cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

############################## | UsbFix V 7.165 | [Research]

User: Arnaud & Pomme (Administrator) # PC
Updated 20/02/2014 by El Desaparecido - Team SosVirus
Started at 18:36:15 | 20/02/2014

Website : http://www.en.usbfix.net/
Changelog : http://www.en.usbfix.net/changelog/
Support : http://www.sosvirus.net/
Upload Malware : http://www.sosvirus.net/upload_malware.php
Contact : http://www.en.usbfix.net/contact/

PC: Gigabyte Technology Co., Ltd. (G41M-Combo)
CPU: Intel(R) Pentium(R) Dual CPU E2220 @ 2.40GHz
RAM -> [Total : 4060 Mo| Free : 2750 Mo]
Bios: Award Software International, Inc.
Boot: Normal boot

OS: Microsoft Windows 7 Home Premium (6.1.7601 64-Bit) Service Pack 1
WB: Windows Internet Explorer : 11.0.9600.16518
WB: Google Chrome : 33.0.1750.117

SC: Security Center [Enabled]
WU: Windows Update [Enabled]
AV: avast! Antivirus [Enabled | Updated]
AS: avast! Antivirus [Enabled | Updated]
AS: Windows Defender [Enabled | Updated]
FW: Windows FireWall [(!) Disabled]

C:\ (%systemdrive%) -> Fixed drive # 233 Gb (20 Mb free - 8%) [] # NTFS
D:\ -> CD-ROM
E:\ -> Removable drive # 15 Gb (6 Mb free - 43%) [] # FAT32

################## | Active Processes |

C:\Windows\system32\csrss.exe (ID: 400 |ParentID: 392)
C:\Windows\system32\wininit.exe (ID: 460 |ParentID: 392)
C:\Windows\system32\csrss.exe (ID: 476 |ParentID: 452)
C:\Windows\system32\services.exe (ID: 540 |ParentID: 460)
C:\Windows\system32\winlogon.exe (ID: 548 |ParentID: 452)
C:\Windows\system32\lsass.exe (ID: 576 |ParentID: 460)
C:\Windows\system32\lsm.exe (ID: 588 |ParentID: 460)
C:\Windows\system32\svchost.exe (ID: 688 |ParentID: 540)
C:\Windows\system32\svchost.exe (ID: 780 |ParentID: 540)
C:\Windows\System32\svchost.exe (ID: 856 |ParentID: 540)
C:\Windows\System32\svchost.exe (ID: 912 |ParentID: 540)
C:\Windows\system32\svchost.exe (ID: 956 |ParentID: 540)
C:\Windows\system32\svchost.exe (ID: 980 |ParentID: 540)
C:\Windows\system32\svchost.exe (ID: 864 |ParentID: 540)
C:\Windows\system32\WLANExt.exe (ID: 1116 |ParentID: 912)
C:\Windows\system32\conhost.exe (ID: 1124 |ParentID: 400)
C:\Program Files\AVAST Software\Avast\AvastSvc.exe (ID: 1136 |ParentID: 540)
C:\Windows\system32\Dwm.exe (ID: 1244 |ParentID: 912)
C:\Windows\Explorer.EXE (ID: 1284 |ParentID: 1232)
C:\Windows\System32\spoolsv.exe (ID: 1492 |ParentID: 540)
C:\Windows\system32\taskhost.exe (ID: 1504 |ParentID: 540)
C:\Windows\system32\svchost.exe (ID: 1544 |ParentID: 540)
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (ID: 1700 |ParentID: 540)
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (ID: 1764 |ParentID: 540)
C:\Program Files\Bonjour\mDNSResponder.exe (ID: 1840 |ParentID: 540)
C:\Windows\SysWOW64\svchost.exe (ID: 1888 |ParentID: 540)
C:\Users\Arnaud & Pomme\AppData\Roaming\BitTorrent\BitTorrent.exe (ID: 1964 |ParentID: 1284)
C:\Windows\system32\svchost.exe (ID: 1992 |ParentID: 540)
C:\Program Files\AVAST Software\Avast\AvastUI.exe (ID: 1176 |ParentID: 2016)
C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe (ID: 936 |ParentID: 2016)
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (ID: 2276 |ParentID: 1284)
C:\Program Files (x86)\Boxore\BoxoreClient\boxore.exe (ID: 2496 |ParentID: 2016)
C:\Program Files (x86)\iTunes\iTunesHelper.exe (ID: 2528 |ParentID: 2016)
C:\Program Files (x86)\Boxore\BoxoreClient\boxore.exe (ID: 2536 |ParentID: 2496)
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (ID: 2548 |ParentID: 2016)
C:\Windows\system32\svchost.exe (ID: 2724 |ParentID: 540)
C:\Program Files\iPod\bin\iPodService.exe (ID: 1184 |ParentID: 540)
C:\Windows\system32\SearchIndexer.exe (ID: 2180 |ParentID: 540)
C:\Program Files\Windows Media Player\wmpnetwk.exe (ID: 3656 |ParentID: 540)
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe (ID: 3772 |ParentID: 2276)
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe (ID: 3876 |ParentID: 688)
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe (ID: 3944 |ParentID: 688)
C:\Windows\System32\svchost.exe (ID: 2188 |ParentID: 540)
C:\Program Files\Internet Explorer\iexplore.exe (ID: 3632 |ParentID: 1284)
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE (ID: 3128 |ParentID: 3632)
C:\Windows\System32\svchost.exe (ID: 4820 |ParentID: 540)
C:\Windows\system32\wuauclt.exe (ID: 5028 |ParentID: 980)
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE (ID: 4124 |ParentID: 3632)
C:\Program Files (x86)\Antipub\antipub.exe (ID: 1152 |ParentID: 1284)
C:\Windows\System32\MsSpellCheckingFacility.exe (ID: 3368 |ParentID: 688)
C:\Windows\system32\WUDFHost.exe (ID: 2588 |ParentID: 912)
C:\Users\Arnaud & Pomme\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FCCT6DP0\RogueKiller.exe (ID: 2164 |ParentID: 3632)
C:\Windows\system32\wbem\wmiprvse.exe (ID: 2016 |ParentID: 688)

