cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

############################## | UsbFix V 7.161 | [Recherche]

Utilisateur: Pc (Administrateur) # PC-PC
Mis � jour le 15/01/2014 par El Desaparecido - Team SosVirus
Lanc� � 00:39:00 | 16/05/2015

Site Web : http://www.usbfix.net
Changelog : http://www.usbfix.net/maj/
Support : http://www.sosvirus.net/
Upload Malware : http://www.sosvirus.net/upload_malware.php
Contact : http://www.usbfix.net/contact/

PC: MSI (PH61-P33 (MS-7732))
CPU: Intel(R) Core(TM) i3-3210 CPU @ 3.20GHz
RAM -> [Total : 8158 Mo| Free : 5449 Mo]
Bios: American Megatrends Inc.
Boot: Normal boot

OS: Microsoft Windows�7 �dition Int�grale (6.1.7601 64-Bit) Service Pack 1
WB: Windows Internet Explorer : 11.0.9600.17801
WB: Google Chrome : 42.0.2311.152
WB: Mozilla Firefox : 37.0.2

SC: Security Center Service [Enabled]
WU: Windows Update Service [Enabled]
AV: Microsoft Security Essentials Prerelease [Enabled | Updated]
AS: Windows Defender : 6.1.7600.16385 (win7_rtm.090713-1255)
FW: Windows FireWall Service [Enabled]

C:\ (%systemdrive%) -> Disque fixe # 488 Go (382 Go libre(s) - 78%) [] # NTFS
D:\ -> Disque fixe # 909 Go (680 Go libre(s) - 75%) [] # NTFS
E:\ -> CD-ROM
F:\ -> Disque amovible # 2 Go (551 Mo libre(s) - 29%) [RIDJAM] # FAT32

################## | Processus Actif |

C:\Windows\system32\csrss.exe (ID: 552 |ParentID: 460)
C:\Windows\system32\csrss.exe (ID: 624 |ParentID: 616)
C:\Windows\system32\wininit.exe (ID: 632 |ParentID: 460)
C:\Windows\system32\winlogon.exe (ID: 672 |ParentID: 616)
C:\Windows\system32\services.exe (ID: 728 |ParentID: 632)
C:\Windows\system32\lsass.exe (ID: 736 |ParentID: 632)
C:\Windows\system32\lsm.exe (ID: 744 |ParentID: 632)
C:\Windows\system32\svchost.exe (ID: 852 |ParentID: 728)
C:\Windows\system32\nvvsvc.exe (ID: 940 |ParentID: 728)
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (ID: 964 |ParentID: 728)
C:\Windows\system32\svchost.exe (ID: 1008 |ParentID: 728)
C:\Program Files\Microsoft Security Client\MsMpEng.exe (ID: 344 |ParentID: 728)
C:\Windows\System32\svchost.exe (ID: 812 |ParentID: 728)
C:\Windows\System32\svchost.exe (ID: 124 |ParentID: 728)
C:\Windows\system32\svchost.exe (ID: 1040 |ParentID: 728)
C:\Windows\system32\svchost.exe (ID: 1064 |ParentID: 728)
C:\Windows\system32\AUDIODG.EXE (ID: 1268 |ParentID: 812)
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (ID: 1404 |ParentID: 940)
C:\Windows\system32\nvvsvc.exe (ID: 1424 |ParentID: 940)
C:\Windows\system32\svchost.exe (ID: 1436 |ParentID: 728)
C:\Program Files\AVAST Software\Avast\AvastSvc.exe (ID: 1540 |ParentID: 728)
C:\Windows\system32\Dwm.exe (ID: 1676 |ParentID: 124)
C:\Windows\Explorer.EXE (ID: 1692 |ParentID: 1668)
C:\Windows\system32\taskeng.exe (ID: 1924 |ParentID: 1064)
C:\Windows\System32\spoolsv.exe (ID: 1944 |ParentID: 728)
C:\Windows\system32\taskhost.exe (ID: 1952 |ParentID: 728)
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (ID: 1984 |ParentID: 1692)
C:\Windows\system32\svchost.exe (ID: 1228 |ParentID: 728)
C:\Windows\system32\taskeng.exe (ID: 1600 |ParentID: 1064)
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (ID: 2136 |ParentID: 728)
C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (ID: 2216 |ParentID: 728)
C:\Program Files\Microsoft Security Client\msseces.exe (ID: 2256 |ParentID: 1692)
C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (ID: 2292 |ParentID: 728)
C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler.exe (ID: 2312 |ParentID: 1628)
C:\Windows\System32\svchost.exe (ID: 2388 |ParentID: 728)
C:\Program Files (x86)\Skype\Phone\Skype.exe (ID: 2440 |ParentID: 1692)
C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE (ID: 2472 |ParentID: 728)
C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE (ID: 2540 |ParentID: 728)
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (ID: 2704 |ParentID: 1404)
C:\Program Files\Intel\iCLS Client\HeciServer.exe (ID: 2780 |ParentID: 728)
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (ID: 2820 |ParentID: 728)
C:\Windows\system32\taskeng.exe (ID: 2904 |ParentID: 1064)
C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe (ID: 2948 |ParentID: 728)
C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe (ID: 2100 |ParentID: 2592)
C:\Program Files\AVAST Software\Avast\avastui.exe (ID: 1780 |ParentID: 2592)
C:\Windows\system32\svchost.exe (ID: 1648 |ParentID: 728)
C:\Program Files (x86)\HSPA USB Modem\HSPALauncher.exe (ID: 620 |ParentID: 2592)
C:\Program Files (x86)\USB Disk Security\USBGuard.exe (ID: 2668 |ParentID: 2592)
C:\Windows\system32\SearchIndexer.exe (ID: 3204 |ParentID: 728)
C:\Windows\system32\wbem\wmiprvse.exe (ID: 3216 |ParentID: 852)
C:\Program Files\Microsoft Security Client\NisSrv.exe (ID: 3432 |ParentID: 728)
C:\Program Files\Windows Media Player\wmpnetwk.exe (ID: 3768 |ParentID: 728)
C:\Windows\system32\svchost.exe (ID: 3968 |ParentID: 728)
C:\Windows\System32\WUDFHost.exe (ID: 3976 |ParentID: 124)
C:\Windows\system32\wbem\wmiprvse.exe (ID: 3588 |ParentID: 852)
C:\Windows\System32\svchost.exe (ID: 4076 |ParentID: 728)
C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe (ID: 4564 |ParentID: 728)
C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler64.exe (ID: 4752 |ParentID: 1628)
C:\Program Files\AVAST Software\Avast\ng\ngservice.exe (ID: 5044 |ParentID: 1540)
C:\Windows\system32\wbem\unsecapp.exe (ID: 5108 |ParentID: 852)
C:\Windows\system32\taskeng.exe (ID: 2688 |ParentID: 1064)
C:\Program Files\CCleaner\CCleaner64.exe (ID: 5608 |ParentID: 2996)
C:\Windows\system32\wbem\unsecapp.exe (ID: 5680 |ParentID: 852)
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (ID: 4940 |ParentID: 728)
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (ID: 1672 |ParentID: 728)
C:\Windows\system32\sppsvc.exe (ID: 3644 |ParentID: 728)
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (ID: 5536 |ParentID: 728)
C:\Windows\system32\wuauclt.exe (ID: 3816 |ParentID: 1064)
C:\Windows\servicing\TrustedInstaller.exe (ID: 6028 |ParentID: 728)
\\?\C:\Windows\system32\wbem\WMIADAP.EXE (ID: 2404 |ParentID: 1064)
C:\Windows\system32\SearchProtocolHost.exe (ID: 3048 |ParentID: 3204)
C:\Windows\system32\SearchFilterHost.exe (ID: 2372 |ParentID: 3204)

