############################## | UsbFix V 7.124 | [Suppression] Utilisateur: léo (Administrateur) # LÉO-HP Mis à jour le 24/04/2013 par El Desaparecido Lancé à 22:27:50 | 28/04/2013 Site Web: http://sosvirus.org/ Upload Malware: http://upload.sosvirus.org/ Contact: contact@sosvirus.org PC: Hewlett-Packard (HP 635 Notebook PC ) (X86-based PC) CPU: AMD E-300 APU with Radeon(tm) HD Graphics (1300) RAM -> [Total : 1643 | Free : 756] BIOS: InsydeH2O Version CCB.03.61.11F.43 BOOT: Normal boot OS: Microsoft Windows 7 Professionnel (6.1.7601 32-Bit) # Service Pack 1 WB: Windows Internet Explorer 9.0.8112.16421 SC: Security Center Service [Enabled] WU: Windows Update Service [Enabled] AV: AVG Anti-Virus 2013 [(!) Disabled | Updated] FW: Windows FireWall Service [Enabled] C:\ (%systemdrive%) -> Disque fixe # 298 Go (189 Go libre(s) - 63%) [Windows] # NTFS D:\ -> CD-ROM E:\ -> Disque amovible # 8 Go (3 Go libre(s) - 39%) [TRANSCEND] # FAT32 ################## | El Desaparecido Section | HKLM\SOFTWARE | Run : [SynTPEnh] - %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe HKLM\SOFTWARE | Run : [QuickTime Task] - "C:\Program Files\QuickTime\QTTask.exe" -atboottime HKLM\SOFTWARE | Run : [Flyer] - "c:\Ordina13 Help\MessageSCC.exe" HKLM\SOFTWARE | Run : [MSC] - "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey HKLM\SOFTWARE | Run : [SunJavaUpdateSched] - "C:\Program Files\Common Files\Java\Java Update\jusched.exe" HKLM\SOFTWARE | Run : [AtherosBtStack] - "C:\Program Files\Bluetooth Suite\BtvStack.exe" HKLM\SOFTWARE | Run : [AthBtTray] - "C:\Program Files\Bluetooth Suite\AthBtTray.exe" HKLM\SOFTWARE | Run : [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe -s HKLM\SOFTWARE | Run : [HPOSD] - C:\Program Files\Hewlett-Packard\HP On Screen Display\HPOSD.exe HKLM\SOFTWARE | Run : [HP Quick Launch] - C:\Program Files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe HKLM\SOFTWARE | Run : [PDF Complete] - C:\Program Files\PDF Complete\pdfsty.exe HKLM\SOFTWARE | Run : [AVG_UI] - "C:\Program Files\AVG\AVG2013\avgui.exe" /TRAYONLY HKLM\SOFTWARE | Run : [avast] - "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui HKLM\SOFTWARE | RunOnce : [] - HKLM\SOFTWARE | RunOnceEx : [ContentMerger] - c:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\ContentMerger10.exe HKU\S-1-5-19\SOFTWARE | Run : [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun HKU\S-1-5-20\SOFTWARE | Run : [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun HKU\S-1-5-21-2823203330-1570677491-1077528394-1014\SOFTWARE | Run : [Connexion SFR 9props.exe] - "C:\Program Files\SFR\Kit\9props.exe" /trayicon HKU\S-1-5-21-2823203330-1570677491-1077528394-1014\SOFTWARE | Run : [Skype] - "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun HKU\S-1-5-21-2823203330-1570677491-1077528394-1014\SOFTWARE | Run : [Steam] - "C:\Program Files\Steam\Steam.exe" -silent HKU\S-1-5-19\SOFTWARE | RunOnce : [mctadmin] - C:\Windows\System32\mctadmin.exe HKU\S-1-5-20\SOFTWARE | RunOnce : [mctadmin] - C:\Windows\System32\mctadmin.exe ################## | Processus Stoppés | Stoppé! c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (884) Stoppé! C:\windows\system32\atiesrxx.exe (944) Stoppé! C:\windows\system32\atieclxx.exe (1404) Stoppé! C:\Program Files\AVAST Software\Avast\AvastSvc.exe (1492) Stoppé! C:\windows\system32\WLANExt.exe (1500) Stoppé! C:\windows\system32\conhost.exe (1508) Stoppé! C:\windows\System32\spoolsv.exe (2040) Stoppé! C:\windows\system32\taskhost.exe (600) Stoppé! C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (1540) Stoppé! C:\Program Files\Microsoft Security Client\msseces.exe (1956) Stoppé! C:\Program Files\Realtek\Audio\HDA\AERTSrv.exe (1960) Stoppé! C:\Program Files\Bluetooth Suite\Ath_CoexAgent.exe (112) Stoppé! C:\Program Files\Common Files\Java\Java Update\jusched.exe (1296) Stoppé! C:\Program Files\Bluetooth Suite\BtvStack.exe (1704) Stoppé! C:\Program Files\Bluetooth Suite\AthBtTray.exe (1664) Stoppé! C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe (2072) Stoppé! C:\Program Files\Hewlett-Packard\HP On Screen