Publicité
Publicité
Format du document : text/plain
Prévisualisation
############################## | UsbFix V 7.161 | [Deletion]
User: User (Administrator) # USER-PC
Updated 15/01/2014 by El Desaparecido - Team SosVirus
Started at 17:03:55 | 26/01/2014
Website : http://www.en.usbfix.net
Changelog : http://www.usbfix.net/maj/
Support : http://www.sosvirus.net/
Upload Malware : http://www.sosvirus.net/upload_malware.php
Contact : http://www.en.usbfix.net/contact/
PC: Dell Inc. (0GGRV5)
CPU: Intel(R) Core(TM) i3-2370M CPU @ 2.40GHz
RAM -> [Total : 4004 Mo| Free : 1075 Mo]
Bios: Dell Inc.
Boot: Normal boot
OS: Microsoft Windows 7 Home Premium (6.1.7601 64-Bit) Service Pack 1
WB: Windows Internet Explorer : 11.0.9600.16476
WB: Google Chrome : 32.0.1700.76
WB: Mozilla Firefox : 26.0
SC: Security Center Service [Enabled]
WU: Windows Update Service [Enabled]
AS: Windows Defender : 6.1.7600.16385 (win7_rtm.090713-1255)
FW: Windows FireWall Service [Enabled]
C:\ (%systemdrive%) -> Fixed drive # 466 Gb (368 Mb free - 79%) [] # NTFS
D:\ -> CD-ROM
E:\ -> CD-ROM
H:\ -> Fixed drive # 466 Gb (29 Mb free - 6%) [P JUNIOR DD] # FAT32
################## | Stopped processes |
Stopped! C:\Windows\Explorer.EXE (ID: 1476 |ParentID: 1348)
Stopped! C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe (ID: 2120 |ParentID: 964)
Stopped! C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe (ID: 2868 |ParentID: 964)
Stopped! C:\Program Files (x86)\AVG\AVG2012\avgtray.exe (ID: 5092 |ParentID: 4936)
Stopped! C:\Windows\System32\WUDFHost.exe (ID: 7128 |ParentID: 1216)
Stopped! C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe (ID: 6344 |ParentID: 2120)
Stopped! C:\Program Files (x86)\AVG\AVG2012\avgrsa.exe (ID: 2744 |ParentID: 2120)
Stopped! C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe (ID: 5756 |ParentID: 2744)
Stopped! C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (ID: 680 |ParentID: 964)
Stopped! C:\Windows\system32\SearchIndexer.exe (ID: 6864 |ParentID: 964)
Stopped! C:\Program Files\Windows Media Player\wmpnetwk.exe (ID: 1920 |ParentID: 964)
Stopped! C:\Windows\System32\spoolsv.exe (ID: 2300 |ParentID: 964)
Stopped! C:\Program Files (x86)\GLO BOLT\UIMain.exe (ID: 6444 |ParentID: 1476)
Stopped! C:\Program Files (x86)\GLO BOLT\CMUpdater.exe (ID: 3160 |ParentID: 6444)
Stopped! C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe (ID: 1148 |ParentID: 6344)
Stopped! C:\Windows\system32\sppsvc.exe (ID: 4196 |ParentID: 964)
Stopped! C:\Windows\system32\DllHost.exe (ID: 5320 |ParentID: 760)
Stopped! C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 5460 |ParentID: 1476)
Stopped! C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 4116 |ParentID: 5460)
Stopped! C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 3568 |ParentID: 5460)
Stopped! C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 5712 |ParentID: 5460)
Stopped! C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 6056 |ParentID: 5460)
Stopped! C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 2276 |ParentID: 5460)
Stopped! C:\Program Files\Zune\WMZuneComm.exe (ID: 5740 |ParentID: 964)
Stopped! C:\Program Files\Zune\ZuneWlanCfgSvc.exe (ID: 6412 |ParentID: 964)
Stopped! C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Btvstack.exe (ID: 3908 |ParentID: 4500)
Stopped! C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 2688 |ParentID: 5460)
