Publicité
Publicité
Format du document : text/plain
Prévisualisation
############################## | UsbFix V 7.169 | [Suppression]
Utilisateur: user (Administrateur) # PC
Mis � jour le 31/03/2014 par El Desaparecido - Team SosVirus
Lanc� � 17:18:11 | 30/04/2014
Site Web : http://www.usbfix.net/
Changelog : http://www.usbfix.net/maj/
Support : http://www.sosvirus.net/forum-virus-securite.html
Upload Malware : http://www.sosvirus.net/upload_malware.php
Contact : http://www.usbfix.net/contact/
PC: Acer (BA51_HC_CR)
CPU: Intel(R) Core(TM) i3-2328M CPU @ 2.20GHz
RAM -> [Total : 5957 Mo| Free : 4420 Mo]
Bios: Insyde Corp.
Boot: Normal boot
OS: Microsoft Windows 8 (6.2.9200 64-Bit)
WB: Windows Internet Explorer : 10.0.9200.16863
WB: Mozilla Firefox : 28.0
SC: Security Center [Enabled]
WU: Windows Update [Enabled]
AV: Windows Defender [(!) Disabled | Updated]
AV: avast! Antivirus [Enabled | Updated]
AS: Windows Defender [(!) Disabled | Updated]
AS: avast! Antivirus [Enabled | Updated]
FW: Windows FireWall [(!) Disabled]
C:\ (%systemdrive%) -> Disque fixe # 339 Go (289 Go libre(s) - 85%) [Acer] # NTFS
D:\ -> Disque fixe # 339 Go (338 Go libre(s) - 100%) [DATA] # NTFS
E:\ -> CD-ROM
F:\ -> Disque amovible # 4 Go (2 Go libre(s) - 63%) [CE2 CM1 CM2] # FAT32
################## | Processus Actif |
C:\Windows\system32\csrss.exe (ID: 580 |ParentID: 572)
C:\Windows\system32\wininit.exe (ID: 692 |ParentID: 572)
C:\Windows\system32\services.exe (ID: 796 |ParentID: 692)
C:\Windows\system32\lsass.exe (ID: 804 |ParentID: 692)
C:\Windows\system32\svchost.exe (ID: 912 |ParentID: 796)
C:\Windows\system32\nvvsvc.exe (ID: 972 |ParentID: 796)
C:\Windows\system32\svchost.exe (ID: 1016 |ParentID: 796)
C:\Windows\System32\svchost.exe (ID: 336 |ParentID: 796)
C:\Windows\system32\svchost.exe (ID: 428 |ParentID: 796)
C:\Windows\system32\svchost.exe (ID: 572 |ParentID: 796)
C:\Windows\System32\svchost.exe (ID: 288 |ParentID: 796)
C:\Windows\system32\svchost.exe (ID: 1348 |ParentID: 796)
C:\Program Files\AVAST Software\Avast\AvastSvc.exe (ID: 1424 |ParentID: 796)
C:\Windows\System32\spoolsv.exe (ID: 1764 |ParentID: 796)
C:\Windows\system32\svchost.exe (ID: 1868 |ParentID: 796)
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (ID: 1888 |ParentID: 796)
C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe (ID: 1776 |ParentID: 796)
C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe (ID: 2028 |ParentID: 796)
C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe (ID: 2008 |ParentID: 796)
C:\Program Files (x86)\Launch Manager\dsiwmis.exe (ID: 2160 |ParentID: 796)
C:\Windows\system32\dashost.exe (ID: 2180 |ParentID: 288)
C:\Program Files\Elantech\ETDService.exe (ID: 2232 |ParentID: 796)
C:\Windows\SysWOW64\svchost.exe (ID: 2268 |ParentID: 796)
C:\Program Files\Intel\iCLS Client\HeciServer.exe (ID: 2324 |ParentID: 796)
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (ID: 2364 |ParentID: 796)
C:\Windows\RfBtnSvc64.exe (ID: 2468 |ParentID: 796)
C:\Windows\system32\svchost.exe (ID: 2712 |ParentID: 796)
C:\Windows\system32\SearchIndexer.exe (ID: 1120 |ParentID: 796)
C:\Windows\system32\wbem\unsecapp.exe (ID: 3420 |ParentID: 912)
C:\Windows\system32\wbem\wmiprvse.exe (ID: 3452 |ParentID: 912)
C:\Windows\system32\svchost.exe (ID: 3596 |ParentID: 796)
C:\Windows\system32\wbem\wmiprvse.exe (ID: 3964 |ParentID: 912)
C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe (ID: 5068 |ParentID: 796)
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (ID: 5904 |ParentID: 796)
c:\Program Files (x86)\Nero\Update\NASvc.exe (ID: 5936 |ParentID: 796)
