############################## | UsbFix V 7.100 | [Suppression] Utilisateur: vdd (Administrateur) # VDD-PC Mis à jour le 11/11/2012 par El Desaparecido Lancé à 00:24:54 | 02/02/2013 Site Web: http://sosvirus.org Contact: contact@eldesaparecido.com PC: Acer (Aspire X1930) (x64-based PC CPU: Intel(R) Pentium(R) CPU G630 @ 2.70GHz (2700) RAM -> [Total : 4078 | Free : 1800] BIOS: BIOS Date: 08/16/11 10:23:39 Ver: 04.06.04 BOOT: Normal boot OS: Microsoft Windows 7 Édition Familiale Premium (6.1.7601 64-Bit) # Service Pack 1 WB: Windows Internet Explorer 9.0.8112.16421 SC: Security Center Service [Enabled] WU: Windows Update Service [Enabled] AV: Protection antivirus et antispyware McAfee [Enabled | Updated] FW: Windows FireWall Service [Enabled] C:\ (%systemdrive%) -> Disque fixe # 224 Go (26 Go libre(s) - 12%) [Acer] # NTFS D:\ -> Disque fixe # 225 Go (136 Go libre(s) - 61%) [DATA] # NTFS E:\ -> CD-ROM F:\ -> Disque fixe # 1397 Go (2 Go libre(s) - 0%) [Iomega HDD] # NTFS G:\ -> Disque amovible # 15 Go (4 Go libre(s) - 27%) [] # FAT32 H:\ -> CD-ROM ################## | Processus Actif | C:\Windows\system32\csrss.exe (600) C:\Windows\system32\wininit.exe (664) C:\Windows\system32\csrss.exe (680) C:\Windows\system32\services.exe (712) C:\Windows\system32\lsass.exe (736) C:\Windows\system32\lsm.exe (744) C:\Windows\system32\winlogon.exe (804) C:\Windows\system32\svchost.exe (900) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (960) C:\Windows\system32\svchost.exe (992) C:\Windows\System32\svchost.exe (452) C:\Windows\System32\svchost.exe (576) C:\Windows\system32\svchost.exe (564) C:\Windows\system32\svchost.exe (1120) C:\Windows\system32\svchost.exe (1192) C:\Windows\System32\spoolsv.exe (1312) C:\Windows\system32\svchost.exe (1356) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe (1380) C:\Windows\system32\taskhost.exe (1516) C:\Windows\system32\Dwm.exe (1628) C:\Windows\Explorer.EXE (1676) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe (1800) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (1832) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (1936) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (1156) C:\Program Files\Bonjour\mDNSResponder.exe (1464) C:\Windows\system32\svchost.exe (1580) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE (1648) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE (2020) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe (2032) C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe (1808) C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe (2100) C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe (2144) C:\Program Files\Acer\Acer Updater\UpdaterService.exe (2176) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (2216) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (2256) C:\Windows\system32\rundll32.exe (2324) C:\Windows\system32\mfevtps.exe (2332) C:\Windows\system32\rundll32.exe (2344) C:\Windows\SysWOW64\rundll32.exe (2356) C:\Windows\SysWOW64\nlssrv32.exe (2384) C:\Program Files\OO Software\Defrag\oodag.exe (2408) c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (2564) c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe (2588) C:\Program Files\OO Software\Defrag\oodtray.exe (2624) C:\Windows\system32\svchost.exe (2692) C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe (2740) C:\Program Files\McAfee.com\Agent\mcagent.exe (2796) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe (2832) C:\Windows\system32\EscSvc64.exe (2892) C:\Windows\system32\taskeng.exe (2904) C:\Windows\system32\svchost.exe (928) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe (3180) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLMSService.exe (3232) C:\Windows\System32\WUDFHost.exe (3256) C:\Windows\system32\SearchIndexer.exe (3344) C:\Program Files\Windows Media Player\wmpnetwk.exe (3520) C:\Windows\system32\svchost.exe (3660) C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe (4056) C:\Program Files (x86)\Hotspot Shield\bin\openvpntray.exe (4360) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (4648) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (2476) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (4612) C:\Program Files (x86)\Nero\Update\NASvc.exe (5100) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (4016) C:\Program Files\EgisTec IPS\PMMUpdate.exe (3580) C:\Program Files\EgisTec IPS\EgisUpdate.exe (3964) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (4316) C:\Windows\system32\taskmgr.exe (3492) C:\Program Files\PeerBlock\peerblock.exe (5096) C:\Program Files (x86)\uTorrent\uTorrent.exe (5072) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (4148) C:\Windows\system32\NOTEPAD.EXE (660) C:\Windows\system32\wbem\wmiprvse.exe (4904) C:\UsbFix\Go.exe (4972) C:\Windows\system32\wbem\wmiprvse.exe (2684) C:\Windows\System32\svchost.exe (4908) C:\Program Files\Common Files\McAfee\Core\mchost.exe (1292) ################## | Processus Stoppés | Stoppé! C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (960) Stoppé! C:\Windows\System32\spoolsv.exe (1312) Stoppé! C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe (1380) Stoppé! C:\Windows\system32\taskhost.exe (1516) Stoppé! C:\Windows\Explorer.EXE (1676) Stoppé! C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe (1800) Stoppé! C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (1832) Stoppé! C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (1936) Stoppé! C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (1156) Stoppé! C:\Program Files\Bonjour\mDNSResponder.exe (1464) Stoppé! C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE (1648) Stoppé! C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE (2020) Stoppé! C:\Program Files (x86)\Acer\Registration\GREGsvc.exe (2032) Stoppé! C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe (1808) Stoppé! C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe (2100) Stoppé! C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe (2144) Stoppé! C:\Program Files\Acer\Acer Updater\UpdaterService.exe (2176) Stoppé! C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (2216) Stoppé! C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (2256) Stoppé! C:\Windows\system32\rundll32.exe (2324) Stoppé! C:\Windows\system32\mfevtps.exe (2332) Stoppé! C:\Windows\system32\rundll32.exe (2344) Stoppé! C:\Windows\SysWOW64\rundll32.exe (2356) Stoppé! C:\Windows\SysWOW64\nlssrv32.exe (2384) Stoppé! C:\Program Files\OO Software\Defrag\oodag.exe (2408) Stoppé! c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (2564) Stoppé! c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe (2588) Stoppé! C:\Program Files\OO Software\Defrag\oodtray.exe (2624) Stoppé! C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe (2740) Stoppé! C:\Program Files\McAfee.com\Agent\mcagent.exe (2796) Stoppé! C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe (2832) Stoppé! C:\Windows\system32\EscSvc64.exe (2892) Stoppé! C:\Windows\system32\taskeng.exe (2904) Stoppé! C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe (3180) Stoppé! C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLMSService.exe (3232) Stoppé! C:\Windows\System32\WUDFHost.exe (3256) Stoppé! C:\Windows\system32\SearchIndexer.exe (3344) Stoppé! C:\Program Files\Windows Media Player\wmpnetwk.exe (3520) Stoppé! C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe (4056) Stoppé! C:\Program Files (x86)\Hotspot Shield\bin\openvpntray.exe (4360) Stoppé! C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (4648) Stoppé! C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (2476) Stoppé! C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (4612) Stoppé! C:\Program Files (x86)\Nero\Update\NASvc.exe (5100) Stoppé! C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (4016) Stoppé! C:\Program Files\EgisTec IPS\PMMUpdate.exe (3580) Stoppé! C:\Program Files\EgisTec IPS\EgisUpdate.exe (3964) Stoppé! C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (4316) Stoppé! C:\Windows\system32\taskmgr.exe (3492) Stoppé! C:\Program Files\PeerBlock\peerblock.exe (5096) Stoppé! C:\Program Files (x86)\uTorrent\uTorrent.exe (5072) Stoppé! C:\Program Files (x86)\Mozilla Firefox\firefox.exe (4148) Stoppé! C:\Windows\system32\NOTEPAD.EXE (660) Stoppé! C:\Program Files\Common Files\McAfee\Core\mchost.exe (1292) ################## | Éléments infectieux | Supprimé! C:\Users\vdd\AppData\Local\Temp\19326027.exe Supprimé! C:\Users\vdd\AppData\Local\Temp\2343681.exe Supprimé! C:\Users\vdd\AppData\Local\Temp\2343696.exe Supprimé! C:\$RECYCLE.BIN\S-1-5-20 Supprimé! C:\$RECYCLE.BIN\S-1-5-21-2609519542-3147258301-233002904-1000 Supprimé! C:\$RECYCLE.BIN\S-1-5-21-2609519542-3147258301-233002904-500 Supprimé! C:\$RECYCLE.BIN\S-1-5-21-4082062797-4048407607-217630492-500 Supprimé! D:\$RECYCLE.BIN\S-1-5-21-2609519542-3147258301-233002904-1000 Supprimé! D:\$RECYCLE.BIN\S-1-5-21-2609519542-3147258301-233002904-500 Supprimé! F:\$RECYCLE.BIN\S-1-5-21-2463589617-2099536183-931396430-1000 Supprimé! F:\$RECYCLE.BIN\S-1-5-21-2609519542-3147258301-233002904-1000 (!) Fichiers temporaires supprimés. ################## | Registre | Supprimé! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\explorer|NoRun ################## | Mountpoints2 | Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{25975dc2-2cd1-11e2-8074-c89cdcee279c} Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{7913acda-37a5-11e2-865d-c89cdcee279c} Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{82465d45-2d69-11e2-803c-c89cdcee279c} Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{b8b3eb21-2f94-11e2-860a-c89cdcee279c} Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{b8b3eb28-2f94-11e2-860a-c89cdcee279c} ################## | Listing | [02/02/2013 - 00:34:28 | SHD ] C:\$Recycle.Bin [31/01/2013 - 21:30:54 | N | 7877] C:\Ad-Report-CLEAN[1].txt [29/11/2012 - 19:03:45 | N | 6428] C:\Ad-Report-SCAN[1].txt [29/11/2012 - 19:05:34 | N | 6493] C:\Ad-Report-SCAN[2].txt [03/12/2012 - 08:28:15 | N | 6558] C:\Ad-Report-SCAN[3].txt [31/01/2013 - 21:22:50 | N | 5705] C:\AdwCleaner[S1].txt [11/01/2013 - 19:10:48 | D ] C:\audio [09/03/2012 - 20:49:32 | D ] C:\book [17/10/2011 - 15:27:32 | N | 8192] C:\BOOTSECT.BAK [21/11/2012 - 21:44:21 | D ] C:\Cakewalk Projects [30/01/2013 - 13:53:33 | D ] C:\Config.Msi [05/09/2012 - 06:41:48 | N | 5288] C:\Dfine2.config [14/07/2009 - 06:08:56 | SHD ] C:\Documents and Settings [05/07/1999 - 17:18:38 | N | 47] C:\DspfxId.txt [01/02/2013 - 20:53:55 | ASH | 