Publicité
Publicité
Format du document : text/plain
Prévisualisation
[b]############################## | UsbFix V 7.183 | [Nettoyage][/b]
Utilisateur: Nanana (Administrateur) # NANANA
Mis a jour le 30/09/2014 par El Desaparecido - SosVirus
Lance a 19:40:26 | 14/10/2014
Site Web : [url=http://www.usbfix.net/]http://www.usbfix.net/[/url]
Changelog : [url=http://www.usbfix.net/maj/]http://www.usbfix.net/maj/[/url]
Assistance : [url=http://www.sosvirus.net/forum-virus-securite.html]http://www.sosvirus.net/forum-virus-securite.html[/url]
Upload Malware : [url=http://www.sosvirus.net/upload_malware.php]http://www.sosvirus.net/upload_malware.php[/url]
Detection en Live : [url=http://comment-supprimer.fr/]http://comment-supprimer.fr/[/url]
Contact : [url=http://www.usbfix.net/contact/]http://www.usbfix.net/contact/[/url]
[b]################## | System information |[/b]
MB: Hewlett-Packard (1966)
CPU: Intel(R) Core(TM) i7-4700MQ CPU @ 2.40GHz
GC: Intel(R) HD Graphics 4600
RAM -> [Total : 5916 Mo | Free : 2485 Mo]
Bios: Insyde
Boot: Normal boot
OS: Microsoft�E Windows 8 (6.2.9200 64-Bit)
WB: Internet Explorer : 10.00.9200.16384
WB: Google Chrome : 31.0.1650.63
[b]################## | Security Information |[/b]
AV: Avira Desktop [[b](!) Desactive[/b] |A jour]
AV: Windows Defender [[b](!) Desactive[/b] |A jour]
AS: Avira Desktop [[b](!) Desactive[/b] |A jour]
AS: Windows Defender [[b](!) Desactive[/b] |A jour]
AS: Malwarebytes Anti-Malware : 2.0.2.1012
FW: Windows Firewall [Actif]
SC: Security Center [Actif]
WU: Windows Update [Actif]
[b]################## | Disk Information |[/b]
C:\ (%SystemDrive%) -> Disque fixe # 674 Go (600 Go libre(s) - 89%) [Windows] # NTFS
D:\ -> Disque fixe # 24 Go (2 Go libre(s) - 10%) [RECOVERY] # NTFS
F:\ -> CD-ROM # 6 Go (0 Mo libre(s) - 0%) [Sims3] # UDF
[b]################## | Recherche generique |[/b]
(!) Fichiers temporaires supprimes. (6045.21124267578 MB)
[b]################## | Registre |[/b]
[b]################## | Regedit Run |[/b]
F2 - HKLM\..\Winlogon : [Shell] explorer.exe
F2 - [x64] HKLM\..\Winlogon : [Shell] explorer.exe
F2 - HKLM\..\Winlogon : [Userinit] userinit.exe,
F2 - [x64] HKLM\..\Winlogon : [Userinit] C:\Windows\System32\Userinit.exe,
04 - HKCU\..\Run : [EA Core] "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent
04 - HKCU\..\Run : [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
04 - HKLM\..\Run : [BtTray] "C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe"
04 - HKLM\..\Run : [AccelerometerSysTrayApplet] C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe
04 - HKLM\..\Run : [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
04 - HKLM\..\Run : [HPMessageService] C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
04 - HKLM\..\Run : [HP CoolSense] C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe -byrunkey
04 - HKLM\..\Run : [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
04 - HKLM\..\Run : [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
04 - HKLM\..\Run : [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
04 - HKLM\..\Run : [Avira Systray] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
04 - [x64] HKLM\..\Run : [IgfxTray] C:\Windows\system32\igfxtray.exe
