cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

############################## | UsbFix V 7.167 | [Research]

User: Christophe (Administrator) # PC-CHRISTOPHE
Updated 13/03/2014 by El Desaparecido - Team SosVirus
Started at 06:41:52 | 20/03/2014

Website : http://www.en.usbfix.net/
Changelog : http://www.en.usbfix.net/changelog/
Support : http://en.kioskea.net/forum/viruses-security-7
Upload Malware : http://www.sosvirus.net/upload_malware.php
Contact : http://www.en.usbfix.net/contact/

PC: Hewlett-Packard (7008)
CPU: Intel(R) Core(TM) i5 CPU M 540 @ 2.53GHz
RAM -> [Total : 1903 Mo| Free : 611 Mo]
Bios: Hewlett-Packard
Boot: Normal boot

OS: Microsoft Windows 7 Professional (6.1.7601 32-Bit) Service Pack 1
WB: Windows Internet Explorer : 11.0.9600.16428
WB: Mozilla Firefox : 27.0.1

SC: Security Center [Enabled]
WU: Windows Update [Enabled]
AV: Microsoft Security Essentials [Enabled | Updated]
AS: Windows Defender [(!) Disabled | (!) Outdated]
AS: Microsoft Security Essentials [Enabled | Updated]
FW: Windows FireWall [Enabled]

C:\ (%systemdrive%) -> Fixed drive # 111 Gb (69 Mb free - 62%) [] # NTFS
D:\ -> Fixed drive # 104 Gb (52 Mb free - 50%) [DATA] # NTFS
E:\ -> Removable drive # 7 Gb (407 Mb free - 5%) [MYLINUXLIVE] # FAT32
F:\ -> Fixed drive # 2 Gb (2 Mb free - 78%) [HP_TOOLS] # FAT32

################## | Active Processes |

C:\windows\system32\csrss.exe (ID: 488 |ParentID: 444)
C:\windows\system32\wininit.exe (ID: 544 |ParentID: 444)
C:\windows\system32\csrss.exe (ID: 552 |ParentID: 536)
C:\windows\system32\services.exe (ID: 600 |ParentID: 544)
C:\windows\system32\lsass.exe (ID: 612 |ParentID: 544)
C:\windows\system32\lsm.exe (ID: 624 |ParentID: 544)
C:\windows\system32\svchost.exe (ID: 724 |ParentID: 600)
C:\windows\system32\svchost.exe (ID: 800 |ParentID: 600)
c:\Program Files\Microsoft Security Client\MsMpEng.exe (ID: 860 |ParentID: 600)
C:\windows\system32\winlogon.exe (ID: 908 |ParentID: 536)
C:\windows\System32\svchost.exe (ID: 1016 |ParentID: 600)
C:\windows\System32\svchost.exe (ID: 1056 |ParentID: 600)
C:\windows\system32\svchost.exe (ID: 1104 |ParentID: 600)
C:\windows\system32\svchost.exe (ID: 1136 |ParentID: 600)
C:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9ce7180b73fb7a7d\STacSV.exe (ID: 1164 |ParentID: 600)
C:\windows\system32\svchost.exe (ID: 1320 |ParentID: 600)
C:\windows\system32\Hpservice.exe (ID: 1576 |ParentID: 600)
C:\windows\system32\vcsFPService.exe (ID: 1612 |ParentID: 600)
C:\windows\system32\svchost.exe (ID: 1668 |ParentID: 600)
C:\windows\System32\spoolsv.exe (ID: 1788 |ParentID: 600)
C:\windows\system32\svchost.exe (ID: 1844 |ParentID: 600)
C:\windows\system32\svchost.exe (ID: 1876 |ParentID: 600)
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (ID: 1984 |ParentID: 600)
C:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9ce7180b73fb7a7d\aestsrv.exe (ID: 2036 |ParentID: 600)
C:\Program Files\LSI SoftModem\agrsmsvc.exe (ID: 120 |ParentID: 600)
C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (ID: 404 |ParentID: 600)
C:\Program Files\Common Files\DeviceHelper\DeviceManager.exe (ID: 664 |ParentID: 600)
C:\Program Files\Hewlett-Packard\HP SkyRoom\Hp.Skyroom.Windows.Service.exe (ID: 1132 |ParentID: 600)
C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe (ID: 1528 |ParentID: 600)
C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (ID: 1608 |ParentID: 600)
C:\Program Files\CDBurnerXP\NMSAccessU.exe (ID: 2056 |ParentID: 600)
C:\windows\system32\svchost.exe (ID: 2152 |ParentID: 600)
C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe (ID: 2184 |ParentID: 600)
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (ID: 2244 |ParentID: 600)
C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe (ID: 2272 |ParentID: 600)
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (ID: 2656 |ParentID: 2244)
C:\windows\system32\SearchIndexer.exe (ID: 2776 |ParentID: 600)
C:\windows\system32\svchost.exe (ID: 2836 |ParentID: 600)
c:\Program Files\Microsoft Security Client\NisSrv.exe (ID: 3140 |ParentID: 600)
C:\windows\system32\taskhost.exe (ID: 3848 |ParentID: 600)
C:\windows\system32\Dwm.exe (ID: 3904 |ParentID: 1056)
C:\windows\Explorer.EXE (ID: 3936 |ParentID: 3872)
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe (ID: 3248 |ParentID: 3936)
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (ID: 3240 |ParentID: 3936)
C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe (ID: 3284 |ParentID: 3936)
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (ID: 3296 |ParentID: 3936)
C:\Windows\System32\igfxtray.exe (ID: 1096 |ParentID: 3936)
C:\Windows\System32\hkcmd.exe (ID: 3412 |ParentID: 3936)
C:\Windows\System32\igfxpers.exe (ID: 3420 |ParentID: 3936)
C:\Program Files\IDT\WDM\sttray.exe (ID: 3516 |ParentID: 3936)
C:\Program Files\HSPA USB MODEM\ModemListener.exe (ID: 3572 |ParentID: 3936)
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (ID: 3596 |ParentID: 3296)
C:\Program Files\Microsoft Security Client\msseces.exe (ID: 392 |ParentID: 3936)
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (ID: 3984 |ParentID: 3936)
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe (ID: 4076 |ParentID: 3248)
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe (ID: 4040 |ParentID: 600)
C:\windows\system32\wbem\wmiprvse.exe (ID: 964 |ParentID: 724)
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe (ID: 1176 |ParentID: 724)
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe (ID: 172 |ParentID: 600)
C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (ID: 2960 |ParentID: 600)
C:\Program Files\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe (ID: 1440 |ParentID: 3428)
C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe (ID: 3432 |ParentID: 600)
C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (ID: 4100 |ParentID: 600)
C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe (ID: 4152 |ParentID: 600)
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe (ID: 4272 |ParentID: 600)
C:\windows\system32\wbem\wmiprvse.exe (ID: 4420 |ParentID: 724)
C:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe (ID: 4700 |ParentID: 600)
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe (ID: 5348 |ParentID: 3400)
C:\Program Files\Hewlett-Packard\Shared\hpCaslNotification.exe (ID: 5660 |ParentID: 5348)
C:\windows\system32\wuauclt.exe (ID: 3452 |ParentID: 1136)
C:\Program Files\Mozilla Firefox\firefox.exe (ID: 4028 |ParentID: 3936)
C:\Program Files\Mozilla Firefox\plugin-container.exe (ID: 5248 |ParentID: 4028)
C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe (ID: 2328 |ParentID: 5248)
C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe (ID: 3400 |ParentID: 2328)
C:\Windows\System32\dinotify.exe (ID: 5932 |ParentID: 3048)
c:\Program Files\Microsoft Security Client\MpCmdRun.exe (ID: 2092 |ParentID: 2208)
C:\windows\System32\WUDFHost.exe (ID: 3392 |ParentID: 1056)
C:\windows\system32\SearchProtocolHost.exe (ID: 3736 |ParentID: 2776)
C:\windows\system32\SearchFilterHost.exe (ID: 1336 |ParentID: 2776)

