omartin
Participant
Nombre d'articles : 11

[spoiler:3jde4oqz]############################## | UsbFix V 7.146 | [Suppression]

Utilisateur: Olivia (Administrateur) # OLIVIA-PC
Mis à jour le 28/10/2013 par El Desaparecido – Team SosVirus
Lancé à 23:21:50 | 28/10/2013

Site Web: http://www.usbfix.net/ » onclick= »window.open(this.href);return false;
Forum : http://www.sosvirus.net/ » onclick= »window.open(this.href);return false;
Upload Malware: upload_malware.php
Contact: http://www.usbfix.net/contact/ » onclick= »window.open(this.href);return false;

PC: ASUSTeK Computer Inc. (U30Sd)
CPU: Intel(R) Core(TM) i5-2430M CPU @ 2.40GHz
RAM -> [Total : 4008 | Free : 1664]
Bios: American Megatrends Inc.
Boot: Normal boot

OS: Microsoft Windows 7 Professionnel (6.1.7601 64-Bit) Service Pack 1
WB: Windows Internet Explorer : 10.0.9200.16721
WB: Google Chrome : 23.0.1271.95

SC: Security Center Service [Enabled]
WU: Windows Update Service [Enabled]
AV: avast! Antivirus [Enabled | Updated]
AS: Windows Defender : 6.1.7600.16385 (win7_rtm.090713-1255)
AS: Malwarebytes' Anti-Malware : 1.75.0001
FW: Windows FireWall Service [Enabled]

C: (%systemdrive%) -> Disque fixe # 195 Go (56 Go libre(s) – 28%) [OS] # NTFS
D: -> Disque fixe # 245 Go (245 Go libre(s) – 100%) [Data] # NTFS
E: -> CD-ROM
F: -> Disque fixe # 466 Go (120 Go libre(s) – 26%) [WD Olivia] # NTFS
G: -> CD-ROM

