Re,
############################## | UsbFix V 7.152 | [Suppression]
Utilisateur: jeanpelle (Administrateur) # JEANPELL-40D684
Mis à jour le 20/11/2013 par El Desaparecido - Team SosVirus
Lancé à 20:37:12 | 03/12/2013
Site Web :
http://www.usbfix.net
Forum :
http://www.sosvirus.net/
Upload Malware :
http://www.sosvirus.net/upload_malware.php
Contact :
http://www.usbfix.net/contact/
PC: Fujitsu Siemens (P5GD1-FM)
CPU: Intel(R) Pentium(R) 4 CPU 3.00GHz
RAM - [Total : 1023 | Free : 585]
Bios: American Megatrends Inc.
Boot: Normal boot
OS: Microsoft Windows XP Édition familiale (5.1.2600 32-Bit) Service Pack 3
WB: Windows Internet Explorer : 8.0.6001.18702
WB: Google Chrome : 31.0.1650.57
SC: Security Center Service [Enabled]
WU: Windows Update Service [Enabled]
AS: Malwarebytes' Anti-Malware : 1.75.0001
FW: Windows FireWall Service [Enabled]
C:\ (%systemdrive%) - Disque fixe # 20 Go (2 Go libre(s) - 11%) [] # NTFS
D:\ - Disque fixe # 213 Go (25 Go libre(s) - 12%) [Donnée] # NTFS
E:\ - CD-ROM
I:\ - Disque amovible # 972 Mo (532 Mo libre(s) - 55%) [] # FAT
J:\ - CD-ROM
################## | Processus Stoppés |
Stoppé! C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe (ID: 3012 |ParentID: 672)
Stoppé! C:\WINDOWS\system32\wscntfy.exe (ID: 3324 |ParentID: 1004)
Stoppé! C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WMP54Gv4.exe (ID: 2544 |ParentID: 3012)
Stoppé! C:\WINDOWS\Explorer.exe (ID: 3652 |ParentID: 1764)
Stoppé! C:\WINDOWS\system32\spoolsv.exe (ID: 2344 |ParentID: 672)
Stoppé! C:\WINDOWS\system32\ctfmon.exe (ID: 3516 |ParentID: 2000)
################## | Regedit Run |
04 - HKLM\SOFTWARE | RunOnce : [] -
04 - HKU\S-1-5-19\SOFTWARE | Run : [CTFMON.EXE] - C:\WINDOWS\system32\CTFMON.EXE
04 - HKU\S-1-5-20\SOFTWARE | Run : [CTFMON.EXE] - C:\WINDOWS\system32\CTFMON.EXE
04 - HKU\S-1-5-21-1214440339-1563985344-1801674531-1005\SOFTWARE | Run : [MSMSGS] - "C:\Program Files\Messenger\msmsgs.exe" /background
04 - HKU\S-1-5-21-1214440339-1563985344-1801674531-1005\SOFTWARE | Run : [ctfmon.exe] - C:\WINDOWS\system32\ctfmon.exe
04 - HKU\S-1-5-21-1214440339-1563985344-1801674531-1005\SOFTWARE | Run : [SoftAuto.exe] - "C:\Program Files\Creative\Software Update 3\SoftAuto.exe"
04 - HKU\S-1-5-21-1214440339-1563985344-1801674531-1005\SOFTWARE | Run : [AdobeBridge] -
04 - HKU\S-1-5-21-1214440339-1563985344-1801674531-1005\SOFTWARE | Run : [WMPNSCFG] - C:\Program Files\Windows Media Player\WMPNSCFG.exe
04 - HKU\S-1-5-21-1214440339-1563985344-1801674531-1005\SOFTWARE | Run : [EPSON SX218 Series] - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIGDE.EXE /FU "C:\WINDOWS\TEMP\E_S231.tmp" /EF "HKCU"
04 - HKU\S-1-5-18\SOFTWARE | Run : [CTFMON.EXE] - C:\WINDOWS\system32\CTFMON.EXE
################## | Recherche générique |
Supprimé! D:\desktop.ini
(!) Fichiers temporaires supprimés.
