SoukainaAlami
Participant
Nombre d'articles : 8

############################## | UsbFix V 7.171 | [Recherche]

Utilisateur: Soukaina (Administrateur) # SOUKAINA-PC
Mis à jour le 09/06/2014 par El Desaparecido – SosVirus
Lancé à 18:18:50 | 22/06/2014

Site Web : http://www.usbfix.net/
Changelog : http://www.usbfix.net/maj/
Assistance : https://www.sosvirus.net/aide-nettoyage-pc/
Upload Malware : https://www.sosvirus.net/upload_malware.php
Contact : http://www.usbfix.net/contact/

PC: Intel (PT10F)
CPU: Intel(R) Core(TM) i3-3110M CPU @ 2.40GHz
RAM -> [Total : 2701 Mo| Free : 1668 Mo]
Bios: Insyde Corp.
Boot: Normal boot

OS: Microsoft Windows 7 Édition Intégrale (6.1.7601 32-Bit) Service Pack 1
WB: Windows Internet Explorer : 11.0.9600.17126
WB: Google Chrome : 35.0.1916.153

SC: Security Center [Enabled]
WU: Windows Update [Enabled]
AS: Windows Defender [Enabled | (!) Outdated]
FW: Windows FireWall [(!) Disabled]

C: (%SystemDrive%) -> Disque fixe # 228 Go (197 Go libre(s) – 86%) [] # NTFS
D: -> Disque fixe # 237 Go (176 Go libre(s) – 74%) [] # NTFS
E: -> CD-ROM

