############################## | UsbFix V 7.144 | [Suppression] Utilisateur: DBDesign (Administrateur) # PC-DE-DANNY Mis à jour le 08/10/2013 par El Desaparecido - Team SosVirus Lancé à 20:53:38 | 17/10/2013 Site Web: http://www.usbfix.net/ Forum : http://www.sosvirus.net/ Upload Malware: http://www.sosvirus.net/upload_malware.php Contact: http://www.usbfix.net/contact/ PC: ASUSTeK Computer INC. (M4A87TD EVO) CPU: AMD Phenom(tm) II X6 1055T Processor RAM -> [Total : 8190 | Free : 6245] Bios: American Megatrends Inc. Boot: Normal boot OS: Microsoft Windows 8 Professionnel (6.2.9200 64-Bit) # WB: Windows Internet Explorer 10.0.9200.16721 SC: Security Center Service [Enabled] WU: Windows Update Service [(!) Disabled] AV: AVG Internet Security 2013 [(!) Disabled | Updated] FW: Windows FireWall Service [Enabled] C:\ (%systemdrive%) -> Disque fixe # 293 Go (155 Go libre(s) - 53%) [] # NTFS D:\ -> Disque fixe # 466 Go (211 Go libre(s) - 45%) [TOSHIBA EXT] # NTFS E:\ -> Disque fixe # 639 Go (94 Go libre(s) - 15%) [] # NTFS F:\ -> Disque fixe # 932 Go (220 Go libre(s) - 24%) [Elements] # NTFS G:\ -> CD-ROM ################## | Regedit Run | HKLM\SOFTWARE | Run : [AVG_UI] - "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY HKLM\SOFTWARE | Run : [Adobe ARM] - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" HKLM\SOFTWARE | Run : [APSDaemon] - "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" HKLM\SOFTWARE | Run : [iTunesHelper] - "C:\Program Files (x86)\iTunes\iTunesHelper.exe" HKLM\SOFTWARE | Run : [JMB36X IDE Setup] - C:\Windows\RaidTool\xInsIDE.exe HKLM\SOFTWARE | Run : [Wondershare Helper Compact] - "C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe" HKLM\SOFTWARE | Run : [LogMeIn Hamachi Ui] - "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start HKLM\SOFTWARE | Run : [StartCCC] - "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun HKLM\SOFTWARE\wow6432Node | Run : [AVG_UI] - "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY HKLM\SOFTWARE\wow6432Node | Run : [Adobe ARM] - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" HKLM\SOFTWARE\wow6432Node | Run : [APSDaemon] - "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" HKLM\SOFTWARE\wow6432Node | Run : [iTunesHelper] - "C:\Program Files (x86)\iTunes\iTunesHelper.exe" HKLM\SOFTWARE\wow6432Node | Run : [JMB36X IDE Setup] - C:\Windows\RaidTool\xInsIDE.exe HKLM\SOFTWARE\wow6432Node | Run : [Wondershare Helper Compact] - "C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe" HKLM\SOFTWARE\wow6432Node | Run : [LogMeIn Hamachi Ui] - "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start HKLM\SOFTWARE\wow6432Node | Run : [StartCCC] - "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun HKLM\SOFTWARE | RunOnce : [] - HKLM\SOFTWARE\wow6432Node | RunOnce : [] - HKU\S-1-5-21-109731523-2391859423-767708429-1001\SOFTWARE | Run : [Skype] - "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun HKU\S-1-5-21-109731523-2391859423-767708429-1001\SOFTWARE | Run : [AtiDriverStart] - C:\Users\DBDesign\AppData\Local\ATI Technologies\atidxx.exe ################## | Processus Stoppés | Stoppé! C:\PROGRA~2\AVG\AVG2013\avgrsa.exe (ID 468 |ParentID 448) Stoppé! C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe (ID 520 |ParentID 468) Stoppé! C:\Windows\system32\atiesrxx.exe (ID 1168 |ParentID 420) Stoppé! C:\Windows\system32\atieclxx.exe (ID 1424 |ParentID 1168) Stoppé! C:\Windows\System32\spoolsv.exe (ID 1816 |ParentID 420) Stoppé! C:\Windows\system32\taskeng.exe (ID 1988 |ParentID 1308) Stoppé! C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (ID 1340 |ParentID 420) Stoppé! C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (ID 1512 |ParentID 420) Stoppé! C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (ID 