cathmuse
Participant
Nombre d'articles : 21

Oui j’ai fait suppression, voici mon dernier rapport (j’espère que le copier/coller va fonctionner…)

Spoiler for 1suyz1cd

############################## | UsbFix V 7.149 | [Suppression]

Utilisateur: Cathy (Administrateur) # CATHMUSE
Mis à jour le 03/11/2013 par El Desaparecido – Team SosVirus
Lancé à 16:38:37 | 07/11/2013

Site Web: http://www.usbfix.net/” onclick=”window.open(this.href);return false;
Forum : https://www.sosvirus.net/” onclick=”window.open(this.href);return false;
Upload Malware: upload_malware.php
Contact: http://www.usbfix.net/contact/” onclick=”window.open(this.href);return false;

PC: Acer (ZA10_BZ)
CPU: AMD C-70 APU with Radeon(tm) HD Graphics
RAM -> [Total : 3786 | Free : 2344]
Bios: Insyde Corp.
Boot: Normal boot

OS: Microsoft Windows 8 (6.2.9200 64-Bit)
WB: Windows Internet Explorer : 10.0.9200.16721

SC: Security Center Service [Enabled]
WU: Windows Update Service [(!) Disabled]
AV: Windows Defender [(!) Disabled | Updated]
AS: Windows Defender : 4.3.0215.0
FW: Windows FireWall Service [Enabled]

C: (%systemdrive%) -> Disque fixe # 419 Go (119 Go libre(s) – 28%) [Acer] # NTFS
E: -> Disque amovible # 7 Go (4 Go libre(s) – 55%) [] # FAT32

################## | Processus Stoppés |

Stoppé! C:Program FilesAVAST SoftwareAvastAvastUI.exe (ID: 3456 |ParentID: 3372)
Stoppé! C:Windowsexplorer.exe (ID: 8160 |ParentID: 672)
Stoppé! C:Windowssystem32DllHost.exe (ID: 7464 |ParentID: 812)
Stoppé! C:WindowsSystem32WUDFHost.exe (ID: 7612 |ParentID: 1100)
Stoppé! C:Program Files (x86)Launch Managerdsiwmis.exe (ID: 7832 |ParentID: 696)
Stoppé! C:WindowsRfBtnSvc64.exe (ID: 7868 |ParentID: 696)
Stoppé! C:Windowssystem32SearchIndexer.exe (ID: 7900 |ParentID: 696)
Stoppé! C:Program Files (x86)Launch ManagerLMutilps32.exe (ID: 7908 |ParentID: 7832)
Stoppé! C:WindowsSystem32spoolsv.exe (ID: 7952 |ParentID: 696)
Stoppé! C:Program Files (x86)Launch ManagerLManager.exe (ID: 8056 |ParentID: 3880)
Stoppé! C:Program Files (x86)Launch ManagerMMDx64Fx.exe (ID: 7312 |ParentID: 8056)
Stoppé! C:Program FilesInternet Exploreriexplore.exe (ID: 2132 |ParentID: 8160)
Stoppé! C:Program Files (x86)Internet ExplorerIEXPLORE.EXE (ID: 2420 |ParentID: 2132)
Stoppé! C:WindowsSystem32MacromedFlashFlashUtil_ActiveX.exe (ID: 2332 |ParentID: 812)
Stoppé! C:Program Files (x86)Internet ExplorerIEXPLORE.EXE (ID: 3316 |ParentID: 2132)
Stoppé! C:Program Files (x86)Internet ExplorerIEXPLORE.EXE (ID: 2640 |ParentID: 2132)
Stoppé! C:Program Files (x86)Internet ExplorerIEXPLORE.EXE (ID: 192 |ParentID: 2132)
Stoppé! C:Program Files (x86)Internet ExplorerIEXPLORE.EXE (ID: 5996 |ParentID: 2132)
Stoppé! C:Program Files (x86)Internet ExplorerIEXPLORE.EXE (ID: 1352 |ParentID: 2132)
Stoppé! C:Program Files (x86)Internet ExplorerIEXPLORE.EXE (ID: 7432 |ParentID: 2132)
Stoppé! C:Program Files (x86)Internet ExplorerIEXPLORE.EXE (ID: 7160 |ParentID: 2132)

