Publicité
Publicité
Format du document : text/plain
Prévisualisation
############################## | UsbFix V 7.167 | [Recherche]
Utilisateur: Utilisateur (Administrateur) # UTILISATEUR-PC
Mis � jour le 13/03/2014 par El Desaparecido - Team SosVirus
Lanc� � 09:34:56 | 19/03/2014
Site Web : http://www.usbfix.net/
Changelog : http://www.usbfix.net/maj/
Support : http://www.sosvirus.net/forum-virus-securite.html
Upload Malware : http://www.sosvirus.net/upload_malware.php
Contact : http://www.usbfix.net/contact/
PC: Acer (FIH57)
CPU: Intel(R) Core(TM) i3 CPU 540 @ 3.07GHz
RAM -> [Total : 3063 Mo| Free : 2113 Mo]
Bios: American Megatrends Inc.
Boot: Normal boot
OS: Microsoft Windows�7 �dition Familiale Premium (6.1.7601 32-Bit) Service Pack 1
WB: Windows Internet Explorer : 10.0.9200.16844
WB: Mozilla Firefox : 27.0.1
SC: Security Center [Enabled]
WU: Windows Update [Enabled]
AV: avast! Internet Security [(!) Disabled | Updated]
AS: Windows Defender [Enabled | Updated]
AS: Spybot - Search and Destroy [Enabled | (!) Outdated]
AS: avast! Internet Security [(!) Disabled | Updated]
FW: avast! Internet Security [(!) Disabled]
FW: Windows FireWall [(!) Disabled]
AS: Malwarebytes' Anti-Malware : 1.75.0001
C:\ (%systemdrive%) -> Disque fixe # 466 Go (337 Go libre(s) - 72%) [] # NTFS
D:\ -> CD-ROM
E:\ -> Disque fixe # 596 Go (272 Go libre(s) - 46%) [SAMSUNG] # NTFS
H:\ -> CD-ROM
I:\ -> Disque amovible # 2 Go (2 Go libre(s) - 96%) [] # FAT
################## | Processus Actif |
C:\Windows\system32\csrss.exe (ID: 440 |ParentID: 432)
C:\Windows\system32\wininit.exe (ID: 512 |ParentID: 432)
C:\Windows\system32\csrss.exe (ID: 524 |ParentID: 504)
C:\Windows\system32\services.exe (ID: 572 |ParentID: 512)
C:\Windows\system32\winlogon.exe (ID: 604 |ParentID: 504)
C:\Windows\system32\lsass.exe (ID: 632 |ParentID: 512)
C:\Windows\system32\lsm.exe (ID: 640 |ParentID: 512)
C:\Windows\system32\svchost.exe (ID: 740 |ParentID: 572)
C:\Windows\system32\nvvsvc.exe (ID: 812 |ParentID: 572)
C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (ID: 836 |ParentID: 572)
C:\Windows\system32\svchost.exe (ID: 880 |ParentID: 572)
C:\Windows\System32\svchost.exe (ID: 972 |ParentID: 572)
C:\Windows\System32\svchost.exe (ID: 1008 |ParentID: 572)
C:\Windows\system32\svchost.exe (ID: 1056 |ParentID: 572)
C:\Windows\system32\svchost.exe (ID: 1080 |ParentID: 572)
C:\Windows\system32\svchost.exe (ID: 1216 |ParentID: 572)
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (ID: 1336 |ParentID: 812)
C:\Windows\system32\nvvsvc.exe (ID: 1344 |ParentID: 812)
C:\Program Files\AVAST Software\Avast\AvastSvc.exe (ID: 1484 |ParentID: 572)
C:\Program Files\AVAST Software\Avast\afwServ.exe (ID: 1580 |ParentID: 572)
C:\Windows\System32\spoolsv.exe (ID: 1804 |ParentID: 572)
C:\Windows\system32\svchost.exe (ID: 1908 |ParentID: 572)
C:\Windows\system32\svchost.exe (ID: 1940 |ParentID: 572)
C:\Windows\System32\svchost.exe (ID: 1996 |ParentID: 572)
C:\Windows\system32\FsUsbExService.Exe (ID: 380 |ParentID: 572)
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe (ID: 456 |ParentID: 572)
C:\Windows\system32\Dwm.exe (ID: 1148 |ParentID: 1008)
C:\Windows\Explorer.EXE (ID: 1320 |ParentID: 1076)
C:\Windows\system32\taskhost.exe (ID: 1292 |ParentID: 572)
C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe (ID: 2112 |ParentID: 572)
C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe (ID: 2820 |ParentID: 572)
C:\Program Files\AVAST Software\Avast\AvastUI.exe (ID: 2844 |ParentID: 1320)
C:\Windows\system32\svchost.exe (ID: 2912 |ParentID: 572)
C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe (ID: 2976 |ParentID: 572)
C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe (ID: 3088 |ParentID: 572)
C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE (ID: 3312 |ParentID: 572)
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (ID: 3916 |ParentID: 1336)
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (ID: 4044 |ParentID: 572)
