UsbFix Report

############################## | UsbFix V 7.
165 | [Deletion]
User: kb (Administrator) # COMPUTER_1
Updated16/02/2014 by El Desaparecido - Team SosVirus
Started at 19:21:43 | 23/02/2014
Website : http://www.en.usbfix.net/
Changelog : http://www.en.usbfix.net/changelog/
Support : http://www.sosvirus.net/
Upload Malware : http://www.sosvirus.net/upload_malware.php
Contact : http://www.en.usbfix.net/contact/
PC: Hewleet-Packard
CPU:
Intel(R) Pentium(R) 4 CPU 3.06GHz
RAM -> [Total : 959 Mo| Free : 675 Mo]
Bios: American Megatrends Inc.
Boot: Normal boot
(Asterope3)
OS: Microsoft Windows XP Professional (5.1.2600 32-Bit) Service Pack 3

WB: Windows Internet Explorer : 8.0.6001.18702
WB: Mozilla Firefox : 27.0.1
SC: Security Center [Enabled]
WU: Windows Update [Enabled]
FW: Windows FireWall [Enabled]
C:\
D:\
E:\
I:\
-> Fixed drive # 233 Gb (233 Mb free - 100%) [] # NTFS

(%systemdrive%) -> Fixed drive # 186 Gb (175 Mb free - 94%) [] # NTFS
-> Removable drive # 7 Gb (7 Mb free - 99%) [KINGSTON] # FAT32
-> CD-ROM
################## | Active Processes |

