Ailys
Participant
Nombre d'articles : 4

Alors, comme demander, voici le rapport :)
[spoiler:1ccaahxy]############################## | UsbFix V 7.171 | [Nettoyage]

Utilisateur: Sylia (Administrateur) # SYLIA-PC
Mis à jour le 18/05/2014 par El Desaparecido – SosVirus
Lancé à 17:05:16 | 22/05/2014

Site Web : http://www.usbfix.net/
Changelog : http://www.usbfix.net/maj/
Assistance : http://www.sosvirus.net/forum-virus-securite.html
Upload Malware : http://www.sosvirus.net/upload_malware.php
Contact : http://www.usbfix.net/contact/

PC: ASUSTeK COMPUTER INC. (F1A55-M LX R2.0)
CPU: AMD Athlon(tm) II X4 631 Quad-Core Processor
RAM -> [Total : 8151 Mo| Free : 5812 Mo]
Bios: American Megatrends Inc.
Boot: Normal boot

OS: Microsoft Windows 7 Édition Familiale Premium (6.1.7601 64-Bit) Service Pack 1
WB: Windows Internet Explorer : 11.0.9600.17041
WB: Google Chrome : 35.0.1916.114
WB: Mozilla Firefox : 29.0.1

SC: Security Center [Enabled]
WU: Windows Update [Enabled]
AV: avast! Antivirus [Enabled | Updated]
AS: Windows Defender [Enabled | Updated]
AS: avast! Antivirus [Enabled | Updated]
FW: Windows FireWall [(!) Disabled]

C: (%SystemDrive%) -> Disque fixe # 141 Go (40 Go libre(s) – 29%) [HDD] # NTFS
D: -> CD-ROM
E: -> Disque fixe # 233 Go (212 Go libre(s) – 91%) [468485] # NTFS
I: -> Disque amovible # 7 Go (7 Go libre(s) – 100%) [SANS TITRE] # FAT32

################## | Processus Stoppés |

C:WindowsSystem32nvvsvc.exe (ID: 828|ParentID: 636)
C:Program Files (x86)NVIDIA Corporation3D VisionnvSCPAPISvr.exe (ID: 852|ParentID: 636)
C:Program FilesTabletWacomWTabletServicePro.exe (ID: 1084|ParentID: 636)
C:Program FilesNVIDIA CorporationDisplaynvxdsync.exe (ID: 1432|ParentID: 828|Système)
C:WindowsSystem32nvvsvc.exe (ID: 1440|ParentID: 828|Système)
C:WindowsSystem32spoolsv.exe (ID: 1648|ParentID: 636|Système)
C:Program Files (x86)Common FilesAdobeARM1.0armsvc.exe (ID: 1840|ParentID: 636|Système)
C:Program Files (x86)Common FilesAppleMobile Device SupportAppleMobileDeviceService.exe (ID: 1864|ParentID: 636|Système)
C:WindowsSystem32taskhost.exe (ID: 1980|ParentID: 636|Sylia)
C:Windowsexplorer.exe (ID: 1324|ParentID: 912|Sylia)
C:Program FilesBonjourmDNSResponder.exe (ID: 1344|ParentID: 636|Système)
C:Program Files (x86)D-LinkDWA-140 revBANIWConnService.exe (ID: 1740|ParentID: 636|Système)
C:Program Files (x86)NVIDIA CorporationNVIDIA Update CoreNvTmru.exe (ID: 2132|ParentID: 1324|Sylia)
C:Program FilesWindows Sidebarsidebar.exe (ID: 2164|ParentID: 1324|Sylia)
C:Program Files (x86)Common FilesAppleInternet ServicesiCloudServices.exe (ID: 2360|ParentID: 1324|Sylia)
C:Program Files (x86)Common FilesAppleInternet ServicesApplePhotoStreams.exe (ID: 2420|ParentID: 1324|Sylia)
C:Program FilesNVIDIA CorporationDisplaynvtray.exe (ID: 2440|ParentID: 1432|Sylia)
C:Program Files (x86)Common FilesAppleInternet ServicesAppleIEDAV.exe (ID: 2504|ParentID: 1324|Sylia)
C:Program Files (x86)iFunbox 2014iFunBox2014.exe (ID: 2572|ParentID: 1324|Sylia)
C:Program Files (x86)D-LinkDWA-140 revBAirNCFG.exe (ID: 2696|ParentID: 2636|Sylia)
C:Program Files (x86)iTunesiTunesHelper.exe (ID: 2780|ParentID: 2636|Sylia)
C:Program FilesWestern DigitalWD SmartWareWD Drive ManagerWDDMStatus.exe (ID: 2844|ParentID: 1324|Sylia)
C:Program Files (x86)D-LinkDWA-131wirelesscm.exe (ID: 2880|ParentID: 1324|Sylia)
C:Program Files (x86)Mozilla Firefoxfirefox.exe (ID: 2496|ParentID: 1324|Sylia)
C:Program Files (x86)Common FilesAppleInternet ServicesAPSDaemon.exe (ID: 1644|ParentID: 748|Sylia)
C:Program FilesCommon FilesProtexisLicense ServicePsiService_2.exe (ID: 3180|ParentID: 636|Système)
C:Program FilesWestern DigitalWD SmartWareWD Drive ManagerWDDMService.exe (ID: 4004|ParentID: 636|Système)
C:Program Files (x86)Western DigitalWD SmartWareFront ParlorWDFMEWDFME.exe (ID: 3292|ParentID: 636|Système)
C:Program Files (x86)Western DigitalWD SmartWareFront ParlorWDSC.exe (ID: 4080|ParentID: 636|Système)
C:WindowsSystem32SearchIndexer.exe (ID: 1292|ParentID: 636|Système)
C:Program FilesiPodbiniPodService.exe (ID: 3244|ParentID: 636|Système)
C:Program FilesTabletWacomWacom_TabletUser.exe (ID: 6128|ParentID: 1084|Sylia)
C:Program FilesTabletWacomWacomHost.exe (ID: 5444|ParentID: 1084|Système)
C:Program FilesTabletWacomWacom_Tablet.exe (ID: 5244|ParentID: 5444|Système)
C:Program FilesTabletWacomWacom_TouchUser.exe (ID: 5400|ParentID: 1084|Sylia)
C:Program FilesWindows Media Playerwmpnetwk.exe (ID: 5484|ParentID: 636|SERVICE RÉSEAU)
C:WindowsSystem32WUDFHost.exe (ID: 5900|ParentID: 128|SERVICE LOCAL)
C:WindowsSystem32wuauclt.exe (ID: 4232|ParentID: 436|Sylia)
C:Program Files (x86)Malwarebytes Anti-Malwarembamscheduler.exe (ID: 2092|ParentID: 636|Système)
C:Program Files (x86)Malwarebytes Anti-Malwarembam.exe (ID: 4136|ParentID: 2264|Sylia)