1588 |ParentID 420) Stoppé! C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe (ID 1076 |ParentID 420) Stoppé! C:\Program Files (x86)\AVG\AVG2013\avgfws.exe (ID 2000 |ParentID 420) Stoppé! C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe (ID 2064 |ParentID 420) Stoppé! C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe (ID 2104 |ParentID 420) Stoppé! C:\Program Files\Bonjour\mDNSResponder.exe (ID 2136 |ParentID 420) Stoppé! C:\Program Files\ma-config.com\MaConfigAgent.exe (ID 2176 |ParentID 420) Stoppé! C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (ID 2208 |ParentID 420) Stoppé! C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe (ID 2540 |ParentID 2104) Stoppé! C:\Program Files (x86)\AVG\AVG2013\avgemca.exe (ID 2572 |ParentID 2104) Stoppé! C:\Windows\SysWOW64\PnkBstrA.exe (ID 2892 |ParentID 420) Stoppé! C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (ID 3016 |ParentID 420) Stoppé! C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe (ID 3028 |ParentID 3016) Stoppé! C:\Windows\system32\taskhostex.exe (ID 2880 |ParentID 420) Stoppé! C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (ID 3440 |ParentID 3016) Stoppé! C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe (ID 3584 |ParentID 3440) Stoppé! C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe (ID 2652 |ParentID 2540) Stoppé! C:\Windows\System32\WUDFHost.exe (ID 4408 |ParentID 1440) Stoppé! C:\Windows\system32\dashost.exe (ID 4536 |ParentID 1440) Stoppé! C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe (ID 4668 |ParentID 1040) Stoppé! C:\Windows\system32\SearchIndexer.exe (ID 4696 |ParentID 420) Stoppé! C:\Program Files\Logitech Gaming Software\LCore.exe (ID 4524 |ParentID 3144) Stoppé! C:\Users\DBDesign\AppData\Local\ATI Technologies\atiedxx.exe (ID 4580 |ParentID 4568) Stoppé! C:\Windows\system32\conhost.exe (ID 4972 |ParentID 4580) Stoppé! C:\Program Files (x86)\AVG\AVG2013\avgui.exe (ID 4392 |ParentID 4592) Stoppé! C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (ID 1952 |ParentID 4600) Stoppé! C:\Windows\System32\RuntimeBroker.exe (ID 4608 |ParentID 1040) Stoppé! C:\Program Files\Logitech Gaming Software\Applets\LCDRSS.exe (ID 5268 |ParentID 4524) Stoppé! C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe (ID 5276 |ParentID 4524) Stoppé! C:\Program Files\Logitech Gaming Software\Applets\LCDPop3.exe (ID 5284 |ParentID 4524) Stoppé! C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe (ID 5292 |ParentID 4524) Stoppé! C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe (ID 5312 |ParentID 4524) Stoppé! C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (ID 5632 |ParentID 1952) Stoppé! C:\Program Files (x86)\AVG\AVG2013\avgcfgex.exe (ID 3208 |ParentID 4392) ################## | Éléments infectieux | Non supprimé ! F:\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx Supprimé! D:\autorun.inf Supprimé! F:\autorun.inf Non supprimé ! F:\Recycler\S-5-3-42-2819952290-8240758988-879315005-3665 (!) Fichiers temporaires supprimés. ################## | Registre | ################## | Listing | [21/07/2013 - 15:23:50 | D ] C:\$AVG [27/07/2013 - 20:05:36 | SHD ] C:\$Recycle.Bin [17/10/2013 - 10:41:43 | D ] C:\AMD [26/07/2012 - 07:44:30 | RASH | 398156] C:\bootmgr [02/06/2012 - 18:30:55 | N | 1] C:\BOOTNXT [17/10/2013 - 10:57:39 | SHD ] C:\Config.Msi [26/07/2012 - 11:22:08 | SHD ] C:\Documents and Settings [24/07/2013 - 14:48:36 | D ] C:\Games [17/10/2013 - 20:44:46 | ASH | 6870417408] C:\hiberfil.sys [15/09/2013 - 16:50:46 | RHD ] C:\MSOCache [17/10/2013 - 20:44:47 | ASH | 1275068416] C:\pagefile.sys [26/07/2012 - 11:33:46 | D ] C:\PerfLogs [17/10/2013 - 18:33:21 | N | 512] C:\PhysicalMBR.bin [15/09/2013 - 16:53:34 | D ] C:\Program