################## | Regedit Run |

F2 - HKLM\..\Winlogon : [Shell] explorer.exe
F2 - [64bit] HKLM\..\Winlogon : [Shell] explorer.exe
F2 - HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe,
F2 - [64bit] HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe,
04 - HKLM\..\Run : [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
04 - HKLM\..\Run : [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
04 - HKLM\..\Run : [HPPowerAssistant] C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe /hidden
04 - HKLM\..\Run : [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
04 - HKLM\..\Run : [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe /hidden
04 - HKLM\..\Run : [IgfxTray] C:\windows\system32\igfxtray.exe
04 - HKLM\..\Run : [HotKeysCmds] C:\windows\system32\hkcmd.exe
04 - HKLM\..\Run : [Persistence] C:\windows\system32\igfxpers.exe
04 - HKLM\..\Run : [IMSS] "C:\Program Files\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
04 - HKLM\..\Run : [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe
04 - HKLM\..\Run : [ModemListener] C:\Program Files\HSPA USB MODEM\ModemListener.exe start
04 - HKLM\..\Run : [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
04 - HKLM\..\Run : [Malwarebytes' Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
04 - HKLM\..\Run : [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"
04 - HKLM\..\Run : [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
04 - HKLM\..\RunOnce : []
04 - HKLM\..\RunServices : [SystemTra] C:\windows\SysTra.EXE
04 - HKU\S-1-5-19\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-20\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-19\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-20\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe

