Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
171 | [Clean][/b]
User: Personal (Administrator) # PERSONAL-PC
Updated 09/06/2014 by El Desaparecido - SosVirus
Started at 15:54:07 | 13/01/2015
Website : [url=http://www.en.usbfix.net/]http://www.en.usbfix.net/[/url]
Changelog : [url=http://www.en.usbfix.net/changelog/]http://www.en.usbfix.net/ch
angelog/[/url]
Support : [url=http://en.kioskea.net/forum/viruses-security-7]http://en.kioskea.
net/forum/viruses-security-7[/url]
Upload Malware : [url=http://www.sosvirus.net/upload_malware.php]http://www.sosv
irus.net/upload_malware.php[/url]
Contact : [url=http://www.en.usbfix.net/contact/]http://www.en.usbfix.net/contac
t/[/url]
PC: Dell Inc. (0M863N)
CPU: Intel(R) Core(TM)2 Duo CPU
E8400 @ 3.00GHz
RAM -> [Total : 1980 Mo| Free : 1406 Mo]
Bios: Dell Inc.
Boot: Normal boot
OS: Microsoft Windows 7 Professional (6.1.7601 32-Bit) Service Pack 1
WB: Windows Internet Explorer : 11.0.9600.17207
SC:
WU:
AS:
FW:
C:\ (%SystemDrive%) -> Fixed drive # 149 Gb (127 Mb free - 85%) [] # NTFS
D:\ -> CD-ROM
E:\ -> Removable drive # 29 Gb (10 Mb free - 34%) [S3-L] # NTFS
[b]################## | Stopped processes |[/b]
C:\Windows\System32\spoolsv.exe (ID: 1304|ParentID: 456)
C:\Windows\explorer.exe (ID: 1484|ParentID: 1448|Personal)
C:\Windows\System32\taskhost.exe (ID: 1896|ParentID: 456|Personal)
C:\Program Files\Analog Devices\Core\smax4pnp.exe (ID: 1832|ParentID: 1484|Perso
nal)
C:\ (PCcloseDown) \iCloseDown.exe (ID: 576|ParentID: 1484|Personal)
C:\Windows\System32\SearchIndexer.exe (ID: 888|ParentID: 456|SYSTEM)
C:\Program Files\Windows Media Player\wmpnetwk.exe (ID: 848|ParentID: 456|NETWOR
K SERVICE)
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (ID: 2648|ParentID: 4
56|SYSTEM)
C:\Program Files\Intel\AMT\LMS.exe (ID: 2688|ParentID: 456|SYSTEM)
C:\Windows\System32\sppsvc.exe (ID: 2764|ParentID: 456|NETWORK SERVICE)
C:\Program Files\Common Files\Intel\Privacy Icon\UNS\UNS.exe (ID: 2860|ParentID:
456|SYSTEM)
C:\Windows\System32\WUDFHost.exe (ID: 3152|ParentID: 856|LOCAL SERVICE)
C:\Windows\System32\SearchProtocolHost.exe (ID: 3556|ParentID: 888|SYSTEM)
[b]################## | Autorun |[/b]
[b]################## | Generic Research |[/b]
Not deleted ! E:\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.
vmx
Not deleted ! E:\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665
(!) Temporary files deleted.
[b]################## | Registry |[/b]
Deleted ! HKU\S-1-5-21-3756019719-1034529236-289154046-1000\Software\.\.\.\.\Mou
ntpoints2\{eae7574c-6b7a-11e2-947c-806e6f6e6963}
[b]################## | Regedit Run |[/b]
F2 - HKLM\..\Winlogon : [Shell] explorer.exe
F2 - HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe,
04 - HKLM\..\Run : [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.e
xe
04 - HKLM\..\Run : [picon] "C:\Program Files\Common Files\Intel\Privacy Icon\PIc
onStartup.exe" -startup
04 - HKLM\..\Run : [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync
.exe" /DelayServices
04 - HKU\S-1-5-19\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe
/autoRun
04 - HKU\S-1-5-20\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe
/autoRun
04 - HKU\S-1-5-19\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-20\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
[b]################## | C:\ %SystemDrive% - Fixed drive (NTFS) |[/b]
[11/06/2009
[13/01/2015
[13/01/2015
[13/01/2015
[31/01/2013
[21/09/2012
[11/06/2009
[22/09/2012
[14/07/2009
[14/07/2009
[21/11/2010
[21/09/2012
[21/09/2012
[21/09/2012
[22/09/2012
[22/09/2012
[22/09/2012
[25/09/2012
[25/09/2012
[31/01/2013
[20/06/2014
[13/01/2015
[13/01/2015
[13/01/2015
[13/01/2015
[13/01/2015
[13/01/2015
05:42:20
15:51:13
15:51:17
15:51:13
15:52:23
14:23:45
05:42:20
03:28:10
10:37:05
12:53:55
05:29:06
05:31:28
14:23:30
14:23:35
03:27:56
03:27:56
03:28:09
11:53:32
14:41:33
15:52:11
14:18:47
14:52:50
15:01:45
15:01:48
15:03:41
15:04:05
15:53:59
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
N | 0 Ko] - C:\config.sys
ASH | 1520340 Ko] - C:\hiberfil.sys
ASH | 2027124 Ko] - C:\pagefile.sys
D] - C:\Config.Msi
N | 0 Ko] - C:\winx.ld
SHD] - C:\$Recycle.Bin
A | 0 Ko] - C:\autoexec.bat
RASH | 8 Ko] - C:\BOOTSECT.BAK
D] - C:\PerfLogs
SHD] - C:\Documents and Settings
RASH | 375 Ko] - C:\bootmgr
D] - C:\New Folder
SHD] - C:\Recovery
D] - C:\Users
D] - C:\Hotfix
D] - C:\Drivers
SHD] - C:\Boot
D] - C:\dell
D] - C:\Intel
N | 199 Ko] - C:\grldr
D] - C:\ (PCcloseDown)
HD] - C:\ProgramData
SHD] - C:\System Volume Information
RHD] - C:\MSOCache
D] - C:\Windows
D] - C:\Program Files
D] - C:\UsbFix