Publicité
Publicité
Format du document : text/plain
Prévisualisation
############################## | UsbFix V 7.121 | [Suppression]
Utilisateur: Ludivine (Administrateur) # LUDIVINE-PC
Mis � jour le 07/04/2013 par El Desaparecido
Lanc� � 14:47:22 | 13/04/2013
Site Web: http://sosvirus.org/
Upload Malware: http://upload.sosvirus.org/
Contact: contact@sosvirus.org
PC: Acer (Aspire 5738 ) (x64-based PC)
CPU: Pentium(R) Dual-Core CPU T4300 @ 2.10GHz (2100)
RAM -> [Total : 4025 | Free : 2420]
BIOS: Ver 1.00PARTTBL
BOOT: Normal boot
OS: Microsoft Windows�7 �dition Familiale Premium (6.1.7601 64-Bit) # Service Pack 1
WB: Windows Internet Explorer 10.0.9200.16540
SC: Security Center Service [Enabled]
WU: Windows Update Service [Enabled]
AV: avast! Antivirus [(!) Disabled | Updated]
FW: Windows FireWall Service [Enabled]
C:\ (%systemdrive%) -> Disque fixe # 454 Go (48 Go libre(s) - 11%) [ACER] # NTFS
D:\ -> CD-ROM
E:\ -> CD-ROM
F:\ -> Disque amovible # 4 Go (4 Go libre(s) - 100%) [USB DISK] # FAT32
G:\ -> Disque amovible # 4 Go (3 Go libre(s) - 89%) [USB DISK] # FAT32
################## | El Desaparecido Section |
HKLM\SOFTWARE | Run : [Adobe Reader Speed Launcher] - "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
HKLM\SOFTWARE | Run : [BackupManagerTray] - "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k
HKLM\SOFTWARE | Run : [EgisTecLiveUpdate] - "C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe"
HKLM\SOFTWARE | Run : [LManager] - C:\Program Files (x86)\Launch Manager\LManager.exe
HKLM\SOFTWARE | Run : [ArcadeDeluxeAgent] - "C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"
HKLM\SOFTWARE | Run : [PlayMovie] - "C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe"
HKLM\SOFTWARE | Run : [ArcSoft Connection Service] - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
HKLM\SOFTWARE | Run : [Adobe ARM] - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
HKLM\SOFTWARE | Run : [SunJavaUpdateSched] - "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
HKLM\SOFTWARE | Run : [Seagate Dashboard] - C:\Program Files (x86)\Seagate\Seagate Dashboard\MemeoLauncher.exe --silent --no_ui
HKLM\SOFTWARE | Run : [avast] - "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
HKLM\SOFTWARE | Run : [APSDaemon] - "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
HKLM\SOFTWARE | Run : [EEventManager] - "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
HKLM\SOFTWARE | Run : [QuickTime Task] - "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
HKLM\SOFTWARE | Run : [iTunesHelper] - "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
HKLM\SOFTWARE | Run : [UnlockerAssistant] - "C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe"
HKLM\SOFTWARE\wow6432Node | Run : [Adobe Reader Speed Launcher] - "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
HKLM\SOFTWARE\wow6432Node | Run : [BackupManagerTray] - "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k
HKLM\SOFTWARE\wow6432Node | Run : [EgisTecLiveUpdate] - "C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe"
HKLM\SOFTWARE\wow6432Node | Run : [LManager] - C:\Program Files (x86)\Launch Manager\LManager.exe
HKLM\SOFTWARE\wow6432Node | Run : [ArcadeDeluxeAgent] - "C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"
HKLM\SOFTWARE\wow6432Node | Run : [PlayMovie] - "C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe"
HKLM\SOFTWARE\wow6432Node | Run : [ArcSoft Connection Service] - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
HKLM\SOFTWARE\wow6432Node | Run : [Adobe ARM] - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
HKLM\SOFTWARE\wow6432Node | Run : [SunJavaUpdateSched] - "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
HKLM\SOFTWARE\wow6432Node | Run : [Seagate Dashboard] - C:\Program Files (x86)\Seagate\Seagate Dashboard\MemeoLauncher.exe --silent --no_ui
HKLM\SOFTWARE\wow6432Node | Run : [avast] - "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
HKLM\SOFTWARE\wow6432Node | Run : [APSDaemon] - "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
HKLM\SOFTWARE\wow6432Node | Run : [EEventManager] - "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
HKLM\SOFTWARE\wow6432Node | Run : [QuickTime Task] - "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
HKLM\SOFTWARE\wow6432Node | Run : [iTunesHelper] - "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
HKLM\SOFTWARE\wow6432Node | Run : [UnlockerAssistant] - "C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe"
HKLM\SOFTWARE | RunOnce : [] -
HKLM\SOFTWARE\wow6432Node | RunOnce : [] -
