cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

[b]############################## | UsbFix V 7.173 | [Recherche][/b]

Utilisateur: rafano (Administrateur) # RAFANO-PC
Mis � jour le 04/07/2014 par El Desaparecido - SosVirus
Lanc� � 22:57:10 | 04/07/2014

Site Web : [url=http://www.usbfix.net/]http://www.usbfix.net/[/url]
Changelog : [url=http://www.usbfix.net/maj/]http://www.usbfix.net/maj/[/url]
Assistance : [url=http://www.sosvirus.net/forum-virus-securite.html]http://www.sosvirus.net/forum-virus-securite.html[/url]
Upload Malware : [url=http://www.sosvirus.net/upload_malware.php]http://www.sosvirus.net/upload_malware.php[/url]
Contact : [url=http://www.usbfix.net/contact/]http://www.usbfix.net/contact/[/url]

[b]################## | System information |[/b]

MB: ASUSTeK COMPUTER INC. (Z87-K)
CPU: Intel(R) Core(TM) i5-4570 CPU @ 3.20GHz
GC: NVIDIA GeForce GTX 760
RAM -> [Total : 12227 Mo | Free : 9782 Mo]
Bios: American Megatrends Inc.
Boot: Normal boot

OS: Microsoft� Windows 7 Ultimate (6.1.7601 64-Bit) Service Pack 1
WB: Internet Explorer : 11.00.9600.16428
WB: Google Chrome : 35.0.1916.153

[b]################## | Security Information |[/b]

AV: avast! Antivirus [Actif |A jour]
AS: Windows Defender [Actif |A jour]
AS: avast! Antivirus [Actif |A jour]
FW: avast! Antivirus [[b](!) D�sactiv�[/b]]
FW: Windows Firewall [[b](!) D�sactiv�[/b]]
SC: Security Center [Actif]
WU: Windows Update [Actif]

[b]################## | Disk Information |[/b]

C:\ (%SystemDrive%) -> Disque fixe # 931 Go (347 Go libre(s) - 37%) [logciel+windows] # NTFS
E:\ -> Disque fixe # 932 Go (566 Go libre(s) - 61%) [Disque dur Marc] # NTFS

[b]################## | Processus Actif |[/b]

