Publicité
Publicité
Format du document : text/plain
Prévisualisation
############################## | UsbFix V 7.100 | [Suppression]
Utilisateur: vdd (Administrateur) # VDD-PC
Mis � jour le 11/11/2012 par El Desaparecido
Lanc� � 00:24:54 | 02/02/2013
Site Web: http://sosvirus.org
Contact: contact@eldesaparecido.com
PC: Acer (Aspire X1930) (x64-based PC
CPU: Intel(R) Pentium(R) CPU G630 @ 2.70GHz (2700)
RAM -> [Total : 4078 | Free : 1800]
BIOS: BIOS Date: 08/16/11 10:23:39 Ver: 04.06.04
BOOT: Normal boot
OS: Microsoft Windows�7 �dition Familiale Premium (6.1.7601 64-Bit) # Service Pack 1
WB: Windows Internet Explorer 9.0.8112.16421
SC: Security Center Service [Enabled]
WU: Windows Update Service [Enabled]
AV: Protection antivirus et antispyware McAfee [Enabled | Updated]
FW: Windows FireWall Service [Enabled]
C:\ (%systemdrive%) -> Disque fixe # 224 Go (26 Go libre(s) - 12%) [Acer] # NTFS
D:\ -> Disque fixe # 225 Go (136 Go libre(s) - 61%) [DATA] # NTFS
E:\ -> CD-ROM
F:\ -> Disque fixe # 1397 Go (2 Go libre(s) - 0%) [Iomega HDD] # NTFS
G:\ -> Disque amovible # 15 Go (4 Go libre(s) - 27%) [] # FAT32
H:\ -> CD-ROM
################## | Processus Actif |
C:\Windows\system32\csrss.exe (600)
C:\Windows\system32\wininit.exe (664)
C:\Windows\system32\csrss.exe (680)
C:\Windows\system32\services.exe (712)
C:\Windows\system32\lsass.exe (736)
C:\Windows\system32\lsm.exe (744)
C:\Windows\system32\winlogon.exe (804)
C:\Windows\system32\svchost.exe (900)
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (960)
C:\Windows\system32\svchost.exe (992)
C:\Windows\System32\svchost.exe (452)
C:\Windows\System32\svchost.exe (576)
C:\Windows\system32\svchost.exe (564)
C:\Windows\system32\svchost.exe (1120)
C:\Windows\system32\svchost.exe (1192)
C:\Windows\System32\spoolsv.exe (1312)
C:\Windows\system32\svchost.exe (1356)
C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe (1380)
C:\Windows\system32\taskhost.exe (1516)
C:\Windows\system32\Dwm.exe (1628)
C:\Windows\Explorer.EXE (1676)
C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe (1800)
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (1832)
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (1936)
C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (1156)
C:\Program Files\Bonjour\mDNSResponder.exe (1464)
C:\Windows\system32\svchost.exe (1580)
C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE (1648)
C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE (2020)
C:\Program Files (x86)\Acer\Registration\GREGsvc.exe (2032)
C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe (1808)
C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe (2100)
C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe (2144)
C:\Program Files\Acer\Acer Updater\UpdaterService.exe (2176)
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (2216)
C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (2256)
C:\Windows\system32\rundll32.exe (2324)
C:\Windows\system32\mfevtps.exe (2332)
C:\Windows\system32\rundll32.exe (2344)
C:\Windows\SysWOW64\rundll32.exe (2356)
C:\Windows\SysWOW64\nlssrv32.exe (2384)
C:\Program Files\OO Software\Defrag\oodag.exe (2408)
c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (2564)
c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe (2588)
C:\Program Files\OO Software\Defrag\oodtray.exe (2624)
C:\Windows\system32\svchost.exe (2692)
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe (2740)
C:\Program Files\McAfee.com\Agent\mcagent.exe (2796)
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe (2832)
C:\Windows\system32\EscSvc64.exe (2892)
C:\Windows\system32\taskeng.exe (2904)
C:\Windows\system32\svchost.exe (928)
C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe (3180)
C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLMSService.exe (3232)
C:\Windows\System32\WUDFHost.exe (3256)
C:\Windows\system32\SearchIndexer.exe (3344)
C:\Program Files\Windows Media Player\wmpnetwk.exe (3520)
C:\Windows\system32\svchost.exe (3660)
C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe (4056)
C:\Program Files (x86)\Hotspot Shield\bin\openvpntray.exe (4360)
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (4648)
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (2476)
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (4612)
C:\Program Files (x86)\Nero\Update\NASvc.exe (5100)
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (4016)
C:\Program Files\EgisTec IPS\PMMUpdate.exe (3580)
C:\Program Files\EgisTec IPS\EgisUpdate.exe (3964)
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (4316)
C:\Windows\system32\taskmgr.exe (3492)
