Publicité
Publicité
Format du document : text/plain
Prévisualisation
[b]############################## | UsbFix V 7.181 | [Recherche][/b]
Utilisateur: Nicolas (Administrateur) # NYCO
Mis � jour le 31/08/2014 par El Desaparecido - SosVirus
Lanc� � 17:12:37 | 10/09/2014
Site Web : [url=http://www.usbfix.net/]http://www.usbfix.net/[/url]
Changelog : [url=http://www.usbfix.net/maj/]http://www.usbfix.net/maj/[/url]
Assistance : [url=http://www.sosvirus.net/forum-virus-securite.html]http://www.sosvirus.net/forum-virus-securite.html[/url]
Upload Malware : [url=http://www.sosvirus.net/upload_malware.php]http://www.sosvirus.net/upload_malware.php[/url]
Contact : [url=http://www.usbfix.net/contact/]http://www.usbfix.net/contact/[/url]
[b]################## | System information |[/b]
MB: ASUSTeK Computer INC. (M5A78L-M LX V2)
CPU: AMD FX(tm)-4100 Quad-Core Processor
RAM -> [Total : 8174 Mo | Free : 5558 Mo]
Bios: American Megatrends Inc.
Boot: Normal boot
OS: Microsoft� Windows 7 Home Premium (6.1.7601 64-Bit) Service Pack 1
WB: Internet Explorer : 11.00.9600.16428
WB: Mozilla Firefox : 31.0
[b]################## | Security Information |[/b]
AV: Microsoft Security Essentials [Actif |A jour]
AS: Windows Defender [[b](!) D�sactiv�[/b] |A jour]
AS: Microsoft Security Essentials [Actif |A jour]
FW: Windows Firewall [[b](!) D�sactiv�[/b]]
SC: Security Center [Actif]
WU: Windows Update [Actif]
[b]################## | Disk Information |[/b]
C:\ (%SystemDrive%) -> Disque fixe # 586 Go (48 Go libre(s) - 8%) [] # NTFS
D:\ -> Disque fixe # 346 Go (105 Go libre(s) - 30%) [] # NTFS
E:\ -> Disque amovible # 2 Go (262 Mo libre(s) - 14%) [Transcend] # FAT32
K:\ -> CD-ROM # 578 Mo (0 Mo libre(s) - 0%) [Fallout2] # CDFS
[b]################## | Regedit Run |[/b]
F2 - HKLM\..\Winlogon : [Shell] explorer.exe
F2 - [x64] HKLM\..\Winlogon : [Shell] explorer.exe
F2 - HKLM\..\Winlogon : [Userinit] userinit.exe
F2 - [x64] HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe,
04 - HKCU\..\Run : [Spotify Web Helper] "C:\Users\Nicolas\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
04 - HKCU\..\Run : [SandboxieControl] "C:\Program Files\Sandboxie\SbieCtrl.exe"
04 - HKCU\..\Run : [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
04 - HKCU\..\Run : [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
04 - HKCU\..\Run : [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
04 - HKCU\..\RunOnce : [BrStsW64.exe] C:\Program Files (x86)\Brownie\BrStsW64.exe WindowsStartUpModel
04 - HKLM\..\Run : [RoccatKone+] "C:\Program Files (x86)\ROCCAT\Kone[+] Mouse\Kone[+]Monitor.EXE"
04 - HKLM\..\Run : [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
04 - HKLM\..\Run : [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
04 - HKLM\..\Run : [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
04 - HKLM\..\Run : [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
04 - HKLM\..\Run : [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
04 - [x64] HKLM\..\Run : [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
04 - HKU\S-1-5-19\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-20\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-21-2129433002-833690742-2245016858-1000\..\Run : [Spotify Web Helper] "C:\Users\Nicolas\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
04 - HKU\S-1-5-21-2129433002-833690742-2245016858-1000\..\Run : [SandboxieControl] "C:\Program Files\Sandboxie\SbieCtrl.exe"
