Miss_estrellita
Participant
Nombre d'articles : 25

############################## | UsbFix V 7.169 | [Suppression]

Utilisateur: Magda (Administrateur) # Magda-TOSH
Mis à jour le 08/05/2014 par El Desaparecido – Team SosVirus
Lancé à 23:55:37 | 11/05/2014

Site Web : http://www.usbfix.net/” onclick=”window.open(this.href);return false;
Changelog : http://www.usbfix.net/maj/” onclick=”window.open(this.href);return false;
Support : forum-virus-securite.html
Upload Malware : upload_malware.php
Contact : http://www.usbfix.net/contact/” onclick=”window.open(this.href);return false;

PC: Intel Corp. (Base Board Product Name)
CPU: Intel(R) Core(TM) i3-2310M CPU @ 2.10GHz
RAM -> [Total : 4078 Mo| Free : 3008 Mo]
Bios: INSYDE
Boot: Normal boot

OS: Microsoft Windows 7 Édition Familiale Premium (6.1.7601 64-Bit) Service Pack 1
WB: Windows Internet Explorer : 11.0.9600.17105
WB: Mozilla Firefox : 28.0

SC: Security Center [Enabled]
WU: Windows Update [Enabled]
AV: avast! Antivirus [(!) Disabled | Updated]
AS: Windows Defender [Enabled | Updated]
AS: avast! Antivirus [(!) Disabled | Updated]
FW: Windows FireWall [Enabled]

C: (%systemdrive%) -> Disque fixe # 297 Go (239 Go libre(s) – 80%) [WINDOWS] # NTFS
D: -> Disque fixe # 298 Go (260 Go libre(s) – 87%) [Data] # NTFS
E: -> CD-ROM
F: -> Disque amovible # 493 Mo (2 Mo libre(s) – 0%) [] # FAT32

################## | Processus Actif |

C:Windowssystem32csrss.exe (ID: 556 |ParentID: 544)
C:Windowssystem32wininit.exe (ID: 604 |ParentID: 544)
C:Windowssystem32csrss.exe (ID: 628 |ParentID: 612)
C:Windowssystem32services.exe (ID: 676 |ParentID: 604)
C:Windowssystem32lsass.exe (ID: 696 |ParentID: 604)
C:Windowssystem32lsm.exe (ID: 704 |ParentID: 604)
C:Windowssystem32winlogon.exe (ID: 900 |ParentID: 612)
C:Windowssystem32svchost.exe (ID: 976 |ParentID: 676)
C:Windowssystem32nvvsvc.exe (ID: 344 |ParentID: 676)
C:Windowssystem32svchost.exe (ID: 452 |ParentID: 676)
C:WindowsSystem32svchost.exe (ID: 612 |ParentID: 676)
C:WindowsSystem32svchost.exe (ID: 1044 |ParentID: 676)
C:Windowssystem32svchost.exe (ID: 1088 |ParentID: 676)
C:Windowssystem32svchost.exe (ID: 1128 |ParentID: 676)
C:Windowssystem32svchost.exe (ID: 1244 |ParentID: 676)
C:Program FilesNVIDIA CorporationDisplayNvXDSync.exe (ID: 1360 |ParentID: 344)
C:Windowssystem32nvvsvc.exe (ID: 1372 |ParentID: 344)