Stopped! C:\Program Files (x86)\PC Remote\PC Remote\PCRemote.exe (ID: 2916 |ParentID: 1476)
Stopped! C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 5492 |ParentID: 5460)
Stopped! C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 2252 |ParentID: 5460)
Stopped! C:\Program Files (x86)\Skype\Phone\Skype.exe (ID: 4308 |ParentID: 6060)
Stopped! C:\Windows\system32\SearchProtocolHost.exe (ID: 6180 |ParentID: 6864)
Stopped! C:\Windows\system32\SearchFilterHost.exe (ID: 5704 |ParentID: 6864)
Stopped! C:\Windows\system32\taskeng.exe (ID: 756 |ParentID: 1288)
################## | Regedit Run |
04 - HKLM\..\Run : [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
04 - HKLM\..\Run : [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
04 - HKLM\..\Run : [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
04 - HKLM\..\Run : [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
04 - HKLM\..\Run : [autodetect] C:\PROGRA~2\GLOBOL~1\AutoDect.exe
04 - HKLM\..\RunOnce : []
04 - HKLM64\..\Run : [IgfxTray] C:\Windows\system32\igfxtray.exe
04 - HKLM64\..\Run : [HotKeysCmds] C:\Windows\system32\hkcmd.exe
04 - HKLM64\..\Run : [Persistence] C:\Windows\system32\igfxpers.exe
04 - HKLM64\..\Run : [AtherosBtStack] "C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe"
04 - HKLM64\..\Run : [AthBtTray] "C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AthBtTray.exe"
04 - HKLM64\..\Run : [Zune Launcher] "C:\Program Files\Zune\ZuneLauncher.exe"
04 - HKU\S-1-5-19\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-20\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-21-3302344190-811091659-1627376649-1000\..\Run : [MediaDICO36] C:\Program Files (x86)\Micro Application\36 Dictionnaires et Recueils de Correspondance\LanceMediaDICO36.exe Lancement
04 - HKU\S-1-5-21-3302344190-811091659-1627376649-1000\..\Run : [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
04 - HKU\S-1-5-21-3302344190-811091659-1627376649-1000\..\Run : [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
04 - HKU\S-1-5-21-3302344190-811091659-1627376649-1000\..\Run : [AGupdate] C:\Program Files (x86)\AppGraffiti\AGupdate.exe
04 - HKU\S-1-5-21-3302344190-811091659-1627376649-1000\..\Run : [PC Remote Server] C:\Program Files (x86)\PC Remote\PC Remote\PCRemote.exe /silent
04 - HKU\S-1-5-19\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-20\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
################## | Generic Research |
Not deleted ! C:\Windows\SysWOW64\User.exe
Deleted ! H:\PC.lnk
Deleted ! H:\Videos.lnk
Deleted ! H:\Musique.lnk
Deleted ! H:\Cours.lnk
Deleted ! H:\General.lnk
Deleted ! H:\Programs.lnk
Deleted ! H:\.Trasher
Not deleted ! C:\Windows\System32\user.exe
(!) Temporary files deleted.
################## | Registry |
Deleted ! HKU\S-1-5-21-3302344190-811091659-1627376649-1000\Software\.\.\.\.\Mountpoints2\{48103e69-05a7-11e3-a0ec-00a0c6000000}
Deleted ! HKU\S-1-5-21-3302344190-811091659-1627376649-1000\Software\.\.\.\.\Mountpoints2\{6c109fd1-c8b6-11e2-afad-844bf53accf2}
Deleted ! HKU\S-1-5-21-3302344190-811091659-1627376649-1000\Software\.\.\.\.\Mountpoints2\{6c10a02a-c8b6-11e2-afad-844bf53accf2}
Deleted ! HKU\S-1-5-21-3302344190-811091659-1627376649-1000\Software\.\.\.\.\Mountpoints2\{c2e1a2f3-ecbf-11e2-8ea8-844bf53accf2}
Deleted ! HKU\S-1-5-21-3302344190-811091659-1627376649-1000\Software\.\.\.\.\Mountpoints2\{c2e1a30a-ecbf-11e2-8ea8-00a0c6000000}
