Publicité
Publicité
Format du document : text/plain
Prévisualisation
############################## | UsbFix V 7.163 | [Suppression]
Utilisateur: CC (Administrateur) # C�LINE
Mis � jour le 02/02/2014 par El Desaparecido - Team SosVirus
Lanc� � 12:16:39 | 05/02/2014
Site Web : http://www.usbfix.net
Changelog : http://www.usbfix.net/maj/
Support : http://www.sosvirus.net/
Upload Malware : http://www.sosvirus.net/upload_malware.php
Contact : http://www.usbfix.net/contact/
PC: NEC COMPUTERS INTERNATIONAL (NEC Versa Premium )
CPU: AMD Turion(tm) 64 Mobile Technology ML-30
RAM -> [Total : 959 Mo| Free : 475 Mo]
Bios: Insyde Software
Boot: Normal boot
OS: Microsoft Windows XP �dition familiale (5.1.2600 32-Bit) Service Pack 3
WB: Windows Internet Explorer : 8.0.6001.18702
WB: Google Chrome : 32.0.1700.107
WB: Mozilla Firefox : 18.0.1
SC: Security Center [Enabled]
WU: Windows Update [Enabled]
FW: Windows FireWall [Enabled]
AS: Malwarebytes' Anti-Malware : 1.75.0001
C:\ (%systemdrive%) -> Disque fixe # 71 Go (33 Go libre(s) - 47%) [HDD] # NTFS
D:\ -> CD-ROM
E:\ -> CD-ROM
F:\ -> Disque amovible # 30 Go (26 Go libre(s) - 87%) [] # FAT32
################## | Processus Actif |
C:\WINDOWS\System32\smss.exe (ID: 696 |ParentID: 4)
C:\WINDOWS\system32\winlogon.exe (ID: 768 |ParentID: 696)
C:\WINDOWS\system32\services.exe (ID: 812 |ParentID: 768)
C:\WINDOWS\system32\lsass.exe (ID: 824 |ParentID: 768)
C:\WINDOWS\system32\svchost.exe (ID: 992 |ParentID: 812)
C:\WINDOWS\System32\svchost.exe (ID: 1136 |ParentID: 812)
C:\WINDOWS\system32\svchost.exe (ID: 1176 |ParentID: 812)
C:\WINDOWS\Explorer.EXE (ID: 1636 |ParentID: 1576)
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (ID: 1728 |ParentID: 812)
C:\WINDOWS\system32\spoolsv.exe (ID: 1924 |ParentID: 812)
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe (ID: 1092 |ParentID: 812)
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe (ID: 1232 |ParentID: 812)
C:\Program Files\Java\jre6\bin\jqs.exe (ID: 1376 |ParentID: 812)
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe (ID: 1320 |ParentID: 812)
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (ID: 232 |ParentID: 812)
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE (ID: 248 |ParentID: 812)
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (ID: 472 |ParentID: 232)
C:\WINDOWS\system32\slserv.exe (ID: 500 |ParentID: 812)
C:\WINDOWS\system32\svchost.exe (ID: 552 |ParentID: 812)
C:\Program Files\NETGEAR\WNA3100M\WifiSvc.exe (ID: 580 |ParentID: 812)
C:\WINDOWS\system32\wuauclt.exe (ID: 1548 |ParentID: 1136)
C:\WINDOWS\system32\wbem\wmiapsrv.exe (ID: 2912 |ParentID: 812)
C:\Program Files\Alwil Software\Avast5\setup\avast.setup (ID: 2276 |ParentID: 1728)
C:\WINDOWS\System32\svchost.exe (ID: 324 |ParentID: 812)
################## | Regedit Run |
04 - HKCU\..\Run : [Documentation] wscript.exe //B "C:\DOCUME~1\CC\LOCALS~1\Temp\Documentation.vbs"
04 - HKCU\..\Run : [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
04 - HKLM\..\Run : [VTTimer] VTTimer.exe
04 - HKLM\..\Run : [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
04 - HKLM\..\Run : [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
04 - HKLM\..\Run : []
04 - HKLM\..\Run : [Documentation] wscript.exe //B "C:\DOCUME~1\CC\LOCALS~1\Temp\Documentation.vbs"
04 - HKLM\Software\Microsoft\Windows NT\CurrentVersion\Terminal Server\Install\..\Run : []
04 - HKLM\Software\Microsoft\Windows NT\CurrentVersion\Terminal Server\Install\..\RunOnce : []
04 - HKU\S-1-5-19\..\Run : [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE
04 - HKU\S-1-5-20\..\Run : [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE
04 - HKU\S-1-5-21-3369366591-1348367908-779629615-1006\..\Run : [Documentation] wscript.exe //B "C:\DOCUME~1\CC\LOCALS~1\Temp\Documentation.vbs"
04 - HKU\S-1-5-21-3369366591-1348367908-779629615-1006\..\Run : [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
04 - HKU\S-1-5-18\..\Run : [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE
################## | Recherche g�n�rique |
Supprim�! C:\Documents and Settings\CC\Menu D�marrer\Programmes\D�marrage\Documentation.vbs
Supprim�! F:\Documentation.vbs
Supprim�! C:\DOCUME~1\CC\LOCALS~1\Temp\Documentation.vbs
Supprim�! F:\Ernest et Celestine Mkv HD 720p FRENCH AAC 5.lnk
Supprim�! F:\System Volume Information.lnk
Supprim�! F:\scrubs.lnk
Supprim�! F:\.Trash-1000.lnk
Supprim�! F:\Le.huiti�me.jour.1996.FRENCH.DVDRip.XviD.AC3-Love&Hate.lnk
Supprim�! F:\Autorun.inf.lnk
(!) Fichiers temporaires supprim�s.
