Publicité
Publicité
Format du document : text/plain
Prévisualisation
############################## | UsbFix V 7.121 | [Recherche]
Utilisateur: Damien (Administrateur) # DAMIEN-PC
Mis � jour le 07/04/2013 par El Desaparecido
Lanc� � 22:49:19 | 14/04/2013
Site Web: http://sosvirus.org/
Upload Malware: http://upload.sosvirus.org/
Contact: contact@sosvirus.org
PC: Hewlett-Packard (HP Pavilion dv7 Notebook PC) (x64-based PC)
CPU: Intel(R) Core(TM)2 Duo CPU T6600 @ 2.20GHz (2200)
RAM -> [Total : 4063 | Free : 2598]
BIOS: Default System BIOS
BOOT: Normal boot
OS: Microsoft Windows�7 �dition Familiale Premium (6.1.7601 64-Bit) # Service Pack 1
WB: Windows Internet Explorer 10.0.9200.16540
SC: Security Center Service [Enabled]
WU: Windows Update Service [Enabled]
AV: avast! Antivirus [Enabled | Updated]
FW: Windows FireWall Service [Enabled]
C:\ (%systemdrive%) -> Disque fixe # 285 Go (248 Go libre(s) - 87%) [OS] # NTFS
D:\ -> Disque fixe # 298 Go (298 Go libre(s) - 100%) [DATA] # NTFS
E:\ -> Disque fixe # 13 Go (2 Go libre(s) - 17%) [RECOVERY] # NTFS
F:\ -> CD-ROM
G:\ -> Disque fixe # 931 Go (748 Go libre(s) - 80%) [My Passport] # NTFS
################## | Processus Actif |
C:\Windows\system32\csrss.exe (448)
C:\Windows\system32\wininit.exe (524)
C:\Windows\system32\csrss.exe (544)
C:\Windows\system32\services.exe (588)
C:\Windows\system32\winlogon.exe (620)
C:\Windows\system32\lsass.exe (648)
C:\Windows\system32\lsm.exe (656)
C:\Windows\system32\svchost.exe (764)
C:\Windows\system32\svchost.exe (856)
C:\Windows\system32\atiesrxx.exe (900)
C:\Windows\System32\svchost.exe (988)
C:\Windows\System32\svchost.exe (360)
C:\Windows\system32\svchost.exe (432)
C:\Windows\system32\svchost.exe (548)
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe (708)
C:\Windows\system32\svchost.exe (1200)
C:\Windows\system32\Hpservice.exe (1272)
C:\Windows\system32\atieclxx.exe (1284)
C:\Windows\system32\svchost.exe (1396)
C:\Program Files\AVAST Software\Avast\AvastSvc.exe (1520)
C:\Windows\system32\WLANExt.exe (1528)
C:\Windows\system32\conhost.exe (1536)
C:\Windows\System32\spoolsv.exe (1932)
C:\Windows\system32\svchost.exe (1964)
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (2040)
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe (1180)
C:\Windows\SysWOW64\svchost.exe (1256)
C:\Windows\system32\taskhost.exe (2084)
C:\Windows\system32\Dwm.exe (2132)
C:\Windows\Explorer.EXE (2148)
C:\Windows\system32\svchost.exe (2260)
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe (2408)
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (2416)
C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe (2424)
C:\Program Files\IDT\WDM\sttray64.exe (2768)
C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe (2776)
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe (2868)
C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe (2904)
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (2956)
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (2480)
C:\Windows\system32\svchost.exe (3216)
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE (3236)
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe (3380)
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (3392)
C:\Windows\system32\SearchIndexer.exe (3516)
C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe (3532)
C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe (3540)
C:\Program Files\AVAST Software\Avast\AvastUI.exe (3548)
C:\Program Files\Windows Media Player\wmpnetwk.exe (3744)
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe (3840)
C:\Windows\system32\wbem\wmiprvse.exe (3104)
C:\Windows\System32\svchost.exe (3388)
C:\Windows\system32\taskeng.exe (2888)
c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe (3944)
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe (3712)
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe (4320)
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (4500)
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe (4624)
C:\Windows\system32\DllHost.exe (4912)
C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe (3196)
C:\Windows\System32\svchost.exe (4488)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (3632)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (2276)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (4696)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (4996)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (436)
C:\Windows\system32\SearchProtocolHost.exe (4708)
C:\Windows\system32\SearchFilterHost.exe (4172)
C:\UsbFix\Go.exe (784)
C:\Windows\system32\wbem\wmiprvse.exe (1976)
################## | El Desaparecido Section |
HKLM\SOFTWARE | Run : [StartCCC] - "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
HKLM\SOFTWARE | Run : [HPCam_Menu] - "c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\Hewlett-Packard\Media\Webcam" UpdateWithCreateOnce "Software\Hewlett-Packard\Media\Webcam"
HKLM\SOFTWARE | Run : [QlbCtrl.exe] - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
HKLM\SOFTWARE | Run : [UpdatePRCShortCut] - "C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Hewlett-Packard\Recovery" UpdateWithCreateOnce "Software\CyberLink\PowerRecover"
