Publicité
Publicité
Format du document : text/plain
Prévisualisation
############################## | UsbFix V 7.159 | [Suppression]
Utilisateur: taake (Administrateur) # TAAKE-PC
Mis � jour le 06/01/2014 par El Desaparecido - Team SosVirus
Lanc� � 15:29:53 | 09/01/2014
Site Web : http://www.usbfix.net
Changelog : http://www.usbfix.net/maj/
Support : http://www.sosvirus.net/
Upload Malware : http://www.sosvirus.net/upload_malware.php
Contact : http://www.usbfix.net/contact/
PC: SAMSUNG ELECTRONICS CO., LTD. (R610 )
CPU: Intel(R) Core(TM)2 Duo CPU T6400 @ 2.00GHz
RAM -> [Total : 3067 Mo| Free : 2105 Mo]
Bios: Phoenix Technologies Ltd.
Boot: Normal boot
OS: Microsoft Windows�7 �dition Int�grale (6.1.7601 32-Bit) Service Pack 1
WB: Windows Internet Explorer : 11.0.9600.16476
WB: Google Chrome : 31.0.1650.63
WB: Mozilla Firefox : 26.0
SC: Security Center Service [Enabled]
WU: Windows Update Service [Enabled]
AS: Windows Defender : 6.1.7600.16385 (win7_rtm.090713-1255)
AS: Malwarebytes' Anti-Malware : 1.75.0001
FW: Windows FireWall Service [Enabled]
C:\ (%systemdrive%) -> Disque fixe # 233 Go (161 Go libre(s) - 69%) [] # NTFS
D:\ -> Disque fixe # 100 Mo (71 Mo libre(s) - 71%) [R�serv� au syst�me] # NTFS
E:\ -> CD-ROM
F:\ -> CD-ROM
G:\ -> Disque amovible # 2 Go (862 Mo libre(s) - 45%) [] # FAT
################## | Processus Stopp�s |
Stopp�! C:\Program Files\Avira\AntiVir Desktop\sched.exe (ID: 1444 |ParentID: 572)
Stopp�! C:\Program Files\Avira\AntiVir Desktop\avguard.exe (ID: 1620 |ParentID: 572)
Stopp�! C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (ID: 2232 |ParentID: 340)
Stopp�! C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (ID: 2720 |ParentID: 1620)
Stopp�! C:\Windows\System32\WUDFHost.exe (ID: 4144 |ParentID: 880)
Stopp�! C:\Windows\System32\rundll32.exe (ID: 3520 |ParentID: 704)
Stopp�! C:\Windows\system32\SearchIndexer.exe (ID: 5124 |ParentID: 572)
Stopp�! C:\Program Files\Windows Media Player\wmpnetwk.exe (ID: 4788 |ParentID: 572)
Stopp�! C:\Program Files\Mozilla Firefox\firefox.exe (ID: 5984 |ParentID: 4888)
Stopp�! C:\Windows\System32\spoolsv.exe (ID: 4024 |ParentID: 572)
Stopp�! C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (ID: 4724 |ParentID: 572)
Stopp�! C:\Windows\system32\taskeng.exe (ID: 4720 |ParentID: 948)
Stopp�! C:\Program Files\Mozilla Firefox\plugin-container.exe (ID: 5128 |ParentID: 5984)
Stopp�! C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe (ID: 3784 |ParentID: 5128)
Stopp�! C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe (ID: 3056 |ParentID: 3784)
Stopp�! C:\Windows\system32\SearchProtocolHost.exe (ID: 4988 |ParentID: 5124)
Stopp�! C:\Windows\system32\DllHost.exe (ID: 3840 |ParentID: 704)
################## | Regedit Run |
04 - HKLM\..\Run : [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
04 - HKLM\..\Run : [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
04 - HKLM\..\Run : [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
04 - HKLM\..\RunOnce : []
04 - HKU\S-1-5-19\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-20\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-21-3571767376-2067710717-1601891808-1001\..\Run : [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
04 - HKU\S-1-5-19\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-20\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
################## | Recherche g�n�rique |
Supprim�! C:\Users\taake\AppData\Local\Temp\avgnt.exe
(!) Fichiers temporaires supprim�s.
