nadouche92-2
Nombre d'articles : 0

VOILA RAPPORT APRES SUPPRESSION
############################## | UsbFix V 7.152 | [Suppression]

Utilisateur: Nadia (Administrateur) # NADIA-PC
Mis à jour le 20/11/2013 par El Desaparecido – Team SosVirus
Lancé à 14:47:34 | 23/11/2013

Site Web : http://www.usbfix.net » onclick= »window.open(this.href);return false;
Forum : http://www.sosvirus.net/ » onclick= »window.open(this.href);return false;
Upload Malware : upload_malware.php
Contact : http://www.usbfix.net/contact/ » onclick= »window.open(this.href);return false;

PC: ASUSTeK COMPUTER INC. (1025C)
CPU: Intel(R) Atom(TM) CPU N2800 @ 1.86GHz
RAM -> [Total : 1012 | Free : 174]
Bios: American Megatrends Inc.
Boot: Normal boot

OS: Microsoft Windows 7 Édition Starter (6.1.7601 32-Bit) Service Pack 1
WB: Windows Internet Explorer : 10.0.9200.16736
WB: Mozilla Firefox : 16.0.2

SC: Security Center Service [Enabled]
WU: Windows Update Service [Enabled]
AV: avast! Antivirus [(!) Disabled | Updated]
AS: Windows Defender : 6.1.7600.16385 (win7_rtm.090713-1255)
FW: Windows FireWall Service [Enabled]

C: (%systemdrive%) -> Disque fixe # 100 Go (65 Go libre(s) – 65%) [] # NTFS
D: -> Disque fixe # 183 Go (183 Go libre(s) – 100%) [] # NTFS

################## | Processus Stoppés |

Stoppé! C:Program FilesAVAST SoftwareAvastAvastSvc.exe (ID: 1492 |ParentID: 672)
Stoppé! C:Program FilesAVAST SoftwareAvastAvastUI.exe (ID: 3028 |ParentID: 612)
Stoppé! C:Program FilesPANDORA.TVPanServiceKMPService.exe (ID: 5956 |ParentID: 672)
Stoppé! C:windowsMicrosoft.NetFrameworkv3.0WPFPresentationFontCache.exe (ID: 4388 |ParentID: 672)
Stoppé! C:Program FilesPANDORA.TVPanServiceKMPProcess.exe (ID: 5880 |ParentID: 5956)
Stoppé! C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSVC.EXE (ID: 2164 |ParentID: 672)
Stoppé! C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSvcM.exe (ID: 1696 |ParentID: 2164)
Stoppé! C:windowssystem32SearchIndexer.exe (ID: 5104 |ParentID: 672)
Stoppé! C:Program FilesWindows Media Playerwmpnetwk.exe (ID: 3068 |ParentID: 672)
Stoppé! C:windowsSystem32spoolsv.exe (ID: 3608 |ParentID: 672)
Stoppé! C:windowsExplorer.exe (ID: 3408 |ParentID: 5148)
Stoppé! C:windowssystem32DllHost.exe (ID: 3532 |ParentID: 836)
Stoppé! C:Program FilesMozilla Firefoxfirefox.exe (ID: 4116 |ParentID: 3408)
Stoppé! C:Program FilesMozilla Firefoxplugin-container.exe (ID: 2804 |ParentID: 4116)
Stoppé! C:windowssystem32MacromedFlashFlashPlayerPlugin_11_9_900_117.exe (ID: 3632 |ParentID: 2804)
Stoppé! C:windowssystem32MacromedFlashFlashPlayerPlugin_11_9_900_117.exe (ID: 3272 |ParentID: 3632)