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (ID: 6008 |ParentID: 796)
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (ID: 6048 |ParentID: 796)
C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe (ID: 5180 |ParentID: 796)
C:\Windows\system32\csrss.exe (ID: 3524 |ParentID: 4244)
C:\Windows\System32\WinLogon.exe (ID: 2456 |ParentID: 4244)
C:\Windows\System32\dwm.exe (ID: 2140 |ParentID: 2456)
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (ID: 1152 |ParentID: 972)
C:\Windows\system32\nvvsvc.exe (ID: 3104 |ParentID: 972)
C:\Windows\system32\taskhostex.exe (ID: 888 |ParentID: 796)
C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe (ID: 2524 |ParentID: 796)
C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe (ID: 1180 |ParentID: 796)
C:\Windows\Explorer.EXE (ID: 2304 |ParentID: 3392)
C:\Program Files\Elantech\ETDCtrl.exe (ID: 1312 |ParentID: 2232)
C:\Program Files (x86)\Launch Manager\LMutilps32.exe (ID: 3492 |ParentID: 2160)
C:\Program Files (x86)\Launch Manager\LManager.exe (ID: 4760 |ParentID: 4012)
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (ID: 2444 |ParentID: 1152)
C:\Program Files\Elantech\ETDCtrlHelper.exe (ID: 5536 |ParentID: 1312)
C:\Windows\system32\wbem\unsecapp.exe (ID: 3612 |ParentID: 912)
C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe (ID: 5000 |ParentID: 4760)
C:\Windows\system32\igfxext.exe (ID: 5168 |ParentID: 912)
C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe (ID: 3640 |ParentID: 2304)
C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe (ID: 5704 |ParentID: 3640)
C:\Windows\System32\igfxtray.exe (ID: 4156 |ParentID: 2304)
C:\Windows\System32\hkcmd.exe (ID: 4440 |ParentID: 2304)
C:\Windows\System32\igfxpers.exe (ID: 2892 |ParentID: 2304)
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (ID: 5672 |ParentID: 2304)
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (ID: 760 |ParentID: 2304)
C:\Program Files (x86)\RadioController\RfBtnHelper.exe (ID: 1664 |ParentID: 2468)
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (ID: 5380 |ParentID: 4748)
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (ID: 4584 |ParentID: 4748)
C:\Program Files\AVAST Software\Avast\AvastUI.exe (ID: 2836 |ParentID: 4748)
C:\Program Files (x86)\Mozilla Firefox\firefox.exe (ID: 4240 |ParentID: 2304)
C:\Program Files\Acer\Acer Power Management\ePowerTray.exe (ID: 3824 |ParentID: 796)
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe (ID: 5436 |ParentID: 760)
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe (ID: 5668 |ParentID: 912)
C:\Windows\System32\svchost.exe (ID: 4268 |ParentID: 796)
C:\Windows\system32\igfxsrvc.exe (ID: 5212 |ParentID: 912)
C:\Windows\system32\wbem\unsecapp.exe (ID: 4668 |ParentID: 912)
C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe (ID: 3512 |ParentID: 5068)
C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe (ID: 2260 |ParentID: 796)
C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe (ID: 4100 |ParentID: 796)
C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe (ID: 5776 |ParentID: 796)
C:\Windows\system32\SearchProtocolHost.exe (ID: 5592 |ParentID: 1120)
C:\Windows\system32\SearchFilterHost.exe (ID: 5348 |ParentID: 1120)
C:\Windows\system32\DllHost.exe (ID: 6092 |ParentID: 912)
C:\Windows\System32\WUDFHost.exe (ID: 5364 |ParentID: 288)
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe (ID: 4352 |ParentID: 4240)
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe (ID: 2212 |ParentID: 4352)
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe (ID: 836 |ParentID: 2212)
################## | Recherche g�n�rique |
(!) Fichiers temporaires supprim�s.
