############################## | UsbFix V 7.161 | [Suppression] Utilisateur: Pierre (Administrateur) # PC-PIERRE Mis à jour le 15/01/2014 par El Desaparecido - Team SosVirus Lancé à 21:33:35 | 19/01/2014 Site Web : http://www.usbfix.net Changelog : http://www.usbfix.net/maj/ Support : http://www.sosvirus.net/ Upload Malware : http://www.sosvirus.net/upload_malware.php Contact : http://www.usbfix.net/contact/ PC: ASUSTeK COMPUTER INC. (X301A1) CPU: Intel(R) Celeron(R) CPU B830 @ 1.80GHz RAM -> [Total : 3980 Mo| Free : 1700 Mo] Bios: American Megatrends Inc. Boot: Normal boot OS: Microsoft Windows 8 (6.2.9200 64-Bit) WB: Windows Internet Explorer : 10.0.9200.16750 WB: Google Chrome : 31.0.1650.63 SC: Security Center Service [Enabled] WU: Windows Update Service [(!) Disabled] AS: Windows Defender : 4.3.0215.0 FW: Windows FireWall Service [Enabled] C:\ (%systemdrive%) -> Disque fixe # 186 Go (118 Go libre(s) - 63%) [OS] # NTFS D:\ -> Disque fixe # 258 Go (214 Go libre(s) - 83%) [Data] # NTFS E:\ -> Disque amovible # 7 Go (5 Go libre(s) - 70%) [KINGSTON] # FAT32 F:\ -> Disque amovible # 2 Go (814 Mo libre(s) - 42%) [PIERRE FAC] # FAT ################## | Processus Stoppés | Stoppé! C:\Windows\Explorer.EXE (ID: 2080 |ParentID: 1364) Stoppé! C:\windows\system32\mfevtps.exe (ID: 2448 |ParentID: 764) Stoppé! C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe (ID: 2900 |ParentID: 764) Stoppé! C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe (ID: 3012 |ParentID: 764) Stoppé! C:\Program Files\Intel\iCLS Client\HeciServer.exe (ID: 6256 |ParentID: 764) Stoppé! C:\Windows\System32\spoolsv.exe (ID: 6688 |ParentID: 764) Stoppé! C:\Program Files\AVAST Software\Avast\AvastSvc.exe (ID: 6696 |ParentID: 764) Stoppé! C:\Program Files (x86)\Jump Flip\updateJumpFlip.exe (ID: 6952 |ParentID: 764) Stoppé! C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (ID: 4880 |ParentID: 764) Stoppé! C:\Windows\system32\SearchIndexer.exe (ID: 5292 |ParentID: 764) Stoppé! C:\Program Files\Windows Media Player\wmpnetwk.exe (ID: 2620 |ParentID: 764) Stoppé! C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (ID: 1296 |ParentID: 764) Stoppé! C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (ID: 4780 |ParentID: 764) Stoppé! c:\PROGRA~1\mcafee.com\agent\mcagent.exe (ID: 4356 |ParentID: 872) Stoppé! C:\Windows\system32\DllHost.exe (ID: 1936 |ParentID: 872) Stoppé! C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 5220 |ParentID: 1768) Stoppé! C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 504 |ParentID: 5220) Stoppé! C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 4864 |ParentID: 5220) Stoppé! C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 2332 |ParentID: 5220) Stoppé! C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 3388 |ParentID: 5220) Stoppé! C:\Program Files (x86)\Jump Flip\bin\utilJumpFlip.exe (ID: 1444 |ParentID: 764) Stoppé! C:\Windows\System32\WUDFHost.exe (ID: 4748 |ParentID: 1044) Stoppé! C:\Windows\system32\srtasks.exe (ID: 6944 |ParentID: 628) Stoppé! C:\Windows\system32\conhost.exe (ID: 1408 |ParentID: 6944) Stoppé! C:\Windows\system32\msiexec.exe (ID: 5656 |ParentID: 764) Stoppé! C:\Windows\system32\mcbuilder.exe (ID: 204 |ParentID: 1492) Stoppé! C:\Windows\system32\conhost.exe (ID: 5144 |ParentID: 204) Stoppé! C:\Windows\servicing\TrustedInstaller.exe (ID: 2960 |ParentID: 764) Stoppé! C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.2.9200.16683_none_62280e15510f8e79\TiWorker.exe (ID: 7140 |ParentID: 872) Stoppé! C:\Windows\syswow64\wwahost.exe (ID: 428 |ParentID: 872) Stoppé! C:\Windows\System32\RuntimeBroker.exe (ID: 2916 |ParentID: 872) Stoppé! C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 3924 |ParentID: 5220) Stoppé! C:\Windows\system32\taskeng.exe (ID: 3856 |ParentID: 628) Stoppé! C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe (ID: 4824 |ParentID: 4832) Stoppé! C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe (ID: 1600 |ParentID: 4832) Stoppé! C:\Windows\system32\SearchProtocolHost.exe (ID: 2888 |ParentID: 5292) Stoppé! C:\Windows\system32\SearchFilterHost.exe (ID: 5524 |ParentID: 5292) ################## | Regedit Run | 04 - HKLM\..\Run : [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" 04 - HKLM\..\Run : [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" 04 - HKLM\..\Run : [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey 04 - HKLM\..\Run : [ASUSWebStorage] C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\AsusWSPanel.exe /S 04 - HKLM\..\Run : [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" 04 - HKLM\..\Run : [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" 04 - HKLM\..\Run : [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot 04 - HKLM\..\Run : [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" 04 - HKLM\..\Run : [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui 04 - HKLM64\..\Run : [IgfxTray] C:\Windows\system32\igfxtray.exe 04 - HKLM64\..\Run : [HotKeysCmds] C:\Windows\system32\hkcmd.exe 04 - HKLM64\..\Run : [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s 04 - HKLM64\..\Run : [ACMON] C:\Program Files (x86)\ASUS\Splendid\ACMON.exe 04 - HKU\S-1-5-21-1162314527-2462212731-4218715079-1001\..\Run : [Documentation] wscript.exe //B "C:\Users\Pierre\AppData\Local\Temp\Documentation.vbs" ################## | Recherche générique | Supprimé! C:\Users\Pierre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Documentation.vbs Supprimé! E:\Documentation.vbs Supprimé! F:\Documentation.vbs Supprimé! C:\Users\Pierre\AppData\Local\Temp\Documentation.vbs Supprimé! E:\VTS_01_3.lnk Supprimé! E:\_disk_id.lnk Supprimé! E:\~WRL0340.lnk Supprimé! E:\Default.lnk Supprimé! E:\Desktop.lnk Supprimé! E:\VTS_01_1.lnk Supprimé! E:\VTS_01_2.lnk Supprimé! E:\Le quartier Flaubert Dossier Complet.lnk Supprimé! E:\FOUND.000.lnk