rapsut
Participant
Nombre d'articles : 11

Re
bien ,rapport USBfix
amicalement JAS
############################## | UsbFix V 7.150 | [Suppression]

Utilisateur: jas (Administrateur) # JAS-PC
Mis à jour le 08/11/2013 par El Desaparecido – Team SosVirus
Lancé à 12:20:52 | 11/11/2013

Site Web : http://www.usbfix.net” onclick=”window.open(this.href);return false;
Forum : https://www.sosvirus.net/” onclick=”window.open(this.href);return false;
Upload Malware : upload_malware.php
Contact : http://www.usbfix.net/contact/” onclick=”window.open(this.href);return false;

PC: ASUSTeK Computer INC. (P8P67 PRO)
CPU: Intel(R) Core(TM) i5-2500K CPU @ 3.30GHz
RAM -> [Total : 3057 | Free : 1483]
Bios: American Megatrends Inc.
Boot: Normal boot

OS: Microsoft Windows 7 Professionnel (6.1.7601 32-Bit) Service Pack 1
WB: Windows Internet Explorer : 10.0.9200.16721
WB: Google Chrome : 30.0.1599.101

SC: Security Center Service [Enabled]
WU: Windows Update Service [Enabled]
AV: avast! Antivirus [(!) Disabled | Updated]
AS: Windows Defender : 6.1.7600.16385 (win7_rtm.090713-1255)
AS: Malwarebytes’ Anti-Malware : 1.75.0001
FW: Windows FireWall Service [Enabled]

C: (%systemdrive%) -> Disque fixe # 233 Go (183 Go libre(s) – 78%) [] # NTFS
D: -> CD-ROM
E: -> Disque amovible # 30 Go (27 Go libre(s) – 90%) [] # FAT32
F: -> Disque fixe # 153 Go (55 Go libre(s) – 36%) [ext2] # NTFS

