cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

############################## | UsbFix V 7.159 | [Suppression]

Utilisateur: Rachid (Administrateur) # RACHIDOU
Mis � jour le 06/01/2014 par El Desaparecido - Team SosVirus
Lanc� � 22:51:44 | 13/04/2015

Site Web : http://www.usbfix.net
Changelog : http://www.usbfix.net/maj/
Support : http://www.sosvirus.net/
Upload Malware : http://www.sosvirus.net/upload_malware.php
Contact : http://www.usbfix.net/contact/

PC: SAMSUNG ELECTRONICS CO., LTD. (N150P/N210P/N220P )
CPU: Intel(R) Atom(TM) CPU N450 @ 1.66GHz
RAM -> [Total : 1013 Mo| Free : 519 Mo]
Bios: Phoenix Technologies Ltd.
Boot: Normal boot

OS: Microsoft Windows�7 �dition Int�grale (6.1.7600 32-Bit)
WB: Windows Internet Explorer : 8.0.7600.16385
WB: Mozilla Firefox : 32.0.1

SC: Security Center Service [Enabled]
WU: Windows Update Service [Enabled]
AS: Windows Defender : 6.1.7600.16385 (win7_rtm.090713-1255)
FW: Windows FireWall Service [(!) Disabled]

C:\ (%systemdrive%) -> Disque fixe # 29 Go (14 Go libre(s) - 48%) [] # NTFS
D:\ -> Disque fixe # 120 Go (109 Go libre(s) - 91%) [] # NTFS
E:\ -> Disque amovible # 4 Go (3 Go libre(s) - 73%) [GRTMPRMFPP_FR] # NTFS

################## | Processus Stopp�s |

Stopp�! C:\Windows\System32\rundll32.exe (ID: 3196 |ParentID: 644)
Stopp�! C:\Windows\system32\WUDFHost.exe (ID: 4388 |ParentID: 880)
Stopp�! C:\Windows\Explorer.exe (ID: 4416 |ParentID: 4968)
Stopp�! C:\Windows\system32\SearchIndexer.exe (ID: 5248 |ParentID: 524)
Stopp�! C:\Windows\system32\SearchProtocolHost.exe (ID: 5088 |ParentID: 5248)
Stopp�! C:\Windows\system32\SearchFilterHost.exe (ID: 3492 |ParentID: 5248)

################## | Regedit Run |

04 - HKLM\..\Run : [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
04 - HKLM\..\Run : [tdzmnrhfku] wscript.exe //B "C:\Users\abdou\AppData\Local\Temp\tdzmnrhfku..vbs"
04 - HKLM\..\Run : [cmsc] "c:\program files\cmcm\Clean Master\cmtray.exe" -autorun
04 - HKLM\..\RunOnce : []
04 - HKU\S-1-5-19\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-20\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-21-2439457940-1345779863-183732585-1000\..\Run : [Bienvenue] C:\Windows\system32\rundll32.exe C:\Windows\system32\OobeFldr.dll,ShowWelcomeCenter LaunchedBy_StartMenuShortcut
04 - HKU\S-1-5-21-2439457940-1345779863-183732585-1000\..\Run : [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
04 - HKU\S-1-5-21-2439457940-1345779863-183732585-1000\..\Run : [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
04 - HKU\S-1-5-21-2439457940-1345779863-183732585-1000\..\Run : [tdzmnrhfku] wscript.exe //B "C:\Users\abdou\AppData\Local\Temp\tdzmnrhfku..vbs"
04 - HKU\S-1-5-19\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-20\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe

################## | Recherche g�n�rique |

Supprim�! C:\Users\abdou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tdzmnrhfku..vbs
Supprim�! E:\tdzmnrhfku..vbs
Supprim�! C:\Users\abdou\AppData\Local\Temp\tdzmnrhfku..vbs
Supprim�! E:\2em semeste 2em ann�e.lnk
Supprim�! E:\application.lnk
Supprim�! E:\cours.lnk
Supprim�! E:\crypto.lnk
Supprim�! E:\Le-commerce-�lectronique.lnk
Supprim�! E:\memoire en progresse.lnk
Supprim�! E:\memoire.lnk
Supprim�! E:\Ontrack.lnk
Supprim�! E:\salat.lnk
Supprim�! E:\Sans titre.lnk
Supprim�! E:\stage.lnk
Supprim�! E:\System Volume Information.lnk
Supprim�! E:\tp1 TM.lnk

(!) Fichiers temporaires supprim�s.

