Publicité
Publicité
Format du document : text/plain
Prévisualisation
############################## | UsbFix V 7.138 | [Recherche]
Utilisateur: Zarechi (Administrateur) # OPTIMUSPRIME
Mis � jour le 20/09/2013 par El Desaparecido - Team SosVirus
Lanc� � 12:17:47 | 29/09/2013
Site Web: http://www.usbfix.net/
Forum : http://www.sosvirus.net/
Upload Malware: http://www.sosvirus.net/upload_malware.php
Contact: http://www.usbfix.net/contact/
PC: ASUSTeK COMPUTER INC. (K56CM) (x64-based PC)
CPU: Intel(R) Core(TM) i3-3217U CPU @ 1.80GHz (1801)
RAM -> [Total : 3982 | Free : 1013]
BIOS: K56CM.209
BOOT: Normal boot
OS: Microsoft Windows 8 (6.2.9200 64-Bit) #
WB: Windows Internet Explorer 10.0.9200.16688
SC: Security Center Service [Enabled]
WU: Windows Update Service [(!) Disabled]
AV: avast! Antivirus [Enabled | Updated]
FW: Windows FireWall Service [Enabled]
C:\ (%systemdrive%) -> Disque fixe # 279 Go (146 Go libre(s) - 52%) [OS] # NTFS
D:\ -> Disque fixe # 398 Go (397 Go libre(s) - 100%) [DATA] # NTFS
E:\ -> CD-ROM
F:\ -> CD-ROM
G:\ -> Disque fixe # 932 Go (283 Go libre(s) - 30%) [BumbleBee] # NTFS
################## | Processus Actif |
C:\Windows\system32\csrss.exe (812)
C:\Windows\system32\wininit.exe (900)
C:\Windows\system32\services.exe (988)
C:\Windows\system32\lsass.exe (996)
C:\Windows\system32\svchost.exe (680)
C:\Windows\system32\nvvsvc.exe (80)
C:\Windows\system32\svchost.exe (560)
C:\Windows\System32\svchost.exe (692)
C:\Windows\system32\svchost.exe (984)
C:\Windows\system32\svchost.exe (1036)
C:\Windows\System32\svchost.exe (1100)
C:\Windows\system32\svchost.exe (1276)
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe (1420)
C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (1512)
C:\Program Files\AVAST Software\Avast\AvastSvc.exe (1548)
C:\Windows\System32\spoolsv.exe (1980)
C:\Windows\system32\svchost.exe (2040)
C:\Windows\system32\svchost.exe (1116)
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (2368)
C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe (2480)
C:\Windows\system32\DptfParticipantProcessorService.exe (2540)
C:\Windows\system32\dashost.exe (2584)
C:\Windows\system32\DptfPolicyConfigTDPService.exe (2616)
C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe (2676)
C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe (2708)
C:\Program Files\Intel\iCLS Client\HeciServer.exe (2808)
C:\Windows\SysWOW64\irstrtsv.exe (2900)
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (2932)
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (2228)
C:\Windows\system32\rundll32.exe (2440)
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (2412)
C:\Windows\system32\svchost.exe (2728)
C:\Windows\System32\alg.exe (3468)
C:\Windows\system32\svchost.exe (3692)
C:\Windows\System32\svchost.exe (3756)
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (4924)
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (4952)
C:\Windows\system32\SearchIndexer.exe (5072)
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (3576)
C:\Program Files\Windows Media Player\wmpnetwk.exe (4324)
C:\Windows\system32\wbem\wmiprvse.exe (1928)
C:\Windows\system32\csrss.exe (6520)
C:\Windows\System32\WinLogon.exe (7028)
C:\Windows\System32\dwm.exe (6184)
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (4740)
C:\Windows\system32\nvvsvc.exe (4688)
C:\Windows\system32\taskhostex.exe (6252)
C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe (5092)
C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe (2988)
C:\Windows\Explorer.EXE (1060)
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (4612)
C:\Program Files\ASUS\P4G\BatteryLife.exe (6128)
C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe (6216)
C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe (1608)
