############################## | UsbFix V 7.088 | [Suppression]
Utilisateur: Dumini (Administrateur) # PC-DE-DUMINI
Mis à jour le 16/05/2012 par El Desaparecido
Lancé à 20:28:20 | 19/05/2012
Site Web: http://eldesaparecido.com
Forum: http://forum.eldesaparecido.com
Fichier suspect ? : http://eldesaparecido.com/upload.php
Contact:
contact@eldesaparecido.comPC: Hewlett-Packard (HP Pavilion dv6000 (RY643EA#ABF) ) (X86-based PC) # Notebook
CPU: Intel(R) Core(TM)2 CPU T5200 @ 1.60GHz (1596)
RAM -> [ Total : 1021 | Free : 581 ]
BIOS: Ver 1.00PARTTBLv
BOOT: Fail-safe with network boot
OS: Microsoft® Windows Vista™ Édition Familiale Premium (6.0.6002 32-Bit) # Service Pack 2
WB: Windows Internet Explorer 8.0.6001.19222
SC: Security Center Service [ Enabled ]
WU: Windows Update Service [ Enabled ]
AV: Avira Desktop [ Enabled | Updated ]
FW: Windows FireWall Service [ Enabled ]
C:\ (%systemdrive%) -> Disque fixe # 106 Go (30 Go libre(s) - 28%) [] # NTFS
D:\ -> Disque fixe # 5 Go (1 Go libre(s) - 24%) [HP_RECOVERY] # NTFS
E:\ -> Disque amovible # 4 Go (4 Go libre(s) - 100%) [] # FAT32
F:\ -> Disque amovible # 2 Go (2 Go libre(s) - 97%) [] # FAT32
################## | Processus Actif |
C:\Windows\system32\csrss.exe (560)
C:\Windows\system32\csrss.exe (596)
C:\Windows\system32\wininit.exe (604)
C:\Windows\system32\winlogon.exe (640)
C:\Windows\system32\services.exe (676)
C:\Windows\system32\lsass.exe (700)
C:\Windows\system32\lsm.exe (708)
C:\Windows\system32\svchost.exe (856)
C:\Windows\system32\svchost.exe (912)
C:\Windows\System32\svchost.exe (956)
C:\Windows\System32\svchost.exe (1036)
C:\Windows\system32\svchost.exe (1064)
C:\Windows\System32\svchost.exe (1096)
C:\Windows\system32\svchost.exe (1144)
C:\Windows\system32\svchost.exe (1160)
C:\Windows\system32\svchost.exe (1356)
C:\Windows\Explorer.EXE (1496)
C:\Windows\system32\svchost.exe (1616)
C:\UsbFix\Go.exe (692)
C:\Windows\system32\wbem\wmiprvse.exe (1540)
################## | Processus Stoppés |
Stoppé! C:\Windows\Explorer.EXE (1496)
################## | Éléments infectieux |
Supprimé! C:\Users\Dumini\AppData\Roaming\SQLite3.dll
Supprimé! C:\$RECYCLE.BIN\S-1-5-18
Supprimé! C:\$RECYCLE.BIN\S-1-5-21-1045043067-2608134012-847024635-1000
Supprimé! D:\$RECYCLE.BIN\S-1-5-18
Supprimé! D:\$RECYCLE.BIN\S-1-5-21-1045043067-2608134012-847024635-1000
Supprimé! C:\dir\install
(!) Fichiers temporaires supprimés.
