############################## | UsbFix V 7.126 | [Suppression] Utilisateur: Anthony (Administrateur) # PC-ANTHO Mis à jour le 13/05/2013 par El Desaparecido Lancé à 11:40:55 | 02/06/2013 Site Web: http://sosvirus.org/ Upload Malware: http://upload.sosvirus.org/ Contact: contact@sosvirus.org PC: ASUSTeK COMPUTER INC. (K56CM) (x64-based PC) CPU: Intel(R) Core(TM) i5-3317U CPU @ 1.70GHz (1701) RAM -> [Total : 3982 | Free : 1738] BIOS: K56CM.206 BOOT: Normal boot OS: Microsoft Windows 8 (6.2.9200 64-Bit) # WB: Windows Internet Explorer 10.0.9200.16580 SC: Security Center Service [Enabled] WU: Windows Update Service [(!) Disabled] AV: Windows Defender [(!) Disabled | (!) Outdated] FW: Windows FireWall Service [Enabled] C:\ (%systemdrive%) -> Disque fixe # 264 Go (210 Go libre(s) - 79%) [OS] # NTFS D:\ -> Disque fixe # 398 Go (383 Go libre(s) - 96%) [DATA] # NTFS H:\ -> Disque fixe # 931 Go (918 Go libre(s) - 99%) [My Passport] # NTFS I:\ -> Disque amovible # 2 Go (379 Mo libre(s) - 20%) [USB DISK] # FAT ################## | El Desaparecido Section | HKLM\SOFTWARE | Run : [DivXUpdate] - "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW HKLM\SOFTWARE | Run : [avgnt] - "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min HKLM\SOFTWARE | Run : [SunJavaUpdateSched] - "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" HKLM\SOFTWARE | Run : [Adobe ARM] - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" HKLM\SOFTWARE | Run : [WD Drive Unlocker] - C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe HKLM\SOFTWARE | Run : [WD Quick View] - C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe HKLM\SOFTWARE\wow6432Node | Run : [DivXUpdate] - "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW HKLM\SOFTWARE\wow6432Node | Run : [avgnt] - "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min HKLM\SOFTWARE\wow6432Node | Run : [SunJavaUpdateSched] - "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" HKLM\SOFTWARE\wow6432Node | Run : [Adobe ARM] - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" HKLM\SOFTWARE\wow6432Node | Run : [WD Drive Unlocker] - C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe HKLM\SOFTWARE\wow6432Node | Run : [WD Quick View] - C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe HKLM\SOFTWARE | RunOnce : [] - HKLM\SOFTWARE\wow6432Node | RunOnce : [] - HKU\S-1-5-21-3124752941-3885292783-1113856017-1002\SOFTWARE | Run : [Spotify] - "C:\Users\Anthony\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart HKU\S-1-5-21-3124752941-3885292783-1113856017-1002\SOFTWARE | Run : [Spotify Web Helper] - "C:\Users\Anthony\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" ################## | Processus Stoppés | Stoppé! C:\Windows\system32\nvvsvc.exe (932) Stoppé! C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (1032) Stoppé! C:\Windows\system32\nvvsvc.exe (1048) Stoppé! C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe (1368) Stoppé! C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (1416) Stoppé! C:\Windows\System32\spoolsv.exe (1512) Stoppé! C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (1584) Stoppé! C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (1804) Stoppé! C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\AllShareFrameworkManagerDMS.exe (1840) Stoppé! C:\Program Files\Samsung\AllShare Play\AllShare Play Service.exe (1860) Stoppé! C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\AllShareFrameworkDMS.exe (1868) Stoppé! C:\Program Files\Samsung\AllShare Play\AllShare Play Service.exe (1908) Stoppé! C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (1924) Stoppé! C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe (1964) Stoppé! C:\Windows\system32\DptfParticipantProcessorService.exe (2088) Stoppé! C:\Windows\system32\DptfPolicyConfigTDPService.exe (2168) Stoppé! C:\Windows\system32\dashost.exe (2188) Stoppé! C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe (2224) Stoppé! C:\Program Files\Intel\iCLS Client\HeciServer.exe (2260) Stoppé! C:\Windows\SysWOW64\irstrtsv.exe (2308) Stoppé! C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (2340) Stoppé! C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe (2500) Stoppé! C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe (2572) Stoppé! C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (3180) Stoppé! C:\Program Files\ASUS\P4G\BatteryLife.exe (3196) Stoppé! C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe (3204) Stoppé! C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe (3224) Stoppé! C:\Windows\system32\taskhostex.exe (3312) Stoppé! C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe (3396) Stoppé! C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe (3448) Stoppé! C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe (3464) Stoppé! C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe (3676) Stoppé! C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (3932) Stoppé! C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (4156) Stoppé! C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (4164) Stoppé! C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe (4860) Stoppé! C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe (4992) Stoppé! C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (5024) Stoppé! C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4406.1205_x64__8wekyb3d8bbwe\LiveComm.exe (3560) Stoppé! C:\Windows\System32\RuntimeBroker.exe (4492) Stoppé! C:\Windows\System32\igfxtray.exe (3392) Stoppé! C:\Windows\System32\hkcmd.exe (5064) Stoppé! C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (3168) Stoppé! C:\Program Files (x86)\ASUS\Splendid\ACMON.exe (4396) Stoppé! C:\Program Files\Samsung\AllShare Play\utils\AllShare Play Launcher.exe (4980) Stoppé! C:\Program Files\Samsung\AllShare Play\AllShare Play.exe (4428) Stoppé! C:\Windows\system32\igfxpers.exe (3096) Stoppé! C:\Windows\SysWOW64\ACEngSvr.exe (4044) Stoppé! C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (5192) Stoppé! C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (5396) Stoppé! C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe (5492) Stoppé! C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe (5672) Stoppé! C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe (5916) Stoppé! C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (5428) Stoppé! C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (4480) Stoppé! C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (4496) Stoppé! C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (4816) Stoppé! C:\Windows\System32\WUDFHost.exe (3756) Stoppé! C:\Windows\servicing\TrustedInstaller.exe (3048) Stoppé! C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.2.9200.16455_none_624a7aa150f57306\TiWorker.exe (2972) Stoppé! \\?\C:\Windows\system32\wbem\WMIADAP.EXE (2444) ################## | Éléments infectieux | Supprimé! I:\Recycler\S-5-3-42-2819952290-8240758988-879315005-3665 (!) Fichiers temporaires supprimés. ################## | Registre | Supprimé! HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System|DisableTaskMgr ################## | Mountpoints2 | Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{0f63272f-5714-11e2-be85-50465de27868} Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{dd7f7032-c5da-11e2-bf60-50465de27868} ################## | Listing | [10/12/2012 - 21:00:33 | SHD ] C:\$Recycle.Bin [17/04/2013 - 11:53:32 | N | 1431] C:\AdwCleaner[R1].txt [17/04/2013 - 11:54:24 | N | 1502] C:\AdwCleaner[S1].txt [02/06/2013 - 11:35:12 | D ] C:\AllShare Play [03/01/2013 - 10:57:18 | D ] C:\AsusVibeData [01/02/2013 - 11:32:41 | N | 38367] C:\bdlog.txt [15/08/2012 - 15:28:18 | N | 2510608] C:\bdr-bz01 [27/12/2012 - 18:40:23 | N | 636] C:\bdr-cf01 [19/10/2012 - 12:17:29 | N | 37133532] C:\bdr-im01.gz [27/12/2012 - 18:40:23 | N | 253404] C:\bdr-ld01 [27/12/2012 - 18:40:23 | N | 9216] C:\bdr-ld01.mbr [17/08/2012 - 11:42:50 | SHD ] C:\Boot [24/01/2013 - 16:16:14 | D ] C:\boot-sav [26/07/2012 - 05:44:30 | RASH | 398156] C:\bootmgr [02/06/2012 - 16:30:55 | N | 1] C:\BOOTNXT [02/06/2013 - 11:29:05 | D ] C:\Config.Msi [26/07/2012 - 09:22:08 | SHD ] C:\Documents and Settings [28/09/2012 - 14:50:29 | D ] C:\eSupport [16/04/2013 - 21:29:53 | D ] C:\found.000 [26/05/2013 - 17:10:34 | D ] C:\found.001 [28/05/2013 - 13:34:50 | D ] C:\found.002 [01/06/2013 - 13:02:41 | D ] C:\found.003 [02/06/2013 - 11:34:42 | ASH | 3340058624] C:\hiberfil.sys [28/09/2012 - 14:29:31 | D ] C:\Intel [01/06/2013 - 21:44:07 | D ] C:\JRT [21/08/2012 - 15:43:34 | N | 6293504] C:\K56CA.BIN [21/08/2012 - 15:42:56 | N | 6293504] C:\K56CM.BIN [11/01/2013 - 15:25:35 | RHD ] C:\MSOCache [02/06/2013 - 11:34:42 | ASH | 1342177280] C:\pagefile.sys [26/07/2012 - 09:33:46 | D ] C:\PerfLogs [27/05/2013 - 09:19:37 | D ] C:\Program Files [01/06/2013 - 18:03:25 | D ] C:\Program Files (x86) [01/06/2013 - 18:23:22 | HD ] C:\ProgramData [26/12/2012 - 15:17:54 | D ] C:\sources [02/06/2013 - 11:34:42 | ASH | 268435456] C:\swapfile.sys [02/06/2013 - 11:41:37 | SHD ] C:\System Volume Information [28/09/2012 - 14:36:01 | D ] C:\temp [10/01/2013 - 19:23:11 | D ] C:\Upload [02/06/2013 - 11:41:58 | D ] C:\UsbFix [02/06/2013 - 11:42:05 | A | 9989] C:\UsbFix [Clean 1] PC-ANTHO.txt [01/06/2013 - 21:52:07 | N | 8628] C:\UsbFix [Scan 1] PC-ANTHO.txt [10/12/2012 - 20:44:32 | D ] C:\Users [02/06/2013 - 11:29:02 | D ] C:\Windows [01/06/2013 - 18:23:30 | D ] C:\ZHP [10/12/2012 - 21:00:33 | SHD ] D:\$RECYCLE.BIN [07/02/2013 - 20:28:40 | D ] D:\AlgoC [01/06/2013 - 09:45:44 | D ] D:\Anthony [01/06/2013 - 21:10:41 | D ] D:\Downloads [17/02/2013 - 11:26:10 | D ] D:\found.000 [27/12/2012 - 18:27:20 | D ] D:\Music [01/06/2013 - 13:13:57 | D ] D:\Pictures [09/05/2013 - 11:51:25 | D ] D:\prog [16/04/2013 - 21:24:35 | SHD ] D:\System Volume Information [19/01/2013 - 20:34:01 | D ] D:\Videos [26/05/2013 - 12:44:57 | SHD ] H:\$RECYCLE.BIN [03/09/2011 - 03:22:21 | SHD ] H:\System Volume Information [23/05/2013 - 16:01:02 | N | 2471] I:\test_scrab.c [01/06/2013 - 15:36:42 | D ] I:\.Trash-1000 [01/06/2013 - 12:07:18 | D ] I:\html [01/01/2002 - 04:47:16 | RSHD ] I:\RECYCLER [17/10/2012 - 19:36:00 | D ] I:\.disk [17/10/2012 - 19:36:04 | D ] I:\EFI [17/10/2012 - 19:35:56 | N | 229] I:\README.diskdefines [17/10/2012 - 19:36:04 | D ] I:\boot [06/12/2012 - 10:05:56 | D ] I:\casper [17/10/2012 - 19:35:56 | D ] I:\dists [17/10/2012 - 19:36:02 | D ] I:\install [17/10/2012 - 19:36:04 | D ] I:\syslinux [06/12/2012 - 10:10:08 | N | 18764] I:\md5sum.txt [17/10/2012 - 19:35:56 | D ] I:\pics [17/10/2012 - 19:35:56 | D ] I:\pool [19/10/2012 - 15:26:58 | D ] I:\preseed [19/10/2012 - 15:26:12 | N | 0] I:\ubuntu [27/01/2013 - 11:42:20 | N | 32256] I:\ldlinux.sys [13/11/2011 - 20:56:10 | N | 34494] I:\lili.ico [27/01/2013 - 11:42:22 | N | 2427] I:\Remove_LiLi.bat [27/01/2013 - 11:42:22 | N | 435] I:\SmartClean.ini [26/01/2012 - 18:32:56 | D ] I:\SFT [16/03/2013 - 17:43:54 | D ] I:\V30B_12.2012(FRA) [03/02/2013 - 20:39:34 | N | 10156344] I:\mbam-setup-1.70.0.1100.exe ################## | Vaccin | C:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido) D:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido) H:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido) I:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido) ################## | E.O.F | http://sosvirus.org |