C:\Program Files\PeerBlock\peerblock.exe (5096)
C:\Program Files (x86)\uTorrent\uTorrent.exe (5072)
C:\Program Files (x86)\Mozilla Firefox\firefox.exe (4148)
C:\Windows\system32\NOTEPAD.EXE (660)
C:\Windows\system32\wbem\wmiprvse.exe (4904)
C:\UsbFix\Go.exe (4972)
C:\Windows\system32\wbem\wmiprvse.exe (2684)
C:\Windows\System32\svchost.exe (4908)
C:\Program Files\Common Files\McAfee\Core\mchost.exe (1292)
################## | Processus Stopp�s |
Stopp�! C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (960)
Stopp�! C:\Windows\System32\spoolsv.exe (1312)
Stopp�! C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe (1380)
Stopp�! C:\Windows\system32\taskhost.exe (1516)
Stopp�! C:\Windows\Explorer.EXE (1676)
Stopp�! C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe (1800)
Stopp�! C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (1832)
Stopp�! C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (1936)
Stopp�! C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (1156)
Stopp�! C:\Program Files\Bonjour\mDNSResponder.exe (1464)
Stopp�! C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE (1648)
Stopp�! C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE (2020)
Stopp�! C:\Program Files (x86)\Acer\Registration\GREGsvc.exe (2032)
Stopp�! C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe (1808)
Stopp�! C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe (2100)
Stopp�! C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe (2144)
Stopp�! C:\Program Files\Acer\Acer Updater\UpdaterService.exe (2176)
Stopp�! C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (2216)
Stopp�! C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (2256)
Stopp�! C:\Windows\system32\rundll32.exe (2324)
Stopp�! C:\Windows\system32\mfevtps.exe (2332)
Stopp�! C:\Windows\system32\rundll32.exe (2344)
Stopp�! C:\Windows\SysWOW64\rundll32.exe (2356)
Stopp�! C:\Windows\SysWOW64\nlssrv32.exe (2384)
Stopp�! C:\Program Files\OO Software\Defrag\oodag.exe (2408)
Stopp�! c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (2564)
Stopp�! c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe (2588)
Stopp�! C:\Program Files\OO Software\Defrag\oodtray.exe (2624)
Stopp�! C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe (2740)
Stopp�! C:\Program Files\McAfee.com\Agent\mcagent.exe (2796)
Stopp�! C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe (2832)
Stopp�! C:\Windows\system32\EscSvc64.exe (2892)
Stopp�! C:\Windows\system32\taskeng.exe (2904)
Stopp�! C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe (3180)
Stopp�! C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLMSService.exe (3232)
Stopp�! C:\Windows\System32\WUDFHost.exe (3256)
Stopp�! C:\Windows\system32\SearchIndexer.exe (3344)
Stopp�! C:\Program Files\Windows Media Player\wmpnetwk.exe (3520)
Stopp�! C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe (4056)
Stopp�! C:\Program Files (x86)\Hotspot Shield\bin\openvpntray.exe (4360)
Stopp�! C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (4648)
Stopp�! C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (2476)
Stopp�! C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (4612)
Stopp�! C:\Program Files (x86)\Nero\Update\NASvc.exe (5100)
Stopp�! C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (4016)
Stopp�! C:\Program Files\EgisTec IPS\PMMUpdate.exe (3580)
Stopp�! C:\Program Files\EgisTec IPS\EgisUpdate.exe (3964)
Stopp�! C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (4316)
Stopp�! C:\Windows\system32\taskmgr.exe (3492)
Stopp�! C:\Program Files\PeerBlock\peerblock.exe (5096)
Stopp�! C:\Program Files (x86)\uTorrent\uTorrent.exe (5072)
Stopp�! C:\Program Files (x86)\Mozilla Firefox\firefox.exe (4148)
Stopp�! C:\Windows\system32\NOTEPAD.EXE (660)
Stopp�! C:\Program Files\Common Files\McAfee\Core\mchost.exe (1292)
################## | �l�ments infectieux |
Supprim�! C:\Users\vdd\AppData\Local\Temp\19326027.exe
Supprim�! C:\Users\vdd\AppData\Local\Temp\2343681.exe
Supprim�! C:\Users\vdd\AppData\Local\Temp\2343696.exe
Supprim�! C:\$RECYCLE.BIN\S-1-5-20
Supprim�! C:\$RECYCLE.BIN\S-1-5-21-2609519542-3147258301-233002904-1000
Supprim�! C:\$RECYCLE.BIN\S-1-5-21-2609519542-3147258301-233002904-500
Supprim�! C:\$RECYCLE.BIN\S-1-5-21-4082062797-4048407607-217630492-500
Supprim�! D:\$RECYCLE.BIN\S-1-5-21-2609519542-3147258301-233002904-1000
Supprim�! D:\$RECYCLE.BIN\S-1-5-21-2609519542-3147258301-233002904-500
Supprim�! F:\$RECYCLE.BIN\S-1-5-21-2463589617-2099536183-931396430-1000
Supprim�! F:\$RECYCLE.BIN\S-1-5-21-2609519542-3147258301-233002904-1000
(!) Fichiers temporaires supprim�s.
