Publicité
Publicité
Format du document : text/plain
Prévisualisation
############################## | UsbFix V 7.127 | [Recherche]
Utilisateur: hp (Administrateur) # HP-PC
Mis � jour le 05/06/2013 par El Desaparecido
Lanc� � 08:25:25 | 14/06/2013
Site Web: http://sosvirus.org/
Upload Malware: http://upload.sosvirus.org/
Contact: contact@sosvirus.org
PC: Hewlett-Packard (HP Compaq 6830s) (X86-based PC)
CPU: Intel(R) Core(TM)2 Duo CPU T5670 @ 1.80GHz (1801)
RAM -> [Total : 3067 | Free : 1365]
BIOS: Default System BIOS
BOOT: Normal boot
OS: Microsoft Windows�7 �dition Int�grale (6.1.7601 32-Bit) # Service Pack 1
WB: Windows Internet Explorer 10.0.9200.16618
SC: Security Center Service [Enabled]
WU: Windows Update Service [Enabled]
AS: Windows Defender [Enabled | Updated]
FW: Windows FireWall Service [Enabled]
C:\ (%systemdrive%) -> Disque fixe # 223 Go (3 Go libre(s) - 1%) [] # NTFS
D:\ -> Disque fixe # 1021 Mo (1015 Mo libre(s) - 99%) [HP_TOOLS] # FAT32
E:\ -> Disque fixe # 9 Go (986 Mo libre(s) - 11%) [HP_RECOVERY] # NTFS
F:\ -> CD-ROM
G:\ -> CD-ROM
H:\ -> CD-ROM
################## | Processus Actif |
C:\Windows\system32\csrss.exe (464)
C:\Windows\system32\wininit.exe (524)
C:\Windows\system32\csrss.exe (532)
C:\Windows\system32\services.exe (580)
C:\Windows\system32\lsass.exe (596)
C:\Windows\system32\lsm.exe (604)
C:\Windows\system32\winlogon.exe (684)
C:\Windows\system32\svchost.exe (748)
C:\Windows\system32\svchost.exe (824)
C:\Windows\system32\atiesrxx.exe (868)
C:\Windows\System32\svchost.exe (952)
C:\Windows\System32\svchost.exe (992)
C:\Windows\system32\svchost.exe (1024)
C:\Windows\system32\svchost.exe (1056)
C:\Windows\system32\Hpservice.exe (1296)
C:\Windows\system32\svchost.exe (1340)
C:\Windows\System32\spoolsv.exe (1464)
C:\Windows\system32\svchost.exe (1500)
C:\Windows\system32\AEADISRV.EXE (1604)
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (1632)
C:\Program Files\Bonjour\mDNSResponder.exe (1656)
C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE (1688)
C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE (1716)
C:\Program Files\Hotspot Shield\bin\openvpnas.exe (1744)
C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe (1788)
C:\Program Files\Hotspot Shield\bin\hsswd.exe (1832)
C:\Windows\system32\svchost.exe (1920)
C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe (1988)
C:\Windows\system32\SearchIndexer.exe (2288)
C:\Windows\system32\svchost.exe (2332)
C:\Windows\system32\atieclxx.exe (2508)
C:\Windows\system32\taskhost.exe (2644)
C:\Windows\system32\Dwm.exe (2788)
C:\Windows\Explorer.EXE (2912)
C:\Program Files\Analog Devices\Core\smax4pnp.exe (3100)
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (3112)
C:\Program Files\PowerISO\PWRISOVM.EXE (3128)
C:\Program Files\Gamevance\gamevance32.exe (3152)
C:\Program Files\iTunes\iTunesHelper.exe (3236)
