germinatorrr
Participant
Nombre d'articles : 7

############################## | UsbFix V 7.155 | [Suppression]

Utilisateur: Germ (Administrateur) # GERM-PC
Mis à jour le 16/12/2013 par El Desaparecido – Team SosVirus
Lancé à 11:03:21 | 17/12/2013

Site Web : http://www.usbfix.net” onclick=”window.open(this.href);return false;
Forum : https://www.sosvirus.net/” onclick=”window.open(this.href);return false;
Upload Malware : upload_malware.php
Contact : http://www.usbfix.net/contact/” onclick=”window.open(this.href);return false;

PC: ASUSTeK COMPUTER INC. (P8H61-I R2.0)
CPU: Intel(R) Core(TM) i3-2120 CPU @ 3.30GHz
RAM -> [Total : 5831 | Free : 4397]
Bios: American Megatrends Inc.
Boot: Normal boot

OS: Microsoft Windows 7 Édition Intégrale (6.1.7601 64-Bit) Service Pack 1
WB: Windows Internet Explorer : 11.0.9600.16476
WB: Google Chrome : 31.0.1650.63

SC: Security Center Service [Enabled]
WU: Windows Update Service [Enabled]
AV: Avira Desktop [(!) Disabled | (!) Outdated]
AS: Windows Defender : 6.1.7600.16385 (win7_rtm.090713-1255)
AS: Malwarebytes’ Anti-Malware : 1.75.0001
FW: Windows FireWall Service [Enabled]

C: (%systemdrive%) -> Disque fixe # 1299 Go (1126 Go libre(s) – 87%) [] # NTFS
D: -> CD-ROM
G: -> Disque amovible # 58 Go (40 Go libre(s) – 68%) [Lexar] # FAT32
H: -> Disque fixe # 98 Go (78 Go libre(s) – 80%) [Germ] # NTFS
I: -> Disque amovible # 7 Go (1 Go libre(s) – 15%) [SONY_8GU] # FAT32

################## | Processus Stoppés |

Stoppé! C:Program Files (x86)AviraAntiVir Desktopsched.exe (ID: 1232 |ParentID: 512)
Stoppé! C:Program Files (x86)AviraAntiVir Desktopavfwsvc.exe (ID: 1612 |ParentID: 512)
Stoppé! C:Program Files (x86)AviraAntiVir Desktopavguard.exe (ID: 1756 |ParentID: 512)
Stoppé! C:Program Files (x86)AviraAntiVir Desktopavshadow.exe (ID: 2476 |ParentID: 1756)
Stoppé! C:Program Files (x86)AviraAntiVir Desktopavmailc.exe (ID: 2496 |ParentID: 512)
Stoppé! C:Program Files (x86)AviraAntiVir DesktopAVWEBGRD.EXE (ID: 2516 |ParentID: 512)
Stoppé! C:Program Files (x86)AviraAntiVir Desktopavgnt.exe (ID: 3164 |ParentID: 1244)
Stoppé! C:Windowssystem32WUDFHost.exe (ID: 1420 |ParentID: 852)
Stoppé! C:WindowsSystem32rundll32.exe (ID: 2648 |ParentID: 636)
Stoppé! C:Program Filesma-config.comMaConfigAgent.exe (ID: 2524 |ParentID: 512)
Stoppé! C:Windowssystem32SearchIndexer.exe (ID: 4496 |ParentID: 512)
Stoppé! C:Program FilesWindows Media Playerwmpnetwk.exe (ID: 3812 |ParentID: 512)
Stoppé! C:Windowssystem32DllHost.exe (ID: 1780 |ParentID: 636)
Stoppé! C:WindowsSystem32spoolsv.exe (ID: 4536 |ParentID: 512)
Stoppé! C:Program Files (x86)Common FilesAppleMobile Device SupportAppleMobileDeviceService.exe (ID: 3020 |ParentID: 512)
Stoppé! C:Windowssystem32sppsvc.exe (ID: 4168 |ParentID: 512)
Stoppé! C:Program FilesInternet Exploreriexplore.exe (ID: 2976 |ParentID: 4124)
Stoppé! C:Program Files (x86)Internet ExplorerIEXPLORE.EXE (ID: 3760 |ParentID: 2976)
Stoppé! C:Program Files (x86)Internet ExplorerIEXPLORE.EXE (ID: 4472 |ParentID: 2976)
Stoppé! C:Program Files (x86)Internet ExplorerIEXPLORE.EXE (ID: 4084 |ParentID: 2976)