3207081984] C:\hiberfil.sys [21/11/2012 - 20:56:56 | N | 268] C:\Install.log [17/10/2011 - 14:36:47 | D ] C:\Intel [29/11/2012 - 01:00:02 | N | 280] C:\log.txt [15/11/2012 - 17:42:48 | RHD ] C:\MSOCache [19/11/2012 - 16:41:33 | D ] C:\OEM [01/02/2013 - 20:53:54 | ASH | 6414139392] C:\pagefile.sys [14/07/2009 - 04:20:08 | D ] C:\PerfLogs [31/01/2013 - 19:11:19 | N | 512] C:\PhysicalMBR.bin [10/01/2013 - 22:32:48 | D ] C:\Program Files [01/02/2013 - 21:33:53 | D ] C:\Program Files (x86) [01/02/2013 - 21:33:54 | HD ] C:\ProgramData [26/11/2012 - 21:08:51 | D ] C:\PSFONTS [11/11/2012 - 17:31:12 | SHD ] C:\Recovery [20/01/2013 - 15:46:43 | D ] C:\rsit [01/02/2013 - 22:55:28 | SHD ] C:\System Volume Information [16/01/2013 - 17:12:56 | D ] C:\temp [25/11/2012 - 00:28:26 | N | 1060] C:\tlphotoFXlabps.lnk [25/11/2012 - 00:29:05 | N | 889] C:\tlphotoFXlabps_x64.lnk [02/02/2013 - 00:34:29 | D ] C:\UsbFix [02/02/2013 - 00:25:14 | A | 12319] C:\UsbFix.txt [11/01/2013 - 19:12:05 | D ] C:\Users [22/11/2012 - 14:23:57 | D ] C:\VSTPlugins [01/02/2013 - 21:33:53 | D ] C:\Windows [31/01/2013 - 21:50:34 | D ] C:\ZHP [02/02/2013 - 00:34:28 | SHD ] D:\$RECYCLE.BIN [05/09/2001 - 21:00:58 | N | 1700352] D:\gdiplus.dll [01/12/2006 - 23:37:14 | N | 904704] D:\msdia80.dll [01/02/2013 - 09:24:23 | D ] D:\Nouveau dossier [24/12/2012 - 22:25:09 | D ] D:\plug in [17/01/2013 - 21:43:21 | D ] D:\RylskyArt.13.01.03.Liv.XXX.720p.MP4-RYLSKYART[rbg] [09/03/2012 - 20:43:29 | SHD ] D:\System Volume Information [01/02/2013 - 20:28:28 | D ] D:\Temp [17/12/2012 - 19:26:00 | D ] D:\XBMC [02/02/2013 - 00:34:28 | SHD ] F:\$RECYCLE.BIN [01/01/2000 - 01:03:57 | D ] F:\.wd_tv [14/10/2012 - 19:56:07 | D ] F:\art et ling [14/10/2012 - 20:20:50 | D ] F:\audio livres [25/10/2012 - 09:55:19 | D ] F:\best of [25/10/2012 - 10:08:21 | D ] F:\Bibliotheque Epub [14/10/2012 - 10:23:13 | D ] F:\documents [25/10/2012 - 10:02:02 | D ] F:\EPUB [14/10/2012 - 13:14:21 | D ] F:\films et documentaires [14/10/2012 - 23:33:18 | D ] F:\guides [14/10/2012 - 20:01:56 | D ] F:\layered nylons [25/10/2012 - 09:59:19 | D ] F:\livres [14/10/2012 - 20:14:09 | D ] F:\livres epub [15/08/2012 - 17:48:49 | D ] F:\logiciels [14/10/2012 - 14:14:14 | D ] F:\magazines et livres divers [13/01/2013 - 14:07:07 | D ] F:\mp3 [13/10/2012 - 23:16:24 | D ] F:\Nouveau dossier [14/10/2012 - 17:05:26 | D ] F:\photos [14/10/2012 - 14:12:18 | D ] F:\sauvegarde 08.04.2012 [14/10/2012 - 14:32:04 | D ] F:\sauvegarde 25.01.2012 [25/10/2012 - 10:42:08 | D ] F:\sauvegarde disque f 19.11.2011 [07/06/2012 - 13:24:07 | D ] F:\sauèvegarde 07.06.2012 [17/10/2012 - 12:40:17 | D ] F:\songs book et guitar tuto [28/10/2011 - 08:07:05 | SHD ] F:\System Volume Information [14/10/2012 - 10:41:16 | D ] F:\tab [28/03/2012 - 20:31:05 | D ] F:\tab to work [14/10/2012 - 17:03:34 | D ] F:\tab vdd [14/10/2012 - 17:02:53 | D ] F:\victorry3 [14/10/2012 - 17:03:02 | D ] F:\video vdd [14/10/2012 - 17:03:10 | D ] F:\you tube [21/06/2012 - 23:56:02 | D ] G:\PRIVATE [21/06/2012 - 23:56:02 | D ] G:\DCIM [21/06/2012 - 23:56:02 | D ] G:\MISC [16/04/2012 - 20:07:42 | N | 4096] G:\._.Trashes [16/04/2012 - 20:07:42 | D ] G:\.Trashes [16/04/2012 - 20:07:42 | D ] G:\.fseventsd ################## | Vaccin | C:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido) D:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido) F:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido) G:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido) ################## | E.O.F |