C:\Windows\System32\smss.exe (ID: 408|ParentID: 4|Syst�me)
C:\Windows\System32\wininit.exe (ID: 672|ParentID: 600)
C:\Windows\System32\winlogon.exe (ID: 740|ParentID: 684)
C:\Windows\System32\services.exe (ID: 788|ParentID: 672)
C:\Windows\System32\lsass.exe (ID: 796|ParentID: 672)
C:\Windows\System32\lsm.exe (ID: 808|ParentID: 672)
C:\Windows\System32\svchost.exe (ID: 900|ParentID: 788)
C:\Windows\System32\nvvsvc.exe (ID: 972|ParentID: 788)
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (ID: 996|ParentID: 788)
C:\Windows\System32\svchost.exe (ID: 164|ParentID: 788)
C:\Windows\System32\svchost.exe (ID: 604|ParentID: 788)
C:\Windows\System32\svchost.exe (ID: 460|ParentID: 788)
C:\Windows\System32\svchost.exe (ID: 1028|ParentID: 788)
C:\Windows\System32\svchost.exe (ID: 1052|ParentID: 788)
C:\Windows\System32\svchost.exe (ID: 1284|ParentID: 788)
C:\Program Files\AVAST Software\Avast\AvastSvc.exe (ID: 1396|ParentID: 788)
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (ID: 1472|ParentID: 972)
C:\Windows\System32\nvvsvc.exe (ID: 1480|ParentID: 972)
C:\Windows\System32\dwm.exe (ID: 1600|ParentID: 460|rafano)
C:\Windows\explorer.exe (ID: 1632|ParentID: 1592|rafano)
C:\Windows\System32\spoolsv.exe (ID: 1900|ParentID: 788)
C:\Windows\System32\taskhost.exe (ID: 1928|ParentID: 788|rafano)
C:\Windows\System32\svchost.exe (ID: 1948|ParentID: 788)
C:\Program Files (x86)\ASUS\AXSP\1.01.01\atkexComSvc.exe (ID: 1248|ParentID: 788)
C:\Program Files\Intel\iCLS Client\HeciServer.exe (ID: 2420|ParentID: 788)
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (ID: 2448|ParentID: 1632|rafano)
C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe (ID: 2632|ParentID: 788)
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (ID: 2692|ParentID: 1632|rafano)
C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (ID: 2700|ParentID: 788)
C:\Users\rafano\AppData\Local\Akamai\netsession_win.exe (ID: 2784|ParentID: 1632|rafano)
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (ID: 2792|ParentID: 788)
C:\Users\rafano\AppData\Local\Akamai\netsession_win.exe (ID: 2852|ParentID: 2784|rafano)
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (ID: 2872|ParentID: 2792)
C:\Windows\System32\conhost.exe (ID: 2880|ParentID: 696)
C:\Windows\SysWOW64\PnkBstrA.exe (ID: 2912|ParentID: 788)
C:\Windows\System32\svchost.exe (ID: 2552|ParentID: 788)
C:\Program Files (x86)\BrowseMark\updateBrowseMark.exe (ID: 3120|ParentID: 788)
C:\Program Files (x86)\BrowseMark\bin\utilBrowseMark.exe (ID: 3200|ParentID: 788)
C:\Users\rafano\AppData\Roaming\cacaoweb\cacaoweb.exe (ID: 3488|ParentID: 1632|rafano)
C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe (ID: 3604|ParentID: 900|rafano)
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (ID: 3692|ParentID: 788)
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (ID: 3896|ParentID: 3692)
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (ID: 3924|ParentID: 3496|rafano)
C:\Program Files\AVAST Software\Avast\avastui.exe (ID: 3932|ParentID: 3496|rafano)
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (ID: 3956|ParentID: 1472|rafano)
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (ID: 3968|ParentID: 788)
C:\Program Files (x86)\Ozone Blade Keyboard\Monitor.EXE (ID: 4016|ParentID: 3496|rafano)
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (ID: 4068|ParentID: 3496|rafano)
C:\Program Files (x86)\Boxore\BoxoreClient\boxore.exe (ID: 1596|ParentID: 3496|rafano)
C:\Program Files (x86)\Boxore\BoxoreClient\boxore.exe (ID: 3504|ParentID: 1596|rafano)
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (ID: 1424|ParentID: 3968|rafano)
C:\Program Files (x86)\Ozone Blade Keyboard\OSD.exe (ID: 3756|ParentID: 4016|rafano)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 4308|ParentID: 1632|rafano)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 4424|ParentID: 4308|rafano)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 4560|ParentID: 4308|rafano)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 4664|ParentID: 4308|rafano)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 4740|ParentID: 4308|rafano)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 3780|ParentID: 4308|rafano)
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (ID: 4680|ParentID: 2616|rafano)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 4432|ParentID: 4308|rafano)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 256|ParentID: 4308|rafano)
C:\Windows\System32\SearchIndexer.exe (ID: 4972|ParentID: 788)
C:\Windows\System32\svchost.exe (ID: 1492|ParentID: 788)
C:\Windows\System32\svchost.exe (ID: 1048|ParentID: 788)
C:\Windows\System32\svchost.exe (ID: 2596|ParentID: 788)
C:\Program Files\Windows Media Player\wmpnetwk.exe (ID: 5200|ParentID: 788)
C:\Windows\System32\svchost.exe (ID: 5628|ParentID: 788)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 6380|ParentID: 4308|rafano)
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (ID: 7000|ParentID: 788)
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (ID: 7088|ParentID: 788)
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (ID: 7128|ParentID: 788)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 5916|ParentID: 4308|rafano)
C:\UsbFix\UsbFix.exe (ID: 2232|ParentID: 1632|rafano)
C:\Windows\System32\audiodg.exe (ID: 6852|ParentID: 604)
C:\Windows\System32\SearchProtocolHost.exe (ID: 3816|ParentID: 4972)
C:\Windows\System32\SearchFilterHost.exe (ID: 5808|ParentID: 4972|Syst�me)