################## | Registre |
Supprimé! HKCU\Software\Server
Supprimé! HKLM\Software\Policies\Microsoft\Windows NT\SystemRestore|DisableConfig
Supprimé! HKLM\Software\Policies\Microsoft\Windows NT\SystemRestore|DisableSR
################## | Mountpoints2 |
Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\H
Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{60239129-d5c1-11df-b4f2-001636e94b51}
Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{76f0e2b5-e914-11db-82b8-001636e94b51}
Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{79fd0dd3-abde-11dc-aa5a-001636e94b51}
Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{9aebe629-229f-11de-a12d-001636e94b51}
Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{b7f44565-8a6e-11df-b4dc-001636e94b51}
Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{e0a23bbf-ccf7-11dc-a7f4-001636e94b51}
################## | Listing |
[19/05/2012 - 20:33:29 | SHD ] C:\$RECYCLE.BIN
[22/04/2011 - 09:07:26 | D ] C:\01390c726a5014f08321
[16/05/2012 - 18:25:01 | D ] C:\0a5f501406c1868cc6403a
[16/05/2012 - 17:39:15 | D ] C:\201b6879a86d58e6b7
[19/05/2012 - 11:21:20 | D ] C:\22b50848451ec37e3e85a7
[15/12/2011 - 12:05:56 | D ] C:\22f651996b198168c7806c
[17/05/2012 - 18:54:29 | D ] C:\32c24926afdfb3d6a77bd7
[14/04/2011 - 19:30:52 | D ] C:\386a1ae0aa1c464582
[16/05/2012 - 17:41:04 | D ] C:\438719c27514cf75a1996249
[16/05/2012 - 18:48:49 | D ] C:\43b7bf3babd96d3e2a2bf35d
[18/05/2012 - 08:44:55 | D ] C:\4778e0a1a399879191d6f8ed02453b42
[16/05/2012 - 17:27:04 | D ] C:\4896ca235b3615f6ee
[16/05/2012 - 20:29:01 | D ] C:\48e7c903bacca6d4ca
[16/05/2012 - 19:00:29 | D ] C:\55bcf5bd5876143e6efc097a56db
[16/05/2012 - 08:29:05 | D ] C:\57562585f083d287de3756c44efa197d
[17/05/2012 - 10:40:01 | D ] C:\5efa8d9d783696f0c72f771a8f1f27
[17/05/2012 - 20:04:19 | D ] C:\5f479239a724cbcabd2ebd90a4120572
[28/04/2011 - 12:33:26 | D ] C:\6c5c7fb5694aa38e8f50c21f99
[17/05/2012 - 10:31:40 | D ] C:\787aef48b6c9473a46
[05/03/2007 - 19:51:43 | D ] C:\7bcf2fb25a1c6b39160ff879
[16/05/2012 - 18:45:31 | D ] C:\7da11b9bd914b8b3e2e7dc817858
[11/03/2011 - 10:12:13 | D ] C:\91b1f305ca299e78c859
[12/01/2012 - 14:36:03 | D ] C:\92a5811c33452980e2fb92
[15/09/2011 - 21:03:57 | D ] C:\953ed53b2b23437d05ddb1a70010
[16/05/2012 - 14:37:08 | D ] C:\a5899c2887387a47fc5dd8316605
[16/05/2012 - 17:24:57 | D ] C:\a7e45c9697c325c4ffaa1eab5d88ab73
[22/09/2011 - 12:09:47 | D ] C:\ac59dac3db056f434fcc181462
[19/05/2012 - 19:10:23 | N | 315] C:\AdwCleaner[S1].txt
[19/05/2012 - 19:11:19 | N | 32670] C:\AdwCleaner[S2].txt
[16/05/2012 - 18:23:14 | D ] C:\ae102f73495c211d384c5b82fb9a1b
[18/09/2006 - 23:43:36 | N | 24] C:\autoexec.bat