################## | Registre |
Supprim�! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\explorer|NoRun
################## | Mountpoints2 |
Supprim�! HKCU\.\.\.\.\Explorer\MountPoints2\{25975dc2-2cd1-11e2-8074-c89cdcee279c}
Supprim�! HKCU\.\.\.\.\Explorer\MountPoints2\{7913acda-37a5-11e2-865d-c89cdcee279c}
Supprim�! HKCU\.\.\.\.\Explorer\MountPoints2\{82465d45-2d69-11e2-803c-c89cdcee279c}
Supprim�! HKCU\.\.\.\.\Explorer\MountPoints2\{b8b3eb21-2f94-11e2-860a-c89cdcee279c}
Supprim�! HKCU\.\.\.\.\Explorer\MountPoints2\{b8b3eb28-2f94-11e2-860a-c89cdcee279c}
################## | Listing |
[02/02/2013 - 00:34:28 | SHD ] C:\$Recycle.Bin
[31/01/2013 - 21:30:54 | N | 7877] C:\Ad-Report-CLEAN[1].txt
[29/11/2012 - 19:03:45 | N | 6428] C:\Ad-Report-SCAN[1].txt
[29/11/2012 - 19:05:34 | N | 6493] C:\Ad-Report-SCAN[2].txt
[03/12/2012 - 08:28:15 | N | 6558] C:\Ad-Report-SCAN[3].txt
[31/01/2013 - 21:22:50 | N | 5705] C:\AdwCleaner[S1].txt
[11/01/2013 - 19:10:48 | D ] C:\audio
[09/03/2012 - 20:49:32 | D ] C:\book
[17/10/2011 - 15:27:32 | N | 8192] C:\BOOTSECT.BAK
[21/11/2012 - 21:44:21 | D ] C:\Cakewalk Projects
[30/01/2013 - 13:53:33 | D ] C:\Config.Msi
[05/09/2012 - 06:41:48 | N | 5288] C:\Dfine2.config
[14/07/2009 - 06:08:56 | SHD ] C:\Documents and Settings
[05/07/1999 - 17:18:38 | N | 47] C:\DspfxId.txt
[01/02/2013 - 20:53:55 | ASH | 3207081984] C:\hiberfil.sys
[21/11/2012 - 20:56:56 | N | 268] C:\Install.log
[17/10/2011 - 14:36:47 | D ] C:\Intel
[29/11/2012 - 01:00:02 | N | 280] C:\log.txt
[15/11/2012 - 17:42:48 | RHD ] C:\MSOCache
[19/11/2012 - 16:41:33 | D ] C:\OEM
[01/02/2013 - 20:53:54 | ASH | 6414139392] C:\pagefile.sys
[14/07/2009 - 04:20:08 | D ] C:\PerfLogs
[31/01/2013 - 19:11:19 | N | 512] C:\PhysicalMBR.bin
[10/01/2013 - 22:32:48 | D ] C:\Program Files
[01/02/2013 - 21:33:53 | D ] C:\Program Files (x86)
[01/02/2013 - 21:33:54 | HD ] C:\ProgramData
[26/11/2012 - 21:08:51 | D ] C:\PSFONTS
[11/11/2012 - 17:31:12 | SHD ] C:\Recovery
[20/01/2013 - 15:46:43 | D ] C:\rsit
[01/02/2013 - 22:55:28 | SHD ] C:\System Volume Information
[16/01/2013 - 17:12:56 | D ] C:\temp
[25/11/2012 - 00:28:26 | N | 1060] C:\tlphotoFXlabps.lnk
[25/11/2012 - 00:29:05 | N | 889] C:\tlphotoFXlabps_x64.lnk
[02/02/2013 - 00:34:29 | D ] C:\UsbFix
[02/02/2013 - 00:25:14 | A | 12319] C:\UsbFix.txt
[11/01/2013 - 19:12:05 | D ] C:\Users
[22/11/2012 - 14:23:57 | D ] C:\VSTPlugins
[01/02/2013 - 21:33:53 | D ] C:\Windows
[31/01/2013 - 21:50:34 | D ] C:\ZHP
[02/02/2013 - 00:34:28 | SHD ] D:\$RECYCLE.BIN
[05/09/2001 - 21:00:58 | N | 1700352] D:\gdiplus.dll
[01/12/2006 - 23:37:14 | N | 904704] D:\msdia80.dll
[01/02/2013 - 09:24:23 | D ] D:\Nouveau dossier
[24/12/2012 - 22:25:09 | D ] D:\plug in
[17/01/2013 - 21:43:21 | D ] D:\RylskyArt.13.01.03.Liv.XXX.720p.MP4-RYLSKYART[rbg]
[09/03/2012 - 20:43:29 | SHD ] D:\System Volume Information
[01/02/2013 - 20:28:28 | D ] D:\Temp
[17/12/2012 - 19:26:00 | D ] D:\XBMC
[02/02/2013 - 00:34:28 | SHD ] F:\$RECYCLE.BIN
[01/01/2000 - 01:03:57 | D ] F:\.wd_tv
[14/10/2012 - 19:56:07 | D ] F:\art et ling
[14/10/2012 - 20:20:50 | D ] F:\audio livres
[25/10/2012 - 09:55:19 | D ] F:\best of
[25/10/2012 - 10:08:21 | D ] F:\Bibliotheque Epub
[14/10/2012 - 10:23:13 | D ] F:\documents
[25/10/2012 - 10:02:02 | D ] F:\EPUB
[14/10/2012 - 13:14:21 | D ] F:\films et documentaires
[14/10/2012 - 23:33:18 | D ] F:\guides
[14/10/2012 - 20:01:56 | D ] F:\layered nylons
[25/10/2012 - 09:59:19 | D ] F:\livres
[14/10/2012 - 20:14:09 | D ] F:\livres epub
