Virus bds/backdoor.gen + erreurs dd externe 0x80071AC3
juliepithon
Messages postés
2
Statut
Membre
-
juliepithon Messages postés 2 Statut Membre -
juliepithon Messages postés 2 Statut Membre -
Bonjour,
J'ia 2 problèmes : en mettant des fichiers sur mon dd externe, j'ai une erreur de ce type erreur 0x80071AC3 et je ne peux plus sur mon dd ext copier coller, ajouter, supprimer des fichiers... j'ai reformaté le dd externe mas je ne sais pas si c'est suffisant.
2e problème : j'ai bds/backdoor.gen qui a été détecté lors de l'analyse de l'antivirus. Je ne sais pas comment le supprimer...
J'ai besoin d'aide
Merci d'avance
J'ia 2 problèmes : en mettant des fichiers sur mon dd externe, j'ai une erreur de ce type erreur 0x80071AC3 et je ne peux plus sur mon dd ext copier coller, ajouter, supprimer des fichiers... j'ai reformaté le dd externe mas je ne sais pas si c'est suffisant.
2e problème : j'ai bds/backdoor.gen qui a été détecté lors de l'analyse de l'antivirus. Je ne sais pas comment le supprimer...
J'ai besoin d'aide
Merci d'avance
A voir également:
- Erreur 0x80071ac3
- Erreur 0x80070643 - Accueil - Windows
- Erreur 0x80070643 Windows 10 : comment résoudre le problème de la mise à jour KB5001716 - Accueil - Windows
- Erreur 4101 france tv - Forum Lecteurs et supports vidéo
- Erreur 4201 france tv ✓ - Forum Réseaux sociaux
- Code erreur f3500-31 ✓ - Forum Bbox Bouygues
2 réponses
Salut,
Laisse ton disque dur externe branché.
Lance USBFix : https://www.malekal.com/usbfix-supprimer-virus-usb/
Fais le en suppression et donne le rapport ici dans un nouveau message par un copier/coller.
Like the angel you are, you laugh creating a lightness in my chest,
Your eyes they penetrate me,
(Your answer's always 'maybe')
That's when I got up and left
Laisse ton disque dur externe branché.
Lance USBFix : https://www.malekal.com/usbfix-supprimer-virus-usb/
Fais le en suppression et donne le rapport ici dans un nouveau message par un copier/coller.
Like the angel you are, you laugh creating a lightness in my chest,
Your eyes they penetrate me,
(Your answer's always 'maybe')
That's when I got up and left
############################## | UsbFix V 7.120 | [Deletion]
User: Julie (Administrator) # PC_PORTABLE
Updated 30/03/2013 by El Desaparecido
Started at 23:49:59 | 31/03/2013
Website: https://www.sosvirus.net/
Upload Malware: http://upload.sosvirus.org/
Contact: contact@sosvirus.org
PC: Hewlett-Packard (HP Pavilion dv6 Notebook PC) (x64-based PC)
CPU: Intel(R) Core(TM) i5 CPU M 430 @ 2.27GHz (2267)
RAM -> [Total : 4023 | Free : 1571]
BIOS: Default System BIOS
BOOT: Normal boot
OS: Microsoft Windows 7 Édition Intégrale (6.1.7600 64-Bit) #
WB: Windows Internet Explorer 9.0.8112.16421
SC: Security Center Service [Enabled]
WU: Windows Update Service [Enabled]
AV: Avira Desktop [Enabled | Updated]
FW: Windows FireWall Service [Enabled]
C:\ (%systemdrive%) -> Fixed drive # 74 Gb (15 Mb free - 20%) [] # NTFS
D:\ -> CD-ROM
E:\ -> Fixed drive # 466 Gb (234 Mb free - 50%) [JU] # exFAT
################## | El Desaparecido Section |
HKLM\SOFTWARE | Run : [AdobeCS5ServiceManager] - "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
HKLM\SOFTWARE | Run : [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
HKLM\SOFTWARE | Run : [avgnt] - "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
HKLM\SOFTWARE | Run : [Adobe ARM] - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
HKLM\SOFTWARE | Run : [APSDaemon] - "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
HKLM\SOFTWARE | Run : [iTunesHelper] - "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
HKLM\SOFTWARE | Run : [] -
HKLM\SOFTWARE | Run : [Acrobat Assistant 8.0] - "C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe"
HKLM\SOFTWARE | Run : [CANAL+ CANALSAT A LA DEMANDE] - "C:\Program Files (x86)\Canal+\CANAL+ CANALSAT A LA DEMANDE\Launcher.exe"