################## | Processus Stoppés |

Stoppé! C:Program FilesNVIDIA Corporation3D VisionnvSCPAPISvr.exe (ID: 944 |ParentID: 668)
Stoppé! C:Program FilesAVAST SoftwareAvastAvastSvc.exe (ID: 1576 |ParentID: 668)
Stoppé! C:WindowsSystem32spoolsv.exe (ID: 1708 |ParentID: 668)
Stoppé! C:Windowssystem32taskhost.exe (ID: 1824 |ParentID: 668)
Stoppé! C:Program FilesCommon FilesAdobeARM1.0armsvc.exe (ID: 512 |ParentID: 668)
Stoppé! C:WindowsExplorer.EXE (ID: 544 |ParentID: 1892)
Stoppé! C:Program FilesGoogleUpdate1.3.21.165GoogleCrashHandler.exe (ID: 800 |ParentID: 1960)
Stoppé! C:Program FilesMicrosoftBingBar7.2.241.0BBSvc.exe (ID: 1200 |ParentID: 668)
Stoppé! C:Windowssystem32IProsetMonitor.exe (ID: 1548 |ParentID: 668)
Stoppé! C:Program FilesLinksysLinksys UpdaterbinLinksysUpdater.exe (ID: 1624 |ParentID: 668)
Stoppé! C:Program FilesCommon FilesLogiShrdLVMVFMLVPrcSrv.exe (ID: 1596 |ParentID: 668)
Stoppé! C:Program FilesNVIDIA CorporationNvStreamSrvnvstreamsvc.exe (ID: 2060 |ParentID: 668)
Stoppé! C:Program FilesNVIDIA CorporationNVIDIA Update Coredaemonu.exe (ID: 2120 |ParentID: 668)
Stoppé! C:Program FilesTomTom HOME 2TomTomHOMEService.exe (ID: 2216 |ParentID: 668)
Stoppé! C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSVC.EXE (ID: 2272 |ParentID: 668)
Stoppé! C:Program FilesCommon FilesPure Networks SharedPlatformnmsrvc.exe (ID: 2320 |ParentID: 668)
Stoppé! C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSvcM.exe (ID: 2384 |ParentID: 2272)
Stoppé! C:Windowssystem32rundll32.exe (ID: 2932 |ParentID: 2920)
Stoppé! C:Program FilesRealtekAudioHDARtHDVCpl.exe (ID: 3032 |ParentID: 544)
Stoppé! C:Program FilesIntelIntel(R) Rapid Storage TechnologyIAStorIcon.exe (ID: 3040 |ParentID: 544)
Stoppé! C:Program FilesRenesas ElectronicsUSB 3.0 Host Controller DriverApplicationnusb3mon.exe (ID: 3048 |ParentID: 544)
Stoppé! C:Program FilesLogitechLogitech WebCam SoftwareLWS.exe (ID: 3080 |ParentID: 544)
Stoppé! C:Program FilesNVIDIA CorporationNVIDIA Update CoreNvTmru.exe (ID: 3120 |ParentID: 544)
Stoppé! C:Program FilesCommon FilesPure Networks SharedPlatformnmctxth.exe (ID: 3184 |ParentID: 544)
Stoppé! C:Program FilesHPHP Software Updatehpwuschd2.exe (ID: 3248 |ParentID: 544)
Stoppé! C:Program FilesSamsungKiesKiesTrayAgent.exe (ID: 3280 |ParentID: 544)
Stoppé! C:Program FilesMyHeritageBinFTBCheckUpdates.exe (ID: 3372 |ParentID: 544)
Stoppé! C:Program FilesAVAST SoftwareAvastAvastUI.exe (ID: 3428 |ParentID: 544)
Stoppé! C:Program FilesMicrosoft OfficeOffice14MSOSYNC.EXE (ID: 3532 |ParentID: 544)
Stoppé! C:Program FilesWindows Sidebarsidebar.exe (ID: 3544 |ParentID: 544)
Stoppé! C:Program FilesCommon FilesLogishrdLQCVFXCOCIManager.exe (ID: 3568 |ParentID: 840)
Stoppé! C:Program FilesSamsungKiesKies.exe (ID: 3604 |ParentID: 544)
Stoppé! C:Program FilesSamsungKiesExternalFirmwareUpdateKiesPDLR.exe (ID: 3636 |ParentID: 544)
Stoppé! C:Program FilesTomTom HOME 2TomTomHOMERunner.exe (ID: 3652 |ParentID: 544)
Stoppé! C:Program FilesWinZipWZQKPICK.EXE (ID: 3732 |ParentID: 544)
Stoppé! C:Windowssystem32java.exe (ID: 1776 |ParentID: 1624)
Stoppé! C:Windowssystem32conhost.exe (ID: 1760 |ParentID: 540)
Stoppé! C:Program FilesNVIDIA CorporationNvStreamSrvnvstreamsvc.exe (ID: 2580 |ParentID: 2060)
Stoppé! C:Windowssystem32conhost.exe (ID: 2568 |ParentID: 620)
Stoppé! C:Windowssystem32SearchIndexer.exe (ID: 1732 |ParentID: 668)
Stoppé! C:Program FilesWindows Media Playerwmpnetwk.exe (ID: 4588 |ParentID: 668)
Stoppé! C:Program FilesIntelIntel(R) Rapid Storage TechnologyIAStorDataMgrSvc.exe (ID: 4068 |ParentID: 668)
Stoppé! C:Program FilesWindows LiveMailwlmail.exe (ID: 5800 |ParentID: 544)
Stoppé! C:Program FilesWindows LiveContactswlcomm.exe (ID: 4400 |ParentID: 840)
Stoppé! C:Program FilesGoogleChromeApplicationchrome.exe (ID: 5724 |ParentID: 5800)
Stoppé! C:Program FilesGoogleChromeApplicationchrome.exe (ID: 1488 |ParentID: 5724)
Stoppé! C:Program FilesGoogleChromeApplicationchrome.exe (ID: 3900 |ParentID: 5724)
Stoppé! C:Program FilesGoogleChromeApplicationchrome.exe (ID: 5272 |ParentID: 5724)
Stoppé! C:Program FilesGoogleChromeApplicationchrome.exe (ID: 4484 |ParentID: 5724)
Stoppé! C:WindowsservicingTrustedInstaller.exe (ID: 5672 |ParentID: 668)
Stoppé! C:Program FilesGoogleChromeApplicationchrome.exe (ID: 4100 |ParentID: 5724)
Stoppé! C:WindowsSystem32WUDFHost.exe (ID: 1568 |ParentID: 1136)