D:\WINDOWS.0\System32\smss.exe (ID: 728 |ParentID: 4)
D:\WINDOWS.0\system32\winlogon.exe (ID: 840 |ParentID: 728)
D:\WINDOWS.0\system32\services.exe (ID: 884 |ParentID: 840)
D:\WINDOWS.0\system32\lsass.exe (ID: 896 |ParentID: 840)
D:\WINDOWS.0\system32\Ati2evxx.exe (ID: 1068 |ParentID: 884)
D:\WINDOWS.0\system32\svchost.exe (ID: 1084 |ParentID: 884)
D:\WINDOWS.0\System32\svchost.exe (ID: 1240 |ParentID: 884)
D:\WINDOWS.0\system32\spoolsv.exe (ID: 1544 |ParentID: 884)
D:\WINDOWS.0\system32\Ati2evxx.exe (ID: 1788 |ParentID: 840)
D:\WINDOWS.0\Explorer.EXE (ID: 1880 |ParentID: 1844)
D:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe (ID: 176 |ParentID: 1
880)
D:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe (ID: 180 |ParentID: 188
0)
D:\WINDOWS.0\RTHDCPL.EXE (ID: 208 |ParentID: 1880)
D:\WINDOWS.0\system32\ctfmon.exe (ID: 228 |ParentID: 1880)
D:\Program Files\ma-config.com\MaConfigAgent.exe (ID: 960 |ParentID: 884)
D:\WINDOWS.0\system32\wuauclt.exe (ID: 132 |ParentID: 1240)
D:\WINDOWS.0\system32\wscntfy.exe (ID: 2276 |ParentID: 1240)
################## | Regedit Run |
04 - HKCU\..\Run : [ctfmon.exe] D:\WINDOWS.0\system32\ctfmon.exe
04 - HKLM\..\Run : [Look 'n' Stop] "C:\Program Files\Soft4Ever\looknstop\looknst
op.exe" -auto
04 - HKLM\..\Run : [Adobe ARM] "D:\Program Files\Common Files\Adobe\ARM\1.0\Adob
eARM.exe"
04 - HKLM\..\Run : []
04 - HKLM\..\Run : [Adobe Acrobat Speed Launcher] "D:\Program Files\Adobe\Acroba
t 10.0\Acrobat\Acrobat_sl.exe"
04 - HKLM\..\Run : [Acrobat Assistant 8.0] "D:\Program Files\Adobe\Acrobat 10.0\
Acrobat\Acrotray.exe"
04 - HKLM\..\Run : [RTHDCPL] RTHDCPL.EXE
04 - HKLM\Software\Microsoft\Windows NT\CurrentVersion\Terminal Server\Install\.
.\Run : []
04 - HKLM\Software\Microsoft\Windows NT\CurrentVersion\Terminal Server\Install\.
.\RunOnce : []
04 - HKU\S-1-5-21-1417001333-1972579041-1644491937-1003\..\Run : [ctfmon.exe] D:
\WINDOWS.0\system32\ctfmon.exe
################## | Generic Research |
(!) Temporary files deleted.
################## | Registry |
################## | Listing |
[18/02/2014 - 12:28:21 | D] - C:\ATI
[17/02/2014 - 21:41:52 | A | 0 Ko] - C:\AUTOEXEC.BAT
[17/02/2014 - 21:36:16 | SH | 0 Ko] - C:\boot.ini
[17/02/2014 - 21:41:52 | N | 0 Ko] - C:\CONFIG.SYS
[17/02/2014 - 21:41:52 | RASH | 0 Ko] - C:\IO.SYS
[17/02/2014 - 21:41:52 | RASH | 0 Ko] - C:\MSDOS.SYS
[13/04/2008 - 13:13:04 | N | 46 Ko | B2DE3452DE03674C6CEC68B8C8CE7C78] - C:\NTDE
TECT.COM
[13/04/2008 - 15:01:44 | RASH | 244 Ko] - C:\ntldr
[18/02/2014 - 11:51:19 | SHD] - C:\RECYCLER
[17/02/2014 - 21:50:13 | SHD] - C:\System Volume Information
[18/02/2014 - 12:16:28 | D] - D:\ATI
[17/02/2014 - 21:08:40 | A | 0 Ko] - D:\AUTOEXEC.BAT
[17/02/2014 - 21:08:40 | N | 0 Ko] - D:\CONFIG.SYS
[17/02/2014 - 21:50:02 | D] - D:\Documents and Settings
[17/02/2014 - 21:08:40 | RASH | 0 Ko] - D:\IO.SYS
[17/02/2014 - 21:08:40 | RASH | 0 Ko] - D:\MSDOS.SYS
[18/02/2014 - 10:51:47 | RHD] - D:\MSOCache
[23/02/2014 - 19:20:53 | ASH | 1474560 Ko] - D:\pagefile.sys
[18/02/2014 - 12:17:10 | D] - D:\Program Files
[18/02/2014 - 09:50:01 | SHD] - D:\RECYCLER
[17/02/2014 - 21:48:00 | SHD] - D:\System Volume Information
[23/02/2014 - 19:19:47 | D] - D:\UsbFix
[18/02/2014 - 11:51:54 | N | 5 Ko | 4BC0F9BD152BF59CC8806B38F3FC25A0] - D:\UsbFi
x [Clean 2] COMPUTER_1.txt
[18/02/2014 - 11:56:35 | N | 5 Ko | CE29E9E3F020DD924C5BA1EA680805A3] - D:\UsbFi
[18/02/2014 - 18:23:34 | N | 5 Ko | 200B7180CDD46DDC26D850AFB522F055] - D:\UsbFi
[23/02/2014 - 19:22:13 | A | 5 Ko | 0DB07CA7BB908B01B5895B11D5501C3B] - D:\UsbFi
[18/02/2014 - 11:46:13 | N | 3 Ko | 6DE374D9178F8476E25DD3C03866F196] - D:\UsbFi
x [Scan 1] COMPUTER_1.txt
[17/02/2014 - 21:11:29 | D] - D:\WINDOWS
[20/02/2014 - 17:02:53 | D] - D:\WINDOWS.0
[22/11/2013 - 15:19:20 | N | 2559 Ko] - E:\SIFAC_20100616_Seminaire_autorisation
_vague_2011 (1).ppt
[22/11/2013 - 15:08:16
pt
[22/11/2013 - 15:22:58
3).ppt
[24/11/2013 - 19:21:18
0.ppt
[19/11/2013 - 19:17:00
.doc
[23/11/2013 - 12:20:36
1.0.docx
[24/11/2013 - 19:18:42
itations-2.0.pptx
[24/11/2013 - 19:20:18
.ppt
[24/11/2013 - 16:15:22
se_ECC - v2.1.ppt
[23/11/2013 - 21:58:42
[21/11/2013 - 15:15:40
normes_sepa.pdf
[19/03/2004 - 13:35:38
-tables.exe
[23/08/2010 - 15:45:04
[24/11/2013 - 21:48:52
[24/11/2013 - 21:49:32
[25/06/2012 - 17:20:00
V03.doc
[24/11/2013 - 21:54:28
[25/11/2013 - 10:05:46
[25/11/2013 - 11:55:20
[25/11/2013 - 15:53:02
[27/11/2013 - 09:58:16
[27/11/2013 - 11:57:44
[28/11/2013 - 15:38:12
[28/11/2013 - 17:08:36
[01/12/2013 - 11:12:20
[01/12/2013 - 11:47:56
[01/12/2013 - 16:55:16
[05/12/2013 - 21:16:24
[14/12/2013 - 10:48:38
[19/12/2013 - 09:35:38
[17/01/2014 - 11:18:18
[17/01/2014 - 10:12:00
[23/01/2014 - 10:14:20
| N | 1787 Ko] - E:\SIFAC_MUT_GDA_DERIVATION_ROLES_V1.1.p