################## | Registre |
R�par� ! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System|EnableLUA -> 1
R�par� ! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System|ConsentPromptBehaviorAdmin -> 5
Supprim�! HKU\S-1-5-21-3369366591-1348367908-779629615-1006\Software\Microsoft\Windows\CurrentVersion\Run|Documentation
Supprim�! HKLM\Software\Microsoft\Windows\CurrentVersion\Run|Documentation
################## | Listing |
[25/01/2009 - 10:22:04 | DC] - C:\!KillBox
[01/01/2008 - 19:59:36 | DC] - C:\$VAULT$.AVG
[17/05/2012 - 08:38:31 | DC] - C:\10b2b84a50f583f98e
[26/08/2009 - 08:01:21 | DC] - C:\151a6cb6f9895fa7621ba8ee7c86
[22/03/2012 - 00:27:25 | DC] - C:\3e3a74629727b265e4ec536f607d14
[16/05/2012 - 23:41:29 | DC] - C:\421d9dbc0bdfac3b0a0be0
[18/11/2006 - 00:15:34 | DC] - C:\4dbec11710d8890b0c53481eabd5
[08/12/2006 - 00:58:02 | DC] - C:\68ed557daa35f8e55e
[26/04/2012 - 18:50:16 | DC] - C:\8509445f683a9ec47f5a36bab5d0
[04/02/2014 - 09:06:40 | DC] - C:\AdwCleaner
[10/05/2007 - 11:31:02 | C | 80 Ko] - C:\agentreg.dll.vcd
[06/07/2008 - 21:37:49 | DC] - C:\Anuman Interactive
[24/04/2005 - 14:07:56 | DC] - C:\APPS
[16/06/2009 - 11:33:42 | DC] - C:\audio
[23/10/2007 - 15:05:56 | C | 44 Ko] - C:\bdch.dll.vcd
[09/05/2007 - 10:22:00 | C | 428 Ko] - C:\bdguictl.dll.vcd
[23/10/2007 - 15:05:48 | C | 188 Ko] - C:\bdsubmit.dll.vcd
[23/10/2007 - 15:06:16 | C | 172 Ko] - C:\bdsubmit.exe.vcd
[08/03/2007 - 18:00:42 | C | 60 Ko] - C:\bdutils.dll.vcd
[24/04/2005 - 13:54:04 | C | 0 Ko] - C:\BOOT.BAK
[10/04/2009 - 14:15:04 | RASHC | 0 Ko] - C:\BOOT.INI
[05/08/2004 - 13:00:00 | C | 5 Ko] - C:\Bootfont.bin
[30/12/2013 - 22:59:52 | DC] - C:\CanonMF
[24/04/2005 - 13:58:26 | DC] - C:\cmdcons
[05/08/2004 - 13:00:00 | N | 257 Ko] - C:\cmldr
[04/02/2014 - 13:23:17 | DC] - C:\Config.Msi
[07/10/2008 - 09:58:37 | C | 0 Ko] - C:\CreateMarkers.log
[23/11/2013 - 23:58:33 | DC] - C:\da555b75db8671f987d870
[01/06/2012 - 15:37:54 | DC] - C:\Diskeeper
[24/04/2005 - 14:00:41 | DC] - C:\DIVTOOLS
[31/05/2012 - 08:30:55 | C | 9 Ko] - C:\DkBootTime.log
[05/02/2014 - 12:16:15 | C | 0 Ko] - C:\DkHyperbootSync
[13/11/2008 - 13:52:45 | DC] - C:\Documents and Settings
[28/01/2009 - 15:33:02 | D] - C:\DRIVERS
[24/04/2005 - 13:16:56 | C | 5 Ko | 67887E985716E3C9E1FDF854413BB7D9] - C:\DWNLOG.TXT
[23/03/2007 - 17:50:14 | C | 6 Ko] - C:\getfile.dll.vcd
[05/02/2014 - 12:14:16 | ASH | 982580 Ko] - C:\hiberfil.sys
[14/03/2006 - 16:28:16 | C | 68 Ko] - C:\httpgetf.dll.vcd
[20/09/2005 - 16:37:42 | C | 1 Ko] - C:\INSTALL.LOG
[24/04/2005 - 13:58:29 | RASHC | 0 Ko] - C:\IO.SYS
[06/09/2007 - 22:28:15 | C | 2 Ko] - C:\IPH.PH
[26/11/2008 - 13:16:03 | C | 272 Ko] - C:\livesrv.exe.vcd
[14/10/2005 - 13:13:39 | D] - C:\MEDIA68
[24/04/2005 - 13:58:29 | RASHC | 0 Ko] - C:\MSDOS.SYS
[30/06/2005 - 22:58:03 | RHD] - C:\MSOCache
[24/04/2005 - 14:00:11 | D] - C:\My Music
[24/04/2005 - 14:08:22 | D] - C:\mysql