04 - [x64] HKLM\..\Run : [HotKeysCmds] C:\Windows\system32\hkcmd.exe
04 - [x64] HKLM\..\Run : [Persistence] C:\Windows\system32\igfxpers.exe
04 - [x64] HKLM\..\Run : [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
04 - [x64] HKLM\..\Run : [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
04 - HKU\S-1-5-21-4042219225-975936040-2676240510-1002\..\Run : [EA Core] "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent
04 - HKU\S-1-5-21-4042219225-975936040-2676240510-1002\..\Run : [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
[b]################## | UsbFix - Information |[/b]
Info : [url=https://www.youtube.com/watch?v=vUZYYASd7FE]Comment supprimer l'infection des raccourcis sur USB ? (Video)[/url]
Info : [url=http://www.en.usbfix.net/2014/03/remove-shortcut-virus-usb/]L'infection des raccourcis USB, c'est quoi ?[/url]
[b]################## | Hijack |[/b]
[b]################## | C:\ %SystemDrive% - Disque Fixe (NTFS) |[/b]
[14/10/2014 - 19:16:54 | A | 1 Ko] - C:\RstHosts.txt
[10/10/2014 - 21:01:26 | ASH | 4846404 Ko] - C:\hiberfil.sys
[10/10/2014 - 21:01:33 | ASH | 2490368 Ko] - C:\pagefile.sys
[10/10/2014 - 21:01:34 | ASH | 262144 Ko] - C:\swapfile.sys
[30/10/2013 - 13:10:58 | D] - C:\SYSTEM.SAV
[02/10/2014 - 21:17:27 | D] - C:\Config.Msi
[30/10/2013 - 13:11:52 | SHD] - C:\$Recycle.Bin
[11/10/2014 - 12:12:31 | A | 1 Ko] - C:\PhysicalDisk0_MBR.bin
[16/08/2014 - 17:52:12 | A | 0 Ko] - C:\autoexec.bat
[04/08/2012 - 01:21:37 | RASH | 8 Ko] - C:\BOOTSECT.BAK
[02/06/2012 - 16:30:55 | N | 0 Ko] - C:\BOOTNXT
[26/07/2012 - 05:44:30 | RASH | 389 Ko] - C:\bootmgr
[26/07/2012 - 09:22:08 | SHD] - C:\Documents and Settings
[26/07/2012 - 09:33:46 | D] - C:\PerfLogs
[04/08/2012 - 00:39:51 | D] - C:\inetpub
[04/08/2012 - 01:21:36 | SHD] - C:\Boot
[24/05/2013 - 14:31:06 | D] - C:\HP
[23/07/2013 - 01:20:04 | D] - C:\Intel
[23/07/2013 - 12:09:54 | D] - C:\SWSetup
[16/11/2013 - 16:03:01 | D] - C:\Temp
[05/12/2013 - 15:44:48 | RD] - C:\Users
[07/07/2014 - 22:19:52 | D] - C:\GOG Games
[16/08/2014 - 17:51:45 | RD] - C:\Program Files
[12/09/2014 - 18:28:16 | D] - C:\9eca3ec1be1063e1e35aa026798c40
[12/09/2014 - 18:40:15 | D] - C:\sources
[12/09/2014 - 18:45:40 | D] - C:\Windows
[07/10/2014 - 17:24:17 | SHD] - C:\System Volume Information
[10/10/2014 - 21:00:07 | D] - C:\AdwCleaner
[10/10/2014 - 21:20:44 | HD] - C:\ProgramData
[11/10/2014 - 10:25:56 | D] - C:\Program Files (x86)
[14/10/2014 - 19:39:07 | D] - C:\UsbFix
[b]################## | D:\ - Disque Fixe (NTFS) |[/b]
[26/07/2012 - 22:57:10 | N | 1319 Ko] - D:\bootmgr.efi
[30/10/2013 - 13:13:35 | SHD] - D:\$RECYCLE.BIN
[26/07/2012 - 21:44:32 | RASH | 389 Ko] - D:\bootmgr
[23/07/2013 - 13:04:48 | D] - D:\EFI
[23/07/2013 - 13:04:48 | D] - D:\hp
[23/07/2013 - 13:04:48 | RSHD] - D:\boot
[23/07/2013 - 13:04:48 | RSHD] - D:\preload
[23/07/2013 - 13:04:48 | RSD] - D:\recovery
[23/07/2013 - 13:04:48 | D] - D:\RM_Reserve
[02/06/2014 - 18:48:19 | SHD] - D:\System Volume Information
[b]################## | Vaccin |[/b]
C:\Autorun.inf -> Vaccin cree par UsbFix (El Desaparecido)
D:\Autorun.inf -> Vaccin cree par UsbFix (El Desaparecido)
[b]################## | E.O.F | [url=http://www.sosvirus.net/]http://www.sosvirus.net/[/url] | [url=http://www.usbfix.net/]http://www.usbfix.net/[/url] |[/b]
