Sofia
Participant
Nombre d'articles : 14

Je ne l’avais pas vu… le voila!

[spoiler:1dfz617j]############################## | UsbFix V 7.147 | [Supresión]

Usuario: AMB (Administrador) # RS
Actualizado el 30/10/2013 por El Desaparecido – Team SosVirus
Comenzó a 10:01:56 | 31/10/2013

Sitio web: http://www.usbfix.net/” onclick=”window.open(this.href);return false;
Forum : https://www.sosvirus.net/” onclick=”window.open(this.href);return false;
Upload Malware: upload_malware.php
Contacto: http://www.usbfix.net/contact/” onclick=”window.open(this.href);return false;

PC: ASUSTeK COMPUTER INC. (X55U)
CPU: AMD E-450 APU with Radeon(tm) HD Graphics
RAM -> [Total : 3673 | Free : 2288]
Bios: American Megatrends Inc.
Boot: Normal boot

OS: Microsoft Windows 8 Single Language (6.2.9200 64-Bit)
WB: Windows Internet Explorer : 10.0.9200.16721
WB: Mozilla Firefox : 25.0

SC: Security Center Service [Enabled]
WU: Windows Update Service [(!) Disabled]
AV: Kaspersky Internet Security [(!) Disabled | Updated]
AS: Windows Defender : 4.3.0215.0
AS: Malwarebytes' Anti-Malware : 1.75.0001
FW: Windows FireWall Service [Enabled]

C: (%systemdrive%) -> Disco fijo # 186 Gb (61 Mb libre(s) – 33%) [OS] # NTFS
D: -> Disco fijo # 258 Gb (258 Mb libre(s) – 100%) [Data] # NTFS
E: -> CD-ROM
F: -> Disco fijo # 298 Gb (122 Mb libre(s) – 41%) [My Passport] # NTFS
G: -> Disco extraíble # 4 Gb (2 Mb libre(s) – 41%) [ADATA UFD] # FAT32

################## | Procesos Parados |

Parado! C:Windowssystem32atiesrxx.exe (ID: 884 |ParentID: 660)
Parado! C:Program Files (x86)ASUSATK PackageATK HotkeyASLDRSrv.exe (ID: 1268 |ParentID: 660)
Parado! C:Program Files (x86)ASUSATK PackageATKGFNEXGFNEXSrv.exe (ID: 1344 |ParentID: 660)
Parado! C:WindowsSystem32spoolsv.exe (ID: 1444 |ParentID: 660)
Parado! C:Program Files (x86)Common FilesAdobeARM1.0armsvc.exe (ID: 1588 |ParentID: 660)
Parado! C:Program Files (x86)ASUSASUS InstantOnInsOnSrv.exe (ID: 1636 |ParentID: 660)
Parado! C:Program Files (x86)Kaspersky LabKaspersky Internet Security 2013avp.exe (ID: 1656 |ParentID: 660)
Parado! C:Program Files (x86)Malwarebytes' Anti-Malwarembamscheduler.exe (ID: 1728 |ParentID: 660)
Parado! C:Program Files (x86)Malwarebytes' Anti-Malwarembamservice.exe (ID: 1764 |ParentID: 660)
Parado! C:Windowssystem32viakaraokesrv.exe (ID: 1928 |ParentID: 660)
Parado! C:Windowssystem32SearchIndexer.exe (ID: 3236 |ParentID: 660)
Parado! C:WindowsSystem32LogonUI.exe (ID: 1316 |ParentID: 3156)
Parado! C:Windowssystem32atieclxx.exe (ID: 3896 |ParentID: 884)
Parado! C:Program FilesASUSP4GBatteryLife.exe (ID: 4428 |ParentID: 660)
Parado! C:Windowssystem32taskhostex.exe (ID: 628 |ParentID: 660)
Parado! C:Program Files (x86)ASUSUSBChargerPlusUSBChargerPlus.exe (ID: 636 |ParentID: 660)
Parado! C:Program Files (x86)ASUSATK PackageATK HotkeyHControl.exe (ID: 880 |ParentID: 1268)
Parado! C:Program Files (x86)ASUSASUS InstantOnInsOnWMI.exe (ID: 4484 |ParentID: 1636)
Parado! C:Program Files (x86)Malwarebytes' Anti-Malwarembamgui.exe (ID: 3308 |ParentID: 1764)
Parado! C:WindowsExplorer.EXE (ID: 3596 |ParentID: 1488)
Parado! C:Program Files (x86)ASUSATK PackageATK HotkeyKBFiltr.exe (ID: 5096 |ParentID: 880)
Parado! C:Program Files (x86)ASUSATK PackageATKOSD2ATKOSD2.exe (ID: 2276 |ParentID: 3612)
Parado! C:Program Files (x86)ASUSATK PackageATK MediaDMedia.exe (ID: 4760 |ParentID: 3824)
Parado! C:Program Files (x86)ASUSASUS Smart GestureAsTPCenterx64AsusTPLoader.exe (ID: 4568 |ParentID: 480)
Parado! C:Program Files (x86)ASUSASUS Smart GestureQuickGesturex64QuickGesture64.exe (ID: 4288 |ParentID: 4568)
Parado! C:Program Files (x86)ASUSASUS Smart GestureQuickGesturex86QuickGesture.exe (ID: 4580 |ParentID: 4568)
Parado! C:Program Files (x86)VIAVIAudioiVDeckVDeck.exe (ID: 3684 |ParentID: 1908)
Parado! C:Program Files (x86)CyberLinkPowerDVD10PDVD10Serv.exe (ID: 1168 |ParentID: 1908)
Parado! C:Program Files (x86)Kaspersky LabKaspersky Internet Security 2013avp.exe (ID: 4664 |ParentID: 3060)
Parado! C:Program Files (x86)ASUSASUS Smart GestureAsTPCenterx64AsusTPHelper.exe (ID: 2532 |ParentID: 4604)
Parado! C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticMOM.exe (ID: 2800 |ParentID: 4948)
Parado! C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticCCC.exe (ID: 1152 |ParentID: 2800)
Parado! C:Program Files (x86)ASUSASUS Smart GestureAsTPCenterx64AsusTPCenter.exe (ID: 4128 |ParentID: 4568)
Parado! C:WindowsservicingTrustedInstaller.exe (ID: 1480 |ParentID: 660)
Parado! C:Windowswinsxsamd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.2.9200.16683_none_62280e15510f8e79TiWorker.exe (ID: 6028 |ParentID: 776)
Parado! C:Windowssystem32lpksetup.exe (ID: 6128 |ParentID: 4272)
Parado! C:Windowssystem32lpksetup.exe (ID: 5720 |ParentID: 776)
Parado! C:Windowssystem32srtasks.exe (ID: 6108 |ParentID: 5720)
Parado! C:Windowssystem32conhost.exe (ID: 1712 |ParentID: 6108)
Parado! C:WindowsSystem32WUDFHost.exe (ID: 5628 |ParentID: 1036)
Parado! \?C:Windowssystem32wbemWMIADAP.EXE (ID: 5576 |ParentID: 1008)
Parado! C:Windowssystem32vssvc.exe (ID: 4800 |ParentID: 660)

