Publicité
Publicité
Format du document : text/plain
Prévisualisation
############################## | UsbFix V 7.144 | [Suppression]
Utilisateur: DBDesign (Administrateur) # PC-DE-DANNY
Mis � jour le 08/10/2013 par El Desaparecido - Team SosVirus
Lanc� � 22:25:06 | 17/10/2013
Site Web: http://www.usbfix.net/
Forum : http://www.sosvirus.net/
Upload Malware: http://www.sosvirus.net/upload_malware.php
Contact: http://www.usbfix.net/contact/
PC: ASUSTeK Computer INC. (M4A87TD EVO)
CPU: AMD Phenom(tm) II X6 1055T Processor
RAM -> [Total : 8190 | Free : 7014]
Bios: American Megatrends Inc.
Boot: Fail-safe boot
OS: Microsoft Windows 8 Professionnel (6.2.9200 64-Bit) #
WB: Windows Internet Explorer 10.0.9200.16721
SC: Security Center Service [Enabled]
WU: Windows Update Service [(!) Disabled]
AV: AVG Internet Security 2013 [Enabled | Updated]
FW: Windows FireWall Service [(!) Disabled]
C:\ (%systemdrive%) -> Disque fixe # 293 Go (155 Go libre(s) - 53%) [] # NTFS
D:\ -> Disque fixe # 466 Go (211 Go libre(s) - 45%) [TOSHIBA EXT] # NTFS
E:\ -> Disque fixe # 639 Go (94 Go libre(s) - 15%) [] # NTFS
F:\ -> Disque fixe # 932 Go (220 Go libre(s) - 24%) [Elements] # NTFS
G:\ -> CD-ROM
################## | Regedit Run |
HKLM\SOFTWARE | Run : [AVG_UI] - "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
HKLM\SOFTWARE | Run : [Adobe ARM] - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
HKLM\SOFTWARE | Run : [APSDaemon] - "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
HKLM\SOFTWARE | Run : [iTunesHelper] - "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
HKLM\SOFTWARE | Run : [JMB36X IDE Setup] - C:\Windows\RaidTool\xInsIDE.exe
HKLM\SOFTWARE | Run : [Wondershare Helper Compact] - "C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe"
HKLM\SOFTWARE | Run : [LogMeIn Hamachi Ui] - "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
HKLM\SOFTWARE | Run : [StartCCC] - "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
HKLM\SOFTWARE\wow6432Node | Run : [AVG_UI] - "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
HKLM\SOFTWARE\wow6432Node | Run : [Adobe ARM] - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
HKLM\SOFTWARE\wow6432Node | Run : [APSDaemon] - "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
HKLM\SOFTWARE\wow6432Node | Run : [iTunesHelper] - "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
HKLM\SOFTWARE\wow6432Node | Run : [JMB36X IDE Setup] - C:\Windows\RaidTool\xInsIDE.exe
HKLM\SOFTWARE\wow6432Node | Run : [Wondershare Helper Compact] - "C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe"
HKLM\SOFTWARE\wow6432Node | Run : [LogMeIn Hamachi Ui] - "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
HKLM\SOFTWARE\wow6432Node | Run : [StartCCC] - "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
HKLM\SOFTWARE | RunOnce : [] -
HKLM\SOFTWARE\wow6432Node | RunOnce : [] -
HKU\S-1-5-21-109731523-2391859423-767708429-1001\SOFTWARE | Run : [Skype] - "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
HKU\S-1-5-21-109731523-2391859423-767708429-1001\SOFTWARE | Run : [AtiDriverStart] - C:\Users\DBDesign\AppData\Local\ATI Technologies\atidxx.exe
################## | Processus Stopp�s |
Stopp�! C:\Windows\system32\ctfmon.exe (ID 808 |ParentID 368)
Stopp�! C:\Windows\system32\DllHost.exe (ID 1140 |ParentID 652)
Stopp�! C:\Windows\system32\DllHost.exe (ID 1688 |ParentID 652)
################## | �l�ments infectieux |
Utilisateur: DBDesign (Administrateur) # PC-DE-DANNY
Mis � jour le 08/10/2013 par El Desaparecido - Team SosVirus
Lanc� � 22:25:06 | 17/10/2013
Site Web: http://www.usbfix.net/
Forum : http://www.sosvirus.net/
Upload Malware: http://www.sosvirus.net/upload_malware.php
Contact: http://www.usbfix.net/contact/
PC: ASUSTeK Computer INC. (M4A87TD EVO)
CPU: AMD Phenom(tm) II X6 1055T Processor
RAM -> [Total : 8190 | Free : 7014]
Bios: American Megatrends Inc.
