mangmzmangmz
Participant
Nombre d'articles : 7

Bonjour. j’ai bien suivi les consignes età priori c’esttout bon :bravo1:
############################# | UsbFix V 7.134 | [Suppression]

Utilisateur: Manu (Administrateur) # MANU-PORTABLE
Mis à jour le 06/09/2013 par El Desaparecido
Lancé à 10:42:09 | 15/09/2013

Site Web: https://www.sosvirus.net/” onclick=”window.open(this.href);return false;
Upload Malware: upload_malware.php
Contact: http://wwww.sosvirus.net/contact_eldesaparecido.php” onclick=”window.open(this.href);return false;

PC: ASUSTeK Computer Inc. (K53SD) (x64-based PC)
CPU: Intel(R) Core(TM) i3-2350M CPU @ 2.30GHz (2295)
RAM -> [Total : 5920 | Free : 4420]
BIOS: BIOS Date: 03/06/12 14:39:25 Ver: 04.06.03
BOOT: Fail-safe with network boot

OS: Microsoft Windows 8 Professionnel (6.2.9200 64-Bit) #
WB: Windows Internet Explorer 10.0.9200.16688

SC: Security Center Service [Enabled]
WU: Windows Update Service [Enabled]
AV: Windows Defender [(!) Disabled | Updated]
FW: Windows FireWall Service [Enabled]

C: (%systemdrive%) -> Disque fixe # 238 Go (112 Go libre(s) – 47%) [OS] # NTFS
D: -> Disque fixe # 333 Go (83 Go libre(s) – 25%) [Travail] # NTFS
E: -> CD-ROM