################## | Registre |

R�par� ! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System|EnableLUA -> 1
R�par� ! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System|ConsentPromptBehaviorAdmin -> 5
Non R�par� ! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System|ConsentPromptBehaviorUser -> 3
R�par� ! HKLM\Software\Microsoft\Security Center|UacDisableNotify -> 0
Supprim�! HKU\S-1-5-21-2439457940-1345779863-183732585-1000\Software\Microsoft\Windows\CurrentVersion\Run|tdzmnrhfku
Supprim�! HKLM\Software\Microsoft\Windows\CurrentVersion\Run|tdzmnrhfku

################## | Listing |

[14/08/2014 - 13:05:44 | SHD] - C:\$Recycle.Bin
[14/08/2014 - 13:55:42 | SHD] - C:\Boot
[14/07/2009 - 03:38:58 | RASH | 375 Ko] - C:\bootmgr
[14/08/2014 - 13:55:42 | N | 8 Ko] - C:\BOOTSECT.BAK
[10/06/2009 - 23:42:20 | N | 0 Ko] - C:\config.sys
[14/07/2009 - 06:53:55 | SHD] - C:\Documents and Settings
[14/08/2014 - 13:15:34 | D] - C:\Intel
[26/03/2015 - 15:52:56 | RHD] - C:\MSOCache
[13/04/2015 - 14:02:37 | ASH | 1048576 Ko] - C:\pagefile.sys
[13/04/2015 - 15:00:27 | D] - C:\Program Files
[13/04/2015 - 15:00:28 | HD] - C:\ProgramData
[14/08/2014 - 13:05:01 | SHD] - C:\Recovery
[14/08/2014 - 13:18:19 | N | 0 Ko] - C:\setup.log
[13/04/2015 - 14:47:01 | SHD] - C:\System Volume Information
[13/04/2015 - 22:51:47 | D] - C:\UsbFix
[13/04/2015 - 22:54:32 | A | 5 Ko | 6FAF0163189EC4B3A4A45DFF0D48164A] - C:\UsbFix [Clean 1] RACHIDOU.txt
[13/04/2015 - 22:50:21 | N | 6 Ko | 5AB0E2D8E80B6E5A8EEBB8BBD1368FA1] - C:\UsbFix [Scan 3] RACHIDOU.txt
[13/04/2015 - 15:01:03 | D] - C:\Users
[09/04/2015 - 08:45:40 | D] - C:\wamp
[13/04/2015 - 15:01:21 | D] - C:\Windows
[13/04/2015 - 08:53:48 | D] - C:\xampp
[14/08/2014 - 13:05:44 | SHD] - D:\$RECYCLE.BIN
[28/02/2015 - 19:18:09 | N | 28 Ko] - D:\10363250_355182947998654_5545360985428941553_n.jpg
[13/04/2015 - 10:25:53 | D] - D:\abdou
[13/04/2015 - 22:50:20 | RASHD] - D:\Autorun.inf
[13/04/2015 - 17:23:52 | N | 380 Ko] - D:\emilierose(1).docx
[07/11/2007 - 09:00:40 | N | 17 Ko | 9147A93F43D8E58218EBCB15FDA888C9] - D:\eula.1028.txt
[07/11/2007 - 09:00:40 | N | 17 Ko | 9147A93F43D8E58218EBCB15FDA888C9] - D:\eula.1031.txt
[07/11/2007 - 09:00:40 | N | 10 Ko | 99C22D4A31F4EAD4351B71D6F4E5F6A1] - D:\eula.1033.txt
[07/11/2007 - 09:00:40 | N | 17 Ko | 9147A93F43D8E58218EBCB15FDA888C9] - D:\eula.1036.txt
[07/11/2007 - 09:00:40 | N | 17 Ko | 9147A93F43D8E58218EBCB15FDA888C9] - D:\eula.1040.txt
[07/11/2007 - 09:00:40 | N | 0 Ko | 9B15A3A055CC6E67EA191A1B7885649A] - D:\eula.1041.txt
[07/11/2007 - 09:00:40 | N | 17 Ko | 9147A93F43D8E58218EBCB15FDA888C9] - D:\eula.1042.txt
[07/11/2007 - 09:00:40 | N | 17 Ko | 9147A93F43D8E58218EBCB15FDA888C9] - D:\eula.2052.txt