C:Windowssystem32svchost.exe (ID: 1392 |ParentID: 676)
C:Program FilesAVAST SoftwareAvastAvastSvc.exe (ID: 1548 |ParentID: 676)
C:Windowssystem32WLANExt.exe (ID: 1560 |ParentID: 1044)
C:Windowssystem32conhost.exe (ID: 1580 |ParentID: 556)
C:Windowssystem32taskeng.exe (ID: 1804 |ParentID: 1128)
C:WindowsSystem32spoolsv.exe (ID: 1828 |ParentID: 676)
C:Windowssystem32svchost.exe (ID: 1872 |ParentID: 676)
C:Program Files (x86)Common FilesAdobeARM1.0armsvc.exe (ID: 2028 |ParentID: 676)
C:Program Files (x86)Microsoft Application Virtualization Clientsftvsa.exe (ID: 2288 |ParentID: 676)
C:Program Files (x86)SkypeUpdaterUpdater.exe (ID: 2340 |ParentID: 676)
C:Program Files (x86)NVIDIA Corporation3D VisionnvSCPAPISvr.exe (ID: 2376 |ParentID: 676)
C:Windowssystem32svchost.exe (ID: 2416 |ParentID: 676)
C:Windowssystem32ThpSrv.exe (ID: 2460 |ParentID: 676)
C:Windowssystem32TODDSrv.exe (ID: 2496 |ParentID: 676)
C:Program FilesTOSHIBAPower SaverTosCoSrv.exe (ID: 2528 |ParentID: 676)
C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSVC.EXE (ID: 2632 |ParentID: 676)
C:Program Files (x86)Microsoft Application Virtualization Clientsftlist.exe (ID: 2672 |ParentID: 676)
C:Program FilesTOSHIBATECOTecoService.exe (ID: 2764 |ParentID: 676)
C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSvcM.exe (ID: 1704 |ParentID: 2632)
C:Windowssystem32wbemwmiprvse.exe (ID: 3216 |ParentID: 976)
C:Program Files (x86)Common FilesMicrosoft SharedVirtualization HandlerCVHSVC.EXE (ID: 3328 |ParentID: 676)
C:WindowsservicingTrustedInstaller.exe (ID: 3368 |ParentID: 676)
C:Windowssystem32svchost.exe (ID: 3576 |ParentID: 676)
C:Windowssystem32svchost.exe (ID: 3844 |ParentID: 676)
C:WindowsMicrosoft.NetFramework64v3.0WPFPresentationFontCache.exe (ID: 1572 |ParentID: 676)
C:Windowssystem32Dwm.exe (ID: 1184 |ParentID: 1044)
C:Windowssystem32taskhost.exe (ID: 1964 |ParentID: 676)
C:WindowsExplorer.EXE (ID: 1920 |ParentID: 3736)
C:Windowssystem32runonce.exe (ID: 3712 |ParentID: 1920)
C:WindowsSysWOW64runonce.exe (ID: 3928 |ParentID: 3712)
C:WindowsSystem32WUDFHost.exe (ID: 3192 |ParentID: 1044)
C:Windowssystem32taskeng.exe (ID: 540 |ParentID: 1128)
C:Program Files (x86)TOSHIBAConfigFreeNDSTray.exe (ID: 3124 |ParentID: 540)
C:Windowssystem32wbemwmiprvse.exe (ID: 2156 |ParentID: 976)

