Kaikai01
Participant
Nombre d'articles : 14

USBfFix :
[spoiler:1kvd61c7]############################## | UsbFix V 7.171 | [Nettoyage]

Utilisateur: MEGE GAEL (Administrateur) # GAELMEGE-PC
Mis à jour le 18/05/2014 par El Desaparecido – SosVirus
Lancé à 10:38:33 | 07/06/2014

Site Web : http://www.usbfix.net/
Changelog : http://www.usbfix.net/maj/
Assistance : http://www.sosvirus.net/forum-virus-securite.html
Upload Malware : http://www.sosvirus.net/upload_malware.php
Contact : http://www.usbfix.net/contact/

PC: ASUSTeK Computer INC. (Maximus II Formula)
CPU: Intel(R) Core(TM)2 Quad CPU Q8400 @ 2.66GHz
RAM -> [Total : 4095 Mo| Free : 1709 Mo]
Bios: American Megatrends Inc.
Boot: Normal boot

OS: Microsoft Windows 7 Édition Intégrale (6.1.7601 64-Bit) Service Pack 1
WB: Windows Internet Explorer : 11.0.9600.17107
WB: Mozilla Firefox : 29.0.1

SC: Security Center [Enabled]
WU: Windows Update [Enabled]
AV: AVG AntiVirus Free Edition 2014 [Enabled | Updated]
AS: Windows Defender [(!) Disabled | Updated]
AS: AVG AntiVirus Free Edition 2014 [Enabled | Updated]
FW: Windows FireWall [(!) Disabled]

C: (%SystemDrive%) -> Disque fixe # 112 Go (74 Go libre(s) – 66%) [] # NTFS
D: -> CD-ROM
E: -> Disque fixe # 466 Go (410 Go libre(s) – 88%) [Programmes] # NTFS
F: -> Disque fixe # 931 Go (606 Go libre(s) – 65%) [Elements] # NTFS
H: -> Disque fixe # 932 Go (376 Go libre(s) – 40%) [Réseau] # NTFS
I: -> Disque fixe # 298 Go (175 Go libre(s) – 59%) [Sauvegarde] # NTFS

################## | Processus Stoppés |

C:WindowsSystem32atiesrxx.exe (ID: 780|ParentID: 824)
C:WindowsSystem32atieclxx.exe (ID: 1500|ParentID: 780)
C:WindowsSystem32spoolsv.exe (ID: 1596|ParentID: 824)
C:WindowsSystem32taskhost.exe (ID: 1852|ParentID: 824|MEGE GAEL)
C:Windowsexplorer.exe (ID: 1712|ParentID: 1996|MEGE GAEL)
C:Program Filesma-config.comMaConfigAgent.exe (ID: 2056|ParentID: 824|Système)
E:FreeMi UPnP Media ServerFreeMi UPnP Media Server.exe (ID: 3220|ParentID: 1712|MEGE GAEL)
E:Free Download Managerfdm.exe (ID: 3280|ParentID: 1712|MEGE GAEL)
C:Program Files (x86)NokiaNokia SuiteNokiaSuite.exe (ID: 3292|ParentID: 1712|MEGE GAEL)
C:WindowsSysWOW64ctfmon.exe (ID: 3588|ParentID: 3332|MEGE GAEL)
C:Program Files (x86)PC Connectivity SolutionServiceLayer.exe (ID: 3724|ParentID: 824|Système)
C:Program Files (x86)PC Connectivity SolutionTransportsNclUSBSrv64.exe (ID: 3820|ParentID: 3724|Système)
C:WindowsSystem32SearchIndexer.exe (ID: 1776|ParentID: 824|Système)
C:Program Files (x86)PC Connectivity SolutionTransportsNclMSBTSrvEx.exe (ID: 3892|ParentID: 3724|MEGE GAEL)
C:Program FilesWindows Media Playerwmpnetwk.exe (ID: 3544|ParentID: 824|SERVICE RÉSEAU)
C:Program Files (x86)Glary Utilities 5Integrator.exe (ID: 5024|ParentID: 2124|MEGE GAEL)
C:Program Files (x86)Mozilla Firefoxfirefox.exe (ID: 4760|ParentID: 1712|MEGE GAEL)
C:Program FilesMicrosoft IntelliPointipoint.exe (ID: 2892|ParentID: 2684|MEGE GAEL)
C:Program Files (x86)IntelIntel(R) Rapid Storage TechnologyIAStorIcon.exe (ID: 5432|ParentID: 3348|MEGE GAEL)
C:WindowsSystem32msiexec.exe (ID: 5536|ParentID: 824|Système)
C:UsersMEGE GAELBluebirdsBlueBirds.exe (ID: 5852|ParentID: 2684|MEGE GAEL)
E:ATI TechnologiesATI.ACECore-StaticMOM.exe (ID: 5124|ParentID: 5920|MEGE GAEL)
E:ATI TechnologiesATI.ACECore-StaticCCC.exe (ID: 5364|ParentID: 5124|MEGE GAEL)
C:Program Files (x86)IntelIntel(R) Rapid Storage TechnologyIAStorDataMgrSvc.exe (ID: 5920|ParentID: 824|Système)
C:WindowsMicrosoft.NETFramework64v3.0WPFPresentationFontCache.exe (ID: 5568|ParentID: 824|SERVICE LOCAL)
C:WindowsservicingTrustedInstaller.exe (ID: 3420|ParentID: 824|Système)

