Johanna
Nombre d'articles : 0

Merci :)

############################## | UsbFix V 7.153 | [Suppression]

Utilisateur: Johanna (Administrateur) # BOLDERIZ
Mis à jour le 09/12/2013 par El Desaparecido – Team SosVirus
Lancé à 14:52:33 | 12/12/2013

Site Web : http://www.usbfix.net” onclick=”window.open(this.href);return false;
Forum : https://www.sosvirus.net/” onclick=”window.open(this.href);return false;
Upload Malware : upload_malware.php
Contact : http://www.usbfix.net/contact/” onclick=”window.open(this.href);return false;

PC: Acer (Aspire X3950)
CPU: Intel(R) Core(TM) i3 CPU 530 @ 2.93GHz
RAM -> [Total : 4023 | Free : 2282]
Bios: American Megatrends Inc.
Boot: Normal boot

OS: Microsoft Windows 7 Édition Familiale Premium (6.1.7601 64-Bit) Service Pack 1
WB: Windows Internet Explorer : 10.0.9200.16736
WB: Google Chrome : 31.0.1650.63

SC: Security Center Service [Enabled]
WU: Windows Update Service [Enabled]
AS: Windows Defender [Enabled | Updated]
AS: Windows Defender : 6.1.7600.16385 (win7_rtm.090713-1255)
AS: Malwarebytes’ Anti-Malware : 1.60.0061
FW: Windows FireWall Service [Enabled]

C: (%systemdrive%) -> Disque fixe # 226 Go (24 Go libre(s) – 10%) [Acer] # NTFS
D: -> Disque fixe # 226 Go (34 Go libre(s) – 15%) [Data] # NTFS
E: -> CD-ROM
G: -> CD-ROM
I: -> Disque amovible # 15 Go (15 Go libre(s) – 100%) [SD JOH] # FAT32
L: -> Disque amovible # 4 Go (4 Go libre(s) – 100%) [JOHANNA] # FAT32

################## | Processus Stoppés |

Stoppé! C:Program FilesAlwil SoftwareAvast5AvastSvc.exe (ID: 1412 |ParentID: 604)
Stoppé! C:Program FilesAlwil SoftwareAvast5AvastUI.exe (ID: 2124 |ParentID: 3016)
Stoppé! C:WindowsSystem32rundll32.exe (ID: 768 |ParentID: 756)
Stoppé! C:WindowsSystem32WUDFHost.exe (ID: 5512 |ParentID: 356)
Stoppé! C:Windowssystem32SearchIndexer.exe (ID: 4472 |ParentID: 604)
Stoppé! C:Program FilesWindows Media Playerwmpnetwk.exe (ID: 3216 |ParentID: 604)
Stoppé! C:Windowssystem32wuauclt.exe (ID: 4848 |ParentID: 736)
Stoppé! C:WindowsSystem32spoolsv.exe (ID: 3116 |ParentID: 604)
Stoppé! C:Program Files (x86)Common FilesAppleMobile Device SupportAppleMobileDeviceService.exe (ID: 2960 |ParentID: 604)
Stoppé! C:Windowssystem32spoolDRIVERSx643HP1006MC.EXE (ID: 4548 |ParentID: 756)
Stoppé! C:Windowssystem32SearchProtocolHost.exe (ID: 2628 |ParentID: 4472)
Stoppé! C:Windowssystem32SearchFilterHost.exe (ID: 5864 |ParentID: 4472)
Stoppé! C:Windowssystem32DllHost.exe (ID: 4988 |ParentID: 756)