################## | Recherche générique |

Supprimé! F:SETTINGS.DAT.lnk
Supprimé! F:FAV.DAT.lnk
Supprimé! F:socio expo!.lnk
Supprimé! F:Coran.lnk
Supprimé! F:Nouveau dossier.lnk
Supprimé! F:autorun.inf.lnk
Supprimé! F:Nouveau dossier (2).lnk

(!) Fichiers temporaires supprimés.

################## | Registre |

################## | Regedit Run |

F2 – HKLM..Winlogon : [Shell] Explorer.exe
F2 – [x64] HKLM..Winlogon : [Shell] Explorer.exe
F2 – HKLM..Winlogon : [Userinit] C:WindowsSysWOW64Userinit.exe,
F2 – [x64] HKLM..Winlogon : [Userinit] C:Windowssystem32userinit.exe,
04 – HKCU..Run : [TOPI.EXE] C:Program Files (x86)TOSHIBATOSHIBA Online Product Informationtopi.exe /STAR
04 – HKCU..Run : [Google Update] “C:UsersMagda RAISAppDataLocalGoogleUpdateGoogleUpdate.exe” /c
04 – HKCU..Run : [Sidebar] C:Program FilesWindows Sidebarsidebar.exe /autoRun
04 – HKCU..Run : [Skype] “C:Program Files (x86)SkypePhoneSkype.exe” /minimized /regrun
04 – HKLM..Run : [Adobe Reader Speed Launcher] “C:Program Files (x86)AdobeReader 10.0ReaderReader_sl.exe”
04 – HKLM..Run : [Adobe ARM] “C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe”
04 – HKLM..Run : [NBAgent] “c:Program Files (x86)NeroNero 10Nero BackItUpNBAgent.exe” /WinStart
04 – HKLM..Run : [ToshibaServiceStation] “C:Program Files (x86)TOSHIBATOSHIBA Service StationToshibaServiceStation.exe” /hide:60
04 – HKLM..Run : [AdobeCS5.5ServiceManager] “C:Program Files (x86)Common FilesAdobeCS5.5ServiceManagerCS5.5ServiceManager.exe” -launchedbylogin
04 – HKLM..Run : [SunJavaUpdateSched] “C:Program Files (x86)Common FilesJavaJava Updatejusched.exe”
04 – HKLM..Run : [AvastUI.exe] “C:Program FilesAVAST SoftwareAvastAvastUI.exe” /nogui
04 – [x64] HKLM..Run : [Toshiba TEMPRO] C:Program Files (x86)Toshiba TEMPROTemproTray.exe
04 – [x64] HKLM..Run : [TosNC] %ProgramFiles%ToshibaBulletinBoardTosNcCore.exe
04 – [x64] HKLM..Run : [TosReelTimeMonitor] %ProgramFiles%TOSHIBAReelTimeTosReelTimeMonitor.exe
04 – [x64] HKLM..Run : [TPwrMain] %ProgramFiles%TOSHIBAPower SaverTPwrMain.EXE
04 – [x64] HKLM..Run : [HSON] %ProgramFiles%TOSHIBATBSHSON.exe
04 – [x64] HKLM..Run : [TCrdMain] %ProgramFiles%TOSHIBAFlashCardsTCrdMain.exe
04 – [x64] HKLM..Run : [SmartAudio] C:Program FilesCONEXANTSAIISAIICpl.exe /t
04 – [x64] HKLM..Run : [SynTPEnh] %ProgramFiles%SynapticsSynTPSynTPEnh.exe
04 – [x64] HKLM..Run : [ThpSrv] C:Windowssystem32thpsrv /logon
04 – [x64] HKLM..Run : [Teco] “%ProgramFiles%TOSHIBATECOTeco.exe” /r
04 – [x64] HKLM..Run : [TosSENotify] C:Program FilesTOSHIBATOSHIBA HDD SSD AlertTosWaitSrv.exe
04 – [x64] HKLM..Run : [TosWaitSrv] %ProgramFiles%TOSHIBATPHMTosWaitSrv.exe
04 – [x64] HKLM..Run : [TosVolRegulator] C:Program FilesTOSHIBATosVolRegulatorTosVolRegulator.exe
04 – [x64] HKLM..Run : [Toshiba Registration] C:Program FilesTOSHIBARegistrationToshibaReminder.exe
04 – [x64] HKLM..Run : [AdobeAAMUpdater-1.0] “C:Program Files (x86)Common FilesAdobeOOBEPDAppUWAUpdaterStartupUtility.exe”
04 – HKUS-1-5-21-339401442-3039507466-214422036-1000..Run : [TOPI.EXE] C:Program Files (x86)TOSHIBATOSHIBA Online Product Informationtopi.exe /STAR
04 – HKUS-1-5-21-339401442-3039507466-214422036-1000..Run : [Google Update] “C:UsersMagda RAISAppDataLocalGoogleUpdateGoogleUpdate.exe” /c
04 – HKUS-1-5-21-339401442-3039507466-214422036-1000..Run : [Sidebar] C:Program FilesWindows Sidebarsidebar.exe /autoRun
04 – HKUS-1-5-21-339401442-3039507466-214422036-1000..Run : [Skype] “C:Program Files (x86)SkypePhoneSkype.exe” /minimized /regrun
04 – HKUS-1-5-18..Run : [TOPI.EXE] C:Program Files (x86)TOSHIBATOSHIBA Online Product Informationtopi.exe /STARTUP

