Publicité
Publicité
Format du document : text/plain
Prévisualisation
############################## | UsbFix V 7.149 | [Recherche]
Utilisateur: BUN (Administrateur) # BUN-PC
Mis � jour le 03/11/2013 par El Desaparecido - Team SosVirus
Lanc� � 18:40:11 | 04/11/2013
Site Web: http://www.usbfix.net/
Forum : http://www.sosvirus.net/
Upload Malware: http://www.sosvirus.net/upload_malware.php
Contact: http://www.usbfix.net/contact/
PC: FOXCONN (2AAF)
CPU: AMD Athlon(tm) II X2 220 Processor
RAM -> [Total : 1791 | Free : 750]
Bios: American Megatrends Inc.
Boot: Normal boot
OS: Microsoft Windows�7 �dition Familiale Premium (6.1.7601 32-Bit) Service Pack 1
WB: Windows Internet Explorer : 8.0.7601.17514
WB: Mozilla Firefox : 24.0
SC: Security Center Service [Enabled]
WU: Windows Update Service [Enabled]
AV: Avira Desktop [(!) Disabled | Updated]
AS: Windows Defender : 6.1.7600.16385 (win7_rtm.090713-1255)
FW: Windows FireWall Service [Enabled]
C:\ (%systemdrive%) -> Disque fixe # 288 Go (222 Go libre(s) - 77%) [COMPAQ] # NTFS
D:\ -> CD-ROM
E:\ -> Disque amovible # 4 Go (4 Go libre(s) - 98%) [BUREAU IDF] # FAT32
G:\ -> Disque fixe # 100 Mo (32 Mo libre(s) - 32%) [System] # NTFS
H:\ -> Disque amovible # 4 Go (4 Go libre(s) - 98%) [] # FAT32
################## | R�f�rence de comparaison MD5 |
Md5 : 32bef3bb4b558ade6cf41113628fc86d -> C:\Users\BUN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\iTunesHelper.vbe
Md5 : 32bef3bb4b558ade6cf41113628fc86d -> C:\Users\BUN\AppData\Local\Temp\iTunesHelper.vbe
Md5 : 32bef3bb4b558ade6cf41113628fc86d -> E:\iTunesHelper.vbe
Md5 : 32bef3bb4b558ade6cf41113628fc86d -> H:\iTunesHelper.vbe
################## | Processus Actif |
C:\Windows\system32\csrss.exe (ID: 404 |ParentID: 396)
C:\Windows\system32\wininit.exe (ID: 480 |ParentID: 396)
C:\Windows\system32\csrss.exe (ID: 496 |ParentID: 472)
C:\Windows\system32\services.exe (ID: 536 |ParentID: 480)
C:\Windows\system32\lsass.exe (ID: 544 |ParentID: 480)
C:\Windows\system32\lsm.exe (ID: 552 |ParentID: 480)
C:\Windows\system32\winlogon.exe (ID: 640 |ParentID: 472)
C:\Windows\system32\svchost.exe (ID: 708 |ParentID: 536)
C:\Windows\system32\svchost.exe (ID: 792 |ParentID: 536)
C:\Windows\system32\atiesrxx.exe (ID: 840 |ParentID: 536)
C:\Windows\System32\svchost.exe (ID: 912 |ParentID: 536)
C:\Windows\System32\svchost.exe (ID: 960 |ParentID: 536)
C:\Windows\system32\svchost.exe (ID: 1004 |ParentID: 536)
C:\Windows\system32\svchost.exe (ID: 1132 |ParentID: 536)
C:\Windows\system32\atieclxx.exe (ID: 1168 |ParentID: 840)
C:\Program Files\Tablet\Pen\Pen_TouchService.exe (ID: 1240 |ParentID: 536)
C:\Windows\SYSTEM32\WISPTIS.EXE (ID: 1296 |ParentID: 960)
C:\Windows\system32\svchost.exe (ID: 1368 |ParentID: 536)
C:\Windows\System32\spoolsv.exe (ID: 1552 |ParentID: 536)
C:\Windows\SYSTEM32\WISPTIS.EXE (ID: 1700 |ParentID: 960)
C:\Windows\system32\Dwm.exe (ID: 1708 |ParentID: 960)
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe (ID: 1716 |ParentID: 960)
C:\Windows\Explorer.EXE (ID: 1784 |ParentID: 1688)
C:\Windows\system32\taskhost.exe (ID: 1804 |ParentID: 536)
C:\Program Files\Tablet\Pen\Pen_TouchUser.exe (ID: 1840 |ParentID: 1240)
C:\Program Files\Avira\AntiVir Desktop\sched.exe (ID: 1972 |ParentID: 536)