HKU\S-1-5-19\SOFTWARE | Run : [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-20\SOFTWARE | Run : [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-21-1227070071-3598577670-4083579787-1000\SOFTWARE | Run : [Global Registration] - "C:\Program Files (x86)\Acer\Registration\GREG.exe" BOOT
HKU\S-1-5-21-1227070071-3598577670-4083579787-1000\SOFTWARE | Run : [Sidebar] - C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
HKU\S-1-5-21-1227070071-3598577670-4083579787-1000\SOFTWARE | Run : [EPSON SX230 Series] - C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHKE.EXE /FU "C:\Users\Ludivine\AppData\Local\Temp\E_S7D8C.tmp" /EF "HKCU"
HKU\S-1-5-21-1227070071-3598577670-4083579787-1000\SOFTWARE | Run : [uTorrent] - "C:\Program Files (x86)\uTorrent\uTorrent.exe"
HKU\S-1-5-21-1227070071-3598577670-4083579787-1000\SOFTWARE | Run : [DAEMON Tools Lite] - "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
HKU\S-1-5-19\SOFTWARE | RunOnce : [mctadmin] - C:\Windows\System32\mctadmin.exe
HKU\S-1-5-20\SOFTWARE | RunOnce : [mctadmin] - C:\Windows\System32\mctadmin.exe
################## | Processus Stopp�s |
Stopp�! C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (1228)
Stopp�! C:\Windows\System32\spoolsv.exe (1440)
Stopp�! C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe (1616)
Stopp�! C:\Windows\system32\taskhost.exe (1628)
Stopp�! C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (1856)
Stopp�! C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (1880)
Stopp�! C:\Program Files\Bonjour\mDNSResponder.exe (1260)
Stopp�! C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe (1948)
Stopp�! C:\Program Files (x86)\Acer\Registration\GregHSRW.exe (2116)
Stopp�! C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe (2248)
Stopp�! C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe (2296)
Stopp�! C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe (2328)
Stopp�! C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe (2380)
Stopp�! C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (2436)
Stopp�! C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (2476)
Stopp�! C:\Program Files\Acer\Acer Updater\UpdaterService.exe (2608)
Stopp�! C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (2656)
Stopp�! C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (2728)
Stopp�! C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe (2824)
Stopp�! C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe (3252)
Stopp�! C:\Windows\system32\SearchIndexer.exe (3272)
Stopp�! C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (3312)
Stopp�! C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (3760)
Stopp�! C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (3816)
Stopp�! C:\Windows\PLFSetI.exe (3964)
Stopp�! C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe (3980)
Stopp�! C:\Windows\System32\igfxtray.exe (3996)
Stopp�! C:\Windows\System32\hkcmd.exe (4040)
Stopp�! C:\Windows\system32\igfxext.exe (4076)
Stopp�! C:\Windows\system32\igfxsrvc.exe (3108)
Stopp�! C:\Windows\System32\igfxpers.exe (3132)
Stopp�! C:\Program Files\Windows Sidebar\sidebar.exe (2792)
Stopp�! C:\Windows\System32\spool\drivers\x64\3\E_IATIHKE.EXE (3328)
Stopp�! C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (4112)
Stopp�! C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe (4124)
Stopp�! C:\Program Files (x86)\Launch Manager\LManager.exe (4148)
Stopp�! C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (4172)
Stopp�! C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe (4244)
Stopp�! C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (4336)
Stopp�! C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (4404)
Stopp�! C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac (4428)
Stopp�! C:\Program Files\Alwil Software\Avast5\AvastUI.exe (4496)
Stopp�! C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (4604)
Stopp�! C:\Program Files (x86)\iTunes\iTunesHelper.exe (4824)
Stopp�! C:\Program Files\iPod\bin\iPodService.exe (5056)
Stopp�! C:\Program Files (x86)\Seagate\Seagate Dashboard\MemeoDashboard.exe (4120)
Stopp�! C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe (3904)
Stopp�! C:\Program Files (x86)\Seagate\Seagate Dashboard\HipServAgent\HipServAgent.exe (2648)
Stopp�! C:\Program Files\Windows Media Player\wmpnetwk.exe (240)
Stopp�! C:\Program Files (x86)\Mozilla Firefox\firefox.exe (4516)
Stopp�! C:\Windows\System32\WUDFHost.exe (3192)
################## | �l�ments infectieux |
Supprim�! C:\ProgramData\FullRemove.exe
(!) Fichiers temporaires supprim�s.
