Publicité
Publicité
Format du document : text/plain
Prévisualisation
############################## | UsbFix V 7.167 | [Recherche]
Utilisateur: ahmed (Administrateur) # AHMED
Mis � jour le 13/03/2014 par El Desaparecido - Team SosVirus
Lanc� � 11:03:36 | 22/03/2014
Site Web : http://www.usbfix.net/
Changelog : http://www.usbfix.net/maj/
Support : http://www.sosvirus.net/forum-virus-securite.html
Upload Malware : http://www.sosvirus.net/upload_malware.php
Contact : http://www.usbfix.net/contact/
PC: SAMSUNG ELECTRONICS CO., LTD. (NP300E5V-A06AE)
CPU: Intel(R) Core(TM) i3-3120M CPU @ 2.50GHz
RAM -> [Total : 3970 Mo| Free : 2938 Mo]
Bios: Phoenix Technologies Ltd.
Boot: Normal boot
OS: Microsoft Windows 8.1 Professionnel (6.3.9600 64-Bit)
WB: Windows Internet Explorer : 11.0.9600.16476
WB: Google Chrome : 33.0.1750.154
SC: Security Center [Enabled]
WU: Windows Update [Enabled]
AV: Windows Defender [Enabled | Updated]
AS: Windows Defender [Enabled | Updated]
FW: Windows FireWall [(!) Disabled]
C:\ (%systemdrive%) -> Disque fixe # 120 Go (71 Go libre(s) - 59%) [] # NTFS
D:\ -> CD-ROM
E:\ -> Disque fixe # 130 Go (78 Go libre(s) - 60%) [] # NTFS
F:\ -> Disque fixe # 201 Go (25 Go libre(s) - 12%) [] # NTFS
G:\ -> CD-ROM
H:\ -> Disque amovible # 7 Go (4 Go libre(s) - 49%) [] # NTFS
################## | Processus Actif |
C:\Windows\system32\wininit.exe (ID: 540 |ParentID: 472)
C:\Windows\system32\winlogon.exe (ID: 600 |ParentID: 548)
C:\Windows\system32\lsass.exe (ID: 648 |ParentID: 540)
C:\Windows\system32\svchost.exe (ID: 720 |ParentID: 640)
C:\Windows\system32\svchost.exe (ID: 764 |ParentID: 640)
C:\Windows\system32\dwm.exe (ID: 856 |ParentID: 600)
C:\Windows\System32\svchost.exe (ID: 892 |ParentID: 640)
C:\Windows\System32\svchost.exe (ID: 932 |ParentID: 640)
C:\Windows\system32\svchost.exe (ID: 956 |ParentID: 640)
C:\Windows\system32\svchost.exe (ID: 980 |ParentID: 640)
C:\Windows\system32\svchost.exe (ID: 992 |ParentID: 640)
C:\Windows\System32\spoolsv.exe (ID: 1192 |ParentID: 640)
C:\Windows\system32\svchost.exe (ID: 1216 |ParentID: 640)
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (ID: 1404 |ParentID: 640)
C:\Windows\system32\AdminService.exe (ID: 1468 |ParentID: 640)
C:\Program Files\Intel\iCLS Client\HeciServer.exe (ID: 1528 |ParentID: 640)
C:\Users\ahmed\AppData\Local\MEDIAF~1\MFUSNM~1.EXE (ID: 1544 |ParentID: 640)
C:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\sqlservr.exe (ID: 1596 |ParentID: 640)
C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe (ID: 1616 |ParentID: 640)
C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe (ID: 1728 |ParentID: 640)
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (ID: 1752 |ParentID: 640)
C:\Windows\system32\svchost.exe (ID: 1792 |ParentID: 640)
C:\Windows\system32\svchost.exe (ID: 2244 |ParentID: 640)
C:\Windows\system32\wbem\wmiprvse.exe (ID: 2648 |ParentID: 720)
C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler.exe (ID: 2896 |ParentID: 1768)
C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler64.exe (ID: 2968 |ParentID: 1768)
C:\Windows\system32\SearchIndexer.exe (ID: 3168 |ParentID: 640)
C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe (ID: 3600 |ParentID: 640)
C:\Windows\System32\WUDFHost.exe (ID: 736 |ParentID: 932)
C:\Windows\System32\svchost.exe (ID: 2192 |ParentID: 640)
C:\Windows\system32\wbem\wmiprvse.exe (ID: 1284 |ParentID: 720)
C:\Windows\system32\SearchProtocolHost.exe (ID: 3940 |ParentID: 3168)
C:\Windows\explorer.exe (ID: 3720 |ParentID: 1000)
C:\Windows\system32\SearchFilterHost.exe (ID: 1224 |ParentID: 3168)
C:\Windows\System32\skydrive.exe (ID: 3404 |ParentID: 720)
C:\Windows\system32\DllHost.exe (ID: 4064 |ParentID: 720)
C:\Windows\system32\DllHost.exe (ID: 3616 |ParentID: 720)