[05/08/2004 - 13:00:00 | N | 46 Ko | B2DE3452DE03674C6CEC68B8C8CE7C78] - C:\NTDETECT.COM
[25/11/2008 - 16:38:09 | RASH | 246 Ko] - C:\ntldr
[06/10/2009 - 09:43:42 | DC] - C:\Output Files
[05/02/2014 - 12:14:14 | ASH | 917504 Ko] - C:\pagefile.sys
[06/01/2011 - 23:31:52 | DC] - C:\pdfOCR
[19/09/2010 - 23:03:16 | DC] - C:\PDFOCR_Output
[24/04/2005 - 13:16:30 | D] - C:\PNP
[31/01/2007 - 15:07:52 | C | 80 Ko] - C:\procinf.dll.vcd
[04/02/2014 - 11:44:12 | D] - C:\Program Files
[17/07/2008 - 15:16:15 | D] - C:\Psfonts
[13/11/2008 - 13:55:50 | SHD] - C:\RECYCLER
[23/12/2004 - 10:25:44 | C | 0 Ko | A5A45B9FFD2216FF9F762B1E979A8833] - C:\SAUDIT.TXT
[14/11/2008 - 11:02:46 | C | 0 Ko] - C:\sqmdata00.sqm
[14/11/2008 - 14:36:48 | C | 0 Ko] - C:\sqmdata01.sqm
[14/11/2008 - 14:41:19 | C | 0 Ko] - C:\sqmdata02.sqm
[15/11/2008 - 11:27:06 | C | 0 Ko] - C:\sqmdata03.sqm
[15/11/2008 - 11:38:09 | C | 0 Ko] - C:\sqmdata04.sqm
[06/10/2008 - 15:41:06 | C | 0 Ko] - C:\sqmdata05.sqm
[07/10/2008 - 09:59:47 | C | 0 Ko] - C:\sqmdata06.sqm
[16/10/2008 - 14:11:11 | C | 0 Ko] - C:\sqmdata07.sqm
[23/10/2008 - 20:58:31 | C | 0 Ko] - C:\sqmdata08.sqm
[24/10/2008 - 01:03:08 | C | 0 Ko] - C:\sqmdata09.sqm
[25/10/2008 - 01:43:49 | C | 0 Ko] - C:\sqmdata10.sqm
[26/10/2008 - 13:15:47 | C | 0 Ko] - C:\sqmdata11.sqm
[26/10/2008 - 22:57:12 | C | 0 Ko] - C:\sqmdata12.sqm
[29/10/2008 - 12:47:59 | C | 0 Ko] - C:\sqmdata13.sqm
[01/11/2008 - 11:29:54 | C | 0 Ko] - C:\sqmdata14.sqm
[03/11/2008 - 20:45:13 | C | 0 Ko] - C:\sqmdata15.sqm
[04/11/2008 - 15:11:58 | C | 0 Ko] - C:\sqmdata16.sqm
[05/11/2008 - 23:59:54 | C | 0 Ko] - C:\sqmdata17.sqm
[06/11/2008 - 13:28:57 | C | 0 Ko] - C:\sqmdata18.sqm
[08/11/2008 - 14:16:29 | C | 0 Ko] - C:\sqmdata19.sqm
[14/11/2008 - 11:02:46 | C | 0 Ko] - C:\sqmnoopt00.sqm
[14/11/2008 - 14:36:48 | C | 0 Ko] - C:\sqmnoopt01.sqm
[14/11/2008 - 14:41:19 | C | 0 Ko] - C:\sqmnoopt02.sqm
[15/11/2008 - 11:27:06 | C | 0 Ko] - C:\sqmnoopt03.sqm
[15/11/2008 - 11:38:08 | C | 0 Ko] - C:\sqmnoopt04.sqm
[06/10/2008 - 15:41:06 | C | 0 Ko] - C:\sqmnoopt05.sqm
[07/10/2008 - 09:59:47 | C | 0 Ko] - C:\sqmnoopt06.sqm
[16/10/2008 - 14:11:11 | C | 0 Ko] - C:\sqmnoopt07.sqm
[23/10/2008 - 20:58:31 | C | 0 Ko] - C:\sqmnoopt08.sqm
[24/10/2008 - 01:03:08 | C | 0 Ko] - C:\sqmnoopt09.sqm
[25/10/2008 - 01:43:49 | C | 0 Ko] - C:\sqmnoopt10.sqm
[26/10/2008 - 13:15:47 | C | 0 Ko] - C:\sqmnoopt11.sqm
[26/10/2008 - 22:57:12 | C | 0 Ko] - C:\sqmnoopt12.sqm
[29/10/2008 - 12:47:59 | C | 0 Ko] - C:\sqmnoopt13.sqm
[01/11/2008 - 11:29:54 | C | 0 Ko] - C:\sqmnoopt14.sqm
[03/11/2008 - 20:45:13 | C | 0 Ko] - C:\sqmnoopt15.sqm
[04/11/2008 - 15:11:58 | C | 0 Ko] - C:\sqmnoopt16.sqm
[05/11/2008 - 23:59:54 | C | 0 Ko] - C:\sqmnoopt17.sqm
[06/11/2008 - 13:28:57 | C | 0 Ko] - C:\sqmnoopt18.sqm
[08/11/2008 - 14:16:29 | C | 0 Ko] - C:\sqmnoopt19.sqm
[28/06/2005 - 14:26:22 | SHD] - C:\System Volume Information
[20/12/2010 - 21:48:10 | D] - C:\temp
[08/02/2007 - 17:07:04 | C | 108 Ko] - C:\txmlx.dll.vcd