################## | Registre |
Supprim�! HKU\S-1-5-21-3571767376-2067710717-1601891808-1001\Software\.\.\.\.\Mountpoints2\{0a365348-8bda-11e2-a12a-806e6f6e6963}
Supprim�! HKU\S-1-5-21-3571767376-2067710717-1601891808-1001\Software\.\.\.\.\Mountpoints2\{a85ffd24-5e7e-11e3-a4f9-001377f373a2}
Supprim�! HKU\S-1-5-21-3571767376-2067710717-1601891808-1001\Software\.\.\.\.\Mountpoints2\{d0f10271-2a9b-11e3-9039-001377f373a2}
################## | Listing |
[24/05/2013 - 01:20:15 | SHD] - C:\$Recycle.Bin
[09/01/2014 - 01:50:28 | D] - C:\AdwCleaner
[10/06/2009 - 21:42:20 | A | 0 Ko] - C:\autoexec.bat
[10/06/2009 - 21:42:20 | N | 0 Ko] - C:\config.sys
[14/07/2009 - 04:53:55 | SHD] - C:\Documents and Settings
[09/01/2014 - 12:38:46 | ASH | 2355156 Ko] - C:\hiberfil.sys
[09/01/2014 - 12:38:51 | ASH | 3140212 Ko] - C:\pagefile.sys
[14/07/2009 - 02:37:05 | D] - C:\PerfLogs
[09/01/2014 - 12:51:05 | N | 1 Ko] - C:\PhysicalDisk0_MBR.bin
[09/01/2014 - 12:45:43 | D] - C:\Program Files
[09/01/2014 - 02:09:21 | HD] - C:\ProgramData
[13/03/2013 - 12:41:43 | SHD] - C:\Recovery
[07/01/2014 - 01:24:35 | SHD] - C:\System Volume Information
[09/01/2014 - 15:29:55 | D] - C:\UsbFix
[09/01/2014 - 15:30:49 | A | 5 Ko | 8D96DAF2BBE6BF7F5C5A96078979890E] - C:\UsbFix [Clean 1] TAAKE-PC.txt
[09/01/2014 - 15:28:04 | N | 5 Ko | 8CAE18535668BAC44D331755DD6A233A] - C:\UsbFix [Scan 1] TAAKE-PC.txt
[13/03/2013 - 12:41:54 | D] - C:\Users
[09/01/2014 - 03:33:37 | D] - C:\Windows
[13/03/2013 - 12:42:04 | SHD] - D:\$RECYCLE.BIN
[09/01/2014 - 15:28:04 | RASHD] - D:\Autorun.inf
[13/03/2013 - 14:26:28 | | 466 Ko] - D:\BLRGH
[13/03/2013 - 12:31:41 | SHD] - D:\Boot
[20/11/2010 - 03:40:08 | RASH | 375 Ko] - D:\bootmgr
[13/03/2013 - 12:31:41 | N | 8 Ko] - D:\BOOTSECT.BAK
[13/03/2013 - 12:33:07 | SHD] - D:\System Volume Information
[01/08/2008 - 00:00:30 | D] - G:\BUDA
[09/01/2014 - 01:26:50 | AH | 4 Ko] - G:\._.Trashes
[09/01/2014 - 01:26:50 | HD] - G:\.Trashes
[09/01/2014 - 01:26:50 | HD] - G:\.fseventsd
[09/01/2014 - 01:26:52 | HD] - G:\.Spotlight-V100
[05/01/2014 - 16:02:28 | N | 357130 Ko] - G:\Dead4.08..PROPER.zone-telechargement.com.avi
[05/01/2014 - 17:56:04 | N | 357467 Ko] - G:\Dead4.07..PROPER.zone-telechargement.com.avi
[05/01/2014 - 17:52:36 | N | 357253 Ko] - G:\Dead4.06..PROPER.zone-telechargement.com.avi
[09/01/2014 - 15:28:06 | RASHD] - G:\Autorun.inf
################## | Vaccin |
D:\Autorun.inf -> Vaccin cr�� par UsbFix (El Desaparecido)
G:\Autorun.inf -> Vaccin cr�� par UsbFix (El Desaparecido)
################## | E.O.F | http://www.usbfix.net - http://www.sosvirus.net |
Utilisateur: taake (Administrateur) # TAAKE-PC
Mis � jour le 06/01/2014 par El Desaparecido - Team SosVirus
Lanc� � 15:29:53 | 09/01/2014
Site Web : http://www.usbfix.net
Changelog : http://www.usbfix.net/maj/
Support : http://www.sosvirus.net/
Upload Malware : http://www.sosvirus.net/upload_malware.php
Contact : http://www.usbfix.net/contact/
PC: SAMSUNG ELECTRONICS CO., LTD. (R610 )
CPU: Intel(R) Core(TM)2 Duo CPU T6400 @ 2.00GHz
RAM -> [Total : 3067 Mo| Free : 2105 Mo]
Bios: Phoenix Technologies Ltd.