################## | Registre |
################## | Mountpoints2 |
Supprim�! HKCU\.\.\.\.\Explorer\MountPoints2\{710ea56e-9485-11de-8767-806e6f6e6963}
################## | Listing |
[07/10/2012 - 17:28:25 | SHD ] C:\$Recycle.Bin
[11/01/2011 - 22:12:45 | D ] C:\3a69559b8ac52acccca3a0
[15/04/2011 - 19:16:00 | D ] C:\6b6bd1a4188345e543fce214
[13/04/2013 - 13:50:44 | N | 6822] C:\AdwCleaner[S1].txt
[29/08/2009 - 12:30:26 | D ] C:\BOOK
[22/08/2009 - 12:23:06 | SHD ] C:\Boot
[14/07/2009 - 03:38:58 | RASH | 383562] C:\bootmgr
[27/07/2009 - 22:40:53 | N | 8192] C:\BOOTSECT.BAK
[13/05/2010 - 16:25:34 | D ] C:\cf712bb1ddb746471e633c2e61f55cba
[04/04/2013 - 17:40:32 | D ] C:\Config.Msi
[14/07/2009 - 07:08:56 | SHD ] C:\Documents and Settings
[24/10/2009 - 15:05:04 | DC ] C:\elements
[04/11/2009 - 14:19:35 | N | 45] C:\error.log
[13/04/2013 - 13:51:52 | ASH | 3165327360] C:\hiberfil.sys
[02/03/2013 - 20:13:09 | D ] C:\ILLUSION
[22/08/2009 - 07:15:26 | D ] C:\Intel
[22/08/2009 - 10:35:38 | RHD ] C:\MSOCache
[18/12/2012 - 18:05:52 | D ] C:\MyWinLockerData
[11/11/2009 - 23:07:48 | D ] C:\OEM
[13/04/2013 - 13:51:58 | ASH | 4220440576] C:\pagefile.sys
[23/08/2009 - 02:51:48 | N | 5732] C:\Patch.rev
[14/07/2009 - 05:20:08 | D ] C:\PerfLogs
[13/04/2013 - 09:33:18 | N | 512] C:\PhysicalMBR.bin
[24/10/2009 - 15:00:57 | N | 210] C:\Preload.rev
[10/04/2013 - 18:44:15 | D ] C:\Program Files
[13/04/2013 - 13:54:58 | D ] C:\Program Files (x86)
[13/04/2013 - 14:51:36 | HD ] C:\ProgramData
[24/10/2009 - 15:00:48 | SHD ] C:\Recovery
[29/08/2009 - 12:24:34 | N | 1989] C:\RHDSetup.log
[13/04/2013 - 12:01:12 | SHD ] C:\System Volume Information
[13/04/2013 - 14:51:38 | D ] C:\UsbFix
[13/04/2013 - 14:51:51 | A | 11836] C:\UsbFix [Clean 1] LUDIVINE-PC.txt
[13/04/2013 - 14:06:57 | N | 11151] C:\UsbFix [Scan 1] LUDIVINE-PC.txt
[07/10/2012 - 17:28:17 | D ] C:\Users
[20/01/2012 - 09:51:27 | D ] C:\videooutput
[12/04/2013 - 07:38:08 | D ] C:\Windows
################## | Vaccin |
C:\Autorun.inf -> Vaccin cr�� par UsbFix (El Desaparecido)
################## | E.O.F | http://sosvirus.org |
Utilisateur: Ludivine (Administrateur) # LUDIVINE-PC
Mis � jour le 07/04/2013 par El Desaparecido
Lanc� � 14:47:22 | 13/04/2013
Site Web: http://sosvirus.org/
Upload Malware: http://upload.sosvirus.org/
Contact: contact@sosvirus.org
PC: Acer (Aspire 5738 ) (x64-based PC)
CPU: Pentium(R) Dual-Core CPU T4300 @ 2.10GHz (2100)
RAM -> [Total : 4025 | Free : 2420]
BIOS: Ver 1.00PARTTBL
BOOT: Normal boot
OS: Microsoft Windows�7 �dition Familiale Premium (6.1.7601 64-Bit) # Service Pack 1
WB: Windows Internet Explorer 10.0.9200.16540
SC: Security Center Service [Enabled]
WU: Windows Update Service [Enabled]
AV: avast! Antivirus [(!) Disabled | Updated]
FW: Windows FireWall Service [Enabled]
C:\ (%systemdrive%) -> Disque fixe # 454 Go (48 Go libre(s) - 11%) [ACER] # NTFS
D:\ -> CD-ROM
E:\ -> CD-ROM
F:\ -> Disque amovible # 4 Go (4 Go libre(s) - 100%) [USB DISK] # FAT32
G:\ -> Disque amovible # 4 Go (3 Go libre(s) - 89%) [USB DISK] # FAT32
################## | El Desaparecido Section |
HKLM\SOFTWARE | Run : [Adobe Reader Speed Launcher] - "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
HKLM\SOFTWARE | Run : [BackupManagerTray] - "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k
HKLM\SOFTWARE | Run : [EgisTecLiveUpdate] - "C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe"
HKLM\SOFTWARE | Run : [LManager] - C:\Program Files (x86)\Launch Manager\LManager.exe
HKLM\SOFTWARE | Run : [ArcadeDeluxeAgent] - "C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"
HKLM\SOFTWARE | Run : [PlayMovie] - "C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe"