HKLM\SOFTWARE | Run : [DATAMNGR] - C:\PROGRA~2\SEARCH~1\Datamngr\DATAMN~1.EXE
HKLM\SOFTWARE | Run : [BambooCore] - C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
HKLM\SOFTWARE\wow6432Node | Run : [AdobeCS5ServiceManager] - "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
HKLM\SOFTWARE\wow6432Node | Run : [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
HKLM\SOFTWARE\wow6432Node | Run : [avgnt] - "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
HKLM\SOFTWARE\wow6432Node | Run : [Adobe ARM] - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
HKLM\SOFTWARE\wow6432Node | Run : [APSDaemon] - "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
HKLM\SOFTWARE\wow6432Node | Run : [iTunesHelper] - "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
HKLM\SOFTWARE\wow6432Node | Run : [] -
HKLM\SOFTWARE\wow6432Node | Run : [Acrobat Assistant 8.0] - "C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe"
HKLM\SOFTWARE\wow6432Node | Run : [CANAL+ CANALSAT A LA DEMANDE] - "C:\Program Files (x86)\Canal+\CANAL+ CANALSAT A LA DEMANDE\Launcher.exe"
HKLM\SOFTWARE\wow6432Node | Run : [DATAMNGR] - C:\PROGRA~2\SEARCH~1\Datamngr\DATAMN~1.EXE
HKLM\SOFTWARE\wow6432Node | Run : [BambooCore] - C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
HKLM\SOFTWARE | RunOnce : [] -
HKLM\SOFTWARE\wow6432Node | RunOnce : [] -
HKU\S-1-5-19\SOFTWARE | Run : [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-20\SOFTWARE | Run : [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-21-1996525090-4270169715-2086703820-1000\SOFTWARE | Run : [Sidebar] - C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
HKU\S-1-5-21-1996525090-4270169715-2086703820-1000\SOFTWARE | Run : [Spotify Web Helper] - "C:\Users\Julie\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
HKU\S-1-5-21-1996525090-4270169715-2086703820-1000\SOFTWARE | Run : [Facebook Update] - "C:\Users\Julie\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
HKU\S-1-5-21-1996525090-4270169715-2086703820-1000\SOFTWARE | Run : [Spotify] - "C:\Users\Julie\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
HKU\S-1-5-21-1996525090-4270169715-2086703820-1000\SOFTWARE | Run : [GoogleDriveSync] - "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
HKU\S-1-5-21-1996525090-4270169715-2086703820-1000\SOFTWARE | Run : [RESTART_STICKY_NOTES] - C:\Windows\System32\StikyNot.exe
HKU\S-1-5-21-1996525090-4270169715-2086703820-1000\SOFTWARE | Run : [AdobeBridge] -
HKU\S-1-5-21-1996525090-4270169715-2086703820-1003\SOFTWARE | Run : [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-19\SOFTWARE | RunOnce : [mctadmin] - C:\Windows\System32\mctadmin.exe
HKU\S-1-5-20\SOFTWARE | RunOnce : [mctadmin] - C:\Windows\System32\mctadmin.exe
HKU\S-1-5-21-1996525090-4270169715-2086703820-1003\SOFTWARE | RunOnce : [mctadmin] - C:\Windows\System32\mctadmin.exe
HKU\S-1-5-18\SOFTWARE | RunOnce : [SPReview] - "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"https://support.microsoft.com/en-us/windows/install-windows-7-service-pack-1-sp1-b3da2c0f-cdb6-0572-8596-bab972897f61" /build:7601
################## | Stopped processes |
Stopped! C:\Windows\system32\nvvsvc.exe (848)
Stopped! C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_70dacb64382a61a7\STacSV64.exe (860)
Stopped! C:\Windows\system32\Hpservice.exe (1256)
Stopped! C:\Program Files\Tablet\Pen\WTabletServiceCon.exe (1348)
Stopped! C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (1388)
Stopped! C:\Windows\system32\nvvsvc.exe (1400)
Stopped! C:\Windows\System32\spoolsv.exe (1684)
Stopped! C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (1720)
Stopped! C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (1928)
Stopped! C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_70dacb64382a61a7\AESTSr64.exe (2036)