################## | Processus Stoppés |

Stoppé! C:Windowssystem32nvvsvc.exe (ID: 956 |ParentID: 688)
Stoppé! C:Program FilesNVIDIA CorporationDisplayNvXDSync.exe (ID: 1368 |ParentID: 956)
Stoppé! C:Windowssystem32nvvsvc.exe (ID: 1380 |ParentID: 956)
Stoppé! C:Program Files (x86)ASUSSmartLogonsmartlogon.exe (ID: 1468 |ParentID: 380)
Stoppé! C:Windowssystem32FBAgent.exe (ID: 1508 |ParentID: 688)
Stoppé! C:Program Files (x86)ASUSATK PackageATK HotkeyASLDRSrv.exe (ID: 1540 |ParentID: 688)
Stoppé! C:Program Files (x86)ASUSATK PackageATKGFNEXGFNEXSrv.exe (ID: 1648 |ParentID: 688)
Stoppé! C:Program FilesAVAST SoftwareAvastAvastSvc.exe (ID: 1704 |ParentID: 688)
Stoppé! C:WindowsExplorer.EXE (ID: 1824 |ParentID: 1764)
Stoppé! C:Windowssystem32taskeng.exe (ID: 1948 |ParentID: 1032)
Stoppé! C:WindowsSystem32spoolsv.exe (ID: 1968 |ParentID: 688)
Stoppé! C:Windowssystem32taskhost.exe (ID: 1520 |ParentID: 688)
Stoppé! C:Program Files (x86)Common FilesAdobeARM1.0armsvc.exe (ID: 1852 |ParentID: 688)
Stoppé! C:Program Files (x86)AtherosAth_CoexAgent.exe (ID: 1244 |ParentID: 688)
Stoppé! C:Program Files (x86)AtherosBluetooth Suiteadminservice.exe (ID: 2076 |ParentID: 688)
Stoppé! C:ProgramDataBitGuard2.7.1769.27{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}BitGuard.exe (ID: 2112 |ParentID: 688)
Stoppé! C:Windowssystem32taskeng.exe (ID: 2124 |ParentID: 1032)
Stoppé! C:Program Files (x86)ASUSATK PackageATKOSD2ATKOSD2.exe (ID: 2160 |ParentID: 2124)
Stoppé! C:Windowssystem32taskeng.exe (ID: 2180 |ParentID: 1032)
Stoppé! C:Program Files (x86)ASUSASUS Live UpdateALU.exe (ID: 2232 |ParentID: 2180)
Stoppé! C:Program FilesP4GBatteryLife.exe (ID: 2244 |ParentID: 2180)
Stoppé! C:Program Files (x86)ASUSSplendidACMON.exe (ID: 2260 |ParentID: 2180)
Stoppé! C:Program FilesASUSASUS Secure DeleteADDEL.exe (ID: 2272 |ParentID: 2180)
Stoppé! C:Program Files (x86)ASUSSmartLogonsensorsrv.exe (ID: 2284 |ParentID: 2180)
Stoppé! C:ProgramDataEPSONEPW!3 SSRPE_S40STB.EXE (ID: 2348 |ParentID: 688)
Stoppé! C:ProgramDataEPSONEPW!3 SSRPE_S40RPB.EXE (ID: 2428 |ParentID: 688)
Stoppé! C:ProgramDataBitGuard2.7.1769.27{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}BitGuard.exe (ID: 2532 |ParentID: 2112)
Stoppé! C:Program Files (x86)RalinkCommonRaRegistry.exe (ID: 2684 |ParentID: 688)
Stoppé! C:WindowsSysWOW64ACEngSvr.exe (ID: 2840 |ParentID: 868)
Stoppé! C:Program Files (x86)RalinkCommonRaRegistry64.exe (ID: 2864 |ParentID: 688)
Stoppé! C:WindowsAsScrPro.exe (ID: 2940 |ParentID: 1508)
Stoppé! C:Program FilesIntelTurboBoostTurboBoost.exe (ID: 2964 |ParentID: 688)
Stoppé! C:Windowssystem32viakaraokesrv.exe (ID: 3008 |ParentID: 688)
Stoppé! C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSVC.EXE (ID: 3052 |ParentID: 688)
Stoppé! C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSvcM.exe (ID: 3116 |ParentID: 3052)