| N | 1787 Ko] - E:\SIFAC_MUT_GDA_DERIVATION_ROLES_V1.1 (
| N | 862 Ko] - E:\THWG_Session_001_1_TIERS_CLIENTS - v2.
| N | 573 Ko] - E:\Fiche conseil SEPA_VIREMENT V4 (2) (1)
| N | 1919 Ko] - E:\Gestion autorisations ECC - KB_ATB V
| N | 1657 Ko] - E:\THWG_Session_001_4_Utilisateurs_Habil
| N | 940 Ko] - E:\THWG_Session_001_1_REF_BANCAIRE - v2.0
| N | 6451 Ko] - E:\THWG_Session_001_3_Structure_Entrepri
| N | 4870 Ko] - E:\20130725 SEPA in ERP financials.pdf
| N | 167 Ko] - E:\offre_package_sap__mise_en_oeuvre_des_
| N | 642 Ko | 2A77424B70AD132B49F1DD2CC0C52C98] - E:\sap
|
|
|
|
N | 633 Ko] - E:\sap-tables.zip

D] - E:\PROJET ATB
D] - E:\AutorisationsATB
N | 3028 Ko] - E:\INEO_Audit de scurit fonctionnelle SAP_
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
D] - E:\support technique et fonctionnel divers

D] - E:\Recycled
N | 224 Ko] - E:\THPS02-PRO-.doc
D] - E:\Karim
N | 20 Ko] - E:\objet autorisatiions.docx
D] - E:\Documentation Cecilien
N | 52 Ko] - E:\CCDG_HAB DST V3.0 b.doc
N | 147 Ko] - E:\SEPA-FSEPA_M1APHP.doc
N | 119 Ko] - E:\SEPA-FSEPA_M3APHP.doc
N | 25 Ko] - E:\FSEPAROLES (1).xls
D] - E:\PROJETSEPAAPHP
N | 850 Ko] - E:\CNG-CONSULT-CRA-2013_fberra (1).xlsx
D] - E:\scan
D] - E:\scan 10
N | 70 Ko] - E:\cvkarimbenamarWD01.doc
N | 25 Ko] - E:\ENGLISHkbCV.docx
N | 70 Ko] - E:\cVOK.doc
################## | Vaccin |
C:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
E:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
################## | E.O.F | http://www.en.usbfix.net/ - http://www.sosvirus.net
|

UsbFix Report

Hochgeladen von

Dokumentinformationen

Copyright

Verfügbare Formate

Dieses Dokument teilen

Dokument teilen oder einbetten

Freigabeoptionen

Stufen Sie dieses Dokument als nützlich ein?

Sind diese Inhalte unangemessen?

Copyright:

Verfügbare Formate

UsbFix Report

Hochgeladen von

Copyright:

Verfügbare Formate

############################## | UsbFix V 7.

OS: Microsoft Windows XP Professional (5.1.2600 32-Bit) Service Pack 3

-> Fixed drive # 233 Gb (233 Mb free - 100%) [] # NTFS

################## | Active Processes |

| N | 1787 Ko] - E:\SIFAC_MUT_GDA_DERIVATION_ROLES_V1.1.p

N | 633 Ko] - E:\sap-tables.zip

D] - E:\support technique et fonctionnel divers

Das könnte Ihnen auch gefallen