Boot: Fail-safe boot
OS: Microsoft Windows 8 Professionnel (6.2.9200 64-Bit) #
WB: Windows Internet Explorer 10.0.9200.16721
SC: Security Center Service [Enabled]
WU: Windows Update Service [(!) Disabled]
AV: AVG Internet Security 2013 [Enabled | Updated]
FW: Windows FireWall Service [(!) Disabled]
C:\ (%systemdrive%) -> Disque fixe # 293 Go (155 Go libre(s) - 53%) [] # NTFS
D:\ -> Disque fixe # 466 Go (211 Go libre(s) - 45%) [TOSHIBA EXT] # NTFS
E:\ -> Disque fixe # 639 Go (94 Go libre(s) - 15%) [] # NTFS
F:\ -> Disque fixe # 932 Go (220 Go libre(s) - 24%) [Elements] # NTFS
G:\ -> CD-ROM
################## | Regedit Run |
HKLM\SOFTWARE | Run : [AVG_UI] - "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
HKLM\SOFTWARE | Run : [Adobe ARM] - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
HKLM\SOFTWARE | Run : [APSDaemon] - "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
HKLM\SOFTWARE | Run : [iTunesHelper] - "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
HKLM\SOFTWARE | Run : [JMB36X IDE Setup] - C:\Windows\RaidTool\xInsIDE.exe
HKLM\SOFTWARE | Run : [Wondershare Helper Compact] - "C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe"
HKLM\SOFTWARE | Run : [LogMeIn Hamachi Ui] - "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
HKLM\SOFTWARE | Run : [StartCCC] - "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
HKLM\SOFTWARE\wow6432Node | Run : [AVG_UI] - "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
HKLM\SOFTWARE\wow6432Node | Run : [Adobe ARM] - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
HKLM\SOFTWARE\wow6432Node | Run : [APSDaemon] - "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
HKLM\SOFTWARE\wow6432Node | Run : [iTunesHelper] - "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
HKLM\SOFTWARE\wow6432Node | Run : [JMB36X IDE Setup] - C:\Windows\RaidTool\xInsIDE.exe
HKLM\SOFTWARE\wow6432Node | Run : [Wondershare Helper Compact] - "C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe"
HKLM\SOFTWARE\wow6432Node | Run : [LogMeIn Hamachi Ui] - "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
HKLM\SOFTWARE\wow6432Node | Run : [StartCCC] - "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
HKLM\SOFTWARE | RunOnce : [] -
HKLM\SOFTWARE\wow6432Node | RunOnce : [] -
HKU\S-1-5-21-109731523-2391859423-767708429-1001\SOFTWARE | Run : [Skype] - "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
HKU\S-1-5-21-109731523-2391859423-767708429-1001\SOFTWARE | Run : [AtiDriverStart] - C:\Users\DBDesign\AppData\Local\ATI Technologies\atidxx.exe
################## | Processus Stopp�s |
Stopp�! C:\Windows\system32\ctfmon.exe (ID 808 |ParentID 368)
Stopp�! C:\Windows\system32\DllHost.exe (ID 1140 |ParentID 652)
Stopp�! C:\Windows\system32\DllHost.exe (ID 1688 |ParentID 652)
################## | �l�ments infectieux |