[b]################## | Autorun |[/b]


[b]################## | Regedit Run |[/b]

F2 - HKLM\..\Winlogon : [Shell] explorer.exe
F2 - [x64] HKLM\..\Winlogon : [Shell] explorer.exe
F2 - HKLM\..\Winlogon : [Userinit] userinit.exe
F2 - [x64] HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe,
04 - HKCU\..\Run : [Browser Tab Search by Askx64] "C:\Program Files (x86)\Browser Tab Search by Ask\SafetyNut\BrowserTabSearch\msbloader64.exe"
04 - HKCU\..\Run : [Akamai NetSession Interface] "C:\Users\rafano\AppData\Local\Akamai\netsession_win.exe"
04 - HKCU\..\Run : [CAHeadless] C:\Program Files (x86)\Adobe\Elements 12 Organizer\CAHeadless\ElementsAutoAnalyzer.exe
04 - HKCU\..\Run : [cacaoweb] "C:\Users\rafano\AppData\Roaming\cacaoweb\cacaoweb.exe" -noplayer
04 - HKLM\..\Run : [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
04 - HKLM\..\Run : [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
04 - HKLM\..\Run : [Ozone Blade Keyboard] "C:\Program Files (x86)\Ozone Blade Keyboard\Monitor.exe"
04 - HKLM\..\Run : [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
04 - HKLM\..\Run : [Boxore Client] C:\Program Files (x86)\Boxore\BoxoreClient\boxore.exe
04 - HKLM\..\Run : [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
04 - [x64] HKLM\..\Run : [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
04 - [x64] HKLM\..\Run : [IAStorIcon] "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
04 - [x64] HKLM\..\Run : [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
04 - [x64] HKLM\..\Run : [ShadowPlay] C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
04 - HKU\S-1-5-19\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-20\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-21-1351266739-90841147-23989162-1000\..\Run : [Browser Tab Search by Askx64] "C:\Program Files (x86)\Browser Tab Search by Ask\SafetyNut\BrowserTabSearch\msbloader64.exe"
04 - HKU\S-1-5-21-1351266739-90841147-23989162-1000\..\Run : [Akamai NetSession Interface] "C:\Users\rafano\AppData\Local\Akamai\netsession_win.exe"
04 - HKU\S-1-5-21-1351266739-90841147-23989162-1000\..\Run : [CAHeadless] C:\Program Files (x86)\Adobe\Elements 12 Organizer\CAHeadless\ElementsAutoAnalyzer.exe
04 - HKU\S-1-5-21-1351266739-90841147-23989162-1000\..\Run : [cacaoweb] "C:\Users\rafano\AppData\Roaming\cacaoweb\cacaoweb.exe" -noplayer
04 - HKU\S-1-5-19\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-20\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe

[b]################## | Recherche g�n�rique |[/b]

Pr�sent! C:\Users\rafano\AppData\Local\Temp\AutoRun.exe

[b]################## | Registre |[/b]

Pr�sent! HKCU\Software\DC3_FEXEC
Pr�sent! HKU\S-1-5-21-1351266739-90841147-23989162-1000\Software\DC3_FEXEC
Pr�sent! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe
Pr�sent! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe
Pr�sent! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DatamngrCoordinator.exe
Pr�sent! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe
Pr�sent! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe
Pr�sent! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rjatydimofu.exe
Pr�sent! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe
Pr�sent! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe
Pr�sent! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe
Pr�sent! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe
Pr�sent! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe
Pr�sent! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe

[b]################## | E.O.F | [url=http://www.sosvirus.net/]http://www.sosvirus.net/[/url] | [url=http://www.usbfix.net/]http://www.usbfix.net/[/url] |[/b]

Publicité


Signaler le contenu de ce document

Publicité