HKLM\SOFTWARE | Run : [ArcSoft Connection Service] - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
HKLM\SOFTWARE | Run : [Adobe ARM] - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
HKLM\SOFTWARE | Run : [SunJavaUpdateSched] - "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
HKLM\SOFTWARE | Run : [Seagate Dashboard] - C:\Program Files (x86)\Seagate\Seagate Dashboard\MemeoLauncher.exe --silent --no_ui
HKLM\SOFTWARE | Run : [avast] - "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
HKLM\SOFTWARE | Run : [APSDaemon] - "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
HKLM\SOFTWARE | Run : [EEventManager] - "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
HKLM\SOFTWARE | Run : [QuickTime Task] - "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
HKLM\SOFTWARE | Run : [iTunesHelper] - "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
HKLM\SOFTWARE | Run : [UnlockerAssistant] - "C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe"
HKLM\SOFTWARE\wow6432Node | Run : [Adobe Reader Speed Launcher] - "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
HKLM\SOFTWARE\wow6432Node | Run : [BackupManagerTray] - "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k
HKLM\SOFTWARE\wow6432Node | Run : [EgisTecLiveUpdate] - "C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe"
HKLM\SOFTWARE\wow6432Node | Run : [LManager] - C:\Program Files (x86)\Launch Manager\LManager.exe
HKLM\SOFTWARE\wow6432Node | Run : [ArcadeDeluxeAgent] - "C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"
HKLM\SOFTWARE\wow6432Node | Run : [PlayMovie] - "C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe"
HKLM\SOFTWARE\wow6432Node | Run : [ArcSoft Connection Service] - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
HKLM\SOFTWARE\wow6432Node | Run : [Adobe ARM] - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
HKLM\SOFTWARE\wow6432Node | Run : [SunJavaUpdateSched] - "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
HKLM\SOFTWARE\wow6432Node | Run : [Seagate Dashboard] - C:\Program Files (x86)\Seagate\Seagate Dashboard\MemeoLauncher.exe --silent --no_ui
HKLM\SOFTWARE\wow6432Node | Run : [avast] - "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
HKLM\SOFTWARE\wow6432Node | Run : [APSDaemon] - "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
HKLM\SOFTWARE\wow6432Node | Run : [EEventManager] - "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
HKLM\SOFTWARE\wow6432Node | Run : [QuickTime Task] - "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
HKLM\SOFTWARE\wow6432Node | Run : [iTunesHelper] - "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
HKLM\SOFTWARE\wow6432Node | Run : [UnlockerAssistant] - "C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe"
HKLM\SOFTWARE | RunOnce : [] -
HKLM\SOFTWARE\wow6432Node | RunOnce : [] -
HKU\S-1-5-19\SOFTWARE | Run : [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-20\SOFTWARE | Run : [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-21-1227070071-3598577670-4083579787-1000\SOFTWARE | Run : [Global Registration] - "C:\Program Files (x86)\Acer\Registration\GREG.exe" BOOT
HKU\S-1-5-21-1227070071-3598577670-4083579787-1000\SOFTWARE | Run : [Sidebar] - C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
HKU\S-1-5-21-1227070071-3598577670-4083579787-1000\SOFTWARE | Run : [EPSON SX230 Series] - C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHKE.EXE /FU "C:\Users\Ludivine\AppData\Local\Temp\E_S7D8C.tmp" /EF "HKCU"
HKU\S-1-5-21-1227070071-3598577670-4083579787-1000\SOFTWARE | Run : [uTorrent] - "C:\Program Files (x86)\uTorrent\uTorrent.exe"
HKU\S-1-5-21-1227070071-3598577670-4083579787-1000\SOFTWARE | Run : [DAEMON Tools Lite] - "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
