- sam. 9 nov. 2013 13:08
#15398
salut pour l'autre voici le rapport de l'autre ordinateur
- Code: Tout sélectionner
############################## | UsbFix V 7.150 | [Recherche]
Utilisateur: Administrateur (Administrateur) # NIGELEC-66B6418
Mis à jour le 08/11/2013 par El Desaparecido - Team SosVirus
Lancé à 12:47:06 | 09/11/2013
Site Web : https://www.usbfix.net
Forum : https://www.sosvirus.net/
Upload Malware : https://www.sosvirus.net/upload_malware.php
Contact : https://www.usbfix.net/contact/
PC: Hewlett-Packard (0AACh)
CPU: Intel(R) Pentium(R) Dual CPU E2160 @ 1.80GHz
RAM -> [Total : 994 | Free : 518]
Bios: Hewlett-Packard
Boot: Normal boot
OS: Microsoft Windows XP Professionnel (5.1.2600 32-Bit) Service Pack 3
WB: Windows Internet Explorer : 7.0.5730.13
WB: Mozilla Firefox : 24.0
SC: Security Center Service [(!) Disabled]
WU: Windows Update Service [Enabled]
FW: Windows FireWall Service [Enabled]
C:\ (%systemdrive%) -> Disque fixe # 32 Go (17 Go libre(s) - 53%) [] # NTFS
D:\ -> Disque fixe # 117 Go (75 Go libre(s) - 64%) [DONNEES] # NTFS
E:\ -> CD-ROM
F:\ -> Disque amovible # 1017 Mo (655 Mo libre(s) - 64%) [] # FAT32
################## | Processus Actif |
C:\WINDOWS\System32\smss.exe (ID: 856 |ParentID: 4)
C:\WINDOWS\system32\winlogon.exe (ID: 1180 |ParentID: 856)
C:\WINDOWS\system32\services.exe (ID: 1224 |ParentID: 1180)
C:\WINDOWS\system32\lsass.exe (ID: 1236 |ParentID: 1180)
C:\WINDOWS\system32\svchost.exe (ID: 1408 |ParentID: 1224)
C:\WINDOWS\System32\svchost.exe (ID: 1632 |ParentID: 1224)
C:\WINDOWS\System32\svchost.exe (ID: 3288 |ParentID: 1224)
C:\Program Files\AVG\AVG2013\avgwdsvc.exe (ID: 5124 |ParentID: 1224)
C:\Program Files\DiVapton\bin\utilDiVapton.exe (ID: 5372 |ParentID: 1224)
C:\Program Files\AVG\AVG2013\avgnsx.exe (ID: 952 |ParentID: 5124)
C:\Program Files\DiVapton\updateDiVapton.exe (ID: 2784 |ParentID: 1224)
C:\Program Files\AVG\AVG2013\avgfws.exe (ID: 580 |ParentID: 1224)
C:\Program Files\AVG\AVG2013\avgemcx.exe (ID: 5164 |ParentID: 5124)
C:\Program Files\AVG\AVG2013\avgrsx.exe (ID: 2020 |ParentID: 5124)
C:\Program Files\AVG\AVG2013\avgcsrvx.exe (ID: 2992 |ParentID: 2020)
C:\WINDOWS\system32\spoolsv.exe (ID: 5940 |ParentID: 1224)
C:\WINDOWS\Explorer.exe (ID: 3500 |ParentID: 5588)
C:\Program Files\Internet Explorer\iexplore.exe (ID: 1576 |ParentID: 3500)
C:\WINDOWS\system32\ctfmon.exe (ID: 1664 |ParentID: 1576)
C:\Program Files\Microsoft\BingBar\7.2.241.0\BingApp.exe (ID: 5820 |ParentID: 1408)
C:\Program Files\Microsoft\BingBar\7.2.241.0\BingBar.exe (ID: 5932 |ParentID: 1408)
C:\Program Files\Microsoft\BingBar\7.2.241.0\SeaPort.exe (ID: 1704 |ParentID: 1224)
C:\UsbFix\Go.exe (ID: 5480 |ParentID: 2664)
C:\Program Files\Microsoft\BingBar\7.2.241.0\BingSurrogate.exe (ID: 6024 |ParentID: 1408)
C:\Program Files\Microsoft\BingBar\7.2.241.0\BingSurrogate.exe (ID: 6040 |ParentID: 1408)
################## | Regedit Run |
04 - HKLM\SOFTWARE | Run : [SoundMAXPnP] - C:\Program Files\Analog Devices\Core\smax4pnp.exe
04 - HKLM\SOFTWARE | Run : [VistaDrive] - C:\WINDOWS\VistaDrive\VistaDrive.exe
04 - HKLM\SOFTWARE | Run : [AVG_UI] - "C:\Program Files\AVG\AVG2013\avgui.exe" /TRAYONLY
04 - HKLM\SOFTWARE | Run : [vProt] - "C:\Program Files\AVG Secure Search\vprot.exe"
04 - HKLM\SOFTWARE | Run : [EaseUS EPM tray] - C:\Program Files\EaseUS\EaseUS Partition Master 9.2.1 Home Edition\bin\EpmNews.exe
04 - HKLM\SOFTWARE | Run : [Airtel_Niger Wave ModemListener] - C:\Program Files\Airtel Mobile Internet\BackgroundService\ModemListener.exe start
04 - HKLM\SOFTWARE | Run : [ApnTBMon] - "C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