Boot: Normal boot
OS: Microsoft Windows�7 �dition Int�grale (6.1.7601 32-Bit) Service Pack 1
WB: Windows Internet Explorer : 11.0.9600.16476
WB: Google Chrome : 31.0.1650.63
WB: Mozilla Firefox : 26.0
SC: Security Center Service [Enabled]
WU: Windows Update Service [Enabled]
AS: Windows Defender : 6.1.7600.16385 (win7_rtm.090713-1255)
AS: Malwarebytes' Anti-Malware : 1.75.0001
FW: Windows FireWall Service [Enabled]
C:\ (%systemdrive%) -> Disque fixe # 233 Go (161 Go libre(s) - 69%) [] # NTFS
D:\ -> Disque fixe # 100 Mo (71 Mo libre(s) - 71%) [R�serv� au syst�me] # NTFS
E:\ -> CD-ROM
F:\ -> CD-ROM
G:\ -> Disque amovible # 2 Go (862 Mo libre(s) - 45%) [] # FAT
################## | Processus Stopp�s |
Stopp�! C:\Program Files\Avira\AntiVir Desktop\sched.exe (ID: 1444 |ParentID: 572)
Stopp�! C:\Program Files\Avira\AntiVir Desktop\avguard.exe (ID: 1620 |ParentID: 572)
Stopp�! C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (ID: 2232 |ParentID: 340)
Stopp�! C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (ID: 2720 |ParentID: 1620)
Stopp�! C:\Windows\System32\WUDFHost.exe (ID: 4144 |ParentID: 880)
Stopp�! C:\Windows\System32\rundll32.exe (ID: 3520 |ParentID: 704)
Stopp�! C:\Windows\system32\SearchIndexer.exe (ID: 5124 |ParentID: 572)
Stopp�! C:\Program Files\Windows Media Player\wmpnetwk.exe (ID: 4788 |ParentID: 572)
Stopp�! C:\Program Files\Mozilla Firefox\firefox.exe (ID: 5984 |ParentID: 4888)
Stopp�! C:\Windows\System32\spoolsv.exe (ID: 4024 |ParentID: 572)
Stopp�! C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (ID: 4724 |ParentID: 572)
Stopp�! C:\Windows\system32\taskeng.exe (ID: 4720 |ParentID: 948)
Stopp�! C:\Program Files\Mozilla Firefox\plugin-container.exe (ID: 5128 |ParentID: 5984)
Stopp�! C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe (ID: 3784 |ParentID: 5128)
Stopp�! C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe (ID: 3056 |ParentID: 3784)
Stopp�! C:\Windows\system32\SearchProtocolHost.exe (ID: 4988 |ParentID: 5124)
Stopp�! C:\Windows\system32\DllHost.exe (ID: 3840 |ParentID: 704)
################## | Regedit Run |
04 - HKLM\..\Run : [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
04 - HKLM\..\Run : [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
04 - HKLM\..\Run : [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
04 - HKLM\..\RunOnce : []
04 - HKU\S-1-5-19\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-20\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-21-3571767376-2067710717-1601891808-1001\..\Run : [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
04 - HKU\S-1-5-19\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-20\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
################## | Recherche g�n�rique |
Supprim�! C:\Users\taake\AppData\Local\Temp\avgnt.exe
(!) Fichiers temporaires supprim�s.