Stoppé! C:Program Files (x86)CyberLinkPower2GoCLMLSvc.exe (ID: 3236 |ParentID: 1508)
Stoppé! C:WindowsSystem32rundll32.exe (ID: 3848 |ParentID: 868)
Stoppé! C:WindowsservicingTrustedInstaller.exe (ID: 1108 |ParentID: 688)
Stoppé! C:WindowsSystem32igfxtray.exe (ID: 4484 |ParentID: 1824)
Stoppé! C:WindowsSystem32hkcmd.exe (ID: 4492 |ParentID: 1824)
Stoppé! C:WindowsSystem32igfxpers.exe (ID: 4520 |ParentID: 1824)
Stoppé! C:Windowssystem32SearchIndexer.exe (ID: 4736 |ParentID: 688)
Stoppé! C:Program FilesElantechETDCtrl.exe (ID: 4752 |ParentID: 1824)
Stoppé! C:Program Files (x86)AmIcoSingLunAmIcoSinglun64.exe (ID: 4780 |ParentID: 1824)
Stoppé! C:Program Files (x86)AtherosBluetooth SuiteBtvStack.exe (ID: 4856 |ParentID: 1824)
Stoppé! C:Program Files (x86)AtherosBluetooth SuiteAthBtTray.exe (ID: 4900 |ParentID: 1824)
Stoppé! C:Program Files (x86)RalinkCommonRaUI.exe (ID: 3768 |ParentID: 1824)
Stoppé! C:Program FilesWindows Media Playerwmpnetwk.exe (ID: 3284 |ParentID: 688)
Stoppé! C:Program FilesElantechETDCtrlHelper.exe (ID: 4348 |ParentID: 4752)
Stoppé! C:Program Files (x86)VIAVIAudioiVDeckVDeck.exe (ID: 4732 |ParentID: 4916)
Stoppé! C:Program Files (x86)ASUSATK PackageATK MediaDMedia.exe (ID: 4616 |ParentID: 4916)
Stoppé! C:Program Files (x86)ASUSATK PackageATK HotkeyHControlUser.exe (ID: 4908 |ParentID: 4916)
Stoppé! C:Program Files (x86)ASUSWireless Console 3wcourier.exe (ID: 4700 |ParentID: 4916)
Stoppé! C:Program Files (x86)HPHP Software UpdatehpwuSchd2.exe (ID: 4592 |ParentID: 4916)
Stoppé! C:Program FilesAVAST SoftwareAvastAvastUI.exe (ID: 4864 |ParentID: 4916)
Stoppé! C:Windowssystem32SearchProtocolHost.exe (ID: 5496 |ParentID: 4736)
Stoppé! C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID: 5928 |ParentID: 1824)
Stoppé! C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID: 6104 |ParentID: 5928)
Stoppé! C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID: 6136 |ParentID: 5928)
Stoppé! C:Windowssystem32DllHost.exe (ID: 3900 |ParentID: 868)
Stoppé! C:Program Files (x86)IntelIntel(R) Management Engine ComponentsLMSLMS.exe (ID: 2760 |ParentID: 688)
Stoppé! C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID: 3360 |ParentID: 5928)
Stoppé! C:Program Files (x86)NVIDIA CorporationNVIDIA Updatusdaemonu.exe (ID: 5712 |ParentID: 688)
Stoppé! C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID: 1048 |ParentID: 5928)
Stoppé! C:Program Files (x86)IntelIntel(R) Management Engine ComponentsUNSUNS.exe (ID: 3908 |ParentID: 688)
Stoppé! C:Windowssystem32wuauclt.exe (ID: 5744 |ParentID: 1032)
Stoppé! C:Program Files (x86)Microsoft OfficeOffice14WINWORD.EXE (ID: 5608 |ParentID: 1824)
Stoppé! C:Program FilesCommon FilesMicrosoft SharedOfficeSoftwareProtectionPlatformOSPPSVC.EXE (ID: 2320 |ParentID: 688)
Stoppé! C:Windowssplwow64.exe (ID: 540 |ParentID: 5608)