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (1384)
C:\Windows\system32\conhost.exe (6716)
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe (6708)
C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1114.318_x64__8wekyb3d8bbwe\LiveComm.exe (3216)
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (1940)
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (6468)
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (6816)
C:\Windows\System32\RuntimeBroker.exe (2580)
C:\Windows\System32\igfxtray.exe (780)
C:\Windows\System32\hkcmd.exe (6604)
C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe (2512)
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (1160)
C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe (6324)
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe (4880)
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe (6684)
C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe (3812)
C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe (4720)
C:\Windows\SysWOW64\ACEngSvr.exe (4920)
C:\Windows\system32\igfxpers.exe (3624)
C:\Program Files (x86)\Skype\Phone\Skype.exe (5432)
C:\Program Files (x86)\Steam\Steam.exe (5816)
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe (6516)
C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe (4160)
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (7132)
C:\Program Files\AVAST Software\Avast\AvastUI.exe (6260)
C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe (7052)
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (2056)
C:\Program Files (x86)\Common Files\Steam\SteamService.exe (6172)
C:\Program Files (x86)\Mozilla Firefox\firefox.exe (4756)
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe (5168)
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe (4644)
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe (6820)
C:\Windows\system32\taskeng.exe (1328)
C:\Windows\system32\wbem\wmiprvse.exe (5356)
C:\Windows\System32\WUDFHost.exe (4804)
C:\Users\Zarechi\Downloads\RogueKillerX64.exe (6728)
C:\Windows\syswow64\wwahost.exe (1900)
C:\Windows\system32\SearchProtocolHost.exe (5564)
C:\Windows\system32\SearchFilterHost.exe (3488)
C:\UsbFix\Go.exe (4896)
################## | El Desaparecido Section |
HKLM\SOFTWARE | Run : [ASUSPRP] - "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
HKLM\SOFTWARE | Run : [ASUSWebStorage] - C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\AsusWSPanel.exe /S
HKLM\SOFTWARE | Run : [RemoteControl10] - "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
HKLM\SOFTWARE | Run : [ATLauncher] - "C:\Program Files\McAfee\MSC\OOBE\ATLauncher.exe" /createshortcuts:1
HKLM\SOFTWARE | Run : [Adobe ARM] - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
HKLM\SOFTWARE | Run : [avast] - "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
HKLM\SOFTWARE | Run : [SunJavaUpdateSched] - "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
HKLM\SOFTWARE | Run : [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
HKLM\SOFTWARE | Run : [AdobeCS6ServiceManager] - "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
HKLM\SOFTWARE | Run : [GrooveMonitor] - "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
HKLM\SOFTWARE\wow6432Node | Run : [ASUSPRP] - "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
HKLM\SOFTWARE\wow6432Node | Run : [ASUSWebStorage] - C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\AsusWSPanel.exe /S
HKLM\SOFTWARE\wow6432Node | Run : [RemoteControl10] - "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
HKLM\SOFTWARE\wow6432Node | Run : [ATLauncher] - "C:\Program Files\McAfee\MSC\OOBE\ATLauncher.exe" /createshortcuts:1
HKLM\SOFTWARE\wow6432Node | Run : [Adobe ARM] - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