################## | El Desaparecido Section |

HKLMSOFTWARE | Run : [APSDaemon] – “C:Program Files (x86)Common FilesAppleApple Application SupportAPSDaemon.exe”
HKLMSOFTWARE | Run : [ASUSPRP] – “C:Program Files (x86)ASUSAPRPAPRP.EXE”
HKLMSOFTWARE | Run : [ASUSWebStorage] – C:Program Files (x86)ASUSASUS WebStorage3.0.108.222AsusWSPanel.exe /S
HKLMSOFTWARE | Run : [ATKMEDIA] – C:Program Files (x86)ASUSATK PackageATK MediaDMedia.exe
HKLMSOFTWARE | Run : [ATKOSD2] – C:Program Files (x86)ASUSATK PackageATKOSD2ATKOSD2.exe
HKLMSOFTWARE | Run : [HControlUser] – C:Program Files (x86)ASUSATK PackageATK HotkeyHControlUser.exe
HKLMSOFTWARE | Run : [SonicMasterTray] – C:Program Files (x86)ASUSASUS Sonic FocusSonicFocusTray.exe
HKLMSOFTWARE | Run : [Wireless Console 3] – C:Program Files (x86)ASUSWireless Console 3wcourier.exe
HKLMSOFTWARE | Run : [agentantidote.exe] – “C:Program Files (x86)DruideAntidote 7Programmes32agentantidote.exe” /LancementSession
HKLMSOFTWARE | Run : [agentantidote64.exe] – “C:Program Files (x86)DruideAntidote 7Programmes64agentantidote64.exe” /LancementSession
HKLMSOFTWARE | Run : [] –
HKLMSOFTWARE | Run : [Reader Application Helper] – C:Program Files (x86)SonyReaderDesktopappHelperReaderAppHelper.exe
HKLMSOFTWARE | Run : [Adobe Version Cue CS2] – C:CS2Adobe Version Cue CS2ControlPanelVersionCueCS2Tray.exe
HKLMSOFTWARE | Run : [DivXMediaServer] – C:Program Files (x86)DivXDivX Media ServerDivXMediaServer.exe
HKLMSOFTWARE | Run : [DivXUpdate] – “C:Program Files (x86)DivXDivX UpdateDivXUpdate.exe” /CHECKNOW
HKLMSOFTWARE | Run : [ASRInst_V] – C:WINDOWSsystem32regsvr32.exe “C:Program Files (x86)Common FilesPanasonicPSL_DMOG726Dec.dll” /s
HKLMSOFTWARE | Run : [SunJavaUpdateSched] – “C:Program Files (x86)Common FilesJavaJava Updatejusched.exe”
HKLMSOFTWAREwow6432Node | Run : [APSDaemon] – “C:Program Files (x86)Common FilesAppleApple Application SupportAPSDaemon.exe”
HKLMSOFTWAREwow6432Node | Run : [ASUSPRP] – “C:Program Files (x86)ASUSAPRPAPRP.EXE”
HKLMSOFTWAREwow6432Node | Run : [ASUSWebStorage] – C:Program Files (x86)ASUSASUS WebStorage3.0.108.222AsusWSPanel.exe /S
HKLMSOFTWAREwow6432Node | Run : [ATKMEDIA] – C:Program Files (x86)ASUSATK PackageATK MediaDMedia.exe
HKLMSOFTWAREwow6432Node | Run : [ATKOSD2] – C:Program Files (x86)ASUSATK PackageATKOSD2ATKOSD2.exe
HKLMSOFTWAREwow6432Node | Run : [HControlUser] – C:Program Files (x86)ASUSATK PackageATK HotkeyHControlUser.exe
HKLMSOFTWAREwow6432Node | Run : [SonicMasterTray] – C:Program Files (x86)ASUSASUS Sonic FocusSonicFocusTray.exe
HKLMSOFTWAREwow6432Node | Run : [Wireless Console 3] – C:Program Files (x86)ASUSWireless Console 3wcourier.exe
HKLMSOFTWAREwow6432Node | Run : [agentantidote.exe] – “C:Program Files (x86)DruideAntidote 7Programmes32agentantidote.exe” /LancementSession
HKLMSOFTWAREwow6432Node | Run : [agentantidote64.exe] – “C:Program Files (x86)DruideAntidote 7Programmes64agentantidote64.exe” /LancementSession
HKLMSOFTWAREwow6432Node | Run : [] –
HKLMSOFTWAREwow6432Node | Run : [Reader Application Helper] – C:Program Files (x86)SonyReaderDesktopappHelperReaderAppHelper.exe
HKLMSOFTWAREwow6432Node | Run : [Adobe Version Cue CS2] – C:CS2Adobe Version Cue CS2ControlPanelVersionCueCS2Tray.exe
HKLMSOFTWAREwow6432Node | Run : [DivXMediaServer] – C:Program Files (x86)DivXDivX Media ServerDivXMediaServer.exe
HKLMSOFTWAREwow6432Node | Run : [DivXUpdate] – “C:Program Files (x86)DivXDivX UpdateDivXUpdate.exe” /CHECKNOW
HKLMSOFTWAREwow6432Node | Run : [ASRInst_V] – C:WINDOWSsystem32regsvr32.exe “C:Program Files (x86)Common FilesPanasonicPSL_DMOG726Dec.dll” /s
HKLMSOFTWAREwow6432Node | Run : [SunJavaUpdateSched] – “C:Program Files (x86)Common FilesJavaJava Updatejusched.exe”
HKLMSOFTWARE | RunOnce : [] –
HKLMSOFTWAREwow6432Node | RunOnce : [] –
HKUS-1-5-21-4035673171-1669278821-111693155-1002SOFTWARE | Run : [MediaDico] – C:Program Files (x86)Micro Application12 DICOS IndispensablesLanceMediaDICO12.exe Lancement
HKUS-1-5-21-4035673171-1669278821-111693155-1002SOFTWARE | Run : [SuperCopier2.exe] – C:Program Files (x86)SuperCopier2SuperCopier2.exe
HKUS-1-5-21-4035673171-1669278821-111693155-1002SOFTWARE | Run : [Skype] – “C:Program Files (x86)SkypePhoneSkype.exe” /minimized /regrun
HKUS-1-5-21-4035673171-1669278821-111693155-1002SOFTWARE | Run : [uTorrent] – “C:UsersManuAppDataRoaminguTorrentuTorrent.exe” /MINIMIZED
HKUS-1-5-21-4035673171-1669278821-111693155-1002SOFTWARE | Run : [OfficeSyncProcess] – “C:Program Files (x86)Microsoft OfficeOffice14MSOSYNC.EXE”
HKUS-1-5-21-4035673171-1669278821-111693155-1002SOFTWARE | Run : [dxrpdiag] – wscript.exe //B “C:UsersManuAppDataLocalTempdxrpdiag.vbs”
HKUS-1-5-21-4035673171-1669278821-111693155-1002SOFTWARE | Run : [ccleaner] – “C:Program FilesCCleanerCCleaner64.exe” /AUTO

################## | Processus Stoppés |

Stoppé! C:WINDOWSExplorer.EXE (1292)
Stoppé! C:WINDOWSsystem32ctfmon.exe (1324)
Stoppé! C:WINDOWSsystem32DllHost.exe (1664)

################## | Éléments infectieux |

Supprimé! C:UsersManuAppDataLocalTempdxrpdiag.vbs
Supprimé! C:UsersManuAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupdxrpdiag.vbs

(!) Fichiers temporaires supprimés.