[08/02/2007 - 17:14:26 | C | 40 Ko] - C:\txtools.dll.vcd
[24/05/2001 - 11:59:30 | C | 159 Ko | 3A938ED2427DF10E571041069E6980CB] - C:\UNWISE.EXE
[23/03/2007 - 17:14:10 | C | 172 Ko] - C:\upgrepl.exe.vcd
[05/02/2014 - 10:18:27 | DC] - C:\UsbFix
[03/02/2014 - 22:13:59 | C | 13 Ko | F44DECFC588B91F19960D211AC457342] - C:\UsbFix [Clean 2] C�LINE.txt
[05/02/2014 - 12:59:14 | AC | 11 Ko | 04EEE1B698C35AAE0FAEE9AB1D310658] - C:\UsbFix [Clean 4] C�LINE.txt
[03/02/2014 - 20:29:41 | C | 7 Ko | D62A8F4BF868184987E08E985764C375] - C:\UsbFix [Scan 1] C�LINE.txt
[05/02/2014 - 11:18:51 | C | 5 Ko | 16D8B3B9696B8E9403604958E9E26789] - C:\UsbFix [Scan 2] C�LINE.txt
[04/02/2014 - 10:06:21 | D] - C:\WINDOWS
[15/08/2007 - 14:26:00 | C | 92 Ko] - C:\wslib.dll.vcd
[26/11/2008 - 13:16:02 | C | 56 Ko] - C:\wspack.dll.vcd
[23/10/2007 - 11:22:24 | C | 192 Ko] - C:\zlib.dll.vcd
[20/09/2010 - 00:25:15 | C | 1 Ko | A850EA3DD1F137BA335E16B3D1170077] - C:\_Sid.txt
[31/01/2014 - 18:22:02 | SHD] - F:\System Volume Information
[31/01/2014 - 22:42:34 | D] - F:\scrubs
[31/01/2014 - 22:42:28 | SHD] - F:\.Trash-1000
[02/02/2014 - 20:24:20 | D] - F:\Le.huiti�me.jour.1996.FRENCH.DVDRip.XviD.AC3-Love&Hate
[02/02/2014 - 20:31:22 | N | 1443043 Ko] - F:\Ernest et Celestine Mkv HD 720p FRENCH AAC 5.1 1280X720 Sprlove.mkv
################## | Vaccin |
F:\Autorun.inf -> Vaccin cr�� par UsbFix (El Desaparecido)
################## | E.O.F | http://www.usbfix.net - http://www.sosvirus.net |
Utilisateur: CC (Administrateur) # C�LINE
Mis � jour le 02/02/2014 par El Desaparecido - Team SosVirus
Lanc� � 12:16:39 | 05/02/2014
Site Web : http://www.usbfix.net
Changelog : http://www.usbfix.net/maj/
Support : http://www.sosvirus.net/
Upload Malware : http://www.sosvirus.net/upload_malware.php
Contact : http://www.usbfix.net/contact/
PC: NEC COMPUTERS INTERNATIONAL (NEC Versa Premium )
CPU: AMD Turion(tm) 64 Mobile Technology ML-30
RAM -> [Total : 959 Mo| Free : 475 Mo]
Bios: Insyde Software
Boot: Normal boot
OS: Microsoft Windows XP �dition familiale (5.1.2600 32-Bit) Service Pack 3
WB: Windows Internet Explorer : 8.0.6001.18702
WB: Google Chrome : 32.0.1700.107
WB: Mozilla Firefox : 18.0.1
SC: Security Center [Enabled]
WU: Windows Update [Enabled]
FW: Windows FireWall [Enabled]
AS: Malwarebytes' Anti-Malware : 1.75.0001
C:\ (%systemdrive%) -> Disque fixe # 71 Go (33 Go libre(s) - 47%) [HDD] # NTFS
D:\ -> CD-ROM
E:\ -> CD-ROM
F:\ -> Disque amovible # 30 Go (26 Go libre(s) - 87%) [] # FAT32
################## | Processus Actif |
C:\WINDOWS\System32\smss.exe (ID: 696 |ParentID: 4)
C:\WINDOWS\system32\winlogon.exe (ID: 768 |ParentID: 696)
C:\WINDOWS\system32\services.exe (ID: 812 |ParentID: 768)
C:\WINDOWS\system32\lsass.exe (ID: 824 |ParentID: 768)
C:\WINDOWS\system32\svchost.exe (ID: 992 |ParentID: 812)
C:\WINDOWS\System32\svchost.exe (ID: 1136 |ParentID: 812)
C:\WINDOWS\system32\svchost.exe (ID: 1176 |ParentID: 812)
