cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

############################## | UsbFix V 7.169 | [Suppression]

Utilisateur: naruto (Administrateur) # PC-HP
Mis � jour le 31/03/2014 par El Desaparecido - Team SosVirus
Lanc� � 16:07:09 | 04/05/2014

Site Web : http://www.usbfix.net/
Changelog : http://www.usbfix.net/maj/
Support : http://www.sosvirus.net/forum-virus-securite.html
Upload Malware : http://www.sosvirus.net/upload_malware.php
Contact : http://www.usbfix.net/contact/

PC: Quanta (306A)
CPU: Intel(R) Pentium(R) Dual CPU T3400 @ 2.16GHz
RAM -> [Total : 3069 Mo| Free : 1693 Mo]
Bios: Hewlett-Packard
Boot: Normal boot

OS: Microsoft Windows 8.1 Professionnel (6.3.9600 64-Bit)
WB: Windows Internet Explorer : 11.0.9600.17105
WB: Google Chrome : 34.0.1847.116
WB: Mozilla Firefox : 28.0

SC: Security Center [Enabled]
WU: Windows Update [Enabled]
AV: Windows Defender [(!) Disabled | Updated]
AV: avast! Antivirus [(!) Disabled | Updated]
AS: Windows Defender [(!) Disabled | Updated]
AS: avast! Antivirus [(!) Disabled | Updated]
FW: Windows FireWall [(!) Disabled]

C:\ (%systemdrive%) -> Disque fixe # 180 Go (127 Go libre(s) - 71%) [] # NTFS
D:\ -> Disque fixe # 53 Go (44 Go libre(s) - 84%) [] # NTFS
E:\ -> CD-ROM
F:\ -> Disque amovible # 4 Go (3 Go libre(s) - 79%) [] # FAT32

################## | Processus Actif |

C:\Windows\system32\wininit.exe (ID: 516 |ParentID: 412)
C:\Windows\system32\lsass.exe (ID: 576 |ParentID: 516)
C:\Windows\system32\winlogon.exe (ID: 600 |ParentID: 508)
C:\Windows\system32\svchost.exe (ID: 680 |ParentID: 568)
C:\Windows\system32\svchost.exe (ID: 724 |ParentID: 568)
C:\Windows\system32\dwm.exe (ID: 824 |ParentID: 600)
C:\Windows\system32\nvvsvc.exe (ID: 880 |ParentID: 568)
C:\Windows\system32\nvvsvc.exe (ID: 916 |ParentID: 880)
C:\Windows\System32\svchost.exe (ID: 940 |ParentID: 568)
C:\Windows\System32\svchost.exe (ID: 996 |ParentID: 568)
C:\Windows\system32\svchost.exe (ID: 1012 |ParentID: 568)
C:\Windows\system32\svchost.exe (ID: 264 |ParentID: 568)
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (ID: 972 |ParentID: 880)
C:\Windows\system32\svchost.exe (ID: 1216 |ParentID: 568)
C:\Program Files\AVAST Software\Avast\AvastSvc.exe (ID: 1304 |ParentID: 568)
C:\Windows\System32\spoolsv.exe (ID: 1404 |ParentID: 568)
C:\Windows\system32\svchost.exe (ID: 1452 |ParentID: 568)
C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (ID: 1976 |ParentID: 568)
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (ID: 2028 |ParentID: 568)
C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe (ID: 736 |ParentID: 568)
C:\Windows\system32\svchost.exe (ID: 1192 |ParentID: 568)
C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe (ID: 1092 |ParentID: 568)
C:\Windows\Explorer.EXE (ID: 2268 |ParentID: 2256)
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (ID: 2276 |ParentID: 2028)
C:\Windows\system32\conhost.exe (ID: 2284 |ParentID: 2276)
C:\Windows\system32\taskhostex.exe (ID: 2308 |ParentID: 1012)
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (ID: 2444 |ParentID: 2388)
C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe (ID: 2600 |ParentID: 1092)
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (ID: 2964 |ParentID: 972)
C:\Program Files (x86)\BetterDesktopTool\BetterDesktopTool.exe (ID: 3036 |ParentID: 1012)
C:\Windows\system32\SearchIndexer.exe (ID: 352 |ParentID: 568)
C:\Windows\system32\svchost.exe (ID: 1052 |ParentID: 568)
C:\Windows\system32\svchost.exe (ID: 1752 |ParentID: 568)
C:\Windows\System32\WUDFHost.exe (ID: 820 |ParentID: 996)
C:\Windows\System32\skydrive.exe (ID: 3192 |ParentID: 680)
C:\Program Files (x86)\Internet Download Manager\IDMan.exe (ID: 3544 |ParentID: 2268)
C:\Users\naruto\AppData\Local\FluxSoftware\Flux\flux.exe (ID: 3592 |ParentID: 2268)
C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe (ID: 3608 |ParentID: 3544)
C:\Program Files\AVAST Software\Avast\AvastUI.exe (ID: 3796 |ParentID: 3632)
C:\Program Files (x86)\Razer\Razer Game Booster\main.exe (ID: 3812 |ParentID: 736)
C:\Windows\System32\SettingSyncHost.exe (ID: 2524 |ParentID: 680)
C:\Program Files (x86)\Mozilla Firefox\firefox.exe (ID: 4472 |ParentID: 2268)
C:\Program Files (x86)\BetterDesktopTool\BetterDesktopToolServer.exe (ID: 3576 |ParentID: 3036)
C:\Windows\SysWOW64\ctfmon.exe (ID: 1168 |ParentID: 3796)
C:\Windows\system32\wbem\wmiprvse.exe (ID: 1096 |ParentID: 680)
C:\Windows\system32\SearchProtocolHost.exe (ID: 4012 |ParentID: 352)
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe (ID: 2212 |ParentID: 4472)
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe (ID: 5032 |ParentID: 2212)
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe (ID: 4036 |ParentID: 5032)
C:\Windows\system32\SearchFilterHost.exe (ID: 984 |ParentID: 352)
C:\Windows\system32\wbem\wmiprvse.exe (ID: 4964 |ParentID: 680)