[15/08/2012 - 17:48:49 | D ] F:\logiciels
[14/10/2012 - 14:14:14 | D ] F:\magazines et livres divers
[13/01/2013 - 14:07:07 | D ] F:\mp3
[13/10/2012 - 23:16:24 | D ] F:\Nouveau dossier
[14/10/2012 - 17:05:26 | D ] F:\photos
[14/10/2012 - 14:12:18 | D ] F:\sauvegarde 08.04.2012
[14/10/2012 - 14:32:04 | D ] F:\sauvegarde 25.01.2012
[25/10/2012 - 10:42:08 | D ] F:\sauvegarde disque f 19.11.2011
[07/06/2012 - 13:24:07 | D ] F:\sau�vegarde 07.06.2012
[17/10/2012 - 12:40:17 | D ] F:\songs book et guitar tuto
[28/10/2011 - 08:07:05 | SHD ] F:\System Volume Information
[14/10/2012 - 10:41:16 | D ] F:\tab
[28/03/2012 - 20:31:05 | D ] F:\tab to work
[14/10/2012 - 17:03:34 | D ] F:\tab vdd
[14/10/2012 - 17:02:53 | D ] F:\victorry3
[14/10/2012 - 17:03:02 | D ] F:\video vdd
[14/10/2012 - 17:03:10 | D ] F:\you tube
[21/06/2012 - 23:56:02 | D ] G:\PRIVATE
[21/06/2012 - 23:56:02 | D ] G:\DCIM
[21/06/2012 - 23:56:02 | D ] G:\MISC
[16/04/2012 - 20:07:42 | N | 4096] G:\._.Trashes
[16/04/2012 - 20:07:42 | D ] G:\.Trashes
[16/04/2012 - 20:07:42 | D ] G:\.fseventsd
################## | Vaccin |
C:\Autorun.inf -> Vaccin cr�� par UsbFix (El Desaparecido)
D:\Autorun.inf -> Vaccin cr�� par UsbFix (El Desaparecido)
F:\Autorun.inf -> Vaccin cr�� par UsbFix (El Desaparecido)
G:\Autorun.inf -> Vaccin cr�� par UsbFix (El Desaparecido)
################## | E.O.F |
Utilisateur: vdd (Administrateur) # VDD-PC
Mis � jour le 11/11/2012 par El Desaparecido
Lanc� � 00:24:54 | 02/02/2013
Site Web: http://sosvirus.org
Contact: contact@eldesaparecido.com
PC: Acer (Aspire X1930) (x64-based PC
CPU: Intel(R) Pentium(R) CPU G630 @ 2.70GHz (2700)
RAM -> [Total : 4078 | Free : 1800]
BIOS: BIOS Date: 08/16/11 10:23:39 Ver: 04.06.04
BOOT: Normal boot
OS: Microsoft Windows�7 �dition Familiale Premium (6.1.7601 64-Bit) # Service Pack 1
WB: Windows Internet Explorer 9.0.8112.16421
SC: Security Center Service [Enabled]
WU: Windows Update Service [Enabled]
AV: Protection antivirus et antispyware McAfee [Enabled | Updated]
FW: Windows FireWall Service [Enabled]
C:\ (%systemdrive%) -> Disque fixe # 224 Go (26 Go libre(s) - 12%) [Acer] # NTFS
D:\ -> Disque fixe # 225 Go (136 Go libre(s) - 61%) [DATA] # NTFS
E:\ -> CD-ROM
F:\ -> Disque fixe # 1397 Go (2 Go libre(s) - 0%) [Iomega HDD] # NTFS
G:\ -> Disque amovible # 15 Go (4 Go libre(s) - 27%) [] # FAT32
H:\ -> CD-ROM
################## | Processus Actif |
C:\Windows\system32\csrss.exe (600)
C:\Windows\system32\wininit.exe (664)
C:\Windows\system32\csrss.exe (680)
C:\Windows\system32\services.exe (712)
C:\Windows\system32\lsass.exe (736)
C:\Windows\system32\lsm.exe (744)
C:\Windows\system32\winlogon.exe (804)
C:\Windows\system32\svchost.exe (900)
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (960)
C:\Windows\system32\svchost.exe (992)
C:\Windows\System32\svchost.exe (452)
C:\Windows\System32\svchost.exe (576)
C:\Windows\system32\svchost.exe (564)
C:\Windows\system32\svchost.exe (1120)
C:\Windows\system32\svchost.exe (1192)
C:\Windows\System32\spoolsv.exe (1312)
C:\Windows\system32\svchost.exe (1356)
C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe (1380)
C:\Windows\system32\taskhost.exe (1516)
C:\Windows\system32\Dwm.exe (1628)
C:\Windows\Explorer.EXE (1676)
C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe (1800)
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (1832)
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (1936)
C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (1156)