################## | Autorun |

################## | Recherche générique |

Supprimé! E:2102012371.lnk

(!) Fichiers temporaires supprimés.

################## | Registre |

Supprimé! HKUS-1-5-21-3960361967-429111706-1838248269-1000Software….Mountpoints2{9f64655a-9c90-11e2-9fb5-85050f9ca881}
Supprimé! HKUS-1-5-21-3960361967-429111706-1838248269-1000Software….Mountpoints2{edbbc3f0-b9b6-11e2-b587-9c0376b5e7c2}
Supprimé! HKUS-1-5-21-3960361967-429111706-1838248269-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0Software….Mountpoints2{9f64655a-9c90-11e2-9fb5-85050f9ca881}
Supprimé! HKUS-1-5-21-3960361967-429111706-1838248269-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0Software….Mountpoints2{edbbc3f0-b9b6-11e2-b587-9c0376b5e7c2}

################## | Regedit Run |

F2 – HKLM..Winlogon : [Shell] explorer.exe
F2 – [x64] HKLM..Winlogon : [Shell] explorer.exe
F2 – HKLM..Winlogon : [Userinit] userinit.exe,
F2 – [x64] HKLM..Winlogon : [Userinit] C:Windowssystem32userinit.exe,
04 – HKCU..Run : [Sidebar] C:Program FilesWindows Sidebarsidebar.exe /autoRun
04 – HKCU..Run : [Steam] « C:Program Files (x86)SteamSteam.exe » -silent
04 – HKCU..Run : [iCloudServices] C:Program Files (x86)Common FilesAppleInternet ServicesiCloudServices.exe
04 – HKCU..Run : [ApplePhotoStreams] C:Program Files (x86)Common FilesAppleInternet ServicesApplePhotoStreams.exe
04 – HKCU..Run : [com.apple.dav.bookmarks.daemon] C:Program Files (x86)Common FilesAppleInternet ServicesBookmarkDAV_client.exe
04 – HKCU..Run : [AppleIEDAV] C:Program Files (x86)Common FilesAppleInternet ServicesAppleIEDAV.exe
04 – HKCU..Run : [iFunBox Price Watch] C:Program Files (x86)iFunbox 2014iFunBox2014.exe /tray
04 – HKLM..Run : [D-Link D-Link DWA-140] C:Program Files (x86)D-LinkDWA-140 revBAirNCFG.exe
04 – HKLM..Run : [APSDaemon] « C:Program Files (x86)Common FilesAppleApple Application SupportAPSDaemon.exe »
04 – HKLM..Run : [Adobe ARM] « C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe »
04 – HKLM..Run : [SwitchBoard] C:Program Files (x86)Common FilesAdobeSwitchBoardSwitchBoard.exe
04 – HKLM..Run : [AdobeCS6ServiceManager] « C:Program Files (x86)Common FilesAdobeCS6ServiceManagerCS6ServiceManager.exe » -launchedbylogin
04 – HKLM..Run : [iTunesHelper] « C:Program Files (x86)iTunesiTunesHelper.exe »
04 – HKLM..Run : [AvastUI.exe] « C:Program FilesAVAST SoftwareAvastAvastUI.exe » /nogui
04 – HKLM..RunOnce : [20131224] C:Program FilesAVAST SoftwareAvastsetupemupdate5f9dfc5f-2abd-441b-81a6-a04d7bbf7da9.exe /check
04 – [x64] HKLM..Run : [Nvtmru] « C:Program Files (x86)NVIDIA CorporationNVIDIA Update Corenvtmru.exe » -f « C:ProgramDataNVIDIAUpdatusNvTmrunvtmru.dat »
04 – [x64] HKLM..Run : [AdobeAAMUpdater-1.0] « C:Program Files (x86)Common FilesAdobeOOBEPDAppUWAUpdaterStartupUtility.exe »
04 – HKUS-1-5-19..Run : [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /autoRun
04 – HKUS-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0..Run : [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /autoRun
04 – HKUS-1-5-20..Run : [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /autoRun
