Répondre à : Infection USB 2016-09-08T13:37:42+00:00
Laurianne
Participant
Nombre d'articles : 5
Spoiler for 31sarxs7

############################## | UsbFix V 7.169 | [Recherche]

Utilisateur: Laurianne.REMY (Administrateur) # MINILAURIANNE
Mis à jour le 31/03/2014 par El Desaparecido – Team SosVirus
Lancé à 19:17:03 | 29/04/2014

Site Web : http://www.usbfix.net/” onclick=”window.open(this.href);return false;
Changelog : http://www.usbfix.net/maj/” onclick=”window.open(this.href);return false;
Support : forum-virus-securite.html
Upload Malware : upload_malware.php
Contact : http://www.usbfix.net/contact/” onclick=”window.open(this.href);return false;

PC: ASUSTeK COMPUTER INC. (X200CA)
CPU: Intel(R) Celeron(R) CPU 1007U @ 1.50GHz
RAM -> [Total : 3982 Mo| Free : 2777 Mo]
Bios: American Megatrends Inc.
Boot: Normal boot

OS: Microsoft Windows 8.1 (6.3.9600 64-Bit)
WB: Windows Internet Explorer : 11.0.9600.17031
WB: Google Chrome : 34.0.1847.116

SC: Security Center [Enabled]
WU: Windows Update [Enabled]
AV: Windows Defender [Enabled | Updated]
AS: Windows Defender [Enabled | Updated]
FW: Windows FireWall [Enabled]

C: (%systemdrive%) -> Disque fixe # 186 Go (142 Go libre(s) – 76%) [OS] # NTFS
D: -> Disque fixe # 258 Go (258 Go libre(s) – 100%) [Data] # NTFS
E: -> Disque amovible # 2 Go (2 Go libre(s) – 96%) [SYLVAIN 2] # FAT32
F: -> Disque amovible # 496 Mo (267 Mo libre(s) – 54%) [LAURIANNE] # FAT32
G: -> Disque amovible # 7 Go (4 Go libre(s) – 57%) [] # FAT32
H: -> Disque amovible # 1 Go (1004 Mo libre(s) – 93%) [WIKO] # FAT32