C:\Program Files\Common Files\Java\Java Update\jusched.exe (3320)
C:\Program Files\uTorrent\uTorrent.exe (3432)
C:\ProgramData\GameXN\GameXNGO.exe (3448)
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (3920)
C:\Program Files\iPod\bin\iPodService.exe (3968)
C:\Program Files\Hotspot Shield\bin\openvpntray.exe (4016)
C:\Windows\system32\svchost.exe (2216)
C:\Windows\System32\svchost.exe (1776)
C:\Program Files\Windows Media Player\wmpnetwk.exe (4072)
C:\Windows\System32\svchost.exe (3260)
C:\Windows\System32\spool\drivers\w32x86\3\E_FATIEDE.EXE (3508)
C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe (3544)
C:\Users\hp\AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe (3052)
C:\Windows\system32\taskhost.exe (5184)
C:\Users\hp\AppData\Local\Google\Chrome\Application\chrome.exe (6016)
C:\Users\hp\AppData\Local\Google\Chrome\Application\chrome.exe (5260)
C:\Users\hp\AppData\Local\Google\Chrome\Application\chrome.exe (4372)
C:\Users\hp\AppData\Local\Google\Chrome\Application\chrome.exe (1080)
C:\Users\hp\AppData\Local\Google\Chrome\Application\chrome.exe (3268)
C:\Users\hp\AppData\Local\Google\Chrome\Application\chrome.exe (3572)
C:\Users\hp\AppData\Local\Google\Chrome\Application\chrome.exe (2772)
C:\Users\hp\AppData\Local\Google\Chrome\Application\chrome.exe (1068)
C:\Users\hp\AppData\Local\Google\Chrome\Application\chrome.exe (3900)
C:\Users\hp\AppData\Local\Google\Chrome\Application\chrome.exe (2932)
C:\UsbFix\Go.exe (2032)
C:\Windows\system32\wbem\wmiprvse.exe (5348)
################## | El Desaparecido Section |
HKLM\SOFTWARE | Run : [SoundMAXPnP] - C:\Program Files\Analog Devices\Core\smax4pnp.exe
HKLM\SOFTWARE | Run : [SynTPEnh] - %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
HKLM\SOFTWARE | Run : [PWRISOVM.EXE] - C:\Program Files\PowerISO\PWRISOVM.EXE
HKLM\SOFTWARE | Run : [Gamevance] - C:\Program Files\Gamevance\gamevance32.exe a
HKLM\SOFTWARE | Run : [QuickTime Task] - "C:\Program Files\QuickTime\QTTask.exe" -atboottime
HKLM\SOFTWARE | Run : [iTunesHelper] - "C:\Program Files\iTunes\iTunesHelper.exe"
HKLM\SOFTWARE | Run : [] -
HKLM\SOFTWARE | Run : [SunJavaUpdateSched] - "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
HKLM\SOFTWARE | RunOnce : [] -
HKU\S-1-5-19\SOFTWARE | Run : [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-20\SOFTWARE | Run : [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-21-2750413467-2074054523-4094416870-1000\SOFTWARE | Run : [swg] - "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
HKU\S-1-5-21-2750413467-2074054523-4094416870-1000\SOFTWARE | Run : [Google Update] - "C:\Users\hp\AppData\Local\Google\Update\GoogleUpdate.exe" /c
HKU\S-1-5-21-2750413467-2074054523-4094416870-1000\SOFTWARE | Run : [IDMan] - C:\Program Files\Internet Download Manager\IDMan.exe /onboot
HKU\S-1-5-21-2750413467-2074054523-4094416870-1000\SOFTWARE | Run : [uTorrent] - "C:\Program Files\uTorrent\uTorrent.exe"
