Publicité
Publicité
Format du document : text/plain
Prévisualisation
############################## | UsbFix V 7.136 | [Suppression]
Utilisateur: Administrateur (Administrateur) # DELL-AC125E3196
Mis à jour le 17/09/2013 par El Desaparecido - Team SosVirus
Lancé à 15:10:50 | 09/01/2014
Site Web: http://www.usbfix.net/
Forum : http://www.sosvirus.net/
Upload Malware: http://www.sosvirus.net/upload_malware.php
Contact: http://www.usbfix.net/contact/
PC: Dell Computer Corporation (OptiPlex GX270 ) (X86-based PC)
CPU: Intel(R) Pentium(R) 4 CPU 2.80GHz (2793)
RAM -> [Total : 1534 | Free : 908]
BIOS: Phoenix ROM BIOS PLUS Version 1.10 A06
BOOT: Normal boot
OS: Microsoft Windows XP Professionnel (5.1.2600 32-Bit) # Service Pack 3
WB: Windows Internet Explorer 8.0.6001.18702
SC: Security Center Service [Enabled]
WU: Windows Update Service [Enabled]
FW: Windows FireWall Service [Enabled]
C:\ (%systemdrive%) -> Disque fixe # 75 Go (14 Go libre(s) - 19%) [] # NTFS
D:\ -> CD-ROM
E:\ -> Disque amovible # 4 Go (4 Go libre(s) - 97%) [] # FAT32
F:\ -> Disque amovible # 8 Go (7 Go libre(s) - 98%) [CATARINA] # FAT32
################## | El Desaparecido Section |
HKLM\SOFTWARE | Run : [Adobe ARM] - "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
HKLM\SOFTWARE | Run : [Synchronization Manager] - %SystemRoot%\system32\mobsync.exe /logon
HKLM\SOFTWARE | Run : [Logitech Utility] - Logi_MwX.Exe
HKLM\SOFTWARE | Run : [AvastUI.exe] - "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
HKLM\SOFTWARE | Run : [] -
HKLM\SOFTWARE | Run : [PSBO Clean] - C:\Program Files\KONICA MINOLTA\PageScope Box Operator\PSBO.exe /clean
HKLM\SOFTWARE | Run : [SunJavaUpdateSched] - "C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe"
HKLM\SOFTWARE | Run : [flashmemory] - wscript.exe //B "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\flashmemory.vbe"
HKLM\SOFTWARE | RunOnce : [] -
HKU\S-1-5-19\SOFTWARE | Run : [CTFMON.EXE] - C:\WINDOWS\system32\CTFMON.EXE
HKU\S-1-5-20\SOFTWARE | Run : [CTFMON.EXE] - C:\WINDOWS\system32\CTFMON.EXE
HKU\S-1-5-21-1343024091-630328440-1801674531-500\SOFTWARE | Run : [ctfmon.exe] - C:\WINDOWS\system32\ctfmon.exe
HKU\S-1-5-21-1343024091-630328440-1801674531-500\SOFTWARE | Run : [MSMSGS] - "C:\Program Files\Messenger\msmsgs.exe" /background
HKU\S-1-5-21-1343024091-630328440-1801674531-500\SOFTWARE | Run : [flashmemory] - wscript.exe //B "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\flashmemory.vbe"
HKU\S-1-5-18\SOFTWARE | Run : [CTFMON.EXE] - C:\WINDOWS\system32\CTFMON.EXE
################## | Processus Stoppés |
Stoppé! C:\WINDOWS\Explorer.EXE (248)
Stoppé! C:\Program Files\AVAST Software\Avast\AvastSvc.exe (368)
Stoppé! C:\Program Files\AVAST Software\Avast\afwServ.exe (444)
Stoppé! C:\WINDOWS\system32\spoolsv.exe (660)
Stoppé! C:\Program Files\AVAST Software\Avast\AvastUI.exe (1016)
Stoppé! C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe (1036)
Stoppé! C:\WINDOWS\system32\ctfmon.exe (1044)
Stoppé! C:\Program Files\Messenger\msmsgs.exe (1060)
Stoppé! C:\Program Files\KONICA MINOLTA\PageScope Direct Print 1.1\KMDPHFMG.exe (1264)
Stoppé! C:\Documents and Settings\All Users\Application Data\U3\U3Launcher\LaunchU3.exe (1396)
Stoppé! C:\Program Files\Logitech\MouseWare\system\em_exec.exe (1460)
Stoppé! C:\Program Files\Nero\Nero8\InCD\InCDsrv.exe (1808)
Stoppé! C:\Program Files\Java\jre7\bin\jqs.exe (1852)
Stoppé! C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe (1956)
Stoppé! C:\Program Files\Nero\Nero8\InCD\NBHRegInCDSrv.exe (416)
Stoppé! C:\WINDOWS\system32\IoctlSvc.exe (164)
Stoppé! C:\WINDOWS\System32\alg.exe (4004)
Stoppé! C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe (3704)
Stoppé! C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe (316)
Stoppé! C:\Program Files\Google\Chrome\Application\chrome.exe (3272)
Stoppé! C:\Program Files\Google\Chrome\Application\chrome.exe (3316)
