germaine
Participant
Nombre d'articles : 19

Salut !
Merci de prendre le relai, Usbfix a fonctionné cette fois ^^

Voici le rapport :

############################## | UsbFix V 7.158 | [Suppression]

Utilisateur: Le Gallic (Administrateur) # LEGALLIC-PC
Mis à jour le 02/01/2014 par El Desaparecido – Team SosVirus
Lancé à 23:01:45 | 02/01/2014

Site Web : http://www.usbfix.net » onclick= »window.open(this.href);return false;
Changelog : http://www.usbfix.net/maj/ » onclick= »window.open(this.href);return false;
Support : http://www.sosvirus.net/ » onclick= »window.open(this.href);return false;
Upload Malware : upload_malware.php
Contact : http://www.usbfix.net/contact/ » onclick= »window.open(this.href);return false;

PC: Packard Bell (Veriton M275 )
CPU: Pentium(R) Dual-Core CPU E5500 @ 2.80GHz
RAM -> [Total : 4095 Mo| Free : 2675 Mo]
Bios: American Megatrends Inc.
Boot: Normal boot

OS: Microsoft Windows 7 Édition Familiale Premium (6.1.7601 64-Bit) Service Pack 1
WB: Windows Internet Explorer : 11.0.9600.16476
WB: Google Chrome : 31.0.1650.63
WB: Mozilla Firefox : 1.9.2.17

SC: Security Center Service [Enabled]
WU: Windows Update Service [Enabled]
AV: Norton Internet Security [Enabled | Updated]
AS: Windows Defender : 6.1.7600.16385 (win7_rtm.090713-1255)
AS: Malwarebytes’ Anti-Malware : 1.75.0001
FW: Windows FireWall Service [Enabled]

C: (%systemdrive%) -> Disque fixe # 287 Go (177 Go libre(s) – 62%) [Packard Bell] # NTFS
D: -> Disque fixe # 288 Go (278 Go libre(s) – 97%) [DATA] # NTFS
E: -> CD-ROM