################## | Regedit Run |

04 - HKLM\..\Run : [Super-Charger] C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
04 - HKLM\..\Run : [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
04 - HKLM\..\Run : [HSPALauncher] C:\PROGRA~2\HSPAUS~1\HSPALA~1.EXE
04 - HKLM\..\Run : [USB Security] C:\Program Files (x86)\USB Disk Security\USBGuard.exe
04 - HKLM\..\RunOnce : []
04 - HKLM64\..\Run : [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
04 - HKLM64\..\Run : [VDownloader] C:\Program Files\VDownloader\VDownloader.exe /silent
04 - HKLM64\..\Run : [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
04 - HKU\S-1-5-19\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-20\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-21-2986661486-1641780392-3765876295-1000\..\Run : [EPSON SX110 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFBE.EXE /FU "C:\Windows\TEMP\E_SE051.tmp" /EF "HKCU"
04 - HKU\S-1-5-21-2986661486-1641780392-3765876295-1000\..\Run : [EPSON SX110 Series (Copie 1)] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFBE.EXE /FU "C:\Windows\TEMP\E_SCCC0.tmp" /EF "HKCU"
04 - HKU\S-1-5-21-2986661486-1641780392-3765876295-1000\..\Run : [EPSON SX110 Series (Copie 2)] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFBE.EXE /FU "C:\Windows\TEMP\E_S8729.tmp" /EF "HKCU"
04 - HKU\S-1-5-21-2986661486-1641780392-3765876295-1000\..\Run : [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
04 - HKU\S-1-5-21-2986661486-1641780392-3765876295-1000\..\Run : [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
04 - HKU\S-1-5-19\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-20\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe

################## | Recherche g�n�rique |


################## | Registre |


################## | Vaccin |

F:\Autorun.inf -> Vaccin cr�� par UsbFix (El Desaparecido)

################## | E.O.F | http://www.usbfix.net - http://www.sosvirus.net |

Publicité


Signaler le contenu de ce document

Publicité