Supprimé! F:\DSCF1074.lnk Supprimé! F:\MOV_0128.lnk Supprimé! F:\EDF.lnk Supprimé! F:\.lnk Supprimé! F:\fiche d'information 2013-2014 dossier hors-délais (2).lnk Supprimé! F:\aménagement 23.lnk Supprimé! F:\Aménagement 30.lnk Supprimé! F:\Aménagement 04.lnk Supprimé! F:\dossier version papier hors délais 13-14 (1).lnk Supprimé! F:\Aménagement 07.lnk Supprimé! F:\Aménagement 14.lnk Supprimé! F:\Aménagement 16.lnk Supprimé! F:\1482184_10202745670343339_2050914592_n.lnk Supprimé! F:\Lettre Motivation_VITARD Pierre.lnk Supprimé! F:\South parkSaisons.lnk Supprimé! F:\.Trashes.lnk Supprimé! F:\.fseventsd.lnk Supprimé! F:\.Spotlight-V100.lnk Supprimé! F:\.TemporaryItems.lnk Supprimé! F:\GEO.lnk Supprimé! F:\Julie.lnk Supprimé! F:\Programmes.lnk Supprimé! F:\System Volume Information.lnk (!) Fichiers temporaires supprimés. ################## | Registre | Supprimé! HKU\S-1-5-21-1162314527-2462212731-4218715079-1001\Software\Microsoft\Windows\CurrentVersion\Run|Documentation Supprimé! HKU\S-1-5-21-1162314527-2462212731-4218715079-1001\Software\.\.\.\.\Mountpoints2\{0d829989-b481-11e2-be81-3085a97e2247} ################## | Listing | [26/05/2013 - 18:32:37 | SHD] - C:\$Recycle.Bin [25/09/2012 - 01:40:34 | D] - C:\AsusVibeData [17/08/2012 - 10:42:50 | SHD] - C:\Boot [26/07/2012 - 04:44:30 | RASH | 389 Ko] - C:\bootmgr [02/06/2012 - 15:30:55 | N | 0 Ko] - C:\BOOTNXT [26/07/2012 - 08:22:08 | SHD] - C:\Documents and Settings [25/09/2012 - 01:40:14 | D] - C:\eSupport [19/01/2014 - 19:43:25 | ASH | 3260268 Ko] - C:\hiberfil.sys [25/09/2012 - 01:24:21 | D] - C:\Intel [30/09/2013 - 07:55:21 | RHD] - C:\MSOCache [19/01/2014 - 19:43:25 | ASH | 786432 Ko] - C:\pagefile.sys [26/07/2012 - 08:33:46 | D] - C:\PerfLogs [30/09/2013 - 07:57:47 | D] - C:\Program Files [19/01/2014 - 19:55:24 | D] - C:\Program Files (x86) [04/12/2013 - 21:12:01 | HD] - C:\ProgramData [22/04/2013 - 14:21:55 | D] - C:\sources [19/01/2014 - 19:43:25 | ASH | 262144 Ko] - C:\swapfile.sys [19/01/2014 - 21:18:39 | SHD] - C:\System Volume Information [19/01/2014 - 21:33:40 | D] - C:\UsbFix [19/01/2014 - 21:39:51 | A | 8 Ko | FB0DE129ED5154C9637BE2E124FD9170] - C:\UsbFix [Clean 1] PC-PIERRE.txt [19/01/2014 - 19:35:33 | N | 12 Ko | BC433BCA29B12FE196EFE6435D39C32E] - C:\UsbFix [Scan 2] PC-PIERRE.txt [19/01/2014 - 20:19:57 | N | 11 Ko | 60A53E7F87174522D90CA875329C5AF4] - C:\UsbFix [Scan 3] PC-PIERRE.txt [14/04/2013 - 22:25:24 | D] - C:\Users [13/12/2013 - 22:39:35 | D] - C:\Windows [20/08/2012 - 14:50:18 | N | 6146 Ko] - C:\X301A.BIN [20/08/2012 - 14:50:38 | N | 6146 Ko] - C:\X301A1.BIN [20/08/2012 - 14:30:48 | N | 6146 Ko] - C:\X401A.BIN [20/08/2012 - 14:48:18 | N | 6146 Ko] - C:\X401A1.BIN [20/08/2012 - 13:47:06 | N | 6146 Ko] - C:\X501A.BIN [20/08/2012 - 13:52:30 | N | 6146 Ko] - C:\X501A1.BIN [19/02/2013 - 03:42:59 | SHD] - D:\$RECYCLE.BIN [23/03/2013 - 03:39:36 | N | 3024 Ko] - D:\David Bowie Sound and