C:\Windows\system32\svchost.exe (ID: 1992 |ParentID: 536)
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (ID: 1648 |ParentID: 536)
C:\Program Files\Avira\AntiVir Desktop\avguard.exe (ID: 1340 |ParentID: 536)
C:\Program Files\Freemake\CaptureLib\CaptureLibService.exe (ID: 524 |ParentID: 536)
C:\Windows\system32\svchost.exe (ID: 2140 |ParentID: 536)
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (ID: 2232 |ParentID: 1784)
C:\Program Files\Bamboo Dock\BambooCore.exe (ID: 2240 |ParentID: 1784)
C:\Program Files\Tablet\Pen\Pen_Tablet.exe (ID: 2248 |ParentID: 536)
C:\Program Files\Common Files\Java\Java Update\jusched.exe (ID: 2284 |ParentID: 1784)
C:\Program Files\Windows Sidebar\sidebar.exe (ID: 2300 |ParentID: 1784)
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (ID: 2364 |ParentID: 1784)
C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe (ID: 2400 |ParentID: 1784)
C:\Program Files\D-Link\DWA-131 revA\wirelesscm.exe (ID: 2456 |ParentID: 1784)
C:\Program Files\D-Link\DWA-131 revA\WlanWpsSvc.exe (ID: 2476 |ParentID: 536)
C:\Program Files\Tablet\Pen\Pen_TabletUser.exe (ID: 2568 |ParentID: 2248)
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (ID: 2720 |ParentID: 536)
C:\Program Files\Tablet\Pen\Pen_Tablet.exe (ID: 2732 |ParentID: 2248)
C:\Program Files\Sony\Sony PC Companion\PCCompanionInfo.exe (ID: 2824 |ParentID: 2400)
C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe (ID: 2952 |ParentID: 536)
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (ID: 2964 |ParentID: 2720)
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (ID: 3880 |ParentID: 1340)
C:\Windows\system32\SearchIndexer.exe (ID: 3912 |ParentID: 536)
C:\Windows\system32\svchost.exe (ID: 1588 |ParentID: 536)
C:\Program Files\Windows Media Player\wmpnetwk.exe (ID: 2204 |ParentID: 536)
C:\Windows\System32\WUDFHost.exe (ID: 412 |ParentID: 960)
C:\Windows\system32\svchost.exe (ID: 3116 |ParentID: 536)
C:\Windows\System32\svchost.exe (ID: 4168 |ParentID: 536)
C:\Windows\system32\DllHost.exe (ID: 5020 |ParentID: 708)
C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe (ID: 5292 |ParentID: 536)
C:\Windows\System32\svchost.exe (ID: 5656 |ParentID: 536)
C:\Windows\servicing\TrustedInstaller.exe (ID: 5968 |ParentID: 536)
C:\Program Files\Mozilla Firefox\firefox.exe (ID: 4688 |ParentID: 1784)
C:\Windows\system32\svchost.exe (ID: 4836 |ParentID: 536)
C:\UsbFix\Go.exe (ID: 408 |ParentID: 4296)
C:\Windows\system32\wbem\wmiprvse.exe (ID: 2492 |ParentID: 708)
\\?\C:\Windows\system32\wbem\WMIADAP.EXE (ID: 5508 |ParentID: 1004)
C:\Windows\system32\wbem\wmiprvse.exe (ID: 5876 |ParentID: 708)
C:\Program Files\Avira\AntiVir Desktop\avcenter.exe (ID: 4480 |ParentID: 1784)
################## | Regedit Run |
04 - HKLM\SOFTWARE | Run : [avgnt] - "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
04 - HKLM\SOFTWARE | Run : [BambooCore] - C:\Program Files\Bamboo Dock\BambooCore.exe
04 - HKLM\SOFTWARE | Run : [Adobe ARM] - "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
04 - HKLM\SOFTWARE | Run : [SunJavaUpdateSched] - "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
04 - HKLM\SOFTWARE | RunOnce : [] -