################## | Regedit Run |

04 – HKLMSOFTWARE | Run : [RtHDVCpl] – C:Program FilesRealtekAudioHDARtHDVCpl.exe -s
04 – HKLMSOFTWARE | Run : [IAStorIcon] – C:Program FilesIntelIntel(R) Rapid Storage TechnologyIAStorIcon.exe
04 – HKLMSOFTWARE | Run : [NUSB3MON] – “C:Program FilesRenesas ElectronicsUSB 3.0 Host Controller DriverApplicationnusb3mon.exe”
04 – HKLMSOFTWARE | Run : [LogitechQuickCamRibbon] – “C:Program FilesLogitechLogitech WebCam SoftwareLWS.exe” /hide
04 – HKLMSOFTWARE | Run : [BCSSync] – “C:Program FilesMicrosoft OfficeOffice14BCSSync.exe” /DelayServices
04 – HKLMSOFTWARE | Run : [Nvtmru] – “C:Program FilesNVIDIA CorporationNVIDIA Update Corenvtmru.exe”
04 – HKLMSOFTWARE | Run : [Adobe ARM] – “C:Program FilesCommon FilesAdobeARM1.0AdobeARM.exe”
04 – HKLMSOFTWARE | Run : [SunJavaUpdateSched] – “C:Program FilesJavajre7binjusched.exe”
04 – HKLMSOFTWARE | Run : [nmctxth] – “C:Program FilesCommon FilesPure Networks SharedPlatformnmctxth.exe”
04 – HKLMSOFTWARE | Run : [HP Software Update] – C:Program FilesHPHP Software UpdateHPWuSchd2.exe
04 – HKLMSOFTWARE | Run : [] –
04 – HKLMSOFTWARE | Run : [KiesTrayAgent] – C:Program FilesSamsungKiesKiesTrayAgent.exe
04 – HKLMSOFTWARE | Run : [ShadowPlay] – C:Windowssystem32rundll32.exe C:Windowssystem32nvspcap.dll,ShadowPlayOnSystemStart
04 – HKLMSOFTWARE | Run : [Family Tree Builder Update] – C:Program FilesMyHeritageBinFTBCheckUpdates.exe
04 – HKLMSOFTWARE | Run : [AvastUI.exe] – “C:Program FilesAVAST SoftwareAvastAvastUI.exe” /nogui
04 – HKLMSOFTWARE | RunOnce : [] –
04 – HKUS-1-5-19SOFTWARE | Run : [Sidebar] – %ProgramFiles%Windows SidebarSidebar.exe /autoRun
04 – HKUS-1-5-20SOFTWARE | Run : [Sidebar] – %ProgramFiles%Windows SidebarSidebar.exe /autoRun
04 – HKUS-1-5-21-1565210137-3146814292-896495932-1000SOFTWARE | Run : [OfficeSyncProcess] – “C:Program FilesMicrosoft OfficeOffice14MSOSYNC.EXE”
04 – HKUS-1-5-21-1565210137-3146814292-896495932-1000SOFTWARE | Run : [ultracopier] – “C:Program FilesSupercopiersupercopier.exe”
04 – HKUS-1-5-21-1565210137-3146814292-896495932-1000SOFTWARE | Run : [Sidebar] – C:Program FilesWindows Sidebarsidebar.exe /autoRun
04 – HKUS-1-5-21-1565210137-3146814292-896495932-1000SOFTWARE | Run : [KiesPreload] – C:Program FilesSamsungKiesKies.exe /preload
04 – HKUS-1-5-21-1565210137-3146814292-896495932-1000SOFTWARE | Run : [KiesAirMessage] – C:Program FilesSamsungKiesKiesAirMessage.exe -startup
04 – HKUS-1-5-21-1565210137-3146814292-896495932-1000SOFTWARE | Run : [] – C:Program FilesSamsungKiesExternalFirmwareUpdateKiesPDLR.exe
04 – HKUS-1-5-21-1565210137-3146814292-896495932-1000SOFTWARE | Run : [Update Service] – C:PROGRA~1COMMON~1TEKNUM~1update.exe /startup
04 – HKUS-1-5-21-1565210137-3146814292-896495932-1000SOFTWARE | Run : [TomTomHOME.exe] – “C:Program FilesTomTom HOME 2TomTomHOMERunner.exe”
04 – HKUS-1-5-19SOFTWARE | RunOnce : [mctadmin] – C:WindowsSystem32mctadmin.exe
04 – HKUS-1-5-20SOFTWARE | RunOnce : [mctadmin] – C:WindowsSystem32mctadmin.exe
04 – HKUS-1-5-18SOFTWARE | RunOnce : [SPReview] – “C:WindowsSystem32SPReviewSPReview.exe” /sp:1 /errorfwlink:”http://go.microsoft.com/fwlink/?LinkID=122915″ /build:7601

################## | Recherche générique |

Supprimé! E:RunClubSanDisk.exe
Supprimé! C:UsersjasAppDataLocalTemputt6559.tmp.exe
Supprimé! C:UsersjasAppDataLocalTemputtB3A7.tmp.exe
Supprimé! E:autorun.inf

(!) Fichiers temporaires supprimés.

