Clef usb infectée
nad
-
nad -
nad -
rapport USB FIX
############################## | UsbFix V 7.130 | [Recherche]
Utilisateur: admin (Administrateur) # PC-DE-ADMIN
Mis à jour le 20/08/2013 par El Desaparecido
Lancé à 16:02:13 | 22/08/2013
Site Web: http://sosvirus.net/
Upload Malware: http://sosvirus.net/viewtopic.php?f=6&t=489
Contact: ***@***
PC: Hewlett-Packard (HP Pavilion dv6 Notebook PC) (X86-based PC)
CPU: AMD Athlon(tm) X2 Dual-Core QL-64 (2100)
RAM -> [Total : 3068 | Free : 1632]
BIOS: Default System BIOS
BOOT: Normal boot
OS: Microsoft® Windows Vista(TM) Édition Familiale Premium (6.0.6002 32-Bit) # Service Pack 2
WB: Windows Internet Explorer 9.0.8112.16421
SC: Security Center Service [Enabled]
WU: Windows Update Service [Enabled]
AV: Microsoft Security Essentials [Enabled | Updated]
FW: Windows FireWall Service [Enabled]
C:\ (%systemdrive%) -> Disque fixe # 287 Go (203 Go libre(s) - 71%) [] # NTFS
D:\ -> Disque fixe # 11 Go (2 Go libre(s) - 16%) [RECOVERY] # NTFS
E:\ -> CD-ROM
F:\ -> Disque amovible # 2 Go (14 Mo libre(s) - 1%) [] # FAT
G:\ -> Disque amovible # 7 Go (358 Mo libre(s) - 5%) [] # FAT32
################## | Processus Actif |
C:\Windows\system32\csrss.exe (600)
C:\Windows\system32\wininit.exe (664)
C:\Windows\system32\csrss.exe (676)
C:\Windows\system32\services.exe (712)
C:\Windows\system32\lsass.exe (724)
C:\Windows\system32\lsm.exe (732)
C:\Windows\system32\winlogon.exe (808)
C:\Windows\system32\svchost.exe (912)
C:\Windows\system32\svchost.exe (984)
c:\Program Files\Microsoft Security Client\MsMpEng.exe (1048)
C:\Windows\system32\Ati2evxx.exe (1200)
C:\Windows\System32\svchost.exe (1216)
C:\Windows\System32\svchost.exe (1264)
C:\Windows\system32\svchost.exe (1280)
C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_c92065b9\STacSV.exe (1320)
C:\Windows\system32\svchost.exe (1536)
C:\Windows\system32\SLsvc.exe (1552)
C:\Windows\system32\svchost.exe (1584)
C:\Windows\system32\Ati2evxx.exe (1616)
C:\Windows\system32\Hpservice.exe (1728)
C:\Windows\system32\svchost.exe (1824)
C:\Windows\system32\Dwm.exe (1972)
C:\Program Files\AVAST Software\Avast\AvastSvc.exe (2020)
C:\Windows\System32\spoolsv.exe (1272)
C:\Windows\system32\taskeng.exe (1372)
C:\Windows\system32\svchost.exe (1644)
C:\Windows\system32\taskeng.exe (376)
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (2140)
C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_c92065b9\aestsrv.exe (2180)
C:\Program Files\Common Files\LightScribe\LSSrvc.exe (2248)
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe (2432)
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (2448)
C:\Windows\system32\svchost.exe (2472)
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (2512)
C:\Program Files\SMINST\BLService.exe (2524)
C:\Program Files\CyberLink\Shared files\RichVideo.exe (2600)
C:\Windows\system32\svchost.exe (2648)
C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe (2708)
C:\Windows\System32\svchost.exe (2736)
C:\Windows\system32\SearchIndexer.exe (2796)
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (3944)
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (3996)
C:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe (4036)
C:\Program Files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe (1656)
C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe (2364)
C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe (2460)
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe (876)
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe (1796)
C:\Program Files\HP\HP Software Update\hpwuschd2.exe (1208)
C:\Program Files\AVAST Software\Avast\AvastUI.exe (416)
C:\Program Files\IDT\WDM\sttray.exe (1624)
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (1968)
C:\Program Files\Microsoft Security Client\msseces.exe (2964)
C:\Windows\WindowsMobile\wmdc.exe (2944)
C:\Program Files\Common Files\Java\Java Update\jusched.exe (1648)
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe (1500)
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (3076)
c:\Program Files\Microsoft Security Client\NisSrv.exe (1888)
C:\Windows\System32\mobsync.exe (3548)
C:\Windows\system32\svchost.exe (2404)
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (4052)
C:\Windows\system32\wbem\wmiprvse.exe (2496)
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe (2908)