################## | Regedit Run |

04 – HKLMSOFTWARE | Run : [SuiteTray] – “C:Program Files (x86)EgisTec MyWinLockerSuitex86SuiteTray.exe”
04 – HKLMSOFTWARE | Run : [EgisUpdate] – “C:Program Files (x86)EgisTec IPSEgisUpdate.exe” -d
04 – HKLMSOFTWARE | Run : [EgisTecPMMUpdate] – “C:Program Files (x86)EgisTec IPSPmmUpdate.exe”
04 – HKLMSOFTWARE | Run : [Hotkey Utility] – C:Program Files (x86)AcerHotkey UtilityHotkeyUtility.exe
04 – HKLMSOFTWARE | Run : [StartCCC] – “C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticCLIStart.exe” MSRun
04 – HKLMSOFTWARE | Run : [MDS_Menu] – “C:Program Files (x86)Acer Arcade DeluxeMediaShow EspressoMUITransferMUIStartMenu.exe” “C:Program Files (x86)Acer Arcade DeluxeMediaShow Espresso” UpdateWithCreateOnce “SoftwareCyberLinkMediaShow Espresso5.6”
04 – HKLMSOFTWARE | Run : [ArcadeMovieService] – “C:Program Files (x86)Acer Arcade DeluxeArcade MovieArcadeMovieService.exe”
04 – HKLMSOFTWARE | Run : [ANIWZCS2Service] – C:Program Files (x86)ANIANIWZCS2 ServiceWZCSLDR2.exe
04 – HKLMSOFTWARE | Run : [D-Link D-Link Wireless G DWL-G122_DWA-110] – C:Program Files (x86)D-LinkDWL-G122_DWA-110AirGCFG.exe
04 – HKLMSOFTWARE | Run : [WZCSLDR2] – C:Program Files (x86)D-LinkDWL-G122_DWA-110WZCSLDR2.exe
04 – HKLMSOFTWARE | Run : [avast5] – “C:Program FilesAlwil SoftwareAvast5avastUI.exe” /nogui
04 – HKLMSOFTWARE | Run : [DivX Download Manager] – “C:Program Files (x86)DivXDivX Plus Web PlayerDDmService.exe” start
04 – HKLMSOFTWARE | Run : [NokiaMServer] – C:Program Files (x86)Common FilesNokiaMPlatformNokiaMServer /watchfiles startup
04 – HKLMSOFTWARE | Run : [beid] – “C:Program Files (x86)Belgium Identity Cardbeid35gui.exe” /startup
04 – HKLMSOFTWARE | Run : [Nikon Message Center 2] – C:Program Files (x86)NikonNikon Message Center 2NkMC2.exe -s
04 – HKLMSOFTWARE | Run : [APSDaemon] – “C:Program Files (x86)Common FilesAppleApple Application SupportAPSDaemon.exe”
04 – HKLMSOFTWARE | Run : [Adobe ARM] – “C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe”
04 – HKLMSOFTWARE | Run : [KiesTrayAgent] – C:Program Files (x86)SamsungKiesKiesTrayAgent.exe
04 – HKLMSOFTWARE | Run : [SwitchBoard] – C:Program Files (x86)Common FilesAdobeSwitchBoardSwitchBoard.exe
04 – HKLMSOFTWARE | Run : [AdobeCS5.5ServiceManager] – “C:Program Files (x86)Common FilesAdobeCS5.5ServiceManagerCS5.5ServiceManager.exe” -launchedbylogin
04 – HKLMSOFTWARE | Run : [QuickTime Task] – “C:Program Files (x86)QuickTimeQTTask.exe” -atboottime
04 – HKLMSOFTWARE | Run : [iTunesHelper] – “C:Program Files (x86)iTunesiTunesHelper.exe”
04 – HKLMSOFTWARE | Run : [SunJavaUpdateSched] – “C:Program Files (x86)Common FilesJavaJava Updatejusched.exe”
04 – HKLMSOFTWARE | Run : [AvastUI.exe] – “C:Program FilesAlwil SoftwareAvast5AvastUI.exe” /nogui
04 – HKLMSOFTWAREwow6432Node | Run : [SuiteTray] – “C:Program Files (x86)EgisTec MyWinLockerSuitex86SuiteTray.exe”