HKLM\SOFTWARE\wow6432Node | Run : [avast] - "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
HKLM\SOFTWARE\wow6432Node | Run : [SunJavaUpdateSched] - "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
HKLM\SOFTWARE\wow6432Node | Run : [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
HKLM\SOFTWARE\wow6432Node | Run : [AdobeCS6ServiceManager] - "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
HKLM\SOFTWARE\wow6432Node | Run : [GrooveMonitor] - "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
HKLM\SOFTWARE | RunOnce : [] -
HKLM\SOFTWARE\wow6432Node | RunOnce : [] -
HKU\S-1-5-21-4154473169-124205256-1281812686-1002\SOFTWARE | Run : [Skype] - "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
HKU\S-1-5-21-4154473169-124205256-1281812686-1002\SOFTWARE | Run : [DAEMON Tools Lite] - "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
HKU\S-1-5-21-4154473169-124205256-1281812686-1002\SOFTWARE | Run : [Steam] - "C:\Program Files (x86)\Steam\Steam.exe" -silent
HKU\S-1-5-21-4154473169-124205256-1281812686-1002\SOFTWARE | Run : [AdobeBridge] -
HKU\S-1-5-21-4154473169-124205256-1281812686-1002\SOFTWARE | Run : [Adobe Flash Player v10] - C:\Users\Zarechi\AppData\Local\Temp\flashplayer.exe
################## | �l�ments infectieux |
Pr�sent! G:\$RECYCLE.BIN.lnk
Pr�sent! G:\Biblioth�que.lnk
Pr�sent! G:\biblioth�ques.lnk
Pr�sent! G:\media.lnk
Pr�sent! G:\msdownld.tmp.lnk
Pr�sent! G:\ProgramData.lnk
Pr�sent! G:\Seagate.lnk
Pr�sent! G:\System Volume Information.lnk
Pr�sent! G:\UserGuides.lnk
Pr�sent! G:\_Memeo.lnk
Pr�sent! F:\Setup.exe
Pr�sent! F:\Autorun.inf
Pr�sent! G:\Autorun.inf
Pr�sent! G:\snkb0pt\desktop.ini
Pr�sent! G:\snkb0pt
################## | Registre |
################## | Mountpoints2 |
################## | Vaccin |
C:\Autorun.inf -> Vaccin cr�� par UsbFix (El Desaparecido)
D:\Autorun.inf -> Vaccin cr�� par UsbFix (El Desaparecido)
################## | E.O.F | http://www.usbfix.net - http://www.sosvirus.net |
Utilisateur: Zarechi (Administrateur) # OPTIMUSPRIME
Mis � jour le 20/09/2013 par El Desaparecido - Team SosVirus
Lanc� � 12:17:47 | 29/09/2013
Site Web: http://www.usbfix.net/
Forum : http://www.sosvirus.net/
Upload Malware: http://www.sosvirus.net/upload_malware.php
Contact: http://www.usbfix.net/contact/
PC: ASUSTeK COMPUTER INC. (K56CM) (x64-based PC)
CPU: Intel(R) Core(TM) i3-3217U CPU @ 1.80GHz (1801)
RAM -> [Total : 3982 | Free : 1013]
BIOS: K56CM.209
BOOT: Normal boot
OS: Microsoft Windows 8 (6.2.9200 64-Bit) #
WB: Windows Internet Explorer 10.0.9200.16688
SC: Security Center Service [Enabled]
WU: Windows Update Service [(!) Disabled]
AV: avast! Antivirus [Enabled | Updated]
FW: Windows FireWall Service [Enabled]
C:\ (%systemdrive%) -> Disque fixe # 279 Go (146 Go libre(s) - 52%) [OS] # NTFS
D:\ -> Disque fixe # 398 Go (397 Go libre(s) - 100%) [DATA] # NTFS
E:\ -> CD-ROM
F:\ -> CD-ROM
G:\ -> Disque fixe # 932 Go (283 Go libre(s) - 30%) [BumbleBee] # NTFS
################## | Processus Actif |
C:\Windows\system32\csrss.exe (812)
C:\Windows\system32\wininit.exe (900)
C:\Windows\system32\services.exe (988)
C:\Windows\system32\lsass.exe (996)
C:\Windows\system32\svchost.exe (680)
C:\Windows\system32\nvvsvc.exe (80)
C:\Windows\system32\svchost.exe (560)
C:\Windows\System32\svchost.exe (692)
C:\Windows\system32\svchost.exe (984)
C:\Windows\system32\svchost.exe (1036)
C:\Windows\System32\svchost.exe (1100)
C:\Windows\system32\svchost.exe (1276)
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe (1420)
C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (1512)
C:\Program Files\AVAST Software\Avast\AvastSvc.exe (1548)
C:\Windows\System32\spoolsv.exe (1980)
C:\Windows\system32\svchost.exe (2040)
C:\Windows\system32\svchost.exe (1116)
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (2368)
