 Go libre(s) – 37%) [My Book] # FAT32

################## | Processus Stoppés |

C:WindowsSystem32WUDFHost.exe (ID: 3456|ParentID: 388|SERVICE LOCAL)
C:WindowsSystem32rundll32.exe (ID: 2496|ParentID: 784|Pandi)
C:Program Files (x86)IntelIntel(R) Management Engine ComponentsLMSLMS.exe (ID: 2828|ParentID: 644|Système)
C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSVC.EXE (ID: 3340|ParentID: 644|Système)
C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSVCM.EXE (ID: 4816|ParentID: 3340|Système)
C:WindowsSystem32SearchIndexer.exe (ID: 3008|ParentID: 644|Système)
C:Program FilesWindows Media Playerwmpnetwk.exe (ID: 4276|ParentID: 644|SERVICE RÉSEAU)
C:WindowsSystem32spoolsv.exe (ID: 6140|ParentID: 644|Système)
C:Program Files (x86)Common FilesAppleMobile Device SupportAppleMobileDeviceService.exe (ID: 4512|ParentID: 644|Système)
C:Program Files (x86)Hewlett-PackardHP Support FrameworkHPSA_Service.exe (ID: 4756|ParentID: 644|Système)
C:WindowsSystem32rundll32.exe (ID: 3568|ParentID: 784|Pandi)
C:Windowsexplorer.exe (ID: 2340|ParentID: 2468|Pandi)
C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID: 1488|ParentID: 2340|Pandi)
C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID: 5616|ParentID: 1488|Pandi)

################## | Autorun |

################## | Recherche générique |

(!) Fichiers temporaires supprimés.

################## | Registre |

Supprimé! HKUS-1-5-21-73486281-3383989898-2532686599-1001Software….Mountpoints2{14bd6839-b60a-11e0-9945-6c626d958d08}
Supprimé! HKUS-1-5-21-73486281-3383989898-2532686599-1001Software….Mountpoints2{31a6310e-b3a7-11e0-9ef6-6c626d958d08}