C:\WINDOWS\Explorer.EXE (ID: 1636 |ParentID: 1576)
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (ID: 1728 |ParentID: 812)
C:\WINDOWS\system32\spoolsv.exe (ID: 1924 |ParentID: 812)
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe (ID: 1092 |ParentID: 812)
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe (ID: 1232 |ParentID: 812)
C:\Program Files\Java\jre6\bin\jqs.exe (ID: 1376 |ParentID: 812)
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe (ID: 1320 |ParentID: 812)
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (ID: 232 |ParentID: 812)
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE (ID: 248 |ParentID: 812)
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (ID: 472 |ParentID: 232)
C:\WINDOWS\system32\slserv.exe (ID: 500 |ParentID: 812)
C:\WINDOWS\system32\svchost.exe (ID: 552 |ParentID: 812)
C:\Program Files\NETGEAR\WNA3100M\WifiSvc.exe (ID: 580 |ParentID: 812)
C:\WINDOWS\system32\wuauclt.exe (ID: 1548 |ParentID: 1136)
C:\WINDOWS\system32\wbem\wmiapsrv.exe (ID: 2912 |ParentID: 812)
C:\Program Files\Alwil Software\Avast5\setup\avast.setup (ID: 2276 |ParentID: 1728)
C:\WINDOWS\System32\svchost.exe (ID: 324 |ParentID: 812)
################## | Regedit Run |
04 - HKCU\..\Run : [Documentation] wscript.exe //B "C:\DOCUME~1\CC\LOCALS~1\Temp\Documentation.vbs"
04 - HKCU\..\Run : [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
04 - HKLM\..\Run : [VTTimer] VTTimer.exe
04 - HKLM\..\Run : [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
04 - HKLM\..\Run : [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
04 - HKLM\..\Run : []
04 - HKLM\..\Run : [Documentation] wscript.exe //B "C:\DOCUME~1\CC\LOCALS~1\Temp\Documentation.vbs"
04 - HKLM\Software\Microsoft\Windows NT\CurrentVersion\Terminal Server\Install\..\Run : []
04 - HKLM\Software\Microsoft\Windows NT\CurrentVersion\Terminal Server\Install\..\RunOnce : []
04 - HKU\S-1-5-19\..\Run : [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE
04 - HKU\S-1-5-20\..\Run : [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE
04 - HKU\S-1-5-21-3369366591-1348367908-779629615-1006\..\Run : [Documentation] wscript.exe //B "C:\DOCUME~1\CC\LOCALS~1\Temp\Documentation.vbs"
04 - HKU\S-1-5-21-3369366591-1348367908-779629615-1006\..\Run : [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
04 - HKU\S-1-5-18\..\Run : [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE
################## | Recherche g�n�rique |
Supprim�! C:\Documents and Settings\CC\Menu D�marrer\Programmes\D�marrage\Documentation.vbs
Supprim�! F:\Documentation.vbs
Supprim�! C:\DOCUME~1\CC\LOCALS~1\Temp\Documentation.vbs
Supprim�! F:\Ernest et Celestine Mkv HD 720p FRENCH AAC 5.lnk
Supprim�! F:\System Volume Information.lnk
Supprim�! F:\scrubs.lnk
Supprim�! F:\.Trash-1000.lnk
Supprim�! F:\Le.huiti�me.jour.1996.FRENCH.DVDRip.XviD.AC3-Love&Hate.lnk
Supprim�! F:\Autorun.inf.lnk
(!) Fichiers temporaires supprim�s.