C:\Program Files\Bonjour\mDNSResponder.exe (1464)
C:\Windows\system32\svchost.exe (1580)
C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE (1648)
C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE (2020)
C:\Program Files (x86)\Acer\Registration\GREGsvc.exe (2032)
C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe (1808)
C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe (2100)
C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe (2144)
C:\Program Files\Acer\Acer Updater\UpdaterService.exe (2176)
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (2216)
C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (2256)
C:\Windows\system32\rundll32.exe (2324)
C:\Windows\system32\mfevtps.exe (2332)
C:\Windows\system32\rundll32.exe (2344)
C:\Windows\SysWOW64\rundll32.exe (2356)
C:\Windows\SysWOW64\nlssrv32.exe (2384)
C:\Program Files\OO Software\Defrag\oodag.exe (2408)
c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (2564)
c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe (2588)
C:\Program Files\OO Software\Defrag\oodtray.exe (2624)
C:\Windows\system32\svchost.exe (2692)
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe (2740)
C:\Program Files\McAfee.com\Agent\mcagent.exe (2796)
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe (2832)
C:\Windows\system32\EscSvc64.exe (2892)
C:\Windows\system32\taskeng.exe (2904)
C:\Windows\system32\svchost.exe (928)
C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe (3180)
C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLMSService.exe (3232)
C:\Windows\System32\WUDFHost.exe (3256)
C:\Windows\system32\SearchIndexer.exe (3344)
C:\Program Files\Windows Media Player\wmpnetwk.exe (3520)
C:\Windows\system32\svchost.exe (3660)
C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe (4056)
C:\Program Files (x86)\Hotspot Shield\bin\openvpntray.exe (4360)
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (4648)
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (2476)
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (4612)
C:\Program Files (x86)\Nero\Update\NASvc.exe (5100)
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (4016)
C:\Program Files\EgisTec IPS\PMMUpdate.exe (3580)
C:\Program Files\EgisTec IPS\EgisUpdate.exe (3964)
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (4316)
C:\Windows\system32\taskmgr.exe (3492)
C:\Program Files\PeerBlock\peerblock.exe (5096)
C:\Program Files (x86)\uTorrent\uTorrent.exe (5072)
C:\Program Files (x86)\Mozilla Firefox\firefox.exe (4148)
C:\Windows\system32\NOTEPAD.EXE (660)
C:\Windows\system32\wbem\wmiprvse.exe (4904)
C:\UsbFix\Go.exe (4972)
C:\Windows\system32\wbem\wmiprvse.exe (2684)
C:\Windows\System32\svchost.exe (4908)
C:\Program Files\Common Files\McAfee\Core\mchost.exe (1292)
################## | Processus Stopp�s |
Stopp�! C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (960)
Stopp�! C:\Windows\System32\spoolsv.exe (1312)
Stopp�! C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe (1380)
Stopp�! C:\Windows\system32\taskhost.exe (1516)
Stopp�! C:\Windows\Explorer.EXE (1676)
Stopp�! C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe (1800)
Stopp�! C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (1832)
Stopp�! C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (1936)
Stopp�! C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (1156)
Stopp�! C:\Program Files\Bonjour\mDNSResponder.exe (1464)
Stopp�! C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE (1648)