Stopped! C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (1120)
Stopped! C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (1204)
Stopped! C:\Program Files\Bonjour\mDNSResponder.exe (1324)
Stopped! c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (1876)
Stopped! C:\Program Files (x86)\Canal+\CANAL+ CANALSAT A LA DEMANDE\VOD\CanalPlus.VOD.exe (1772)
Stopped! C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (1292)
Stopped! C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (2496)
Stopped! C:\Windows\system32\conhost.exe (2504)
Stopped! C:\Windows\system32\taskhost.exe (2788)
Stopped! C:\Program Files\Tablet\Pen\Pen_TabletUser.exe (2840)
Stopped! C:\Program Files\Tablet\Pen\WacomHost.exe (3056)
Stopped! C:\Program Files\Tablet\Pen\Pen_TouchUser.exe (3012)
Stopped! C:\Windows\system32\sppsvc.exe (3276)
Stopped! C:\Program Files\Tablet\Pen\Pen_Tablet.exe (3444)
Stopped! C:\Program Files\IDT\WDM\sttray64.exe (3884)
Stopped! C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (3892)
Stopped! C:\Program Files\Windows Sidebar\sidebar.exe (3924)
Stopped! C:\Users\Julie\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (3988)
Stopped! C:\Program Files (x86)\Google\Drive\googledrivesync.exe (4056)
Stopped! C:\Windows\System32\StikyNot.exe (1280)
Stopped! C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (3256)
Stopped! C:\Windows\system32\SearchIndexer.exe (3092)
Stopped! C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (1452)
Stopped! C:\Program Files (x86)\iTunes\iTunesHelper.exe (720)
Stopped! C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe (3552)
Stopped! C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE (3648)
Stopped! C:\Program Files (x86)\Google\Drive\googledrivesync.exe (3596)
Stopped! C:\Program Files (x86)\Searchqu Toolbar\Datamngr\datamngrUI.exe (3700)
Stopped! C:\Program Files (x86)\Bamboo Dock\BambooCore.exe (2856)
Stopped! C:\Users\Julie\AppData\Roaming\Dropbox\bin\Dropbox.exe (4016)
Stopped! C:\Program Files\iPod\bin\iPodService.exe (3772)
Stopped! c:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe (4456)
Stopped! C:\Program Files\Windows Media Player\wmpnetwk.exe (5076)
Stopped! c:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe (692)
Stopped! C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (4620)
Stopped! C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (3184)
Stopped! C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (1968)
Stopped! C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (2248)
Stopped! C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (3156)
Stopped! C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (1784)
Stopped! C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (5956)
Stopped! C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (3180)
Stopped! C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (5528)
Stopped! C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (5748)
Stopped! C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (5904)
Stopped! C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (1680)
Stopped! C:\Windows\system32\taskhost.exe (336)
Stopped! C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (5704)
Stopped! C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (1076)
Stopped! C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (6136)
Stopped! C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (5108)
Stopped! C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (5708)
Stopped! C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (5624)
Stopped! C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (3424)
Stopped! C:\Windows\system32\taskeng.exe (1376)
################## | Files # Infected Folders |
Deleted ! C:\Users\Julie\AppData\Local\Temp\utt69EC.tmp.exe
(!) Temporary files deleted.