################## | Regedit Run |

04 – HKLMSOFTWARE | Run : [APSDaemon] – “C:Program Files (x86)Common FilesAppleApple Application SupportAPSDaemon.exe”
04 – HKLMSOFTWARE | Run : [QuickTime Task] – “C:Program Files (x86)QuickTimeQTTask.exe” -atboottime
04 – HKLMSOFTWARE | Run : [Adobe ARM] – “C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe”
04 – HKLMSOFTWARE | Run : [BrStsMon00] – C:Program Files (x86)Browny02BrotherBrStMonW.exe /AUTORUN
04 – HKLMSOFTWARE | Run : [0101] – wscript.exe //B “C:UsersGermAppDataRoaming101.vbs”
04 – HKLMSOFTWARE | Run : [avgnt] – “C:Program Files (x86)AviraAntiVir Desktopavgnt.exe” /min
04 – HKLMSOFTWARE | Run : [ApnTBMon] – “C:Program Files (x86)AskPartnerNetworkToolbarUpdaterTBNotifier.exe”
04 – HKLMSOFTWARE | Run : [iTunesHelper] – “C:Program Files (x86)iTunesiTunesHelper.exe”
04 – HKLMSOFTWAREwow6432Node | Run : [APSDaemon] – “C:Program Files (x86)Common FilesAppleApple Application SupportAPSDaemon.exe”
04 – HKLMSOFTWAREwow6432Node | Run : [QuickTime Task] – “C:Program Files (x86)QuickTimeQTTask.exe” -atboottime
04 – HKLMSOFTWAREwow6432Node | Run : [Adobe ARM] – “C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe”
04 – HKLMSOFTWAREwow6432Node | Run : [BrStsMon00] – C:Program Files (x86)Browny02BrotherBrStMonW.exe /AUTORUN
04 – HKLMSOFTWAREwow6432Node | Run : [0101] – wscript.exe //B “C:UsersGermAppDataRoaming101.vbs”
04 – HKLMSOFTWAREwow6432Node | Run : [avgnt] – “C:Program Files (x86)AviraAntiVir Desktopavgnt.exe” /min
04 – HKLMSOFTWAREwow6432Node | Run : [ApnTBMon] – “C:Program Files (x86)AskPartnerNetworkToolbarUpdaterTBNotifier.exe”
04 – HKLMSOFTWAREwow6432Node | Run : [iTunesHelper] – “C:Program Files (x86)iTunesiTunesHelper.exe”
04 – HKLMSOFTWARE | RunOnce : [] –
04 – HKLMSOFTWAREwow6432Node | RunOnce : [] –
04 – HKUS-1-5-19SOFTWARE | Run : [Sidebar] – %ProgramFiles%Windows SidebarSidebar.exe /autoRun
04 – HKUS-1-5-20SOFTWARE | Run : [Sidebar] – %ProgramFiles%Windows SidebarSidebar.exe /autoRun
04 – HKUS-1-5-21-1248433806-522314331-2687653748-1001SOFTWARE | Run : [Facebook Update] – “C:UsersGermAppDataLocalFacebookUpdateFacebookUpdate.exe” /c /nocrashserver
04 – HKUS-1-5-21-1248433806-522314331-2687653748-1001SOFTWARE | Run : [LightScribe Control Panel] – C:Program Files (x86)Common FilesLightScribeLightScribeControlPanel.exe -hidden
04 – HKUS-1-5-21-1248433806-522314331-2687653748-1001SOFTWARE | Run : [0101] – wscript.exe //B “C:UsersGermAppDataRoaming101.vbs”
04 – HKUS-1-5-19SOFTWARE | RunOnce : [mctadmin] – C:WindowsSystem32mctadmin.exe
04 – HKUS-1-5-20SOFTWARE | RunOnce : [mctadmin] – C:WindowsSystem32mctadmin.exe
04 – HKUS-1-5-18SOFTWARE | RunOnce : [SPReview] – “C:WindowsSystem32SPReviewSPReview.exe” /sp:1 /errorfwlink:”http://go.microsoft.com/fwlink/?LinkID=122915″ /build:7601