################## | Regedit Run |

HKLMSOFTWARE | Run : [ASUSPRP] – « C:Program Files (x86)ASUSAPRPAPRP.EXE »
HKLMSOFTWARE | Run : [HDAudDeck] – C:Program Files (x86)VIAVIAudioiVDeckVDeck.exe -r
HKLMSOFTWARE | Run : [ATKMEDIA] – C:Program Files (x86)ASUSATK PackageATK MediaDMedia.exe
HKLMSOFTWARE | Run : [HControlUser] – C:Program Files (x86)ASUSATK PackageATK HotkeyHControlUser.exe
HKLMSOFTWARE | Run : [Wireless Console 3] – C:Program Files (x86)ASUSWireless Console 3wcourier.exe
HKLMSOFTWARE | Run : [StopDefragment] – InstallStopDefragment.exe
HKLMSOFTWARE | Run : [UpdateLBPShortCut] – « C:Program Files (x86)CyberLinkLabelPrintMUITransferMUIStartMenu.exe » « C:Program Files (x86)CyberLinkLabelPrint » UpdateWithCreateOnce « SoftwareCyberLinkLabelPrint2.5 »
HKLMSOFTWARE | Run : [UpdateP2GoShortCut] – « C:Program Files (x86)CyberLinkPower2GoMUITransferMUIStartMenu.exe » « C:Program Files (x86)CyberLinkPower2Go » UpdateWithCreateOnce « SOFTWARECyberLinkPower2Go6.0 »
HKLMSOFTWARE | Run : [HP Software Update] – C:Program Files (x86)HPHP Software UpdateHPWuSchd2.exe
HKLMSOFTWARE | Run : [avast] – « C:Program FilesAVAST SoftwareAvastavastUI.exe » /nogui
HKLMSOFTWARE | Run : [BCSSync] – « C:Program Files (x86)Microsoft OfficeOffice14BCSSync.exe » /DelayServices
HKLMSOFTWARE | Run : [Adobe ARM] – « C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe »
HKLMSOFTWARE | Run : [APSDaemon] – « C:Program Files (x86)Common FilesAppleApple Application SupportAPSDaemon.exe »
HKLMSOFTWARE | Run : [QuickTime Task] – « C:Program Files (x86)QuickTimeQTTask.exe » -atboottime
HKLMSOFTWAREwow6432Node | Run : [ASUSPRP] – « C:Program Files (x86)ASUSAPRPAPRP.EXE »
HKLMSOFTWAREwow6432Node | Run : [HDAudDeck] – C:Program Files (x86)VIAVIAudioiVDeckVDeck.exe -r
HKLMSOFTWAREwow6432Node | Run : [ATKMEDIA] – C:Program Files (x86)ASUSATK PackageATK MediaDMedia.exe
HKLMSOFTWAREwow6432Node | Run : [HControlUser] – C:Program Files (x86)ASUSATK PackageATK HotkeyHControlUser.exe
HKLMSOFTWAREwow6432Node | Run : [Wireless Console 3] – C:Program Files (x86)ASUSWireless Console 3wcourier.exe
HKLMSOFTWAREwow6432Node | Run : [StopDefragment] – InstallStopDefragment.exe
HKLMSOFTWAREwow6432Node | Run : [UpdateLBPShortCut] – « C:Program Files (x86)CyberLinkLabelPrintMUITransferMUIStartMenu.exe » « C:Program Files (x86)CyberLinkLabelPrint » UpdateWithCreateOnce « SoftwareCyberLinkLabelPrint2.5 »
HKLMSOFTWAREwow6432Node | Run : [UpdateP2GoShortCut] – « C:Program Files (x86)CyberLinkPower2GoMUITransferMUIStartMenu.exe » « C:Program Files (x86)CyberLinkPower2Go » UpdateWithCreateOnce « SOFTWARECyberLinkPower2Go6.0 »
HKLMSOFTWAREwow6432Node | Run : [HP Software Update] – C:Program Files (x86)HPHP Software UpdateHPWuSchd2.exe
HKLMSOFTWAREwow6432Node | Run : [avast] – « C:Program FilesAVAST SoftwareAvastavastUI.exe » /nogui
HKLMSOFTWAREwow6432Node | Run : [BCSSync] – « C:Program Files (x86)Microsoft OfficeOffice14BCSSync.exe » /DelayServices
HKLMSOFTWAREwow6432Node | Run : [Adobe ARM] – « C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe »
HKLMSOFTWAREwow6432Node | Run : [APSDaemon] – « C:Program Files (x86)Common FilesAppleApple Application SupportAPSDaemon.exe »
HKLMSOFTWAREwow6432Node | Run : [QuickTime Task] – « C:Program Files (x86)QuickTimeQTTask.exe » -atboottime
HKLMSOFTWARE | RunOnce : [] –
HKLMSOFTWAREwow6432Node | RunOnce : [] –
HKUS-1-5-19SOFTWARE | Run : [Sidebar] – %ProgramFiles%Windows SidebarSidebar.exe /autoRun
HKUS-1-5-20SOFTWARE | Run : [Sidebar] – %ProgramFiles%Windows SidebarSidebar.exe /autoRun
HKUS-1-5-19SOFTWARE | RunOnce : [mctadmin] – C:WindowsSystem32mctadmin.exe
HKUS-1-5-20SOFTWARE | RunOnce : [mctadmin] – C:WindowsSystem32mctadmin.exe