[13/05/2011 - 17:36:02 | D ] C:\b1bbfd8076ad19f227e5
[17/05/2012 - 22:07:03 | D ] C:\b3eec530954d58eb06a8ff03
[16/05/2012 - 18:03:11 | D ] C:\b4c71c2f5130477a3075552eef
[17/05/2012 - 20:02:07 | D ] C:\b8d727d32ea5c4b417
[05/04/2011 - 16:11:50 | D ] C:\b9de2c338ef0ad5b37d5
[17/05/2012 - 17:13:27 | SHD ] C:\boot
[11/04/2009 - 08:36:36 | RASH | 333257] C:\bootmgr
[16/05/2012 - 18:00:48 | D ] C:\c4adbe78752010cc6ca71f9200
[16/05/2012 - 20:32:18 | D ] C:\c9a8f0eda4c7dd8845b7
[16/05/2012 - 19:03:57 | D ] C:\cf86458be9a02d74cd093276101ea83b
[19/05/2012 - 20:09:38 | N | 1151] C:\cleannavi.txt
[18/05/2012 - 11:19:40 | D ] C:\Config.Msi
[18/09/2006 - 23:43:37 | N | 10] C:\config.sys
[09/12/2010 - 20:12:50 | D ] C:\dir
[14/05/2012 - 11:44:26 | D ] C:\e562d3433fe4d36aa03207d594b2
[21/09/2011 - 14:07:25 | D ] C:\ec6a6cfde77b34f88dbb69c68d
[18/04/2010 - 20:08:34 | N | 54587] C:\ExtractLog.txt
[18/12/2006 - 23:58:38 | D ] C:\HP
[19/03/2012 - 19:09:15 | D ] C:\Intel
[05/04/2008 - 08:09:30 | N | 0] C:\IO.SYS
[23/09/2010 - 10:45:14 | N | 127] C:\mbam-error.txt
[05/04/2008 - 08:09:30 | N | 0] C:\MSDOS.SYS
[12/04/2007 - 18:56:16 | RHD ] C:\MSOCache
[19/05/2012 - 20:11:31 | D ] C:\Navilog1
[19/05/2012 - 19:59:54 | ASH | 1385496576] C:\pagefile.sys
[10/12/2010 - 10:23:19 | N | 50] C:\parametreMail.ini
[01/08/2010 - 18:17:59 | D ] C:\PerfLogs
[19/05/2012 - 10:02:44 | N | 512] C:\PhysicalDisk0_MBR.bin
[19/05/2012 - 20:06:54 | D ] C:\Program Files
[19/05/2012 - 19:11:08 | HD ] C:\ProgramData
[01/05/2010 - 10:54:05 | N | 159] C:\Setup.log
[06/12/2008 - 10:50:10 | D ] C:\SwSetup
[19/05/2012 - 17:16:38 | SHD ] C:\System Volume Information
[01/03/2007 - 20:34:56 | D ] C:\System.sav
[21/11/2010 - 09:14:48 | D ] C:\Temp
[19/05/2012 - 20:33:29 | D ] C:\UsbFix
[19/05/2012 - 20:28:31 | A | 2143] C:\UsbFix.txt
[07/04/2012 - 12:06:27 | N | 237] C:\user.js
[18/04/2010 - 08:42:35 | D ] C:\Users
[19/05/2012 - 19:59:58 | D ] C:\Windows
[19/05/2012 - 10:02:46 | D ] C:\ZHP
[19/05/2012 - 20:33:29 | SHD ] D:\$RECYCLE.BIN
[19/12/2006 - 09:06:59 | SHD ] D:\boot
[19/12/2006 - 09:06:58 | D ] D:\HP
[02/03/2007 - 14:05:17 | SHD ] D:\preload
[19/12/2006 - 00:41:17 | RD ] D:\RECOVERY
[19/12/2006 - 00:10:35 | SHD ] D:\SOURCES
[19/12/2006 - 09:06:58 | SHD ] D:\System Volume Information
[19/12/2006 - 00:41:18 | D ] D:\Tools
[19/12/2006 - 09:06:58 | D ] D:\WINDOWS
################## | Vaccin |
C:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
D:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
################## | Upload |
Veuillez envoyer le fichier: C:\UsbFix_Upload_Me_PC-DE-DUMINI.zip
http://eldesaparecido.com/upload.php
Merci de votre contribution.
################## | E.O.F |