################## | Recherche générique |

Supprimé! C:UsersGermAppDataRoaming101.vbs
Supprimé! C:UsersGermAppDataRoamingMicrosoftWindowsStart MenuProgramsStartup101.vbs
Supprimé! G:101.vbs
Supprimé! I:101.vbs
Supprimé! G:.fseventsd.lnk
Supprimé! G:.Trashes.lnk
Supprimé! G:.Spotlight-V100.lnk
Supprimé! G:Photos.lnk
Supprimé! G:Programmes.lnk
Supprimé! G:Autorun.inf.lnk
Supprimé! G:.lnk
Supprimé! I:The Walking Dead S02 EP12 Les Meilleurs Anges de notre nature.lnk
Supprimé! I:The Walking Dead S02 EP13 Près du feu mourant.lnk
Supprimé! I:The Walking Dead S02 EP01 Ce qui nous attend.lnk
Supprimé! I:The Walking Dead S02 EP02 Saignée.lnk
Supprimé! I:The Walking Dead S02 EP03 Le Tout pour le tout.lnk
Supprimé! I:The Walking Dead S02 EP04 Rose Cherokee.lnk
Supprimé! I:The Walking Dead S02 EP05 Le Chupacabra.lnk
Supprimé! I:The Walking Dead S02 EP06 Secrets.lnk
Supprimé! I:The Walking Dead S02 EP07 Déjà plus ou moins mort.lnk
Supprimé! I:The Walking Dead S02 EP08 Nebraska.lnk
Supprimé! I:The Walking Dead S02 EP09 Le Doigt sur la détente.lnk
Supprimé! I:The Walking Dead S02 EP10 À dix-huit miles, au moins.lnk
Supprimé! I:The Walking Dead S02 EP11 Juge, Juré et Bourreau.lnk
Supprimé! C:UsersGermAppDataLocalTempwinrar-x64-5b5fr.exe

(!) Fichiers temporaires supprimés. (416 Ko)

################## | Référence de comparaison MD5 |

Md5 : 3431AC434003A339303CB6A6D36483CA -> C:UsersGermAppDataRoaming101.vbs
Md5 : 3431AC434003A339303CB6A6D36483CA -> C:UsersGermAppDataRoamingMicrosoftWindowsStart MenuProgramsStartup101.vbs
Md5 : 3431AC434003A339303CB6A6D36483CA -> G:101.vbs
Md5 : 3431AC434003A339303CB6A6D36483CA -> I:101.vbs

################## | Comparaison MD5 |

Supprimé! Md5 : 3431AC434003A339303CB6A6D36483CA -> C:WindowsSystem32101.vbs

################## | Registre |

Supprimé! HKUS-1-5-21-1248433806-522314331-2687653748-1001SoftwareMicrosoftWindowsCurrentVersionRun|0101
Supprimé! HKLMSoftwareMicrosoftWindowsCurrentVersionRun|0101