################## | Registre |
################## | Regedit Run |
F2 - HKLM\..\Winlogon : [Shell] explorer.exe
F2 - [x64] HKLM\..\Winlogon : [Shell] explorer.exe
F2 - HKLM\..\Winlogon : [Userinit] userinit.exe,
F2 - [x64] HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe,
04 - HKLM\..\Run : [LManager]
04 - HKLM\..\Run : [RadioController] "C:\Program Files (x86)\RadioController\RfBtnHelper.exe" Start_Run
04 - HKLM\..\Run : [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
04 - HKLM\..\Run : [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
04 - HKLM\..\Run : []
04 - HKLM\..\Run : [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
04 - HKLM\..\Run : [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
04 - HKLM\..\RunOnce : []
04 - HKLM\..\Policies\Explorer\run : [BtvStack] "C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe"
04 - [x64] HKLM\..\Run : [IgfxTray] C:\Windows\system32\igfxtray.exe
04 - [x64] HKLM\..\Run : [HotKeysCmds] C:\Windows\system32\hkcmd.exe
04 - [x64] HKLM\..\Run : [Persistence] C:\Windows\system32\igfxpers.exe
04 - [x64] HKLM\..\Run : [ETDCtrl] %ProgramFiles%\Elantech\ETDCtrl.exe
04 - [x64] HKLM\..\Run : [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
04 - [x64] HKLM\..\Policies\Explorer\run : [BtvStack] "C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe"
################## | Listing |
[14/08/2013 - 12:12:10 | SHD] - C:\$Recycle.Bin
[29/04/2014 - 18:37:04 | D] - C:\AdwCleaner
[02/06/2012 - 16:30:55 | N | 0 Ko] - C:\BOOTNXT
[23/01/2013 - 21:56:03 | RASH | 8 Ko] - C:\BOOTSECT.BAK
[16/04/2014 - 09:36:35 | D] - C:\Config.Msi
[26/07/2012 - 09:22:08 | SHD] - C:\Documents and Settings
[14/08/2013 - 11:22:28 | D] - C:\Dolby PCEE4
[29/04/2014 - 13:37:04 | D] - C:\f31defc28263092cbaa0ceaf
[30/04/2014 - 14:52:42 | ASH | 4880196 Ko] - C:\hiberfil.sys
[14/08/2013 - 10:36:15 | D] - C:\Intel
[14/08/2013 - 16:06:14 | D] - C:\OEM
[30/04/2014 - 14:52:49 | ASH | 983040 Ko] - C:\pagefile.sys
[26/07/2012 - 09:33:46 | D] - C:\PerfLogs
[30/04/2014 - 15:05:44 | N | 1 Ko] - C:\PhysicalDisk0_MBR.bin
[25/01/2014 - 22:21:14 | D] - C:\Program Files
[30/04/2014 - 14:48:27 | D] - C:\Program Files (x86)
[30/04/2014 - 16:23:47 | HD] - C:\ProgramData
[30/04/2014 - 14:34:29 | D] - C:\RegBackup
[14/08/2013 - 20:25:12 | HD] - C:\sources
[30/04/2014 - 14:53:16 | ASH | 262144 Ko] - C:\swapfile.sys
[30/04/2014 - 14:34:47 | SHD] - C:\System Volume Information
[30/04/2014 - 17:16:54 | D] - C:\UsbFix
[30/04/2014 - 17:18:51 | A | 10 Ko | A859618B77592BBCF35EC529D76BFC55] - C:\UsbFix [Clean 2] PC.txt
[14/08/2013 - 12:10:19 | D] - C:\Users
[30/04/2014 - 16:25:25 | D] - C:\Windows
[14/08/2013 - 10:44:29 | SHD] - D:\$RECYCLE.BIN
[29/09/2013 - 13:26:52 | D] - D:\FFOutput
[14/08/2013 - 10:33:13 | SHD] - D:\System Volume Information
[20/09/2013 - 17:21:04 | D] - F:\sciences et technologie
[20/09/2013 - 17:21:00 | D] - F:\1. cahier journal
[20/09/2013 - 17:21:02 | D] - F:\3. contrats
[20/09/2013 - 17:19:52 | D] - F:\Fran�ais
[20/09/2013 - 17:19:40 | D] - F:\coop�
[20/09/2013 - 17:19:40 | D] - F:\2. administratif
[20/09/2013 - 17:19:10 | D] - F:\affichage&rituels
[20/09/2013 - 17:19:46 | D] - F:\Arts visuels
[20/09/2013 - 17:20:52 | D] - F:\biblioth�que de classe