04 - HKU\S-1-5-19\SOFTWARE | Run : [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-20\SOFTWARE | Run : [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-21-2637158324-2203775089-3494527545-1000\SOFTWARE | Run : [Sidebar] - C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
04 - HKU\S-1-5-21-2637158324-2203775089-3494527545-1000\SOFTWARE | Run : [Google Update] - "C:\Users\BUN\AppData\Local\Google\Update\GoogleUpdate.exe" /c
04 - HKU\S-1-5-21-2637158324-2203775089-3494527545-1000\SOFTWARE | Run : [SpybotSD TeaTimer] - C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
04 - HKU\S-1-5-21-2637158324-2203775089-3494527545-1000\SOFTWARE | Run : [Sony PC Companion] - "C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe" /Background
04 - HKU\S-1-5-21-2637158324-2203775089-3494527545-1000\SOFTWARE | Run : [Facebook Update] - "C:\Users\BUN\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
04 - HKU\S-1-5-19\SOFTWARE | RunOnce : [mctadmin] - C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-20\SOFTWARE | RunOnce : [mctadmin] - C:\Windows\System32\mctadmin.exe
################## | Recherche g�n�rique |
Pr�sent! E:\Notification.lnk
Pr�sent! E:\L1 PI C9.lnk
Pr�sent! H:\IA - Notice Inscription 2013-2014 - web.lnk
Pr�sent! H:\consultationDetail.lnk
Pr�sent! H:\Net.lnk
Pr�sent! C:\Users\BUN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\iTunesHelper.vbe
Pr�sent! C:\Users\BUN\AppData\Local\Temp\iTunesHelper.vbe
Pr�sent! E:\iTunesHelper.vbe
Pr�sent! H:\iTunesHelper.vbe
################## | Comparaison MD5 |
################## | Registre |
################## | Vaccin |
(!) Cet ordinateur n'est pas vaccin�!
################## | E.O.F | http://www.usbfix.net - http://www.sosvirus.net |
Utilisateur: BUN (Administrateur) # BUN-PC
Mis � jour le 03/11/2013 par El Desaparecido - Team SosVirus
Lanc� � 18:40:11 | 04/11/2013
Site Web: http://www.usbfix.net/
Forum : http://www.sosvirus.net/
Upload Malware: http://www.sosvirus.net/upload_malware.php
Contact: http://www.usbfix.net/contact/
PC: FOXCONN (2AAF)
CPU: AMD Athlon(tm) II X2 220 Processor
RAM -> [Total : 1791 | Free : 750]
Bios: American Megatrends Inc.
Boot: Normal boot
OS: Microsoft Windows�7 �dition Familiale Premium (6.1.7601 32-Bit) Service Pack 1
WB: Windows Internet Explorer : 8.0.7601.17514
WB: Mozilla Firefox : 24.0
SC: Security Center Service [Enabled]
WU: Windows Update Service [Enabled]
AV: Avira Desktop [(!) Disabled | Updated]
AS: Windows Defender : 6.1.7600.16385 (win7_rtm.090713-1255)
FW: Windows FireWall Service [Enabled]
C:\ (%systemdrive%) -> Disque fixe # 288 Go (222 Go libre(s) - 77%) [COMPAQ] # NTFS
D:\ -> CD-ROM
E:\ -> Disque amovible # 4 Go (4 Go libre(s) - 98%) [BUREAU IDF] # FAT32
G:\ -> Disque fixe # 100 Mo (32 Mo libre(s) - 32%) [System] # NTFS
H:\ -> Disque amovible # 4 Go (4 Go libre(s) - 98%) [] # FAT32
################## | R�f�rence de comparaison MD5 |
Md5 : 32bef3bb4b558ade6cf41113628fc86d -> C:\Users\BUN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\iTunesHelper.vbe
Md5 : 32bef3bb4b558ade6cf41113628fc86d -> C:\Users\BUN\AppData\Local\Temp\iTunesHelper.vbe
Md5 : 32bef3bb4b558ade6cf41113628fc86d -> E:\iTunesHelper.vbe
Md5 : 32bef3bb4b558ade6cf41113628fc86d -> H:\iTunesHelper.vbe
################## | Processus Actif |