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (4312)
C:\Windows\system32\svchost.exe (4516)
C:\Program Files\Windows Media Player\wmpnscfg.exe (4652)
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe (4836)
C:\Windows\system32\conime.exe (4844)
C:\Program Files\Hewlett-Packard\Shared\hpqToaster.exe (4980)
C:\Program Files\Windows Media Player\wmpnetwk.exe (5048)
C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe (5348)
c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe (5440)
C:\Windows\explorer.exe (3104)
C:\Windows\system32\wbem\unsecapp.exe (1408)
C:\Program Files\Mozilla Firefox\firefox.exe (1396)
C:\Program Files\Mozilla Firefox\plugin-container.exe (3364)
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe (3340)
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe (4788)
C:\Windows\system32\SearchProtocolHost.exe (5372)
C:\Windows\system32\msiexec.exe (2584)
C:\Program Files\Skype\Phone\Skype.exe (5956)
C:\Windows\system32\wbem\wmiprvse.exe (5980)
C:\Windows\System32\WUDFHost.exe (5328)
C:\Windows\system32\SearchFilterHost.exe (5920)
C:\UsbFix\Go.exe (5976)
\\?\C:\Windows\system32\wbem\WMIADAP.EXE (3840)
################## | El Desaparecido Section |
HKLM\SOFTWARE | Run : [StartCCC] - "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
HKLM\SOFTWARE | Run : [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
HKLM\SOFTWARE | Run : [DVDAgent] - "C:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe"
HKLM\SOFTWARE | Run : [TSMAgent] - "C:\Program Files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe"
HKLM\SOFTWARE | Run : [CLMLServer for HP TouchSmart] - "C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe"
HKLM\SOFTWARE | Run : [UCam_Menu] - "C:\Program Files\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Hewlett-Packard\Media\Webcam" update "Software\Hewlett-Packard\Media\Webcam"
HKLM\SOFTWARE | Run : [SmartMenu] - %ProgramFiles%\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
HKLM\SOFTWARE | Run : [UpdateLBPShortCut] - "C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
HKLM\SOFTWARE | Run : [UpdatePSTShortCut] - "C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
HKLM\SOFTWARE | Run : [Windows Defender] - %ProgramFiles%\Windows Defender\MSASCui.exe -hide
HKLM\SOFTWARE | Run : [QlbCtrl.exe] - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
HKLM\SOFTWARE | Run : [UpdateP2GoShortCut] - "C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
HKLM\SOFTWARE | Run : [UpdatePDIRShortCut] - "C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0"
HKLM\SOFTWARE | Run : [HP Health Check Scheduler] - c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
HKLM\SOFTWARE | Run : [WirelessAssistant] - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
HKLM\SOFTWARE | Run : [HP Software Update] - C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
HKLM\SOFTWARE | Run : [] -
HKLM\SOFTWARE | Run : [avast] - "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
HKLM\SOFTWARE | Run : [SysTrayApp] - %ProgramFiles%\IDT\WDM\sttray.exe
HKLM\SOFTWARE | Run : [GrooveMonitor] - "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
HKLM\SOFTWARE | Run : [Adobe ARM] - "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
HKLM\SOFTWARE | Run : [MSC] - "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
HKLM\SOFTWARE | Run : [Windows Mobile Device Center] - %windir%\WindowsMobile\wmdc.exe
HKLM\SOFTWARE | Run : [SunJavaUpdateSched] - "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
HKLM\SOFTWARE | RunOnce : [] -
HKU\S-1-5-19\SOFTWARE | Run : [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem
HKU\S-1-5-19\SOFTWARE | Run : [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\SOFTWARE | Run : [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem
HKU\S-1-5-20\SOFTWARE | Run : [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-3917183255-1512423386-278667753-1000\SOFTWARE | Run : [LightScribe Control Panel] - C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
################## | Éléments infectieux |
Présent! D:\desktop.ini
################## | Registre |
Présent! HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System|DisableTaskMgr
################## | Mountpoints2 |
################## | Vaccin |
(!) Cet ordinateur n'est pas vacciné!
