sganarel
Participant
Nombre d'articles : 10

Bonjour Hawk,
Voici le rapport.

[spoiler:2ofee9kf]############################## | UsbFix V 7.152 | [Suppression]

Utilisateur: Thomas (Administrateur) # THOMAS-PC
Mis à jour le 20/11/2013 par El Desaparecido – Team SosVirus
Lancé à 11:34:58 | 24/11/2013

Site Web : http://www.usbfix.net » onclick= »window.open(this.href);return false;
Forum : http://www.sosvirus.net/ » onclick= »window.open(this.href);return false;
Upload Malware : upload_malware.php
Contact : http://www.usbfix.net/contact/ » onclick= »window.open(this.href);return false;

PC: Acer (Aspire X3990)
CPU: Intel(R) Core(TM) i3-2120 CPU @ 3.30GHz
RAM -> [Total : 6126 | Free : 4114]
Bios: American Megatrends Inc.
Boot: Normal boot

OS: Microsoft Windows 7 Édition Familiale Premium (6.1.7601 64-Bit) Service Pack 1
WB: Windows Internet Explorer : 10.0.9200.16736
WB: Mozilla Firefox : 25.0.1

SC: Security Center Service [Enabled]
WU: Windows Update Service [Enabled]
AV: AVG AntiVirus Free Edition 2014 [Enabled | Updated]
AS: Windows Defender : 6.1.7600.16385 (win7_rtm.090713-1255)
AS: Malwarebytes' Anti-Malware : 1.75.0001
FW: Windows FireWall Service [Enabled]

C: (%systemdrive%) -> Disque fixe # 456 Go (108 Go libre(s) – 24%) [Acer] # NTFS
D: -> Disque fixe # 457 Go (295 Go libre(s) – 64%) [DATA] # NTFS
E: -> CD-ROM
H: -> CD-ROM

################## | Processus Stoppés |

Stoppé! C:PROGRA~2AVGAVG2014avgrsa.exe (ID: 456 |ParentID: 444)
Stoppé! C:Program Files (x86)AVGAVG2014avgcsrva.exe (ID: 496 |ParentID: 456)
Stoppé! C:Program Files (x86)AVGAVG2014avgidsagent.exe (ID: 1968 |ParentID: 892)
Stoppé! C:Program Files (x86)AVGAVG2014avgwdsvc.exe (ID: 1996 |ParentID: 892)
Stoppé! C:Program Files (x86)AVGAVG2014avgnsa.exe (ID: 3024 |ParentID: 1996)
Stoppé! C:Program Files (x86)AVGAVG2014avgemca.exe (ID: 3032 |ParentID: 1996)
Stoppé! C:Program Files (x86)AVGAVG2014avgui.exe (ID: 3908 |ParentID: 3744)
Stoppé! C:Windowsexplorer.exe (ID: 4852 |ParentID: 948)
Stoppé! C:WindowsSystem32rundll32.exe (ID: 3968 |ParentID: 516)
Stoppé! C:WindowsSystem32WUDFHost.exe (ID: 4320 |ParentID: 1164)
Stoppé! C:Program Files (x86)OrangeAssistance LiveboxdedicarzDedicarzService.exe (ID: 3472 |ParentID: 892)
Stoppé! C:Program FilesBonjourmDNSResponder.exe (ID: 3852 |ParentID: 892)
Stoppé! C:Windowssystem32SearchIndexer.exe (ID: 4020 |ParentID: 892)
Stoppé! C:Program FilesWindows Media Playerwmpnetwk.exe (ID: 3416 |ParentID: 892)
Stoppé! C:Windowssystem32DllHost.exe (ID: 4660 |ParentID: 516)
Stoppé! C:Program Files (x86)IntelIntel(R) Management Engine ComponentsLMSLMS.exe (ID: 2140 |ParentID: 892)
Stoppé! C:WindowsSystem32spoolsv.exe (ID: 2872 |ParentID: 892)
Stoppé! C:Windowssystem32taskeng.exe (ID: 2264 |ParentID: 1304)
Stoppé! C:Program FilesEgisTec IPSPMMUpdate.exe (ID: 4324 |ParentID: 2264)
Stoppé! C:Program Files (x86)Mozilla Firefoxfirefox.exe (ID: 2156 |ParentID: 4852)
Stoppé! C:Program Files (x86)Mozilla Firefoxplugin-container.exe (ID: 3372 |ParentID: 2156)
Stoppé! C:WindowsSysWOW64MacromedFlashFlashPlayerPlugin_11_9_900_117.exe (ID: 3264 |ParentID: 3372)
Stoppé! C:WindowsSysWOW64MacromedFlashFlashPlayerPlugin_11_9_900_117.exe (ID: 1408 |ParentID: 3264)