04 – HKUS-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0..Run : [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /autoRun
04 – HKUS-1-5-21-3960361967-429111706-1838248269-1000..Run : [Sidebar] C:Program FilesWindows Sidebarsidebar.exe /autoRun
04 – HKUS-1-5-21-3960361967-429111706-1838248269-1000..Run : [Steam] « C:Program Files (x86)SteamSteam.exe » -silent
04 – HKUS-1-5-21-3960361967-429111706-1838248269-1000..Run : [iCloudServices] C:Program Files (x86)Common FilesAppleInternet ServicesiCloudServices.exe
04 – HKUS-1-5-21-3960361967-429111706-1838248269-1000..Run : [ApplePhotoStreams] C:Program Files (x86)Common FilesAppleInternet ServicesApplePhotoStreams.exe
04 – HKUS-1-5-21-3960361967-429111706-1838248269-1000..Run : [com.apple.dav.bookmarks.daemon] C:Program Files (x86)Common FilesAppleInternet ServicesBookmarkDAV_client.exe
04 – HKUS-1-5-21-3960361967-429111706-1838248269-1000..Run : [AppleIEDAV] C:Program Files (x86)Common FilesAppleInternet ServicesAppleIEDAV.exe
04 – HKUS-1-5-21-3960361967-429111706-1838248269-1000..Run : [iFunBox Price Watch] C:Program Files (x86)iFunbox 2014iFunBox2014.exe /tray
04 – HKUS-1-5-21-3960361967-429111706-1838248269-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0..Run : [Sidebar] C:Program FilesWindows Sidebarsidebar.exe /autoRun
04 – HKUS-1-5-21-3960361967-429111706-1838248269-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0..Run : [Steam] « C:Program Files (x86)SteamSteam.exe » -silent
04 – HKUS-1-5-21-3960361967-429111706-1838248269-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0..Run : [iCloudServices] C:Program Files (x86)Common FilesAppleInternet ServicesiCloudServices.exe
04 – HKUS-1-5-21-3960361967-429111706-1838248269-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0..Run : [ApplePhotoStreams] C:Program Files (x86)Common FilesAppleInternet ServicesApplePhotoStreams.exe
04 – HKUS-1-5-21-3960361967-429111706-1838248269-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0..Run : [com.apple.dav.bookmarks.daemon] C:Program Files (x86)Common FilesAppleInternet ServicesBookmarkDAV_client.exe
04 – HKUS-1-5-21-3960361967-429111706-1838248269-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0..Run : [AppleIEDAV] C:Program Files (x86)Common FilesAppleInternet ServicesAppleIEDAV.exe
04 – HKUS-1-5-21-3960361967-429111706-1838248269-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0..Run : [iFunBox Price Watch] C:Program Files (x86)iFunbox 2014iFunBox2014.exe /tray
04 – HKUS-1-5-21-3960361967-429111706-1838248269-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0..Run : [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /autoRun
04 – HKUS-1-5-19..RunOnce : [mctadmin] C:WindowsSystem32mctadmin.exe
04 – HKUS-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0..RunOnce : [mctadmin] C:WindowsSystem32mctadmin.exe
04 – HKUS-1-5-20..RunOnce : [mctadmin] C:WindowsSystem32mctadmin.exe
04 – HKUS-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0..RunOnce : [mctadmin] C:WindowsSystem32mctadmin.exe
04 – HKUS-1-5-21-3960361967-429111706-1838248269-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0..RunOnce : [mctadmin] C:WindowsSystem32mctadmin.exe

