cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

############################## | UsbFix V 7.145 | [Recherche]

Utilisateur: MOWA (Administrateur) # MONPC
Mis � jour le 17/10/2013 par El Desaparecido - Team SosVirus
Lanc� � 02:05:15 | 23/10/2013

Site Web: http://www.usbfix.net/
Forum : http://www.sosvirus.net/
Upload Malware: http://www.sosvirus.net/upload_malware.php
Contact: http://www.usbfix.net/contact/

PC: Gigabyte Technology Co., Ltd. (H77N-WIFI)
CPU: Intel(R) Core(TM) i5-3570 CPU @ 3.40GHz
RAM -> [Total : 8150 | Free : 6569]
Bios: American Megatrends Inc.
Boot: Normal boot

OS: Microsoft Windows 8 (6.2.9200 64-Bit) #
WB: Windows Internet Explorer 10.0.9200.16721

SC: Security Center Service [Enabled]
WU: Windows Update Service [(!) Disabled]
AV: ZoneAlarm Antivirus [(!) Disabled | Updated]
FW: Windows FireWall Service [Enabled]

C:\ (%systemdrive%) -> Disque fixe # 94 Go (61 Go libre(s) - 64%) [SYSTEME] # NTFS
D:\ -> Disque fixe # 537 Go (414 Go libre(s) - 77%) [DONNEES] # NTFS
E:\ -> Disque fixe # 300 Go (257 Go libre(s) - 86%) [PROGRAMMES] # NTFS
F:\ -> CD-ROM
G:\ -> CD-ROM
H:\ -> Disque fixe # 466 Go (50 Go libre(s) - 11%) [syhnes] # NTFS

################## | Processus Actif |

C:\Windows\system32\csrss.exe (ID 588 |ParentID 576)
C:\Windows\system32\wininit.exe (ID 664 |ParentID 576)
C:\Windows\system32\csrss.exe (ID 680 |ParentID 672)
C:\Windows\system32\winlogon.exe (ID 736 |ParentID 672)
C:\Windows\system32\services.exe (ID 760 |ParentID 664)
C:\Windows\system32\lsass.exe (ID 776 |ParentID 664)
C:\Windows\system32\svchost.exe (ID 884 |ParentID 760)
C:\Windows\system32\nvvsvc.exe (ID 924 |ParentID 760)
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (ID 948 |ParentID 760)
C:\Windows\system32\svchost.exe (ID 996 |ParentID 760)
C:\Windows\System32\svchost.exe (ID 496 |ParentID 760)
C:\Windows\system32\svchost.exe (ID 532 |ParentID 760)
C:\Windows\system32\dwm.exe (ID 580 |ParentID 736)
C:\Windows\system32\svchost.exe (ID 816 |ParentID 760)
C:\Windows\System32\svchost.exe (ID 1092 |ParentID 760)
C:\Program Files\Classic Shell\ClassicShellService.exe (ID 1188 |ParentID 760)
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (ID 1212 |ParentID 924)
C:\Windows\system32\nvvsvc.exe (ID 1224 |ParentID 924)
C:\Windows\system32\svchost.exe (ID 1440 |ParentID 760)
C:\Windows\System32\spoolsv.exe (ID 1372 |ParentID 760)
C:\Windows\system32\svchost.exe (ID 1548 |ParentID 760)
C:\Windows\system32\taskhostex.exe (ID 2172 |ParentID 760)
C:\Program Files\Classic Shell\ClassicStartMenu.exe (ID 2192 |ParentID 1188)
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (ID 2212 |ParentID 760)
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (ID 2280 |ParentID 760)
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe (ID 2380 |ParentID 760)
C:\Windows\Explorer.EXE (ID 2388 |ParentID 2316)
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (ID 2512 |ParentID 2280)
C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler.exe (ID 2904 |ParentID 2632)
E:\CheckPoint\ZoneAlarm\ZAPrivacyService.exe (ID 1588 |ParentID 760)
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe (ID 1620 |ParentID 760)
C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler64.exe (ID 2096 |ParentID 2632)
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe (ID 2088 |ParentID 760)
C:\Windows\system32\SearchIndexer.exe (ID 3144 |ParentID 760)
C:\Windows\system32\svchost.exe (ID 3248 |ParentID 760)
C:\Windows\system32\svchost.exe (ID 3364 |ParentID 760)
C:\Windows\System32\WUDFHost.exe (ID 3596 |ParentID 1092)
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (ID 4028 |ParentID 3904)
C:\Windows\system32\svchost.exe (ID 1928 |ParentID 760)
C:\Windows\WinStore\WSHost.exe (ID 3200 |ParentID 884)
C:\Windows\system32\taskeng.exe (ID 1468 |ParentID 532)
C:\UsbFix\Go.exe (ID 4460 |ParentID 2792)
C:\Windows\system32\wbem\wmiprvse.exe (ID 1792 |ParentID 884)
E:\steam\steam.exe (ID 4908 |ParentID 2388)
C:\Program Files (x86)\Common Files\Steam\SteamService.exe (ID 4412 |ParentID 760)

################## | Regedit Run |

HKLM\SOFTWARE | Run : [ZoneAlarm] - "E:\CheckPoint\ZoneAlarm\zatray.exe"
HKLM\SOFTWARE | Run : [SDTray] - "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
HKLM\SOFTWARE\wow6432Node | Run : [ZoneAlarm] - "E:\CheckPoint\ZoneAlarm\zatray.exe"
HKLM\SOFTWARE\wow6432Node | Run : [SDTray] - "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
HKLM\SOFTWARE | RunOnce : [] -
HKLM\SOFTWARE\wow6432Node | RunOnce : [] -
HKU\S-1-5-21-3620969619-2449466229-1162670550-1001\SOFTWARE | Run : [DAEMON Tools Lite] - "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun

################## | �l�ments infectieux |

Pr�sent! G:\Setup.exe
Pr�sent! G:\autorun.inf
Pr�sent! H:\._autorun.inf
Pr�sent! H:\autorun.inf

################## | Registre |

Pr�sent! HKU\S-1-5-21-3620969619-2449466229-1162670550-1001\Software\Microsoft\Windows\CurrentVersion\Policies\System|DisableTaskMgr
Pr�sent! HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System|DisableTaskMgr
HKCU\.\.\.\.\Explorer\MountPoints2\{5d667e70-20a6-11e3-be73-606c6681d81d}
Shell\AutoRun\Command = "G:\Setup.exe"

HKCU\.\.\.\.\Explorer\MountPoints2\{db3afcfc-1c99-11e3-be71-606c6681d81d}
Shell\AutoRun\Command = "I:\LGAutoRun.exe"



################## | Vaccin |

(!) Cet ordinateur n'est pas vaccin�!

################## | E.O.F | http://www.usbfix.net - http://www.sosvirus.net |

Publicité


Signaler le contenu de ce document

Publicité