HKU\S-1-5-19\SOFTWARE | RunOnce : [mctadmin] - C:\Windows\System32\mctadmin.exe
HKU\S-1-5-20\SOFTWARE | RunOnce : [mctadmin] - C:\Windows\System32\mctadmin.exe
################## | Processus Stopp�s |
Stopp�! C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (1228)
Stopp�! C:\Windows\System32\spoolsv.exe (1440)
Stopp�! C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe (1616)
Stopp�! C:\Windows\system32\taskhost.exe (1628)
Stopp�! C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (1856)
Stopp�! C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (1880)
Stopp�! C:\Program Files\Bonjour\mDNSResponder.exe (1260)
Stopp�! C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe (1948)
Stopp�! C:\Program Files (x86)\Acer\Registration\GregHSRW.exe (2116)
Stopp�! C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe (2248)
Stopp�! C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe (2296)
Stopp�! C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe (2328)
Stopp�! C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe (2380)
Stopp�! C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (2436)
Stopp�! C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (2476)
Stopp�! C:\Program Files\Acer\Acer Updater\UpdaterService.exe (2608)
Stopp�! C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (2656)
Stopp�! C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (2728)
Stopp�! C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe (2824)
Stopp�! C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe (3252)
Stopp�! C:\Windows\system32\SearchIndexer.exe (3272)
Stopp�! C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (3312)
Stopp�! C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (3760)
Stopp�! C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (3816)
Stopp�! C:\Windows\PLFSetI.exe (3964)
Stopp�! C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe (3980)
Stopp�! C:\Windows\System32\igfxtray.exe (3996)
Stopp�! C:\Windows\System32\hkcmd.exe (4040)
Stopp�! C:\Windows\system32\igfxext.exe (4076)
Stopp�! C:\Windows\system32\igfxsrvc.exe (3108)
Stopp�! C:\Windows\System32\igfxpers.exe (3132)
Stopp�! C:\Program Files\Windows Sidebar\sidebar.exe (2792)
Stopp�! C:\Windows\System32\spool\drivers\x64\3\E_IATIHKE.EXE (3328)
Stopp�! C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (4112)
Stopp�! C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe (4124)
Stopp�! C:\Program Files (x86)\Launch Manager\LManager.exe (4148)
Stopp�! C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (4172)
Stopp�! C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe (4244)
Stopp�! C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (4336)
Stopp�! C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (4404)
Stopp�! C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac (4428)
Stopp�! C:\Program Files\Alwil Software\Avast5\AvastUI.exe (4496)
Stopp�! C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (4604)
Stopp�! C:\Program Files (x86)\iTunes\iTunesHelper.exe (4824)
Stopp�! C:\Program Files\iPod\bin\iPodService.exe (5056)
Stopp�! C:\Program Files (x86)\Seagate\Seagate Dashboard\MemeoDashboard.exe (4120)
Stopp�! C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe (3904)
Stopp�! C:\Program Files (x86)\Seagate\Seagate Dashboard\HipServAgent\HipServAgent.exe (2648)
Stopp�! C:\Program Files\Windows Media Player\wmpnetwk.exe (240)
Stopp�! C:\Program Files (x86)\Mozilla Firefox\firefox.exe (4516)
Stopp�! C:\Windows\System32\WUDFHost.exe (3192)
################## | �l�ments infectieux |
Supprim�! C:\ProgramData\FullRemove.exe
(!) Fichiers temporaires supprim�s.