Display\HPOSD.exe (2092) Stoppé! C:\Program Files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (2108) Stoppé! C:\Program Files\Bluetooth Suite\adminservice.exe (2172) Stoppé! C:\Program Files\AVAST Software\Avast\AvastUI.exe (2428) Stoppé! C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe (2528) Stoppé! C:\Program Files\Realtek\Realtek PCIE Card Reader\RIconMan.exe (2644) Stoppé! C:\Program Files\SFR\Kit\9props.exe (2660) Stoppé! C:\Program Files\Skype\Phone\Skype.exe (2692) Stoppé! C:\Program Files\PDF Complete\pdfsvc.exe (2816) Stoppé! C:\Program Files\Larousse\Tout sur les verbes Français\bin\Hyperappel.exe (2824) Stoppé! C:\Program Files\OpenOffice.org 3\program\soffice.exe (2896) Stoppé! C:\Program Files\OpenOffice.org 3\program\soffice.bin (2968) Stoppé! C:\windows\system32\PnkBstrA.exe (3000) Stoppé! C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (3040) Stoppé! C:\windows\system32\taskeng.exe (3052) Stoppé! C:\Program Files\CyberLink\YouCam\YCMMirage.exe (3124) Stoppé! C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (3228) Stoppé! C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (3340) Stoppé! c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe (2236) Stoppé! C:\windows\system32\SearchIndexer.exe (3380) Stoppé! C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe (3400) Stoppé! C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (3196) Stoppé! C:\Program Files\Hewlett-Packard\HP Support Framework\hpsa_service.exe (4036) Stoppé! C:\Program Files\Windows Media Player\wmpnetwk.exe (4752) Stoppé! C:\windows\System32\WUDFHost.exe (3912) Stoppé! C:\windows\system32\taskeng.exe (5812) Stoppé! C:\windows\system32\taskhost.exe (4976) ################## | Éléments infectieux | Non supprimé ! E:\veuix.exe Non supprimé ! E:\veuix.scr Supprimé! E:\New Folder.lnk Supprimé! E:\Passwords.lnk Supprimé! E:\Documents.lnk Supprimé! E:\Pictures.lnk Supprimé! E:\Music.lnk Supprimé! E:\Video.lnk Supprimé! E:\Misfits.S01.COMPLETE.VOSTFR.HDTV.XviD-PM5.lnk Supprimé! E:\Dossier technologique.lnk Supprimé! E:\Misfits.S02.COMPLETE.VOSTFR.HDTV.XviD-PM5.lnk Non supprimé ! E:\autorun.inf Non supprimé ! E:\trz5245.tmp Non supprimé ! E:\trz13A2.tmp (!) Fichiers temporaires supprimés. ################## | Registre | ################## | Mountpoints2 | ################## | Listing | [05/10/2012 - 19:16:53 | D ] C:\$AVG [02/10/2012 - 16:55:00 | SHD ] C:\$Recycle.Bin [23/04/2011 - 16:54:02 | SHD ] C:\boot [20/11/2010 - 04:40:08 | RASH | 383786] C:\bootmgr [04/10/2012 - 16:52:43 | D ] C:\d63ad5ccf8796352639802d05c6899 [14/07/2009 - 06:53:55 | SHD ] C:\Documents and Settings [28/04/2013 - 21:29:04 | ASH | 1722712064] C:\hiberfil.sys [30/03/2012 - 18:07:36 | D ] C:\HP [04/06/2010 - 00:55:25 | N | 0] C:\IO.SYS [04/06/2010 - 00:55:25 | N | 0] C:\MSDOS.SYS [03/04/2012 - 15:12:25 | D ] C:\Ordina13 help [28/04/2013 - 21:29:10 | ASH | 1722712064] C:\pagefile.sys [24/04/2013 - 15:20:47 | D ] C:\Program Files [13/01/2013 - 12:31:59 | HD ] C:\ProgramData [25/04/2010 - 09:48:57 | SHD ] C:\Recovery [22/11/2012 - 23:01:46 | D ] C:\swsetup [12/10/2012 - 15:26:42 | SHD ] C:\System Volume Information [28/04/2013 - 22:38:28 | D ] C:\UsbFix [28/04/2013 - 22:39:16 | A | 7544] C:\UsbFix [Clean 1] LÉO-HP.txt [02/10/2012 - 16:54:39 | D ] C:\Users [22/04/2013 - 12:36:12 | D ] C:\Windows [13/03/2013 - 22:04:04 | D ] E:\Misfits.S01.COMPLETE.VOSTFR.HDTV.XviD-PM5 [22/04/2013 - 09:55:54 | N | 76800] E:\veuix.exe [22/04/2013 - 09:55:54 | N | 76800] E:\veuix.scr [28/04/2013 - 22:10:26 | A | 143] E:\trzDADD.tmp [28/04/2013 - 21:26:24 | N | 143] E:\trz5245.tmp [04/04/2013 - 09:20:02 | N | 146] E:\.~lock.DOSSIER FIRST.odt# [11/04/2013 - 15:24:52 | N | 116] E:\.~lock.DOSSIER FIRST0.odt# [22/04/2013 - 09:55:54 | N | 76800] E:\trz13A2.tmp [27/04/2013 - 15:42:18 | D ] E:\Dossier technologique [28/04/2013 - 22:09:22 | N | 1046762] E:\UsbFix.exe [13/03/2013 - 21:58:18 | D ] E:\Misfits.S02.COMPLETE.VOSTFR.HDTV.XviD-PM5 ################## | Vaccin | C:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido) ################## | E.O.F | http://sosvirus.org |