################## | Processus Actif |

C:Windowssystem32wininit.exe (ID: 512 |ParentID: 440)
C:Windowssystem32winlogon.exe (ID: 564 |ParentID: 504)
C:Windowssystem32lsass.exe (ID: 616 |ParentID: 512)
C:Windowssystem32svchost.exe (ID: 676 |ParentID: 608)
C:Windowssystem32svchost.exe (ID: 720 |ParentID: 608)
C:WindowsSystem32svchost.exe (ID: 808 |ParentID: 608)
C:Windowssystem32dwm.exe (ID: 836 |ParentID: 564)
C:Windowssystem32svchost.exe (ID: 864 |ParentID: 608)
C:Windowssystem32svchost.exe (ID: 960 |ParentID: 608)
C:WindowsSystem32svchost.exe (ID: 1004 |ParentID: 608)
C:Windowssystem32svchost.exe (ID: 356 |ParentID: 608)
C:Windowssystem32FBAgent.exe (ID: 1068 |ParentID: 608)
C:WindowsSystem32spoolsv.exe (ID: 1188 |ParentID: 608)
C:Windowssystem32svchost.exe (ID: 1248 |ParentID: 608)
C:Windowssystem32svchost.exe (ID: 1268 |ParentID: 608)
C:Program Files (x86)Common FilesAdobeARM1.0armsvc.exe (ID: 1436 |ParentID: 608)
C:Program FilesMicrosoft Office 15ClientX64OfficeClickToRun.exe (ID: 1468 |ParentID: 608)
C:Windowssystem32dashost.exe (ID: 1544 |ParentID: 1004)
C:Windowssystem32svchost.exe (ID: 1592 |ParentID: 608)
C:Program Files (x86)WajamUpdaterWajamUpdaterV3.exe (ID: 1640 |ParentID: 608)
C:WindowsSystem32svchost.exe (ID: 2544 |ParentID: 608)
C:Windowssystem32svchost.exe (ID: 2692 |ParentID: 608)
C:Windowssystem32taskhostex.exe (ID: 2392 |ParentID: 864)
C:WindowsExplorer.EXE (ID: 2532 |ParentID: 2464)
C:Program Files (x86)GoogleUpdate1.3.23.9GoogleCrashHandler.exe (ID: 3284 |ParentID: 1200)
C:Program FilesWindowsAppsmicrosoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbweLiveComm.exe (ID: 3376 |ParentID: 676)
C:Program Files (x86)GoogleUpdate1.3.23.9GoogleCrashHandler64.exe (ID: 3404 |ParentID: 1200)
C:Program FilesCommon Filesmicrosoft sharedinkTabTip.exe (ID: 3512 |ParentID: 1004)
C:Program Files (x86)Common FilesMicrosoft SharedInkTabTip32.exe (ID: 3552 |ParentID: 3512)
C:Windowssystem32SearchIndexer.exe (ID: 3760 |ParentID: 608)
C:Windowssystem32wbemwmiprvse.exe (ID: 3964 |ParentID: 676)
C:WindowsSystem32skydrive.exe (ID: 828 |ParentID: 676)
C:WindowsSystem32RuntimeBroker.exe (ID: 652 |ParentID: 676)
C:Windowssystem32DllHost.exe (ID: 2264 |ParentID: 676)
C:Program Files (x86)IntelIntel(R) Integrated Clock Controller ServiceICCProxy.exe (ID: 4440 |ParentID: 608)
C:Program Files (x86)CyberLinkPower2GoCLMLSvc.exe (ID: 4516 |ParentID: 4432)
C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe (ID: 4636 |ParentID: 4432)
C:Program Files (x86)MicrosoftBingDesktopBingDesktop.exe (ID: 4756 |ParentID: 4432)
C:WindowsSystem32SettingSyncHost.exe (ID: 944 |ParentID: 676)
C:Program Files (x86)MicrosoftBingDesktopBDExtHost.exe (ID: 2000 |ParentID: 676)
C:Program Files (x86)MicrosoftBingDesktopBDAppHost.exe (ID: 4028 |ParentID: 676)
C:Program Files (x86)MicrosoftBingDesktopBDRuntimeHost.exe (ID: 228 |ParentID: 676)
C:Program Files (x86)ASUSATK PackageATK HotkeyASLDRSrv.exe (ID: 4328 |ParentID: 608)
C:Program Files (x86)ASUSATK PackageATK HotkeyHControl.exe (ID: 360 |ParentID: 4328)
C:Program Files (x86)ASUSATK PackageATK HotkeyKBFiltr.exe (ID: 4792 |ParentID: 360)
C:Program Files (x86)ASUSATK PackageATK MediaDMedia.exe (ID: 4240 |ParentID: 5084)
C:Program Files (x86)ASUSATK PackageATKOSD2ATKOSD2.exe (ID: 3056 |ParentID: 1864)
C:Program FilesASUSP4GInsOnSrv.exe (ID: 3628 |ParentID: 608)
C:Program FilesASUSP4GInsOnWMI.exe (ID: 3048 |ParentID: 3628)
C:Program Files (x86)ASUSWebStorage Sync Agent1.1.18.159AsusWSWinService.exe (ID: 4624 |ParentID: 608)
C:Program FilesConexantcAudioFilterAgentcAudioFilterAgent64.exe (ID: 2120 |ParentID: 1068)
C:Program Files (x86)ASUSATK PackageATKGFNEXGFNEXSrv.exe (ID: 4656 |ParentID: 608)
C:WINDOWSsystem32hkcmd.exe (ID: 3612 |ParentID: 1068)
C:Program FilesInteliCLS ClientHeciServer.exe (ID: 5152 |ParentID: 608)
C:WINDOWSsystem32igfxtray.exe (ID: 5188 |ParentID: 1068)
C:Program Files (x86)IntelIntel(R) Management Engine ComponentsFWServiceIntelMeFWService.exe (ID: 5272 |ParentID: 608)
C:Program Files (x86)IntelIntel(R) Management Engine ComponentsDALjhi_service.exe (ID: 5408 |ParentID: 608)
C:Program Files (x86)IntelIntel(R) Management Engine ComponentsLMSLMS.exe (ID: 5440 |ParentID: 608)
C:Program FilesASUSP4GBatteryLife.exe (ID: 5472 |ParentID: 864)
C:Program Files (x86)IntelIntel(R) Management Engine ComponentsUNSUNS.exe (ID: 5700 |ParentID: 608)
C:Program Files (x86)ASUSSplendidACMON.exe (ID: 6140 |ParentID: 864)
C:Program Files (x86)ASUSSplendidColorUService.exe (ID: 704 |ParentID: 864)
C:Program Files (x86)ASUSASUS Smart GestureAsTPCenterx64AsusTPLoader.exe (ID: 1576 |ParentID: 6120)
C:Program Files (x86)ASUSUSBChargerPlusUSBChargerPlus.exe (ID: 3704 |ParentID: 864)
C:Program Files (x86)ASUSASUS Smart GestureQuickGesturex64QuickGesture64.exe (ID: 5184 |ParentID: 1576)
C:Program Files (x86)ASUSASUS Smart GestureQuickGesturex86QuickGesture.exe (ID: 5200 |ParentID: 1576)
C:Program Files (x86)ASUSASUS Smart GestureAsTPCenterx64AsusTPCenter.exe (ID: 5180 |ParentID: 1576)
C:Program FilesConexantSAIISmartAudio.exe (ID: 5396 |ParentID: 5320)
C:Program Files (x86)WildTangent GamesAppGamesAppIntegrationService.exe (ID: 5532 |ParentID: 608)
C:Program Files (x86)ASUSASUS Smart GestureAsTPCenterx64AsusTPHelper.exe (ID: 1280 |ParentID: 5180)
C:Program FilesWindows Media Playerwmpnetwk.exe (ID: 2740 |ParentID: 608)
C:WindowsSystem32WWAHost.exe (ID: 1444 |ParentID: 676)
C:Windowssystem32taskhost.exe (ID: 3192 |ParentID: 864)
C:Windowssystem32SearchProtocolHost.exe (ID: 2076 |ParentID: 3760)
C:Windowssystem32SearchFilterHost.exe (ID: 5828 |ParentID: 3760)
C:WindowsSystem32WUDFHost.exe (ID: 2856 |ParentID: 1004)
C:Windowssystem32wbemwmiprvse.exe (ID: 5496 |ParentID: 676)