################## | Registry |
################## | Mountpoints2 |
################## | Listing |
[09/01/2013 - 22:43:17 | SHD ] C:\$Recycle.Bin
[14/07/2009 - 07:08:56 | SHD ] C:\Documents and Settings
[31/03/2013 - 17:38:45 | ASH | 3163709440] C:\hiberfil.sys
[28/12/2012 - 18:54:47 | D ] C:\Intel
[29/12/2012 - 15:54:08 | RHD ] C:\MSOCache
[28/12/2012 - 23:51:48 | D ] C:\NVIDIA
[31/03/2013 - 17:38:47 | ASH | 4218281984] C:\pagefile.sys
[14/07/2009 - 05:20:08 | D ] C:\PerfLogs
[25/03/2013 - 13:19:56 | D ] C:\Program Files
[25/03/2013 - 16:38:43 | D ] C:\Program Files (x86)
[25/03/2013 - 16:38:43 | HD ] C:\ProgramData
[28/12/2012 - 18:32:03 | SHD ] C:\Recovery
[28/12/2012 - 19:10:44 | D ] C:\SWSetup
[31/03/2013 - 19:54:56 | SHD ] C:\System Volume Information
[28/12/2012 - 19:05:12 | D ] C:\system.sav
[31/03/2013 - 23:56:48 | D ] C:\UsbFix
[31/03/2013 - 23:56:56 | A | 10895] C:\UsbFix [Clean 1] PC_PORTABLE.txt
[28/12/2012 - 23:54:24 | D ] C:\Users
[22/03/2013 - 09:42:44 | D ] C:\Windows
[31/03/2013 - 18:11:00 | SHD ] E:\$RECYCLE.BIN
[28/02/2013 - 21:26:04 | D ] E:\bootstraptuto
[30/03/2013 - 13:58:56 | D ] E:\fiches de paies
[12/03/2013 - 12:59:44 | D ] E:\logiciels
[30/03/2013 - 12:04:28 | D ] E:\quittances
[01/03/2013 - 11:51:42 | D ] E:\perso
[24/01/2012 - 21:46:56 | D ] E:\works
################## | Vaccin |
C:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
E:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
################## | E.O.F | https://www.sosvirus.net/ |
User: Julie (Administrator) # PC_PORTABLE
Updated 30/03/2013 by El Desaparecido
Started at 23:49:59 | 31/03/2013
Website: https://www.sosvirus.net/
Upload Malware: http://upload.sosvirus.org/
Contact: contact@sosvirus.org
PC: Hewlett-Packard (HP Pavilion dv6 Notebook PC) (x64-based PC)
CPU: Intel(R) Core(TM) i5 CPU M 430 @ 2.27GHz (2267)
RAM -> [Total : 4023 | Free : 1571]
BIOS: Default System BIOS
BOOT: Normal boot
OS: Microsoft Windows 7 Édition Intégrale (6.1.7600 64-Bit) #
WB: Windows Internet Explorer 9.0.8112.16421
SC: Security Center Service [Enabled]
WU: Windows Update Service [Enabled]
AV: Avira Desktop [Enabled | Updated]
FW: Windows FireWall Service [Enabled]
C:\ (%systemdrive%) -> Fixed drive # 74 Gb (15 Mb free - 20%) [] # NTFS
D:\ -> CD-ROM
E:\ -> Fixed drive # 466 Gb (234 Mb free - 50%) [JU] # exFAT
################## | El Desaparecido Section |
HKLM\SOFTWARE | Run : [AdobeCS5ServiceManager] - "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
HKLM\SOFTWARE | Run : [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
HKLM\SOFTWARE | Run : [avgnt] - "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
HKLM\SOFTWARE | Run : [Adobe ARM] - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
HKLM\SOFTWARE | Run : [APSDaemon] - "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
HKLM\SOFTWARE | Run : [iTunesHelper] - "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
HKLM\SOFTWARE | Run : [] -
HKLM\SOFTWARE | Run : [Acrobat Assistant 8.0] - "C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe"
HKLM\SOFTWARE | Run : [CANAL+ CANALSAT A LA DEMANDE] - "C:\Program Files (x86)\Canal+\CANAL+ CANALSAT A LA DEMANDE\Launcher.exe"
HKLM\SOFTWARE | Run : [DATAMNGR] - C:\PROGRA~2\SEARCH~1\Datamngr\DATAMN~1.EXE
HKLM\SOFTWARE | Run : [BambooCore] - C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
HKLM\SOFTWARE\wow6432Node | Run : [AdobeCS5ServiceManager] - "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
HKLM\SOFTWARE\wow6432Node | Run : [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
HKLM\SOFTWARE\wow6432Node | Run : [avgnt] - "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
HKLM\SOFTWARE\wow6432Node | Run : [Adobe ARM] - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
HKLM\SOFTWARE\wow6432Node | Run : [APSDaemon] - "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
HKLM\SOFTWARE\wow6432Node | Run : [iTunesHelper] - "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
HKLM\SOFTWARE\wow6432Node | Run : [] -
HKLM\SOFTWARE\wow6432Node | Run : [Acrobat Assistant 8.0] - "C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe"