HKU\S-1-5-21-2750413467-2074054523-4094416870-1000\SOFTWARE | Run : [GameXN GO] - "C:\ProgramData\GameXN\GameXNGO.exe" /startup
HKU\S-1-5-21-2750413467-2074054523-4094416870-1000\SOFTWARE | Run : [Best Codec Pack803921.exe] - "C:\Users\hp\AppData\Local\Temp\Best Codec Pack803921.exe" /XML="C:\Users\hp\AppData\Local\Temp\96E5.tmp" /STP=0:2
HKU\S-1-5-21-2750413467-2074054523-4094416870-1000\SOFTWARE | Run : [EPSON SX100 Series] - C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIEDE.EXE /FU "C:\Windows\TEMP\E_S2740.tmp" /EF "HKCU"
HKU\S-1-5-21-2750413467-2074054523-4094416870-1000\SOFTWARE | Run : [Facebook Update] - "C:\Users\hp\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
HKU\S-1-5-19\SOFTWARE | RunOnce : [mctadmin] - C:\Windows\System32\mctadmin.exe
HKU\S-1-5-20\SOFTWARE | RunOnce : [mctadmin] - C:\Windows\System32\mctadmin.exe
################## | �l�ments infectieux |
Pr�sent! C:\Users\hp\AppData\Local\Temp\Best Codec Pack803921.exe
Pr�sent! C:\Users\hp\AppData\Local\Temp\uttE4AC.tmp.exe
Pr�sent! C:\Users\hp\AppData\Local\Temp\launchie.vbs
Pr�sent! C:\Users\hp\AppData\Local\Temp\7za.exe
Pr�sent! C:\Users\hp\AppData\Local\Temp\8BD54F3E-DD19-4a69-93D8-5C6A5BBBE20E.exe
Pr�sent! D:\zPharaoh.exe
Pr�sent! D:\autorun.inf
Pr�sent! E:\p.exe
Pr�sent! E:\1mteolu9.com
Pr�sent! E:\1xniph.bat
Pr�sent! E:\22yj2fy1.exe
Pr�sent! E:\2nuk.com
Pr�sent! E:\3j2h0tf.bat
Pr�sent! E:\6p2dxv.bat
Pr�sent! E:\6rxt26.exe
Pr�sent! E:\86l2qw.bat
Pr�sent! E:\8b3.bat
Pr�sent! E:\9kretct.exe
Pr�sent! E:\9u.exe
Pr�sent! E:\aieh8r.bat
Pr�sent! E:\auq9bor.bat
Pr�sent! E:\autorun.inf
Pr�sent! E:\f2.bat
Pr�sent! E:\hm1bfpuj.exe
Pr�sent! E:\il0byu3h.com
Pr�sent! E:\j39y2.bat
Pr�sent! E:\kgji.exe
Pr�sent! E:\ktly.exe
Pr�sent! E:\lcw.exe
Pr�sent! E:\Ljnhwt.bat
Pr�sent! E:\m1eqos3.exe
Pr�sent! E:\mb9x.exe
Pr�sent! E:\mqhnawe.bat
Pr�sent! E:\n0euybx.exe
Pr�sent! E:\nkbd1v.exe
Pr�sent! E:\q1alx.exe
Pr�sent! E:\q8e6.bat
Pr�sent! E:\qothmn.cmd
Pr�sent! E:\qr.exe
Pr�sent! E:\rx.exe
Pr�sent! E:\ukfbi3aw.exe
Pr�sent! E:\uo10sn.cmd
Pr�sent! E:\wbj.exe
Pr�sent! E:\xmcckw.bat
Pr�sent! E:\xs6kpr0.exe
Pr�sent! E:\y8.exe
Pr�sent! E:\zPharaoh.exe
Pr�sent! E:\RECYCLER\S-1-5-21-1202660629-1580818891-682003330-1003
Pr�sent! G:\Autorun.inf
Pr�sent! G:\autorun.exe
Pr�sent! G:\Autorun.ini
Pr�sent! H:\autorun.inf
################## | Mabezat |
Pr�sent! C:\Users\hp\AppData\Roaming\tazebama
Pr�sent! D:\zPharaoh.exe
Pr�sent! E:\zPharaoh.exe
Pr�sent! C:\$Recycle.Bin\S-1-5-21-2750413467-2074054523-4094416870-1000\$RSYGUCO\Gorillaz\Disk Defragmenter.exe
Pr�sent! E:\$RECYCLE.BIN\S-1-5-21-177163609-1410570673-3494397156-500\Microsoft Windows Network.exe
Pr�sent! E:\$RECYCLE.BIN\S-1-5-21-3868015693-436024930-797983475-1004\Recycle Bin.exe
Pr�sent! C:\$Recycle.Bin\S-1-5-21-2750413467-2074054523-4094416870-1000\$RSYGUCO\Gorillaz\Disk Defragmenter.exe