################## | Autorun |

################## | Recherche générique |

(!) Fichiers temporaires supprimés.

################## | Registre |

Supprimé! HKUS-1-5-21-507685455-2490628450-608314737-1001Software….Mountpoints2{2f3032dd-7ac0-11e3-b004-806e6f6e6963}
Supprimé! HKUS-1-5-21-507685455-2490628450-608314737-1001Software….Mountpoints2{b9cb5f12-7af5-11e3-a83c-806e6f6e6963}

################## | Regedit Run |

F2 – HKLM..Winlogon : [Shell] explorer.exe
F2 – [x64] HKLM..Winlogon : [Shell] explorer.exe
F2 – HKLM..Winlogon : [Userinit] userinit.exe,
F2 – [x64] HKLM..Winlogon : [Userinit] C:Windowssystem32userinit.exe,
04 – HKCU..Run : [GUDelayStartup] « C:Program Files (x86)Glary Utilities 5StartupManager.exe » -delayrun
04 – HKCU..Run : [AVG-Secure-Search-Update_1213b] C:UsersMEGE GAELAppDataRoamingAVG 1213b CampaignAVG-Secure-Search-Update-1213b.exe /PROMPT /mid=060a275cacd047d2946ad16f5e78f4fc-bba2f273edd347e78438b9186cb1d4b6db94722d /CMPID=1213b
04 – HKCU..Run : [bluebirds] C:UsersMEGE GAELBluebirdsBlueBirds.exe
04 – HKCU..Run : [AVG-Secure-Search-Update_0214c] C:UsersMEGE GAELAppDataRoamingAVG 0214c CampaignAVG-Secure-Search-Update-0214c.exe /PROMPT /mid=060a275cacd047d2946ad16f5e78f4fc-bba2f273edd347e78438b9186cb1d4b6db94722d /CMPID=0214c
04 – HKCU..Run : [FreeMi UPnP Media Server] E:FreeMi UPnP Media ServerFreeMi UPnP Media Server.exe
04 – HKCU..Run : [Free Download Manager] « E:Free Download Managerfdm.exe » -autorun
04 – HKCU..Run : [NokiaSuite.exe] C:Program Files (x86)NokiaNokia SuiteNokiaSuite.exe -tray
04 – HKLM..Run : [AVG_UI] « C:Program Files (x86)AVGAVG2014avgui.exe » /TRAYONLY
04 – HKLM..Run : [IAStorIcon] C:Program Files (x86)IntelIntel(R) Rapid Storage TechnologyIAStorIconLaunch.exe « C:Program Files (x86)IntelIntel(R) Rapid Storage TechnologyIAStorIcon.exe » 60
04 – HKLM..Run : [SunJavaUpdateSched] « C:Program Files (x86)Common FilesJavaJava Updatejusched.exe »
04 – HKUS-1-5-19..Run : [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /autoRun
04 – HKUS-1-5-20..Run : [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /autoRun
04 – HKUS-1-5-21-507685455-2490628450-608314737-1001..Run : [GUDelayStartup] « C:Program Files (x86)Glary Utilities 5StartupManager.exe » -delayrun
