############################## | UsbFix V 7.136 | [Suppression] Utilisateur: Administrateur (Administrateur) # DELL-AC125E3196 Mis à jour le 17/09/2013 par El Desaparecido - Team SosVirus Lancé à 15:10:50 | 09/01/2014 Site Web: http://www.usbfix.net/ Forum : http://www.sosvirus.net/ Upload Malware: http://www.sosvirus.net/upload_malware.php Contact: http://www.usbfix.net/contact/ PC: Dell Computer Corporation (OptiPlex GX270 ) (X86-based PC) CPU: Intel(R) Pentium(R) 4 CPU 2.80GHz (2793) RAM -> [Total : 1534 | Free : 908] BIOS: Phoenix ROM BIOS PLUS Version 1.10 A06 BOOT: Normal boot OS: Microsoft Windows XP Professionnel (5.1.2600 32-Bit) # Service Pack 3 WB: Windows Internet Explorer 8.0.6001.18702 SC: Security Center Service [Enabled] WU: Windows Update Service [Enabled] FW: Windows FireWall Service [Enabled] C:\ (%systemdrive%) -> Disque fixe # 75 Go (14 Go libre(s) - 19%) [] # NTFS D:\ -> CD-ROM E:\ -> Disque amovible # 4 Go (4 Go libre(s) - 97%) [] # FAT32 F:\ -> Disque amovible # 8 Go (7 Go libre(s) - 98%) [CATARINA] # FAT32 ################## | El Desaparecido Section | HKLM\SOFTWARE | Run : [Adobe ARM] - "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" HKLM\SOFTWARE | Run : [Synchronization Manager] - %SystemRoot%\system32\mobsync.exe /logon HKLM\SOFTWARE | Run : [Logitech Utility] - Logi_MwX.Exe HKLM\SOFTWARE | Run : [AvastUI.exe] - "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui HKLM\SOFTWARE | Run : [] - HKLM\SOFTWARE | Run : [PSBO Clean] - C:\Program Files\KONICA MINOLTA\PageScope Box Operator\PSBO.exe /clean HKLM\SOFTWARE | Run : [SunJavaUpdateSched] - "C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe" HKLM\SOFTWARE | Run : [flashmemory] - wscript.exe //B "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\flashmemory.vbe" HKLM\SOFTWARE | RunOnce : [] - HKU\S-1-5-19\SOFTWARE | Run : [CTFMON.EXE] - C:\WINDOWS\system32\CTFMON.EXE HKU\S-1-5-20\SOFTWARE | Run : [CTFMON.EXE] - C:\WINDOWS\system32\CTFMON.EXE HKU\S-1-5-21-1343024091-630328440-1801674531-500\SOFTWARE | Run : [ctfmon.exe] - C:\WINDOWS\system32\ctfmon.exe HKU\S-1-5-21-1343024091-630328440-1801674531-500\SOFTWARE | Run : [MSMSGS] - "C:\Program Files\Messenger\msmsgs.exe" /background HKU\S-1-5-21-1343024091-630328440-1801674531-500\SOFTWARE | Run : [flashmemory] - wscript.exe //B "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\flashmemory.vbe" HKU\S-1-5-18\SOFTWARE | Run : [CTFMON.EXE] - C:\WINDOWS\system32\CTFMON.EXE ################## | Processus Stoppés | Stoppé! C:\WINDOWS\Explorer.EXE (248) Stoppé! C:\Program Files\AVAST Software\Avast\AvastSvc.exe (368) Stoppé! C:\Program Files\AVAST Software\Avast\afwServ.exe (444) Stoppé! C:\WINDOWS\system32\spoolsv.exe (660) Stoppé! C:\Program Files\AVAST Software\Avast\AvastUI.exe (1016) Stoppé! C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe (1036) Stoppé! C:\WINDOWS\system32\ctfmon.exe (1044) Stoppé! C:\Program Files\Messenger\msmsgs.exe (1060) Stoppé! C:\Program Files\KONICA MINOLTA\PageScope Direct Print 1.1\KMDPHFMG.exe (1264) Stoppé! C:\Documents and Settings\All Users\Application Data\U3\U3Launcher\LaunchU3.exe (1396) Stoppé! C:\Program Files\Logitech\MouseWare\system\em_exec.exe (1460) Stoppé! C:\Program Files\Nero\Nero8\InCD\InCDsrv.exe (1808) Stoppé! C:\Program Files\Java\jre7\bin\jqs.exe (1852) Stoppé! C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe (1956) Stoppé! C:\Program Files\Nero\Nero8\InCD\NBHRegInCDSrv.exe (416) Stoppé! C:\WINDOWS\system32\IoctlSvc.exe (164) Stoppé! C:\WINDOWS\System32\alg.exe (4004) Stoppé! C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe (3704) Stoppé! C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe (316) Stoppé! C:\Program Files\Google\Chrome\Application\chrome.exe (3272) Stoppé! C:\Program Files\Google\Chrome\Application\chrome.exe (3316) Stoppé! C:\WINDOWS\system32\wscript.exe (3060) ################## | Éléments infectieux |