################## | Registre |
Supprimé! HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RavAV
Supprimé! HKU\S-1-5-21-1214440339-1563985344-1801674531-1005\Software\.\.\.\.\Mountpoints2\{17a1ca7b-bbe5-11dc-933a-0015f226936f}
Supprimé! HKU\S-1-5-21-1214440339-1563985344-1801674531-1005\Software\.\.\.\.\Mountpoints2\{4eb26f66-b056-11da-918c-0015f226936f}
Supprimé! HKU\S-1-5-21-1214440339-1563985344-1801674531-1005\Software\.\.\.\.\Mountpoints2\{4eb26f68-b056-11da-918c-0015f226936f}
Supprimé! HKU\S-1-5-21-1214440339-1563985344-1801674531-1005\Software\.\.\.\.\Mountpoints2\{8b2f2dcb-e456-11da-91bd-0015f226936f}
Supprimé! HKU\S-1-5-21-1214440339-1563985344-1801674531-1005\Software\.\.\.\.\Mountpoints2\{9a95073a-f711-11de-94e6-0015f226936f}
Supprimé! HKU\S-1-5-21-1214440339-1563985344-1801674531-1005\Software\.\.\.\.\Mountpoints2\{a6fcb789-c16a-11da-91a2-0015f226936f}
################## | Listing |
[08/03/2006 - 20:55:21 | D ] C:\AddOn
[28/11/2013 - 20:54:54 | D ] C:\AdwCleaner
[08/03/2006 - 21:34:34 | N | 185] C:\ati.log
[08/03/2006 - 20:52:04 | N | 0] C:\AUTOEXEC.BAT
[12/04/2010 - 16:13:47 | N | 216] C:\boot.ini
[05/08/2004 - 13:00:00 | N | 4952] C:\Bootfont.bin
[25/11/2013 - 09:35:41 | HD ] C:\Config.Msi
[08/03/2006 - 20:52:04 | N | 0] C:\CONFIG.SYS
[08/03/2006 - 21:00:16 | D ] C:\Documents and Settings
[24/09/2006 - 14:38:16 | N | 1120] C:\INSTALL.LOG
[08/03/2006 - 20:52:04 | N | 0] C:\IO.SYS
[18/05/2006 - 18:42:17 | N | 0] C:\list
[05/10/2006 - 20:51:39 | N | 46774] C:\MDACSET.log
[01/06/2007 - 19:41:41 | D ] C:\Mes téléchargements
[08/03/2006 - 20:52:04 | N | 0] C:\MSDOS.SYS
[05/08/2004 - 13:00:00 | N | 47564] C:\NTDETECT.COM
[30/11/2009 - 18:46:49 | N | 252240] C:\ntldr
[03/12/2013 - 18:52:51 | ASH | 1610612736] C:\pagefile.sys
[29/11/2013 - 22:35:58 | N | 512] C:\PhysicalDisk0_MBR.bin
[28/11/2013 - 20:49:46 | D ] C:\Program Files
[08/03/2006 - 21:40:11 | SHD ] C:\RECYCLER
[08/11/2011 - 20:02:45 | D ] C:\Sharing Downloads
[29/11/2013 - 18:14:28 | D ] C:\Shortcut_Module
[08/03/2006 - 20:59:13 | SHD ] C:\System Volume Information
[13/10/2007 - 15:28:37 | D ] C:\Temp
[11/02/2007 - 12:09:15 | D ] C:\Toolbox Parts
[24/05/2001 - 11:59:30 | N | 162304] C:\UNWISE.EXE
[03/12/2013 - 20:37:31 | D ] C:\UsbFix
[03/12/2013 - 20:37:34 | A | 5261] C:\UsbFix [Clean 2] JEANPELL-40D684.txt
[02/12/2013 - 22:07:07 | N | 3780] C:\UsbFix [Scan 1] JEANPELL-40D684.txt
[03/12/2013 - 19:03:43 | N | 4535] C:\UsbFix [Scan 2] JEANPELL-40D684.txt