Utilisateur: Nanana (Administrateur) # NANANA
Mis a jour le 30/09/2014 par El Desaparecido - SosVirus
Lance a 19:40:26 | 14/10/2014
Site Web : [url=http://www.usbfix.net/]http://www.usbfix.net/[/url]
Changelog : [url=http://www.usbfix.net/maj/]http://www.usbfix.net/maj/[/url]
Assistance : [url=http://www.sosvirus.net/forum-virus-securite.html]http://www.sosvirus.net/forum-virus-securite.html[/url]
Upload Malware : [url=http://www.sosvirus.net/upload_malware.php]http://www.sosvirus.net/upload_malware.php[/url]
Detection en Live : [url=http://comment-supprimer.fr/]http://comment-supprimer.fr/[/url]
Contact : [url=http://www.usbfix.net/contact/]http://www.usbfix.net/contact/[/url]
[b]################## | System information |[/b]
MB: Hewlett-Packard (1966)
CPU: Intel(R) Core(TM) i7-4700MQ CPU @ 2.40GHz
GC: Intel(R) HD Graphics 4600
RAM -> [Total : 5916 Mo | Free : 2485 Mo]
Bios: Insyde
Boot: Normal boot
OS: Microsoft�E Windows 8 (6.2.9200 64-Bit)
WB: Internet Explorer : 10.00.9200.16384
WB: Google Chrome : 31.0.1650.63
[b]################## | Security Information |[/b]
AV: Avira Desktop [[b](!) Desactive[/b] |A jour]
AV: Windows Defender [[b](!) Desactive[/b] |A jour]
AS: Avira Desktop [[b](!) Desactive[/b] |A jour]
AS: Windows Defender [[b](!) Desactive[/b] |A jour]
AS: Malwarebytes Anti-Malware : 2.0.2.1012
FW: Windows Firewall [Actif]
SC: Security Center [Actif]
WU: Windows Update [Actif]
[b]################## | Disk Information |[/b]
C:\ (%SystemDrive%) -> Disque fixe # 674 Go (600 Go libre(s) - 89%) [Windows] # NTFS
D:\ -> Disque fixe # 24 Go (2 Go libre(s) - 10%) [RECOVERY] # NTFS
F:\ -> CD-ROM # 6 Go (0 Mo libre(s) - 0%) [Sims3] # UDF
[b]################## | Recherche generique |[/b]
(!) Fichiers temporaires supprimes. (6045.21124267578 MB)
[b]################## | Registre |[/b]
[b]################## | Regedit Run |[/b]
F2 - HKLM\..\Winlogon : [Shell] explorer.exe
F2 - [x64] HKLM\..\Winlogon : [Shell] explorer.exe
F2 - HKLM\..\Winlogon : [Userinit] userinit.exe,
F2 - [x64] HKLM\..\Winlogon : [Userinit] C:\Windows\System32\Userinit.exe,
04 - HKCU\..\Run : [EA Core] "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent
04 - HKCU\..\Run : [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
04 - HKLM\..\Run : [BtTray] "C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe"
04 - HKLM\..\Run : [AccelerometerSysTrayApplet] C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe
04 - HKLM\..\Run : [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
04 - HKLM\..\Run : [HPMessageService] C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
04 - HKLM\..\Run : [HP CoolSense] C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe -byrunkey
04 - HKLM\..\Run : [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
04 - HKLM\..\Run : [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
04 - HKLM\..\Run : [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
04 - HKLM\..\Run : [Avira Systray] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
04 - [x64] HKLM\..\Run : [IgfxTray] C:\Windows\system32\igfxtray.exe
04 - [x64] HKLM\..\Run : [HotKeysCmds] C:\Windows\system32\hkcmd.exe