################## | Listing |
[15/07/2013 - 10:59:22 | D] - C:\$AVG
[26/01/2014 - 16:33:13 | SHD] - C:\$Recycle.Bin
[24/05/2013 - 17:34:23 | N | 1 Ko | B7E768F0E4A0598466007F81BD6E9D81] - C:\bdlog.txt
[23/04/2013 - 12:32:23 | D] - C:\Dell
[14/07/2009 - 05:08:56 | SHD] - C:\Documents and Settings
[26/01/2014 - 12:34:35 | ASH | 3074980 Ko] - C:\hiberfil.sys
[23/04/2013 - 12:33:03 | D] - C:\Intel
[31/05/2013 - 11:21:33 | RHD] - C:\MSOCache
[20/08/2013 - 17:18:46 | D] - C:\New folder
[20/08/2013 - 17:18:48 | D] - C:\New folder (2)
[20/08/2013 - 17:18:51 | D] - C:\New folder (3)
[20/08/2013 - 17:18:52 | D] - C:\New folder (4)
[26/01/2014 - 12:34:35 | ASH | 4099976 Ko] - C:\pagefile.sys
[14/07/2009 - 03:20:08 | D] - C:\PerfLogs
[25/01/2014 - 18:21:34 | N | 1 Ko] - C:\PhysicalDisk0_MBR.bin
[12/01/2014 - 13:37:00 | D] - C:\Program Files
[26/01/2014 - 14:35:34 | D] - C:\Program Files (x86)
[25/01/2014 - 19:51:11 | HD] - C:\ProgramData
[23/04/2013 - 11:52:23 | SHD] - C:\Recovery
[26/01/2014 - 14:35:14 | SHD] - C:\System Volume Information
[26/01/2014 - 17:03:58 | D] - C:\UsbFix
[26/01/2014 - 17:06:50 | A | 8 Ko | 574472CF437F75F28708BA260262F113] - C:\UsbFix [Clean 1] USER-PC.txt
[26/01/2014 - 12:46:50 | N | 10 Ko | 28E4E7EAF4309E25579961529601E8D6] - C:\UsbFix [Scan 1] USER-PC.txt
[23/04/2013 - 11:54:25 | D] - C:\Users
[26/01/2014 - 14:30:01 | D] - C:\Windows
[19/12/2013 - 11:51:28 | SHD] - H:\System Volume Information
[28/12/2013 - 01:49:42 | D] - H:\PC
[15/10/2013 - 21:45:12 | D] - H:\Recycled
[09/01/2014 - 23:12:32 | D] - H:\FileHistory
[18/01/2014 - 20:54:20 | D] - H:\$AVG
[18/01/2014 - 21:08:30 | N | 0 Ko] - H:\.Trasher.rar
[18/01/2014 - 21:12:28 | N | 0 Ko] - H:\rebuilt..Trasher.rar
[18/10/2013 - 16:10:50 | SHD] - H:\$RECYCLE.BIN
[18/10/2013 - 17:26:56 | D] - H:\Videos
[18/10/2013 - 17:27:34 | D] - H:\Images
[18/10/2013 - 17:30:10 | D] - H:\Musique
[18/10/2013 - 17:31:22 | D] - H:\Cours
[18/10/2013 - 17:33:52 | D] - H:\General
[28/12/2013 - 10:43:48 | D] - H:\[www.Cpasbien.com] Imagine_Dragons-Night_Visions-2012-2NZ
[28/12/2013 - 11:01:44 | D] - H:\[www.Cpasbien.com] Sinik-La_Plume_et_Le_Poignard-FR-2012-SO
[28/12/2013 - 13:45:16 | D] - H:\[www.Cpasbien.me] Drake-Nothing_Was_The_Same-(Deluxe_Edition)-2013-CR
[28/12/2013 - 11:14:46 | D] - H:\[www.Cpasbien.me] Lacrim-Toujours_Le_Meme-FR-2012-AMG
[28/12/2013 - 11:18:52 | D] - H:\[www.Cpasbien.me] Niro-Paraplegique-2CD-(Reedition)-FR-2012-AMG
[31/12/2013 - 00:29:02 | D] - H:\Linkin Park-A thousand suns (2010)
[30/12/2013 - 23:17:46 | D] - H:\Music
[28/12/2013 - 13:14:40 | D] - H:\daft_punk
[28/12/2013 - 14:39:32 | D] - H:\Stromae - Racine Carrée AMG 2013
[28/12/2013 - 14:31:54 | D] - H:\Tal - A L'infini 2013 [mp3-320kbps]
[31/12/2013 - 00:19:04 | D] - H:\Overexposed (Deluxe Version)
[31/12/2013 - 00:20:46 | D] - H:\Programs
[30/12/2013 - 23:16:08 | D] - H:\shaka
[28/12/2013 - 15:35:26 | D] - H:\Stromae-Cheese-(WEB)-FR-2010-UNIONS
[30/12/2013 - 22:55:24 | D] - H:\Video
[28/12/2013 - 14:12:36 | D] - H:\[www.Cpasbien.com] B.o.B - Strange Clouds 2012 [192 Kbps]
[30/12/2013 - 23:15:18 | D] - H:\[www.Cpasbien.com] David Guetta - Nothing but the Beat 2.0 2012 [mp3-320kbps]
[31/12/2013 - 00:21:44 | D] - H:\[www.Cpasbien.com] Linkin Park - Living Things (Deluxe Edition) (2012)
[30/12/2013 - 23:15:52 | D] - H:\[www.Cpasbien.com] Pink--Truth_About_Love-2012-OMA
[28/12/2013 - 16:27:02 | D] - H:\[www.Cpasbien.com] Skrillex
