############################## | UsbFix V 7.065 | [Suppression]
Utilisateur: Catherine (Administrateur) # CATHERINE-VAIO
Mis à jour le 03/11/2011 par El Desaparecido
Lancé à 19:20:19 | 06/11/2011
Site Web:
http://eldesaparecido.comFichier suspect ? :
http://eldesaparecido.com/support.phpContact:
contact@eldesaparecido.comPC: Sony Corporation (VPCEC3S1E) (x64-based PC) # Notebook
CPU: Intel(R) Core(TM) i5 CPU M 460 @ 2.53GHz (2534)
RAM -> [ Total : 5998 | Free : 4476 ]
BIOS: BIOS Date: 09/23/09 11:58:43 Ver: 08.00.10
BOOT: Normal boot
OS: Microsoft Windows 7 Édition Familiale Premium (6.1.7600 64-Bit) #
WB: Windows Internet Explorer 8.0.7600.16385
SC: Security Center Service [ Enabled ]
WU: Windows Update Service [ Enabled ]
AV: Norton 360 Premier Edition [ (!) Disabled | Updated ]
FW: Windows FireWall Service [ Enabled ]
C:\ (%systemdrive%) -> Disque fixe # 452 Go (393 Go libre(s) - 87%) [] # NTFS
D:\ -> Disque fixe # 466 Go (465 Go libre(s) - 100%) [] # NTFS
E:\ -> CD-ROM
F:\ -> Disque amovible # 495 Mo (419 Mo libre(s) - 85%) [] # FAT
G:\ -> Disque amovible # 7 Go (7 Go libre(s) - 93%) [KINGSTON] # FAT32
################## | Processus Actif |
C:\Windows\system32\csrss.exe (512)
C:\Windows\system32\wininit.exe (584)
C:\Windows\system32\csrss.exe (604)
C:\Windows\system32\services.exe (640)
C:\Windows\system32\lsass.exe (676)
C:\Windows\system32\lsm.exe (684)
C:\Windows\system32\svchost.exe (776)
C:\Windows\system32\svchost.exe (856)
C:\Windows\system32\winlogon.exe (964)
C:\Windows\System32\svchost.exe (1012)
C:\Windows\System32\svchost.exe (484)
C:\Windows\system32\svchost.exe (552)
C:\Windows\system32\svchost.exe (1056)
C:\Windows\system32\svchost.exe (1144)
C:\Windows\system32\svchost.exe (1472)
C:\Windows\system32\Dwm.exe (1784)
C:\Windows\system32\svchost.exe (1536)
C:\Windows\System32\svchost.exe (2412)
C:\Windows\System32\svchost.exe (2512)
C:\Windows\system32\wbem\wmiprvse.exe (3824)
C:\Windows\system32\svchost.exe (3128)
C:\Windows\system32\svchost.exe (3212)
C:\Windows\System32\svchost.exe (5356)
C:\Windows\system32\svchost.exe (5584)
C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe (4876)
C:\Windows\SysWOW64\DllHost.exe (2924)
C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe (1936)
C:\Windows\system32\WUDFHost.exe (1980)
C:\Windows\System32\rundll32.exe (1952)
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (2748)
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (6656)
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (2836)
C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (3040)
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (3344)
C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe (5004)
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (4100)
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (5084)
C:\Program Files\Sony\VAIO Power Management\SPMService.exe (4288)
C:\Program Files\Windows Media Player\wmpnetwk.exe (4808)
C:\Windows\system32\SearchIndexer.exe (7096)
C:\Windows\System32\spoolsv.exe (6212)
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (4472)
C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (4608)
C:\Program Files (x86)\Norton 360\Engine\5.1.0.29\ccSvcHst.exe (5056)
C:\Program Files (x86)\Norton 360\Engine\5.1.0.29\ccSvcHst.exe (6004)
C:\Windows\system32\taskeng.exe (1916)
C:\Program Files\Sony\VAIO Care\VCsystray.exe (612)
C:\Windows\Explorer.exe (5660)
C:\Windows\SysWOW64\NOTEPAD.EXE (5908)