################## | Registre |
R�par� ! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System|EnableLUA -> 1
R�par� ! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System|ConsentPromptBehaviorAdmin -> 5
Supprim�! HKU\S-1-5-21-3369366591-1348367908-779629615-1006\Software\Microsoft\Windows\CurrentVersion\Run|Documentation
Supprim�! HKLM\Software\Microsoft\Windows\CurrentVersion\Run|Documentation
################## | Listing |
[25/01/2009 - 10:22:04 | DC] - C:\!KillBox
[01/01/2008 - 19:59:36 | DC] - C:\$VAULT$.AVG
[17/05/2012 - 08:38:31 | DC] - C:\10b2b84a50f583f98e
[26/08/2009 - 08:01:21 | DC] - C:\151a6cb6f9895fa7621ba8ee7c86
[22/03/2012 - 00:27:25 | DC] - C:\3e3a74629727b265e4ec536f607d14
[16/05/2012 - 23:41:29 | DC] - C:\421d9dbc0bdfac3b0a0be0
[18/11/2006 - 00:15:34 | DC] - C:\4dbec11710d8890b0c53481eabd5
[08/12/2006 - 00:58:02 | DC] - C:\68ed557daa35f8e55e
[26/04/2012 - 18:50:16 | DC] - C:\8509445f683a9ec47f5a36bab5d0
[04/02/2014 - 09:06:40 | DC] - C:\AdwCleaner
[10/05/2007 - 11:31:02 | C | 80 Ko] - C:\agentreg.dll.vcd
[06/07/2008 - 21:37:49 | DC] - C:\Anuman Interactive
[24/04/2005 - 14:07:56 | DC] - C:\APPS
[16/06/2009 - 11:33:42 | DC] - C:\audio
[23/10/2007 - 15:05:56 | C | 44 Ko] - C:\bdch.dll.vcd
[09/05/2007 - 10:22:00 | C | 428 Ko] - C:\bdguictl.dll.vcd
[23/10/2007 - 15:05:48 | C | 188 Ko] - C:\bdsubmit.dll.vcd
[23/10/2007 - 15:06:16 | C | 172 Ko] - C:\bdsubmit.exe.vcd
[08/03/2007 - 18:00:42 | C | 60 Ko] - C:\bdutils.dll.vcd
[24/04/2005 - 13:54:04 | C | 0 Ko] - C:\BOOT.BAK
[10/04/2009 - 14:15:04 | RASHC | 0 Ko] - C:\BOOT.INI
[05/08/2004 - 13:00:00 | C | 5 Ko] - C:\Bootfont.bin
[30/12/2013 - 22:59:52 | DC] - C:\CanonMF
[24/04/2005 - 13:58:26 | DC] - C:\cmdcons
[05/08/2004 - 13:00:00 | N | 257 Ko] - C:\cmldr
[04/02/2014 - 13:23:17 | DC] - C:\Config.Msi
[07/10/2008 - 09:58:37 | C | 0 Ko] - C:\CreateMarkers.log
[23/11/2013 - 23:58:33 | DC] - C:\da555b75db8671f987d870
[01/06/2012 - 15:37:54 | DC] - C:\Diskeeper
[24/04/2005 - 14:00:41 | DC] - C:\DIVTOOLS
[31/05/2012 - 08:30:55 | C | 9 Ko] - C:\DkBootTime.log
[05/02/2014 - 12:16:15 | C | 0 Ko] - C:\DkHyperbootSync
[13/11/2008 - 13:52:45 | DC] - C:\Documents and Settings
[28/01/2009 - 15:33:02 | D] - C:\DRIVERS
[24/04/2005 - 13:16:56 | C | 5 Ko | 67887E985716E3C9E1FDF854413BB7D9] - C:\DWNLOG.TXT
[23/03/2007 - 17:50:14 | C | 6 Ko] - C:\getfile.dll.vcd
[05/02/2014 - 12:14:16 | ASH | 982580 Ko] - C:\hiberfil.sys
[14/03/2006 - 16:28:16 | C | 68 Ko] - C:\httpgetf.dll.vcd