################## | Recherche générique |

Supprimé! F:syncguid.dat

(!) Fichiers temporaires supprimés.

################## | Registre |

Réparé ! HKLMSoftwareMicrosoftWindowsCurrentVersionPoliciesExplorer|NoActiveDesktop -> 0
Réparé ! HKLMSoftwareMicrosoftWindowsCurrentVersionPoliciesExplorer|NoActiveDesktopChanges -> 0
Supprimé! HKUS-1-5-21-4173958784-2195708382-2158073431-1001Software….Mountpoints2F
Supprimé! HKUS-1-5-21-4173958784-2195708382-2158073431-1001Software….Mountpoints2{7f231922-d8db-11e2-b67d-742f68af68b0}
Supprimé! HKUS-1-5-21-4173958784-2195708382-2158073431-1001Software….Mountpoints2{9f778127-f536-11e2-a280-742f68af68b0}

################## | Listing |

[19/09/2012 – 18:22:02 | SHD ] C:$Recycle.Bin
[12/11/2012 – 22:32:30 | D ] C:Alim32
[07/04/2012 – 21:12:28 | D ] C:ASUS.DAT
[09/04/2011 – 20:00:44 | D ] C:AsusVibeData
[01/05/2012 – 22:56:00 | D ] C:BigFishGamesCache
[29/07/2009 – 07:51:52 | SHD ] C:Boot
[14/07/2009 – 02:38:58 | RASH | 383562] C:bootmgr
[29/07/2009 – 07:51:54 | RASH | 8192] C:BOOTSECT.BAK
[15/12/2012 – 23:08:13 | D ] C:components
[24/10/2013 – 01:43:47 | HD ] C:Config.Msi
[08/04/2012 – 03:54:29 | N | 15237] C:devlist.txt
[14/07/2009 – 06:08:56 | SHD ] C:Documents and Settings
[15/12/2012 – 23:08:07 | N | 0] C:END
[08/04/2012 – 03:43:25 | D ] C:eSupport
[07/04/2012 – 12:54:29 | N | 9] C:Finish.log
[28/10/2013 – 23:12:23 | ASH | 3152142336] C:hiberfil.sys
[08/04/2012 – 03:31:17 | D ] C:Intel
[08/04/2012 – 03:40:50 | N | 29] C:mini-agent.txt
[20/03/2013 – 21:06:24 | RHD ] C:MSOCache
[08/04/2012 – 03:35:25 | D ] C:NvidiaLogs
[15/04/2013 – 18:49:34 | D ] C:Office 2010
[26/09/2012 – 16:26:11 | D ] C:Output
[28/10/2013 – 23:12:28 | ASH | 4202860544] C:pagefile.sys
[14/07/2009 – 04:20:08 | D ] C:PerfLogs
[19/08/2013 – 18:05:43 | D ] C:Program Files
[14/10/2013 – 09:11:37 | D ] C:Program Files (x86)
[13/10/2013 – 23:10:27 | HD ] C:ProgramData
[07/04/2012 – 21:09:16 | SHD ] C:Recovery
[20/05/2011 – 08:23:02 | N | 14] C:RECOVERY.DAT
[08/04/2012 – 03:43:31 | N | 168] C:setup.log
[23/10/2013 – 10:35:02 | SHD ] C:System Volume Information
[08/06/2012 – 23:58:54 | D ] C:temp
[29/04/2011 – 02:54:15 | N | 2621440] C:U30SD.BIN
[20/05/2011 – 08:23:02 | N | 19] C:U30SD_U40SD_WIN7.50
[20/05/2011 – 07:54:02 | N | 2621440] C:U40SD.BIN
[28/10/2013 – 23:24:42 | D ] C:UsbFix
[28/10/2013 – 23:10:23 | N | 11555] C:UsbFix [Clean 1] OLIVIA-PC.txt
[28/10/2013 – 23:28:47 | A | 13663] C:UsbFix [Clean 3] OLIVIA-PC.txt
[28/10/2013 – 22:18:09 | N | 13115] C:UsbFix [Scan 1] OLIVIA-PC.txt
[28/10/2013 – 23:16:10 | N | 12433] C:UsbFix [Scan 2] OLIVIA-PC.txt
[15/12/2012 – 22:41:12 | N | 3379] C:user.js
[07/04/2012 – 21:10:53 | RD ] C:Users
[08/04/2012 – 04:20:21 | D ] C:WIMAPPLY
[28/10/2013 – 17:06:44 | D ] C:Windows
[07/04/2012 – 21:11:18 | SHD ] D:$RECYCLE.BIN
[08/04/2012 – 03:23:06 | SHD ] D:System Volume Information
[10/10/2012 – 20:31:34 | SHD ] F:$RECYCLE.BIN
[07/04/2012 – 12:46:07 | D ] F:Asus
[19/08/2013 – 13:18:00 | D ] F:BA3 Vétérinaire
[12/02/2012 – 17:41:28 | N | 710144] F:ehthumbs_vista.db
[24/07/2011 – 00:14:37 | D ] F:Electronic Arts
[09/09/2010 – 22:16:57 | D ] F:Extras
[19/08/2013 – 12:10:29 | D ] F:GVM1 Vétérinaire
[11/04/2012 – 18:38:29 | D ] F:Off2007HStTrial
[22/04/2012 – 21:27:50 | D ] F:Olivia
[28/02/2012 – 16:39:41 | SHD ] F:System Volume Information
[14/03/2012 – 14:35:28 | RASH | 6144] F:Thumbs.db
[22/10/2013 – 19:38:52 | D ] F:TUYAUX AUDREY
[09/09/2010 – 22:16:57 | D ] F:User Manuals
[08/09/2010 – 18:51:24 | N | 4615456] F:WD Quick Formatter.exe
[09/09/2010 – 22:17:30 | D ] F:WD SmartWare
[09/09/2010 – 22:17:02 | D ] F:WD SmartWare for Mac
[08/09/2010 – 18:51:22 | N | 5553952] F:WD SmartWare.exe
[08/07/2012 – 16:19:14 | N | 162] F:~$an mini congrès.docx

################## | Vaccin |

(!) Cet ordinateur n'est pas vacciné!

################## | E.O.F | http://www.usbfix.net » onclick= »window.open(this.href);return false; – http://www.sosvirus.net » onclick= »window.open(this.href);return false; |[/spoiler:3jde4oqz]