C:\Program Files (x86)\Internet Explorer\iexplore.exe (2756)
C:\Program Files (x86)\Internet Explorer\iexplore.exe (5384)
C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe (3676)
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (6804)
C:\Windows\system32\SearchProtocolHost.exe (4104)
C:\Windows\system32\SearchFilterHost.exe (4296)
C:\UsbFix\UsbFix.exe (5768)
C:\Windows\system32\wbem\wmiprvse.exe (2152)
################## | Processus Stoppés |
Stoppé! C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe (4876)
Stoppé! C:\Windows\SysWOW64\DllHost.exe (2924)
Stoppé! C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe (1936)
Stoppé! C:\Windows\system32\WUDFHost.exe (1980)
Stoppé! C:\Windows\System32\rundll32.exe (1952)
Stoppé! C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (2748)
Stoppé! C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (6656)
Stoppé! C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (2836)
Stoppé! C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (3040)
Stoppé! C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (3344)
Stoppé! C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe (5004)
Stoppé! C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (4100)
Stoppé! C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (5084)
Stoppé! C:\Program Files\Sony\VAIO Power Management\SPMService.exe (4288)
Stoppé! C:\Program Files\Windows Media Player\wmpnetwk.exe (4808)
Stoppé! C:\Windows\system32\SearchIndexer.exe (7096)
Stoppé! C:\Windows\System32\spoolsv.exe (6212)
Stoppé! C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (4472)
Stoppé! C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (4608)
Stoppé! C:\Program Files (x86)\Norton 360\Engine\5.1.0.29\ccSvcHst.exe (5056)
Stoppé! C:\Windows\system32\taskeng.exe (1916)
Stoppé! C:\Program Files\Sony\VAIO Care\VCsystray.exe (612)
Stoppé! C:\Windows\SysWOW64\NOTEPAD.EXE (5908)
Stoppé! C:\Program Files (x86)\Internet Explorer\iexplore.exe (2756)
Stoppé! C:\Program Files (x86)\Internet Explorer\iexplore.exe (5384)
Stoppé! C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (6804)
################## | Éléments infectieux |
Supprimé! C:\$RECYCLE.BIN\S-1-5-20
Supprimé! C:\$RECYCLE.BIN\S-1-5-21-533407729-3272907643-660327626-1001
Supprimé! C:\$RECYCLE.BIN\S-1-5-21-533407729-3272907643-660327626-500
Supprimé! C:\$RECYCLE.BIN\S-1-5-21-980523053-2222855406-33346506-500
Supprimé! D:\$RECYCLE.BIN\S-1-5-21-533407729-3272907643-660327626-1001
Supprimé! D:\$RECYCLE.BIN\S-1-5-21-533407729-3272907643-660327626-500
(!) Fichiers temporaires supprimés.
################## | Registre |
################## | Mountpoints2 |
################## | Listing |
[06/11/2011 - 19:21:04 | SHD ] C:\$Recycle.Bin
[05/11/2011 - 21:52:31 | D ] C:\Config.Msi
[05/11/2010 - 10:11:33 | D ] C:\Documentation
[14/07/2009 - 06:08:56 | SHD ] C:\Documents and Settings
[25/10/2011 - 12:31:48 | D ] C:\Documents Crésus
[06/11/2011 - 19:11:46 | ASH | 4717092864] C:\hiberfil.sys
[01/05/2011 - 15:13:26 | D ] C:\installation
[12/07/2010 - 21:49:45 | D ] C:\Intel
[05/11/2010 - 10:28:13 | N | 321050] C:\lv.log
[22/09/2011 - 11:38:35 | RHD ] C:\MSOCache
[06/11/2011 - 19:11:44 | ASH | 6289461248] C:\pagefile.sys
[14/07/2009 - 04:20:08 | D ] C:\PerfLogs
[19/10/2011 - 13:33:36 | D ] C:\Program Files
[02/11/2011 - 17:37:41 | D ] C:\Program Files (x86)
[05/11/2011 - 21:52:29 | HD ] C:\ProgramData
[05/11/2010 - 10:06:23 | N | 2935] C:\RHDSetup.log
[05/11/2010 - 10:28:06 | D ] C:\SPLASH.000