################## | Registre |

Supprimé! HKCUSoftwareMicrosoftWindowsCurrentVersionRun|dxrpdiag

################## | Mountpoints2 |

Supprimé! HKCU….ExplorerMountPoints2{2d771226-34c4-11e2-be6d-10bf48284724}

################## | Listing |

[23/06/2013 – 21:20:50 | SHD ] C:$Recycle.Bin
[14/09/2013 – 12:32:31 | D ] C:AdwCleaner
[24/02/2012 – 04:50:52 | D ] C:AsusVibeData
[14/09/2013 – 13:39:24 | RASHD ] C:Autorun.inf
[03/11/2012 – 13:59:15 | SHD ] C:Boot
[26/07/2012 – 05:44:30 | RASH | 398156] C:bootmgr
[02/06/2012 – 16:30:55 | N | 1] C:BOOTNXT
[31/10/2012 – 19:37:28 | N | 8192] C:BOOTSECT.BAK
[01/11/2012 – 16:33:37 | N | 170] C:BurnHelp.txt
[13/09/2013 – 16:03:36 | D ] C:Config.Msi
[22/02/2013 – 21:13:11 | D ] C:Creative Suite CS2
[22/02/2013 – 21:00:39 | D ] C:CS2
[26/07/2012 – 09:22:08 | SHD ] C:Documents and Settings
[31/10/2012 – 17:30:43 | D ] C:ESD
[28/05/2012 – 18:23:29 | D ] C:eSupport
[15/09/2013 – 10:39:54 | ASH | 4655718400] C:hiberfil.sys
[31/10/2012 – 19:36:42 | D ] C:inetpub
[28/05/2012 – 18:13:33 | D ] C:Intel
[30/01/2012 – 04:17:03 | N | 2621440] C:K43SD.BIN
[30/01/2012 – 04:16:44 | N | 2621440] C:K53SD.BIN
[04/11/2012 – 18:52:38 | D ] C:Moi
[18/12/2012 – 21:00:11 | RHD ] C:MSOCache
[10/08/2013 – 18:47:40 | D ] C:NVIDIA
[10/08/2013 – 19:02:20 | D ] C:NvidiaLogging
[03/12/2012 – 22:30:10 | D ] C:ONE TOUCH Upgrade 5.4.5
[15/09/2013 – 10:40:06 | ASH | 6440353792] C:pagefile.sys
[26/08/2013 – 19:15:29 | D ] C:Panasonic
[26/07/2012 – 09:33:46 | D ] C:PerfLogs
[15/06/2013 – 16:32:38 | D ] C:Program Files
[14/09/2013 – 12:32:23 | D ] C:Program Files (x86)
[14/09/2013 – 12:32:22 | HD ] C:ProgramData
[31/10/2012 – 20:05:01 | SHD ] C:Recovery
[30/11/2012 – 20:24:26 | N | 358] C:SetSearchAndHomepageInBrowserLog.txt
[09/02/2013 – 18:36:52 | D ] C:Stegano
[15/09/2013 – 10:40:06 | ASH | 268435456] C:swapfile.sys
[14/09/2013 – 19:11:57 | SHD ] C:System Volume Information
[15/09/2013 – 10:49:47 | D ] C:UsbFix
[11/09/2013 – 20:34:27 | N | 6420] C:UsbFix [Clean 10] MANU-PORTABLE.txt
[11/09/2013 – 20:36:08 | N | 11324] C:UsbFix [Clean 11] MANU-PORTABLE.txt
[14/09/2013 – 13:39:58 | N | 10608] C:UsbFix [Clean 12] MANU-PORTABLE.txt
[14/09/2013 – 15:52:55 | N | 10972] C:UsbFix [Clean 13] MANU-PORTABLE.txt
[14/09/2013 – 18:58:26 | N | 10789] C:UsbFix [Clean 14] MANU-PORTABLE.txt
[15/09/2013 – 10:50:00 | A | 8975] C:UsbFix [Clean 15] MANU-PORTABLE.txt
[09/09/2013 – 20:57:28 | N | 11277] C:UsbFix [Clean 1] MANU-PORTABLE.txt
[09/09/2013 – 21:05:06 | N | 11190] C:UsbFix [Clean 2] MANU-PORTABLE.txt
[10/09/2013 – 15:53:47 | N | 11044] C:UsbFix [Clean 3] MANU-PORTABLE.txt
[10/09/2013 – 16:12:11 | N | 11056] C:UsbFix [Clean 4] MANU-PORTABLE.txt
[10/09/2013 – 16:31:38 | N | 11168] C:UsbFix [Clean 5] MANU-PORTABLE.txt
[11/09/2013 – 13:40:22 | N | 10907] C:UsbFix [Clean 6] MANU-PORTABLE.txt
[11/09/2013 – 17:42:27 | N | 11035] C:UsbFix [Clean 7] MANU-PORTABLE.txt