################## | Regedit Run |

04 – HKLMSOFTWARE | Run : [BakupManagerTray] – “C:Program Files (x86)NTIAcer Backup ManagerBackupManagerTray.exe” -k -h
04 – HKLMSOFTWARE | Run : [LManager] –
04 – HKLMSOFTWARE | Run : [Norton Online Backup] – C:Program Files (x86)SymantecNorton Online BackupNOBuClient.exe
04 – HKLMSOFTWARE | Run : [Adobe ARM] – “C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe”
04 – HKLMSOFTWARE | Run : [StartCCC] – “C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticCLIStart.exe” MSRun
04 – HKLMSOFTWAREwow6432Node | Run : [BakupManagerTray] – “C:Program Files (x86)NTIAcer Backup ManagerBackupManagerTray.exe” -k -h
04 – HKLMSOFTWAREwow6432Node | Run : [LManager] –
04 – HKLMSOFTWAREwow6432Node | Run : [Norton Online Backup] – C:Program Files (x86)SymantecNorton Online BackupNOBuClient.exe
04 – HKLMSOFTWAREwow6432Node | Run : [Adobe ARM] – “C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe”
04 – HKLMSOFTWAREwow6432Node | Run : [StartCCC] – “C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticCLIStart.exe” MSRun
04 – HKLMSOFTWARE | RunOnce : [] –
04 – HKLMSOFTWAREwow6432Node | RunOnce : [] –
04 – HKUS-1-5-21-2184142341-1401073927-1793244442-1001SOFTWARE | Run : [swg] – “C:Program Files (x86)GoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe”
04 – HKUS-1-5-21-2184142341-1401073927-1793244442-1001SOFTWARE | Run : [Spotify Web Helper] – “C:Program Files (x86)SpotifyDataSpotifyWebHelper.exe”
04 – HKUS-1-5-19SOFTWARE | RunOnce : [IsMyWinLockerReboot] – msiexec.exe /qn /x{voidguid}
04 – HKUS-1-5-20SOFTWARE | RunOnce : [IsMyWinLockerReboot] – msiexec.exe /qn /x{voidguid}
04 – HKUS-1-5-18SOFTWARE | RunOnce : [IsMyWinLockerReboot] – msiexec.exe /qn /x{voidguid}

################## | Recherche générique |

Non supprimé ! E:AUTORUN.INF

(!) Fichiers temporaires supprimés.

################## | Registre |

################## | Listing |

[25/04/2013 – 14:24:43 | SHD ] C:$Recycle.Bin
[26/04/2013 – 15:55:49 | D ] C:$SysReset
[02/06/2012 – 15:30:55 | N | 1] C:BOOTNXT
[30/04/2013 – 10:49:16 | D ] C:CIMTEMP
[26/07/2012 – 08:22:08 | SHD ] C:Documents and Settings
[07/11/2013 – 15:44:53 | ASH | 3176136704] C:hiberfil.sys
[22/04/2013 – 11:56:33 | D ] C:OEM
[07/11/2013 – 15:44:55 | ASH | 671088640] C:pagefile.sys
[26/07/2012 – 08:33:46 | D ] C:PerfLogs
[06/10/2013 – 10:30:48 | D ] C:Program Files
[28/10/2013 – 10:55:50 | D ] C:Program Files (x86)
[16/10/2013 – 13:31:02 | HD ] C:ProgramData
[28/02/2013 – 11:50:49 | D ] C:Python26
[07/09/2012 – 10:39:04 | D ] C:sources
[07/11/2013 – 15:44:55 | ASH | 268435456] C:swapfile.sys
[07/11/2013 – 16:05:33 | SHD ] C:System Volume Information
[08/10/2013 – 03:23:52 | N | 137086] C:unp303277571835674311.mdmp
[07/11/2013 – 16:40:15 | D ] C:UsbFix
[07/11/2013 – 16:32:46 | N | 9626] C:UsbFix [Clean 2] CATHMUSE.txt
[07/11/2013 – 16:40:18 | A | 5736] C:UsbFix [Clean 3] CATHMUSE.txt
[07/11/2013 – 16:18:02 | N | 8520] C:UsbFix [Scan 1] CATHMUSE.txt
[07/11/2013 – 16:37:34 | N | 5889] C:UsbFix [Scan 2] CATHMUSE.txt
[22/04/2013 – 11:50:42 | RD ] C:Users
[07/11/2013 – 16:06:47 | D ] C:Windows
[26/04/2013 – 16:05:25 | D ] C:Windows.old
[18/12/2009 – 04:01:26 | N | 734054400] E:Là haut – 2009 – Walt Disney-Pixar.avi
[26/09/2011 – 21:04:02 | N | 734367744] E:_'antre De La Folie http://www.Zone-Telechargement.com.avi
[11/09/2011 – 13:53:52 | N | 676001792] E:Futur.Immediat-DVD.RIP-Divx-FR.[emule-island.ru].avi
[15/09/2011 – 19:58:32 | N | 735361024] E:Le.prince.de.Sicile.teste.par.[emule-island.ru].avi
[05/09/2012 – 20:00:18 | N | 737810433] E:LE.PETIT.BAIGNEUR.ZiW.avi
[14/10/2013 – 13:01:58 | N | 110325] E:Obligation de paiement.pdf
[21/10/2013 – 08:41:00 | D ] E:Exécution du contrat d'assurance
[22/10/2013 – 08:45:32 | N | 82606] E:Support oral.pdf
[17/10/2013 – 15:52:40 | N | 241633] E:Bon de commande Lamy.oxps
[06/11/2013 – 13:20:34 | N | 41808] E:CV Gestionnaire – à jour.odt
[06/11/2013 – 10:24:38 | N | 30943] E:Photo cv.docx
[14/10/2013 – 17:52:18 | H | 16] E:AUTORUN.INF

################## | Vaccin |

(!) Cet ordinateur n'est pas vacciné!

################## | E.O.F | http://www.usbfix.net” onclick=”window.open(this.href);return false; – https://www.sosvirus.net” onclick=”window.open(this.href);return false; |[/spoiler:1suyz1cd]

Merci Bill !