HKLM\SOFTWARE | Run : [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
HKLM\SOFTWARE | Run : [WirelessAssistant] - C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
HKLM\SOFTWARE | Run : [avast] - "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
HKLM\SOFTWARE | Run : [Adobe ARM] - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
HKLM\SOFTWARE\wow6432Node | Run : [StartCCC] - "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
HKLM\SOFTWARE\wow6432Node | Run : [HPCam_Menu] - "c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\Hewlett-Packard\Media\Webcam" UpdateWithCreateOnce "Software\Hewlett-Packard\Media\Webcam"
HKLM\SOFTWARE\wow6432Node | Run : [QlbCtrl.exe] - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
HKLM\SOFTWARE\wow6432Node | Run : [UpdatePRCShortCut] - "C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Hewlett-Packard\Recovery" UpdateWithCreateOnce "Software\CyberLink\PowerRecover"
HKLM\SOFTWARE\wow6432Node | Run : [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
HKLM\SOFTWARE\wow6432Node | Run : [WirelessAssistant] - C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
HKLM\SOFTWARE\wow6432Node | Run : [avast] - "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
HKLM\SOFTWARE\wow6432Node | Run : [Adobe ARM] - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
HKLM\SOFTWARE | RunOnce : [Malwarebytes Anti-Malware] - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
HKLM\SOFTWARE | RunOnce : [] -
HKLM\SOFTWARE\wow6432Node | RunOnce : [Malwarebytes Anti-Malware] - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
HKLM\SOFTWARE\wow6432Node | RunOnce : [] -
HKU\S-1-5-19\SOFTWARE | Run : [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-20\SOFTWARE | Run : [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-21-2399800536-4079095281-4039618715-1001\SOFTWARE | Run : [HPADVISOR] - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW
HKU\S-1-5-21-2399800536-4079095281-4039618715-1001\SOFTWARE | Run : [LightScribe Control Panel] - C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
HKU\S-1-5-19\SOFTWARE | RunOnce : [mctadmin] - C:\Windows\System32\mctadmin.exe
HKU\S-1-5-20\SOFTWARE | RunOnce : [mctadmin] - C:\Windows\System32\mctadmin.exe
HKU\S-1-5-18\SOFTWARE | RunOnce : [SPReview] - "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
################## | �l�ments infectieux |
Pr�sent! G:\WD Apps Setup.exe
################## | Registre |
################## | Mountpoints2 |
################## | Vaccin |
(!) Cet ordinateur n'est pas vaccin�!
################## | E.O.F | http://sosvirus.org |
Utilisateur: Damien (Administrateur) # DAMIEN-PC
Mis � jour le 07/04/2013 par El Desaparecido
Lanc� � 22:49:19 | 14/04/2013
Site Web: http://sosvirus.org/
Upload Malware: http://upload.sosvirus.org/
Contact: contact@sosvirus.org
PC: Hewlett-Packard (HP Pavilion dv7 Notebook PC) (x64-based PC)
CPU: Intel(R) Core(TM)2 Duo CPU T6600 @ 2.20GHz (2200)
RAM -> [Total : 4063 | Free : 2598]
BIOS: Default System BIOS
BOOT: Normal boot
OS: Microsoft Windows�7 �dition Familiale Premium (6.1.7601 64-Bit) # Service Pack 1
WB: Windows Internet Explorer 10.0.9200.16540
SC: Security Center Service [Enabled]
WU: Windows Update Service [Enabled]
AV: avast! Antivirus [Enabled | Updated]
FW: Windows FireWall Service [Enabled]
C:\ (%systemdrive%) -> Disque fixe # 285 Go (248 Go libre(s) - 87%) [OS] # NTFS
D:\ -> Disque fixe # 298 Go (298 Go libre(s) - 100%) [DATA] # NTFS
E:\ -> Disque fixe # 13 Go (2 Go libre(s) - 17%) [RECOVERY] # NTFS
F:\ -> CD-ROM
G:\ -> Disque fixe # 931 Go (748 Go libre(s) - 80%) [My Passport] # NTFS
################## | Processus Actif |
C:\Windows\system32\csrss.exe (448)
C:\Windows\system32\wininit.exe (524)
C:\Windows\system32\csrss.exe (544)
C:\Windows\system32\services.exe (588)
C:\Windows\system32\winlogon.exe (620)
C:\Windows\system32\lsass.exe (648)
C:\Windows\system32\lsm.exe (656)
C:\Windows\system32\svchost.exe (764)
C:\Windows\system32\svchost.exe (856)
C:\Windows\system32\atiesrxx.exe (900)
C:\Windows\System32\svchost.exe (988)
C:\Windows\System32\svchost.exe (360)
C:\Windows\system32\svchost.exe (432)
C:\Windows\system32\svchost.exe (548)
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe (708)
C:\Windows\system32\svchost.exe (1200)
C:\Windows\system32\Hpservice.exe (1272)
C:\Windows\system32\atieclxx.exe (1284)
C:\Windows\system32\svchost.exe (1396)
C:\Program Files\AVAST Software\Avast\AvastSvc.exe (1520)
C:\Windows\system32\WLANExt.exe (1528)
C:\Windows\system32\conhost.exe (1536)
C:\Windows\System32\spoolsv.exe (1932)
C:\Windows\system32\svchost.exe (1964)
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (2040)
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe (1180)
C:\Windows\SysWOW64\svchost.exe (1256)
C:\Windows\system32\taskhost.exe (2084)
C:\Windows\system32\Dwm.exe (2132)
C:\Windows\Explorer.EXE (2148)
C:\Windows\system32\svchost.exe (2260)
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe (2408)
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (2416)
C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe (2424)