Pr�sent! C:\$Recycle.Bin\S-1-5-21-2750413467-2074054523-4094416870-1000\$RSYGUCO\Gorillaz\Gorillaz .exe
Pr�sent! C:\$Recycle.Bin\S-1-5-21-2750413467-2074054523-4094416870-1000\$RSYGUCO\Gorillaz\Gorillaz .exe
Pr�sent! C:\Users\hp\Desktop\Disque amovible\zPharaoh.exe
Pr�sent! D:\zPharaoh.exe
Pr�sent! E:\$RECYCLE.BIN\S-1-5-21-177163609-1410570673-3494397156-500\Microsoft Windows Network.exe
Pr�sent! E:\$RECYCLE.BIN\S-1-5-21-177163609-1410570673-3494397156-500\S-1-5-21-177163609-1410570673-3494397156-500 .exe
Pr�sent! E:\$RECYCLE.BIN\S-1-5-21-3868015693-436024930-797983475-1004\Recycle Bin.exe
Pr�sent! E:\$RECYCLE.BIN\S-1-5-21-3868015693-436024930-797983475-1004\S-1-5-21-3868015693-436024930-797983475-1004 .exe
Pr�sent! E:\RECYCLER\S-1-5-21-1202660629-1580818891-682003330-1003\S-1-5-21-1202660629-1580818891-682003330-1003 .exe
Pr�sent! E:\zPharaoh.exe
################## | Registre |
Pr�sent! HKCU\Software\Microsoft\Windows\CurrentVersion\Run|Best Codec Pack803921.exe
################## | Mountpoints2 |
HKCU\.\.\.\.\Explorer\MountPoints2\F
Shell\AutoRun\Command = F:\Autorun.exe
HKCU\.\.\.\.\Explorer\MountPoints2\G
Shell\AutoRun\Command = G:\Autorun.exe
HKCU\.\.\.\.\Explorer\MountPoints2\H
Shell\AutoRun\Command = H:\Install.exe
HKCU\.\.\.\.\Explorer\MountPoints2\I
Shell\AutoRun\Command = I:\Install.exe
################## | Vaccin |
(!) Cet ordinateur n'est pas vaccin�!
################## | E.O.F | http://sosvirus.org |
Utilisateur: hp (Administrateur) # HP-PC
Mis � jour le 05/06/2013 par El Desaparecido
Lanc� � 08:25:25 | 14/06/2013
Site Web: http://sosvirus.org/
Upload Malware: http://upload.sosvirus.org/
Contact: contact@sosvirus.org
PC: Hewlett-Packard (HP Compaq 6830s) (X86-based PC)
CPU: Intel(R) Core(TM)2 Duo CPU T5670 @ 1.80GHz (1801)
RAM -> [Total : 3067 | Free : 1365]
BIOS: Default System BIOS
BOOT: Normal boot
OS: Microsoft Windows�7 �dition Int�grale (6.1.7601 32-Bit) # Service Pack 1
WB: Windows Internet Explorer 10.0.9200.16618
SC: Security Center Service [Enabled]
WU: Windows Update Service [Enabled]
AS: Windows Defender [Enabled | Updated]
FW: Windows FireWall Service [Enabled]
C:\ (%systemdrive%) -> Disque fixe # 223 Go (3 Go libre(s) - 1%) [] # NTFS
D:\ -> Disque fixe # 1021 Mo (1015 Mo libre(s) - 99%) [HP_TOOLS] # FAT32
E:\ -> Disque fixe # 9 Go (986 Mo libre(s) - 11%) [HP_RECOVERY] # NTFS
F:\ -> CD-ROM
G:\ -> CD-ROM
H:\ -> CD-ROM
################## | Processus Actif |
C:\Windows\system32\csrss.exe (464)
C:\Windows\system32\wininit.exe (524)
C:\Windows\system32\csrss.exe (532)
C:\Windows\system32\services.exe (580)
C:\Windows\system32\lsass.exe (596)
C:\Windows\system32\lsm.exe (604)
C:\Windows\system32\winlogon.exe (684)
C:\Windows\system32\svchost.exe (748)
C:\Windows\system32\svchost.exe (824)
C:\Windows\system32\atiesrxx.exe (868)