[28/11/2013 - 23:08:16 | D ] C:\WINDOWS
[22/11/2013 - 20:23:45 | D ] D:\a trier
[04/01/2010 - 16:16:36 | D ] D:\Adobe
[02/01/2008 - 20:50:15 | N | 940] D:\adresse mail.txt
[28/09/2009 - 19:19:17 | D ] D:\af06cf237c1f006468ada7e4bcb4c7d5
[04/01/2010 - 16:13:52 | D ] D:\Amca
[26/02/2010 - 09:16:18 | D ] D:\Appareil photo
[20/10/2011 - 18:07:55 | D ] D:\Appart
[01/10/2009 - 17:39:03 | D ] D:\Bouffe
[22/11/2013 - 20:26:28 | D ] D:\Boulot
[19/03/2007 - 20:29:54 | D ] D:\Dessin
[09/05/2010 - 14:42:05 | D ] D:\Downloads
[01/10/2009 - 17:39:30 | D ] D:\Environnement
[14/02/2010 - 16:55:00 | D ] D:\Factures- achat
[19/01/2010 - 20:45:27 | D ] D:\farendet
[15/04/2009 - 19:59:32 | D ] D:\Fichier money
[19/01/2010 - 20:56:24 | D ] D:\Grand mere
[04/01/2010 - 16:10:56 | D ] D:\impot
[04/06/2007 - 18:25:15 | D ] D:\Jardin
[04/01/2010 - 16:11:42 | D ] D:\Machine a coudre
[18/09/2008 - 21:42:12 | N | 3276800] D:\Money.mny
[17/03/2006 - 18:19:13 | RHD ] D:\MSOCache
[24/11/2013 - 21:39:21 | D ] D:\Musique
[16/04/2010 - 07:51:30 | D ] D:\nouvelle zeland
[22/11/2013 - 20:29:48 | D ] D:\panne 111011
[17/01/2008 - 22:16:08 | D ] D:\Paroles musique
[24/11/2013 - 21:39:21 | D ] D:\Photos
[08/03/2010 - 10:21:43 | D ] D:\pole emploi
[08/03/2006 - 22:00:05 | SHD ] D:\RECYCLER
[25/10/2011 - 17:32:12 | D ] D:\sarah
[06/11/2011 - 13:35:01 | D ] D:\Scan
[09/01/2008 - 19:47:12 | D ] D:\sldworks 2007
[27/12/2007 - 19:16:20 | D ] D:\Solex
[08/03/2006 - 21:00:28 | SHD ] D:\System Volume Information
[20/05/2008 - 19:23:54 | RASH | 15872] D:\Thumbs.db
[17/01/2007 - 18:00:53 | D ] D:\Trompette
[22/04/2010 - 12:07:18 | D ] D:\Vidéos
[13/10/2011 - 22:48:11 | D ] D:\vélo
[03/01/2008 - 19:47:04 | N | 296] I:\WMPInfo.xml
[13/10/2013 - 12:49:36 | D ] I:\DCIM
[13/10/2013 - 12:49:36 | D ] I:\MISC
[29/02/2008 - 17:59:12 | D ] I:\1965 I Put A Spell On You
[29/02/2008 - 17:59:22 | D ] I:\Nina Simone - Best of
[29/02/2008 - 18:08:54 | D ] I:\The Doors- Greatest Hits
[29/02/2008 - 18:11:50 | D ] I:\Yael Naim
[29/02/2008 - 18:12:14 | D ] I:\Trio Mocotó
[29/02/2008 - 18:12:28 | D ] I:\Tchavolo Schmitt - Louteha
[29/02/2008 - 18:13:02 | D ] I:\Ella Fitzerald - The best years
[31/05/2011 - 17:05:18 | N | 544751] I:\permit CV photo.pdf
################## | Vaccin |
I:\Autorun.inf - Vaccin créé par UsbFix (El Desaparecido)
################## | E.O.F |
http://www.usbfix.net -
http://www.sosvirus.net |
Bonjour,
FLTL_BYBunO