[30/12/2013 - 23:13:40 | D] - H:\[www.Cpasbien.me] Ke$ha - Warrior [2012-Album] HQ Deluxe WEB-Rip 320Kbps
[30/12/2013 - 22:51:28 | D] - H:\A Color Map of the Sun
[31/12/2013 - 00:30:50 | D] - H:\Casseurs_Flowters-Orelsan_Et_Gringe_Sont_Les_Casseurs_Flowters-FR-2013-AMG
[30/12/2013 - 22:55:24 | D] - H:\Compressed
[30/12/2013 - 22:55:24 | D] - H:\Documents
[28/12/2013 - 19:37:58 | D] - H:\Justin Timberlake - The 20.20 Experience - Complete Version 2013 [mp3-320kbps]
[30/12/2013 - 23:15:14 | D] - H:\Linkin Park - Recharged 2013 [mp3-320kbps]
################## | Vaccin |
H:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
################## | E.O.F | http://www.usbfix.net - http://www.sosvirus.net |
############################## | UsbFix V 7.161 | [Deletion]
User: User (Administrator) # USER-PC
Updated 15/01/2014 by El Desaparecido - Team SosVirus
Started at 17:03:55 | 26/01/2014
Website : http://www.en.usbfix.net
Changelog : http://www.usbfix.net/maj/
Support : http://www.sosvirus.net/
Upload Malware : http://www.sosvirus.net/upload_malware.php
Contact : http://www.en.usbfix.net/contact/
PC: Dell Inc. (0GGRV5)
CPU: Intel(R) Core(TM) i3-2370M CPU @ 2.40GHz
RAM -> [Total : 4004 Mo| Free : 1075 Mo]
Bios: Dell Inc.
Boot: Normal boot
OS: Microsoft Windows 7 Home Premium (6.1.7601 64-Bit) Service Pack 1
WB: Windows Internet Explorer : 11.0.9600.16476
WB: Google Chrome : 32.0.1700.76
WB: Mozilla Firefox : 26.0
SC: Security Center Service [Enabled]
WU: Windows Update Service [Enabled]
AS: Windows Defender : 6.1.7600.16385 (win7_rtm.090713-1255)
FW: Windows FireWall Service [Enabled]
C:\ (%systemdrive%) -> Fixed drive # 466 Gb (368 Mb free - 79%) [] # NTFS
D:\ -> CD-ROM
E:\ -> CD-ROM
H:\ -> Fixed drive # 466 Gb (29 Mb free - 6%) [P JUNIOR DD] # FAT32
################## | Stopped processes |
Stopped! C:\Windows\Explorer.EXE (ID: 1476 |ParentID: 1348)
Stopped! C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe (ID: 2120 |ParentID: 964)
Stopped! C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe (ID: 2868 |ParentID: 964)
Stopped! C:\Program Files (x86)\AVG\AVG2012\avgtray.exe (ID: 5092 |ParentID: 4936)
Stopped! C:\Windows\System32\WUDFHost.exe (ID: 7128 |ParentID: 1216)
Stopped! C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe (ID: 6344 |ParentID: 2120)
Stopped! C:\Program Files (x86)\AVG\AVG2012\avgrsa.exe (ID: 2744 |ParentID: 2120)
Stopped! C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe (ID: 5756 |ParentID: 2744)
Stopped! C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (ID: 680 |ParentID: 964)
Stopped! C:\Windows\system32\SearchIndexer.exe (ID: 6864 |ParentID: 964)
Stopped! C:\Program Files\Windows Media Player\wmpnetwk.exe (ID: 1920 |ParentID: 964)
Stopped! C:\Windows\System32\spoolsv.exe (ID: 2300 |ParentID: 964)
Stopped! C:\Program Files (x86)\GLO BOLT\UIMain.exe (ID: 6444 |ParentID: 1476)
Stopped! C:\Program Files (x86)\GLO BOLT\CMUpdater.exe (ID: 3160 |ParentID: 6444)
Stopped! C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe (ID: 1148 |ParentID: 6344)
Stopped! C:\Windows\system32\sppsvc.exe (ID: 4196 |ParentID: 964)
Stopped! C:\Windows\system32\DllHost.exe (ID: 5320 |ParentID: 760)
Stopped! C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 5460 |ParentID: 1476)
Stopped! C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 4116 |ParentID: 5460)