04 - HKU\S-1-5-21-2129433002-833690742-2245016858-1000\..\Run : [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
04 - HKU\S-1-5-21-2129433002-833690742-2245016858-1000\..\Run : [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
04 - HKU\S-1-5-21-2129433002-833690742-2245016858-1000\..\Run : [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
04 - HKU\S-1-5-21-2129433002-833690742-2245016858-1002\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-19\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-20\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-21-2129433002-833690742-2245016858-1000\..\RunOnce : [BrStsW64.exe] C:\Program Files (x86)\Brownie\BrStsW64.exe WindowsStartUpModel
04 - HKU\S-1-5-21-2129433002-833690742-2245016858-1002\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
[b]################## | Recherche g�n�rique |[/b]
[b]################## | Registre |[/b]
[b]################## | UsbFix - Information |[/b]
Info : [url=https://www.youtube.com/watch?v=vUZYYASd7FE]Comment supprimer l'infection des raccourcis sur USB ? (Video)[/url]
Info : [url=http://www.en.usbfix.net/2014/03/remove-shortcut-virus-usb/]L'infection des raccourcis USB, c'est quoi ?[/url]
[b]################## | Hijack |[/b]
Hijacked! [SHD] E:\Snes 9x
Hijacked! [SH] E:\SEQUENCE 4 LA FUITE DU TEMPS EN POESIE DESCRIPTIF.doc
Hijacked! [SH] E:\spelunky_1_1.zip
Hijacked! [SH] E:\Victoria.docx
Hijacked! [SH] E:\Image 001.jpg
Hijacked! [SHD] E:\PCB
Hijacked! [SHD] E:\Grim Fandango
Hijacked! [SHD] E:\Phliharmonic
Hijacked! [SHD] E:\LOST.DIR
Hijacked! [SHD] E:\GBA
Hijacked! [SH] E:\20 CD key Win XP.txt
Hijacked! [SHD] E:\UE1
Hijacked! [SH] E:\Synth�se TPE final version.docx
Hijacked! [SH] E:\LECTURE ANALYTIQUE UNE CHAROGNE BAUDELAIRE.docx
Hijacked! [SH] E:\Sartre.docx
Hijacked! [SH] E:\._La satisfaction du patient en chirurgien orthop�dique.ppt
Hijacked! [SH] E:\th�se adrien.pdf
Hijacked! [SH] E:\SEQUENCE 1 LEURS YEUX SE RENCONTRERENT.doc
Hijacked! [SH] E:\SEQUENCE 2 LA VIE DEVANT SOI EMILE AJAR.doc
Hijacked! [SHD] E:\cartes
Hijacked! [SH] E:\1ERE PAGEN D'EN TETE 2012.doc
Hijacked! [SH] E:\SEQUENCE 3 LES BONNES DE JEAN GENET.doc
Hijacked! [SH] E:\Les po�tes recherchent souvent des cadres spatiaux qui conviennent � diff�rents th�mes.docx
Hijacked! [SH] E:\Th�me II.docx
Hijacked! [SH] E:\record PCB.bmp
Hijacked! [SH] E:\PCMP nico vierge membres final.docx
[b]################## | E.O.F | [url=http://www.sosvirus.net/]http://www.sosvirus.net/[/url] | [url=http://www.usbfix.net/]http://www.usbfix.net/[/url] |[/b]
Utilisateur: Nicolas (Administrateur) # NYCO
Mis � jour le 31/08/2014 par El Desaparecido - SosVirus
Lanc� � 17:12:37 | 10/09/2014
Site Web : [url=http://www.usbfix.net/]http://www.usbfix.net/[/url]
Changelog : [url=http://www.usbfix.net/maj/]http://www.usbfix.net/maj/[/url]
Assistance : [url=http://www.sosvirus.net/forum-virus-securite.html]http://www.sosvirus.net/forum-virus-securite.html[/url]
Upload Malware : [url=http://www.sosvirus.net/upload_malware.php]http://www.sosvirus.net/upload_malware.php[/url]
Contact : [url=http://www.usbfix.net/contact/]http://www.usbfix.net/contact/[/url]
[b]################## | System information |[/b]
MB: ASUSTeK Computer INC. (M5A78L-M LX V2)
CPU: AMD FX(tm)-4100 Quad-Core Processor
RAM -> [Total : 8174 Mo | Free : 5558 Mo]
Bios: American Megatrends Inc.