[20/09/2005 - 16:37:42 | C | 1 Ko] - C:\INSTALL.LOG
[24/04/2005 - 13:58:29 | RASHC | 0 Ko] - C:\IO.SYS
[06/09/2007 - 22:28:15 | C | 2 Ko] - C:\IPH.PH
[26/11/2008 - 13:16:03 | C | 272 Ko] - C:\livesrv.exe.vcd
[14/10/2005 - 13:13:39 | D] - C:\MEDIA68
[24/04/2005 - 13:58:29 | RASHC | 0 Ko] - C:\MSDOS.SYS
[30/06/2005 - 22:58:03 | RHD] - C:\MSOCache
[24/04/2005 - 14:00:11 | D] - C:\My Music
[24/04/2005 - 14:08:22 | D] - C:\mysql
[05/08/2004 - 13:00:00 | N | 46 Ko | B2DE3452DE03674C6CEC68B8C8CE7C78] - C:\NTDETECT.COM
[25/11/2008 - 16:38:09 | RASH | 246 Ko] - C:\ntldr
[06/10/2009 - 09:43:42 | DC] - C:\Output Files
[05/02/2014 - 12:14:14 | ASH | 917504 Ko] - C:\pagefile.sys
[06/01/2011 - 23:31:52 | DC] - C:\pdfOCR
[19/09/2010 - 23:03:16 | DC] - C:\PDFOCR_Output
[24/04/2005 - 13:16:30 | D] - C:\PNP
[31/01/2007 - 15:07:52 | C | 80 Ko] - C:\procinf.dll.vcd
[04/02/2014 - 11:44:12 | D] - C:\Program Files
[17/07/2008 - 15:16:15 | D] - C:\Psfonts
[13/11/2008 - 13:55:50 | SHD] - C:\RECYCLER
[23/12/2004 - 10:25:44 | C | 0 Ko | A5A45B9FFD2216FF9F762B1E979A8833] - C:\SAUDIT.TXT
[14/11/2008 - 11:02:46 | C | 0 Ko] - C:\sqmdata00.sqm
[14/11/2008 - 14:36:48 | C | 0 Ko] - C:\sqmdata01.sqm
[14/11/2008 - 14:41:19 | C | 0 Ko] - C:\sqmdata02.sqm
[15/11/2008 - 11:27:06 | C | 0 Ko] - C:\sqmdata03.sqm
[15/11/2008 - 11:38:09 | C | 0 Ko] - C:\sqmdata04.sqm
[06/10/2008 - 15:41:06 | C | 0 Ko] - C:\sqmdata05.sqm
[07/10/2008 - 09:59:47 | C | 0 Ko] - C:\sqmdata06.sqm
[16/10/2008 - 14:11:11 | C | 0 Ko] - C:\sqmdata07.sqm
[23/10/2008 - 20:58:31 | C | 0 Ko] - C:\sqmdata08.sqm
[24/10/2008 - 01:03:08 | C | 0 Ko] - C:\sqmdata09.sqm
[25/10/2008 - 01:43:49 | C | 0 Ko] - C:\sqmdata10.sqm
[26/10/2008 - 13:15:47 | C | 0 Ko] - C:\sqmdata11.sqm
[26/10/2008 - 22:57:12 | C | 0 Ko] - C:\sqmdata12.sqm
[29/10/2008 - 12:47:59 | C | 0 Ko] - C:\sqmdata13.sqm
[01/11/2008 - 11:29:54 | C | 0 Ko] - C:\sqmdata14.sqm
[03/11/2008 - 20:45:13 | C | 0 Ko] - C:\sqmdata15.sqm
[04/11/2008 - 15:11:58 | C | 0 Ko] - C:\sqmdata16.sqm
[05/11/2008 - 23:59:54 | C | 0 Ko] - C:\sqmdata17.sqm
[06/11/2008 - 13:28:57 | C | 0 Ko] - C:\sqmdata18.sqm
[08/11/2008 - 14:16:29 | C | 0 Ko] - C:\sqmdata19.sqm
[14/11/2008 - 11:02:46 | C | 0 Ko] - C:\sqmnoopt00.sqm
[14/11/2008 - 14:36:48 | C | 0 Ko] - C:\sqmnoopt01.sqm
[14/11/2008 - 14:41:19 | C | 0 Ko] - C:\sqmnoopt02.sqm
[15/11/2008 - 11:27:06 | C | 0 Ko] - C:\sqmnoopt03.sqm
[15/11/2008 - 11:38:08 | C | 0 Ko] - C:\sqmnoopt04.sqm