C:\Program Files\IDT\WDM\sttray64.exe (2768)
C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe (2776)
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe (2868)
C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe (2904)
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (2956)
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (2480)
C:\Windows\system32\svchost.exe (3216)
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE (3236)
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe (3380)
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (3392)
C:\Windows\system32\SearchIndexer.exe (3516)
C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe (3532)
C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe (3540)
C:\Program Files\AVAST Software\Avast\AvastUI.exe (3548)
C:\Program Files\Windows Media Player\wmpnetwk.exe (3744)
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe (3840)
C:\Windows\system32\wbem\wmiprvse.exe (3104)
C:\Windows\System32\svchost.exe (3388)
C:\Windows\system32\taskeng.exe (2888)
c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe (3944)
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe (3712)
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe (4320)
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (4500)
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe (4624)
C:\Windows\system32\DllHost.exe (4912)
C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe (3196)
C:\Windows\System32\svchost.exe (4488)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (3632)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (2276)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (4696)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (4996)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (436)
C:\Windows\system32\SearchProtocolHost.exe (4708)
C:\Windows\system32\SearchFilterHost.exe (4172)
C:\UsbFix\Go.exe (784)
C:\Windows\system32\wbem\wmiprvse.exe (1976)
################## | El Desaparecido Section |
HKLM\SOFTWARE | Run : [StartCCC] - "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
HKLM\SOFTWARE | Run : [HPCam_Menu] - "c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\Hewlett-Packard\Media\Webcam" UpdateWithCreateOnce "Software\Hewlett-Packard\Media\Webcam"
HKLM\SOFTWARE | Run : [QlbCtrl.exe] - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
HKLM\SOFTWARE | Run : [UpdatePRCShortCut] - "C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Hewlett-Packard\Recovery" UpdateWithCreateOnce "Software\CyberLink\PowerRecover"
HKLM\SOFTWARE | Run : [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
HKLM\SOFTWARE | Run : [WirelessAssistant] - C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
HKLM\SOFTWARE | Run : [avast] - "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
HKLM\SOFTWARE | Run : [Adobe ARM] - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
HKLM\SOFTWARE\wow6432Node | Run : [StartCCC] - "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
HKLM\SOFTWARE\wow6432Node | Run : [HPCam_Menu] - "c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\Hewlett-Packard\Media\Webcam" UpdateWithCreateOnce "Software\Hewlett-Packard\Media\Webcam"
HKLM\SOFTWARE\wow6432Node | Run : [QlbCtrl.exe] - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
HKLM\SOFTWARE\wow6432Node | Run : [UpdatePRCShortCut] - "C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Hewlett-Packard\Recovery" UpdateWithCreateOnce "Software\CyberLink\PowerRecover"
HKLM\SOFTWARE\wow6432Node | Run : [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
HKLM\SOFTWARE\wow6432Node | Run : [WirelessAssistant] - C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
HKLM\SOFTWARE\wow6432Node | Run : [avast] - "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
HKLM\SOFTWARE\wow6432Node | Run : [Adobe ARM] - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
HKLM\SOFTWARE | RunOnce : [Malwarebytes Anti-Malware] - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
HKLM\SOFTWARE | RunOnce : [] -
HKLM\SOFTWARE\wow6432Node | RunOnce : [Malwarebytes Anti-Malware] - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
HKLM\SOFTWARE\wow6432Node | RunOnce : [] -
HKU\S-1-5-19\SOFTWARE | Run : [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-20\SOFTWARE | Run : [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-21-2399800536-4079095281-4039618715-1001\SOFTWARE | Run : [HPADVISOR] - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW
HKU\S-1-5-21-2399800536-4079095281-4039618715-1001\SOFTWARE | Run : [LightScribe Control Panel] - C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
HKU\S-1-5-19\SOFTWARE | RunOnce : [mctadmin] - C:\Windows\System32\mctadmin.exe
HKU\S-1-5-20\SOFTWARE | RunOnce : [mctadmin] - C:\Windows\System32\mctadmin.exe
HKU\S-1-5-18\SOFTWARE | RunOnce : [SPReview] - "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
################## | �l�ments infectieux |
Pr�sent! G:\WD Apps Setup.exe
################## | Registre |
################## | Mountpoints2 |
################## | Vaccin |
(!) Cet ordinateur n'est pas vaccin�!
################## | E.O.F | http://sosvirus.org |