C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe (2480)
C:\Windows\system32\DptfParticipantProcessorService.exe (2540)
C:\Windows\system32\dashost.exe (2584)
C:\Windows\system32\DptfPolicyConfigTDPService.exe (2616)
C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe (2676)
C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe (2708)
C:\Program Files\Intel\iCLS Client\HeciServer.exe (2808)
C:\Windows\SysWOW64\irstrtsv.exe (2900)
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (2932)
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (2228)
C:\Windows\system32\rundll32.exe (2440)
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (2412)
C:\Windows\system32\svchost.exe (2728)
C:\Windows\System32\alg.exe (3468)
C:\Windows\system32\svchost.exe (3692)
C:\Windows\System32\svchost.exe (3756)
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (4924)
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (4952)
C:\Windows\system32\SearchIndexer.exe (5072)
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (3576)
C:\Program Files\Windows Media Player\wmpnetwk.exe (4324)
C:\Windows\system32\wbem\wmiprvse.exe (1928)
C:\Windows\system32\csrss.exe (6520)
C:\Windows\System32\WinLogon.exe (7028)
C:\Windows\System32\dwm.exe (6184)
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (4740)
C:\Windows\system32\nvvsvc.exe (4688)
C:\Windows\system32\taskhostex.exe (6252)
C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe (5092)
C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe (2988)
C:\Windows\Explorer.EXE (1060)
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (4612)
C:\Program Files\ASUS\P4G\BatteryLife.exe (6128)
C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe (6216)
C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe (1608)
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (1384)
C:\Windows\system32\conhost.exe (6716)
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe (6708)
C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1114.318_x64__8wekyb3d8bbwe\LiveComm.exe (3216)
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (1940)
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (6468)
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (6816)
C:\Windows\System32\RuntimeBroker.exe (2580)
C:\Windows\System32\igfxtray.exe (780)
C:\Windows\System32\hkcmd.exe (6604)
C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe (2512)
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (1160)
C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe (6324)
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe (4880)
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe (6684)
C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe (3812)
C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe (4720)
C:\Windows\SysWOW64\ACEngSvr.exe (4920)
C:\Windows\system32\igfxpers.exe (3624)
C:\Program Files (x86)\Skype\Phone\Skype.exe (5432)
C:\Program Files (x86)\Steam\Steam.exe (5816)
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe (6516)
C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe (4160)
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (7132)
C:\Program Files\AVAST Software\Avast\AvastUI.exe (6260)
C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe (7052)
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (2056)
C:\Program Files (x86)\Common Files\Steam\SteamService.exe (6172)
C:\Program Files (x86)\Mozilla Firefox\firefox.exe (4756)
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe (5168)
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe (4644)
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe (6820)
C:\Windows\system32\taskeng.exe (1328)
C:\Windows\system32\wbem\wmiprvse.exe (5356)
C:\Windows\System32\WUDFHost.exe (4804)