Boot: Normal boot
OS: Microsoft� Windows 7 Home Premium (6.1.7601 64-Bit) Service Pack 1
WB: Internet Explorer : 11.00.9600.16428
WB: Mozilla Firefox : 31.0
[b]################## | Security Information |[/b]
AV: Microsoft Security Essentials [Actif |A jour]
AS: Windows Defender [[b](!) D�sactiv�[/b] |A jour]
AS: Microsoft Security Essentials [Actif |A jour]
FW: Windows Firewall [[b](!) D�sactiv�[/b]]
SC: Security Center [Actif]
WU: Windows Update [Actif]
[b]################## | Disk Information |[/b]
C:\ (%SystemDrive%) -> Disque fixe # 586 Go (48 Go libre(s) - 8%) [] # NTFS
D:\ -> Disque fixe # 346 Go (105 Go libre(s) - 30%) [] # NTFS
E:\ -> Disque amovible # 2 Go (262 Mo libre(s) - 14%) [Transcend] # FAT32
K:\ -> CD-ROM # 578 Mo (0 Mo libre(s) - 0%) [Fallout2] # CDFS
[b]################## | Regedit Run |[/b]
F2 - HKLM\..\Winlogon : [Shell] explorer.exe
F2 - [x64] HKLM\..\Winlogon : [Shell] explorer.exe
F2 - HKLM\..\Winlogon : [Userinit] userinit.exe
F2 - [x64] HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe,
04 - HKCU\..\Run : [Spotify Web Helper] "C:\Users\Nicolas\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
04 - HKCU\..\Run : [SandboxieControl] "C:\Program Files\Sandboxie\SbieCtrl.exe"
04 - HKCU\..\Run : [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
04 - HKCU\..\Run : [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
04 - HKCU\..\Run : [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
04 - HKCU\..\RunOnce : [BrStsW64.exe] C:\Program Files (x86)\Brownie\BrStsW64.exe WindowsStartUpModel
04 - HKLM\..\Run : [RoccatKone+] "C:\Program Files (x86)\ROCCAT\Kone[+] Mouse\Kone[+]Monitor.EXE"
04 - HKLM\..\Run : [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
04 - HKLM\..\Run : [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
04 - HKLM\..\Run : [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
04 - HKLM\..\Run : [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
04 - HKLM\..\Run : [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
04 - [x64] HKLM\..\Run : [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
04 - HKU\S-1-5-19\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-20\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-21-2129433002-833690742-2245016858-1000\..\Run : [Spotify Web Helper] "C:\Users\Nicolas\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
04 - HKU\S-1-5-21-2129433002-833690742-2245016858-1000\..\Run : [SandboxieControl] "C:\Program Files\Sandboxie\SbieCtrl.exe"
04 - HKU\S-1-5-21-2129433002-833690742-2245016858-1000\..\Run : [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
04 - HKU\S-1-5-21-2129433002-833690742-2245016858-1000\..\Run : [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
04 - HKU\S-1-5-21-2129433002-833690742-2245016858-1000\..\Run : [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
04 - HKU\S-1-5-21-2129433002-833690742-2245016858-1002\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-19\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-20\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-21-2129433002-833690742-2245016858-1000\..\RunOnce : [BrStsW64.exe] C:\Program Files (x86)\Brownie\BrStsW64.exe WindowsStartUpModel
04 - HKU\S-1-5-21-2129433002-833690742-2245016858-1002\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
[b]################## | Recherche g�n�rique |[/b]
[b]################## | Registre |[/b]
[b]################## | UsbFix - Information |[/b]
Info : [url=https://www.youtube.com/watch?v=vUZYYASd7FE]Comment supprimer l'infection des raccourcis sur USB ? (Video)[/url]
Info : [url=http://www.en.usbfix.net/2014/03/remove-shortcut-virus-usb/]L'infection des raccourcis USB, c'est quoi ?[/url]
[b]################## | Hijack |[/b]
Hijacked! [SHD] E:\Snes 9x
Hijacked! [SH] E:\SEQUENCE 4 LA FUITE DU TEMPS EN POESIE DESCRIPTIF.doc
Hijacked! [SH] E:\spelunky_1_1.zip
Hijacked! [SH] E:\Victoria.docx
Hijacked! [SH] E:\Image 001.jpg
Hijacked! [SHD] E:\PCB
Hijacked! [SHD] E:\Grim Fandango
Hijacked! [SHD] E:\Phliharmonic
Hijacked! [SHD] E:\LOST.DIR
Hijacked! [SHD] E:\GBA
Hijacked! [SH] E:\20 CD key Win XP.txt
Hijacked! [SHD] E:\UE1
Hijacked! [SH] E:\Synth�se TPE final version.docx
Hijacked! [SH] E:\LECTURE ANALYTIQUE UNE CHAROGNE BAUDELAIRE.docx
Hijacked! [SH] E:\Sartre.docx
Hijacked! [SH] E:\._La satisfaction du patient en chirurgien orthop�dique.ppt
Hijacked! [SH] E:\th�se adrien.pdf
Hijacked! [SH] E:\SEQUENCE 1 LEURS YEUX SE RENCONTRERENT.doc
Hijacked! [SH] E:\SEQUENCE 2 LA VIE DEVANT SOI EMILE AJAR.doc
Hijacked! [SHD] E:\cartes
Hijacked! [SH] E:\1ERE PAGEN D'EN TETE 2012.doc
Hijacked! [SH] E:\SEQUENCE 3 LES BONNES DE JEAN GENET.doc
Hijacked! [SH] E:\Les po�tes recherchent souvent des cadres spatiaux qui conviennent � diff�rents th�mes.docx
Hijacked! [SH] E:\Th�me II.docx
Hijacked! [SH] E:\record PCB.bmp
Hijacked! [SH] E:\PCMP nico vierge membres final.docx
[b]################## | E.O.F | [url=http://www.sosvirus.net/]http://www.sosvirus.net/[/url] | [url=http://www.usbfix.net/]http://www.usbfix.net/[/url] |[/b]