[15/01/2014 - 21:15:26 | N | 262 Ko] - F:\IMGP7141.jpg
[29/01/2014 - 10:07:50 | N | 2691 Ko] - F:\azurjdi.pdf
[08/12/2013 - 16:33:12 | D] - F:\anglais
[28/09/2013 - 17:11:14 | N | 854 Ko | D42535A8D18BB7F50486E4D9BBCB307E] - F:\installe_7x8m.exe
[25/09/2013 - 15:44:32 | D] - F:\geographie
[04/12/2013 - 14:06:02 | D] - F:\aide perso
[26/01/2014 - 18:47:52 | D] - F:\multiplication_C3.gallery
[05/10/2013 - 18:58:26 | D] - F:\autonomie
[05/10/2013 - 19:58:22 | D] - F:\s6 utile
[17/04/2014 - 19:05:20 | N | 301327 Ko] - F:\bernard et bianca.mp4
[05/11/2013 - 12:04:46 | D] - F:\musique
[11/11/2013 - 12:12:32 | D] - F:\classe d�couverte
[29/01/2014 - 10:06:32 | N | 1867 Ko] - F:\azur_et_asmar.pdf
[08/02/2014 - 20:12:40 | N | 24 Ko] - F:\division aff 03.pdf
[16/02/2014 - 11:52:48 | N | 153807 Ko] - F:\Princes et Princesses FRENCH DVDRiP DiVX by qowe teste DivXo.flv
[04/03/2014 - 10:17:38 | D] - F:\EPs
[20/09/2013 - 17:20:54 | D] - F:\histoire
[20/09/2013 - 17:19:50 | D] - F:\jeux
[20/09/2013 - 17:20:24 | D] - F:\maths
[22/09/2013 - 15:53:48 | D] - F:\projet
################## | Vaccin |
D:\Autorun.inf -> Vaccin cr�� par UsbFix (El Desaparecido)
F:\Autorun.inf -> Vaccin cr�� par UsbFix (El Desaparecido)
################## | E.O.F | http://www.usbfix.net/ - http://www.sosvirus.net |
Utilisateur: user (Administrateur) # PC
Mis � jour le 31/03/2014 par El Desaparecido - Team SosVirus
Lanc� � 17:18:11 | 30/04/2014
Site Web : http://www.usbfix.net/
Changelog : http://www.usbfix.net/maj/
Support : http://www.sosvirus.net/forum-virus-securite.html
Upload Malware : http://www.sosvirus.net/upload_malware.php
Contact : http://www.usbfix.net/contact/
PC: Acer (BA51_HC_CR)
CPU: Intel(R) Core(TM) i3-2328M CPU @ 2.20GHz
RAM -> [Total : 5957 Mo| Free : 4420 Mo]
Bios: Insyde Corp.
Boot: Normal boot
OS: Microsoft Windows 8 (6.2.9200 64-Bit)
WB: Windows Internet Explorer : 10.0.9200.16863
WB: Mozilla Firefox : 28.0
SC: Security Center [Enabled]
WU: Windows Update [Enabled]
AV: Windows Defender [(!) Disabled | Updated]
AV: avast! Antivirus [Enabled | Updated]
AS: Windows Defender [(!) Disabled | Updated]
AS: avast! Antivirus [Enabled | Updated]
FW: Windows FireWall [(!) Disabled]
C:\ (%systemdrive%) -> Disque fixe # 339 Go (289 Go libre(s) - 85%) [Acer] # NTFS
D:\ -> Disque fixe # 339 Go (338 Go libre(s) - 100%) [DATA] # NTFS
E:\ -> CD-ROM
F:\ -> Disque amovible # 4 Go (2 Go libre(s) - 63%) [CE2 CM1 CM2] # FAT32
################## | Processus Actif |
C:\Windows\system32\csrss.exe (ID: 580 |ParentID: 572)
C:\Windows\system32\wininit.exe (ID: 692 |ParentID: 572)
C:\Windows\system32\services.exe (ID: 796 |ParentID: 692)
C:\Windows\system32\lsass.exe (ID: 804 |ParentID: 692)
C:\Windows\system32\svchost.exe (ID: 912 |ParentID: 796)
C:\Windows\system32\nvvsvc.exe (ID: 972 |ParentID: 796)
C:\Windows\system32\svchost.exe (ID: 1016 |ParentID: 796)
C:\Windows\System32\svchost.exe (ID: 336 |ParentID: 796)
C:\Windows\system32\svchost.exe (ID: 428 |ParentID: 796)
C:\Windows\system32\svchost.exe (ID: 572 |ParentID: 796)
C:\Windows\System32\svchost.exe (ID: 288 |ParentID: 796)
C:\Windows\system32\svchost.exe (ID: 1348 |ParentID: 796)
C:\Program Files\AVAST Software\Avast\AvastSvc.exe (ID: 1424 |ParentID: 796)
