cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

[b]############################## | UsbFix V 7.172 | [Recherche][/b]

Utilisateur: Oim (Administrateur) # URGO
Mis � jour le 23/06/2014 par El Desaparecido - SosVirus
Lanc� � 11:28:07 | 26/06/2014

Site Web : [url=http://www.usbfix.net/]http://www.usbfix.net/[/url]
Changelog : [url=http://www.usbfix.net/maj/]http://www.usbfix.net/maj/[/url]
Assistance : [url=http://www.sosvirus.net/forum-virus-securite.html]http://www.sosvirus.net/forum-virus-securite.html[/url]
Upload Malware : [url=http://www.sosvirus.net/upload_malware.php]http://www.sosvirus.net/upload_malware.php[/url]
Contact : [url=http://www.usbfix.net/contact/]http://www.usbfix.net/contact/[/url]

[b]################## | System information |[/b]

MB: SAMSUNG ELECTRONICS CO., LTD. (R519/R719)
CPU: Pentium(R) Dual-Core CPU T4300 @ 2.10GHz
GC: Mobile Intel(R) 4 Series Express Chipset Family
RAM -> [Total : 4029 Mo | Free : 2417 Mo]
Bios: Phoenix Technologies Ltd.
Boot: Normal boot

OS: Microsoft� Windows 7 Home Premium (6.1.7601 64-Bit) Service Pack 1
WB: Internet Explorer : 11.00.9600.16428

[b]################## | Security Information |[/b]

AV: Microsoft Security Essentials [Actif |A jour]
AS: Windows Defender [[b](!) D�sactiv�[/b] |A jour]
AS: Microsoft Security Essentials [Actif |A jour]
AS: Malwarebytes Anti-Malware : 1.75.0001
FW: Windows Firewall [[b](!) D�sactiv�[/b]]
SC: Security Center [Actif]
WU: Windows Update [Actif]

[b]################## | Disk Information |[/b]

C:\ (%SystemDrive%) -> Disque fixe # 149 Go (50 Go libre(s) - 33%) [] # NTFS
E:\ -> Disque fixe # 298 Go (8 Go libre(s) - 3%) [[PERSO]] # NTFS

[b]################## | Processus Actif |[/b]

