############################## | UsbFix V 7.159 | [Suppression] Utilisateur: taake (Administrateur) # TAAKE-PC Mis à jour le 06/01/2014 par El Desaparecido - Team SosVirus Lancé à 15:29:53 | 09/01/2014 Site Web : http://www.usbfix.net Changelog : http://www.usbfix.net/maj/ Support : http://www.sosvirus.net/ Upload Malware : http://www.sosvirus.net/upload_malware.php Contact : http://www.usbfix.net/contact/ PC: SAMSUNG ELECTRONICS CO., LTD. (R610 ) CPU: Intel(R) Core(TM)2 Duo CPU T6400 @ 2.00GHz RAM -> [Total : 3067 Mo| Free : 2105 Mo] Bios: Phoenix Technologies Ltd. Boot: Normal boot OS: Microsoft Windows 7 Édition Intégrale (6.1.7601 32-Bit) Service Pack 1 WB: Windows Internet Explorer : 11.0.9600.16476 WB: Google Chrome : 31.0.1650.63 WB: Mozilla Firefox : 26.0 SC: Security Center Service [Enabled] WU: Windows Update Service [Enabled] AS: Windows Defender : 6.1.7600.16385 (win7_rtm.090713-1255) AS: Malwarebytes' Anti-Malware : 1.75.0001 FW: Windows FireWall Service [Enabled] C:\ (%systemdrive%) -> Disque fixe # 233 Go (161 Go libre(s) - 69%) [] # NTFS D:\ -> Disque fixe # 100 Mo (71 Mo libre(s) - 71%) [Réservé au système] # NTFS E:\ -> CD-ROM F:\ -> CD-ROM G:\ -> Disque amovible # 2 Go (862 Mo libre(s) - 45%) [] # FAT ################## | Processus Stoppés | Stoppé! C:\Program Files\Avira\AntiVir Desktop\sched.exe (ID: 1444 |ParentID: 572) Stoppé! C:\Program Files\Avira\AntiVir Desktop\avguard.exe (ID: 1620 |ParentID: 572) Stoppé! C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (ID: 2232 |ParentID: 340) Stoppé! C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (ID: 2720 |ParentID: 1620) Stoppé! C:\Windows\System32\WUDFHost.exe (ID: 4144 |ParentID: 880) Stoppé! C:\Windows\System32\rundll32.exe (ID: 3520 |ParentID: 704) Stoppé! C:\Windows\system32\SearchIndexer.exe (ID: 5124 |ParentID: 572) Stoppé! C:\Program Files\Windows Media Player\wmpnetwk.exe (ID: 4788 |ParentID: 572) Stoppé! C:\Program Files\Mozilla Firefox\firefox.exe (ID: 5984 |ParentID: 4888) Stoppé! C:\Windows\System32\spoolsv.exe (ID: 4024 |ParentID: 572) Stoppé! C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (ID: 4724 |ParentID: 572) Stoppé! C:\Windows\system32\taskeng.exe (ID: 4720 |ParentID: 948) Stoppé! C:\Program Files\Mozilla Firefox\plugin-container.exe (ID: 5128 |ParentID: 5984) Stoppé! C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe (ID: 3784 |ParentID: 5128) Stoppé! C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe (ID: 3056 |ParentID: 3784) Stoppé! C:\Windows\system32\SearchProtocolHost.exe (ID: 4988 |ParentID: 5124) Stoppé! C:\Windows\system32\DllHost.exe (ID: 3840 |ParentID: 704) ################## | Regedit Run | 04 - HKLM\..\Run : [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s 04 - HKLM\..\Run : [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min 04 - HKLM\..\Run : [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" 04 - HKLM\..\RunOnce : [] 04 - HKU\S-1-5-19\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun 04 - HKU\S-1-5-20\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun 04 - HKU\S-1-5-21-3571767376-2067710717-1601891808-1001\..