################## | Listing |

[30/03/2012 – 15:44:10 | SHD] – C:$RECYCLE.BIN
[10/05/2014 – 22:26:34 | D] – C:Config.Msi
[20/01/2014 – 13:51:20 | N | 1 Ko | EBABDA4F0F39A081BA0C6F1AA43E5398] – C:DelFix.txt
[02/04/2012 – 19:12:22 | D] – C:DiacammaClient
[14/07/2009 – 07:08:56 | SHD] – C:Documents and Settings
[30/01/2014 – 23:44:42 | D] – C:Downloads
[11/05/2014 – 23:53:59 | ASH | 3131796 Ko] – C:hiberfil.sys
[17/11/2011 – 15:32:12 | RD] – C:MSOCache
[11/05/2014 – 23:54:02 | ASH | 4175728 Ko] – C:pagefile.sys
[14/07/2009 – 05:20:08 | D] – C:PerfLogs
[16/04/2014 – 18:45:53 | D] – C:Program Files
[09/05/2014 – 22:11:45 | D] – C:Program Files (x86)
[15/04/2014 – 17:35:41 | D] – C:ProgramData
[13/05/2011 – 09:22:02 | N | 0 Ko | 3ECD361F2742DA0845C104E6FCB794C0] – C:SWSTAMP.TXT
[11/05/2014 – 22:20:47 | SHD] – C:System Volume Information
[29/10/2011 – 16:27:00 | D] – C:Toshiba
[11/05/2014 – 23:52:14 | D] – C:UsbFix
[11/05/2014 – 23:56:39 | A | 9 Ko | 6D162CB4BCAC103BAF142F79F69F8128] – C:UsbFix [Clean 2] MAGDARAIS-TOSH.txt
[16/10/2013 – 11:29:41 | D] – C:Users
[04/12/2012 – 00:37:07 | D] – C:wamp
[17/03/2014 – 14:37:28 | D] – C:Windows
[29/10/2011 – 16:19:05 | D] – D:$RECYCLE.BIN
[21/05/2011 – 21:18:43 | D] – D:HDDRecovery
[30/10/2011 – 15:53:29 | D] – D:MAGDARAIS-TOSH
[30/10/2011 – 15:53:05 | N | 1 Ko] – D:MediaID.bin
[21/05/2011 – 22:26:55 | N | 0 Ko] – D:R15592SO.tag
[30/10/2011 – 16:34:07 | SHD] – D:System Volume Information
[25/12/2012 – 16:34:20 | N | 0 Ko] – D:WINDOWS (C) – Raccourci.lnk
[30/10/2011 – 15:54:55 | D] – D:WindowsImageBackup
[27/12/2002 – 18:44:58 | N | 1 Ko] – F:SETTINGS.DAT
[27/12/2002 – 18:44:58 | N | 1 Ko] – F:FAV.DAT
[06/05/2013 – 21:28:28 | N | 3590 Ko] – F:1Leona_Lewis-Better_In_Time (4).mp3
[01/01/1980 – 00:00:00 | N | 0 Ko] – F:.cm0013
[03/05/2013 – 00:07:44 | N | 4426 Ko] – F:Adele Someone Like You.mp3
[31/07/2011 – 18:33:36 | N | 4112 Ko] – F:la_solitudine_laura_pausini.mp3
[31/07/2011 – 19:45:12 | N | 11298 Ko] – F:Ah Wu Nos.mp3
[27/05/2008 – 09:56:04 | D] – F:socio expo!
[03/05/2013 – 00:06:56 | N | 3574 Ko] – F:Leona Lewis – Better In Time.mp3
[16/04/2014 – 07:03:20 | N | 3 Ko] – F:BOOTEX.LOG
[30/04/2013 – 22:07:20 | N | 5323 Ko] – F:Adele_-_Promise_This.mp3
[30/04/2013 – 22:31:46 | N | 6873 Ko] – F:Kelly_Clarkson-Stronger.mp3
[27/12/2002 – 18:44:58 | D] – F:VOICE
[31/10/2011 – 19:03:56 | N | 5754 Ko] – F:Flashdance…What A Feeling – Irene Cara.mp3
[13/08/2012 – 17:17:38 | N | 4343 Ko] – F:Carly_Rae_Jepsen_-_Call_Me_Maybe.mp3
[14/04/2013 – 19:38:10 | D] – F:MUSIQUE
[06/05/2013 – 21:41:28 | N | 8868 Ko] – F:Avril_Lavigne_-_I_m_With_You_7186.mp3
[06/05/2013 – 21:25:14 | N | 1857 Ko] – F:Kelly Clarkson – Breakaway.mp3
[06/01/2012 – 22:45:06 | N | 8687 Ko] – F:1 Price Tag.mp3
[22/03/2014 – 13:32:46 | N | 3621 Ko] – F:Jencarlos Canela – Mi Corazon Insiste (Lyrics).mp3
[19/02/2012 – 23:27:56 | N | 2701 Ko] – F:Irma – I know.mp3
[03/03/2012 – 22:39:12 | N | 4063 Ko] – F:a moment like this.mp3
[03/03/2012 – 22:33:38 | N | 3744 Ko] – F:Teenage dream.mp3
[03/03/2012 – 22:41:18 | N | 3354 Ko] – F:let the music play.mp3
[03/03/2012 – 22:50:44 | N | 3820 Ko] – F:1-io_canto.mp3