################## | Registre |
Supprim�! HKU\S-1-5-21-3571767376-2067710717-1601891808-1001\Software\.\.\.\.\Mountpoints2\{0a365348-8bda-11e2-a12a-806e6f6e6963}
Supprim�! HKU\S-1-5-21-3571767376-2067710717-1601891808-1001\Software\.\.\.\.\Mountpoints2\{a85ffd24-5e7e-11e3-a4f9-001377f373a2}
Supprim�! HKU\S-1-5-21-3571767376-2067710717-1601891808-1001\Software\.\.\.\.\Mountpoints2\{d0f10271-2a9b-11e3-9039-001377f373a2}
################## | Listing |
[24/05/2013 - 01:20:15 | SHD] - C:\$Recycle.Bin
[09/01/2014 - 01:50:28 | D] - C:\AdwCleaner
[10/06/2009 - 21:42:20 | A | 0 Ko] - C:\autoexec.bat
[10/06/2009 - 21:42:20 | N | 0 Ko] - C:\config.sys
[14/07/2009 - 04:53:55 | SHD] - C:\Documents and Settings
[09/01/2014 - 12:38:46 | ASH | 2355156 Ko] - C:\hiberfil.sys
[09/01/2014 - 12:38:51 | ASH | 3140212 Ko] - C:\pagefile.sys
[14/07/2009 - 02:37:05 | D] - C:\PerfLogs
[09/01/2014 - 12:51:05 | N | 1 Ko] - C:\PhysicalDisk0_MBR.bin
[09/01/2014 - 12:45:43 | D] - C:\Program Files
[09/01/2014 - 02:09:21 | HD] - C:\ProgramData
[13/03/2013 - 12:41:43 | SHD] - C:\Recovery
[07/01/2014 - 01:24:35 | SHD] - C:\System Volume Information
[09/01/2014 - 15:29:55 | D] - C:\UsbFix
[09/01/2014 - 15:30:49 | A | 5 Ko | 8D96DAF2BBE6BF7F5C5A96078979890E] - C:\UsbFix [Clean 1] TAAKE-PC.txt
[09/01/2014 - 15:28:04 | N | 5 Ko | 8CAE18535668BAC44D331755DD6A233A] - C:\UsbFix [Scan 1] TAAKE-PC.txt
[13/03/2013 - 12:41:54 | D] - C:\Users
[09/01/2014 - 03:33:37 | D] - C:\Windows
[13/03/2013 - 12:42:04 | SHD] - D:\$RECYCLE.BIN
[09/01/2014 - 15:28:04 | RASHD] - D:\Autorun.inf
[13/03/2013 - 14:26:28 | | 466 Ko] - D:\BLRGH
[13/03/2013 - 12:31:41 | SHD] - D:\Boot
[20/11/2010 - 03:40:08 | RASH | 375 Ko] - D:\bootmgr
[13/03/2013 - 12:31:41 | N | 8 Ko] - D:\BOOTSECT.BAK
[13/03/2013 - 12:33:07 | SHD] - D:\System Volume Information
[01/08/2008 - 00:00:30 | D] - G:\BUDA
[09/01/2014 - 01:26:50 | AH | 4 Ko] - G:\._.Trashes
[09/01/2014 - 01:26:50 | HD] - G:\.Trashes
[09/01/2014 - 01:26:50 | HD] - G:\.fseventsd
[09/01/2014 - 01:26:52 | HD] - G:\.Spotlight-V100
[05/01/2014 - 16:02:28 | N | 357130 Ko] - G:\Dead4.08..PROPER.zone-telechargement.com.avi
[05/01/2014 - 17:56:04 | N | 357467 Ko] - G:\Dead4.07..PROPER.zone-telechargement.com.avi
[05/01/2014 - 17:52:36 | N | 357253 Ko] - G:\Dead4.06..PROPER.zone-telechargement.com.avi
[09/01/2014 - 15:28:06 | RASHD] - G:\Autorun.inf
################## | Vaccin |
D:\Autorun.inf -> Vaccin cr�� par UsbFix (El Desaparecido)
G:\Autorun.inf -> Vaccin cr�� par UsbFix (El Desaparecido)
################## | E.O.F | http://www.usbfix.net - http://www.sosvirus.net |