################## | Listing |

[17/12/2013 – 10:05:10 | N | 10 Ko] – C:UsbFix [Scan 1] GERM-PC.txt
[17/12/2013 – 10:56:13 | N | 11 Ko] – C:UsbFix [Scan 2] GERM-PC.txt
[17/12/2013 – 11:05:06 | A | 8 Ko] – C:UsbFix [Clean 2] GERM-PC.txt
[17/12/2013 – 10:30:21 | ASH | 4478292 Ko] – C:hiberfil.sys
[17/12/2013 – 10:30:22 | ASH | 5971056 Ko] – C:pagefile.sys
[24/10/2013 – 15:46:31 | N | 27477 Ko | 8F9CCBDB647D6A7FF0C693A2700727AA] – C:w7lxe.exe
[23/08/2013 – 14:27:59 | SHD] – C:$Recycle.Bin
[13/07/2009 – 22:20:08 | D] – C:PerfLogs
[14/07/2009 – 00:08:56 | SHD] – C:Documents and Settings
[22/08/2013 – 18:09:29 | SHD] – C:Recovery
[22/08/2013 – 18:09:37 | D] – C:Users
[27/08/2013 – 12:46:47 | D] – C:OutputFolder
[02/09/2013 – 12:57:05 | D] – C:Scandisk
[24/09/2013 – 20:06:40 | D] – C:Brother
[24/10/2013 – 16:04:01 | D] – C:Intel
[07/11/2013 – 10:01:48 | D] – C:Program Files
[03/12/2013 – 20:20:15 | D] – C:Windows
[15/12/2013 – 19:13:32 | SHD] – C:System Volume Information
[17/12/2013 – 10:22:01 | HD] – C:ProgramData
[17/12/2013 – 10:22:04 | D] – C:AdwCleaner
[17/12/2013 – 10:33:10 | D] – C:Program Files (x86)
[17/12/2013 – 11:04:15 | D] – C:UsbFix
[20/08/2013 – 17:31:40 | SHD] – G:.Trashes
[20/08/2013 – 17:31:40 | SH | 4 Ko] – G:._.Trashes
[20/08/2013 – 17:31:40 | SHD] – G:.Spotlight-V100
[17/12/2013 – 10:56:14 | RASHD] – G:Autorun.inf
[20/08/2013 – 17:31:42 | SHD] – G:.fseventsd
[15/08/2013 – 08:51:24 | D] – G:Photos
[22/08/2013 – 10:44:52 | D] – G:Programmes
[17/12/2013 – 10:56:13 | RASHD] – H:Autorun.inf
[17/12/2013 – 11:04:17 | SHD] – H:$RECYCLE.BIN
[24/10/2013 – 15:40:23 | D] – H:BEAT
[24/10/2013 – 15:49:57 | SHD] – H:System Volume Information
[24/10/2013 – 16:42:59 | D] – H:GeRM
[24/10/2013 – 17:00:54 | D] – H:Film
[28/10/2013 – 10:33:04 | D] – H:Programmes
[17/12/2013 – 10:56:14 | RASHD] – I:Autorun.inf
[16/12/2013 – 14:19:48 | N | 855757 Ko] – I:The Walking Dead S02 EP01 Ce qui nous attend.avi
[16/12/2013 – 14:24:14 | N | 464470 Ko] – I:The Walking Dead S02 EP02 Saignée.avi
[16/12/2013 – 14:28:30 | N | 274324 Ko] – I:The Walking Dead S02 EP03 Le Tout pour le tout.avi
[16/12/2013 – 14:32:54 | N | 471446 Ko] – I:The Walking Dead S02 EP04 Rose Cherokee.avi
[16/12/2013 – 14:37:18 | N | 539503 Ko] – I:The Walking Dead S02 EP05 Le Chupacabra.avi
[16/12/2013 – 14:41:46 | N | 515303 Ko] – I:The Walking Dead S02 EP06 Secrets.avi
[16/12/2013 – 14:46:08 | N | 574351 Ko] – I:The Walking Dead S02 EP07 Déjà plus ou moins mort.avi
[16/12/2013 – 14:50:28 | N | 473838 Ko] – I:The Walking Dead S02 EP08 Nebraska.avi
[16/12/2013 – 14:54:42 | N | 326844 Ko] – I:The Walking Dead S02 EP09 Le Doigt sur la détente.avi
[16/12/2013 – 14:59:14 | N | 568496 Ko] – I:The Walking Dead S02 EP10 À dix-huit miles, au moins.avi
[16/12/2013 – 15:03:36 | N | 492403 Ko] – I:The Walking Dead S02 EP11 Juge, Juré et Bourreau.avi
[16/12/2013 – 15:08:12 | N | 479130 Ko] – I:The Walking Dead S02 EP12 Les Meilleurs Anges de notre nature.avi
[16/12/2013 – 15:12:42 | N | 510756 Ko] – I:The Walking Dead S02 EP13 Près du feu mourant.avi

################## | Vaccin |

G:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
H:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
I:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)

################## | E.O.F | http://www.usbfix.net” onclick=”window.open(this.href);return false; – https://www.sosvirus.net” onclick=”window.open(this.href);return false; |