cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

############################## | UsbFix V 7.169 | [Recherche]

Utilisateur: djecel (Administrateur) # DJECEL-PC
Mis � jour le 31/03/2014 par El Desaparecido - Team SosVirus
Lanc� � 17:50:13 | 07/04/2014

Site Web : http://www.usbfix.net/
Changelog : http://www.usbfix.net/maj/
Support : http://www.sosvirus.net/forum-virus-securite.html
Upload Malware : http://www.sosvirus.net/upload_malware.php
Contact : http://www.usbfix.net/contact/

PC: SAMSUNG ELECTRONICS CO., LTD. (RV410/RV510/S3510/E3510 )
CPU: Pentium(R) Dual-Core CPU T4500 @ 2.30GHz
RAM -> [Total : 3067 Mo| Free : 1493 Mo]
Bios: Phoenix Technologies Ltd.
Boot: Normal boot

OS: Microsoft Windows�7 �dition Int�grale (6.1.7601 64-Bit) Service Pack 1
WB: Windows Internet Explorer : 11.0.9600.16521
WB: Google Chrome : 33.0.1750.154

SC: Security Center [Enabled]
WU: Windows Update [Enabled]
AV: avast! Antivirus [Enabled | Updated]
AS: Windows Defender [Enabled | Updated]
AS: avast! Antivirus [Enabled | Updated]
FW: Windows FireWall [(!) Disabled]

C:\ (%systemdrive%) -> Disque fixe # 357 Go (173 Go libre(s) - 48%) [] # NTFS
E:\ -> CD-ROM
F:\ -> Disque amovible # 8 Go (7 Go libre(s) - 99%) [] # FAT32
G:\ -> Disque amovible # 7 Go (2 Go libre(s) - 32%) [] # FAT32

################## | Processus Actif |

C:\Windows\system32\csrss.exe (ID: 400 |ParentID: 392)
C:\Windows\system32\wininit.exe (ID: 468 |ParentID: 392)
C:\Windows\system32\csrss.exe (ID: 488 |ParentID: 460)
C:\Windows\system32\services.exe (ID: 528 |ParentID: 468)
C:\Windows\system32\winlogon.exe (ID: 560 |ParentID: 460)
C:\Windows\system32\lsass.exe (ID: 572 |ParentID: 468)
C:\Windows\system32\lsm.exe (ID: 580 |ParentID: 468)
C:\Windows\system32\svchost.exe (ID: 712 |ParentID: 528)
C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe (ID: 768 |ParentID: 528)
C:\Windows\system32\svchost.exe (ID: 872 |ParentID: 528)
C:\Windows\system32\atiesrxx.exe (ID: 960 |ParentID: 528)
C:\Windows\System32\svchost.exe (ID: 996 |ParentID: 528)
C:\Windows\System32\svchost.exe (ID: 344 |ParentID: 528)
C:\Windows\system32\svchost.exe (ID: 384 |ParentID: 528)
C:\Windows\system32\svchost.exe (ID: 396 |ParentID: 528)
C:\Windows\system32\svchost.exe (ID: 1080 |ParentID: 528)
C:\Windows\system32\svchost.exe (ID: 1192 |ParentID: 528)
C:\Windows\system32\atieclxx.exe (ID: 1292 |ParentID: 960)
C:\Program Files\AVAST Software\Avast\AvastSvc.exe (ID: 1408 |ParentID: 528)
C:\Windows\System32\spoolsv.exe (ID: 1552 |ParentID: 528)
C:\Windows\system32\svchost.exe (ID: 1580 |ParentID: 528)
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (ID: 1672 |ParentID: 528)
C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE (ID: 1728 |ParentID: 528)
C:\Windows\system32\taskhost.exe (ID: 1900 |ParentID: 528)
C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE (ID: 1968 |ParentID: 528)
C:\Windows\system32\Dwm.exe (ID: 2020 |ParentID: 344)
C:\Windows\Explorer.EXE (ID: 1272 |ParentID: 1976)
C:\Windows\system32\taskeng.exe (ID: 1920 |ParentID: 396)
C:\Program Files (x86)\IObit\Advanced SystemCare 7\Monitor.exe (ID: 2076 |ParentID: 1920)
C:\Program Files\ma-config.com\MaConfigAgent.exe (ID: 2140 |ParentID: 528)
C:\Program Files (x86)\Mobogenie\MgAssist.exe (ID: 2168 |ParentID: 528)
C:\Windows\system32\svchost.exe (ID: 2416 |ParentID: 528)
C:\Windows\system32\svchost.exe (ID: 2256 |ParentID: 528)
C:\Windows\system32\svchost.exe (ID: 2508 |ParentID: 528)
C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe (ID: 3084 |ParentID: 1272)
C:\Windows\System32\wscript.exe (ID: 3096 |ParentID: 1272)
C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe (ID: 3248 |ParentID: 3104)
C:\Program Files\AVAST Software\Avast\AvastUI.exe (ID: 3256 |ParentID: 3104)
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (ID: 3288 |ParentID: 3168)
C:\Windows\system32\SearchIndexer.exe (ID: 3596 |ParentID: 528)
C:\Program Files\Windows Media Player\wmpnetwk.exe (ID: 3708 |ParentID: 528)
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (ID: 3000 |ParentID: 3288)
C:\Windows\System32\svchost.exe (ID: 3124 |ParentID: 528)
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe (ID: 4624 |ParentID: 528)
C:\Windows\System32\svchost.exe (ID: 4384 |ParentID: 528)
C:\Program Files\Internet Explorer\iexplore.exe (ID: 592 |ParentID: 1272)
C:\Windows\system32\Macromed\Flash\FlashUtil64_12_0_0_77_ActiveX.exe (ID: 3076 |ParentID: 712)
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE (ID: 4116 |ParentID: 592)
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE (ID: 1072 |ParentID: 592)
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE (ID: 5996 |ParentID: 592)
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE (ID: 1536 |ParentID: 592)
C:\Windows\System32\MsSpellCheckingFacility.exe (ID: 6812 |ParentID: 712)
C:\Windows\system32\AUDIODG.EXE (ID: 6668 |ParentID: 996)
C:\Windows\System32\WUDFHost.exe (ID: 6756 |ParentID: 344)
C:\Users\djecel\Downloads\RogueKillerX64.exe (ID: 5536 |ParentID: 1272)
C:\Windows\system32\SearchProtocolHost.exe (ID: 6960 |ParentID: 3596)
C:\Windows\system32\SearchFilterHost.exe (ID: 6996 |ParentID: 3596)
c:\program files\windows defender\MpCmdRun.exe (ID: 4992 |ParentID: 5748)
C:\Windows\system32\wbem\wmiprvse.exe (ID: 6300 |ParentID: 712)