C:\Windows\System32\smss.exe (ID: 304|ParentID: 4|Syst�me)
C:\Windows\System32\wininit.exe (ID: 492|ParentID: 420)
C:\Windows\System32\services.exe (ID: 544|ParentID: 492)
C:\Windows\System32\lsass.exe (ID: 564|ParentID: 492)
C:\Windows\System32\lsm.exe (ID: 572|ParentID: 492)
C:\Windows\System32\winlogon.exe (ID: 640|ParentID: 484)
C:\Windows\System32\svchost.exe (ID: 724|ParentID: 544)
C:\Windows\System32\svchost.exe (ID: 808|ParentID: 544)
C:\Program Files\Microsoft Security Client\MsMpEng.exe (ID: 868|ParentID: 544)
C:\Windows\System32\svchost.exe (ID: 1000|ParentID: 544)
C:\Windows\System32\svchost.exe (ID: 316|ParentID: 544)
C:\Windows\System32\svchost.exe (ID: 436|ParentID: 544)
C:\Windows\System32\svchost.exe (ID: 484|ParentID: 544)
C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe (ID: 1056|ParentID: 544)
C:\Windows\System32\svchost.exe (ID: 1124|ParentID: 544)
C:\Windows\System32\svchost.exe (ID: 1284|ParentID: 544)
C:\Windows\System32\spoolsv.exe (ID: 1444|ParentID: 544)
C:\Windows\System32\svchost.exe (ID: 1472|ParentID: 544)
C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe (ID: 1572|ParentID: 544)
C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe (ID: 1620|ParentID: 544)
C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe (ID: 1692|ParentID: 544)
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (ID: 1776|ParentID: 544)
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (ID: 1820|ParentID: 544)
C:\Program Files (x86)\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe (ID: 1844|ParentID: 544)
C:\Windows\System32\svchost.exe (ID: 1948|ParentID: 544)
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (ID: 2000|ParentID: 544)
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (ID: 1232|ParentID: 2000)
C:\Windows\System32\taskhost.exe (ID: 420|ParentID: 544|Oim)
C:\Windows\System32\dwm.exe (ID: 2056|ParentID: 316|Oim)
C:\Windows\explorer.exe (ID: 2088|ParentID: 1092|Oim)
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (ID: 2180|ParentID: 1820|Oim)
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (ID: 2372|ParentID: 2088|Oim)
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (ID: 2380|ParentID: 2088|Oim)
C:\Windows\System32\igfxtray.exe (ID: 2392|ParentID: 2088|Oim)
C:\Windows\System32\hkcmd.exe (ID: 2420|ParentID: 2088|Oim)
C:\Windows\System32\igfxpers.exe (ID: 2448|ParentID: 2088|Oim)
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (ID: 2556|ParentID: 2380|Oim)
C:\Program Files\Microsoft Security Client\msseces.exe (ID: 2716|ParentID: 2088|Oim)
C:\Program Files (x86)\Windows Live\Family Safety\fsui.exe (ID: 2748|ParentID: 2088|Oim)
C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe (ID: 2800|ParentID: 2088|Oim)
C:\Program Files\Microsoft Security Client\NisSrv.exe (ID: 2876|ParentID: 544)
C:\Windows\System32\svchost.exe (ID: 3044|ParentID: 544)
C:\Windows\System32\SearchIndexer.exe (ID: 3532|ParentID: 544)
C:\Program Files (x86)\Creative\Shared Files\Module Loader\DLLML.exe (ID: 3656|ParentID: 2904|Oim)
C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe (ID: 3684|ParentID: 2904|Oim)
C:\Program Files (x86)\Creative\Sound Blaster X-Fi Surround 5.1\Volume Panel\VolPanlu.exe (ID: 3820|ParentID: 2904|Oim)
C:\Program Files (x86)\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe (ID: 3892|ParentID: 2904|Oim)
C:\PROGRA~2\HEWLET~1\HPSHAR~1\hpgs2wnf.exe (ID: 3932|ParentID: 724|Oim)
C:\Program Files (x86)\Real\RealPlayer\realplay.exe (ID: 3952|ParentID: 2904|Oim)
C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe (ID: 3232|ParentID: 2088|Oim)
C:\Program Files (x86)\Creative\ShareDLL\CADI\NotiMan.exe (ID: 3432|ParentID: 724|Oim)
C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe (ID: 3388|ParentID: 2088|Oim)
C:\Program Files (x86)\Larousse\Petit Larousse 2010\bin\Hyperappel.exe (ID: 3524|ParentID: 2088|Oim)
C:\Program Files\Logitech\SetPoint\SetPoint.exe (ID: 4124|ParentID: 2088|Oim)
C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe (ID: 4424|ParentID: 4124|Oim)
C:\Program Files (x86)\DGP1000\Note Manager.exe (ID: 4472|ParentID: 2088|Oim)
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe (ID: 4604|ParentID: 4124|Oim)
C:\Program Files (x86)\DGP1000\PegRoute.exe (ID: 4780|ParentID: 4472|Oim)
C:\Intel\Intelupdate.exe (ID: 4868|ParentID: 2088|Oim)
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe (ID: 4916|ParentID: 4876|Oim)
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin (ID: 4940|ParentID: 4916|Oim)
C:\Windows\System32\svchost.exe (ID: 4948|ParentID: 544)
C:\Program Files\Windows Media Player\wmpnetwk.exe (ID: 3004|ParentID: 544)
C:\Program Files (x86)\eMule\emule.exe (ID: 4220|ParentID: 2088|Oim)
C:\Windows\System32\audiodg.exe (ID: 9748|ParentID: 1000)
C:\UsbFix\UsbFix.exe (ID: 5088|ParentID: 2088|Oim)

[b]################## | Autorun |[/b]