################## | Regedit Run |

F2 – HKLM..Winlogon : [Shell] Explorer.exe
F2 – [x64] HKLM..Winlogon : [Shell] explorer.exe
F2 – HKLM..Winlogon : [Userinit] userinit.exe,
F2 – [x64] HKLM..Winlogon : [Userinit] C:Windowssystem32userinit.exe,
04 – HKCU..Run : [Sidebar] C:Program FilesWindows Sidebarsidebar.exe /autoRun
04 – HKCU..Run : [Steam] “C:Program Files (x86)Steamsteam.exe” -silent
04 – HKCU..Run : [TomTomHOME.exe] “C:Program Files (x86)TomTom HOME 2TomTomHOMERunner.exe”
04 – HKCU..Run : [Skype] “C:Program Files (x86)SkypePhoneSkype.exe” /minimized /regrun
04 – HKCU..Run : [DAEMON Tools Lite] “C:Program Files (x86)DAEMON Tools LiteDTLite.exe” -autorun
04 – HKLM..Run : [IAStorIcon] C:Program Files (x86)IntelIntel(R) Rapid Storage TechnologyIAStorIcon.exe
04 – HKLM..Run : [HP Software Update] c:Program Files (x86)HPHP Software UpdateHPWuSchd2.exe
04 – HKLM..Run : [Norton Online Backup] C:Program Files (x86)SymantecNorton Online BackupNOBuClient.exe
04 – HKLM..Run : [Easybits Recovery] C:Program Files (x86)EasyBits For KidsezRecover.exe
04 – HKLM..Run : [Microsoft Default Manager] “C:Program Files (x86)MicrosoftSearch Enhancement PackDefault ManagerDefMgr.exe” -resume
04 – HKLM..Run : [PDF Complete] C:Program Files (x86)PDF Completepdfsty.exe
04 – HKLM..Run : [Adobe ARM] “C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe”
04 – HKLM..Run : [APSDaemon] “C:Program Files (x86)Common FilesAppleApple Application SupportAPSDaemon.exe”
04 – HKLM..Run : [LifeCam] “C:Program Files (x86)Microsoft LifeCamLifeExp.exe”
04 – HKLM..Run : [SunJavaUpdateSched] “C:Program Files (x86)Common FilesJavaJava Updatejusched.exe”
04 – HKLM..Run : [Magic Desktop for HP notification] “C:ProgramDataEasybits Magic Desktop for HPmdhpSUN.exe”
04 – HKLM..Run : [QuickTime Task] “C:Program Files (x86)QuickTimeQTTask.exe” -atboottime
04 – HKLM..Run : [iTunesHelper] “C:Program Files (x86)iTunesiTunesHelper.exe”
04 – HKLM..Run : [HOSTS Anti-Adware_PUPs] C:Program Files (x86)Hosts_Anti_Adwares_PUPsHOSTS_Anti-Adware_main.exe
04 – [x64] HKLM..Run : [hpsysdrv] c:program files (x86)hewlett-packardHP odometerhpsysdrv.exe
04 – [x64] HKLM..Run : [SmartMenu] C:Program FilesHewlett-PackardHP MediaSmartSmartMenu.exe /background
04 – [x64] HKLM..Run : [ProfilerU] C:Program FilesSaitekSD6SoftwareProfilerU.exe
04 – [x64] HKLM..Run : [SaiMfd] C:Program FilesSaitekSD6SoftwareSaiMfd.exe
04 – [x64] HKLM..RunOnce : [NCPluginUpdater] “C:Program Files (x86)Hewlett-PackardHP Health CheckActiveCheckproduct_lineNCPluginUpdater.exe” Update
04 – HKUS-1-5-19..Run : [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /autoRun
04 – HKUS-1-5-20..Run : [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /autoRun
04 – HKUS-1-5-21-73486281-3383989898-2532686599-1001..Run : [Sidebar] C:Program FilesWindows Sidebarsidebar.exe /autoRun
04 – HKUS-1-5-21-73486281-3383989898-2532686599-1001..Run : [Steam] “C:Program Files (x86)Steamsteam.exe” -silent
04 – HKUS-1-5-21-73486281-3383989898-2532686599-1001..Run : [TomTomHOME.exe] “C:Program Files (x86)TomTom HOME 2TomTomHOMERunner.exe”
04 – HKUS-1-5-21-73486281-3383989898-2532686599-1001..Run : [Skype] “C:Program Files (x86)SkypePhoneSkype.exe” /minimized /regrun
04 – HKUS-1-5-21-73486281-3383989898-2532686599-1001..Run : [DAEMON Tools Lite] “C:Program Files (x86)DAEMON Tools LiteDTLite.exe” -autorun
04 – HKUS-1-5-19..RunOnce : [mctadmin] C:WindowsSystem32mctadmin.exe
04 – HKUS-1-5-20..RunOnce : [mctadmin] C:WindowsSystem32mctadmin.exe