################## | Regedit Run |
F2 - HKLM\..\Winlogon : [Shell] explorer.exe
F2 - [64bit] HKLM\..\Winlogon : [Shell] explorer.exe
F2 - HKLM\..\Winlogon : [Userinit] userinit.exe
F2 - [64bit] HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe,
04 - HKCU\..\Run : [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot
04 - HKCU\..\Run : [MediaFire Tray]
04 - HKCU\..\Run : [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
04 - HKCU\..\Run : [RapidShare] "C:\Program Files (x86)\RapidShare AG\RapidShare\RapidShare.exe" autostart
04 - HKCU\..\Run : [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe"
04 - HKLM\..\Run : [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
04 - HKLM\..\Run : [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot
04 - [64bit] HKLM\..\Run : [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
04 - [64bit] HKLM\..\Run : [IgfxTray] "C:\Windows\system32\igfxtray.exe"
04 - [64bit] HKLM\..\Run : [HotKeysCmds] "C:\Windows\system32\hkcmd.exe"
04 - [64bit] HKLM\..\Run : [Persistence] "C:\Windows\system32\igfxpers.exe"
04 - [64bit] HKLM\..\Run : [Shadow Defender Daemon] "C:\Program Files\Shadow Defender\DefenderDaemon.exe" /Auto
04 - HKU\S-1-5-21-1798186759-3833995088-1900933470-1001\..\Run : [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot
04 - HKU\S-1-5-21-1798186759-3833995088-1900933470-1001\..\Run : [MediaFire Tray]
04 - HKU\S-1-5-21-1798186759-3833995088-1900933470-1001\..\Run : [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
04 - HKU\S-1-5-21-1798186759-3833995088-1900933470-1001\..\Run : [RapidShare] "C:\Program Files (x86)\RapidShare AG\RapidShare\RapidShare.exe" autostart
04 - HKU\S-1-5-21-1798186759-3833995088-1900933470-1001\..\Run : [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe"
################## | Recherche g�n�rique |
################## | Registre |
################## | E.O.F | http://www.usbfix.net/ - http://www.sosvirus.net |
Utilisateur: ahmed (Administrateur) # AHMED
Mis � jour le 13/03/2014 par El Desaparecido - Team SosVirus
Lanc� � 11:03:36 | 22/03/2014
Site Web : http://www.usbfix.net/
Changelog : http://www.usbfix.net/maj/
Support : http://www.sosvirus.net/forum-virus-securite.html
Upload Malware : http://www.sosvirus.net/upload_malware.php
Contact : http://www.usbfix.net/contact/
PC: SAMSUNG ELECTRONICS CO., LTD. (NP300E5V-A06AE)
CPU: Intel(R) Core(TM) i3-3120M CPU @ 2.50GHz
RAM -> [Total : 3970 Mo| Free : 2938 Mo]
Bios: Phoenix Technologies Ltd.
Boot: Normal boot
OS: Microsoft Windows 8.1 Professionnel (6.3.9600 64-Bit)
WB: Windows Internet Explorer : 11.0.9600.16476
WB: Google Chrome : 33.0.1750.154
SC: Security Center [Enabled]
WU: Windows Update [Enabled]
AV: Windows Defender [Enabled | Updated]
AS: Windows Defender [Enabled | Updated]
FW: Windows FireWall [(!) Disabled]
C:\ (%systemdrive%) -> Disque fixe # 120 Go (71 Go libre(s) - 59%) [] # NTFS
D:\ -> CD-ROM
E:\ -> Disque fixe # 130 Go (78 Go libre(s) - 60%) [] # NTFS
F:\ -> Disque fixe # 201 Go (25 Go libre(s) - 12%) [] # NTFS
G:\ -> CD-ROM
H:\ -> Disque amovible # 7 Go (4 Go libre(s) - 49%) [] # NTFS
################## | Processus Actif |
C:\Windows\system32\wininit.exe (ID: 540 |ParentID: 472)
C:\Windows\system32\winlogon.exe (ID: 600 |ParentID: 548)
C:\Windows\system32\lsass.exe (ID: 648 |ParentID: 540)
C:\Windows\system32\svchost.exe (ID: 720 |ParentID: 640)
C:\Windows\system32\svchost.exe (ID: 764 |ParentID: 640)
C:\Windows\system32\dwm.exe (ID: 856 |ParentID: 600)
C:\Windows\System32\svchost.exe (ID: 892 |ParentID: 640)
C:\Windows\System32\svchost.exe (ID: 932 |ParentID: 640)
C:\Windows\system32\svchost.exe (ID: 956 |ParentID: 640)
C:\Windows\system32\svchost.exe (ID: 980 |ParentID: 640)
C:\Windows\system32\svchost.exe (ID: 992 |ParentID: 640)