################## | Processus Stoppés |

Stoppé! C:Windowssystem32nvvsvc.exe (ID: 856 |ParentID: 656)
Stoppé! C:Program Files (x86)NVIDIA Corporation3D VisionnvSCPAPISvr.exe (ID: 880 |ParentID: 656)
Stoppé! C:Program FilesAlwil SoftwareAvast5AvastSvc.exe (ID: 1220 |ParentID: 656)
Stoppé! C:Program FilesNVIDIA CorporationDisplaynvxdsync.exe (ID: 1344 |ParentID: 856)
Stoppé! C:Windowssystem32nvvsvc.exe (ID: 1352 |ParentID: 856)
Stoppé! C:Windowssystem32taskhost.exe (ID: 1632 |ParentID: 656)
Stoppé! C:WindowsSystem32spoolsv.exe (ID: 1704 |ParentID: 656)
Stoppé! C:Program Files (x86)Common FilesAdobeARM1.0armsvc.exe (ID: 1904 |ParentID: 656)
Stoppé! C:Program Files (x86)Common FilesAppleMobile Device SupportAppleMobileDeviceService.exe (ID: 1928 |ParentID: 656)
Stoppé! C:Program FilesBonjourmDNSResponder.exe (ID: 1864 |ParentID: 656)
Stoppé! C:Program Files (x86)Packard BellRegistrationGregHSRW.exe (ID: 1532 |ParentID: 656)
Stoppé! C:Windowssystem32lxdncoms.exe (ID: 1396 |ParentID: 656)
Stoppé! C:Program Files (x86)Norton Internet SecurityEngine17.1.0.19ccSvcHst.exe (ID: 2084 |ParentID: 656)
Stoppé! C:Program FilesRealtekAudioHDARAVCpl64.exe (ID: 2380 |ParentID: 1716)
Stoppé! C:Program FilesPackard BellPackard Bell UpdaterUpdaterService.exe (ID: 2396 |ParentID: 656)
Stoppé! C:Program Files (x86)Lexmark 2600 Serieslxdnmon.exe (ID: 2508 |ParentID: 1716)
Stoppé! C:Program FilesZuneZuneLauncher.exe (ID: 2768 |ParentID: 1716)
Stoppé! C:Program Files (x86)GoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe (ID: 2804 |ParentID: 1716)
Stoppé! C:Program FilesNVIDIA CorporationDisplaynvtray.exe (ID: 2820 |ParentID: 1344)
Stoppé! C:Program Files (x86)Lexmark 2600 SerieslxdnMsdMon.exe (ID: 2980 |ParentID: 2656)
Stoppé! C:Program Files (x86)NortonInstaller{0C55C096-0F1D-4F28-AAA2-85EF591126E7}NISA5E82D0217.1.0.19InstStub.exe (ID: 2868 |ParentID: 2084)
Stoppé! C:Program Files (x86)SkypePhoneSkype.exe (ID: 2576 |ParentID: 1716)
Stoppé! C:Program Files (x86)Packard BellHotkey UtilityHotkeyUtility.exe (ID: 3424 |ParentID: 2536)
Stoppé! C:Windowssystem32SearchIndexer.exe (ID: 3700 |ParentID: 656)
Stoppé! C:Program Files (x86)Packard BellHotkey UtilityHotkeyUI.exe (ID: 3712 |ParentID: 3424)
Stoppé! C:UsersLe GallicAppDataRoamingDropboxbinDropbox.exe (ID: 3720 |ParentID: 1716)
Stoppé! C:Program Files (x86)Microsoft OfficeOffice12ONENOTEM.EXE (ID: 3736 |ParentID: 1716)
Stoppé! C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe (ID: 3816 |ParentID: 2536)
Stoppé! C:Program FilesAlwil SoftwareAvast5AvastUI.exe (ID: 3824 |ParentID: 2536)
Stoppé! C:WindowsSystem32WUDFHost.exe (ID: 3436 |ParentID: 372)
Stoppé! C:Program FilesWindows Media Playerwmpnetwk.exe (ID: 3560 |ParentID: 656)
Stoppé! C:Program FilesInternet ExplorerIEXPLORE.EXE (ID: 5368 |ParentID: 3060)
Stoppé! C:Program Files (x86)Internet ExplorerIEXPLORE.EXE (ID: 5008 |ParentID: 5368)
Stoppé! C:Program Files (x86)GoogleGoogle ToolbarGoogleToolbarUser_32.exe (ID: 3452 |ParentID: 5008)
Stoppé! C:Windowssystem32SearchProtocolHost.exe (ID: 5760 |ParentID: 3700)
Stoppé! C:Windowssystem32SearchFilterHost.exe (ID: 5308 |ParentID: 3700)
Stoppé! C:Windowssystem32SearchProtocolHost.exe (ID: 344 |ParentID: 3700)

################## | Regedit Run |

04 – HKLM..Run : [Hotkey Utility] C:Program Files (x86)Packard BellHotkey UtilityHotkeyUtility.exe
04 – HKLM..Run : [NortonOnlineBackupReminder] « C:Program Files (x86)SymantecNorton Online BackupActivationNobuActivation.exe » UNATTENDED
04 – HKLM..Run : [FaxCenterServer] « C:Program Files (x86)Lexmark Fax Solutionsfm3032.exe » /s
04 – HKLM..Run : [APSDaemon] « C:Program Files (x86)Common FilesAppleApple Application SupportAPSDaemon.exe »
04 – HKLM..Run : [Adobe ARM] « C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe »
04 – HKLM..Run : [AvastUI.exe] « C:Program FilesAlwil SoftwareAvast5AvastUI.exe » /nogui
04 – HKLM..RunOnce : []
04 – HKLM64..Run : [RtHDVCpl] C:Program FilesRealtekAudioHDARAVCpl64.exe -s
04 – HKLM64..Run : [lxdnmon.exe] « C:Program Files (x86)Lexmark 2600 Serieslxdnmon.exe »
04 – HKLM64..Run : [lxdnamon] « C:Program Files (x86)Lexmark 2600 Serieslxdnamon.exe »
04 – HKLM64..Run : [Zune Launcher] « C:Program FilesZuneZuneLauncher.exe »
04 – HKUS-1-5-19..Run : [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /autoRun
04 – HKUS-1-5-20..Run : [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /autoRun
04 – HKUS-1-5-21-2285838017-2543188443-3326599240-1000..Run : [swg] « C:Program Files (x86)GoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe »
04 – HKUS-1-5-21-2285838017-2543188443-3326599240-1000..Run : [msnmsgr] « C:Program Files (x86)Windows LiveMessengermsnmsgr.exe » /background
04 – HKUS-1-5-21-2285838017-2543188443-3326599240-1000..Run : [Pando Media Booster] C:Program Files (x86)Pando NetworksMedia BoosterPMB.exe
04 – HKUS-1-5-21-2285838017-2543188443-3326599240-1000..Run : [Skype] « C:Program Files (x86)SkypePhoneSkype.exe » /minimized /regrun
04 – HKUS-1-5-19..RunOnce : [mctadmin] C:WindowsSystem32mctadmin.exe
04 – HKUS-1-5-20..RunOnce : [mctadmin] C:WindowsSystem32mctadmin.exe

################## | Recherche générique |

(!) Fichiers temporaires supprimés.