HKLM\SOFTWARE\wow6432Node | Run : [CANAL+ CANALSAT A LA DEMANDE] - "C:\Program Files (x86)\Canal+\CANAL+ CANALSAT A LA DEMANDE\Launcher.exe"
HKLM\SOFTWARE\wow6432Node | Run : [DATAMNGR] - C:\PROGRA~2\SEARCH~1\Datamngr\DATAMN~1.EXE
HKLM\SOFTWARE\wow6432Node | Run : [BambooCore] - C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
HKLM\SOFTWARE | RunOnce : [] -
HKLM\SOFTWARE\wow6432Node | RunOnce : [] -
HKU\S-1-5-19\SOFTWARE | Run : [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-20\SOFTWARE | Run : [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-21-1996525090-4270169715-2086703820-1000\SOFTWARE | Run : [Sidebar] - C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
HKU\S-1-5-21-1996525090-4270169715-2086703820-1000\SOFTWARE | Run : [Spotify Web Helper] - "C:\Users\Julie\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
HKU\S-1-5-21-1996525090-4270169715-2086703820-1000\SOFTWARE | Run : [Facebook Update] - "C:\Users\Julie\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
HKU\S-1-5-21-1996525090-4270169715-2086703820-1000\SOFTWARE | Run : [Spotify] - "C:\Users\Julie\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
HKU\S-1-5-21-1996525090-4270169715-2086703820-1000\SOFTWARE | Run : [GoogleDriveSync] - "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
HKU\S-1-5-21-1996525090-4270169715-2086703820-1000\SOFTWARE | Run : [RESTART_STICKY_NOTES] - C:\Windows\System32\StikyNot.exe
HKU\S-1-5-21-1996525090-4270169715-2086703820-1000\SOFTWARE | Run : [AdobeBridge] -
HKU\S-1-5-21-1996525090-4270169715-2086703820-1003\SOFTWARE | Run : [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-19\SOFTWARE | RunOnce : [mctadmin] - C:\Windows\System32\mctadmin.exe
HKU\S-1-5-20\SOFTWARE | RunOnce : [mctadmin] - C:\Windows\System32\mctadmin.exe
HKU\S-1-5-21-1996525090-4270169715-2086703820-1003\SOFTWARE | RunOnce : [mctadmin] - C:\Windows\System32\mctadmin.exe
HKU\S-1-5-18\SOFTWARE | RunOnce : [SPReview] - "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"https://support.microsoft.com/en-us/windows/install-windows-7-service-pack-1-sp1-b3da2c0f-cdb6-0572-8596-bab972897f61" /build:7601
################## | Stopped processes |
Stopped! C:\Windows\system32\nvvsvc.exe (848)
Stopped! C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_70dacb64382a61a7\STacSV64.exe (860)
Stopped! C:\Windows\system32\Hpservice.exe (1256)
Stopped! C:\Program Files\Tablet\Pen\WTabletServiceCon.exe (1348)
Stopped! C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (1388)
Stopped! C:\Windows\system32\nvvsvc.exe (1400)
Stopped! C:\Windows\System32\spoolsv.exe (1684)
Stopped! C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (1720)
Stopped! C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (1928)
Stopped! C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_70dacb64382a61a7\AESTSr64.exe (2036)
Stopped! C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (1120)
Stopped! C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (1204)
Stopped! C:\Program Files\Bonjour\mDNSResponder.exe (1324)
Stopped! c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (1876)
Stopped! C:\Program Files (x86)\Canal+\CANAL+ CANALSAT A LA DEMANDE\VOD\CanalPlus.VOD.exe (1772)
Stopped! C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (1292)
Stopped! C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (2496)
Stopped! C:\Windows\system32\conhost.exe (2504)
Stopped! C:\Windows\system32\taskhost.exe (2788)
Stopped! C:\Program Files\Tablet\Pen\Pen_TabletUser.exe (2840)
Stopped! C:\Program Files\Tablet\Pen\WacomHost.exe (3056)
Stopped! C:\Program Files\Tablet\Pen\Pen_TouchUser.exe (3012)
Stopped! C:\Windows\system32\sppsvc.exe (3276)
Stopped! C:\Program Files\Tablet\Pen\Pen_Tablet.exe (3444)
Stopped! C:\Program Files\IDT\WDM\sttray64.exe (3884)
Stopped! C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (3892)
Stopped! C:\Program Files\Windows Sidebar\sidebar.exe (3924)
Stopped! C:\Users\Julie\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (3988)
Stopped! C:\Program Files (x86)\Google\Drive\googledrivesync.exe (4056)