################## | E.O.F | http://sosvirus.net |
############################## | UsbFix V 7.130 | [Recherche]
Utilisateur: admin (Administrateur) # PC-DE-ADMIN
Mis à jour le 20/08/2013 par El Desaparecido
Lancé à 16:02:13 | 22/08/2013
Site Web: http://sosvirus.net/
Upload Malware: http://sosvirus.net/viewtopic.php?f=6&t=489
Contact: ***@***
PC: Hewlett-Packard (HP Pavilion dv6 Notebook PC) (X86-based PC)
CPU: AMD Athlon(tm) X2 Dual-Core QL-64 (2100)
RAM -> [Total : 3068 | Free : 1632]
BIOS: Default System BIOS
BOOT: Normal boot
OS: Microsoft® Windows Vista(TM) Édition Familiale Premium (6.0.6002 32-Bit) # Service Pack 2
WB: Windows Internet Explorer 9.0.8112.16421
SC: Security Center Service [Enabled]
WU: Windows Update Service [Enabled]
AV: Microsoft Security Essentials [Enabled | Updated]
FW: Windows FireWall Service [Enabled]
C:\ (%systemdrive%) -> Disque fixe # 287 Go (203 Go libre(s) - 71%) [] # NTFS
D:\ -> Disque fixe # 11 Go (2 Go libre(s) - 16%) [RECOVERY] # NTFS
E:\ -> CD-ROM
F:\ -> Disque amovible # 2 Go (14 Mo libre(s) - 1%) [] # FAT
G:\ -> Disque amovible # 7 Go (358 Mo libre(s) - 5%) [] # FAT32
################## | Processus Actif |
C:\Windows\system32\csrss.exe (600)
C:\Windows\system32\wininit.exe (664)
C:\Windows\system32\csrss.exe (676)
C:\Windows\system32\services.exe (712)
C:\Windows\system32\lsass.exe (724)
C:\Windows\system32\lsm.exe (732)
C:\Windows\system32\winlogon.exe (808)
C:\Windows\system32\svchost.exe (912)
C:\Windows\system32\svchost.exe (984)
c:\Program Files\Microsoft Security Client\MsMpEng.exe (1048)
C:\Windows\system32\Ati2evxx.exe (1200)
C:\Windows\System32\svchost.exe (1216)
C:\Windows\System32\svchost.exe (1264)
C:\Windows\system32\svchost.exe (1280)
C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_c92065b9\STacSV.exe (1320)
C:\Windows\system32\svchost.exe (1536)
C:\Windows\system32\SLsvc.exe (1552)
C:\Windows\system32\svchost.exe (1584)
C:\Windows\system32\Ati2evxx.exe (1616)
C:\Windows\system32\Hpservice.exe (1728)
C:\Windows\system32\svchost.exe (1824)
C:\Windows\system32\Dwm.exe (1972)
C:\Program Files\AVAST Software\Avast\AvastSvc.exe (2020)
C:\Windows\System32\spoolsv.exe (1272)
C:\Windows\system32\taskeng.exe (1372)
C:\Windows\system32\svchost.exe (1644)
C:\Windows\system32\taskeng.exe (376)
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (2140)
C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_c92065b9\aestsrv.exe (2180)
C:\Program Files\Common Files\LightScribe\LSSrvc.exe (2248)
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe (2432)
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (2448)
C:\Windows\system32\svchost.exe (2472)
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (2512)
C:\Program Files\SMINST\BLService.exe (2524)
C:\Program Files\CyberLink\Shared files\RichVideo.exe (2600)
C:\Windows\system32\svchost.exe (2648)
C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe (2708)
C:\Windows\System32\svchost.exe (2736)
C:\Windows\system32\SearchIndexer.exe (2796)
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (3944)
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (3996)
C:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe (4036)
C:\Program Files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe (1656)
C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe (2364)
C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe (2460)
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe (876)
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe (1796)
C:\Program Files\HP\HP Software Update\hpwuschd2.exe (1208)
C:\Program Files\AVAST Software\Avast\AvastUI.exe (416)
C:\Program Files\IDT\WDM\sttray.exe (1624)
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (1968)
C:\Program Files\Microsoft Security Client\msseces.exe (2964)
C:\Windows\WindowsMobile\wmdc.exe (2944)
C:\Program Files\Common Files\Java\Java Update\jusched.exe (1648)
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe (1500)
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (3076)
c:\Program Files\Microsoft Security Client\NisSrv.exe (1888)
C:\Windows\System32\mobsync.exe (3548)
C:\Windows\system32\svchost.exe (2404)
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (4052)
C:\Windows\system32\wbem\wmiprvse.exe (2496)
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe (2908)
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (4312)
C:\Windows\system32\svchost.exe (4516)
C:\Program Files\Windows Media Player\wmpnscfg.exe (4652)