C:\Windows\System32\spoolsv.exe (ID: 1764 |ParentID: 796)
C:\Windows\system32\svchost.exe (ID: 1868 |ParentID: 796)
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (ID: 1888 |ParentID: 796)
C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe (ID: 1776 |ParentID: 796)
C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe (ID: 2028 |ParentID: 796)
C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe (ID: 2008 |ParentID: 796)
C:\Program Files (x86)\Launch Manager\dsiwmis.exe (ID: 2160 |ParentID: 796)
C:\Windows\system32\dashost.exe (ID: 2180 |ParentID: 288)
C:\Program Files\Elantech\ETDService.exe (ID: 2232 |ParentID: 796)
C:\Windows\SysWOW64\svchost.exe (ID: 2268 |ParentID: 796)
C:\Program Files\Intel\iCLS Client\HeciServer.exe (ID: 2324 |ParentID: 796)
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (ID: 2364 |ParentID: 796)
C:\Windows\RfBtnSvc64.exe (ID: 2468 |ParentID: 796)
C:\Windows\system32\svchost.exe (ID: 2712 |ParentID: 796)
C:\Windows\system32\SearchIndexer.exe (ID: 1120 |ParentID: 796)
C:\Windows\system32\wbem\unsecapp.exe (ID: 3420 |ParentID: 912)
C:\Windows\system32\wbem\wmiprvse.exe (ID: 3452 |ParentID: 912)
C:\Windows\system32\svchost.exe (ID: 3596 |ParentID: 796)
C:\Windows\system32\wbem\wmiprvse.exe (ID: 3964 |ParentID: 912)
C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe (ID: 5068 |ParentID: 796)
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (ID: 5904 |ParentID: 796)
c:\Program Files (x86)\Nero\Update\NASvc.exe (ID: 5936 |ParentID: 796)
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (ID: 6008 |ParentID: 796)
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (ID: 6048 |ParentID: 796)
C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe (ID: 5180 |ParentID: 796)
C:\Windows\system32\csrss.exe (ID: 3524 |ParentID: 4244)
C:\Windows\System32\WinLogon.exe (ID: 2456 |ParentID: 4244)
C:\Windows\System32\dwm.exe (ID: 2140 |ParentID: 2456)
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (ID: 1152 |ParentID: 972)
C:\Windows\system32\nvvsvc.exe (ID: 3104 |ParentID: 972)
C:\Windows\system32\taskhostex.exe (ID: 888 |ParentID: 796)
C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe (ID: 2524 |ParentID: 796)
C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe (ID: 1180 |ParentID: 796)
C:\Windows\Explorer.EXE (ID: 2304 |ParentID: 3392)
C:\Program Files\Elantech\ETDCtrl.exe (ID: 1312 |ParentID: 2232)
C:\Program Files (x86)\Launch Manager\LMutilps32.exe (ID: 3492 |ParentID: 2160)
C:\Program Files (x86)\Launch Manager\LManager.exe (ID: 4760 |ParentID: 4012)
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (ID: 2444 |ParentID: 1152)
C:\Program Files\Elantech\ETDCtrlHelper.exe (ID: 5536 |ParentID: 1312)
C:\Windows\system32\wbem\unsecapp.exe (ID: 3612 |ParentID: 912)
C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe (ID: 5000 |ParentID: 4760)
C:\Windows\system32\igfxext.exe (ID: 5168 |ParentID: 912)
C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe (ID: 3640 |ParentID: 2304)
C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe (ID: 5704 |ParentID: 3640)
C:\Windows\System32\igfxtray.exe (ID: 4156 |ParentID: 2304)
C:\Windows\System32\hkcmd.exe (ID: 4440 |ParentID: 2304)