################## | Registre |

Réparé ! HKCUSoftwareMicrosoftWindowsCurrentVersionExplorerAdvanced|Start_ShowMyGames -> 1

################## | Listing |

[11/06/2013 – 18:28:35 | SHD ] C:$Recycle.Bin
[03/06/2013 – 07:41:12 | D ] C:64e061826bef969197bcfdae81
[03/06/2013 – 18:57:50 | D ] C:8601edb96f329213d41d3853d29afc
[10/11/2013 – 21:21:21 | D ] C:AdwCleaner
[13/08/2013 – 18:13:08 | N | 3557] C:AdwCleaner[R1].txt
[13/08/2013 – 19:46:28 | N | 1610] C:AdwCleaner[R2].txt
[13/08/2013 – 18:13:38 | N | 3548] C:AdwCleaner[S1].txt
[13/08/2013 – 20:21:34 | N | 1483] C:AdwCleaner[S2].txt
[01/06/2013 – 17:48:39 | N | 157] C:AsCD.log
[10/06/2009 – 22:42:20 | N | 24] C:autoexec.bat
[06/09/2013 – 07:46:23 | RASHD ] C:Autorun.inf
[08/11/2013 – 11:01:47 | D ] C:Config.Msi
[10/06/2009 – 22:42:20 | N | 10] C:config.sys
[14/07/2009 – 05:53:55 | SHD ] C:Documents and Settings
[07/11/2007 – 08:00:40 | N | 17734] C:eula.1028.txt
[07/11/2007 – 08:00:40 | N | 17734] C:eula.1031.txt
[07/11/2007 – 08:00:40 | N | 10134] C:eula.1033.txt
[07/11/2007 – 08:00:40 | N | 17734] C:eula.1036.txt
[07/11/2007 – 08:00:40 | N | 17734] C:eula.1040.txt
[07/11/2007 – 08:00:40 | N | 118] C:eula.1041.txt
[07/11/2007 – 08:00:40 | N | 17734] C:eula.1042.txt
[07/11/2007 – 08:00:40 | N | 17734] C:eula.2052.txt
[07/11/2007 – 08:00:40 | N | 17734] C:eula.3082.txt
[20/07/2013 – 08:59:35 | D ] C:found.000
[03/10/2013 – 05:56:28 | D ] C:found.001
[12/10/2013 – 02:32:41 | D ] C:found.002
[10/11/2013 – 19:44:08 | D ] C:FRST
[07/11/2007 – 08:00:40 | N | 1110] C:globdata.ini
[19/06/2013 – 10:06:28 | D ] C:god mode
[11/11/2013 – 12:11:00 | ASH | 2403999744] C:hiberfil.sys
[07/11/2007 – 08:03:18 | N | 562688] C:install.exe
[07/11/2007 – 08:00:40 | N | 843] C:install.ini
[07/11/2007 – 08:03:18 | N | 76304] C:install.res.1028.dll
[07/11/2007 – 08:03:18 | N | 96272] C:install.res.1031.dll
[07/11/2007 – 08:03:18 | N | 91152] C:install.res.1033.dll
[07/11/2007 – 08:03:18 | N | 97296] C:install.res.1036.dll
[07/11/2007 – 08:03:18 | N | 95248] C:install.res.1040.dll
[07/11/2007 – 08:03:18 | N | 81424] C:install.res.1041.dll
[07/11/2007 – 08:03:18 | N | 79888] C:install.res.1042.dll
[07/11/2007 – 08:03:18 | N | 75792] C:install.res.2052.dll
[07/11/2007 – 08:03:18 | N | 96272] C:install.res.3082.dll
[01/06/2013 – 17:49:21 | D ] C:Intel
[20/07/2013 – 22:19:39 | RHD ] C:MSOCache
[14/10/2013 – 15:17:10 | D ] C:Nouveau dossier
[01/06/2013 – 20:18:43 | D ] C:NVIDIA
[11/11/2013 – 12:10:59 | ASH | 3205332992] C:pagefile.sys
[14/07/2009 – 03:37:05 | D ] C:PerfLogs
[11/11/2013 – 12:09:12 | D ] C:Program Files
[11/11/2013 – 12:07:46 | HD ] C:ProgramData
[10/11/2013 – 21:18:12 | N | 2269] C:rapport.txt
[01/06/2013 – 17:43:07 | SHD ] C:Recovery
[11/11/2013 – 12:09:12 | D ] C:Shortcut_Module