Stopped! C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 3568 |ParentID: 5460)
Stopped! C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 5712 |ParentID: 5460)
Stopped! C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 6056 |ParentID: 5460)
Stopped! C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 2276 |ParentID: 5460)
Stopped! C:\Program Files\Zune\WMZuneComm.exe (ID: 5740 |ParentID: 964)
Stopped! C:\Program Files\Zune\ZuneWlanCfgSvc.exe (ID: 6412 |ParentID: 964)
Stopped! C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Btvstack.exe (ID: 3908 |ParentID: 4500)
Stopped! C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 2688 |ParentID: 5460)
Stopped! C:\Program Files (x86)\PC Remote\PC Remote\PCRemote.exe (ID: 2916 |ParentID: 1476)
Stopped! C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 5492 |ParentID: 5460)
Stopped! C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 2252 |ParentID: 5460)
Stopped! C:\Program Files (x86)\Skype\Phone\Skype.exe (ID: 4308 |ParentID: 6060)
Stopped! C:\Windows\system32\SearchProtocolHost.exe (ID: 6180 |ParentID: 6864)
Stopped! C:\Windows\system32\SearchFilterHost.exe (ID: 5704 |ParentID: 6864)
Stopped! C:\Windows\system32\taskeng.exe (ID: 756 |ParentID: 1288)
################## | Regedit Run |
04 - HKLM\..\Run : [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
04 - HKLM\..\Run : [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
04 - HKLM\..\Run : [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
04 - HKLM\..\Run : [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
04 - HKLM\..\Run : [autodetect] C:\PROGRA~2\GLOBOL~1\AutoDect.exe
04 - HKLM\..\RunOnce : []
04 - HKLM64\..\Run : [IgfxTray] C:\Windows\system32\igfxtray.exe
04 - HKLM64\..\Run : [HotKeysCmds] C:\Windows\system32\hkcmd.exe
04 - HKLM64\..\Run : [Persistence] C:\Windows\system32\igfxpers.exe
04 - HKLM64\..\Run : [AtherosBtStack] "C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe"
04 - HKLM64\..\Run : [AthBtTray] "C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AthBtTray.exe"
04 - HKLM64\..\Run : [Zune Launcher] "C:\Program Files\Zune\ZuneLauncher.exe"
04 - HKU\S-1-5-19\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-20\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-21-3302344190-811091659-1627376649-1000\..\Run : [MediaDICO36] C:\Program Files (x86)\Micro Application\36 Dictionnaires et Recueils de Correspondance\LanceMediaDICO36.exe Lancement
04 - HKU\S-1-5-21-3302344190-811091659-1627376649-1000\..\Run : [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
04 - HKU\S-1-5-21-3302344190-811091659-1627376649-1000\..\Run : [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
04 - HKU\S-1-5-21-3302344190-811091659-1627376649-1000\..\Run : [AGupdate] C:\Program Files (x86)\AppGraffiti\AGupdate.exe
04 - HKU\S-1-5-21-3302344190-811091659-1627376649-1000\..\Run : [PC Remote Server] C:\Program Files (x86)\PC Remote\PC Remote\PCRemote.exe /silent
04 - HKU\S-1-5-19\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-20\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
################## | Generic Research |
Not deleted ! C:\Windows\SysWOW64\User.exe
Deleted ! H:\PC.lnk
Deleted ! H:\Videos.lnk
Deleted ! H:\Musique.lnk
Deleted ! H:\Cours.lnk
Deleted ! H:\General.lnk
Deleted ! H:\Programs.lnk
Deleted ! H:\.Trasher
Not deleted ! C:\Windows\System32\user.exe
(!) Temporary files deleted.