################## | Regedit Run |

04 – HKLMSOFTWARE | Run : [GfxServiceInstall] – C:windowssystem32GfxCUIServiceInstall.vbs
04 – HKLMSOFTWARE | Run : [Adobe Reader Speed Launcher] – « C:Program FilesAdobeReader 9.0ReaderReader_sl.exe »
04 – HKLMSOFTWARE | Run : [HotkeyMon] – AsusSender.exe C:Program FilesASUSHotkeyServiceHotKeyMon.exe
04 – HKLMSOFTWARE | Run : [HotkeyService] – AsusSender.exe C:Program FilesASUSHotkeyServiceHotkeyService.exe
04 – HKLMSOFTWARE | Run : [SuperHybridEngine] – AsusSender.exe C:Program FilesASUSSHESuperHybridEngine.exe
04 – HKLMSOFTWARE | Run : [LiveUpdate] – AsusSender.exe C:Program FilesAsusLiveUpdateLiveUpdate.exe auto
04 – HKLMSOFTWARE | Run : [CapsHook] – AsusSender.exe C:Program FilesASUSCapsHookCapsHook.exe
04 – HKLMSOFTWARE | Run : [Eee Docking] – C:Program FilesASUSEee DockingEee Docking.exe autorun
04 – HKLMSOFTWARE | Run : [ASUSWebStorage] – C:Program FilesASUSASUS WebStorage3.0.108.222AsusWSPanel.exe /S
04 – HKLMSOFTWARE | Run : [VizorHtmlDialog.exe] – « C:Program FilesTrend MicroTitaniumUIFrameworkVizorHtmlDialog.exe » « DEF » « EULA » « C:Program FilesTrend MicroTitaniumUIInstaller.cmptresourcespreinstall_01_welcome_trial.html » « DEF » « DEF » « DEF »
04 – HKLMSOFTWARE | Run : [Trend Micro Client Framework] – « C:Program FilesTrend MicroUniClientUiFrmWrkUIWatchDog.exe »
04 – HKLMSOFTWARE | Run : [Trend Micro Titanium] – C:Program FilesTrend MicroTitaniumVizorShortCut.exe -ReFlush « none » « none »
04 – HKLMSOFTWARE | Run : [VAWinAgent] – C:ExpressGateUtilVAWinAgent.exe
04 – HKLMSOFTWARE | Run : [IgfxTray] – C:windowssystem32igfxtray.exe
04 – HKLMSOFTWARE | Run : [HotKeysCmds] – C:windowssystem32hkcmd.exe
04 – HKLMSOFTWARE | Run : [Persistence] – C:windowssystem32igfxpers.exe
04 – HKLMSOFTWARE | Run : [RtHDVCpl] – C:Program FilesRealtekAudioHDARtHDVCpl.exe -s
04 – HKLMSOFTWARE | Run : [ETDCtrl] – %ProgramFiles%ElantechETDCtrl.exe
04 – HKLMSOFTWARE | Run : [ASUSPRP] – C:Program FilesASUSAPRPAPRP.EXE
04 – HKLMSOFTWARE | Run : [avast] – « C:Program FilesAVAST SoftwareAvastavastUI.exe » /nogui
04 – HKLMSOFTWARE | Run : [iSeriesCharge] – AsusSender.exe C:Program FilesASUSUSBChargeSettingiSeriesCharge.exe
04 – HKLMSOFTWARE | RunOnce : [] –
04 – HKUS-1-5-19SOFTWARE | Run : [Sidebar] – %ProgramFiles%Windows SidebarSidebar.exe /autoRun
04 – HKUS-1-5-20SOFTWARE | Run : [Sidebar] – %ProgramFiles%Windows SidebarSidebar.exe /autoRun
04 – HKUS-1-5-19SOFTWARE | RunOnce : [mctadmin] – C:WindowsSystem32mctadmin.exe
04 – HKUS-1-5-20SOFTWARE | RunOnce : [mctadmin] – C:WindowsSystem32mctadmin.exe

################## | Recherche générique |

Supprimé! C:UsersNadiaAppDataLocalTemputtBB75.tmp.exe
Supprimé! C:UsersNadiaAppDataLocalTempjvNKRBkG.vbs

(!) Fichiers temporaires supprimés.

################## | Référence de comparaison MD5 |

Md5 : 86135C147E1EC57C5F163769827B1ADC -> C:UsersNadiaAppDataLocalTempjvNKRBkG.vbs

################## | Comparaison MD5 |

################## | Registre |

################## | Listing |

[25/10/2012 – 14:35:56 | SHD ] C:$RECYCLE.BIN
[11/10/2013 – 16:17:33 | D ] C:AsusVibeData
[10/06/2009 – 22:42:20 | N | 24] C:autoexec.bat
[28/06/2012 – 15:03:51 | SHD ] C:Boot
[20/11/2010 – 13:40:08 | RASH | 383786] C:bootmgr
[28/06/2012 – 15:05:00 | N | 49] C:CFGCHK.log
[10/06/2009 – 22:42:20 | N | 10] C:config.sys
[14/07/2009 – 05:53:55 | SHD ] C:Documents and Settings
[25/10/2012 – 14:40:19 | D ] C:ExpressGateUtil
[23/11/2013 – 14:17:39 | ASH | 795820032] C:hiberfil.sys
[11/04/2012 – 06:05:15 | D ] C:Intel
[31/01/2013 – 18:51:24 | RHD ] C:MSOCache
[27/06/2012 – 21:44:14 | D ] C:OEM
[23/11/2013 – 14:17:41 | ASH | 1073741824] C:pagefile.sys
[14/07/2009 – 03:37:05 | D ] C:PerfLogs
[15/10/2013 – 15:34:49 | N | 1372] C:preference.xml
[07/11/2013 – 20:19:15 | D ] C:Program Files
[07/11/2013 – 19:07:44 | HD ] C:ProgramData
[25/10/2012 – 14:26:11 | SHD ] C:Recovery
[11/04/2012 – 06:07:13 | N | 2055] C:RHDSetup.log
[31/08/2011 – 13:00:22 | N | 1083] C:setup.iss
[11/04/2012 – 08:05:54 | N | 164] C:setup.log
[17/11/2013 – 23:56:47 | SHD ] C:System Volume Information
[23/11/2013 – 14:50:39 | D ] C:UsbFix
[23/11/2013 – 14:50:44 | A | 6888] C:UsbFix [Clean 2] NADIA-PC.txt
[23/11/2013 – 14:36:08 | N | 9277] C:UsbFix [Scan 1] NADIA-PC.txt
[25/10/2012 – 14:27:57 | RD ] C:Users
[09/08/2013 – 21:48:01 | D ] C:Windows
[25/10/2012 – 14:31:32 | SHD ] D:$RECYCLE.BIN
[26/10/2012 – 05:04:17 | SHD ] D:System Volume Information

################## | Vaccin |

(!) Cet ordinateur n’est pas vacciné!

################## | E.O.F | http://www.usbfix.net » onclick= »window.open(this.href);return false; – http://www.sosvirus.net » onclick= »window.open(this.href);return false; |