04 – HKLMSOFTWAREwow6432Node | Run : [EgisUpdate] – “C:Program Files (x86)EgisTec IPSEgisUpdate.exe” -d
04 – HKLMSOFTWAREwow6432Node | Run : [EgisTecPMMUpdate] – “C:Program Files (x86)EgisTec IPSPmmUpdate.exe”
04 – HKLMSOFTWAREwow6432Node | Run : [Hotkey Utility] – C:Program Files (x86)AcerHotkey UtilityHotkeyUtility.exe
04 – HKLMSOFTWAREwow6432Node | Run : [StartCCC] – “C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticCLIStart.exe” MSRun
04 – HKLMSOFTWAREwow6432Node | Run : [MDS_Menu] – “C:Program Files (x86)Acer Arcade DeluxeMediaShow EspressoMUITransferMUIStartMenu.exe” “C:Program Files (x86)Acer Arcade DeluxeMediaShow Espresso” UpdateWithCreateOnce “SoftwareCyberLinkMediaShow Espresso5.6”
04 – HKLMSOFTWAREwow6432Node | Run : [ArcadeMovieService] – “C:Program Files (x86)Acer Arcade DeluxeArcade MovieArcadeMovieService.exe”
04 – HKLMSOFTWAREwow6432Node | Run : [ANIWZCS2Service] – C:Program Files (x86)ANIANIWZCS2 ServiceWZCSLDR2.exe
04 – HKLMSOFTWAREwow6432Node | Run : [D-Link D-Link Wireless G DWL-G122_DWA-110] – C:Program Files (x86)D-LinkDWL-G122_DWA-110AirGCFG.exe
04 – HKLMSOFTWAREwow6432Node | Run : [WZCSLDR2] – C:Program Files (x86)D-LinkDWL-G122_DWA-110WZCSLDR2.exe
04 – HKLMSOFTWAREwow6432Node | Run : [avast5] – “C:Program FilesAlwil SoftwareAvast5avastUI.exe” /nogui
04 – HKLMSOFTWAREwow6432Node | Run : [DivX Download Manager] – “C:Program Files (x86)DivXDivX Plus Web PlayerDDmService.exe” start
04 – HKLMSOFTWAREwow6432Node | Run : [NokiaMServer] – C:Program Files (x86)Common FilesNokiaMPlatformNokiaMServer /watchfiles startup
04 – HKLMSOFTWAREwow6432Node | Run : [beid] – “C:Program Files (x86)Belgium Identity Cardbeid35gui.exe” /startup
04 – HKLMSOFTWAREwow6432Node | Run : [Nikon Message Center 2] – C:Program Files (x86)NikonNikon Message Center 2NkMC2.exe -s
04 – HKLMSOFTWAREwow6432Node | Run : [APSDaemon] – “C:Program Files (x86)Common FilesAppleApple Application SupportAPSDaemon.exe”
04 – HKLMSOFTWAREwow6432Node | Run : [Adobe ARM] – “C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe”
04 – HKLMSOFTWAREwow6432Node | Run : [KiesTrayAgent] – C:Program Files (x86)SamsungKiesKiesTrayAgent.exe
04 – HKLMSOFTWAREwow6432Node | Run : [SwitchBoard] – C:Program Files (x86)Common FilesAdobeSwitchBoardSwitchBoard.exe
04 – HKLMSOFTWAREwow6432Node | Run : [AdobeCS5.5ServiceManager] – “C:Program Files (x86)Common FilesAdobeCS5.5ServiceManagerCS5.5ServiceManager.exe” -launchedbylogin
04 – HKLMSOFTWAREwow6432Node | Run : [QuickTime Task] – “C:Program Files (x86)QuickTimeQTTask.exe” -atboottime
04 – HKLMSOFTWAREwow6432Node | Run : [iTunesHelper] – “C:Program Files (x86)iTunesiTunesHelper.exe”
04 – HKLMSOFTWAREwow6432Node | Run : [SunJavaUpdateSched] – “C:Program Files (x86)Common FilesJavaJava Updatejusched.exe”