C:\Windows\system32\csrss.exe (ID: 404 |ParentID: 396)
C:\Windows\system32\wininit.exe (ID: 480 |ParentID: 396)
C:\Windows\system32\csrss.exe (ID: 496 |ParentID: 472)
C:\Windows\system32\services.exe (ID: 536 |ParentID: 480)
C:\Windows\system32\lsass.exe (ID: 544 |ParentID: 480)
C:\Windows\system32\lsm.exe (ID: 552 |ParentID: 480)
C:\Windows\system32\winlogon.exe (ID: 640 |ParentID: 472)
C:\Windows\system32\svchost.exe (ID: 708 |ParentID: 536)
C:\Windows\system32\svchost.exe (ID: 792 |ParentID: 536)
C:\Windows\system32\atiesrxx.exe (ID: 840 |ParentID: 536)
C:\Windows\System32\svchost.exe (ID: 912 |ParentID: 536)
C:\Windows\System32\svchost.exe (ID: 960 |ParentID: 536)
C:\Windows\system32\svchost.exe (ID: 1004 |ParentID: 536)
C:\Windows\system32\svchost.exe (ID: 1132 |ParentID: 536)
C:\Windows\system32\atieclxx.exe (ID: 1168 |ParentID: 840)
C:\Program Files\Tablet\Pen\Pen_TouchService.exe (ID: 1240 |ParentID: 536)
C:\Windows\SYSTEM32\WISPTIS.EXE (ID: 1296 |ParentID: 960)
C:\Windows\system32\svchost.exe (ID: 1368 |ParentID: 536)
C:\Windows\System32\spoolsv.exe (ID: 1552 |ParentID: 536)
C:\Windows\SYSTEM32\WISPTIS.EXE (ID: 1700 |ParentID: 960)
C:\Windows\system32\Dwm.exe (ID: 1708 |ParentID: 960)
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe (ID: 1716 |ParentID: 960)
C:\Windows\Explorer.EXE (ID: 1784 |ParentID: 1688)
C:\Windows\system32\taskhost.exe (ID: 1804 |ParentID: 536)
C:\Program Files\Tablet\Pen\Pen_TouchUser.exe (ID: 1840 |ParentID: 1240)
C:\Program Files\Avira\AntiVir Desktop\sched.exe (ID: 1972 |ParentID: 536)
C:\Windows\system32\svchost.exe (ID: 1992 |ParentID: 536)
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (ID: 1648 |ParentID: 536)
C:\Program Files\Avira\AntiVir Desktop\avguard.exe (ID: 1340 |ParentID: 536)
C:\Program Files\Freemake\CaptureLib\CaptureLibService.exe (ID: 524 |ParentID: 536)
C:\Windows\system32\svchost.exe (ID: 2140 |ParentID: 536)
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (ID: 2232 |ParentID: 1784)
C:\Program Files\Bamboo Dock\BambooCore.exe (ID: 2240 |ParentID: 1784)
C:\Program Files\Tablet\Pen\Pen_Tablet.exe (ID: 2248 |ParentID: 536)
C:\Program Files\Common Files\Java\Java Update\jusched.exe (ID: 2284 |ParentID: 1784)
C:\Program Files\Windows Sidebar\sidebar.exe (ID: 2300 |ParentID: 1784)
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (ID: 2364 |ParentID: 1784)
C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe (ID: 2400 |ParentID: 1784)
C:\Program Files\D-Link\DWA-131 revA\wirelesscm.exe (ID: 2456 |ParentID: 1784)
C:\Program Files\D-Link\DWA-131 revA\WlanWpsSvc.exe (ID: 2476 |ParentID: 536)
C:\Program Files\Tablet\Pen\Pen_TabletUser.exe (ID: 2568 |ParentID: 2248)
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (ID: 2720 |ParentID: 536)
C:\Program Files\Tablet\Pen\Pen_Tablet.exe (ID: 2732 |ParentID: 2248)
C:\Program Files\Sony\Sony PC Companion\PCCompanionInfo.exe (ID: 2824 |ParentID: 2400)
C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe (ID: 2952 |ParentID: 536)
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (ID: 2964 |ParentID: 2720)
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (ID: 3880 |ParentID: 1340)
C:\Windows\system32\SearchIndexer.exe (ID: 3912 |ParentID: 536)