C:\Users\Zarechi\Downloads\RogueKillerX64.exe (6728)
C:\Windows\syswow64\wwahost.exe (1900)
C:\Windows\system32\SearchProtocolHost.exe (5564)
C:\Windows\system32\SearchFilterHost.exe (3488)
C:\UsbFix\Go.exe (4896)
################## | El Desaparecido Section |
HKLM\SOFTWARE | Run : [ASUSPRP] - "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
HKLM\SOFTWARE | Run : [ASUSWebStorage] - C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\AsusWSPanel.exe /S
HKLM\SOFTWARE | Run : [RemoteControl10] - "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
HKLM\SOFTWARE | Run : [ATLauncher] - "C:\Program Files\McAfee\MSC\OOBE\ATLauncher.exe" /createshortcuts:1
HKLM\SOFTWARE | Run : [Adobe ARM] - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
HKLM\SOFTWARE | Run : [avast] - "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
HKLM\SOFTWARE | Run : [SunJavaUpdateSched] - "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
HKLM\SOFTWARE | Run : [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
HKLM\SOFTWARE | Run : [AdobeCS6ServiceManager] - "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
HKLM\SOFTWARE | Run : [GrooveMonitor] - "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
HKLM\SOFTWARE\wow6432Node | Run : [ASUSPRP] - "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
HKLM\SOFTWARE\wow6432Node | Run : [ASUSWebStorage] - C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\AsusWSPanel.exe /S
HKLM\SOFTWARE\wow6432Node | Run : [RemoteControl10] - "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
HKLM\SOFTWARE\wow6432Node | Run : [ATLauncher] - "C:\Program Files\McAfee\MSC\OOBE\ATLauncher.exe" /createshortcuts:1
HKLM\SOFTWARE\wow6432Node | Run : [Adobe ARM] - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
HKLM\SOFTWARE\wow6432Node | Run : [avast] - "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
HKLM\SOFTWARE\wow6432Node | Run : [SunJavaUpdateSched] - "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
HKLM\SOFTWARE\wow6432Node | Run : [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
HKLM\SOFTWARE\wow6432Node | Run : [AdobeCS6ServiceManager] - "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
HKLM\SOFTWARE\wow6432Node | Run : [GrooveMonitor] - "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
HKLM\SOFTWARE | RunOnce : [] -
HKLM\SOFTWARE\wow6432Node | RunOnce : [] -
HKU\S-1-5-21-4154473169-124205256-1281812686-1002\SOFTWARE | Run : [Skype] - "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
HKU\S-1-5-21-4154473169-124205256-1281812686-1002\SOFTWARE | Run : [DAEMON Tools Lite] - "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
HKU\S-1-5-21-4154473169-124205256-1281812686-1002\SOFTWARE | Run : [Steam] - "C:\Program Files (x86)\Steam\Steam.exe" -silent
HKU\S-1-5-21-4154473169-124205256-1281812686-1002\SOFTWARE | Run : [AdobeBridge] -
HKU\S-1-5-21-4154473169-124205256-1281812686-1002\SOFTWARE | Run : [Adobe Flash Player v10] - C:\Users\Zarechi\AppData\Local\Temp\flashplayer.exe
################## | �l�ments infectieux |
Pr�sent! G:\$RECYCLE.BIN.lnk
Pr�sent! G:\Biblioth�que.lnk
Pr�sent! G:\biblioth�ques.lnk
Pr�sent! G:\media.lnk
Pr�sent! G:\msdownld.tmp.lnk
Pr�sent! G:\ProgramData.lnk
Pr�sent! G:\Seagate.lnk
Pr�sent! G:\System Volume Information.lnk
Pr�sent! G:\UserGuides.lnk
Pr�sent! G:\_Memeo.lnk
Pr�sent! F:\Setup.exe
Pr�sent! F:\Autorun.inf
Pr�sent! G:\Autorun.inf
Pr�sent! G:\snkb0pt\desktop.ini
Pr�sent! G:\snkb0pt
################## | Registre |
################## | Mountpoints2 |
################## | Vaccin |
C:\Autorun.inf -> Vaccin cr�� par UsbFix (El Desaparecido)
D:\Autorun.inf -> Vaccin cr�� par UsbFix (El Desaparecido)
################## | E.O.F | http://www.usbfix.net - http://www.sosvirus.net |