2 sujets de 1 à 2 (sur un total de 2)
  • Auteur
    Messages
  • maritchu17
    Participant
    Nombre d'articles : 1

    ############################## | UsbFix V 7.171 | [Nettoyage]

    Utilisateur: admin (Administrateur) # CG-04
    Mis à jour le 18/05/2014 par El Desaparecido – SosVirus
    Lancé à 13:02:31 | 20/05/2014

    Site Web : http://www.usbfix.net/
    Changelog : http://www.usbfix.net/maj/
    Assistance : http://www.sosvirus.net/forum-virus-securite.html
    Upload Malware : http://www.sosvirus.net/upload_malware.php
    Contact : http://www.usbfix.net/contact/

    PC: Dell Inc. (0KP561)
    CPU: Intel(R) Core(TM)2 Duo CPU E4500 @ 2.20GHz
    RAM -> [Total : 2046 Mo| Free : 965 Mo]
    Bios: Dell Inc.
    Boot: Normal boot

    OS: Microsoft Windows XP Professionnel (5.1.2600 32-Bit) Service Pack 3
    WB: Windows Internet Explorer : 8.0.6001.18702
    WB: Google Chrome : 34.0.1847.137
    WB: Mozilla Firefox : 28.0

    SC: Security Center [Enabled]
    WU: Windows Update [Enabled]

    FW: Windows FireWall [Enabled]

    C: (%SystemDrive%) -> Disque fixe # 149 Go (129 Go libre(s) – 87%) [] # NTFS
    D: -> CD-ROM
    E: -> Disque amovible # 7 Go (7 Go libre(s) – 99%) [SUBMARINE] # FAT32
    F: -> Disque amovible # 2 Go (2 Go libre(s) – 96%) [SCHOOL] # FAT32
    G: -> Disque amovible # 124 Mo (49 Mo libre(s) – 39%) [PUCCA] # FAT

    ################## | Processus Stoppés |

    C:WINDOWSsystem32ati2evxx.exe (ID: 936|ParentID: 748|SYSTEM)
    C:WINDOWSsystem32ati2evxx.exe (ID: 1436|ParentID: 704|SYSTEM)
    C:WINDOWSsystem32spoolsv.exe (ID: 1644|ParentID: 748|SYSTEM)
    C:Program FilesIndex EducationMise a jour automatiqueServiceMiseAJourIndex.exe (ID: 444|ParentID: 748|SYSTEM)
    C:Program FilesJavajre7binjqs.exe (ID: 816|ParentID: 748|SYSTEM)
    C:WINDOWSsystem32alg.exe (ID: 1408|ParentID: 748|SERVICE LOCAL)
    C:WINDOWSexplorer.exe (ID: 3252|ParentID: 3148|admin)
    C:Program FilesATI TechnologiesATI.ACECore-StaticMOM.exe (ID: 3704|ParentID: 3648|admin)
    C:Program FilesAnalog DevicesCoresmax4pnp.exe (ID: 3712|ParentID: 3252|admin)
    C:Program FilesFichiers communsJavaJava Updatejusched.exe (ID: 3888|ParentID: 3252|admin)
    C:WINDOWSsystem32ctfmon.exe (ID: 3980|ParentID: 3252|admin)
    C:WINDOWSsystem32wscript.exe (ID: 3992|ParentID: 3252|admin)
    C:Program FilesATI TechnologiesATI.ACECore-StaticCCC.exe (ID: 2140|ParentID: 3704|admin)
    C:Program FilesOpenOffice.org 3programsoffice.exe (ID: 2200|ParentID: 1340|admin)
    C:Program FilesOpenOffice.org 3programsoffice.bin (ID: 2260|ParentID: 2200|admin)

