############################## | UsbFix V 7.121 | [Suppression] Utilisateur: Ludivine (Administrateur) # LUDIVINE-PC Mis à jour le 07/04/2013 par El Desaparecido Lancé à 14:47:22 | 13/04/2013 Site Web: http://sosvirus.org/ Upload Malware: http://upload.sosvirus.org/ Contact: contact@sosvirus.org PC: Acer (Aspire 5738 ) (x64-based PC) CPU: Pentium(R) Dual-Core CPU T4300 @ 2.10GHz (2100) RAM -> [Total : 4025 | Free : 2420] BIOS: Ver 1.00PARTTBL BOOT: Normal boot OS: Microsoft Windows 7 Édition Familiale Premium (6.1.7601 64-Bit) # Service Pack 1 WB: Windows Internet Explorer 10.0.9200.16540 SC: Security Center Service [Enabled] WU: Windows Update Service [Enabled] AV: avast! Antivirus [(!) Disabled | Updated] FW: Windows FireWall Service [Enabled] C:\ (%systemdrive%) -> Disque fixe # 454 Go (48 Go libre(s) - 11%) [ACER] # NTFS D:\ -> CD-ROM E:\ -> CD-ROM F:\ -> Disque amovible # 4 Go (4 Go libre(s) - 100%) [USB DISK] # FAT32 G:\ -> Disque amovible # 4 Go (3 Go libre(s) - 89%) [USB DISK] # FAT32 ################## | El Desaparecido Section | HKLM\SOFTWARE | Run : [Adobe Reader Speed Launcher] - "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" HKLM\SOFTWARE | Run : [BackupManagerTray] - "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k HKLM\SOFTWARE | Run : [EgisTecLiveUpdate] - "C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe" HKLM\SOFTWARE | Run : [LManager] - C:\Program Files (x86)\Launch Manager\LManager.exe HKLM\SOFTWARE | Run : [ArcadeDeluxeAgent] - "C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe" HKLM\SOFTWARE | Run : [PlayMovie] - "C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe" HKLM\SOFTWARE | Run : [ArcSoft Connection Service] - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe HKLM\SOFTWARE | Run : [Adobe ARM] - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" HKLM\SOFTWARE | Run : [SunJavaUpdateSched] - "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" HKLM\SOFTWARE | Run : [Seagate Dashboard] - C:\Program Files (x86)\Seagate\Seagate Dashboard\MemeoLauncher.exe --silent --no_ui HKLM\SOFTWARE | Run : [avast] - "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui HKLM\SOFTWARE | Run : [APSDaemon] - "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" HKLM\SOFTWARE | Run : [EEventManager] - "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe" HKLM\SOFTWARE | Run : [QuickTime Task] - "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime HKLM\SOFTWARE | Run : [iTunesHelper] - "C:\Program Files (x86)\iTunes\iTunesHelper.exe" HKLM\SOFTWARE | Run : [UnlockerAssistant] - "C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe" HKLM\SOFTWARE\wow6432Node | Run : [Adobe Reader Speed Launcher] - "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" HKLM\SOFTWARE\wow6432Node | Run : [BackupManagerTray] - "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k HKLM\SOFTWARE\wow6432Node | Run : [EgisTecLiveUpdate] - "C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe" HKLM\SOFTWARE\wow6432Node | Run : [LManager] - C:\Program Files (x86)\Launch Manager\LManager.exe HKLM\SOFTWARE\wow6432Node | Run : [ArcadeDeluxeAgent] - "C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe" HKLM\SOFTWARE\wow6432Node | Run : [PlayMovie] - "C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe" HKLM\SOFTWARE\wow6432Node | Run : [ArcSoft Connection Service] - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe HKLM\SOFTWARE\wow6432Node | Run : [Adobe ARM] - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" HKLM\SOFTWARE\wow6432Node | Run : [SunJavaUpdateSched] - "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" HKLM\SOFTWARE\wow6432Node | Run : [Seagate Dashboard] - C:\Program Files (x86)\Seagate\Seagate Dashboard\MemeoLauncher.exe --silent --no_ui HKLM\SOFTWARE\wow6432Node | Run : [avast] - "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui HKLM\SOFTWARE\wow6432Node | Run : [APSDaemon] - "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" HKLM\SOFTWARE\wow6432Node | Run : [EEventManager] - "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe" HKLM\SOFTWARE\wow6432Node | Run : [QuickTime Task] - "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime HKLM\SOFTWARE\wow6432Node | Run : [iTunesHelper] - "C:\Program Files (x86)\iTunes\iTunesHelper.exe" HKLM\SOFTWARE\wow6432Node | Run : [UnlockerAssistant] - "C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe" HKLM\SOFTWARE | RunOnce : [] - HKLM\SOFTWARE\wow6432Node | RunOnce : [] - HKU\S-1-5-19\SOFTWARE | Run : [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun HKU\S-1-5-20\SOFTWARE | Run : [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun HKU\S-1-5-21-1227070071-3598577670-4083579787-1000\SOFTWARE | Run : [Global Registration] - "C:\Program Files (x86)\Acer\Registration\GREG.exe" BOOT HKU\S-1-5-21-1227070071-3598577670-4083579787-1000\SOFTWARE | Run : [Sidebar] - C:\Program Files\Windows Sidebar\sidebar.exe /autoRun HKU\S-1-5-21-1227070071-3598577670-4083579787-1000\SOFTWARE | Run : [EPSON SX230 Series] - C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHKE.EXE /FU "C:\Users\Ludivine\AppData\Local\Temp\E_S7D8C.tmp" /EF "HKCU" HKU\S-1-5-21-1227070071-3598577670-4083579787-1000\SOFTWARE | Run : [uTorrent] - "C:\Program Files (x86)\uTorrent\uTorrent.exe" HKU\S-1-5-21-1227070071-3598577670-4083579787-1000\SOFTWARE | Run : [DAEMON Tools Lite] - "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun HKU\S-1-5-19\SOFTWARE | RunOnce : [mctadmin] - C:\Windows\System32\mctadmin.exe HKU\S-1-5-20\SOFTWARE | RunOnce : [mctadmin] - C:\Windows\System32\mctadmin.exe ################## | Processus Stoppés | Stoppé! C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (1228) Stoppé! C:\Windows\System32\spoolsv.exe (1440) Stoppé! C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe (1616) Stoppé! C:\Windows\system32\taskhost.exe (1628) Stoppé! C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (1856) Stoppé! C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (1880) Stoppé! C:\Program Files\Bonjour\mDNSResponder.exe (1260) Stoppé! C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe (1948) Stoppé! C:\Program Files (x86)\Acer\Registration\GregHSRW.exe (2116) Stoppé! C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe (2248) Stoppé! C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe (2296) Stoppé! C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe (2328) Stoppé! C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe (2380) Stoppé! C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (2436) Stoppé! C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (2476) Stoppé! C:\Program Files\Acer\Acer Updater\UpdaterService.exe (2608) Stoppé! C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (2656) Stoppé! C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (2728) Stoppé! C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe (2824) Stoppé! C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe (3252) Stoppé! C:\Windows\system32\SearchIndexer.exe (3272) Stoppé! C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (3312) Stoppé! C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (3760) Stoppé! C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (3816) Stoppé! C:\Windows\PLFSetI.exe (3964) Stoppé! C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe (3980) Stoppé! C:\Windows\System32\igfxtray.exe (3996) Stoppé! C:\Windows\System32\hkcmd.exe (4040) Stoppé! C:\Windows\system32\igfxext.exe (4076) Stoppé! C:\Windows\system32\igfxsrvc.exe (3108) Stoppé! C:\Windows\System32\igfxpers.exe (3132) Stoppé! C:\Program Files\Windows Sidebar\sidebar.exe (2792) Stoppé! C:\Windows\System32\spool\drivers\x64\3\E_IATIHKE.EXE (3328) Stoppé! C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (4112) Stoppé! C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe (4124) Stoppé! C:\Program Files (x86)\Launch Manager\LManager.exe (4148) Stoppé! C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (4172) Stoppé! C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe (4244) Stoppé! C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (4336) Stoppé! C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (4404) Stoppé! C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac (4428) Stoppé! C:\Program Files\Alwil Software\Avast5\AvastUI.exe (4496) Stoppé! C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (4604) Stoppé! C:\Program Files (x86)\iTunes\iTunesHelper.exe (4824) Stoppé! C:\Program Files\iPod\bin\iPodService.exe (5056) Stoppé! C:\Program Files (x86)\Seagate\Seagate Dashboard\MemeoDashboard.exe (4120) Stoppé! C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe (3904) Stoppé! C:\Program Files (x86)\Seagate\Seagate Dashboard\HipServAgent\HipServAgent.exe (2648) Stoppé! C:\Program Files\Windows Media Player\wmpnetwk.exe (240) Stoppé! C:\Program Files (x86)\Mozilla Firefox\firefox.exe (4516) Stoppé! C:\Windows\System32\WUDFHost.exe (3192) ################## | Éléments infectieux | Supprimé! C:\ProgramData\FullRemove.exe (!) Fichiers temporaires supprimés. ################## | Registre | ################## | Mountpoints2 | Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{710ea56e-9485-11de-8767-806e6f6e6963} ################## | Listing | [07/10/2012 - 17:28:25 | SHD ] C:\$Recycle.Bin [11/01/2011 - 22:12:45 | D ] C:\3a69559b8ac52acccca3a0 [15/04/2011 - 19:16:00 | D ] C:\6b6bd1a4188345e543fce214 [13/04/2013 - 13:50:44 | N | 6822] C:\AdwCleaner[S1].txt [29/08/2009 - 12:30:26 | D ] C:\BOOK [22/08/2009 - 12:23:06 | SHD ] C:\Boot [14/07/2009 - 03:38:58 | RASH | 383562] C:\bootmgr [27/07/2009 - 22:40:53 | N | 8192] C:\BOOTSECT.BAK [13/05/2010 - 16:25:34 | D ] C:\cf712bb1ddb746471e633c2e61f55cba [04/04/2013 - 17:40:32 | D ] C:\Config.Msi [14/07/2009 - 07:08:56 | SHD ] C:\Documents and Settings [24/10/2009 - 15:05:04 | DC ] C:\elements [04/11/2009 - 14:19:35 | N | 45] C:\error.log [13/04/2013 - 13:51:52 | ASH | 3165327360] C:\hiberfil.sys [02/03/2013 - 20:13:09 | D ] C:\ILLUSION [22/08/2009 - 07:15:26 | D ] C:\Intel [22/08/2009 - 10:35:38 | RHD ] C:\MSOCache [18/12/2012 - 18:05:52 | D ] C:\MyWinLockerData [11/11/2009 - 23:07:48 | D ] C:\OEM [13/04/2013 - 13:51:58 | ASH | 4220440576] C:\pagefile.sys [23/08/2009 - 02:51:48 | N | 5732] C:\Patch.rev [14/07/2009 - 05:20:08 | D ] C:\PerfLogs [13/04/2013 - 09:33:18 | N | 512] C:\PhysicalMBR.bin [24/10/2009 - 15:00:57 | N | 210] C:\Preload.rev [10/04/2013 - 18:44:15 | D ] C:\Program Files [13/04/2013 - 13:54:58 | D ] C:\Program Files (x86) [13/04/2013 - 14:51:36 | HD ] C:\ProgramData [24/10/2009 - 15:00:48 | SHD ] C:\Recovery [29/08/2009 - 12:24:34 | N | 1989] C:\RHDSetup.log [13/04/2013 - 12:01:12 | SHD ] C:\System Volume Information [13/04/2013 - 14:51:38 | D ] C:\UsbFix [13/04/2013 - 14:51:51 | A | 11836] C:\UsbFix [Clean 1] LUDIVINE-PC.txt [13/04/2013 - 14:06:57 | N | 11151] C:\UsbFix [Scan 1] LUDIVINE-PC.txt [07/10/2012 - 17:28:17 | D ] C:\Users [20/01/2012 - 09:51:27 | D ] C:\videooutput [12/04/2013 - 07:38:08 | D ] C:\Windows ################## | Vaccin | C:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido) ################## | E.O.F | http://sosvirus.org |