C:\Windows\System32\svchost.exe (952)
C:\Windows\System32\svchost.exe (992)
C:\Windows\system32\svchost.exe (1024)
C:\Windows\system32\svchost.exe (1056)
C:\Windows\system32\Hpservice.exe (1296)
C:\Windows\system32\svchost.exe (1340)
C:\Windows\System32\spoolsv.exe (1464)
C:\Windows\system32\svchost.exe (1500)
C:\Windows\system32\AEADISRV.EXE (1604)
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (1632)
C:\Program Files\Bonjour\mDNSResponder.exe (1656)
C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE (1688)
C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE (1716)
C:\Program Files\Hotspot Shield\bin\openvpnas.exe (1744)
C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe (1788)
C:\Program Files\Hotspot Shield\bin\hsswd.exe (1832)
C:\Windows\system32\svchost.exe (1920)
C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe (1988)
C:\Windows\system32\SearchIndexer.exe (2288)
C:\Windows\system32\svchost.exe (2332)
C:\Windows\system32\atieclxx.exe (2508)
C:\Windows\system32\taskhost.exe (2644)
C:\Windows\system32\Dwm.exe (2788)
C:\Windows\Explorer.EXE (2912)
C:\Program Files\Analog Devices\Core\smax4pnp.exe (3100)
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (3112)
C:\Program Files\PowerISO\PWRISOVM.EXE (3128)
C:\Program Files\Gamevance\gamevance32.exe (3152)
C:\Program Files\iTunes\iTunesHelper.exe (3236)
C:\Program Files\Common Files\Java\Java Update\jusched.exe (3320)
C:\Program Files\uTorrent\uTorrent.exe (3432)
C:\ProgramData\GameXN\GameXNGO.exe (3448)
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (3920)
C:\Program Files\iPod\bin\iPodService.exe (3968)
C:\Program Files\Hotspot Shield\bin\openvpntray.exe (4016)
C:\Windows\system32\svchost.exe (2216)
C:\Windows\System32\svchost.exe (1776)
C:\Program Files\Windows Media Player\wmpnetwk.exe (4072)
C:\Windows\System32\svchost.exe (3260)
C:\Windows\System32\spool\drivers\w32x86\3\E_FATIEDE.EXE (3508)
C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe (3544)
C:\Users\hp\AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe (3052)
C:\Windows\system32\taskhost.exe (5184)
C:\Users\hp\AppData\Local\Google\Chrome\Application\chrome.exe (6016)
C:\Users\hp\AppData\Local\Google\Chrome\Application\chrome.exe (5260)
C:\Users\hp\AppData\Local\Google\Chrome\Application\chrome.exe (4372)
C:\Users\hp\AppData\Local\Google\Chrome\Application\chrome.exe (1080)
C:\Users\hp\AppData\Local\Google\Chrome\Application\chrome.exe (3268)
C:\Users\hp\AppData\Local\Google\Chrome\Application\chrome.exe (3572)
C:\Users\hp\AppData\Local\Google\Chrome\Application\chrome.exe (2772)
C:\Users\hp\AppData\Local\Google\Chrome\Application\chrome.exe (1068)
C:\Users\hp\AppData\Local\Google\Chrome\Application\chrome.exe (3900)
C:\Users\hp\AppData\Local\Google\Chrome\Application\chrome.exe (2932)
C:\UsbFix\Go.exe (2032)
C:\Windows\system32\wbem\wmiprvse.exe (5348)
