mamjujumicka
Participant
Nombre d'articles : 17

rapport usbfix

############################## | UsbFix V 7.171 | [Nettoyage]

Utilisateur: maman (Administrateur) # MAMAN-PC
Mis à jour le 18/05/2014 par El Desaparecido – SosVirus
Lancé à 14:20:10 | 24/05/2014

Site Web : http://www.usbfix.net/
Changelog : http://www.usbfix.net/maj/
Assistance : http://www.sosvirus.net/forum-virus-securite.html
Upload Malware : http://www.sosvirus.net/upload_malware.php
Contact : http://www.usbfix.net/contact/

PC: Acer (JE70_CP)
CPU: Intel(R) Core(TM) i5 CPU M 480 @ 2.67GHz
RAM -> [Total : 3956 Mo| Free : 2160 Mo]
Bios: Phoenix Technologies LTD
Boot: Normal boot

OS: Microsoft Windows 7 Édition Familiale Premium (6.1.7601 64-Bit) Service Pack 1
WB: Windows Internet Explorer : 11.0.9600.17107
WB: Google Chrome : 35.0.1916.114
WB: Mozilla Firefox : 29.0.1

SC: Security Center [Enabled]
WU: Windows Update [Enabled]
AV: avast! Antivirus [(!) Disabled | Updated]
AV: Ad-Aware Antivirus [(!) Disabled | (!) Outdated]
AS: Ad-Aware Antivirus [(!) Disabled | (!) Outdated]
AS: avast! Antivirus [(!) Disabled | Updated]
AS: Windows Defender [Enabled | Updated]
FW: Ad-Aware Firewall [(!) Disabled]
FW: Windows FireWall [(!) Disabled]

C: (%SystemDrive%) -> Disque fixe # 583 Go (527 Go libre(s) – 90%) [ACER] # NTFS
D: -> CD-ROM