[11/09/2013 – 19:52:30 | N | 10969] C:UsbFix [Clean 8] MANU-PORTABLE.txt
[11/09/2013 – 20:00:37 | N | 10953] C:UsbFix [Clean 9] MANU-PORTABLE.txt
[09/09/2013 – 20:08:14 | N | 11689] C:UsbFix [Scan 1] MANU-PORTABLE.txt
[09/09/2013 – 20:15:51 | N | 12622] C:UsbFix [Scan 2] MANU-PORTABLE.txt
[11/09/2013 – 19:20:31 | N | 12432] C:UsbFix [Scan 3] MANU-PORTABLE.txt
[11/09/2013 – 20:30:32 | N | 12805] C:UsbFix [Scan 4] MANU-PORTABLE.txt
[14/09/2013 – 12:26:27 | N | 12295] C:UsbFix [Scan 6] MANU-PORTABLE.txt
[14/09/2013 – 13:59:28 | N | 13307] C:UsbFix [Scan 8] MANU-PORTABLE.txt
[31/01/2013 – 21:27:07 | D ] C:Users
[15/09/2013 – 10:39:57 | D ] C:Windows
[19/11/2012 – 19:32:18 | N | 3696] C:{036C1D7D-32B1-42EC-B035-744092510522}
[14/06/2013 – 06:05:05 | N | 1744] C:{0A99FB3E-75B9-4DCB-8367-993783A74E44}
[13/03/2013 – 16:16:43 | N | 3456] C:{24427477-C3AF-47E7-AD1E-6471DA7E4D6F}
[13/03/2013 – 16:09:55 | N | 2344] C:{2DE3C3A7-CF65-4FBA-A30F-C3C9E1DC1917}
[24/06/2013 – 00:03:02 | N | 2200] C:{2F200BAC-A359-45E7-9C74-122787EF4E75}
[18/07/2013 – 15:55:12 | N | 1936] C:{3B8EF431-B459-484C-B913-35D1EAEEBB0E}
[13/03/2013 – 16:29:18 | N | 3176] C:{3C438E0C-D376-456F-8A97-E6B39DBD0A39}
[13/03/2013 – 16:08:34 | N | 2360] C:{65C5F498-AB2A-4221-A182-7107FDCE5989}
[29/11/2012 – 19:06:04 | N | 56] C:{6D33DD98-E8DA-4B09-BC57-1DC47E33D5B5}
[15/11/2012 – 22:29:05 | N | 2832] C:{A9646E37-F31D-49E4-88D5-92BDCE07EA04}
[24/07/2013 – 03:31:22 | N | 2280] C:{AEAC626D-B771-4DDF-8E48-6EE9E023BA35}
[29/11/2012 – 19:06:05 | N | 1720] C:{B2AB2CD4-4843-475B-AA69-92C2D089068C}
[11/08/2013 – 18:07:09 | N | 1864] C:{B64A29CB-3E4D-4342-B03C-5678AF7071F5}
[20/03/2013 – 19:59:54 | N | 1936] C:{C7E2AAFD-97A1-4BF4-9470-A552D0416663}
[04/07/2013 – 11:25:26 | N | 1944] C:{D6FF68D1-6A9C-4D72-9535-0841FA3511D3}
[28/02/2013 – 18:56:30 | N | 2400] C:{F7976727-CA4A-4608-A5C9-AAA0376D3849}
[17/06/2013 – 16:37:32 | N | 1968] C:{FD96760D-711B-4D1D-90E8-DAC10E777F60}
[09/08/2012 – 18:15:44 | SHD ] D:$RECYCLE.BIN
[14/09/2013 – 13:39:26 | RASHD ] D:Autorun.inf
[04/07/2013 – 17:20:54 | D ] D:copy
[22/02/2013 – 16:36:16 | D ] D:creative
[19/11/2012 – 20:37:22 | D ] D:Jeux Nintendo
[09/09/2013 – 15:19:30 | D ] D:Livres Papa
[14/09/2013 – 15:46:55 | D ] D:Mes fichiers
[03/08/2013 – 12:20:23 | D ] D:pdf
[12/08/2013 – 17:46:27 | D ] D:Photos
[14/06/2013 – 16:22:09 | D ] D:Site Web
[14/09/2013 – 19:12:02 | SHD ] D:System Volume Information
[10/09/2013 – 17:46:05 | D ] D:Telecharge
[24/01/2013 – 17:40:32 | D ] D:Tempo
[13/09/2013 – 15:11:05 | D ] D:Video

################## | Vaccin |

C:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
D:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)

################## | E.O.F | https://www.sosvirus.net” onclick=”window.open(this.href);return false; |

La clé n’a pas été nettoyée car non reconnue en mode sans échec.
Bonne journée.