[07/11/2007 - 09:00:40 | N | 17 Ko | 9147A93F43D8E58218EBCB15FDA888C9] - D:\eula.3082.txt
[07/11/2007 - 09:00:40 | N | 1 Ko] - D:\globdata.ini
[23/11/2014 - 22:25:24 | D] - D:\images
[07/11/2007 - 09:03:18 | N | 550 Ko | 520A6D1CBCC9CF642C625FE814C93C58] - D:\install.exe
[07/11/2007 - 09:00:40 | N | 1 Ko] - D:\install.ini
[07/11/2007 - 09:03:18 | N | 75 Ko | 4151A4D07640863783F837E588235837] - D:\install.res.1028.dll
[07/11/2007 - 09:03:18 | N | 94 Ko | 3B8A82E04238655EAEF97E074FB29911] - D:\install.res.1031.dll
[07/11/2007 - 09:03:18 | N | 89 Ko | 9EDEB8B1C5C0A4CD3A3016B85108127D] - D:\install.res.1033.dll
[07/11/2007 - 09:03:18 | N | 95 Ko | 5B6FF470CFA7087690E61F87E81EF78A] - D:\install.res.1036.dll
[07/11/2007 - 09:03:18 | N | 93 Ko | 6310AB8FC9E3DBEE80592FC453A34FEE] - D:\install.res.1040.dll
[07/11/2007 - 09:03:18 | N | 80 Ko | 13ED4517152203DE4BC52ACC0255D952] - D:\install.res.1041.dll
[07/11/2007 - 09:03:18 | N | 78 Ko | 0D4FB4095EA49C1EC89B9E8DB0B936A3] - D:\install.res.1042.dll
[07/11/2007 - 09:03:18 | N | 74 Ko | D7366B34E8AFB605C39EF56E2201FE85] - D:\install.res.2052.dll
[07/11/2007 - 09:03:18 | N | 94 Ko | 41BB37A347121F3E5E88D85100638B79] - D:\install.res.3082.dll
[27/03/2014 - 14:03:57 | SHD] - D:\RECYCLER
[13/04/2015 - 14:51:43 | D] - D:\siteweb
[25/11/2014 - 11:19:18 | SHD] - D:\System Volume Information
[07/11/2007 - 09:00:40 | N | 6 Ko] - D:\vcredist.bmp
[07/11/2007 - 09:09:22 | N | 1409 Ko] - D:\VC_RED.cab
[07/11/2007 - 09:12:28 | N | 228 Ko] - D:\VC_RED.MSI
[20/02/2015 - 16:02:02 | D] - D:\Videos
[13/04/2015 - 17:23:37 | N | 0 Ko] - D:\~$ilierose(1).docx
[13/04/2015 - 16:39:00 | D] - E:\2em semeste 2em ann�e
[13/04/2015 - 16:31:19 | D] - E:\application
[13/04/2015 - 22:50:20 | RASHD] - E:\Autorun.inf
[13/04/2015 - 16:35:13 | D] - E:\cours
[19/01/2015 - 22:32:51 | N | 17 Ko] - E:\crypto.docx
[28/01/2015 - 17:53:39 | N | 340 Ko] - E:\Le-commerce-�lectronique.docx
[13/04/2015 - 16:35:28 | D] - E:\memoire
[13/04/2015 - 16:35:34 | D] - E:\memoire en progresse
[17/09/2013 - 13:48:44 | N | 12706 Ko] - E:\Ontrack.EasyRecovery.Professional.10.0.5.6 + Patch.rar
[24/02/2015 - 15:11:19 | N | 13 Ko] - E:\salat.docx
[25/02/2015 - 19:27:58 | N | 210 Ko] - E:\Sans titre.jpg
[13/04/2015 - 16:38:25 | D] - E:\stage
[13/04/2015 - 16:30:39 | SHD] - E:\System Volume Information
[19/03/2015 - 00:12:20 | N | 34 Ko] - E:\tp1 TM.doc

################## | Vaccin |

D:\Autorun.inf -> Vaccin cr�� par UsbFix (El Desaparecido)
E:\Autorun.inf -> Vaccin cr�� par UsbFix (El Desaparecido)

################## | E.O.F | http://www.usbfix.net - http://www.sosvirus.net |

Publicité


Signaler le contenu de ce document

Publicité