Vision - YouTube.m4a [27/08/2013 - 12:16:52 | D] - D:\Films [13/04/2013 - 04:05:06 | D] - D:\Images [27/02/2013 - 17:58:57 | D] - D:\Julie [02/03/2013 - 00:15:58 | N | 69221 Ko] - D:\Macklemore x Ryan Lewis - The Heist - FULL ALBUM - YouTube.m4a [25/02/2013 - 02:58:17 | D] - D:\Musique [25/09/2012 - 01:20:00 | SHD] - D:\System Volume Information [12/01/2014 - 13:11:12 | D] - E:\FOUND.000 [01/01/2007 - 00:00:00 | N | 156256 Ko] - E:\VTS_01_3.VOB [15/12/2012 - 08:53:32 | N | 0 Ko] - E:\_disk_id.pod [25/03/2011 - 14:38:52 | N | 302 Ko] - E:\~WRL0340.tmp [16/03/2009 - 16:27:28 | N | 0 Ko] - E:\Default.rdp [18/08/2011 - 21:47:48 | SH | 0 Ko] - E:\Desktop.ini [01/01/2007 - 00:00:00 | N | 1040384 Ko] - E:\VTS_01_1.VOB [01/01/2007 - 00:00:00 | N | 1040384 Ko] - E:\VTS_01_2.VOB [10/01/2014 - 20:17:30 | N | 14861 Ko] - E:\Le quartier Flaubert Dossier Complet.docx [15/12/2012 - 19:00:10 | SH | 4 Ko] - F:\._.Trashes [15/12/2012 - 19:00:10 | SHD] - F:\.Trashes [15/12/2012 - 19:00:10 | SHD] - F:\.fseventsd [15/12/2012 - 19:00:12 | SHD] - F:\.Spotlight-V100 [27/09/2013 - 19:47:34 | N | 67 Ko] - F:\fiche d'information 2013-2014 dossier hors-délais (2).doc [05/10/2013 - 15:35:52 | N | 16 Ko] - F:\aménagement 23.09 i.docx [28/10/2013 - 15:13:36 | N | 13 Ko] - F:\Aménagement 28.10.docx [05/10/2013 - 15:35:38 | N | 18 Ko] - F:\Aménagement 30.09 i.docx [09/12/2013 - 13:42:12 | SHD] - F:\.TemporaryItems [09/12/2013 - 13:42:12 | SH | 4 Ko] - F:\._.TemporaryItems [04/11/2013 - 15:17:04 | N | 12 Ko] - F:\Aménagement 04.11.docx [09/12/2013 - 13:42:12 | N | 66 Ko] - F:\dossier version papier hors délais 13-14 (1).doc [09/12/2013 - 13:42:14 | N | 4 Ko] - F:\._dossier version papier hors délais 13-14 (1).doc [21/10/2013 - 11:36:58 | N | 19 Ko] - F:\Aménagement 07.10 i.docx [21/10/2013 - 11:53:40 | N | 19 Ko] - F:\Aménagement 14.10 i.docx [05/10/2013 - 15:09:26 | N | 15 Ko] - F:\Aménagement 16.09 i.docx [02/01/2014 - 14:20:32 | N | 62 Ko] - F:\1482184_10202745670343339_2050914592_n.jpg [09/01/2014 - 11:10:24 | N | 4 Ko] - F:\._1482184_10202745670343339_2050914592_n.jpg [19/01/2014 - 20:12:32 | N | 0 Ko] - F:\Aménagement 28.lnk [09/11/2012 - 20:15:08 | D] - F:\GEO [05/11/2012 - 21:01:56 | D] - F:\Julie [14/11/2012 - 14:59:14 | D] - F:\Programmes [10/12/2012 - 18:27:02 | N | 11 Ko] - F:\Lettre Motivation_VITARD Pierre.docx [13/01/2013 - 21:46:04 | N | 1360 Ko] - F:\South parkSaisons.docx [17/01/2011 - 21:32:04 | N | 352216 Ko] - F:\DSCF1074.AVI [04/03/2012 - 17:06:00 | N | 9096 Ko] - F:\MOV_0128.mp4 [14/11/2013 - 09:14:14 | SHD] - F:\System Volume Information [15/11/2013 - 08:46:26 | N | 16 Ko] - F:\EDF.PNG ################## | Vaccin | D:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido) E:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido) F:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido) ################## | E.O.F | http://www.usbfix.net - http://www.sosvirus.net |