[05/11/2010 - 10:28:06 | N | 73] C:\splash.idx
[05/11/2010 - 10:27:52 | D ] C:\SPLASH.SYS
[06/11/2011 - 10:13:47 | SHD ] C:\System Volume Information
[06/11/2011 - 10:26:14 | N | 87220] C:\TDSSKiller.2.6.15.0_06.11.2011_10.22.06_log.txt
[06/11/2011 - 18:45:07 | N | 1916] C:\TDSSKiller.2.6.15.0_06.11.2011_18.44.57_log.txt
[05/11/2010 - 10:30:36 | D ] C:\Temp
[14/10/2011 - 12:07:24 | N | 61343] C:\test.xml
[12/10/2011 - 16:52:42 | D ] C:\Update
[06/11/2011 - 19:21:04 | D ] C:\UsbFix
[06/11/2011 - 19:20:30 | A | 8084] C:\UsbFix.txt
[05/11/2010 - 10:58:36 | D ] C:\Users
[05/11/2010 - 10:31:42 | D ] C:\VAIO Sample Contents
[05/11/2010 - 10:18:13 | N | 413154] C:\vcredist_x86.log
[23/06/2010 - 00:14:20 | N | 4112] C:\version
[06/11/2011 - 19:12:04 | D ] C:\Windows
[05/11/2010 - 10:11:34 | D ] C:\_FS_SWRINFO
[06/11/2011 - 10:12:00 | D ] C:\_OTL
[06/11/2011 - 19:21:04 | SHD ] D:\$RECYCLE.BIN
[13/08/2011 - 22:52:16 | D ] D:\a857e369b502bebb53
[05/11/2010 - 10:25:58 | D ] D:\Click to Disc Editor
[01/12/2006 - 23:37:14 | N | 904704] D:\msdia80.dll
[06/11/2011 - 10:13:47 | SHD ] D:\System Volume Information
[15/01/2007 - 10:34:06 | N | 119840] F:\2007.sk1
[30/01/2007 - 10:10:38 | N | 190301] F:\2006.sk1
[24/12/2007 - 14:03:50 | N | 217701] F:\salaires pub 2007.sk1
[06/03/2007 - 15:28:08 | N | 106182] F:\2005a.sk1
[06/03/2007 - 15:30:36 | N | 105924] F:\2006a304.sk1
[06/03/2007 - 15:31:56 | N | 119783] F:\2006a3112.sk1
[24/08/2007 - 13:06:16 | D ] F:\Catherine
[24/08/2007 - 13:07:32 | D ] F:\Luca
[03/10/2006 - 14:02:28 | N | 18824] F:\luca genini 2002.ck1
[03/10/2006 - 14:01:38 | N | 18928] F:\luca genini 2003.ck1
[05/10/2006 - 10:44:00 | N | 17600] F:\luca genini 2004.ck1
[15/03/2007 - 10:17:10 | N | 19480] F:\luca genini 2005.ck1
[24/08/2007 - 13:13:58 | N | 19311] F:\luca genini 2006.ck1
[16/08/2007 - 14:41:26 | N | 290939] F:\salaires lg 2006.sk1
[07/08/2007 - 09:01:44 | N | 300263] F:\salaires lg 2007.sk1
[30/08/2007 - 08:32:24 | N | 13425144] F:\SpySweeperRegSetup_EN.exe
[05/01/2007 - 17:21:50 | N | 829528] F:\mcshell.exe
[30/08/2007 - 15:44:50 | N | 164] F:\install.dat
[05/12/2009 - 19:59:46 | N | 3062] F:\BOOTEX.LOG
[26/03/2009 - 18:05:42 | N | 59950] F:\hôtel du pont 1.1 au 31.12.07.ck1
[02/02/2008 - 15:24:54 | N | 263645] F:\2008.sk1
[16/10/2008 - 18:30:08 | D ] F:\Acomptes
[16/10/2008 - 18:32:16 | D ] F:\Catherine 2
[07/09/2008 - 20:53:18 | N | 15872] F:\Salaires Manus.xls
[07/09/2008 - 20:54:38 | N | 18944] F:\Encaissement loyers 2005.xls
[28/01/2009 - 14:43:36 | N | 272896] F:\Motivation Luca.dot
[30/01/2009 - 10:14:30 | D ] F:\Photos Renato
[05/01/2009 - 18:23:56 | N | 503032] F:\salaires lg 2008.sk1
[04/02/2009 - 18:34:34 | N | 22528] F:\Motivation type Luca.doc
[14/04/2008 - 03:37:10 | N | 332800] F:\netsetup.exe
[11/12/2009 - 10:21:36 | N | 34750] F:\hôtel du pont 1.1 au 31.12.08.ck1
[09/09/2009 - 10:23:46 | N | 44912] F:\fiesta 2008.ck1
[09/09/2009 - 14:21:58 | N | 411956] F:\CC4Backup20090909_142156.zip
[08/12/2010 - 13:07:32 | N | 16800] F:\luca genini 2008.ck1
[05/12/2009 - 21:40:24 | D ] F:\Sauvegarde
[23/06/2010 - 11:56:02 | N | 117599] F:\garage central 2010.ck1
[22/06/2010 - 10:35:08 | N | 136185] F:\garage central rocha sàrl 2010.sk1
[19/05/2010 - 09:36:58 | N | 250317] F:\garage central 2009.ck1
[24/06/2010 - 10:46:06 | N | 263352] F:\garage central 2008.ck1
[23/12/2009 - 09:18:08 | N | 139446] F:\garage central 2009.sk1
[05/01/2009 - 10:00:16 | N | 139337] F:\garage central 2008.sk1