################## | Registre |
################## | Mountpoints2 |
Supprim�! HKCU\.\.\.\.\Explorer\MountPoints2\{710ea56e-9485-11de-8767-806e6f6e6963}
################## | Listing |
[07/10/2012 - 17:28:25 | SHD ] C:\$Recycle.Bin
[11/01/2011 - 22:12:45 | D ] C:\3a69559b8ac52acccca3a0
[15/04/2011 - 19:16:00 | D ] C:\6b6bd1a4188345e543fce214
[13/04/2013 - 13:50:44 | N | 6822] C:\AdwCleaner[S1].txt
[29/08/2009 - 12:30:26 | D ] C:\BOOK
[22/08/2009 - 12:23:06 | SHD ] C:\Boot
[14/07/2009 - 03:38:58 | RASH | 383562] C:\bootmgr
[27/07/2009 - 22:40:53 | N | 8192] C:\BOOTSECT.BAK
[13/05/2010 - 16:25:34 | D ] C:\cf712bb1ddb746471e633c2e61f55cba
[04/04/2013 - 17:40:32 | D ] C:\Config.Msi
[14/07/2009 - 07:08:56 | SHD ] C:\Documents and Settings
[24/10/2009 - 15:05:04 | DC ] C:\elements
[04/11/2009 - 14:19:35 | N | 45] C:\error.log
[13/04/2013 - 13:51:52 | ASH | 3165327360] C:\hiberfil.sys
[02/03/2013 - 20:13:09 | D ] C:\ILLUSION
[22/08/2009 - 07:15:26 | D ] C:\Intel
[22/08/2009 - 10:35:38 | RHD ] C:\MSOCache
[18/12/2012 - 18:05:52 | D ] C:\MyWinLockerData
[11/11/2009 - 23:07:48 | D ] C:\OEM
[13/04/2013 - 13:51:58 | ASH | 4220440576] C:\pagefile.sys
[23/08/2009 - 02:51:48 | N | 5732] C:\Patch.rev
[14/07/2009 - 05:20:08 | D ] C:\PerfLogs
[13/04/2013 - 09:33:18 | N | 512] C:\PhysicalMBR.bin
[24/10/2009 - 15:00:57 | N | 210] C:\Preload.rev
[10/04/2013 - 18:44:15 | D ] C:\Program Files
[13/04/2013 - 13:54:58 | D ] C:\Program Files (x86)
[13/04/2013 - 14:51:36 | HD ] C:\ProgramData
[24/10/2009 - 15:00:48 | SHD ] C:\Recovery
[29/08/2009 - 12:24:34 | N | 1989] C:\RHDSetup.log
[13/04/2013 - 12:01:12 | SHD ] C:\System Volume Information
[13/04/2013 - 14:51:38 | D ] C:\UsbFix
[13/04/2013 - 14:51:51 | A | 11836] C:\UsbFix [Clean 1] LUDIVINE-PC.txt
[13/04/2013 - 14:06:57 | N | 11151] C:\UsbFix [Scan 1] LUDIVINE-PC.txt
[07/10/2012 - 17:28:17 | D ] C:\Users
[20/01/2012 - 09:51:27 | D ] C:\videooutput
[12/04/2013 - 07:38:08 | D ] C:\Windows
################## | Vaccin |
C:\Autorun.inf -> Vaccin cr�� par UsbFix (El Desaparecido)
################## | E.O.F | http://sosvirus.org |