################## | Regedit Run |

F2 - HKLM\..\Winlogon : [Shell] explorer.exe
F2 - [x64] HKLM\..\Winlogon : [Shell] explorer.exe
F2 - HKLM\..\Winlogon : [Userinit] userinit.exe
F2 - [x64] HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe,
04 - HKCU\..\Run : [EPSON SX410 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFCE.EXE /FU "C:\Windows\TEMP\E_S862C.tmp" /EF "HKCU"
04 - HKCU\..\Run : [Advanced SystemCare 7] "C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto
04 - HKCU\..\Run : [iTunesHelper] wscript.exe //B "C:\Users\djecel\AppData\Local\Temp\iTunesHelper.vbe"
04 - HKLM\..\Run : [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
04 - HKLM\..\Run : [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
04 - HKLM\..\Run : [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
04 - HKLM\..\Run : [AgentMonitor] C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe
04 - HKLM\..\Run : [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
04 - HKLM\..\RunOnce : []
04 - HKU\S-1-5-19\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-20\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-21-2680582778-3496884801-3350215911-1000\..\Run : [EPSON SX410 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFCE.EXE /FU "C:\Windows\TEMP\E_S862C.tmp" /EF "HKCU"
04 - HKU\S-1-5-21-2680582778-3496884801-3350215911-1000\..\Run : [Advanced SystemCare 7] "C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto
04 - HKU\S-1-5-21-2680582778-3496884801-3350215911-1000\..\Run : [iTunesHelper] wscript.exe //B "C:\Users\djecel\AppData\Local\Temp\iTunesHelper.vbe"
04 - HKU\S-1-5-19\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-20\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe

################## | Recherche g�n�rique |

Pr�sent! C:\Users\djecel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\iTunesHelper.vbe
Pr�sent! C:\Users\djecel\AppData\Local\Temp\iTunesHelper.vbe
Pr�sent! F:\iTunesHelper.vbe
Pr�sent! G:\iTunesHelper.vbe
Pr�sent! G:\Nouveau dossier.lnk
Pr�sent! G:\trz36EB.tmp

################## | Registre |

Pr�sent! HKU\S-1-5-21-2680582778-3496884801-3350215911-1000\Software\Microsoft\Windows\CurrentVersion\Run|iTunesHelper
Pr�sent! HKCU\Software\Microsoft\Windows\CurrentVersion\Run|iTunesHelper

################## | E.O.F | http://www.usbfix.net/ - http://www.sosvirus.net |

Publicité


Signaler le contenu de ce document

Publicité