Stopp�! C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE (2020)
Stopp�! C:\Program Files (x86)\Acer\Registration\GREGsvc.exe (2032)
Stopp�! C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe (1808)
Stopp�! C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe (2100)
Stopp�! C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe (2144)
Stopp�! C:\Program Files\Acer\Acer Updater\UpdaterService.exe (2176)
Stopp�! C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (2216)
Stopp�! C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (2256)
Stopp�! C:\Windows\system32\rundll32.exe (2324)
Stopp�! C:\Windows\system32\mfevtps.exe (2332)
Stopp�! C:\Windows\system32\rundll32.exe (2344)
Stopp�! C:\Windows\SysWOW64\rundll32.exe (2356)
Stopp�! C:\Windows\SysWOW64\nlssrv32.exe (2384)
Stopp�! C:\Program Files\OO Software\Defrag\oodag.exe (2408)
Stopp�! c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (2564)
Stopp�! c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe (2588)
Stopp�! C:\Program Files\OO Software\Defrag\oodtray.exe (2624)
Stopp�! C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe (2740)
Stopp�! C:\Program Files\McAfee.com\Agent\mcagent.exe (2796)
Stopp�! C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe (2832)
Stopp�! C:\Windows\system32\EscSvc64.exe (2892)
Stopp�! C:\Windows\system32\taskeng.exe (2904)
Stopp�! C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe (3180)
Stopp�! C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLMSService.exe (3232)
Stopp�! C:\Windows\System32\WUDFHost.exe (3256)
Stopp�! C:\Windows\system32\SearchIndexer.exe (3344)
Stopp�! C:\Program Files\Windows Media Player\wmpnetwk.exe (3520)
Stopp�! C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe (4056)
Stopp�! C:\Program Files (x86)\Hotspot Shield\bin\openvpntray.exe (4360)
Stopp�! C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (4648)
Stopp�! C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (2476)
Stopp�! C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (4612)
Stopp�! C:\Program Files (x86)\Nero\Update\NASvc.exe (5100)
Stopp�! C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (4016)
Stopp�! C:\Program Files\EgisTec IPS\PMMUpdate.exe (3580)
Stopp�! C:\Program Files\EgisTec IPS\EgisUpdate.exe (3964)
Stopp�! C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (4316)
Stopp�! C:\Windows\system32\taskmgr.exe (3492)
Stopp�! C:\Program Files\PeerBlock\peerblock.exe (5096)
Stopp�! C:\Program Files (x86)\uTorrent\uTorrent.exe (5072)
Stopp�! C:\Program Files (x86)\Mozilla Firefox\firefox.exe (4148)
Stopp�! C:\Windows\system32\NOTEPAD.EXE (660)
Stopp�! C:\Program Files\Common Files\McAfee\Core\mchost.exe (1292)
################## | �l�ments infectieux |
Supprim�! C:\Users\vdd\AppData\Local\Temp\19326027.exe
Supprim�! C:\Users\vdd\AppData\Local\Temp\2343681.exe
Supprim�! C:\Users\vdd\AppData\Local\Temp\2343696.exe
Supprim�! C:\$RECYCLE.BIN\S-1-5-20
Supprim�! C:\$RECYCLE.BIN\S-1-5-21-2609519542-3147258301-233002904-1000
Supprim�! C:\$RECYCLE.BIN\S-1-5-21-2609519542-3147258301-233002904-500
Supprim�! C:\$RECYCLE.BIN\S-1-5-21-4082062797-4048407607-217630492-500
Supprim�! D:\$RECYCLE.BIN\S-1-5-21-2609519542-3147258301-233002904-1000
Supprim�! D:\$RECYCLE.BIN\S-1-5-21-2609519542-3147258301-233002904-500
Supprim�! F:\$RECYCLE.BIN\S-1-5-21-2463589617-2099536183-931396430-1000
Supprim�! F:\$RECYCLE.BIN\S-1-5-21-2609519542-3147258301-233002904-1000
(!) Fichiers temporaires supprim�s.