################## | Regedit Run |

F2 – HKLM..Winlogon : [Shell] explorer.exe
F2 – [x64] HKLM..Winlogon : [Shell] explorer.exe
F2 – HKLM..Winlogon : [Userinit] userinit.exe
F2 – [x64] HKLM..Winlogon : [Userinit] C:Windowssystem32userinit.exe,
04 – HKCU..Run : [Power2GoExpress]
04 – HKLM..Run : [CLMLServer] “C:Program Files (x86)CyberLinkPower2GoCLMLSvc.exe”
04 – HKLM..Run : [Adobe ARM] “C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe”
04 – HKLM..Run : [BingDesktop] C:Program Files (x86)MicrosoftBingDesktopBingDesktop.exe /fromkey
04 – [x64] HKLM..Run : [Persistence] “C:WINDOWSsystem32igfxpers.exe”
04 – HKUS-1-5-21-2438500433-15155753-1834781870-1001..Run : [Power2GoExpress]

################## | Recherche générique |

Présent! G:Pentatonix – Say Something (A Great Big World _ Christina Aguilera Cover) [pleer.lnk
Présent! G:Pentatonix – Somebody That I Used To Know (Gotye cover) [pleer.lnk
Présent! G:Pentatonix – Thrift Shop (Macklemore & Ryan Lewis cover) [pleer.lnk
Présent! G:Pentatonix – Daft Punk songs Get – Get Lucky – One More Time – Technologic [pleer.lnk
Présent! E:trz427F.tmp
Présent! F:trz3DD5.tmp
Présent! F:trz983A.tmp
Présent! F:trz3F41.tmp
Présent! G:trzB514.tmp

################## | Registre |

################## | E.O.F | http://www.usbfix.net/” onclick=”window.open(this.href);return false; – https://www.sosvirus.net” onclick=”window.open(this.href);return false; |[/spoiler:31sarxs7]