################## | C: %SystemDrive% – Disque Fixe (NTFS) |

[18/09/2006 – 23:43:37 | | 0 Ko] – C:config.sys
[25/02/2013 – 12:40:47 | RASH | 0 Ko] – C:IO.SYS
[25/02/2013 – 12:40:47 | RASH | 0 Ko] – C:MSDOS.SYS
[22/05/2014 – 15:57:13 | ASH | 6259656 Ko] – C:hiberfil.sys
[22/05/2014 – 15:57:13 | ASH | 8346208 Ko] – C:pagefile.sys
[21/05/2014 – 23:59:34 | D] – C:Config.Msi
[10/03/2006 – 18:31:25 | N | 0 Ko] – C:setup.log
[29/11/2006 – 23:38:58 | N | 1 Ko] – C:MSP.iss
[21/03/2014 – 22:26:03 | N | 0 Ko] – C:AVScanner.ini
[16/01/2014 – 02:42:40 | N | 594 Ko | SHA1: 157A493C4DDEC03A46D8EEDD9E4BE10E81B22AC2] – C:SecurityScanner.dll
[25/09/2013 – 19:58:04 | SHD] – C:$Recycle.Bin
[18/09/2006 – 23:43:36 | A | 0 Ko] – C:autoexec.bat
[04/04/2013 – 19:47:59 | RASH | 8 Ko] – C:BOOTSECT.BAK
[10/03/2006 – 18:27:13 | D] – C:Intel
[10/03/2006 – 19:09:18 | RHD] – C:MSOCache
[11/03/2006 – 02:27:40 | D] – C:drivers
[14/07/2009 – 05:20:08 | D] – C:PerfLogs
[14/07/2009 – 07:08:56 | SHD] – C:Documents and Settings
[21/11/2010 – 05:23:51 | RASH | 375 Ko] – C:bootmgr
[09/02/2012 – 17:34:41 | D] – C:WimSoft
[25/02/2013 – 14:04:20 | D] – C:ATI
[02/04/2013 – 23:43:12 | D] – C:NVIDIA
[03/04/2013 – 19:07:02 | SHD] – C:Recovery
[03/04/2013 – 20:41:03 | D] – C:Users
[04/04/2013 – 19:47:57 | SHD] – C:boot
[21/05/2014 – 09:58:56 | D] – C:Temp
[21/05/2014 – 23:25:32 | D] – C:UsbFix
[22/05/2014 – 15:46:43 | D] – C:Program Files (x86)
[22/05/2014 – 15:46:50 | D] – C:AdwCleaner
[22/05/2014 – 15:54:27 | SHD] – C:System Volume Information
[22/05/2014 – 15:55:16 | D] – C:Windows
[22/05/2014 – 16:15:52 | HD] – C:ProgramData
[22/05/2014 – 16:15:52 | D] – C:Program Files

################## | E: – Disque Fixe (NTFS) |

[16/05/2014 – 11:53:52 | N | 3922 Ko] – E:DWW Fini.pdf
[16/05/2014 – 19:48:34 | N | 4944 Ko] – E:DWW Fini.indd
[03/04/2013 – 20:46:15 | SHD] – E:$RECYCLE.BIN
[14/09/2012 – 21:25:49 | SHD] – E:System Volume Information
[15/08/2013 – 00:53:38 | D] – E:Sylia
[16/05/2014 – 21:05:13 | D] – E:Clé Usb

################## | Vaccin |

E:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)

################## | E.O.F | http://www.sosvirus.net/ | http://www.usbfix.net/ |[/spoiler:1ccaahxy]