C:\Windows\system32\SearchIndexer.exe (ID: 2892 |ParentID: 572)
C:\Program Files\Windows Media Player\wmpnetwk.exe (ID: 3836 |ParentID: 572)
C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (ID: 5288 |ParentID: 572)
C:\Windows\System32\svchost.exe (ID: 5332 |ParentID: 572)
C:\Windows\system32\svchost.exe (ID: 4120 |ParentID: 572)
C:\Windows\system32\taskeng.exe (ID: 6068 |ParentID: 1080)
C:\Program Files\ZebraNetworkSystems\NeoRouter\NRService.exe (ID: 3192 |ParentID: 572)
C:\Windows\system32\SearchProtocolHost.exe (ID: 5376 |ParentID: 2892)
C:\Windows\system32\SearchFilterHost.exe (ID: 3152 |ParentID: 2892)
C:\Windows\system32\wbem\wmiprvse.exe (ID: 4948 |ParentID: 740)
################## | Regedit Run |
F2 - HKLM\..\Winlogon : [Shell] explorer.exe
F2 - [64bit] HKLM\..\Winlogon : [Shell] explorer.exe
F2 - HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe,
F2 - [64bit] HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe,
04 - HKCU\..\Run : []
04 - HKLM\..\Run : [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
04 - HKLM\..\RunOnce : []
04 - HKU\S-1-5-19\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-20\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-21-494048827-1650175510-1422529119-1000\..\Run : []
04 - HKU\S-1-5-21-494048827-1650175510-1422529119-1004\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-21-494048827-1650175510-1422529119-1004\..\Run : [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
04 - HKU\S-1-5-19\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-20\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-21-494048827-1650175510-1422529119-1004\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
################## | Recherche g�n�rique |
Pr�sent! C:\Windows\system32\secushr.dat
Pr�sent! C:\Windows\rundl132.exe
Pr�sent! I:\ipak
################## | Registre |
Pr�sent! HKU\S-1-5-21-494048827-1650175510-1422529119-1004\Software\PowerPack
################## | E.O.F | http://www.usbfix.net/ - http://www.sosvirus.net |
Utilisateur: Utilisateur (Administrateur) # UTILISATEUR-PC
Mis � jour le 13/03/2014 par El Desaparecido - Team SosVirus
Lanc� � 09:34:56 | 19/03/2014
Site Web : http://www.usbfix.net/
Changelog : http://www.usbfix.net/maj/
Support : http://www.sosvirus.net/forum-virus-securite.html
Upload Malware : http://www.sosvirus.net/upload_malware.php
Contact : http://www.usbfix.net/contact/
PC: Acer (FIH57)
CPU: Intel(R) Core(TM) i3 CPU 540 @ 3.07GHz
RAM -> [Total : 3063 Mo| Free : 2113 Mo]
Bios: American Megatrends Inc.
Boot: Normal boot
OS: Microsoft Windows�7 �dition Familiale Premium (6.1.7601 32-Bit) Service Pack 1
WB: Windows Internet Explorer : 10.0.9200.16844
WB: Mozilla Firefox : 27.0.1
SC: Security Center [Enabled]
WU: Windows Update [Enabled]
AV: avast! Internet Security [(!) Disabled | Updated]
AS: Windows Defender [Enabled | Updated]
AS: Spybot - Search and Destroy [Enabled | (!) Outdated]
AS: avast! Internet Security [(!) Disabled | Updated]
FW: avast! Internet Security [(!) Disabled]
FW: Windows FireWall [(!) Disabled]
AS: Malwarebytes' Anti-Malware : 1.75.0001
C:\ (%systemdrive%) -> Disque fixe # 466 Go (337 Go libre(s) - 72%) [] # NTFS
D:\ -> CD-ROM
E:\ -> Disque fixe # 596 Go (272 Go libre(s) - 46%) [SAMSUNG] # NTFS
H:\ -> CD-ROM
I:\ -> Disque amovible # 2 Go (2 Go libre(s) - 96%) [] # FAT
################## | Processus Actif |
C:\Windows\system32\csrss.exe (ID: 440 |ParentID: 432)
C:\Windows\system32\wininit.exe (ID: 512 |ParentID: 432)
C:\Windows\system32\csrss.exe (ID: 524 |ParentID: 504)
C:\Windows\system32\services.exe (ID: 572 |ParentID: 512)
C:\Windows\system32\winlogon.exe (ID: 604 |ParentID: 504)
C:\Windows\system32\lsass.exe (ID: 632 |ParentID: 512)
C:\Windows\system32\lsm.exe (ID: 640 |ParentID: 512)
C:\Windows\system32\svchost.exe (ID: 740 |ParentID: 572)
C:\Windows\system32\nvvsvc.exe (ID: 812 |ParentID: 572)