Stopped! C:\Windows\System32\StikyNot.exe (1280)
Stopped! C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (3256)
Stopped! C:\Windows\system32\SearchIndexer.exe (3092)
Stopped! C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (1452)
Stopped! C:\Program Files (x86)\iTunes\iTunesHelper.exe (720)
Stopped! C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe (3552)
Stopped! C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE (3648)
Stopped! C:\Program Files (x86)\Google\Drive\googledrivesync.exe (3596)
Stopped! C:\Program Files (x86)\Searchqu Toolbar\Datamngr\datamngrUI.exe (3700)
Stopped! C:\Program Files (x86)\Bamboo Dock\BambooCore.exe (2856)
Stopped! C:\Users\Julie\AppData\Roaming\Dropbox\bin\Dropbox.exe (4016)
Stopped! C:\Program Files\iPod\bin\iPodService.exe (3772)
Stopped! c:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe (4456)
Stopped! C:\Program Files\Windows Media Player\wmpnetwk.exe (5076)
Stopped! c:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe (692)
Stopped! C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (4620)
Stopped! C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (3184)
Stopped! C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (1968)
Stopped! C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (2248)
Stopped! C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (3156)
Stopped! C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (1784)
Stopped! C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (5956)
Stopped! C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (3180)
Stopped! C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (5528)
Stopped! C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (5748)
Stopped! C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (5904)
Stopped! C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (1680)
Stopped! C:\Windows\system32\taskhost.exe (336)
Stopped! C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (5704)
Stopped! C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (1076)
Stopped! C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (6136)
Stopped! C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (5108)
Stopped! C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (5708)
Stopped! C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (5624)
Stopped! C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (3424)
Stopped! C:\Windows\system32\taskeng.exe (1376)
################## | Files # Infected Folders |
Deleted ! C:\Users\Julie\AppData\Local\Temp\utt69EC.tmp.exe
(!) Temporary files deleted.
################## | Registry |
################## | Mountpoints2 |
################## | Listing |
[09/01/2013 - 22:43:17 | SHD ] C:\$Recycle.Bin
[14/07/2009 - 07:08:56 | SHD ] C:\Documents and Settings
[31/03/2013 - 17:38:45 | ASH | 3163709440] C:\hiberfil.sys
[28/12/2012 - 18:54:47 | D ] C:\Intel
[29/12/2012 - 15:54:08 | RHD ] C:\MSOCache
[28/12/2012 - 23:51:48 | D ] C:\NVIDIA
[31/03/2013 - 17:38:47 | ASH | 4218281984] C:\pagefile.sys
[14/07/2009 - 05:20:08 | D ] C:\PerfLogs
[25/03/2013 - 13:19:56 | D ] C:\Program Files
[25/03/2013 - 16:38:43 | D ] C:\Program Files (x86)
[25/03/2013 - 16:38:43 | HD ] C:\ProgramData
[28/12/2012 - 18:32:03 | SHD ] C:\Recovery
[28/12/2012 - 19:10:44 | D ] C:\SWSetup
[31/03/2013 - 19:54:56 | SHD ] C:\System Volume Information
[28/12/2012 - 19:05:12 | D ] C:\system.sav
[31/03/2013 - 23:56:48 | D ] C:\UsbFix
[31/03/2013 - 23:56:56 | A | 10895] C:\UsbFix [Clean 1] PC_PORTABLE.txt
[28/12/2012 - 23:54:24 | D ] C:\Users
[22/03/2013 - 09:42:44 | D ] C:\Windows
[31/03/2013 - 18:11:00 | SHD ] E:\$RECYCLE.BIN
[28/02/2013 - 21:26:04 | D ] E:\bootstraptuto
[30/03/2013 - 13:58:56 | D ] E:\fiches de paies
[12/03/2013 - 12:59:44 | D ] E:\logiciels
[30/03/2013 - 12:04:28 | D ] E:\quittances
[01/03/2013 - 11:51:42 | D ] E:\perso
[24/01/2012 - 21:46:56 | D ] E:\works
################## | Vaccin |
C:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
E:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
################## | E.O.F | https://www.sosvirus.net/ |