################## | Recherche g�n�rique |

Supprim�! C:\Users\naruto\AppData\Roaming\Desktop.vbs
Supprim�! C:\Users\naruto\AppData\Roaming\SYS.VBS
Supprim�! C:\Users\naruto\AppData\Roaming\WinHelp.vbs
Supprim�! C:\Users\naruto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Desktop.vbs
Supprim�! C:\Users\naruto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\WinHelp.vbs
Supprim�! F:\SysBackUp.vbs
Supprim�! F:\SThumbDB.lnk
Supprim�! F:\Images.lnk
Supprim�! F:\Videos.lnk
Supprim�! F:\Sounds.lnk
Supprim�! F:\Other files.lnk
Supprim�! F:\System Volume Information.lnk
Supprim�! F:\FOUND.000.lnk
Supprim�! C:\Users\naruto\AppData\Roaming\FlashPlayer Install

(!) Fichiers temporaires supprim�s.

################## | Registre |

Supprim�! HKU\S-1-5-21-1876183623-1838350540-3026713826-1001\Software\Microsoft\Windows\CurrentVersion\Run|WinHelp

################## | Regedit Run |

F2 - HKLM\..\Winlogon : [Shell] explorer.exe
F2 - [x64] HKLM\..\Winlogon : [Shell] explorer.exe
F2 - HKLM\..\Winlogon : [Userinit] userinit.exe,
F2 - [x64] HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe,
04 - HKCU\..\Run : [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot
04 - HKCU\..\Run : [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
04 - HKCU\..\Run : [367d8aa305eb8e84cad21c38ee58cc14] ..
04 - HKCU\..\Run : [f.lux] "C:\Users\naruto\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
04 - HKLM\..\Run : [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
04 - HKLM\..\Run : [RazerGameBooster] C:\Program Files (x86)\Razer\Razer Game Booster\RazerGameBooster.exe -autorun
04 - HKLM\..\Run : [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
04 - HKLM\..\Run : [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
04 - HKLM\..\RunOnce : []
04 - [x64] HKLM\..\Run : [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
04 - [x64] HKLM\..\Run : [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
04 - [x64] HKLM\..\Run : [ShadowPlay] C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
04 - HKU\S-1-5-21-1876183623-1838350540-3026713826-1001\..\Run : [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot
04 - HKU\S-1-5-21-1876183623-1838350540-3026713826-1001\..\Run : [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
04 - HKU\S-1-5-21-1876183623-1838350540-3026713826-1001\..\Run : [367d8aa305eb8e84cad21c38ee58cc14] ..
04 - HKU\S-1-5-21-1876183623-1838350540-3026713826-1001\..\Run : [f.lux] "C:\Users\naruto\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow

################## | Listing |

[21/04/2014 - 16:17:29 | SHD] - C:\$Recycle.Bin
[30/09/2013 - 05:24:45 | RASH | 389 Ko] - C:\bootmgr
[18/06/2013 - 13:18:29 | N | 0 Ko] - C:\BOOTNXT
[27/04/2014 - 19:41:01 | D] - C:\Config.Msi
[22/08/2013 - 15:45:52 | SHD] - C:\Documents and Settings
[04/05/2014 - 15:35:17 | ASH | 2514064 Ko] - C:\hiberfil.sys
[17/04/2014 - 17:18:26 | RHD] - C:\MSOCache
[04/05/2014 - 15:35:22 | ASH | 3145728 Ko] - C:\pagefile.sys
[22/08/2013 - 16:22:35 | D] - C:\PerfLogs
[04/05/2014 - 13:06:29 | N | 1 Ko] - C:\PhysicalDisk0_MBR.bin
[27/04/2014 - 11:47:18 | D] - C:\Program Files
[04/05/2014 - 15:16:58 | D] - C:\Program Files (x86)
[27/04/2014 - 12:37:35 | HD] - C:\ProgramData
[18/03/2014 - 11:56:26 | SHD] - C:\Recovery
[21/04/2014 - 16:17:25 | D] - C:\Riot Games
[04/05/2014 - 15:55:38 | D] - C:\Shortcut_Module
[04/05/2014 - 15:35:22 | ASH | 262144 Ko] - C:\swapfile.sys
[03/05/2014 - 23:01:44 | SHD] - C:\System Volume Information
[18/03/2014 - 15:53:46 | D] - C:\temp
[03/05/2014 - 16:20:54 | D] - C:\The KMPlayer
[04/05/2014 - 15:58:49 | D] - C:\UsbFix
[04/05/2014 - 16:09:07 | A | 9 Ko | F38C35E1E1C46CF6F87135858D357676] - C:\UsbFix [Clean 2] PC-HP.txt
[04/05/2014 - 16:04:25 | N | 8 Ko | FCD142E99450B90EEE67702530E47452] - C:\UsbFix [Scan 1] PC-HP.txt
[18/03/2014 - 12:00:39 | D] - C:\Users
[03/05/2014 - 15:26:29 | D] - C:\Windows
[21/04/2014 - 16:17:29 | SHD] - D:\$RECYCLE.BIN
[11/03/2014 - 10:38:02 | D] - D:\ayoub D
[10/03/2014 - 00:21:02 | SHD] - D:\System Volume Information
[06/01/1980 - 00:11:18 | D] - F:\Images
[06/01/1980 - 00:11:18 | D] - F:\Videos
[06/01/1980 - 00:11:18 | D] - F:\Sounds
[06/01/1980 - 00:11:18 | D] - F:\Other files
[03/05/2014 - 18:46:50 | N | 1408 Ko] - F:\SThumbDB.tdb
[21/04/2014 - 21:39:44 | SHD] - F:\System Volume Information
[21/04/2014 - 12:02:48 | D] - F:\FOUND.000

################## | Vaccin |

D:\Autorun.inf -> Vaccin cr�� par UsbFix (El Desaparecido)
F:\Autorun.inf -> Vaccin cr�� par UsbFix (El Desaparecido)

################## | E.O.F | http://www.usbfix.net/ - http://www.sosvirus.net |

Publicité


Signaler le contenu de ce document

Publicité