################## | Generic Research |

Found ! E:\flashmemory.vbe
Found ! E:\autorun.lnk
Found ! E:\md5sum.lnk
Found ! E:\mint4win.lnk
Found ! E:\ldlinux.lnk
Found ! E:\lili.lnk
Found ! E:\img805.lnk
Found ! E:\CHANTEUR.lnk
Found ! E:\AIRBASE.lnk
Found ! E:\A0C155F4.lnk
Found ! E:\img461.lnk
Found ! E:\BOOTEX.lnk
Found ! E:\.lnk
Found ! E:\Real.lnk
Found ! E:\Remove_LiLi.lnk
Found ! E:\boot.lnk
Found ! E:\SmartClean.lnk
Found ! E:\[ www.lnk
Found ! E:\20131029_144556.lnk
Found ! E:\realtions famillial.lnk
Found ! E:\CURRICULUM_VITAE.lnk
Found ! E:\programation.lnk
Found ! E:\CHANTEUR (base de donn�e).lnk
Found ! E:\1078251_10151712351392226_2131050374_n.lnk
Found ! E:\IntegraleBG.lnk
Found ! E:\casper.lnk
Found ! E:\projet python.lnk
Found ! E:\exposer petit.lnk
Found ! E:\.disk.lnk
Found ! E:\DEMANDE-BOURSE-ETUDIANT.lnk
Found ! E:\dists.lnk
Found ! E:\install.lnk
Found ! E:\Fuse_ODG-Antenna.lnk
Found ! E:\syslinux.lnk
Found ! E:\Oliver_Twist_-_Dbanj.lnk
Found ! E:\Little Princess Drumkit Essai.lnk
Found ! E:\little princess 24.lnk
Found ! E:\tones of hug.lnk
Found ! E:\transformation_carte.lnk
Found ! E:\CURRICULUM VITAE.lnk
Found ! E:\expos� Sandrin.lnk
Found ! E:\Calendrier_2013-2014.lnk
Found ! E:\Sandrin ATHELE Lettre ECOplus TV.lnk
Found ! E:\devoir de phylosophie.lnk
Found ! E:\Konshens_-_Gal_A_Bubble__Raw_.lnk
Found ! E:\This is me and my guitar.lnk
Found ! E:\Girl_Ft_Wizkid_Bracket__oknaija_com_.lnk
Found ! E:\Sandrin ATHELE Lettre sorbonne.lnk
Found ! E:\P-Square_01_Beautiful_Onyinye_feat_Rick_Ross.lnk
Found ! E:\Bracket_-_Looking_At_You__oknaija_com_.lnk
Found ! E:\Bracket_ft_P-square-No_Time.lnk
Found ! E:\Fuse_ODG_ft_Tiffany-Azonto.lnk
Found ! E:\This is me.lnk
Found ! E:\Sandrin 001.lnk
Found ! E:\PDA_HABITATION_00000128041V904.lnk
Found ! E:\Nelson Mandela madiba.lnk
Found ! E:\Unaware - Allen Stone - Live From His Mother's Living Room.lnk
Found ! E:\John Legend & the Roots - Wake Up Everybody (Feat.lnk
Found ! E:\devoi today.lnk
Found ! E:\Yael Naim - Come Home.lnk
Found ! E:\ATHELE SANDRIN.lnk
Found ! E:\Argumentaire du cours de Phylosophie fin.lnk
Found ! E:\Yannick Noah;ASA - Hello.lnk
Found ! E:\Corneille - mal de coeur.lnk
Found ! E:\Selah Sue - Raggamuffin.lnk
Found ! E:\Brochure_2012-2013_M_Philo_socio_Cons-_edit-_gest-_conn-_2012-09-19_.lnk
Found ! E:\2013-2014-Formulaire M1 R.lnk
Found ! E:\dossier_PHISOC6.lnk
Found ! E:\1098469_10151855477037498_94886404_n.lnk
Found ! E:\Fiche_pedagogiques_inscriptions_en_master_1.lnk
Found ! E:\Syllabus M1 TD anglais semestre 1.lnk
Found ! E:\preseed.lnk
Found ! E:\VirtualBox.lnk
Found ! E:\Contacts.lnk
Found ! E:\Mike Tyson - Undisputed Truth [2013] HDRip XViD-ETRG.lnk
Found ! E:\VOIX 28 sept.lnk
Found ! E:\.Spotlight-V100.lnk
Found ! E:\1 SONS SON SON.lnk
Found ! E:\Real.Husbands.Of.Hollywood.S02E06.HDTV.x264-CRiMSON[rarbg].lnk
Found ! E:\[ www.Torrenting.com ] - Second.Generation.Wayans.S01E10.720p.HDTV.x264-2HD.lnk
Found ! E:\sankofa.lnk
Found ! E:\[ www.TorrentDay.com ] - Second.Generation.Wayans.S01E09.HDTV.x264-2HD.lnk
Found ! E:\Real.Husbands.Of.Hollywood.lnk
Found ! E:\Robin Thicke - Love After War (Deluxe Version).lnk
Found ! E:\Autorun.inf.lnk
Found ! E:\Real.Husbands.Of.Hollywood.S02E09.HDTV.x264-CRiMSON [GloTV].lnk
Found ! E:\studio session.lnk
Found ! E:\augmenterlataille.lnk
Found ! E:\bye-bye-friend-zone.lnk
Found ! E:\POGGE - Entretien dividende.lnk
Found ! E:\POGGE - Porter assistance aux pauvres du monde.lnk

################## | Registry |

Found ! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System|EnableLUA -> 0
Found ! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System|ConsentPromptBehaviorAdmin -> 0
Found ! HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowMyGames -> 0

################## | E.O.F | http://www.en.usbfix.net/ - http://www.sosvirus.net |

Publicité


Signaler le contenu de ce document

Publicité