04 – HKLMSOFTWAREwow6432Node | Run : [AvastUI.exe] – “C:Program FilesAlwil SoftwareAvast5AvastUI.exe” /nogui
04 – HKLMSOFTWARE | RunOnce : [aswAhAScr.dll] – “C:Program FilesAlwil SoftwareAvast5aswRegSvr.exe” “C:Program FilesAlwil SoftwareAvast5AhAScr.dll”
04 – HKLMSOFTWARE | RunOnce : [aswasOutExt.dll] – “C:Program FilesAlwil SoftwareAvast5aswRegSvr.exe” “C:Program FilesAlwil SoftwareAvast5asOutExt.dll”
04 – HKLMSOFTWARE | RunOnce : [aswasOutExt64.dll] – “C:Program FilesAlwil SoftwareAvast5aswRegSvr64.exe” “C:Program FilesAlwil SoftwareAvast5asOutExt64.dll”
04 – HKLMSOFTWAREwow6432Node | RunOnce : [aswAhAScr.dll] – “C:Program FilesAlwil SoftwareAvast5aswRegSvr.exe” “C:Program FilesAlwil SoftwareAvast5AhAScr.dll”
04 – HKLMSOFTWAREwow6432Node | RunOnce : [aswasOutExt.dll] – “C:Program FilesAlwil SoftwareAvast5aswRegSvr.exe” “C:Program FilesAlwil SoftwareAvast5asOutExt.dll”
04 – HKLMSOFTWAREwow6432Node | RunOnce : [aswasOutExt64.dll] – “C:Program FilesAlwil SoftwareAvast5aswRegSvr64.exe” “C:Program FilesAlwil SoftwareAvast5asOutExt64.dll”
04 – HKUS-1-5-19SOFTWARE | Run : [Sidebar] – %ProgramFiles%Windows SidebarSidebar.exe /autoRun
04 – HKUS-1-5-20SOFTWARE | Run : [Sidebar] – %ProgramFiles%Windows SidebarSidebar.exe /autoRun
04 – HKUS-1-5-21-2410170964-28622760-4243927499-1000SOFTWARE | Run : [Sidebar] – C:Program FilesWindows Sidebarsidebar.exe /autoRun
04 – HKUS-1-5-21-2410170964-28622760-4243927499-1000SOFTWARE | Run : [] –
04 – HKUS-1-5-21-2410170964-28622760-4243927499-1000SOFTWARE | Run : [6523C50143549A54528E11B50D9843DEF8ACBEE2._service_run] – “C:Program Files (x86)GoogleChromeApplicationchrome.exe” –type=service
04 – HKUS-1-5-21-2410170964-28622760-4243927499-1000SOFTWARE | Run : [Facebook Update] – “C:UsersJohannaAppDataLocalFacebookUpdateFacebookUpdate.exe” /c /nocrashserver
04 – HKUS-1-5-21-2410170964-28622760-4243927499-1000SOFTWARE | Run : [KiesPreload] – C:Program Files (x86)SamsungKiesKies.exe /preload
04 – HKUS-1-5-21-2410170964-28622760-4243927499-1000SOFTWARE | Run : [KiesAirMessage] – C:Program Files (x86)SamsungKiesKiesAirMessage.exe -startup
04 – HKUS-1-5-21-2410170964-28622760-4243927499-1000SOFTWARE | Run : [KiesPDLR] – C:Program Files (x86)SamsungKiesExternalFirmwareUpdateKiesPDLR.exe
04 – HKUS-1-5-21-2410170964-28622760-4243927499-1000SOFTWARE | Run : [AlcoholAutomount] – “C:Program Files (x86)Alcohol SoftAlcohol 120AxAutoMntSrv.exe” -automount
04 – HKUS-1-5-21-2410170964-28622760-4243927499-1000SOFTWARE | Run : [AdobeBridge] –
04 – HKUS-1-5-19SOFTWARE | RunOnce : [mctadmin] – C:WindowsSystem32mctadmin.exe
04 – HKUS-1-5-20SOFTWARE | RunOnce : [mctadmin] – C:WindowsSystem32mctadmin.exe
04 – HKUS-1-5-18SOFTWARE | RunOnce : [SPReview] – “C:WindowsSystem32SPReviewSPReview.exe” /sp:1 /errorfwlink:”http://go.microsoft.com/fwlink/?LinkID=122915″ /build:7601