################## | El Desaparecido Section |
HKLM\SOFTWARE | Run : [SoundMAXPnP] - C:\Program Files\Analog Devices\Core\smax4pnp.exe
HKLM\SOFTWARE | Run : [SynTPEnh] - %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
HKLM\SOFTWARE | Run : [PWRISOVM.EXE] - C:\Program Files\PowerISO\PWRISOVM.EXE
HKLM\SOFTWARE | Run : [Gamevance] - C:\Program Files\Gamevance\gamevance32.exe a
HKLM\SOFTWARE | Run : [QuickTime Task] - "C:\Program Files\QuickTime\QTTask.exe" -atboottime
HKLM\SOFTWARE | Run : [iTunesHelper] - "C:\Program Files\iTunes\iTunesHelper.exe"
HKLM\SOFTWARE | Run : [] -
HKLM\SOFTWARE | Run : [SunJavaUpdateSched] - "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
HKLM\SOFTWARE | RunOnce : [] -
HKU\S-1-5-19\SOFTWARE | Run : [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-20\SOFTWARE | Run : [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-21-2750413467-2074054523-4094416870-1000\SOFTWARE | Run : [swg] - "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
HKU\S-1-5-21-2750413467-2074054523-4094416870-1000\SOFTWARE | Run : [Google Update] - "C:\Users\hp\AppData\Local\Google\Update\GoogleUpdate.exe" /c
HKU\S-1-5-21-2750413467-2074054523-4094416870-1000\SOFTWARE | Run : [IDMan] - C:\Program Files\Internet Download Manager\IDMan.exe /onboot
HKU\S-1-5-21-2750413467-2074054523-4094416870-1000\SOFTWARE | Run : [uTorrent] - "C:\Program Files\uTorrent\uTorrent.exe"
HKU\S-1-5-21-2750413467-2074054523-4094416870-1000\SOFTWARE | Run : [GameXN GO] - "C:\ProgramData\GameXN\GameXNGO.exe" /startup
HKU\S-1-5-21-2750413467-2074054523-4094416870-1000\SOFTWARE | Run : [Best Codec Pack803921.exe] - "C:\Users\hp\AppData\Local\Temp\Best Codec Pack803921.exe" /XML="C:\Users\hp\AppData\Local\Temp\96E5.tmp" /STP=0:2
HKU\S-1-5-21-2750413467-2074054523-4094416870-1000\SOFTWARE | Run : [EPSON SX100 Series] - C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIEDE.EXE /FU "C:\Windows\TEMP\E_S2740.tmp" /EF "HKCU"
HKU\S-1-5-21-2750413467-2074054523-4094416870-1000\SOFTWARE | Run : [Facebook Update] - "C:\Users\hp\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
HKU\S-1-5-19\SOFTWARE | RunOnce : [mctadmin] - C:\Windows\System32\mctadmin.exe
HKU\S-1-5-20\SOFTWARE | RunOnce : [mctadmin] - C:\Windows\System32\mctadmin.exe
################## | �l�ments infectieux |
Pr�sent! C:\Users\hp\AppData\Local\Temp\Best Codec Pack803921.exe
Pr�sent! C:\Users\hp\AppData\Local\Temp\uttE4AC.tmp.exe
Pr�sent! C:\Users\hp\AppData\Local\Temp\launchie.vbs
Pr�sent! C:\Users\hp\AppData\Local\Temp\7za.exe
Pr�sent! C:\Users\hp\AppData\Local\Temp\8BD54F3E-DD19-4a69-93D8-5C6A5BBBE20E.exe
Pr�sent! D:\zPharaoh.exe
Pr�sent! D:\autorun.inf
Pr�sent! E:\p.exe
Pr�sent! E:\1mteolu9.com
Pr�sent! E:\1xniph.bat
Pr�sent! E:\22yj2fy1.exe
Pr�sent! E:\2nuk.com
Pr�sent! E:\3j2h0tf.bat
Pr�sent! E:\6p2dxv.bat
Pr�sent! E:\6rxt26.exe