04 – HKUS-1-5-21-507685455-2490628450-608314737-1001..Run : [AVG-Secure-Search-Update_1213b] C:UsersMEGE GAELAppDataRoamingAVG 1213b CampaignAVG-Secure-Search-Update-1213b.exe /PROMPT /mid=060a275cacd047d2946ad16f5e78f4fc-bba2f273edd347e78438b9186cb1d4b6db94722d /CMPID=1213b
04 – HKUS-1-5-21-507685455-2490628450-608314737-1001..Run : [bluebirds] C:UsersMEGE GAELBluebirdsBlueBirds.exe
04 – HKUS-1-5-21-507685455-2490628450-608314737-1001..Run : [AVG-Secure-Search-Update_0214c] C:UsersMEGE GAELAppDataRoamingAVG 0214c CampaignAVG-Secure-Search-Update-0214c.exe /PROMPT /mid=060a275cacd047d2946ad16f5e78f4fc-bba2f273edd347e78438b9186cb1d4b6db94722d /CMPID=0214c
04 – HKUS-1-5-21-507685455-2490628450-608314737-1001..Run : [FreeMi UPnP Media Server] E:FreeMi UPnP Media ServerFreeMi UPnP Media Server.exe
04 – HKUS-1-5-21-507685455-2490628450-608314737-1001..Run : [Free Download Manager] « E:Free Download Managerfdm.exe » -autorun
04 – HKUS-1-5-21-507685455-2490628450-608314737-1001..Run : [NokiaSuite.exe] C:Program Files (x86)NokiaNokia SuiteNokiaSuite.exe -tray
04 – HKUS-1-5-19..RunOnce : [mctadmin] C:WindowsSystem32mctadmin.exe
04 – HKUS-1-5-20..RunOnce : [mctadmin] C:WindowsSystem32mctadmin.exe
04 – HKUS-1-5-18..RunOnce : [SPReview] « C:WindowsSystem32SPReviewSPReview.exe » /sp:1 /errorfwlink: »http://go.microsoft.com/fwlink/?LinkID=122915″ /build:7601

################## | C: %SystemDrive% – Disque Fixe (NTFS) |

[07/06/2014 – 10:31:10 | ASH | 4193396 Ko] – C:pagefile.sys
[07/06/2014 – 10:31:10 | ASH | 3145044 Ko] – C:hiberfil.sys
[07/06/2014 – 10:31:52 | N | 0 Ko] – C:BackupLoader.ini
[11/01/2014 – 15:08:01 | SHD] – C:$Recycle.Bin
[07/06/2014 – 08:46:48 | N | 1 Ko] – C:PhysicalDisk0_MBR.bin
[11/01/2014 – 14:58:24 | RASH | 8 Ko] – C:BOOTSECT.BAK
[14/07/2009 – 05:20:08 | D] – C:PerfLogs
[14/07/2009 – 07:08:56 | SHD] – C:Documents and Settings
[20/11/2010 – 14:40:07 | RASH | 375 Ko] – C:bootmgr
[11/01/2014 – 15:07:49 | SHD] – C:Recovery
[11/01/2014 – 17:08:31 | D] – C:$AVG
[11/01/2014 – 21:07:25 | D] – C:Intel
[12/01/2014 – 19:35:07 | SHD] – C:Boot
[01/04/2014 – 14:04:00 | D] – C:Downloads
[15/05/2014 – 06:06:21 | D] – C:Program Files
[16/05/2014 – 11:12:26 | HD] – C:ProgramData
[07/06/2014 – 08:14:28 | D] – C:UsbFix
[07/06/2014 – 08:32:41 | D] – C:AdwCleaner
[07/06/2014 – 08:42:48 | D] – C:Program Files (x86)
[07/06/2014 – 08:44:51 | D] – C:Users
[07/06/2014 – 10:29:43 | D] – C:Windows
[07/06/2014 – 10:32:52 | SHD] – C:System Volume Information