C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (ID: 836 |ParentID: 572)
C:\Windows\system32\svchost.exe (ID: 880 |ParentID: 572)
C:\Windows\System32\svchost.exe (ID: 972 |ParentID: 572)
C:\Windows\System32\svchost.exe (ID: 1008 |ParentID: 572)
C:\Windows\system32\svchost.exe (ID: 1056 |ParentID: 572)
C:\Windows\system32\svchost.exe (ID: 1080 |ParentID: 572)
C:\Windows\system32\svchost.exe (ID: 1216 |ParentID: 572)
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (ID: 1336 |ParentID: 812)
C:\Windows\system32\nvvsvc.exe (ID: 1344 |ParentID: 812)
C:\Program Files\AVAST Software\Avast\AvastSvc.exe (ID: 1484 |ParentID: 572)
C:\Program Files\AVAST Software\Avast\afwServ.exe (ID: 1580 |ParentID: 572)
C:\Windows\System32\spoolsv.exe (ID: 1804 |ParentID: 572)
C:\Windows\system32\svchost.exe (ID: 1908 |ParentID: 572)
C:\Windows\system32\svchost.exe (ID: 1940 |ParentID: 572)
C:\Windows\System32\svchost.exe (ID: 1996 |ParentID: 572)
C:\Windows\system32\FsUsbExService.Exe (ID: 380 |ParentID: 572)
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe (ID: 456 |ParentID: 572)
C:\Windows\system32\Dwm.exe (ID: 1148 |ParentID: 1008)
C:\Windows\Explorer.EXE (ID: 1320 |ParentID: 1076)
C:\Windows\system32\taskhost.exe (ID: 1292 |ParentID: 572)
C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe (ID: 2112 |ParentID: 572)
C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe (ID: 2820 |ParentID: 572)
C:\Program Files\AVAST Software\Avast\AvastUI.exe (ID: 2844 |ParentID: 1320)
C:\Windows\system32\svchost.exe (ID: 2912 |ParentID: 572)
C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe (ID: 2976 |ParentID: 572)
C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe (ID: 3088 |ParentID: 572)
C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE (ID: 3312 |ParentID: 572)
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (ID: 3916 |ParentID: 1336)
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (ID: 4044 |ParentID: 572)
C:\Windows\system32\SearchIndexer.exe (ID: 2892 |ParentID: 572)
C:\Program Files\Windows Media Player\wmpnetwk.exe (ID: 3836 |ParentID: 572)
C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (ID: 5288 |ParentID: 572)
C:\Windows\System32\svchost.exe (ID: 5332 |ParentID: 572)
C:\Windows\system32\svchost.exe (ID: 4120 |ParentID: 572)
C:\Windows\system32\taskeng.exe (ID: 6068 |ParentID: 1080)
C:\Program Files\ZebraNetworkSystems\NeoRouter\NRService.exe (ID: 3192 |ParentID: 572)
C:\Windows\system32\SearchProtocolHost.exe (ID: 5376 |ParentID: 2892)
C:\Windows\system32\SearchFilterHost.exe (ID: 3152 |ParentID: 2892)
C:\Windows\system32\wbem\wmiprvse.exe (ID: 4948 |ParentID: 740)
################## | Regedit Run |
F2 - HKLM\..\Winlogon : [Shell] explorer.exe
F2 - [64bit] HKLM\..\Winlogon : [Shell] explorer.exe
F2 - HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe,
F2 - [64bit] HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe,
04 - HKCU\..\Run : []
04 - HKLM\..\Run : [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
04 - HKLM\..\RunOnce : []
04 - HKU\S-1-5-19\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-20\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-21-494048827-1650175510-1422529119-1000\..\Run : []
04 - HKU\S-1-5-21-494048827-1650175510-1422529119-1004\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-21-494048827-1650175510-1422529119-1004\..\Run : [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
04 - HKU\S-1-5-19\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-20\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-21-494048827-1650175510-1422529119-1004\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
################## | Recherche g�n�rique |
Pr�sent! C:\Windows\system32\secushr.dat
Pr�sent! C:\Windows\rundl132.exe
Pr�sent! I:\ipak
################## | Registre |
Pr�sent! HKU\S-1-5-21-494048827-1650175510-1422529119-1004\Software\PowerPack
################## | E.O.F | http://www.usbfix.net/ - http://www.sosvirus.net |