C:\Windows\System32\igfxpers.exe (ID: 2892 |ParentID: 2304)
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (ID: 5672 |ParentID: 2304)
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (ID: 760 |ParentID: 2304)
C:\Program Files (x86)\RadioController\RfBtnHelper.exe (ID: 1664 |ParentID: 2468)
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (ID: 5380 |ParentID: 4748)
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (ID: 4584 |ParentID: 4748)
C:\Program Files\AVAST Software\Avast\AvastUI.exe (ID: 2836 |ParentID: 4748)
C:\Program Files (x86)\Mozilla Firefox\firefox.exe (ID: 4240 |ParentID: 2304)
C:\Program Files\Acer\Acer Power Management\ePowerTray.exe (ID: 3824 |ParentID: 796)
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe (ID: 5436 |ParentID: 760)
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe (ID: 5668 |ParentID: 912)
C:\Windows\System32\svchost.exe (ID: 4268 |ParentID: 796)
C:\Windows\system32\igfxsrvc.exe (ID: 5212 |ParentID: 912)
C:\Windows\system32\wbem\unsecapp.exe (ID: 4668 |ParentID: 912)
C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe (ID: 3512 |ParentID: 5068)
C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe (ID: 2260 |ParentID: 796)
C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe (ID: 4100 |ParentID: 796)
C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe (ID: 5776 |ParentID: 796)
C:\Windows\system32\SearchProtocolHost.exe (ID: 5592 |ParentID: 1120)
C:\Windows\system32\SearchFilterHost.exe (ID: 5348 |ParentID: 1120)
C:\Windows\system32\DllHost.exe (ID: 6092 |ParentID: 912)
C:\Windows\System32\WUDFHost.exe (ID: 5364 |ParentID: 288)
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe (ID: 4352 |ParentID: 4240)
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe (ID: 2212 |ParentID: 4352)
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe (ID: 836 |ParentID: 2212)
################## | Recherche g�n�rique |
(!) Fichiers temporaires supprim�s.
################## | Registre |
################## | Regedit Run |
F2 - HKLM\..\Winlogon : [Shell] explorer.exe
F2 - [x64] HKLM\..\Winlogon : [Shell] explorer.exe
F2 - HKLM\..\Winlogon : [Userinit] userinit.exe,
F2 - [x64] HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe,
04 - HKLM\..\Run : [LManager]
04 - HKLM\..\Run : [RadioController] "C:\Program Files (x86)\RadioController\RfBtnHelper.exe" Start_Run
04 - HKLM\..\Run : [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
04 - HKLM\..\Run : [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
04 - HKLM\..\Run : []
04 - HKLM\..\Run : [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
04 - HKLM\..\Run : [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
04 - HKLM\..\RunOnce : []
04 - HKLM\..\Policies\Explorer\run : [BtvStack] "C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe"
04 - [x64] HKLM\..\Run : [IgfxTray] C:\Windows\system32\igfxtray.exe
04 - [x64] HKLM\..\Run : [HotKeysCmds] C:\Windows\system32\hkcmd.exe
04 - [x64] HKLM\..\Run : [Persistence] C:\Windows\system32\igfxpers.exe
04 - [x64] HKLM\..\Run : [ETDCtrl] %ProgramFiles%\Elantech\ETDCtrl.exe
04 - [x64] HKLM\..\Run : [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
04 - [x64] HKLM\..\Policies\Explorer\run : [BtvStack] "C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe"