################## | E: – Disque Fixe (NTFS) |

[07/11/2007 – 09:00:40 | N | 17 Ko] – E:eula.1040.txt
[07/11/2007 – 09:00:40 | N | 17 Ko] – E:eula.3082.txt
[07/11/2007 – 09:00:40 | N | 17 Ko] – E:eula.2052.txt
[07/11/2007 – 09:00:40 | N | 17 Ko] – E:eula.1042.txt
[07/11/2007 – 09:00:40 | N | 0 Ko] – E:eula.1041.txt
[07/11/2007 – 09:00:40 | N | 10 Ko] – E:eula.1033.txt
[07/11/2007 – 09:00:40 | N | 17 Ko] – E:eula.1036.txt
[07/11/2007 – 09:00:40 | N | 17 Ko] – E:eula.1028.txt
[07/11/2007 – 09:00:40 | N | 17 Ko] – E:eula.1031.txt
[07/11/2007 – 09:53:12 | N | 237 Ko] – E:VC_RED.MSI
[20/01/2014 – 15:49:35 | D] – E:Config.Msi
[07/11/2007 – 09:00:40 | N | 1 Ko] – E:globdata.ini
[07/11/2007 – 09:00:40 | N | 1 Ko] – E:install.ini
[08/02/2014 – 23:41:08 | N | 0 Ko] – E:mapui.ini
[08/02/2014 – 23:41:30 | N | 1 Ko] – E:attach.ini
[07/11/2007 – 09:44:20 | N | 835 Ko | VirusTotal – (0/52)] – E:install.exe
[07/11/2007 – 09:44:20 | N | 92 Ko | VirusTotal – (0/52)] – E:install.res.1040.dll
[07/11/2007 – 09:44:20 | N | 94 Ko | VirusTotal – (0/52)] – E:install.res.1036.dll
[07/11/2007 – 09:44:20 | N | 73 Ko | VirusTotal – (0/48)] – E:install.res.2052.dll
[07/11/2007 – 09:44:20 | N | 88 Ko | VirusTotal – (0/49)] – E:install.res.1033.dll
[07/11/2007 – 09:44:20 | N | 79 Ko | VirusTotal – (0/53)] – E:install.res.1041.dll
[07/11/2007 – 09:44:20 | N | 93 Ko | VirusTotal – (0/52)] – E:install.res.3082.dll
[07/11/2007 – 09:44:20 | N | 77 Ko | VirusTotal – (0/52)] – E:install.res.1042.dll
[07/11/2007 – 09:44:20 | N | 74 Ko | VirusTotal – (0/51)] – E:install.res.1028.dll
[07/11/2007 – 09:44:20 | N | 93 Ko | VirusTotal – (0/47)] – E:install.res.1031.dll
[07/11/2007 – 09:50:40 | N | 1883 Ko] – E:VC_RED.cab
[07/11/2007 – 09:00:40 | N | 6 Ko] – E:vcredist.bmp
[11/01/2014 – 17:09:36 | SHD] – E:$RECYCLE.BIN
[11/01/2014 – 17:40:41 | D] – E:Malwarebytes' Anti-Malware
[11/01/2014 – 19:18:20 | RHD] – E:MSOCache
[11/01/2014 – 19:44:30 | D] – E:AMD
[11/01/2014 – 19:48:59 | D] – E:ATI Technologies
[11/01/2014 – 20:54:25 | SHD] – E:System Volume Information
[20/01/2014 – 15:39:12 | D] – E:Microsoft Office
[29/01/2014 – 14:57:14 | D] – E:GIMP 2
[19/02/2014 – 15:13:46 | D] – E:Spectacle Clement
[20/02/2014 – 19:59:49 | D] – E:Programmes Créatifs
[21/02/2014 – 21:46:23 | D] – E:REencodeur
[23/02/2014 – 22:51:08 | D] – E:$AVG
[08/03/2014 – 11:26:44 | D] – E:Mumble
[13/03/2014 – 11:36:15 | D] – E:FreeMi UPnP Media Server
[01/04/2014 – 11:21:20 | D] – E:Jeux
[27/04/2014 – 11:09:19 | D] – E:Handbrake
[27/04/2014 – 11:22:51 | D] – E:MKVToolNix
[02/05/2014 – 05:49:31 | D] – E:Mozilla
[16/05/2014 – 11:16:43 | D] – E:Nokia Suite
[07/06/2014 – 07:03:56 | D] – E:Free Download Manager
[07/06/2014 – 07:21:49 | D] – E:Ebook