################## | Processus Stoppés |

C:WindowsSystem32atiesrxx.exe (ID: 1020|ParentID: 684)
C:WindowsSystem32atieclxx.exe (ID: 1208|ParentID: 1020)
C:WindowsSystem32spoolsv.exe (ID: 1584|ParentID: 684|Système)
C:Program Files (x86)Common FilesAdobeARM1.0armsvc.exe (ID: 1712|ParentID: 684|Système)
C:Program Files (x86)SkypeToolbarsAutoUpdateSkypeC2CAutoUpdateSvc.exe (ID: 1748|ParentID: 684|Système)
C:Program Files (x86)SkypeToolbarsPNRSvcSkypeC2CPNRSvc.exe (ID: 1776|ParentID: 684|SERVICE RÉSEAU)
C:Program Files (x86)Launch Managerdsiwmis.exe (ID: 1828|ParentID: 684|Système)
C:Program FilesAcerAcer ePower ManagementePowerSvc.exe (ID: 1884|ParentID: 684|Système)
C:Program Files (x86)AcerRegistrationGREGsvc.exe (ID: 1940|ParentID: 684|Système)
C:Program FilesLavasoftAd-Aware AntivirusAd-Aware Antivirus11.1.5354.0AdAwareService.exe (ID: 1976|ParentID: 684|Système)
C:Program Files (x86)IntelIntel(R) Management Engine ComponentsLMSLMS.exe (ID: 2004|ParentID: 684|Système)
C:Program Files (x86)Malwarebytes Anti-Malwarembamscheduler.exe (ID: 2028|ParentID: 684|Système)
C:Program Files (x86)NewTech InfosystemsAcer Backup ManagerIScheduleSvc.exe (ID: 2164|ParentID: 684|Système)
C:Program Files (x86)NewTech InfosystemsNTI Backup Now 5SchedulerSvc.exe (ID: 2232|ParentID: 684|Système)
C:Program Files (x86)Microsoft Application Virtualization Clientsftvsa.exe (ID: 2544|ParentID: 684|Système)
C:Program FilesAcerAcer UpdaterUpdaterService.exe (ID: 2636|ParentID: 684|Système)
C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSVC.EXE (ID: 2704|ParentID: 684|Système)
C:Program Files (x86)Microsoft Application Virtualization Clientsftlist.exe (ID: 2740|ParentID: 684|Système)
C:Program Files (x86)Common Filesmicrosoft sharedVirtualization HandlerCVHSVC.EXE (ID: 3372|ParentID: 684|Système)
C:WindowsSystem32taskhost.exe (ID: 3392|ParentID: 684|maman)
C:Program Files (x86)Malwarebytes Anti-Malwarembam.exe (ID: 3604|ParentID: 2124|maman)
C:Windowsexplorer.exe (ID: 3720|ParentID: 3576|maman)
C:Program FilesApoint2KApoint.exe (ID: 4264|ParentID: 3720|maman)
C:WindowsSystem32taskeng.exe (ID: 4364|ParentID: 976|Système)
C:Program FilesAcerAcer ePower ManagementePowerTray.exe (ID: 4496|ParentID: 3720|maman)
C:Program FilesRealtekAudioHDARAVCpl64.exe (ID: 4676|ParentID: 3720|maman)
C:Program FilesLavasoftAd-Aware AntivirusAd-Aware Antivirus11.1.5354.0AdAwareTray.exe (ID: 4956|ParentID: 3720|maman)
C:Program FilesHPHP Officejet Pro 8600BinScanToPCActivationApp.exe (ID: 4416|ParentID: 3720|maman)
C:WindowsSystem32SearchIndexer.exe (ID: 4228|ParentID: 684|Système)
C:Program Files (x86)EgisTec IPSPmmUpdate.exe (ID: 4116|ParentID: 4488|maman)
C:WindowsSystem32wbemunsecapp.exe (ID: 4608|ParentID: 864|maman)
C:Program Files (x86)HPHP Software Updatehpwuschd2.exe (ID: 4652|ParentID: 4488|maman)
C:Program FilesAcerAcer ePower ManagementePowerEvent.exe (ID: 4108|ParentID: 1884|Système)
C:Program Files (x86)EgisTec IPSEgisUpdate.exe (ID: 5952|ParentID: 3056|maman)
C:Program FilesWindows Media Playerwmpnetwk.exe (ID: 5768|ParentID: 684|SERVICE RÉSEAU)
C:Program FilesApoint2KApMsgFwd.exe (ID: 5392|ParentID: 4264|maman)
C:Program FilesApoint2KApntEx.exe (ID: 4308|ParentID: 4972|maman)
C:Program FilesApoint2KHidfind.exe (ID: 5976|ParentID: 4264|maman)
C:Program Files (x86)Glary Utilities 4Integrator.exe (ID: 5364|ParentID: 4180|maman)
C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID: 1188|ParentID: 3720|maman)
C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID: 4992|ParentID: 1188|maman)
C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID: 2788|ParentID: 1188|maman)
C:WindowsMicrosoft.NETFramework64v4.0.30319mscorsvw.exe (ID: 4600|ParentID: 684|Système)
C:Program Files (x86)IntelIntel(R) Management Engine ComponentsUNSUNS.exe (ID: 4568|ParentID: 684|Système)
C:WindowsservicingTrustedInstaller.exe (ID: 5540|ParentID: 684|Système)
C:WindowsSystem32WUDFHost.exe (ID: 5992|ParentID: 560|SERVICE LOCAL)
C:Program FilesHPHP Officejet Pro 8600BinHPNetworkCommunicator.exe (ID: 5472|ParentID: 4416|maman)

################## | Autorun |

################## | Recherche générique |

(!) Fichiers temporaires supprimés.

################## | Registre |

Supprimé! HKUS-1-5-21-456280047-2976684940-1802507011-1000Software….Mountpoints2{3bb2bce3-b339-11e3-be63-e89deee09a24}
Supprimé! HKUS-1-5-21-456280047-2976684940-1802507011-1000Software….Mountpoints2{47394e18-8c3f-11e3-afc3-9ef374b0c53f}