\Run : [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun 04 - HKU\S-1-5-19\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe 04 - HKU\S-1-5-20\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe ################## | Recherche générique | Supprimé! C:\Users\taake\AppData\Local\Temp\avgnt.exe (!) Fichiers temporaires supprimés. ################## | Registre | Supprimé! HKU\S-1-5-21-3571767376-2067710717-1601891808-1001\Software\.\.\.\.\Mountpoints2\{0a365348-8bda-11e2-a12a-806e6f6e6963} Supprimé! HKU\S-1-5-21-3571767376-2067710717-1601891808-1001\Software\.\.\.\.\Mountpoints2\{a85ffd24-5e7e-11e3-a4f9-001377f373a2} Supprimé! HKU\S-1-5-21-3571767376-2067710717-1601891808-1001\Software\.\.\.\.\Mountpoints2\{d0f10271-2a9b-11e3-9039-001377f373a2} ################## | Listing | [24/05/2013 - 01:20:15 | SHD] - C:\$Recycle.Bin [09/01/2014 - 01:50:28 | D] - C:\AdwCleaner [10/06/2009 - 21:42:20 | A | 0 Ko] - C:\autoexec.bat [10/06/2009 - 21:42:20 | N | 0 Ko] - C:\config.sys [14/07/2009 - 04:53:55 | SHD] - C:\Documents and Settings [09/01/2014 - 12:38:46 | ASH | 2355156 Ko] - C:\hiberfil.sys [09/01/2014 - 12:38:51 | ASH | 3140212 Ko] - C:\pagefile.sys [14/07/2009 - 02:37:05 | D] - C:\PerfLogs [09/01/2014 - 12:51:05 | N | 1 Ko] - C:\PhysicalDisk0_MBR.bin [09/01/2014 - 12:45:43 | D] - C:\Program Files [09/01/2014 - 02:09:21 | HD] - C:\ProgramData [13/03/2013 - 12:41:43 | SHD] - C:\Recovery [07/01/2014 - 01:24:35 | SHD] - C:\System Volume Information [09/01/2014 - 15:29:55 | D] - C:\UsbFix [09/01/2014 - 15:30:49 | A | 5 Ko | 8D96DAF2BBE6BF7F5C5A96078979890E] - C:\UsbFix [Clean 1] TAAKE-PC.txt [09/01/2014 - 15:28:04 | N | 5 Ko | 8CAE18535668BAC44D331755DD6A233A] - C:\UsbFix [Scan 1] TAAKE-PC.txt [13/03/2013 - 12:41:54 | D] - C:\Users [09/01/2014 - 03:33:37 | D] - C:\Windows [13/03/2013 - 12:42:04 | SHD] - D:\$RECYCLE.BIN [09/01/2014 - 15:28:04 | RASHD] - D:\Autorun.inf [13/03/2013 - 14:26:28 | | 466 Ko] - D:\BLRGH [13/03/2013 - 12:31:41 | SHD] - D:\Boot [20/11/2010 - 03:40:08 | RASH | 375 Ko] - D:\bootmgr [13/03/2013 - 12:31:41 | N | 8 Ko] - D:\BOOTSECT.BAK [13/03/2013 - 12:33:07 | SHD] - D:\System Volume Information [01/08/2008 - 00:00:30 | D] - G:\BUDA [09/01/2014 - 01:26:50 | AH | 4 Ko] - G:\._.Trashes [09/01/2014 - 01:26:50 | HD] - G:\.Trashes [09/01/2014 - 01:26:50 | HD] - G:\.fseventsd [09/01/2014 - 01:26:52 | HD] - G:\.Spotlight-V100 [05/01/2014 - 16:02:28 | N | 357130 Ko] - G:\Dead4.08..PROPER.zone-telechargement.com.avi [05/01/2014 - 17:56:04 | N | 357467 Ko] - G:\Dead4.07..PROPER.zone-telechargement.com.avi [05/01/2014 - 17:52:36 | N | 357253 Ko] - G:\Dead4.06..PROPER.zone-telechargement.com.avi [09/01/2014 - 15:28:06 | RASHD] - G:\Autorun.inf ################## | Vaccin | D:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido) G:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido) ################## | E.O.F | http://www.usbfix.net - http://www.sosvirus.net |