Stoppé! C:\WINDOWS\system32\wscript.exe (3060)
################## | Éléments infectieux |
Utilisateur: Administrateur (Administrateur) # DELL-AC125E3196
Mis à jour le 17/09/2013 par El Desaparecido - Team SosVirus
Lancé à 15:10:50 | 09/01/2014
Site Web: http://www.usbfix.net/
Forum : http://www.sosvirus.net/
Upload Malware: http://www.sosvirus.net/upload_malware.php
Contact: http://www.usbfix.net/contact/
PC: Dell Computer Corporation (OptiPlex GX270 ) (X86-based PC)
CPU: Intel(R) Pentium(R) 4 CPU 2.80GHz (2793)
RAM -> [Total : 1534 | Free : 908]
BIOS: Phoenix ROM BIOS PLUS Version 1.10 A06
BOOT: Normal boot
OS: Microsoft Windows XP Professionnel (5.1.2600 32-Bit) # Service Pack 3
WB: Windows Internet Explorer 8.0.6001.18702
SC: Security Center Service [Enabled]
WU: Windows Update Service [Enabled]
FW: Windows FireWall Service [Enabled]
C:\ (%systemdrive%) -> Disque fixe # 75 Go (14 Go libre(s) - 19%) [] # NTFS
D:\ -> CD-ROM
E:\ -> Disque amovible # 4 Go (4 Go libre(s) - 97%) [] # FAT32
F:\ -> Disque amovible # 8 Go (7 Go libre(s) - 98%) [CATARINA] # FAT32
################## | El Desaparecido Section |
HKLM\SOFTWARE | Run : [Adobe ARM] - "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
HKLM\SOFTWARE | Run : [Synchronization Manager] - %SystemRoot%\system32\mobsync.exe /logon
HKLM\SOFTWARE | Run : [Logitech Utility] - Logi_MwX.Exe
HKLM\SOFTWARE | Run : [AvastUI.exe] - "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
HKLM\SOFTWARE | Run : [] -
HKLM\SOFTWARE | Run : [PSBO Clean] - C:\Program Files\KONICA MINOLTA\PageScope Box Operator\PSBO.exe /clean
HKLM\SOFTWARE | Run : [SunJavaUpdateSched] - "C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe"
HKLM\SOFTWARE | Run : [flashmemory] - wscript.exe //B "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\flashmemory.vbe"
HKLM\SOFTWARE | RunOnce : [] -
HKU\S-1-5-19\SOFTWARE | Run : [CTFMON.EXE] - C:\WINDOWS\system32\CTFMON.EXE
HKU\S-1-5-20\SOFTWARE | Run : [CTFMON.EXE] - C:\WINDOWS\system32\CTFMON.EXE
HKU\S-1-5-21-1343024091-630328440-1801674531-500\SOFTWARE | Run : [ctfmon.exe] - C:\WINDOWS\system32\ctfmon.exe
HKU\S-1-5-21-1343024091-630328440-1801674531-500\SOFTWARE | Run : [MSMSGS] - "C:\Program Files\Messenger\msmsgs.exe" /background
HKU\S-1-5-21-1343024091-630328440-1801674531-500\SOFTWARE | Run : [flashmemory] - wscript.exe //B "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\flashmemory.vbe"
HKU\S-1-5-18\SOFTWARE | Run : [CTFMON.EXE] - C:\WINDOWS\system32\CTFMON.EXE
################## | Processus Stoppés |
Stoppé! C:\WINDOWS\Explorer.EXE (248)
Stoppé! C:\Program Files\AVAST Software\Avast\AvastSvc.exe (368)
Stoppé! C:\Program Files\AVAST Software\Avast\afwServ.exe (444)
Stoppé! C:\WINDOWS\system32\spoolsv.exe (660)
Stoppé! C:\Program Files\AVAST Software\Avast\AvastUI.exe (1016)
Stoppé! C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe (1036)
Stoppé! C:\WINDOWS\system32\ctfmon.exe (1044)
Stoppé! C:\Program Files\Messenger\msmsgs.exe (1060)
Stoppé! C:\Program Files\KONICA MINOLTA\PageScope Direct Print 1.1\KMDPHFMG.exe (1264)
Stoppé! C:\Documents and Settings\All Users\Application Data\U3\U3Launcher\LaunchU3.exe (1396)
Stoppé! C:\Program Files\Logitech\MouseWare\system\em_exec.exe (1460)
Stoppé! C:\Program Files\Nero\Nero8\InCD\InCDsrv.exe (1808)
Stoppé! C:\Program Files\Java\jre7\bin\jqs.exe (1852)
Stoppé! C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe (1956)
Stoppé! C:\Program Files\Nero\Nero8\InCD\NBHRegInCDSrv.exe (416)
Stoppé! C:\WINDOWS\system32\IoctlSvc.exe (164)
Stoppé! C:\WINDOWS\System32\alg.exe (4004)
Stoppé! C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe (3704)
Stoppé! C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe (316)
Stoppé! C:\Program Files\Google\Chrome\Application\chrome.exe (3272)
Stoppé! C:\Program Files\Google\Chrome\Application\chrome.exe (3316)
Stoppé! C:\WINDOWS\system32\wscript.exe (3060)
################## | Éléments infectieux |