################## | C: %SystemDrive% – Disque Fixe (NTFS) |

[17/05/2014 – 11:35:06 | N | 1 Ko] – C:DelFix.txt
[18/05/2014 – 20:04:23 | ASH | 3040572 Ko] – C:hiberfil.sys
[18/05/2014 – 20:04:28 | ASH | 4054096 Ko] – C:pagefile.sys
[20/03/2011 – 19:41:36 | D] – C:SYSTEM.SAV
[18/05/2014 – 03:02:16 | D] – C:Config.Msi
[07/08/2010 – 03:26:40 | ASH | 46 Ko] – C:Thumbs.db
[22/02/2012 – 17:02:08 | SHD] – C:$RECYCLE.BIN
[18/05/2014 – 19:14:54 | N | 1 Ko] – C:PhysicalDisk0_MBR.bin
[24/07/2009 – 21:22:29 | RASH | 8 Ko] – C:BOOTSECT.BAK
[05/12/2013 – 15:46:31 | D] – C:found.001
[13/09/2013 – 11:00:17 | D] – C:found.000
[14/07/2009 – 05:20:08 | D] – C:PerfLogs
[14/07/2009 – 07:08:56 | SHD] – C:Documents and Settings
[24/07/2009 – 20:32:39 | SHD] – C:Recovery
[20/01/2011 – 12:53:00 | D] – C:Intel
[20/01/2011 – 13:14:03 | D] – C:hp
[20/01/2011 – 13:19:50 | N | 0 Ko] – C:OS
[25/03/2011 – 06:19:19 | D] – C:4c5c24df8464f97ff4d7f2bd2
[10/12/2013 – 19:41:12 | RHD] – C:MSOCache
[28/01/2014 – 11:56:07 | D] – C:swsetup
[22/04/2014 – 03:07:49 | D] – C:Program Files
[30/04/2014 – 19:06:48 | D] – C:Users
[17/05/2014 – 10:44:18 | D] – C:Temp
[17/05/2014 – 10:50:26 | HD] – C:ProgramData
[18/05/2014 – 03:00:24 | SHD] – C:System Volume Information
[18/05/2014 – 17:44:38 | D] – C:Avenger
[18/05/2014 – 19:11:28 | D] – C:Program Files (x86)
[18/05/2014 – 20:03:31 | D] – C:AdwCleaner
[18/05/2014 – 20:22:44 | D] – C:Windows
[18/05/2014 – 21:00:55 | D] – C:UsbFix

################## | D: – Disque Fixe (NTFS) |

[06/02/2012 – 09:25:21 | N | 0 Ko] – D:HPSF_Rep.txt
[20/01/2011 – 14:13:00 | N | 0 Ko] – D:RPCONFIG.LOG
[20/01/2011 – 14:13:01 | N | 23 Ko] – D:DeployRp.log
[20/03/2011 – 19:32:24 | N | 0 Ko] – D:language.ini
[20/03/2011 – 19:32:36 | N | 0 Ko] – D:BT_HP.FLG
[20/01/2011 – 13:54:45 | N | 0 Ko] – D:CSP.DAT
[25/06/2012 – 18:31:30 | N | 0 Ko] – D:HP_WSD.dat
[20/03/2011 – 19:41:43 | SHD] – D:$RECYCLE.BIN
[14/07/2009 – 04:39:00 | ASH | 375 Ko] – D:bootmgr
[20/03/2011 – 19:32:37 | SHD] – D:boot
[20/03/2011 – 19:32:37 | SHD] – D:preload
[20/03/2011 – 19:32:37 | SD] – D:Recovery
[01/04/2013 – 20:47:10 | D] – D:hp
[16/10/2013 – 02:05:25 | SHD] – D:System Volume Information