################## | F: – Disque Fixe (NTFS) |

[08/04/2013 – 01:45:00 | N | 1024 Ko] – F:ReadMe.pdf
[02/11/2012 – 22:39:44 | N | 0 Ko] – F:autorun.inf
[13/10/2013 – 14:04:48 | N | 6016 Ko] – F:test_write1.dvr
[13/10/2013 – 14:04:53 | N | 6016 Ko] – F:test_write2.dvr
[27/01/2014 – 10:10:03 | ASH | 7 Ko] – F:Thumbs.db
[07/06/2014 – 10:39:15 | SHD] – F:$RECYCLE.BIN
[10/08/2013 – 18:45:19 | SHD] – F:System Volume Information
[13/10/2013 – 14:04:48 | D] – F:ALIDVR
[27/01/2014 – 10:10:02 | D] – F:autorun
[16/02/2014 – 18:46:19 | SHD] – F:RECYCLER
[13/04/2014 – 11:31:45 | D] – F:ReseauCCG

################## | H: – Disque Fixe (NTFS) |

[11/01/2014 – 15:20:13 | SHD] – H:$RECYCLE.BIN
[13/09/2013 – 06:25:45 | D] – H:Gael Mege
[13/09/2013 – 11:47:32 | SHD] – H:System Volume Information
[04/02/2014 – 22:20:39 | D] – H:Les indispensables ^^
[16/04/2014 – 14:13:37 | D] – H:ReseauCCG
[25/04/2014 – 10:00:43 | D] – H:$AVG
[25/04/2014 – 12:21:29 | D] – H:jobs

################## | I: – Disque Fixe (NTFS) |

[11/01/2014 – 20:41:32 | N | 1 Ko] – I:MediaID.bin
[11/01/2014 – 20:55:11 | SHD] – I:$RECYCLE.BIN
[02/02/2014 – 20:01:11 | D] – I:MEGEGAEL-PC
[09/02/2014 – 20:01:32 | D] – I:WindowsImageBackup
[18/05/2014 – 19:01:29 | D] – I:GAELMEGE-PC
[01/06/2014 – 19:09:55 | SHD] – I:System Volume Information

################## | Vaccin |

E:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
F:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
H:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
I:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)

################## | E.O.F | http://www.sosvirus.net/ | http://www.usbfix.net/ |[/spoiler:1kvd61c7]
J’ai branché un disque dur qui et normalement branché sur ma freebox pour servir à l’ensemble des PC sur mon « réseau domestique »
Si il faut désinfecter les autres PC je ferais un nouveau post avec le PC conserné.
Merci de ta réponse rapide :)
Je vais m’absenter 1 heure ou 2 (je préviens pour pas que tu t’impatiente (je pensais pas que ça soit aussi rapide).
P.S. : Par contre, pourquoi désinstaller spybot ?(j’aime bien savoir) ^^ merci