Files [17/10/2013 - 15:19:11 | D ] C:\Program Files (x86) [17/10/2013 - 10:45:40 | HD ] C:\ProgramData [25/07/2013 - 19:28:13 | D ] C:\RaidTool [21/07/2013 - 12:44:05 | SHD ] C:\Recovery [17/10/2013 - 20:45:03 | ASH | 268435456] C:\swapfile.sys [17/10/2013 - 10:43:15 | SHD ] C:\System Volume Information [17/10/2013 - 20:57:53 | D ] C:\UsbFix [17/10/2013 - 20:58:54 | A | 8428] C:\UsbFix [Clean 1] PC-DE-DANNY.txt [17/10/2013 - 19:36:22 | N | 8348] C:\UsbFix [Scan 1] PC-DE-DANNY.txt [21/07/2013 - 12:49:43 | RD ] C:\Users [17/10/2013 - 14:55:28 | N | 2387] C:\VEW.txt [17/10/2013 - 19:02:17 | D ] C:\Windows [28/08/2013 - 12:02:53 | SHD ] D:\$RECYCLE.BIN [20/07/2013 - 12:04:04 | D ] D:\Aimbot [17/10/2013 - 09:28:28 | D ] D:\BTS [05/10/2013 - 08:26:42 | D ] D:\Dossier [16/07/2013 - 12:48:34 | N | 92131] D:\FAC TEMPON.JPG [15/10/2013 - 13:37:17 | D ] D:\Jeux [20/07/2013 - 12:00:41 | D ] D:\Logiciel [08/10/2013 - 21:06:10 | N | 328] D:\Manga.txt [20/07/2013 - 10:59:18 | D ] D:\Mes Films [17/10/2013 - 10:02:16 | D ] D:\Mes Séries [21/07/2013 - 15:42:52 | SHD ] D:\System Volume Information [16/05/2011 - 10:40:50 | N | 9518] D:\TMP.ico [20/03/2010 - 03:55:52 | N | 2073703] D:\VS_EXPBSLN_x64_enu.CAB [20/03/2010 - 03:58:20 | N | 551424] D:\VS_EXPBSLN_x64_enu.MSI [19/02/2013 - 21:03:54 | D ] E:\$AVG [03/03/2011 - 08:27:15 | SHD ] E:\$RECYCLE.BIN [17/10/2013 - 10:51:53 | D ] E:\Divers [11/02/2013 - 16:49:01 | D ] E:\Galaxy S2 [17/10/2013 - 15:15:19 | D ] E:\Jeux [02/09/2012 - 16:27:07 | D ] E:\Mes Documents [17/10/2013 - 09:35:47 | D ] E:\Mes Téléchargements [17/10/2013 - 10:42:28 | D ] E:\MEUF [17/10/2013 - 09:52:07 | D ] E:\Musique [24/04/2013 - 12:11:55 | D ] E:\Parole Musique [14/03/2013 - 21:46:01 | D ] E:\PDF + Documents [27/02/2013 - 21:30:12 | D ] E:\Personallisation de bureau [10/08/2013 - 15:51:51 | D ] E:\PHOTOSHOP [01/08/2013 - 12:15:54 | D ] E:\Photoshop + Doc + Création + Divers [07/10/2013 - 20:50:35 | D ] E:\Pictures [11/01/2012 - 17:41:51 | D ] E:\Synthesia-0.8.0 [07/12/2010 - 06:19:38 | SHD ] E:\System Volume Information [31/07/2013 - 15:44:29 | D ] E:\Utilitaires [20/09/2013 - 23:06:44 | D ] E:\Video [17/05/2011 - 08:21:54 | D ] F:\$AVG [21/07/2013 - 12:59:45 | SHD ] F:\$RECYCLE.BIN [12/09/2012 - 19:18:03 | D ] F:\autorun [29/03/2012 - 19:18:42 | N | 146617] F:\Blue-USB-W.ico [09/01/2013 - 22:39:45 | D ] F:\BywifiSave [09/01/2013 - 23:55:07 | D ] F:\BywifiShare [05/07/2013 - 21:22:46 | N | 1470375757] F:\Fast.and.Furious.6.2013.FRENCH.WEBRip.LD.XViD-RELiC-.avi [10/02/2012 - 16:47:21 | D ] F:\Hard Times For RJ Berger (Saison 1) [18/02/2012 - 08:33:32 | D ] F:\Hard Times For RJ Berger (Saison 2) [17/10/2013 - 09:40:20 | D ] F:\MANGA [14/10/2013 - 18:58:56 | D ] F:\Manga - VOSTFR - VF [06/09/2012 - 10:46:13 | D ] F:\Manga Films [17/10/2013 - 09:38:38 | D ] F:\Mes Films [03/06/2012 - 01:25:17 | D ] F:\Montage Video [25/08/2013 - 21:22:39 | D ] F:\msdownld.tmp [17/10/2013 - 10:41:17 | D ] F:\PAC-MAN_Championship_Edition_DX_Plus-FLT [16/05/2011 - 17:30:55 | RSHD ] F:\RECYCLER [17/10/2013 - 09:51:06 | D ] F:\Rogue.Legacy.v1.0.13.Cracked-3DM [21/11/2012 - 21:56:56 | N | 1474681516] F:\Sakura-Kiss_Kaiji_2_vostfr.avi [06/05/2011 - 17:20:36 | SHD ] F:\System Volume Information [17/10/2013 - 10:38:19 | D ] F:\The Big Bang Theory [17/10/2013 - 09:35:06 | D ] F:\The Clevland Show [15/11/2012 - 21:57:04 | N | 734273536] F:\The Dark Knight Rises.avi ################## | Vaccin | C:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido) D:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido) E:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido) F:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido) ################## | E.O.F | http://www.usbfix.net - http://www.sosvirus.net |