################## | F: – Disque USB (FAT32) |

[13/04/2014 – 22:49:16 | N | 391887 Ko] – F:Jack.Jack.Attack!.MULTI.1080p.Bluray.x264-FYR.mkv
[13/04/2014 – 23:21:22 | N | 283889 Ko] – F:Drôles.d’oiseaux.sur.une.ligne.à.haute.tension.MULTI.1080p.Bluray.x264-FYR.mkv
[30/04/2014 – 08:32:16 | N | 547589 Ko] – F:Primates Of The Seven Seas 2012 FRENCH DVDRiP x264.mkv
[03/05/2014 – 17:57:42 | N | 597665 Ko] – F:Nymphomaniac.Vol.I.2013.LIMITED.FRENCH.BDRip.x264-Saturday3rd.mkv
[17/05/2014 – 21:15:50 | SH | 0 Ko] – F:autorun.inf
[22/03/2014 – 06:56:40 | N | 724150 Ko] – F:Walking.With.Dinosaurs.2013.FRENCH.BDRiP.zone-telechargement.com.avi
[22/03/2014 – 22:53:26 | N | 719678 Ko] – F:Tinker.Bell.And.The.Pirate.Fairy.2014.FRENCH.BDRiP.zone-telechargement.com.avi
[11/04/2014 – 19:56:42 | N | 1445013 Ko] – F:Zulu.2013.FRENCH.BRRip.zone-telechargement.com.avi
[25/04/2014 – 10:27:22 | N | 1363284 Ko] – F:Robocop 2013.avi
[25/04/2014 – 10:48:44 | N | 725478 Ko] – F:Space.Pirate.Captain.Harlock.2013.FRENCH.RERIP.BDRIP.zone-telechargement.com.avi
[26/04/2014 – 05:14:50 | N | 716202 Ko] – F:YL.1CD.BDRiP.zone-telechargement.com.avi
[30/04/2014 – 05:34:16 | N | 1114396 Ko] – F:Khumba.2014.TRUEFRENCH.DVDRiP.zone-telechargement.com.avi
[30/04/2014 – 07:27:52 | N | 719427 Ko] – F:Primates.Of.The.Seven.Seas.2012.FRENCH.DVDRiP.XviD-HMiDiMADRiDi.avi
[30/04/2014 – 21:35:34 | N | 1385802 Ko] – F:Lego.M.2014.TRUEFRENCH.WEBRiP.MD.XViD-STVFRV-Zone-Telechargement.com.avi
[01/05/2014 – 05:17:26 | N | 1435116 Ko] – F:I.Frankensstein.2013.TRUEFRENCH.DVDRiP.MD.XViD-STVFRV.avi
[02/05/2014 – 14:43:22 | N | 1436758 Ko] – F:The.Monuments.Men.2014.FRENCH.zone-telechargement.com (1).avi
[17/05/2014 – 21:23:50 | N | 770194 Ko] – F:Pompeii.2014.FRENCH.BRRIP.1CD.zone-telechargement.com.avi
[12/05/2010 – 02:41:46 | D] – F:bd_local
[02/04/2012 – 23:10:50 | D] – F:A Voir
[15/01/2014 – 19:24:20 | SHD] – F:System Volume Information

################## | I: – Disque Fixe (NTFS) |

[27/03/2011 – 08:34:53 | SHD] – I:$RECYCLE.BIN
[27/03/2011 – 10:40:40 | SHD] – I:System Volume Information
[12/05/2014 – 08:32:22 | D] – I:FILMS
[18/05/2014 – 13:00:08 | D] – I:Dossier de fichier LaCIE

################## | L: – Disque Fixe (FAT32) |

[20/12/2008 – 09:27:50 | SHD] – L:$RECYCLE.BIN
[29/03/2006 – 14:08:32 | N | 0 Ko] – L:._System Volume Information
[08/08/2008 – 06:24:48 | D] – L:UPDATE
[08/08/2008 – 06:24:48 | SHD] – L:System Volume Information
[08/08/2008 – 06:24:48 | D] – L:MOVIES

################## | M: – Disque Fixe (FAT32) |

[14/03/2009 – 20:19:54 | SHD] – M:$RECYCLE.BIN
[14/09/2007 – 11:20:14 | SHD] – M:System Volume Information
[14/09/2007 – 11:22:58 | D] – M:Western Digital
[14/09/2007 – 11:25:40 | D] – M:Photos
[14/09/2007 – 11:27:36 | D] – M:Logiciels
[14/09/2007 – 11:28:12 | D] – M:Dossiers
[22/06/2008 – 20:54:56 | D] – M:Images
[20/09/2008 – 09:40:22 | D] – M:TomTom
[07/06/2009 – 18:55:24 | D] – M:Recycled
[06/07/2009 – 16:05:08 | D] – M:Songs
[05/01/2010 – 18:22:40 | D] – M:A rangée
[18/03/2010 – 18:22:20 | D] – M:Dossier iphone
[06/09/2010 – 17:46:06 | D] – M:Film
[01/05/2012 – 08:11:22 | D] – M:Jeux
[06/12/2013 – 11:31:20 | D] – M:Ipad
[11/05/2014 – 11:57:42 | D] – M:soirée nanou 2014
[14/05/2014 – 18:47:26 | D] – M:Soirée entre copines

################## | Vaccin |

D:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
F:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
I:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
L:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
M:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)

################## | E.O.F | https://www.sosvirus.net/ | http://www.usbfix.net/ |