################## | Registre |
Supprim�! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\explorer|NoRun
################## | Mountpoints2 |
Supprim�! HKCU\.\.\.\.\Explorer\MountPoints2\{25975dc2-2cd1-11e2-8074-c89cdcee279c}
Supprim�! HKCU\.\.\.\.\Explorer\MountPoints2\{7913acda-37a5-11e2-865d-c89cdcee279c}
Supprim�! HKCU\.\.\.\.\Explorer\MountPoints2\{82465d45-2d69-11e2-803c-c89cdcee279c}
Supprim�! HKCU\.\.\.\.\Explorer\MountPoints2\{b8b3eb21-2f94-11e2-860a-c89cdcee279c}
Supprim�! HKCU\.\.\.\.\Explorer\MountPoints2\{b8b3eb28-2f94-11e2-860a-c89cdcee279c}
################## | Listing |
[02/02/2013 - 00:34:28 | SHD ] C:\$Recycle.Bin
[31/01/2013 - 21:30:54 | N | 7877] C:\Ad-Report-CLEAN[1].txt
[29/11/2012 - 19:03:45 | N | 6428] C:\Ad-Report-SCAN[1].txt
[29/11/2012 - 19:05:34 | N | 6493] C:\Ad-Report-SCAN[2].txt
[03/12/2012 - 08:28:15 | N | 6558] C:\Ad-Report-SCAN[3].txt
[31/01/2013 - 21:22:50 | N | 5705] C:\AdwCleaner[S1].txt
[11/01/2013 - 19:10:48 | D ] C:\audio
[09/03/2012 - 20:49:32 | D ] C:\book
[17/10/2011 - 15:27:32 | N | 8192] C:\BOOTSECT.BAK
[21/11/2012 - 21:44:21 | D ] C:\Cakewalk Projects
[30/01/2013 - 13:53:33 | D ] C:\Config.Msi
[05/09/2012 - 06:41:48 | N | 5288] C:\Dfine2.config
[14/07/2009 - 06:08:56 | SHD ] C:\Documents and Settings
[05/07/1999 - 17:18:38 | N | 47] C:\DspfxId.txt
[01/02/2013 - 20:53:55 | ASH | 3207081984] C:\hiberfil.sys
[21/11/2012 - 20:56:56 | N | 268] C:\Install.log
[17/10/2011 - 14:36:47 | D ] C:\Intel
[29/11/2012 - 01:00:02 | N | 280] C:\log.txt
[15/11/2012 - 17:42:48 | RHD ] C:\MSOCache
[19/11/2012 - 16:41:33 | D ] C:\OEM
[01/02/2013 - 20:53:54 | ASH | 6414139392] C:\pagefile.sys
[14/07/2009 - 04:20:08 | D ] C:\PerfLogs
[31/01/2013 - 19:11:19 | N | 512] C:\PhysicalMBR.bin
[10/01/2013 - 22:32:48 | D ] C:\Program Files
[01/02/2013 - 21:33:53 | D ] C:\Program Files (x86)
[01/02/2013 - 21:33:54 | HD ] C:\ProgramData
[26/11/2012 - 21:08:51 | D ] C:\PSFONTS
[11/11/2012 - 17:31:12 | SHD ] C:\Recovery
[20/01/2013 - 15:46:43 | D ] C:\rsit
[01/02/2013 - 22:55:28 | SHD ] C:\System Volume Information
[16/01/2013 - 17:12:56 | D ] C:\temp
[25/11/2012 - 00:28:26 | N | 1060] C:\tlphotoFXlabps.lnk
[25/11/2012 - 00:29:05 | N | 889] C:\tlphotoFXlabps_x64.lnk
[02/02/2013 - 00:34:29 | D ] C:\UsbFix
[02/02/2013 - 00:25:14 | A | 12319] C:\UsbFix.txt
[11/01/2013 - 19:12:05 | D ] C:\Users
[22/11/2012 - 14:23:57 | D ] C:\VSTPlugins
[01/02/2013 - 21:33:53 | D ] C:\Windows