################## | Regedit Run |

04 – HKLMSOFTWARE | Run : [Adobe ARM] – « C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe »
04 – HKLMSOFTWARE | Run : [ISUSScheduler] – « C:Program Files (x86)Common FilesInstallShieldUpdateServiceissch.exe » -start
04 – HKLMSOFTWARE | Run : [AVG_UI] – « C:Program Files (x86)AVGAVG2014avgui.exe » /TRAYONLY
04 – HKLMSOFTWAREwow6432Node | Run : [Adobe ARM] – « C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe »
04 – HKLMSOFTWAREwow6432Node | Run : [ISUSScheduler] – « C:Program Files (x86)Common FilesInstallShieldUpdateServiceissch.exe » -start
04 – HKLMSOFTWAREwow6432Node | Run : [AVG_UI] – « C:Program Files (x86)AVGAVG2014avgui.exe » /TRAYONLY
04 – HKLMSOFTWARE | RunOnce : [] –
04 – HKLMSOFTWAREwow6432Node | RunOnce : [] –
04 – HKUS-1-5-19SOFTWARE | Run : [Sidebar] – %ProgramFiles%Windows SidebarSidebar.exe /autoRun
04 – HKUS-1-5-20SOFTWARE | Run : [Sidebar] – %ProgramFiles%Windows SidebarSidebar.exe /autoRun
04 – HKUS-1-5-21-163235452-2159695537-516096458-1000SOFTWARE | Run : [OrangeInside] – C:UsersThomasAppDataRoamingOrangeOrangeInsideoneOrangeInside.exe
04 – HKUS-1-5-21-163235452-2159695537-516096458-1000SOFTWARE | Run : [ccleaner] – « C:UsersThomasSoftwareCCleanerCCleaner.exe » /AUTO
04 – HKUS-1-5-19SOFTWARE | RunOnce : [mctadmin] – C:WindowsSystem32mctadmin.exe
04 – HKUS-1-5-19SOFTWARE | RunOnce : [IsMyWinLockerReboot] – msiexec.exe /qn /x{voidguid}
04 – HKUS-1-5-20SOFTWARE | RunOnce : [mctadmin] – C:WindowsSystem32mctadmin.exe
04 – HKUS-1-5-20SOFTWARE | RunOnce : [IsMyWinLockerReboot] – msiexec.exe /qn /x{voidguid}
04 – HKUS-1-5-18SOFTWARE | RunOnce : [IsMyWinLockerReboot] – msiexec.exe /qn /x{voidguid}

################## | Recherche générique |

Supprimé! C:UsersThomasAppDataLocalBITADA1.tmp

(!) Fichiers temporaires supprimés.

################## | Registre |

Réparé ! HKLMSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem|EnableLUA -> 1
Réparé ! HKLMSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem|ConsentPromptBehaviorAdmin -> 5
Réparé ! HKLMSOFTWAREMicrosoftWindowsCurrentVersionPoliciesExplorer|NoActiveDesktop -> 0
Réparé ! HKLMSOFTWAREMicrosoftWindowsCurrentVersionPoliciesExplorer|NoActiveDesktopChanges -> 0
Supprimé! HKUS-1-5-21-163235452-2159695537-516096458-1000Software….Mountpoints2{c1a23d4f-c113-11e1-96d5-c89cdcee9725}
Supprimé! HKUS-1-5-21-163235452-2159695537-516096458-1000Software….Mountpoints2{f04ec8de-0fe1-11e3-bc00-c89cdcee9725}

################## | Listing |

[10/10/2013 – 11:02:02 | D ] C:$AVG
[04/07/2012 – 00:02:57 | SHD ] C:$Recycle.Bin
[31/03/2012 – 03:06:15 | D ] C:book
[17/10/2011 – 14:29:30 | RASH | 8192] C:BOOTSECT.BAK
[22/11/2013 – 22:46:01 | SHD ] C:Config.Msi
[14/07/2009 – 06:08:56 | SHD ] C:Documents and Settings
[03/04/2013 – 21:24:58 | N | 0] C:END
[26/09/2013 – 11:23:51 | D ] C:found.000
[22/07/2012 – 11:03:31 | D ] C:gamigo
[24/11/2013 – 10:31:54 | ASH | 4817686528] C:hiberfil.sys
[17/10/2011 – 13:40:03 | D ] C:Intel
[09/09/2013 – 21:57:43 | D ] C:net-snmp-compil-win
[01/03/2013 – 20:10:47 | D ] C:NVIDIA
[28/06/2012 – 11:53:28 | D ] C:OEM
[24/11/2013 – 10:31:53 | ASH | 6423584768] C:pagefile.sys
[14/07/2009 – 04:20:08 | D ] C:PerfLogs
[20/09/2013 – 21:24:17 | D ] C:Program Files
[22/11/2013 – 22:45:56 | D ] C:Program Files (x86)
[22/11/2013 – 22:38:56 | HD ] C:ProgramData
[02/11/2013 – 22:27:22 | D ] C:Ptp
[28/06/2012 – 11:51:06 | SHD ] C:Recovery
[23/11/2013 – 01:02:40 | SHD ] C:System Volume Information
[19/05/2013 – 13:29:52 | D ] C:tmp
[24/11/2013 – 11:35:03 | D ] C:UsbFix
[24/11/2013 – 11:35:03 | A | 6892] C:UsbFix [Clean 3] THOMAS-PC.txt
[24/11/2013 – 11:03:55 | N | 8849] C:UsbFix [Scan 1] THOMAS-PC.txt
[24/11/2013 – 11:06:42 | N | 6728] C:UsbFix [Scan 2] THOMAS-PC.txt
[18/10/2013 – 10:53:27 | RD ] C:Users
[24/11/2013 – 10:34:08 | D ] C:Windows
[29/06/2012 – 11:05:17 | SHD ] D:$RECYCLE.BIN
[12/06/2013 – 13:15:09 | D ] D:game of throne s2
[29/06/2012 – 11:55:31 | D ] D:microsoft visual
[06/01/2013 – 21:28:27 | D ] D:Musique
[28/06/2012 – 18:37:19 | SHD ] D:System Volume Information
[19/05/2013 – 13:33:52 | D ] D:temp
[19/05/2013 – 12:39:31 | D ] D:universalis

################## | Vaccin |

(!) Cet ordinateur n'est pas vacciné!

################## | E.O.F | http://www.usbfix.net » onclick= »window.open(this.href);return false; – http://www.sosvirus.net » onclick= »window.open(this.href);return false; |[/spoiler:2ofee9kf]