[03/03/2012 – 22:54:52 | N | 3435 Ko] – F:Torn.mp3
[03/03/2012 – 23:17:28 | N | 3241 Ko] – F:breaking free.mp3
[30/04/2013 – 23:06:22 | N | 8359 Ko] – F:Already Gone kellyclarkson.mp3
[07/11/2013 – 22:53:24 | N | 4200 Ko] – F:Vanessa Carlton – A Thousand Miles.mp3
[25/07/2012 – 23:18:48 | D] – F:Classique
[22/07/2012 – 23:37:24 | D] – F:Coran
[07/04/2014 – 18:26:24 | N | 3872 Ko] – F:Hey there delilah lyrics..mp3
[11/08/2012 – 13:01:42 | N | 4226 Ko] – F:insha-allah-francais-mp3.mp3
[19/01/2014 – 20:45:42 | N | 5626 Ko] – F:Al Marconi – Redemption.mp3
[08/11/2013 – 08:42:28 | N | 1216 Ko] – F:cir_35638.pdf
[19/02/2014 – 21:25:28 | N | 332 Ko | 496E974C0A0630FF60AC2D704ECFCA4F] – F:Setup.exe
[27/05/2008 – 09:02:12 | D] – F:Nouveau dossier
[05/03/2014 – 23:02:02 | N | 6751 Ko] – F:Yanni – Until The Last Moment.mp3
[26/01/2014 – 00:52:30 | N | 4312 Ko] – F:Sad Violin [HQ].mp3
[09/04/2014 – 14:00:26 | N | 0 Ko] – F:Buscame – Jencarlos Canela.mp3.6vuq6qa.partial
[08/11/2013 – 08:55:12 | N | 1233 Ko] – F:circulaire 2011 methodologie contrôle SRC.pdf
[24/03/2014 – 00:00:02 | N | 4125 Ko] – F:Bring Me the Night – Sam Tsui &; Kina Grannis.mp3
[10/04/2014 – 15:15:00 | N | 3434 Ko] – F:Jencarlos Canela – Amor Quedate [HD] (walmart.com).mp3
[08/11/2013 – 08:59:08 | N | 4725 Ko] – F:Guide_Pratique_du_prestataire_de_Formation_professionnelle_continue.pdf
[31/03/2014 – 08:30:02 | N | 4023 Ko] – F:Birdy – People Help The People (Official Video).mp3
[05/03/2014 – 23:23:54 | N | 2386 Ko] – F:Nat King Cole- L O V E Lyrics.mp3
[30/04/2014 – 01:10:38 | N | 4034 Ko] – F:me enamore de ti- chayanne.mp3
[30/04/2014 – 01:12:04 | N | 4077 Ko] – F:Dígale_-_David_Bisbal_-_CON_LETRA.mp3
[31/03/2014 – 08:31:52 | N | 4450 Ko] – F:Emeli Sandé – Read All About It (pt III) [Lyrics On Screen].mp3
[11/02/2014 – 00:31:10 | N | 4189 Ko] – F:Let It GoLet Her Go (FrozenPassenger MASHUP) – Sam Tsui.mp3
[02/10/2013 – 21:45:54 | N | 3500 Ko] – F:Peaceful Warrior _ Everything Has a Purpose.mp3
[06/04/2014 – 00:13:44 | N | 4889 Ko] – F:All Of Me – John Legend & Lindsey Stirling.mp3
[09/04/2014 – 14:09:20 | N | 3055 Ko] – F:Buscame – Jencarlos Canela.mp3
[20/03/2014 – 00:35:40 | N | 4501 Ko] – F:Christina Perri – A Thousand Years (Official Music Video).mp3
[09/08/2013 – 15:57:44 | N | 4876 Ko] – F:Lindsey Stirling – We Found Love – Feat. Alisha Popat – Lyrics on video -.mp3
[04/06/2011 – 10:22:42 | N | 6380 Ko] – F:Relax Take It Easy.mp3
[04/06/2011 – 10:31:48 | N | 5756 Ko] – F:Because of You.mp3
[04/06/2011 – 10:26:02 | N | 8644 Ko] – F:Mercy.mp3
[27/12/2009 – 15:54:14 | N | 3965 Ko] – F:No Stress.mp3
[20/07/2011 – 08:15:24 | N | 2776 Ko] – F:Fame.mp3
[20/07/2011 – 08:17:44 | D] – F:Nouveau dossier (2)
[05/09/2010 – 14:49:18 | N | 3096 Ko] – F:cheb Douzi lala mariama.mp3
[05/09/2010 – 14:48:10 | N | 3778 Ko] – F:Cheb Rayan – Goulou l Mama (Feat. Jalal El Hamdaoui).mp3

################## | Vaccin |

D:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
F:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)

################## | E.O.F | http://www.usbfix.net/” onclick=”window.open(this.href);return false; – https://www.sosvirus.net” onclick=”window.open(this.href);return false; |