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe (4836)
C:\Windows\system32\conime.exe (4844)
C:\Program Files\Hewlett-Packard\Shared\hpqToaster.exe (4980)
C:\Program Files\Windows Media Player\wmpnetwk.exe (5048)
C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe (5348)
c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe (5440)
C:\Windows\explorer.exe (3104)
C:\Windows\system32\wbem\unsecapp.exe (1408)
C:\Program Files\Mozilla Firefox\firefox.exe (1396)
C:\Program Files\Mozilla Firefox\plugin-container.exe (3364)
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe (3340)
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe (4788)
C:\Windows\system32\SearchProtocolHost.exe (5372)
C:\Windows\system32\msiexec.exe (2584)
C:\Program Files\Skype\Phone\Skype.exe (5956)
C:\Windows\system32\wbem\wmiprvse.exe (5980)
C:\Windows\System32\WUDFHost.exe (5328)
C:\Windows\system32\SearchFilterHost.exe (5920)
C:\UsbFix\Go.exe (5976)
\\?\C:\Windows\system32\wbem\WMIADAP.EXE (3840)
################## | El Desaparecido Section |
HKLM\SOFTWARE | Run : [StartCCC] - "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
HKLM\SOFTWARE | Run : [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
HKLM\SOFTWARE | Run : [DVDAgent] - "C:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe"
HKLM\SOFTWARE | Run : [TSMAgent] - "C:\Program Files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe"
HKLM\SOFTWARE | Run : [CLMLServer for HP TouchSmart] - "C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe"
HKLM\SOFTWARE | Run : [UCam_Menu] - "C:\Program Files\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Hewlett-Packard\Media\Webcam" update "Software\Hewlett-Packard\Media\Webcam"
HKLM\SOFTWARE | Run : [SmartMenu] - %ProgramFiles%\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
HKLM\SOFTWARE | Run : [UpdateLBPShortCut] - "C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
HKLM\SOFTWARE | Run : [UpdatePSTShortCut] - "C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
HKLM\SOFTWARE | Run : [Windows Defender] - %ProgramFiles%\Windows Defender\MSASCui.exe -hide
HKLM\SOFTWARE | Run : [QlbCtrl.exe] - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
HKLM\SOFTWARE | Run : [UpdateP2GoShortCut] - "C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
HKLM\SOFTWARE | Run : [UpdatePDIRShortCut] - "C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0"
HKLM\SOFTWARE | Run : [HP Health Check Scheduler] - c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
HKLM\SOFTWARE | Run : [WirelessAssistant] - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
HKLM\SOFTWARE | Run : [HP Software Update] - C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
HKLM\SOFTWARE | Run : [] -
HKLM\SOFTWARE | Run : [avast] - "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
HKLM\SOFTWARE | Run : [SysTrayApp] - %ProgramFiles%\IDT\WDM\sttray.exe
HKLM\SOFTWARE | Run : [GrooveMonitor] - "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
HKLM\SOFTWARE | Run : [Adobe ARM] - "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
HKLM\SOFTWARE | Run : [MSC] - "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
HKLM\SOFTWARE | Run : [Windows Mobile Device Center] - %windir%\WindowsMobile\wmdc.exe
HKLM\SOFTWARE | Run : [SunJavaUpdateSched] - "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
HKLM\SOFTWARE | RunOnce : [] -
HKU\S-1-5-19\SOFTWARE | Run : [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem
HKU\S-1-5-19\SOFTWARE | Run : [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\SOFTWARE | Run : [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem
HKU\S-1-5-20\SOFTWARE | Run : [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-3917183255-1512423386-278667753-1000\SOFTWARE | Run : [LightScribe Control Panel] - C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
################## | Éléments infectieux |
Présent! D:\desktop.ini
################## | Registre |
Présent! HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System|DisableTaskMgr
################## | Mountpoints2 |
################## | Vaccin |
(!) Cet ordinateur n'est pas vacciné!
################## | E.O.F | http://sosvirus.net |
A voir également:
- Clef usb infectée
- Clé usb non détectée - Guide
- Formater clef usb - Guide
- Clé usb - Accueil - Stockage
- Hp usb disk storage format tool - Télécharger - Stockage
- Usb show - Télécharger - Sauvegarde
7 réponses
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question