[b]################## | Regedit Run |[/b]

F2 - HKLM\..\Winlogon : [Shell] explorer.exe
F2 - [x64] HKLM\..\Winlogon : [Shell] explorer.exe
F2 - HKLM\..\Winlogon : [Userinit] userinit.exe,
F2 - [x64] HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe,
04 - HKCU\..\Run : [Google Update] "C:\Users\Oim\AppData\Local\Google\Update\GoogleUpdate.exe" /c
04 - HKCU\..\Run : [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler
04 - HKCU\..\Run : [Facebook Update] "C:\Users\Oim\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
04 - HKCU\..\Run : [GoogleChromeAutoLaunch_C0B41EBCAD8CA7D9B0D4442F298E2F03] "C:\Users\Oim\AppData\Local\Google\Chrome\Application\chrome.exe" --no-startup-window
04 - HKLM\..\Run : [Module Loader] C:\Program Files (x86)\Creative\Shared Files\Module Loader\DLLML.exe -StartUpRun
04 - HKLM\..\Run : [Nuance OmniPage 17-reminder] "C:\Program Files (x86)\Nuance\OmniPage17\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\OmniPage 17\Ereg\Ereg.ini"
04 - HKLM\..\Run : [SSBkgdUpdate] "C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
04 - HKLM\..\Run : [PaperPort PTD] "C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe"
04 - HKLM\..\Run : [IndexSearch] "C:\Program Files (x86)\ScanSoft\PaperPort\IndexSearch.exe"
04 - HKLM\..\Run : [PPort11reminder] "C:\Program Files (x86)\ScanSoft\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini"
04 - HKLM\..\Run : [VolPanel] "C:\Program Files (x86)\Creative\Sound Blaster X-Fi Surround 5.1\Volume Panel\VolPanlu.exe" /r
04 - HKLM\..\Run : [Share-to-Web Namespace Daemon] C:\Program Files (x86)\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
04 - HKLM\..\Run : [RealTray] C:\Program Files (x86)\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
04 - HKLM\..\Run : [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe"
04 - [x64] HKLM\..\Run : [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
04 - [x64] HKLM\..\Run : [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
04 - [x64] HKLM\..\Run : [IgfxTray] C:\Windows\system32\igfxtray.exe
04 - [x64] HKLM\..\Run : [HotKeysCmds] C:\Windows\system32\hkcmd.exe
04 - [x64] HKLM\..\Run : [Persistence] C:\Windows\system32\igfxpers.exe
04 - [x64] HKLM\..\Run : [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
04 - [x64] HKLM\..\Run : [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
04 - [x64] HKLM\..\Run : [fssui] "C:\Program Files (x86)\Windows Live\Family Safety\fsui.exe" -autorun
04 - HKU\S-1-5-19\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-20\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-21-2254416563-1694720694-3321684032-1000\..\Run : [Google Update] "C:\Users\Oim\AppData\Local\Google\Update\GoogleUpdate.exe" /c
04 - HKU\S-1-5-21-2254416563-1694720694-3321684032-1000\..\Run : [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler
04 - HKU\S-1-5-21-2254416563-1694720694-3321684032-1000\..\Run : [Facebook Update] "C:\Users\Oim\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
04 - HKU\S-1-5-21-2254416563-1694720694-3321684032-1000\..\Run : [GoogleChromeAutoLaunch_C0B41EBCAD8CA7D9B0D4442F298E2F03] "C:\Users\Oim\AppData\Local\Google\Chrome\Application\chrome.exe" --no-startup-window
04 - HKU\S-1-5-19\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-20\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe

[b]################## | Recherche g�n�rique |[/b]

Pr�sent! E:\a.txt

[b]################## | Registre |[/b]


[b]################## | E.O.F | [url=http://www.sosvirus.net/]http://www.sosvirus.net/[/url] | [url=http://www.usbfix.net/]http://www.usbfix.net/[/url] |[/b]

Publicité


Signaler le contenu de ce document

Publicité