[24/06/2010 - 14:09:06 | N | 3730528] F:\install-cresus-compta-8-5-002.exe
[24/06/2010 - 14:09:52 | N | 7519320] F:\install-cresus-sal-8-4-025.exe
[31/10/2010 - 16:38:18 | N | 27136] F:\Motivation Vacheron Luca.doc
[01/11/2010 - 13:35:48 | N | 17178] F:\Ex_modele_cv_free1.rtf
[01/11/2010 - 16:53:22 | N | 2367206] F:\SDC11313.JPG
[02/11/2010 - 08:52:02 | N | 2379165] F:\Manu 25.docx
[16/12/2010 - 06:37:34 | N | 11270] F:\luca genini 2009.ck1
[02/12/2010 - 13:54:40 | N | 14322] F:\procap sport 2010.ck1
[02/12/2010 - 18:51:26 | N | 106310] F:\Procap Sport 2009.cre
[02/12/2010 - 18:51:26 | N | 21109] F:\Procap Sport 2009.crp
[16/12/2010 - 08:34:28 | N | 201273] F:\716-105_f_ausfuellbaDEC.pdf
[29/09/2010 - 10:55:06 | D ] G:\exercices antérieurs
[30/05/2003 - 16:32:40 | N | 115200] G:\compta créanciers.xls
[21/10/2011 - 08:54:28 | N | 4371456] G:\gestion des ventes 2010.xls
[28/04/2011 - 11:39:26 | N | 14263916] G:\CC4Backup20110428_113923.zip
[21/07/2011 - 11:08:44 | N | 19682112] G:\CC4Backup20110721_110843.zip
[28/04/2011 - 11:39:42 | N | 14263948] G:\CC4Backup20110428_113940.zip
[28/04/2011 - 11:39:56 | N | 14263952] G:\CC4Backup20110428_113955.zip
[21/07/2011 - 11:08:54 | N | 19682111] G:\CC4Backup20110721_110852.zip
[28/04/2011 - 11:40:12 | N | 14263950] G:\CC4Backup20110428_114010.zip
[15/02/2011 - 16:18:44 | N | 501370] G:\garage central rocha sàrl 2010.sk1
[29/09/2010 - 11:02:38 | N | 382848] G:\garage central 2008.sk1
[25/10/2011 - 08:23:18 | N | 2352711] G:\garage central 2010.cr~
[14/07/2010 - 10:03:00 | N | 381163] G:\garage central 2009.sk1
[25/10/2011 - 08:25:20 | N | 16556] G:\garage central 2010.crp
[25/10/2011 - 08:26:08 | N | 315279] G:\garage central 2010.ck1
[25/10/2011 - 08:18:54 | D ] G:\garage central 2010.crebk
[21/10/2011 - 22:31:32 | N | 258894] G:\garage central 2009.ck1
[25/10/2011 - 08:24:52 | N | 2352742] G:\garage central 2010.cre
[24/06/2010 - 10:46:06 | N | 263352] G:\garage central 2008.ck1
[29/09/2010 - 10:06:00 | D ] G:\GI Catherine
[28/09/2010 - 17:14:22 | D ] G:\Documents
[07/09/2010 - 08:37:26 | D ] G:\Installation Crésus
[14/05/2010 - 15:55:08 | N | 697] G:\Garage Central rappels.lnk
[29/04/2011 - 11:15:24 | N | 14407621] G:\CC4Backup20110429_111521.zip
[29/04/2011 - 11:15:40 | N | 14407662] G:\CC4Backup20110429_111538.zip
[09/08/2011 - 17:32:50 | N | 20771937] G:\CC4Backup20110809_173247.zip
[25/10/2011 - 16:35:04 | N | 4194304] G:\0033C410
[20/10/2011 - 13:57:36 | N | 552888] G:\garage central rocha sàrl 2011.sk1
[02/05/2011 - 11:24:20 | N | 14621454] G:\CC4Backup20110502_112418.zip
[19/10/2011 - 16:03:58 | N | 4163584] G:\gestion des débiteurs 2009.xls
[25/10/2011 - 16:38:18 | N | 4292608] G:\5A36C410
[25/10/2011 - 16:41:26 | N | 4194304] G:\EE49C410
[25/10/2011 - 08:26:32 | N | 271163] G:\garage central 2011.ck1
[19/04/2011 - 17:00:08 | D ] G:\gestion
[26/10/2011 - 11:55:50 | D ] G:\garage central 2011.crebk
[27/10/2011 - 15:54:06 | N | 1999761] G:\garage central 2011.cr~
[27/10/2011 - 15:54:46 | N | 1999761] G:\garage central 2011.cre
[27/10/2011 - 15:54:58 | N | 16789] G:\garage central 2011.crp
[28/10/2011 - 08:43:42 | N | 4334592] G:\gestion des ventes.xls
[02/11/2011 - 17:32:24 | N | 18467] G:\BON CADEAU.docx
################## | Vaccin |
C:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
D:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
F:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
G:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)