################## | Listing |
[14/08/2013 - 12:12:10 | SHD] - C:\$Recycle.Bin
[29/04/2014 - 18:37:04 | D] - C:\AdwCleaner
[02/06/2012 - 16:30:55 | N | 0 Ko] - C:\BOOTNXT
[23/01/2013 - 21:56:03 | RASH | 8 Ko] - C:\BOOTSECT.BAK
[16/04/2014 - 09:36:35 | D] - C:\Config.Msi
[26/07/2012 - 09:22:08 | SHD] - C:\Documents and Settings
[14/08/2013 - 11:22:28 | D] - C:\Dolby PCEE4
[29/04/2014 - 13:37:04 | D] - C:\f31defc28263092cbaa0ceaf
[30/04/2014 - 14:52:42 | ASH | 4880196 Ko] - C:\hiberfil.sys
[14/08/2013 - 10:36:15 | D] - C:\Intel
[14/08/2013 - 16:06:14 | D] - C:\OEM
[30/04/2014 - 14:52:49 | ASH | 983040 Ko] - C:\pagefile.sys
[26/07/2012 - 09:33:46 | D] - C:\PerfLogs
[30/04/2014 - 15:05:44 | N | 1 Ko] - C:\PhysicalDisk0_MBR.bin
[25/01/2014 - 22:21:14 | D] - C:\Program Files
[30/04/2014 - 14:48:27 | D] - C:\Program Files (x86)
[30/04/2014 - 16:23:47 | HD] - C:\ProgramData
[30/04/2014 - 14:34:29 | D] - C:\RegBackup
[14/08/2013 - 20:25:12 | HD] - C:\sources
[30/04/2014 - 14:53:16 | ASH | 262144 Ko] - C:\swapfile.sys
[30/04/2014 - 14:34:47 | SHD] - C:\System Volume Information
[30/04/2014 - 17:16:54 | D] - C:\UsbFix
[30/04/2014 - 17:18:51 | A | 10 Ko | A859618B77592BBCF35EC529D76BFC55] - C:\UsbFix [Clean 2] PC.txt
[14/08/2013 - 12:10:19 | D] - C:\Users
[30/04/2014 - 16:25:25 | D] - C:\Windows
[14/08/2013 - 10:44:29 | SHD] - D:\$RECYCLE.BIN
[29/09/2013 - 13:26:52 | D] - D:\FFOutput
[14/08/2013 - 10:33:13 | SHD] - D:\System Volume Information
[20/09/2013 - 17:21:04 | D] - F:\sciences et technologie
[20/09/2013 - 17:21:00 | D] - F:\1. cahier journal
[20/09/2013 - 17:21:02 | D] - F:\3. contrats
[20/09/2013 - 17:19:52 | D] - F:\Fran�ais
[20/09/2013 - 17:19:40 | D] - F:\coop�
[20/09/2013 - 17:19:40 | D] - F:\2. administratif
[20/09/2013 - 17:19:10 | D] - F:\affichage&rituels
[20/09/2013 - 17:19:46 | D] - F:\Arts visuels
[20/09/2013 - 17:20:52 | D] - F:\biblioth�que de classe
[15/01/2014 - 21:15:26 | N | 262 Ko] - F:\IMGP7141.jpg
[29/01/2014 - 10:07:50 | N | 2691 Ko] - F:\azurjdi.pdf
[08/12/2013 - 16:33:12 | D] - F:\anglais
[28/09/2013 - 17:11:14 | N | 854 Ko | D42535A8D18BB7F50486E4D9BBCB307E] - F:\installe_7x8m.exe
[25/09/2013 - 15:44:32 | D] - F:\geographie
[04/12/2013 - 14:06:02 | D] - F:\aide perso
[26/01/2014 - 18:47:52 | D] - F:\multiplication_C3.gallery
[05/10/2013 - 18:58:26 | D] - F:\autonomie
[05/10/2013 - 19:58:22 | D] - F:\s6 utile
[17/04/2014 - 19:05:20 | N | 301327 Ko] - F:\bernard et bianca.mp4
[05/11/2013 - 12:04:46 | D] - F:\musique
[11/11/2013 - 12:12:32 | D] - F:\classe d�couverte
[29/01/2014 - 10:06:32 | N | 1867 Ko] - F:\azur_et_asmar.pdf
[08/02/2014 - 20:12:40 | N | 24 Ko] - F:\division aff 03.pdf
[16/02/2014 - 11:52:48 | N | 153807 Ko] - F:\Princes et Princesses FRENCH DVDRiP DiVX by qowe teste DivXo.flv
[04/03/2014 - 10:17:38 | D] - F:\EPs
[20/09/2013 - 17:20:54 | D] - F:\histoire
[20/09/2013 - 17:19:50 | D] - F:\jeux
[20/09/2013 - 17:20:24 | D] - F:\maths
[22/09/2013 - 15:53:48 | D] - F:\projet
################## | Vaccin |
D:\Autorun.inf -> Vaccin cr�� par UsbFix (El Desaparecido)
F:\Autorun.inf -> Vaccin cr�� par UsbFix (El Desaparecido)
################## | E.O.F | http://www.usbfix.net/ - http://www.sosvirus.net |