################## | Registre |

Réparé ! HKLMSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem|EnableLUA -> 1
Réparé ! HKLMSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem|ConsentPromptBehaviorAdmin -> 5

################## | Listing |

[27/12/2013 – 10:17:11 | SHD] – C:$Recycle.Bin
[26/12/2013 – 09:40:55 | D] – C:AdwCleaner
[08/05/2010 – 20:52:09 | D] – C:book
[15/03/2010 – 14:29:40 | N | 8 Ko] – C:BOOTSECT.BAK
[26/12/2013 – 21:10:55 | D] – C:Config.Msi
[14/07/2009 – 06:08:56 | SD] – C:Documents and Settings
[02/01/2014 – 20:55:16 | ASH | 3145144 Ko] – C:hiberfil.sys
[15/03/2010 – 13:35:37 | D] – C:Intel
[11/05/2013 – 12:47:42 | N | 0 Ko] – C:lxdnjswx.log
[13/03/2011 – 20:05:20 | N | 1 Ko] – C:lxdnPpxlxdnPpxlxdnPpx.log
[15/03/2010 – 13:51:57 | RHD] – C:MSOCache
[30/08/2010 – 21:34:58 | D] – C:OEM
[02/01/2014 – 20:55:19 | ASH | 4193528 Ko] – C:pagefile.sys
[14/07/2009 – 04:20:08 | D] – C:PerfLogs
[26/12/2013 – 10:00:50 | N | 1 Ko] – C:PhysicalDisk0_MBR.bin
[27/12/2013 – 10:15:52 | D] – C:Pre_Scan
[27/12/2013 – 10:15:41 | N | 16 Ko | 3FAF3F6B48CF2CAA880F06624F28517C] – C:Pre_Scan_27_12_2013_10_15_41.txt
[13/03/2013 – 22:02:55 | D] – C:Program Files
[27/12/2013 – 17:47:40 | D] – C:Program Files (x86)
[27/12/2013 – 10:10:45 | HD] – C:ProgramData
[30/08/2010 – 21:33:51 | SHD] – C:Recovery
[08/05/2010 – 20:48:30 | N | 2 Ko] – C:RHDSetup.log
[13/02/2013 – 19:23:51 | D] – C:Riot Games
[02/01/2014 – 20:55:14 | SHD] – C:System Volume Information
[02/01/2014 – 23:01:47 | D] – C:UsbFix
[02/01/2014 – 23:02:58 | A | 8 Ko | D6FBD19FDC674203AF425EA07DCE2872] – C:UsbFix [Clean 1] LEGALLIC-PC.txt
[26/12/2013 – 09:51:48 | D] – C:Users
[26/12/2013 – 21:10:55 | D] – C:Windows
[30/08/2010 – 21:35:01 | SHD] – D:$RECYCLE.BIN
[19/06/2011 – 21:55:14 | D] – D:6389e6392887ffb99a04408c
[14/09/2010 – 12:41:49 | D] – D:8ce0c6b9a0f687e210a448b100
[17/09/2011 – 19:58:06 | D] – D:af29e9fbd32fb856199022ac81818335
[21/12/2013 – 14:21:10 | RASHD] – D:Autorun.inf
[01/11/2013 – 18:47:56 | D] – D:FFOutput
[22/09/2005 – 23:39:38 | N | 874 Ko | FE5A0B29A5EA757E6891DC7B70E7B112] – D:msdia80.dll
[27/09/2012 – 12:16:01 | D] – D:Program Files (x86)
[02/01/2014 – 20:55:15 | SHD] – D:System Volume Information

################## | Vaccin |

################## | E.O.F | http://www.usbfix.net » onclick= »window.open(this.href);return false; – http://www.sosvirus.net » onclick= »window.open(this.href);return false; |

Ps : merci bcq pour votre aide et bonne année à toute l’équipe !