cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

############################## | UsbFix V 7.136 | [Suppression]

Utilisateur: Administrateur (Administrateur) # DELL-AC125E3196
Mis à jour le 17/09/2013 par El Desaparecido - Team SosVirus
Lancé à 12:31:20 | 10/01/2014

Site Web: http://www.usbfix.net/
Forum : http://www.sosvirus.net/
Upload Malware: http://www.sosvirus.net/upload_malware.php
Contact: http://www.usbfix.net/contact/

PC: Dell Computer Corporation (OptiPlex GX270 ) (X86-based PC)
CPU: Intel(R) Pentium(R) 4 CPU 2.80GHz (2793)
RAM -> [Total : 1534 | Free : 762]
BIOS: Phoenix ROM BIOS PLUS Version 1.10 A06
BOOT: Normal boot

OS: Microsoft Windows XP Professionnel (5.1.2600 32-Bit) # Service Pack 3
WB: Windows Internet Explorer 8.0.6001.18702

SC: Security Center Service [Enabled]
WU: Windows Update Service [Enabled]
FW: Windows FireWall Service [Enabled]

C:\ (%systemdrive%) -> Disque fixe # 75 Go (14 Go libre(s) - 19%) [] # NTFS
D:\ -> CD-ROM

################## | El Desaparecido Section |

HKLM\SOFTWARE | Run : [Adobe ARM] - "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
HKLM\SOFTWARE | Run : [Synchronization Manager] - %SystemRoot%\system32\mobsync.exe /logon
HKLM\SOFTWARE | Run : [Logitech Utility] - Logi_MwX.Exe
HKLM\SOFTWARE | Run : [AvastUI.exe] - "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
HKLM\SOFTWARE | Run : [] -
HKLM\SOFTWARE | Run : [PSBO Clean] - C:\Program Files\KONICA MINOLTA\PageScope Box Operator\PSBO.exe /clean
HKLM\SOFTWARE | Run : [SunJavaUpdateSched] - "C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe"
HKLM\SOFTWARE | RunOnce : [] -
HKU\S-1-5-19\SOFTWARE | Run : [CTFMON.EXE] - C:\WINDOWS\system32\CTFMON.EXE
HKU\S-1-5-20\SOFTWARE | Run : [CTFMON.EXE] - C:\WINDOWS\system32\CTFMON.EXE
HKU\S-1-5-21-1343024091-630328440-1801674531-500\SOFTWARE | Run : [ctfmon.exe] - C:\WINDOWS\system32\ctfmon.exe
HKU\S-1-5-21-1343024091-630328440-1801674531-500\SOFTWARE | Run : [MSMSGS] - "C:\Program Files\Messenger\msmsgs.exe" /background
HKU\S-1-5-18\SOFTWARE | Run : [CTFMON.EXE] - C:\WINDOWS\system32\CTFMON.EXE

################## | Processus Stoppés |

Stoppé! C:\WINDOWS\Explorer.EXE (140)
Stoppé! C:\Program Files\AVAST Software\Avast\AvastSvc.exe (332)
Stoppé! C:\Program Files\AVAST Software\Avast\afwServ.exe (428)
Stoppé! C:\WINDOWS\system32\spoolsv.exe (624)
Stoppé! C:\Program Files\AVAST Software\Avast\AvastUI.exe (1128)
Stoppé! C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe (1348)
Stoppé! C:\WINDOWS\system32\ctfmon.exe (1356)
Stoppé! C:\Program Files\Messenger\msmsgs.exe (1424)
Stoppé! C:\Program Files\KONICA MINOLTA\PageScope Direct Print 1.1\KMDPHFMG.exe (1536)
Stoppé! C:\Documents and Settings\All Users\Application Data\U3\U3Launcher\LaunchU3.exe (1572)
Stoppé! C:\Program Files\Logitech\MouseWare\system\em_exec.exe (1580)
Stoppé! C:\Program Files\Nero\Nero8\InCD\InCDsrv.exe (2044)
Stoppé! C:\Program Files\Java\jre7\bin\jqs.exe (320)
Stoppé! C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe (396)
Stoppé! C:\Program Files\Nero\Nero8\InCD\NBHRegInCDSrv.exe (1672)
Stoppé! C:\WINDOWS\system32\IoctlSvc.exe (1048)
Stoppé! C:\WINDOWS\System32\alg.exe (3644)
Stoppé! C:\Program Files\Google\Chrome\Application\chrome.exe (3264)
Stoppé! C:\Program Files\Google\Chrome\Application\chrome.exe (180)
Stoppé! C:\Program Files\Google\Chrome\Application\chrome.exe (1060)
Stoppé! C:\Program Files\Google\Chrome\Application\chrome.exe (664)

################## | Éléments infectieux |


(!) Fichiers temporaires supprimés.

################## | Registre |


################## | Mountpoints2 |


################## | Listing |

[07/04/2011 - 15:52:05 | N | 0] C:\AUTOEXEC.BAT
[09/01/2014 - 16:00:38 | RASHD ] C:\Autorun.inf
[14/02/2012 - 15:37:23 | N | 212] C:\boot.ini
[28/09/2001 - 13:00:00 | N | 4952] C:\Bootfont.bin
[09/07/2011 - 17:32:36 | D ] C:\ca581a0dab5e520c5a149d
[05/04/2012 - 11:01:43 | N | 192481] C:\canvasx.log
[18/12/2013 - 17:12:13 | D ] C:\Config.Msi
[07/04/2011 - 15:52:05 | N | 0] C:\CONFIG.SYS
[07/04/2011 - 17:15:09 | D ] C:\dell
[07/04/2011 - 15:59:39 | D ] C:\Documents and Settings
[07/04/2011 - 18:17:29 | D ] C:\drvrtmp
[15/12/2012 - 15:36:36 | D ] C:\ExtendedDB
[24/04/2013 - 08:39:08 | D ] C:\Firefox
[07/04/2011 - 15:52:05 | N | 0] C:\IO.SYS
[07/04/2011 - 15:52:05 | N | 0] C:\MSDOS.SYS
[08/04/2011 - 11:03:55 | RHD ] C:\MSOCache
[03/08/2004 - 21:38:34 | N | 47564] C:\NTDETECT.COM
[07/04/2011 - 17:30:36 | N | 252240] C:\ntldr
[10/01/2014 - 09:08:06 | ASH | 2097152000] C:\pagefile.sys
[27/12/2013 - 18:35:53 | D ] C:\Program Files
[07/04/2011 - 18:18:43 | SHD ] C:\RECYCLER
[30/09/2013 - 09:05:21 | D ] C:\scan
[21/11/2012 - 17:37:02 | SHD ] C:\System Volume Information
[10/01/2014 - 12:33:00 | D ] C:\UsbFix
[09/01/2014 - 15:12:21 | N | 4029] C:\UsbFix [Clean 1] DELL-AC125E3196.txt
[09/01/2014 - 15:22:22 | N | 7525] C:\UsbFix [Clean 2] DELL-AC125E3196.txt
[09/01/2014 - 16:00:53 | N | 5340] C:\UsbFix [Clean 3] DELL-AC125E3196.txt
[10/01/2014 - 12:34:00 | A | 5112] C:\UsbFix [Clean 4] DELL-AC125E3196.txt
[17/05/2011 - 16:52:30 | D ] C:\utils
[09/01/2014 - 15:13:23 | D ] C:\WINDOWS

################## | Vaccin |

C:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)

################## | E.O.F | http://www.usbfix.net - http://www.sosvirus.net |

Publicité


Signaler le contenu de ce document

Publicité