[31/01/2013 - 21:50:34 | D ] C:\ZHP
[02/02/2013 - 00:34:28 | SHD ] D:\$RECYCLE.BIN
[05/09/2001 - 21:00:58 | N | 1700352] D:\gdiplus.dll
[01/12/2006 - 23:37:14 | N | 904704] D:\msdia80.dll
[01/02/2013 - 09:24:23 | D ] D:\Nouveau dossier
[24/12/2012 - 22:25:09 | D ] D:\plug in
[17/01/2013 - 21:43:21 | D ] D:\RylskyArt.13.01.03.Liv.XXX.720p.MP4-RYLSKYART[rbg]
[09/03/2012 - 20:43:29 | SHD ] D:\System Volume Information
[01/02/2013 - 20:28:28 | D ] D:\Temp
[17/12/2012 - 19:26:00 | D ] D:\XBMC
[02/02/2013 - 00:34:28 | SHD ] F:\$RECYCLE.BIN
[01/01/2000 - 01:03:57 | D ] F:\.wd_tv
[14/10/2012 - 19:56:07 | D ] F:\art et ling
[14/10/2012 - 20:20:50 | D ] F:\audio livres
[25/10/2012 - 09:55:19 | D ] F:\best of
[25/10/2012 - 10:08:21 | D ] F:\Bibliotheque Epub
[14/10/2012 - 10:23:13 | D ] F:\documents
[25/10/2012 - 10:02:02 | D ] F:\EPUB
[14/10/2012 - 13:14:21 | D ] F:\films et documentaires
[14/10/2012 - 23:33:18 | D ] F:\guides
[14/10/2012 - 20:01:56 | D ] F:\layered nylons
[25/10/2012 - 09:59:19 | D ] F:\livres
[14/10/2012 - 20:14:09 | D ] F:\livres epub
[15/08/2012 - 17:48:49 | D ] F:\logiciels
[14/10/2012 - 14:14:14 | D ] F:\magazines et livres divers
[13/01/2013 - 14:07:07 | D ] F:\mp3
[13/10/2012 - 23:16:24 | D ] F:\Nouveau dossier
[14/10/2012 - 17:05:26 | D ] F:\photos
[14/10/2012 - 14:12:18 | D ] F:\sauvegarde 08.04.2012
[14/10/2012 - 14:32:04 | D ] F:\sauvegarde 25.01.2012
[25/10/2012 - 10:42:08 | D ] F:\sauvegarde disque f 19.11.2011
[07/06/2012 - 13:24:07 | D ] F:\sau�vegarde 07.06.2012
[17/10/2012 - 12:40:17 | D ] F:\songs book et guitar tuto
[28/10/2011 - 08:07:05 | SHD ] F:\System Volume Information
[14/10/2012 - 10:41:16 | D ] F:\tab
[28/03/2012 - 20:31:05 | D ] F:\tab to work
[14/10/2012 - 17:03:34 | D ] F:\tab vdd
[14/10/2012 - 17:02:53 | D ] F:\victorry3
[14/10/2012 - 17:03:02 | D ] F:\video vdd
[14/10/2012 - 17:03:10 | D ] F:\you tube
[21/06/2012 - 23:56:02 | D ] G:\PRIVATE
[21/06/2012 - 23:56:02 | D ] G:\DCIM
[21/06/2012 - 23:56:02 | D ] G:\MISC
[16/04/2012 - 20:07:42 | N | 4096] G:\._.Trashes
[16/04/2012 - 20:07:42 | D ] G:\.Trashes
[16/04/2012 - 20:07:42 | D ] G:\.fseventsd
################## | Vaccin |
C:\Autorun.inf -> Vaccin cr�� par UsbFix (El Desaparecido)
D:\Autorun.inf -> Vaccin cr�� par UsbFix (El Desaparecido)
F:\Autorun.inf -> Vaccin cr�� par UsbFix (El Desaparecido)
G:\Autorun.inf -> Vaccin cr�� par UsbFix (El Desaparecido)
################## | E.O.F |