################## | Regedit Run |

HKLMSOFTWARE | Run : [Adobe Reader Speed Launcher] – “C:Program Files (x86)AdobeReader 10.0ReaderReader_sl.exe”
HKLMSOFTWARE | Run : [Adobe ARM] – “C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe”
HKLMSOFTWARE | Run : [StartCCC] – “C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticCLIStart.exe” MSRun
HKLMSOFTWARE | Run : [HDAudDeck] – C:Program Files (x86)VIAVIAudioiVDeckVDeck.exe -r
HKLMSOFTWARE | Run : [RemoteControl10] – “C:Program Files (x86)CyberLinkPowerDVD10PDVD10Serv.exe”
HKLMSOFTWARE | Run : [ASUSWebStorage] – C:Program Files (x86)ASUSWebStorage Sync Agent1.1.9.120AsusWSPanel.exe /S
HKLMSOFTWARE | Run : [AVP] – “C:Program Files (x86)Kaspersky LabKaspersky Internet Security 2013runner_avp.exe”
HKLMSOFTWAREwow6432Node | Run : [Adobe Reader Speed Launcher] – “C:Program Files (x86)AdobeReader 10.0ReaderReader_sl.exe”
HKLMSOFTWAREwow6432Node | Run : [Adobe ARM] – “C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe”
HKLMSOFTWAREwow6432Node | Run : [StartCCC] – “C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticCLIStart.exe” MSRun
HKLMSOFTWAREwow6432Node | Run : [HDAudDeck] – C:Program Files (x86)VIAVIAudioiVDeckVDeck.exe -r
HKLMSOFTWAREwow6432Node | Run : [RemoteControl10] – “C:Program Files (x86)CyberLinkPowerDVD10PDVD10Serv.exe”
HKLMSOFTWAREwow6432Node | Run : [ASUSWebStorage] – C:Program Files (x86)ASUSWebStorage Sync Agent1.1.9.120AsusWSPanel.exe /S
HKLMSOFTWAREwow6432Node | Run : [AVP] – “C:Program Files (x86)Kaspersky LabKaspersky Internet Security 2013runner_avp.exe”
HKLMSOFTWARE | RunOnce : [] –
HKLMSOFTWAREwow6432Node | RunOnce : [] –

################## | Búsqueda genérica |[/spoiler:1dfz617j]