C:\Windows\system32\svchost.exe (ID: 1588 |ParentID: 536)
C:\Program Files\Windows Media Player\wmpnetwk.exe (ID: 2204 |ParentID: 536)
C:\Windows\System32\WUDFHost.exe (ID: 412 |ParentID: 960)
C:\Windows\system32\svchost.exe (ID: 3116 |ParentID: 536)
C:\Windows\System32\svchost.exe (ID: 4168 |ParentID: 536)
C:\Windows\system32\DllHost.exe (ID: 5020 |ParentID: 708)
C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe (ID: 5292 |ParentID: 536)
C:\Windows\System32\svchost.exe (ID: 5656 |ParentID: 536)
C:\Windows\servicing\TrustedInstaller.exe (ID: 5968 |ParentID: 536)
C:\Program Files\Mozilla Firefox\firefox.exe (ID: 4688 |ParentID: 1784)
C:\Windows\system32\svchost.exe (ID: 4836 |ParentID: 536)
C:\UsbFix\Go.exe (ID: 408 |ParentID: 4296)
C:\Windows\system32\wbem\wmiprvse.exe (ID: 2492 |ParentID: 708)
\\?\C:\Windows\system32\wbem\WMIADAP.EXE (ID: 5508 |ParentID: 1004)
C:\Windows\system32\wbem\wmiprvse.exe (ID: 5876 |ParentID: 708)
C:\Program Files\Avira\AntiVir Desktop\avcenter.exe (ID: 4480 |ParentID: 1784)
################## | Regedit Run |
04 - HKLM\SOFTWARE | Run : [avgnt] - "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
04 - HKLM\SOFTWARE | Run : [BambooCore] - C:\Program Files\Bamboo Dock\BambooCore.exe
04 - HKLM\SOFTWARE | Run : [Adobe ARM] - "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
04 - HKLM\SOFTWARE | Run : [SunJavaUpdateSched] - "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
04 - HKLM\SOFTWARE | RunOnce : [] -
04 - HKU\S-1-5-19\SOFTWARE | Run : [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-20\SOFTWARE | Run : [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-21-2637158324-2203775089-3494527545-1000\SOFTWARE | Run : [Sidebar] - C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
04 - HKU\S-1-5-21-2637158324-2203775089-3494527545-1000\SOFTWARE | Run : [Google Update] - "C:\Users\BUN\AppData\Local\Google\Update\GoogleUpdate.exe" /c
04 - HKU\S-1-5-21-2637158324-2203775089-3494527545-1000\SOFTWARE | Run : [SpybotSD TeaTimer] - C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
04 - HKU\S-1-5-21-2637158324-2203775089-3494527545-1000\SOFTWARE | Run : [Sony PC Companion] - "C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe" /Background
04 - HKU\S-1-5-21-2637158324-2203775089-3494527545-1000\SOFTWARE | Run : [Facebook Update] - "C:\Users\BUN\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
04 - HKU\S-1-5-19\SOFTWARE | RunOnce : [mctadmin] - C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-20\SOFTWARE | RunOnce : [mctadmin] - C:\Windows\System32\mctadmin.exe
################## | Recherche g�n�rique |
Pr�sent! E:\Notification.lnk
Pr�sent! E:\L1 PI C9.lnk
Pr�sent! H:\IA - Notice Inscription 2013-2014 - web.lnk
Pr�sent! H:\consultationDetail.lnk
Pr�sent! H:\Net.lnk
Pr�sent! C:\Users\BUN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\iTunesHelper.vbe
Pr�sent! C:\Users\BUN\AppData\Local\Temp\iTunesHelper.vbe
Pr�sent! E:\iTunesHelper.vbe
Pr�sent! H:\iTunesHelper.vbe
################## | Comparaison MD5 |
################## | Registre |
################## | Vaccin |
(!) Cet ordinateur n'est pas vaccin�!
################## | E.O.F | http://www.usbfix.net - http://www.sosvirus.net |