C:\Windows\System32\spoolsv.exe (ID: 1192 |ParentID: 640)
C:\Windows\system32\svchost.exe (ID: 1216 |ParentID: 640)
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (ID: 1404 |ParentID: 640)
C:\Windows\system32\AdminService.exe (ID: 1468 |ParentID: 640)
C:\Program Files\Intel\iCLS Client\HeciServer.exe (ID: 1528 |ParentID: 640)
C:\Users\ahmed\AppData\Local\MEDIAF~1\MFUSNM~1.EXE (ID: 1544 |ParentID: 640)
C:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\sqlservr.exe (ID: 1596 |ParentID: 640)
C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe (ID: 1616 |ParentID: 640)
C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe (ID: 1728 |ParentID: 640)
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (ID: 1752 |ParentID: 640)
C:\Windows\system32\svchost.exe (ID: 1792 |ParentID: 640)
C:\Windows\system32\svchost.exe (ID: 2244 |ParentID: 640)
C:\Windows\system32\wbem\wmiprvse.exe (ID: 2648 |ParentID: 720)
C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler.exe (ID: 2896 |ParentID: 1768)
C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler64.exe (ID: 2968 |ParentID: 1768)
C:\Windows\system32\SearchIndexer.exe (ID: 3168 |ParentID: 640)
C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe (ID: 3600 |ParentID: 640)
C:\Windows\System32\WUDFHost.exe (ID: 736 |ParentID: 932)
C:\Windows\System32\svchost.exe (ID: 2192 |ParentID: 640)
C:\Windows\system32\wbem\wmiprvse.exe (ID: 1284 |ParentID: 720)
C:\Windows\system32\SearchProtocolHost.exe (ID: 3940 |ParentID: 3168)
C:\Windows\explorer.exe (ID: 3720 |ParentID: 1000)
C:\Windows\system32\SearchFilterHost.exe (ID: 1224 |ParentID: 3168)
C:\Windows\System32\skydrive.exe (ID: 3404 |ParentID: 720)
C:\Windows\system32\DllHost.exe (ID: 4064 |ParentID: 720)
C:\Windows\system32\DllHost.exe (ID: 3616 |ParentID: 720)
################## | Regedit Run |
F2 - HKLM\..\Winlogon : [Shell] explorer.exe
F2 - [64bit] HKLM\..\Winlogon : [Shell] explorer.exe
F2 - HKLM\..\Winlogon : [Userinit] userinit.exe
F2 - [64bit] HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe,
04 - HKCU\..\Run : [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot
04 - HKCU\..\Run : [MediaFire Tray]
04 - HKCU\..\Run : [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
04 - HKCU\..\Run : [RapidShare] "C:\Program Files (x86)\RapidShare AG\RapidShare\RapidShare.exe" autostart
04 - HKCU\..\Run : [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe"
04 - HKLM\..\Run : [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
04 - HKLM\..\Run : [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot
04 - [64bit] HKLM\..\Run : [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
04 - [64bit] HKLM\..\Run : [IgfxTray] "C:\Windows\system32\igfxtray.exe"
04 - [64bit] HKLM\..\Run : [HotKeysCmds] "C:\Windows\system32\hkcmd.exe"
04 - [64bit] HKLM\..\Run : [Persistence] "C:\Windows\system32\igfxpers.exe"
04 - [64bit] HKLM\..\Run : [Shadow Defender Daemon] "C:\Program Files\Shadow Defender\DefenderDaemon.exe" /Auto
04 - HKU\S-1-5-21-1798186759-3833995088-1900933470-1001\..\Run : [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot
04 - HKU\S-1-5-21-1798186759-3833995088-1900933470-1001\..\Run : [MediaFire Tray]
04 - HKU\S-1-5-21-1798186759-3833995088-1900933470-1001\..\Run : [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
04 - HKU\S-1-5-21-1798186759-3833995088-1900933470-1001\..\Run : [RapidShare] "C:\Program Files (x86)\RapidShare AG\RapidShare\RapidShare.exe" autostart
04 - HKU\S-1-5-21-1798186759-3833995088-1900933470-1001\..\Run : [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe"
################## | Recherche g�n�rique |
################## | Registre |
################## | E.O.F | http://www.usbfix.net/ - http://www.sosvirus.net |