################## | Regedit Run |

F2 – HKLM..Winlogon : [Shell] explorer.exe
F2 – [x64] HKLM..Winlogon : [Shell] explorer.exe
F2 – HKLM..Winlogon : [Userinit] userinit.exe,
F2 – [x64] HKLM..Winlogon : [Userinit] C:Windowssystem32userinit.exe,
04 – HKCU..Run : [HP Officejet Pro 8600 (NET)] « C:Program FilesHPHP Officejet Pro 8600BinScanToPCActivationApp.exe » -deviceID « CN2A9BVJ8X05KC:NW » -scfn « HP Officejet Pro 8600 (NET) » -AutoStart 1
04 – HKLM..Run : [SuiteTray] « C:Program Files (x86)EgisTec MyWinLockerSuitex86SuiteTray.exe »
04 – HKLM..Run : [EgisUpdate] « C:Program Files (x86)EgisTec IPSEgisUpdate.exe » -d
04 – HKLM..Run : [EgisTecPMMUpdate] « C:Program Files (x86)EgisTec IPSPmmUpdate.exe »
04 – HKLM..Run : [StartCCC] « C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticCLIStart.exe » MSRun
04 – HKLM..Run : [avast] « C:Program FilesAVAST SoftwareAvastavastUI.exe » /nogui
04 – HKLM..Run : [HP Software Update] C:Program Files (x86)HpHP Software UpdateHPWuSchd2.exe
04 – HKLM..Run : [Adobe ARM] « C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe »
04 – [x64] HKLM..Run : [Apoint] C:Program FilesApoint2KApoint.exe
04 – [x64] HKLM..Run : [Acer ePower Management] C:Program FilesAcerAcer ePower ManagementePowerTray.exe
04 – [x64] HKLM..Run : [RtHDVCpl] C:Program FilesRealtekAudioHDARAVCpl64.exe -s
04 – [x64] HKLM..Run : [AdAwareTray] « C:Program FilesLavasoftAd-Aware AntivirusAd-Aware Antivirus11.1.5354.0AdAwareTray.exe »
04 – HKUS-1-5-19..Run : [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /autoRun
04 – HKUS-1-5-20..Run : [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /autoRun
04 – HKUS-1-5-21-456280047-2976684940-1802507011-1000..Run : [HP Officejet Pro 8600 (NET)] « C:Program FilesHPHP Officejet Pro 8600BinScanToPCActivationApp.exe » -deviceID « CN2A9BVJ8X05KC:NW » -scfn « HP Officejet Pro 8600 (NET) » -AutoStart 1
04 – HKUS-1-5-19..RunOnce : [mctadmin] C:WindowsSystem32mctadmin.exe
04 – HKUS-1-5-20..RunOnce : [mctadmin] C:WindowsSystem32mctadmin.exe
04 – HKUS-1-5-18..RunOnce : [SPReview] « C:WindowsSystem32SPReviewSPReview.exe » /sp:1 /errorfwlink: »http://go.microsoft.com/fwlink/?LinkID=122915″ /build:7601

################## | C: %SystemDrive% – Disque Fixe (NTFS) |

[21/05/2014 – 19:18:50 | N | 56 Ko] – C:Shortcut_Module_21_05_2014_19_18_50.txt
[24/05/2014 – 14:11:10 | ASH | 4051452 Ko] – C:pagefile.sys
[24/05/2014 – 14:11:10 | ASH | 3038588 Ko] – C:hiberfil.sys
[26/10/2010 – 12:33:30 | N | 2 Ko] – C:Patch.rev
[17/09/2013 – 13:01:42 | N | 0 Ko] – C:Preload.rev
[24/05/2014 – 14:11:09 | D] – C:Config.Msi
[17/09/2013 – 12:33:42 | N | 2 Ko] – C:RHDSetup.log
[14/04/2014 – 13:47:13 | N | 0 Ko] – C:AVScanner.ini
[16/01/2014 – 02:42:40 | N | 594 Ko | VirusTotal – (0/51)] – C:SecurityScanner.dll
[17/09/2013 – 13:02:23 | SHD] – C:$Recycle.Bin
[24/05/2014 – 11:33:13 | N | 1 Ko] – C:PhysicalDisk0_MBR.bin
[27/07/2009 – 22:40:53 | RASH | 8 Ko] – C:BOOTSECT.BAK
[14/07/2009 – 03:38:58 | RASH | 375 Ko] – C:bootmgr
[14/07/2009 – 05:20:08 | D] – C:PerfLogs
[14/07/2009 – 07:08:56 | SHD] – C:Documents and Settings
[16/09/2010 – 02:40:06 | D] – C:Intel
[17/09/2013 – 12:38:35 | D] – C:BOOK
[17/09/2013 – 13:01:21 | SHD] – C:Recovery
[17/09/2013 – 13:01:56 | D] – C:oem
[17/09/2013 – 13:03:35 | DC] – C:elements
[02/05/2014 – 15:08:58 | D] – C:Users
[21/05/2014 – 15:31:58 | RHD] – C:MSOCache
[21/05/2014 – 20:06:23 | HD] – C:ProgramData
[22/05/2014 – 06:02:51 | D] – C:Shortcut_Module
[22/05/2014 – 06:02:52 | D] – C:Program Files
[22/05/2014 – 06:03:03 | D] – C:Windows
[24/05/2014 – 11:27:05 | SHD] – C:System Volume Information
[24/05/2014 – 14:10:10 | D] – C:Program Files (x86)
[24/05/2014 – 14:10:15 | D] – C:AdwCleaner
[24/05/2014 – 14:19:08 | D] – C:UsbFix

################## | Vaccin |

################## | E.O.F | http://www.sosvirus.net/ | http://www.usbfix.net/ |