    ################## | Autorun |

    E:Compare 5°.lnk -> E:SURVIVAL.vbe – (SHA1: F8ABC28BF5DB89F154C1AF1A2AAA2B41C964B82A)
    E:.lnk -> E:SURVIVAL.vbe – (SHA1: F8ABC28BF5DB89F154C1AF1A2AAA2B41C964B82A)
    E:.Trashes.lnk -> E:SURVIVAL.vbe – (SHA1: F8ABC28BF5DB89F154C1AF1A2AAA2B41C964B82A)
    E:.Spotlight-V100.lnk -> E:SURVIVAL.vbe – (SHA1: F8ABC28BF5DB89F154C1AF1A2AAA2B41C964B82A)
    E:Présent BE+ing 6°.lnk -> E:SURVIVAL.vbe – (SHA1: F8ABC28BF5DB89F154C1AF1A2AAA2B41C964B82A)
    F:.Trashes.lnk -> F:SURVIVAL.vbe – (SHA1: F8ABC28BF5DB89F154C1AF1A2AAA2B41C964B82A)
    F:.Spotlight-V100.lnk -> F:SURVIVAL.vbe – (SHA1: F8ABC28BF5DB89F154C1AF1A2AAA2B41C964B82A)
    F:.lnk -> F:SURVIVAL.vbe – (SHA1: F8ABC28BF5DB89F154C1AF1A2AAA2B41C964B82A)
    G:15 Check 2p94.lnk -> G:SURVIVAL.vbe – (SHA1: F8ABC28BF5DB89F154C1AF1A2AAA2B41C964B82A)
    G:13 Kate’s gang.lnk -> G:SURVIVAL.vbe – (SHA1: F8ABC28BF5DB89F154C1AF1A2AAA2B41C964B82A)
    G:.lnk -> G:SURVIVAL.vbe – (SHA1: F8ABC28BF5DB89F154C1AF1A2AAA2B41C964B82A)
    G:.Spotlight-V100.lnk -> G:SURVIVAL.vbe – (SHA1: F8ABC28BF5DB89F154C1AF1A2AAA2B41C964B82A)
    G:31 Plans for the future.lnk -> G:SURVIVAL.vbe – (SHA1: F8ABC28BF5DB89F154C1AF1A2AAA2B41C964B82A)
    G:16 Test 1U3.lnk -> G:SURVIVAL.vbe – (SHA1: F8ABC28BF5DB89F154C1AF1A2AAA2B41C964B82A)
    G:.Trashes.lnk -> G:SURVIVAL.vbe – (SHA1: F8ABC28BF5DB89F154C1AF1A2AAA2B41C964B82A)

    ################## | Recherche générique |

    Supprimé! C:Documents and SettingsadminMenu DémarrerProgrammesDémarrageSURVIVAL.vbe
    Supprimé! C:DOCUME~1adminLOCALS~1TempSURVIVAL.vbe
    Supprimé! E:SURVIVAL.vbe
    Supprimé! F:SURVIVAL.vbe
    Supprimé! G:SURVIVAL.vbe
    Supprimé! E:Présent BE+ing 6°.lnk
    Supprimé! E:Compare 5°.lnk
    Supprimé! E:.lnk
    Supprimé! E:.Trashes.lnk
    Supprimé! E:.Spotlight-V100.lnk
    Supprimé! F:.lnk
    Supprimé! F:.Trashes.lnk
    Supprimé! F:.Spotlight-V100.lnk
    Supprimé! G:.lnk
    Supprimé! G:.Trashes.lnk
    Supprimé! G:.Spotlight-V100.lnk
    Supprimé! G:15 Check 2p94.lnk
    Supprimé! G:13 Kate’s gang.lnk
    Supprimé! G:31 Plans for the future.lnk
    Supprimé! G:16 Test 1U3.lnk

    (!) Fichiers temporaires supprimés.

    ################## | Registre |

    Supprimé! HKLMSoftwareSURVIVAL
    Supprimé! HKUS-1-5-21-1606980848-1409082233-725345543-1004SoftwareMicrosoftWindowsCurrentVersionRun|SURVIVAL
    Supprimé! HKLMSoftwareMicrosoftWindowsCurrentVersionRun|SURVIVAL

    ################## | Regedit Run |

    F2 – HKLM..Winlogon : [Shell] Explorer.exe
    F2 – HKLM..Winlogon : [Userinit] C:WINDOWSsystem32userinit.exe,
    04 – HKCU..Run : [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe
    04 – HKLM..Run : [StartCCC] « C:Program FilesATI TechnologiesATI.ACECore-StaticCLIStart.exe » MSRun
    04 – HKLM..Run : [ATICCC] « C:Program FilesATI TechnologiesATI.ACECLIStart.exe »
    04 – HKLM..Run : [SoundMAXPnP] C:Program FilesAnalog DevicesCoresmax4pnp.exe
    04 – HKLM..Run : [Adobe ARM] « C:Program FilesFichiers communsAdobeARM1.0AdobeARM.exe »
    04 – HKLM..Run : [AvastUI.exe] « C:Program FilesAVAST SoftwareAvastAvastUI.exe » /nogui
    04 – HKLM..Run : [SunJavaUpdateSched] « C:Program FilesFichiers communsJavaJava Updatejusched.exe »
    04 – HKUS-1-5-19..Run : [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE
    04 – HKUS-1-5-20..Run : [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE
    04 – HKUS-1-5-21-1606980848-1409082233-725345543-1004..Run : [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe
    04 – HKUS-1-5-18..Run : [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE

    ################## | C: %SystemDrive% – Disque Fixe (NTFS) |

    [15/02/2013 – 11:17:50 | RASH | 0 Ko] – C:MSDOS.SYS
    [15/02/2013 – 11:17:50 | N | 0 Ko] – C:CONFIG.SYS
    [15/02/2013 – 11:17:50 | RASH | 0 Ko] – C:IO.SYS
    [20/05/2014 – 08:10:37 | ASH | 1572864 Ko] – C:pagefile.sys
    [19/05/2014 – 08:23:21 | D] – C:Config.Msi
    [15/02/2013 – 11:13:38 | SH | 0 Ko] – C:boot.ini
    [15/02/2013 – 11:56:36 | N | 22 Ko] – C:newfile.enc
    [05/08/2004 – 12:00:00 | N | 46 Ko | VirusTotal – (0/53)] – C:NTDETECT.COM
    [05/08/2004 – 12:00:00 | N | 5 Ko] – C:Bootfont.bin
    [15/02/2013 – 11:17:50 | A | 0 Ko] – C:AUTOEXEC.BAT
    [15/02/2013 – 17:24:37 | D] – C:OpenOffice.org 3.4.1 (fr) Installation Files
    [15/02/2013 – 11:20:25 | SHD] – C:System Volume Information
    [15/02/2013 – 11:56:27 | D] – C:DELL
    [15/02/2013 – 11:56:36 | N | 22 Ko] – C:newkey
    [15/02/2013 – 12:49:05 | D] – C:AMD
    [15/02/2013 – 13:17:38 | D] – C:Intel
    [15/02/2013 – 18:05:20 | RASH | 246 Ko] – C:ntldr
    [18/02/2013 – 12:48:09 | D] – C:Documents and Settings
    [05/09/2013 – 09:17:21 | D] – C:8b7dab2e76181e0e7a5cc882
    [05/09/2013 – 09:17:22 | D] – C:f0dc92ff505292b3bf
    [06/09/2013 – 08:19:39 | D] – C:d7e5555146f966e493feed43824622e6
    [02/10/2013 – 12:09:42 | SHD] – C:RECYCLER
    [13/05/2014 – 09:15:16 | D] – C:WINDOWS
    [13/05/2014 – 09:23:29 | D] – C:Program Files
    [20/05/2014 – 13:01:16 | D] – C:UsbFix

    ################## | E: – Disque USB (FAT32) |

    [13/05/2014 – 17:24:46 | SHD] – E:.Trashes
    [13/05/2014 – 17:24:46 | SH | 4 Ko] – E:._.Trashes
    [13/05/2014 – 17:24:46 | SHD] – E:.Spotlight-V100
    [19/05/2014 – 15:09:12 | N | 14 Ko] – E:Compare 5°.odt
    [19/05/2014 – 15:38:50 | N | 4199 Ko] – E:Présent BE+ing 6°.odt

    ################## | F: – Disque USB (FAT32) |

    [13/05/2014 – 17:21:42 | SHD] – F:.Trashes
    [13/05/2014 – 17:21:42 | SH | 4 Ko] – F:._.Trashes
    [13/05/2014 – 17:21:42 | SHD] – F:.Spotlight-V100

    ################## | G: – Disque USB (FAT) |

    [21/06/2013 – 17:44:50 | SHD] – G:.Trashes
    [21/06/2013 – 17:44:50 | SH | 4 Ko] – G:._.Trashes
    [21/06/2013 – 17:44:50 | SHD] – G:.Spotlight-V100
    [05/05/2014 – 15:56:38 | N | 1492 Ko] – G:31 Plans for the future.mp3
    [05/05/2014 – 16:01:50 | N | 2300 Ko] – G:13 Kate’s gang.mp3
    [05/05/2014 – 16:02:44 | N | 1283 Ko] – G:15 Check 2p94.mp3
    [05/05/2014 – 16:04:10 | N | 726 Ko] – G:16 Test 1U3.mp3
    [06/05/2014 – 19:20:08 | N | 4 Ko] – G:._13 Kate’s gang.mp3
    [06/05/2014 – 19:20:08 | N | 4 Ko] – G:._15 Check 2p94.mp3
    [06/05/2014 – 19:20:10 | N | 4 Ko] – G:._16 Test 1U3.mp3

    ################## | Vaccin |

    E:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
    F:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
    G:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)

    ################## | E.O.F | http://www.sosvirus.net/ | http://www.usbfix.net/ |

    buckhulk
    Participant
    Nombre d'articles : 2398

    :super: le rapport !

2 sujets de 1 à 2 (sur un total de 2)

Vous devez être connecté pour répondre à ce sujet.