Pr�sent! E:\86l2qw.bat
Pr�sent! E:\8b3.bat
Pr�sent! E:\9kretct.exe
Pr�sent! E:\9u.exe
Pr�sent! E:\aieh8r.bat
Pr�sent! E:\auq9bor.bat
Pr�sent! E:\autorun.inf
Pr�sent! E:\f2.bat
Pr�sent! E:\hm1bfpuj.exe
Pr�sent! E:\il0byu3h.com
Pr�sent! E:\j39y2.bat
Pr�sent! E:\kgji.exe
Pr�sent! E:\ktly.exe
Pr�sent! E:\lcw.exe
Pr�sent! E:\Ljnhwt.bat
Pr�sent! E:\m1eqos3.exe
Pr�sent! E:\mb9x.exe
Pr�sent! E:\mqhnawe.bat
Pr�sent! E:\n0euybx.exe
Pr�sent! E:\nkbd1v.exe
Pr�sent! E:\q1alx.exe
Pr�sent! E:\q8e6.bat
Pr�sent! E:\qothmn.cmd
Pr�sent! E:\qr.exe
Pr�sent! E:\rx.exe
Pr�sent! E:\ukfbi3aw.exe
Pr�sent! E:\uo10sn.cmd
Pr�sent! E:\wbj.exe
Pr�sent! E:\xmcckw.bat
Pr�sent! E:\xs6kpr0.exe
Pr�sent! E:\y8.exe
Pr�sent! E:\zPharaoh.exe
Pr�sent! E:\RECYCLER\S-1-5-21-1202660629-1580818891-682003330-1003
Pr�sent! G:\Autorun.inf
Pr�sent! G:\autorun.exe
Pr�sent! G:\Autorun.ini
Pr�sent! H:\autorun.inf
################## | Mabezat |
Pr�sent! C:\Users\hp\AppData\Roaming\tazebama
Pr�sent! D:\zPharaoh.exe
Pr�sent! E:\zPharaoh.exe
Pr�sent! C:\$Recycle.Bin\S-1-5-21-2750413467-2074054523-4094416870-1000\$RSYGUCO\Gorillaz\Disk Defragmenter.exe
Pr�sent! E:\$RECYCLE.BIN\S-1-5-21-177163609-1410570673-3494397156-500\Microsoft Windows Network.exe
Pr�sent! E:\$RECYCLE.BIN\S-1-5-21-3868015693-436024930-797983475-1004\Recycle Bin.exe
Pr�sent! C:\$Recycle.Bin\S-1-5-21-2750413467-2074054523-4094416870-1000\$RSYGUCO\Gorillaz\Disk Defragmenter.exe
Pr�sent! C:\$Recycle.Bin\S-1-5-21-2750413467-2074054523-4094416870-1000\$RSYGUCO\Gorillaz\Gorillaz .exe
Pr�sent! C:\$Recycle.Bin\S-1-5-21-2750413467-2074054523-4094416870-1000\$RSYGUCO\Gorillaz\Gorillaz .exe
Pr�sent! C:\Users\hp\Desktop\Disque amovible\zPharaoh.exe
Pr�sent! D:\zPharaoh.exe
Pr�sent! E:\$RECYCLE.BIN\S-1-5-21-177163609-1410570673-3494397156-500\Microsoft Windows Network.exe
Pr�sent! E:\$RECYCLE.BIN\S-1-5-21-177163609-1410570673-3494397156-500\S-1-5-21-177163609-1410570673-3494397156-500 .exe
Pr�sent! E:\$RECYCLE.BIN\S-1-5-21-3868015693-436024930-797983475-1004\Recycle Bin.exe
Pr�sent! E:\$RECYCLE.BIN\S-1-5-21-3868015693-436024930-797983475-1004\S-1-5-21-3868015693-436024930-797983475-1004 .exe
Pr�sent! E:\RECYCLER\S-1-5-21-1202660629-1580818891-682003330-1003\S-1-5-21-1202660629-1580818891-682003330-1003 .exe
Pr�sent! E:\zPharaoh.exe
################## | Registre |
Pr�sent! HKCU\Software\Microsoft\Windows\CurrentVersion\Run|Best Codec Pack803921.exe
################## | Mountpoints2 |
HKCU\.\.\.\.\Explorer\MountPoints2\F
Shell\AutoRun\Command = F:\Autorun.exe
HKCU\.\.\.\.\Explorer\MountPoints2\G
Shell\AutoRun\Command = G:\Autorun.exe
HKCU\.\.\.\.\Explorer\MountPoints2\H
Shell\AutoRun\Command = H:\Install.exe
HKCU\.\.\.\.\Explorer\MountPoints2\I
Shell\AutoRun\Command = I:\Install.exe
################## | Vaccin |
(!) Cet ordinateur n'est pas vaccin�!
################## | E.O.F | http://sosvirus.org |