04 - [x64] HKLM\..\Run : [Persistence] C:\Windows\system32\igfxpers.exe
04 - [x64] HKLM\..\Run : [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
04 - [x64] HKLM\..\Run : [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
04 - HKU\S-1-5-21-4042219225-975936040-2676240510-1002\..\Run : [EA Core] "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent
04 - HKU\S-1-5-21-4042219225-975936040-2676240510-1002\..\Run : [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
[b]################## | UsbFix - Information |[/b]
Info : [url=https://www.youtube.com/watch?v=vUZYYASd7FE]Comment supprimer l'infection des raccourcis sur USB ? (Video)[/url]
Info : [url=http://www.en.usbfix.net/2014/03/remove-shortcut-virus-usb/]L'infection des raccourcis USB, c'est quoi ?[/url]
[b]################## | Hijack |[/b]
[b]################## | C:\ %SystemDrive% - Disque Fixe (NTFS) |[/b]
[14/10/2014 - 19:16:54 | A | 1 Ko] - C:\RstHosts.txt
[10/10/2014 - 21:01:26 | ASH | 4846404 Ko] - C:\hiberfil.sys
[10/10/2014 - 21:01:33 | ASH | 2490368 Ko] - C:\pagefile.sys
[10/10/2014 - 21:01:34 | ASH | 262144 Ko] - C:\swapfile.sys
[30/10/2013 - 13:10:58 | D] - C:\SYSTEM.SAV
[02/10/2014 - 21:17:27 | D] - C:\Config.Msi
[30/10/2013 - 13:11:52 | SHD] - C:\$Recycle.Bin
[11/10/2014 - 12:12:31 | A | 1 Ko] - C:\PhysicalDisk0_MBR.bin
[16/08/2014 - 17:52:12 | A | 0 Ko] - C:\autoexec.bat
[04/08/2012 - 01:21:37 | RASH | 8 Ko] - C:\BOOTSECT.BAK
[02/06/2012 - 16:30:55 | N | 0 Ko] - C:\BOOTNXT
[26/07/2012 - 05:44:30 | RASH | 389 Ko] - C:\bootmgr
[26/07/2012 - 09:22:08 | SHD] - C:\Documents and Settings
[26/07/2012 - 09:33:46 | D] - C:\PerfLogs
[04/08/2012 - 00:39:51 | D] - C:\inetpub
[04/08/2012 - 01:21:36 | SHD] - C:\Boot
[24/05/2013 - 14:31:06 | D] - C:\HP
[23/07/2013 - 01:20:04 | D] - C:\Intel
[23/07/2013 - 12:09:54 | D] - C:\SWSetup
[16/11/2013 - 16:03:01 | D] - C:\Temp
[05/12/2013 - 15:44:48 | RD] - C:\Users
[07/07/2014 - 22:19:52 | D] - C:\GOG Games
[16/08/2014 - 17:51:45 | RD] - C:\Program Files
[12/09/2014 - 18:28:16 | D] - C:\9eca3ec1be1063e1e35aa026798c40
[12/09/2014 - 18:40:15 | D] - C:\sources
[12/09/2014 - 18:45:40 | D] - C:\Windows
[07/10/2014 - 17:24:17 | SHD] - C:\System Volume Information
[10/10/2014 - 21:00:07 | D] - C:\AdwCleaner
[10/10/2014 - 21:20:44 | HD] - C:\ProgramData
[11/10/2014 - 10:25:56 | D] - C:\Program Files (x86)
[14/10/2014 - 19:39:07 | D] - C:\UsbFix
[b]################## | D:\ - Disque Fixe (NTFS) |[/b]
[26/07/2012 - 22:57:10 | N | 1319 Ko] - D:\bootmgr.efi
[30/10/2013 - 13:13:35 | SHD] - D:\$RECYCLE.BIN
[26/07/2012 - 21:44:32 | RASH | 389 Ko] - D:\bootmgr
[23/07/2013 - 13:04:48 | D] - D:\EFI
[23/07/2013 - 13:04:48 | D] - D:\hp
[23/07/2013 - 13:04:48 | RSHD] - D:\boot
[23/07/2013 - 13:04:48 | RSHD] - D:\preload
[23/07/2013 - 13:04:48 | RSD] - D:\recovery
[23/07/2013 - 13:04:48 | D] - D:\RM_Reserve
[02/06/2014 - 18:48:19 | SHD] - D:\System Volume Information
[b]################## | Vaccin |[/b]
C:\Autorun.inf -> Vaccin cree par UsbFix (El Desaparecido)
D:\Autorun.inf -> Vaccin cree par UsbFix (El Desaparecido)
[b]################## | E.O.F | [url=http://www.sosvirus.net/]http://www.sosvirus.net/[/url] | [url=http://www.usbfix.net/]http://www.usbfix.net/[/url] |[/b]