################## | Recherche générique |

(!) Fichiers temporaires supprimés.

################## | Registre |

################## | Listing |

[10/12/2013 – 15:59:38 | N | 15 Ko] – C:UsbFix [Scan 1] BOLDERIZ.txt
[10/12/2013 – 16:13:33 | N | 15 Ko] – C:UsbFix [Scan 2] BOLDERIZ.txt
[10/12/2013 – 21:24:54 | N | 18 Ko] – C:UsbFix [Scan 3] BOLDERIZ.txt
[12/12/2013 – 14:51:17 | N | 19 Ko] – C:UsbFix [Clean 2] BOLDERIZ.txt
[12/12/2013 – 14:52:53 | A | 12 Ko] – C:UsbFix [Clean 3] BOLDERIZ.txt
[12/12/2013 – 09:51:41 | ASH | 3089748 Ko] – C:hiberfil.sys
[12/12/2013 – 09:51:45 | ASH | 4119664 Ko] – C:pagefile.sys
[04/12/2013 – 16:37:02 | D] – C:Config.Msi
[23/04/2010 – 19:59:03 | N | 3 Ko] – C:ENZ1LP31.MD5
[23/04/2010 – 22:09:02 | N | 3 Ko] – C:FRZ1LP31.MD5
[27/04/2010 – 18:24:27 | N | 3 Ko] – C:NLZ1LP31.MD5
[11/10/2007 – 00:59:45 | N | 2 Ko] – C:RHDSetup.log
[17/12/2010 – 09:07:18 | N | 19 Ko] – C:P1005.log
[23/04/2010 – 22:05:10 | N | 0 Ko] – C:LPCD.DAT
[14/12/2010 – 22:13:59 | SHD] – C:$RECYCLE.BIN
[10/05/2010 – 13:38:49 | N | 8 Ko] – C:BOOTSECT.BAK
[14/07/2009 – 04:20:08 | D] – C:PerfLogs
[14/07/2009 – 06:08:56 | SHD] – C:Documents and Settings
[10/05/2010 – 12:53:12 | D] – C:Intel
[14/12/2010 – 22:08:35 | SHD] – C:Recovery
[14/12/2010 – 22:23:18 | D] – C:book
[14/12/2010 – 22:23:23 | D] – C:OEM
[22/12/2010 – 23:45:22 | RHD] – C:MSOCache
[13/07/2011 – 00:08:40 | D] – C:drivers
[07/07/2012 – 15:00:59 | D] – C:Users
[10/07/2012 – 01:53:44 | D] – C:Temp
[16/10/2013 – 17:47:56 | D] – C:Program Files
[04/12/2013 – 16:32:40 | D] – C:Program Files (x86)
[12/12/2013 – 12:00:34 | HD] – C:ProgramData
[12/12/2013 – 12:01:29 | SHD] – C:System Volume Information
[12/12/2013 – 12:03:32 | D] – C:Windows
[12/12/2013 – 14:52:35 | D] – C:UsbFix
[12/04/2013 – 14:21:47 | N | 666433 Ko] – D:Gobliiins Trilogy.zip
[20/07/2012 – 12:45:21 | D] – D:Day.of.the.Tentacle-SECiSO
[04/10/2012 – 15:18:06 | N | 2406314 Ko] – D:Adobe CS5.1.rar
[11/09/2012 – 17:48:25 | N | 53325 Ko] – D:Anesthesie Generale Dalens (french).pdf
[10/12/2013 – 21:24:54 | RASHD] – D:Autorun.inf
[15/10/2012 – 21:36:44 | SHD] – D:$RECYCLE.BIN
[24/10/2013 – 19:55:02 | N | 717794 Ko] – D:Shrek 3.avi
[17/07/2012 – 13:37:48 | D] – D:Alcohol 120 v2.0.0.1331+Patch(Works with w7) [ kk ]
[04/10/2012 – 20:12:27 | D] – D:Adobe CS5.1
[11/08/2013 – 11:37:48 | D] – D:Adobe Photoshop Lightroom v5.0 x64 – Multilingual Incl Keymaker-CORE
[11/10/2007 – 00:55:58 | SHD] – D:System Volume Information
[12/03/2012 – 12:38:37 | D] – D:Cabaret et biocel
[10/07/2012 – 02:05:25 | D] – D:GSM
[17/07/2012 – 12:56:39 | D] – D:Might and Magic VI – The Mandate of Heaven (Full) [r4ZZ0r]
[19/07/2012 – 14:16:37 | D] – D:Nintendo NES with 1090 Games plus EMULATOR H33T 1981CamaroZ28
[05/09/2012 – 19:51:54 | D] – D:1Q84 up by Storming
[05/09/2012 – 19:51:55 | D] – D:1Q84 Livre 3 Murakami_storming
[17/09/2012 – 00:07:39 | D] – D:Amélie Nothomb – Barbe Bleue (2012)
[15/10/2012 – 21:45:14 | D] – D:Series vrac
[04/03/2013 – 16:58:03 | D] – D:Photos à imprimer
[25/06/2013 – 10:22:19 | D] – D:Little Britain
[22/08/2013 – 23:11:49 | D] – D:Walk On The Wild Side – The Best Of Lou Reed
[25/08/2013 – 10:31:11 | D] – D:Musique
[03/10/2013 – 18:10:37 | D] – D:Cours
[24/10/2013 – 19:22:48 | D] – D:Shrek 2 French Dvd Rip DivX By ZZ
[07/11/2013 – 20:59:52 | D] – D:FILMS
[19/11/2013 – 15:53:45 | D] – D:Photos

################## | Vaccin |

D:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)

################## | E.O.F | http://www.usbfix.net” onclick=”window.open(this.href);return false; – https://www.sosvirus.net” onclick=”window.open(this.href);return false; |