################## | Regedit Run |

04 - HKCU\..\Run : [BitTorrent] "C:\Users\Arnaud & Pomme\AppData\Roaming\BitTorrent\BitTorrent.exe" /MINIMIZED
04 - HKLM\..\Run : [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
04 - HKLM\..\Run : [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
04 - HKLM\..\Run : [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
04 - HKLM\..\Run : [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
04 - HKLM\..\Run : [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
04 - HKLM\..\Run : [Boxore Client] C:\Program Files (x86)\Boxore\BoxoreClient\boxore.exe
04 - HKLM\..\Run : [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
04 - HKLM\..\Run : [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
04 - HKLM\..\RunOnce : []
04 - HKU\S-1-5-19\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-20\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-21-1752687205-1379967150-2266779457-1000\..\Run : [BitTorrent] "C:\Users\Arnaud & Pomme\AppData\Roaming\BitTorrent\BitTorrent.exe" /MINIMIZED
04 - HKU\S-1-5-19\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-20\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe

################## | Generic Research |

Found ! E:\SanDiskSecureAccess.lnk
Found ! E:\BDK.lnk
Found ! E:\.Trashes.lnk
Found ! E:\K2.lnk
Found ! E:\.Spotlight-V100.lnk
Found ! E:\My Pictures.lnk
Found ! E:\autorun.inf.lnk
Found ! E:\System Volume Information.lnk
Found ! E:\Rapport_stage.lnk

################## | Registry |


################## | E.O.F | http://www.en.usbfix.net/ - http://www.sosvirus.net |

Publicité


Signaler le contenu de ce document

Publicité