################## | Registry |
Deleted ! HKU\S-1-5-21-3302344190-811091659-1627376649-1000\Software\.\.\.\.\Mountpoints2\{48103e69-05a7-11e3-a0ec-00a0c6000000}
Deleted ! HKU\S-1-5-21-3302344190-811091659-1627376649-1000\Software\.\.\.\.\Mountpoints2\{6c109fd1-c8b6-11e2-afad-844bf53accf2}
Deleted ! HKU\S-1-5-21-3302344190-811091659-1627376649-1000\Software\.\.\.\.\Mountpoints2\{6c10a02a-c8b6-11e2-afad-844bf53accf2}
Deleted ! HKU\S-1-5-21-3302344190-811091659-1627376649-1000\Software\.\.\.\.\Mountpoints2\{c2e1a2f3-ecbf-11e2-8ea8-844bf53accf2}
Deleted ! HKU\S-1-5-21-3302344190-811091659-1627376649-1000\Software\.\.\.\.\Mountpoints2\{c2e1a30a-ecbf-11e2-8ea8-00a0c6000000}
################## | Listing |
[15/07/2013 - 10:59:22 | D] - C:\$AVG
[26/01/2014 - 16:33:13 | SHD] - C:\$Recycle.Bin
[24/05/2013 - 17:34:23 | N | 1 Ko | B7E768F0E4A0598466007F81BD6E9D81] - C:\bdlog.txt
[23/04/2013 - 12:32:23 | D] - C:\Dell
[14/07/2009 - 05:08:56 | SHD] - C:\Documents and Settings
[26/01/2014 - 12:34:35 | ASH | 3074980 Ko] - C:\hiberfil.sys
[23/04/2013 - 12:33:03 | D] - C:\Intel
[31/05/2013 - 11:21:33 | RHD] - C:\MSOCache
[20/08/2013 - 17:18:46 | D] - C:\New folder
[20/08/2013 - 17:18:48 | D] - C:\New folder (2)
[20/08/2013 - 17:18:51 | D] - C:\New folder (3)
[20/08/2013 - 17:18:52 | D] - C:\New folder (4)
[26/01/2014 - 12:34:35 | ASH | 4099976 Ko] - C:\pagefile.sys
[14/07/2009 - 03:20:08 | D] - C:\PerfLogs
[25/01/2014 - 18:21:34 | N | 1 Ko] - C:\PhysicalDisk0_MBR.bin
[12/01/2014 - 13:37:00 | D] - C:\Program Files
[26/01/2014 - 14:35:34 | D] - C:\Program Files (x86)
[25/01/2014 - 19:51:11 | HD] - C:\ProgramData
[23/04/2013 - 11:52:23 | SHD] - C:\Recovery
[26/01/2014 - 14:35:14 | SHD] - C:\System Volume Information
[26/01/2014 - 17:03:58 | D] - C:\UsbFix
[26/01/2014 - 17:06:50 | A | 8 Ko | 574472CF437F75F28708BA260262F113] - C:\UsbFix [Clean 1] USER-PC.txt
[26/01/2014 - 12:46:50 | N | 10 Ko | 28E4E7EAF4309E25579961529601E8D6] - C:\UsbFix [Scan 1] USER-PC.txt
[23/04/2013 - 11:54:25 | D] - C:\Users
[26/01/2014 - 14:30:01 | D] - C:\Windows
[19/12/2013 - 11:51:28 | SHD] - H:\System Volume Information
[28/12/2013 - 01:49:42 | D] - H:\PC
[15/10/2013 - 21:45:12 | D] - H:\Recycled
[09/01/2014 - 23:12:32 | D] - H:\FileHistory
[18/01/2014 - 20:54:20 | D] - H:\$AVG
[18/01/2014 - 21:08:30 | N | 0 Ko] - H:\.Trasher.rar
[18/01/2014 - 21:12:28 | N | 0 Ko] - H:\rebuilt..Trasher.rar