04 - HKLM\SOFTWARE | RunOnce : [] -
04 - HKU\S-1-5-19\SOFTWARE | Run : [CTFMON.EXE] - C:\WINDOWS\system32\CTFMON.EXE
04 - HKU\S-1-5-19\SOFTWARE | Run : [RocketDock] - "C:\Program Files\RocketDock\RocketDock.exe"
04 - HKU\S-1-5-19\SOFTWARE | Run : [VisualTaskTip] - \Program Files\VisualTaskTips\VisualTaskTips.exe
04 - HKU\S-1-5-20\SOFTWARE | Run : [CTFMON.EXE] - C:\WINDOWS\system32\CTFMON.EXE
04 - HKU\S-1-5-20\SOFTWARE | Run : [RocketDock] - "C:\Program Files\RocketDock\RocketDock.exe"
04 - HKU\S-1-5-20\SOFTWARE | Run : [VisualTaskTip] - \Program Files\VisualTaskTips\VisualTaskTips.exe
04 - HKU\S-1-5-21-1292428093-1547161642-1177238915-500\SOFTWARE | Run : [RocketDock] - "C:\Program Files\RocketDock\RocketDock.exe"
04 - HKU\S-1-5-21-1292428093-1547161642-1177238915-500\SOFTWARE | Run : [Sidebar] - C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
04 - HKU\S-1-5-21-1292428093-1547161642-1177238915-500\SOFTWARE | Run : [IDMan] - C:\Program Files\S.P.D\Internet Download Manager Premium v6.15.8 Final\IDMan.exe /onboot
04 - HKU\S-1-5-21-1292428093-1547161642-1177238915-500\SOFTWARE | Run : [Le Petit Robert V4 Hyperappel] - C:\Program Files\Le Robert\Le Petit Robert 2014\PetitRobertHA.exe
04 - HKU\S-1-5-21-1292428093-1547161642-1177238915-500\SOFTWARE | Run : [Softonic for Windows] - "C:\Documents and Settings\Administrateur\Local Settings\Application Data\Softonic\Softonic.exe" -minimize
04 - HKU\S-1-5-21-1292428093-1547161642-1177238915-500\SOFTWARE | Run : [MediaGet2] - C:\Documents and Settings\Administrateur\Local Settings\Application Data\MediaGet2\mediaget.exe --minimized
04 - HKU\S-1-5-21-1292428093-1547161642-1177238915-500\SOFTWARE | Run : [Google Update] - "C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
04 - HKU\S-1-5-21-1292428093-1547161642-1177238915-500\SOFTWARE | Run : [ultracopier] - "C:\Program Files\Supercopier\supercopier.exe"
04 - HKU\S-1-5-21-1292428093-1547161642-1177238915-500\SOFTWARE | Run : [AppsHat] - C:\Documents and Settings\Administrateur\Local Settings\Application Data\WebPlayer\AppsHat\WebPlayer.exe
04 - HKU\S-1-5-21-1292428093-1547161642-1177238915-500\SOFTWARE | Run : [SDP] - C:\Documents and Settings\Administrateur\Local Settings\Application Data\FilesFrog Update Checker\update_checker.exe /auto
04 - HKU\S-1-5-21-1292428093-1547161642-1177238915-500\SOFTWARE | Run : [ctfmon.exe] - C:\WINDOWS\system32\ctfmon.exe
04 - HKU\S-1-5-18\SOFTWARE | Run : [VisualTaskTip] - \Program Files\VisualTaskTips\VisualTaskTips.exe
04 - HKU\S-1-5-19\SOFTWARE | RunOnce : [nltide_2] - regsvr32 /s /n /i:U shell32
04 - HKU\S-1-5-19\SOFTWARE | RunOnce : [nltide_3] - rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
04 - HKU\S-1-5-19\SOFTWARE | RunOnce : [_nltide_3] - rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
04 - HKU\S-1-5-20\SOFTWARE | RunOnce : [nltide_2] - regsvr32 /s /n /i:U shell32
04 - HKU\S-1-5-20\SOFTWARE | RunOnce : [nltide_3] - rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
04 - HKU\S-1-5-20\SOFTWARE | RunOnce : [_nltide_3] - rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
04 - HKU\S-1-5-18\SOFTWARE | RunOnce : [nltide_2] - regsvr32 /s /n /i:U shell32
04 - HKU\S-1-5-18\SOFTWARE | RunOnce : [nltide_3] - rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
04 - HKU\S-1-5-18\SOFTWARE | RunOnce : [_nltide_3] - rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
################## | Recherche générique |
################## | Registre |
################## | Vaccin |
(!) Cet ordinateur n'est pas vacciné!
################## | E.O.F | https://www.usbfix.net - https://www.sosvirus.net |