[06/10/2008 - 15:41:06 | C | 0 Ko] - C:\sqmnoopt05.sqm
[07/10/2008 - 09:59:47 | C | 0 Ko] - C:\sqmnoopt06.sqm
[16/10/2008 - 14:11:11 | C | 0 Ko] - C:\sqmnoopt07.sqm
[23/10/2008 - 20:58:31 | C | 0 Ko] - C:\sqmnoopt08.sqm
[24/10/2008 - 01:03:08 | C | 0 Ko] - C:\sqmnoopt09.sqm
[25/10/2008 - 01:43:49 | C | 0 Ko] - C:\sqmnoopt10.sqm
[26/10/2008 - 13:15:47 | C | 0 Ko] - C:\sqmnoopt11.sqm
[26/10/2008 - 22:57:12 | C | 0 Ko] - C:\sqmnoopt12.sqm
[29/10/2008 - 12:47:59 | C | 0 Ko] - C:\sqmnoopt13.sqm
[01/11/2008 - 11:29:54 | C | 0 Ko] - C:\sqmnoopt14.sqm
[03/11/2008 - 20:45:13 | C | 0 Ko] - C:\sqmnoopt15.sqm
[04/11/2008 - 15:11:58 | C | 0 Ko] - C:\sqmnoopt16.sqm
[05/11/2008 - 23:59:54 | C | 0 Ko] - C:\sqmnoopt17.sqm
[06/11/2008 - 13:28:57 | C | 0 Ko] - C:\sqmnoopt18.sqm
[08/11/2008 - 14:16:29 | C | 0 Ko] - C:\sqmnoopt19.sqm
[28/06/2005 - 14:26:22 | SHD] - C:\System Volume Information
[20/12/2010 - 21:48:10 | D] - C:\temp
[08/02/2007 - 17:07:04 | C | 108 Ko] - C:\txmlx.dll.vcd
[08/02/2007 - 17:14:26 | C | 40 Ko] - C:\txtools.dll.vcd
[24/05/2001 - 11:59:30 | C | 159 Ko | 3A938ED2427DF10E571041069E6980CB] - C:\UNWISE.EXE
[23/03/2007 - 17:14:10 | C | 172 Ko] - C:\upgrepl.exe.vcd
[05/02/2014 - 10:18:27 | DC] - C:\UsbFix
[03/02/2014 - 22:13:59 | C | 13 Ko | F44DECFC588B91F19960D211AC457342] - C:\UsbFix [Clean 2] C�LINE.txt
[05/02/2014 - 12:59:14 | AC | 11 Ko | 04EEE1B698C35AAE0FAEE9AB1D310658] - C:\UsbFix [Clean 4] C�LINE.txt
[03/02/2014 - 20:29:41 | C | 7 Ko | D62A8F4BF868184987E08E985764C375] - C:\UsbFix [Scan 1] C�LINE.txt
[05/02/2014 - 11:18:51 | C | 5 Ko | 16D8B3B9696B8E9403604958E9E26789] - C:\UsbFix [Scan 2] C�LINE.txt
[04/02/2014 - 10:06:21 | D] - C:\WINDOWS
[15/08/2007 - 14:26:00 | C | 92 Ko] - C:\wslib.dll.vcd
[26/11/2008 - 13:16:02 | C | 56 Ko] - C:\wspack.dll.vcd
[23/10/2007 - 11:22:24 | C | 192 Ko] - C:\zlib.dll.vcd
[20/09/2010 - 00:25:15 | C | 1 Ko | A850EA3DD1F137BA335E16B3D1170077] - C:\_Sid.txt
[31/01/2014 - 18:22:02 | SHD] - F:\System Volume Information
[31/01/2014 - 22:42:34 | D] - F:\scrubs
[31/01/2014 - 22:42:28 | SHD] - F:\.Trash-1000
[02/02/2014 - 20:24:20 | D] - F:\Le.huiti�me.jour.1996.FRENCH.DVDRip.XviD.AC3-Love&Hate
[02/02/2014 - 20:31:22 | N | 1443043 Ko] - F:\Ernest et Celestine Mkv HD 720p FRENCH AAC 5.1 1280X720 Sprlove.mkv
################## | Vaccin |
F:\Autorun.inf -> Vaccin cr�� par UsbFix (El Desaparecido)
################## | E.O.F | http://www.usbfix.net - http://www.sosvirus.net |