[18/10/2013 - 16:10:50 | SHD] - H:\$RECYCLE.BIN
[18/10/2013 - 17:26:56 | D] - H:\Videos
[18/10/2013 - 17:27:34 | D] - H:\Images
[18/10/2013 - 17:30:10 | D] - H:\Musique
[18/10/2013 - 17:31:22 | D] - H:\Cours
[18/10/2013 - 17:33:52 | D] - H:\General
[28/12/2013 - 10:43:48 | D] - H:\[www.Cpasbien.com] Imagine_Dragons-Night_Visions-2012-2NZ
[28/12/2013 - 11:01:44 | D] - H:\[www.Cpasbien.com] Sinik-La_Plume_et_Le_Poignard-FR-2012-SO
[28/12/2013 - 13:45:16 | D] - H:\[www.Cpasbien.me] Drake-Nothing_Was_The_Same-(Deluxe_Edition)-2013-CR
[28/12/2013 - 11:14:46 | D] - H:\[www.Cpasbien.me] Lacrim-Toujours_Le_Meme-FR-2012-AMG
[28/12/2013 - 11:18:52 | D] - H:\[www.Cpasbien.me] Niro-Paraplegique-2CD-(Reedition)-FR-2012-AMG
[31/12/2013 - 00:29:02 | D] - H:\Linkin Park-A thousand suns (2010)
[30/12/2013 - 23:17:46 | D] - H:\Music
[28/12/2013 - 13:14:40 | D] - H:\daft_punk
[28/12/2013 - 14:39:32 | D] - H:\Stromae - Racine Carrée AMG 2013
[28/12/2013 - 14:31:54 | D] - H:\Tal - A L'infini 2013 [mp3-320kbps]
[31/12/2013 - 00:19:04 | D] - H:\Overexposed (Deluxe Version)
[31/12/2013 - 00:20:46 | D] - H:\Programs
[30/12/2013 - 23:16:08 | D] - H:\shaka
[28/12/2013 - 15:35:26 | D] - H:\Stromae-Cheese-(WEB)-FR-2010-UNIONS
[30/12/2013 - 22:55:24 | D] - H:\Video
[28/12/2013 - 14:12:36 | D] - H:\[www.Cpasbien.com] B.o.B - Strange Clouds 2012 [192 Kbps]
[30/12/2013 - 23:15:18 | D] - H:\[www.Cpasbien.com] David Guetta - Nothing but the Beat 2.0 2012 [mp3-320kbps]
[31/12/2013 - 00:21:44 | D] - H:\[www.Cpasbien.com] Linkin Park - Living Things (Deluxe Edition) (2012)
[30/12/2013 - 23:15:52 | D] - H:\[www.Cpasbien.com] Pink--Truth_About_Love-2012-OMA
[28/12/2013 - 16:27:02 | D] - H:\[www.Cpasbien.com] Skrillex
[30/12/2013 - 23:13:40 | D] - H:\[www.Cpasbien.me] Ke$ha - Warrior [2012-Album] HQ Deluxe WEB-Rip 320Kbps
[30/12/2013 - 22:51:28 | D] - H:\A Color Map of the Sun
[31/12/2013 - 00:30:50 | D] - H:\Casseurs_Flowters-Orelsan_Et_Gringe_Sont_Les_Casseurs_Flowters-FR-2013-AMG
[30/12/2013 - 22:55:24 | D] - H:\Compressed
[30/12/2013 - 22:55:24 | D] - H:\Documents
[28/12/2013 - 19:37:58 | D] - H:\Justin Timberlake - The 20.20 Experience - Complete Version 2013 [mp3-320kbps]
[30/12/2013 - 23:15:14 | D] - H:\Linkin Park - Recharged 2013 [mp3-320kbps]
################## | Vaccin |
H:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
################## | E.O.F | http://www.usbfix.net - http://www.sosvirus.net |