[11/11/2013 – 12:12:45 | SHD ] C:System Volume Information
[11/11/2013 – 10:52:14 | N | 22] C:Upload_UsbFix.zip
[11/11/2013 – 12:21:03 | D ] C:UsbFix
[06/09/2013 – 08:10:19 | N | 12411] C:UsbFix [Clean 1] JAS-PC.txt
[11/11/2013 – 12:21:19 | A | 12621] C:UsbFix [Clean 2] JAS-PC.txt
[02/06/2013 – 08:32:14 | D ] C:Users
[07/11/2007 – 08:00:40 | N | 5686] C:vcredist.bmp
[07/11/2007 – 08:09:22 | N | 1442522] C:VC_RED.cab
[07/11/2007 – 08:12:28 | N | 232960] C:VC_RED.MSI
[10/09/2013 – 08:16:18 | D ] C:VIDEO_TS
[11/11/2013 – 12:13:08 | D ] C:Windows
[29/06/2011 – 10:56:42 | N | 27311232] E:RunSanDiskSecureAccess_Win.exe
[24/08/2011 – 19:48:26 | D ] E:club_application
[24/08/2011 – 19:48:36 | D ] E:SanDiskSecureAccess
[20/05/2013 – 21:29:42 | N | 735229952] E:A.Good.Day.To.Die.Hard.2013.FRENCH.HDRip.XViD-TNB.By.Hadopix.[emule-island.ru].avi
[18/08/2013 – 09:52:20 | N | 2314992020] E:Oblivion.2013.TRUEFRENCH.RERiP.BRRip.XviD.AC3-TMB.By.DreameR.[emule-island.ru].avi
[12/09/2013 – 10:05:54 | D ] E:Nouveau dossier
[18/09/2013 – 08:00:32 | N | 1039554] E:adwcleaner (1).exe
[06/06/2013 – 07:27:19 | SHD ] F:$RECYCLE.BIN
[15/11/2009 – 21:20:58 | D ] F:729d9a513c911071ed18b0
[18/02/2009 – 18:14:50 | D ] F:7e01cc77b7efdc52574bc4af994005
[06/09/2013 – 07:46:23 | RASHD ] F:Autorun.inf
[13/12/2012 – 03:28:06 | D ] F:emule
[14/05/2013 – 20:49:56 | D ] F:film
[04/04/2013 – 15:16:20 | N | 379] F:Groupe résidentiel – Raccourci.lnk
[29/12/2009 – 14:31:43 | D ] F:help
[29/12/2009 – 12:30:59 | D ] F:hitajick
[24/10/2010 – 18:01:55 | D ] F:JAS-PC
[28/09/2010 – 16:27:06 | D ] F:jeux
[29/09/2010 – 17:22:01 | N | 528] F:MediaID.bin
[04/04/2013 – 13:00:10 | D ] F:Nouveau dossier
[29/12/2009 – 12:32:54 | D ] F:Nouveau dossier(2)
[29/12/2009 – 12:37:24 | D ] F:Oxemis
[04/09/2011 – 06:34:55 | N | 13557760] F:Oxemis Video Library.msi
[26/10/2011 – 18:24:24 | D ] F:Program Files
[29/12/2009 – 14:11:20 | D ] F:programme file
[29/12/2009 – 14:11:34 | D ] F:Reader
[06/09/2013 – 07:45:25 | SHD ] F:RECYCLER
[29/12/2009 – 14:11:41 | D ] F:ref
[29/12/2009 – 14:11:48 | D ] F:Resource
[13/10/2012 – 17:30:09 | SHD ] F:System Volume Information
[29/12/2009 – 14:11:48 | D ] F:temp
[15/08/2010 – 18:57:18 | D ] F:video librairie
[29/12/2009 – 14:22:26 | D ] F:video library
[07/11/2010 – 19:06:09 | D ] F:WindowsImageBackup
[29/12/2009 – 14:30:40 | D ] F:wolf

################## | Vaccin |

C:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
E:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
F:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)

################## | E.O.F | http://www.usbfix.net” onclick=”window.open(this.href);return false; – https://www.sosvirus.net” onclick=”window.open(this.href);return false; |