################## | Processus Actif |

C:WindowsSystem32smss.exe (ID: 316|ParentID: 4|Système)
C:WindowsSystem32wininit.exe (ID: 520|ParentID: 396)
C:WindowsSystem32winlogon.exe (ID: 576|ParentID: 512)
C:WindowsSystem32services.exe (ID: 624|ParentID: 520)
C:WindowsSystem32lsass.exe (ID: 632|ParentID: 520)
C:WindowsSystem32lsm.exe (ID: 644|ParentID: 520)
C:WindowsSystem32svchost.exe (ID: 744|ParentID: 624)
C:WindowsSystem32svchost.exe (ID: 808|ParentID: 624)
C:WindowsSystem32svchost.exe (ID: 924|ParentID: 624)
C:WindowsSystem32svchost.exe (ID: 960|ParentID: 624)
C:WindowsSystem32svchost.exe (ID: 988|ParentID: 624)
C:WindowsSystem32svchost.exe (ID: 1012|ParentID: 624)
C:WindowsSystem32audiodg.exe (ID: 1108|ParentID: 924)
C:WindowsSystem32svchost.exe (ID: 1356|ParentID: 624)
C:WindowsSystem32spoolsv.exe (ID: 1580|ParentID: 624)
C:WindowsSystem32svchost.exe (ID: 1608|ParentID: 624)
C:Program FilesCommon FilesAdobeARM1.0armsvc.exe (ID: 1700|ParentID: 624)
C:Program FilesWeb ConnectionIAMBackgroundServiceServiceManager.exe (ID: 1740|ParentID: 624)
C:WindowsSystem32dwm.exe (ID: 1840|ParentID: 960|Soukaina)
C:Windowsexplorer.exe (ID: 1848|ParentID: 1832|Soukaina)
C:WindowsSystem32taskhost.exe (ID: 1892|ParentID: 624|Soukaina)
C:Program FilesMicrosoft SQL ServerMSSQL10.SQLEXPRESSMSSQLBinnsqlservr.exe (ID: 1944|ParentID: 624)
C:Program FilesBitdefender60-Second Virus Scannerpdscan.exe (ID: 2028|ParentID: 624)
C:Program FilesMicrosoft SQL Server90Sharedsqlwriter.exe (ID: 1008|ParentID: 624)
C:WindowsSystem32svchost.exe (ID: 1300|ParentID: 624)
C:Program FilesGreener WebupdateGreenerWeb.exe (ID: 2088|ParentID: 624)
C:WindowsSystem32taskeng.exe (ID: 2100|ParentID: 1012)
C:Program FilesGreener WebbinutilGreenerWeb.exe (ID: 2252|ParentID: 624)
C:WindowsSystem32svchost.exe (ID: 2540|ParentID: 624)
C:WindowsSystem32svchost.exe (ID: 2620|ParentID: 624)
C:Program FilesWeb ConnectionIAMBackgroundServiceModemListener.exe (ID: 2964|ParentID: 1848|Soukaina)
C:WindowsSystem32igfxtray.exe (ID: 2984|ParentID: 1848|Soukaina)
C:WindowsSystem32hkcmd.exe (ID: 2996|ParentID: 1848|Soukaina)
C:WindowsSystem32igfxsrvc.exe (ID: 3108|ParentID: 744|Soukaina)
C:WindowsSystem32igfxpers.exe (ID: 3252|ParentID: 1848|Soukaina)
C:Program FilesSynapticsSynTPSynTPEnh.exe (ID: 3500|ParentID: 1848|Soukaina)
C:Program FilesToshibaBluetooth Toshiba StackItSecMng.exe (ID: 3512|ParentID: 1848|Soukaina)
C:Program FilesCommon FilesJavaJava Updatejusched.exe (ID: 3544|ParentID: 1848|Soukaina)
C:Program FilesInternet Download ManagerIDMan.exe (ID: 3608|ParentID: 1848|Soukaina)
C:Program FilesBitdefender60-Second Virus Scannerpdiface.exe (ID: 3616|ParentID: 1848|Soukaina)
C:WindowsSystem32SearchIndexer.exe (ID: 3724|ParentID: 624)
C:WindowsSystem32wscript.exe (ID: 3928|ParentID: 3628|Soukaina)
C:WindowsSystem32wscript.exe (ID: 3944|ParentID: 3552|Soukaina)
C:WindowsSystem32wscript.exe (ID: 3956|ParentID: 3628|Soukaina)
C:WindowsSystem32wscript.exe (ID: 3968|ParentID: 3552|Soukaina)
C:WindowsSystem32wscript.exe (ID: 3988|ParentID: 3628|Soukaina)
C:WindowsSystem32wscript.exe (ID: 4024|ParentID: 3552|Soukaina)
C:Program FilesAdobeReader 11.0Readerreader_sl.exe (ID: 4052|ParentID: 3532|Soukaina)
C:Program FilesSynapticsSynTPSynTPHelper.exe (ID: 2216|ParentID: 3584|Soukaina)
C:Program FilesGreener WebbinGreenerWeb.PurBrowse.exe (ID: 1292|ParentID: 2252)
C:WindowsSystem32conhost.exe (ID: 3828|ParentID: 468)
C:WindowsSystem32SearchProtocolHost.exe (ID: 3648|ParentID: 3724)
C:WindowsSystem32SearchFilterHost.exe (ID: 3628|ParentID: 3724|Système)
C:Program FilesGreener WebbinGreenerWeb.BrowserAdapter.exe (ID: 2480|ParentID: 2252|Soukaina)
C:Program FilesWindows Media Playerwmpnetwk.exe (ID: 3268|ParentID: 624)
C:WindowsSystem32svchost.exe (ID: 3120|ParentID: 624)
C:UsbFixUsbFix.exe (ID: 4556|ParentID: 1848|Soukaina)
C:Program FilesInternet Download ManagerIEMonitor.exe (ID: 5068|ParentID: 3608|Soukaina)

################## | Autorun |

################## | Regedit Run |

F2 – HKLM..Winlogon : [Shell] explorer.exe
F2 – HKLM..Winlogon : [Userinit] C:Windowssystem32userinit.exe,
04 – HKCU..Run : [IDMan] C:Program FilesInternet Download ManagerIDMan.exe /onboot
04 – HKCU..Run : [pdiface] C:Program FilesBitdefender60-Second Virus Scannerpdiface.exe -noshow
04 – HKLM..Run : [IAM_Web Flame ModemListener] C:Program FilesWeb ConnectionIAMBackgroundServiceModemListener.exe start
04 – HKLM..Run : [IgfxTray] “C:Windowssystem32igfxtray.exe”
04 – HKLM..Run : [HotKeysCmds] “C:Windowssystem32hkcmd.exe”
04 – HKLM..Run : [Persistence] “C:Windowssystem32igfxpers.exe”
04 – HKLM..Run : [SynTPEnh] %ProgramFiles%SynapticsSynTPSynTPEnh.exe
04 – HKLM..Run : [ITSecMng] %ProgramFiles%TOSHIBABluetooth Toshiba StackItSecMng.exe /START
04 – HKLM..Run : [Adobe ARM] “C:Program FilesCommon FilesAdobeARM1.0AdobeARM.exe”
04 – HKLM..Run : [SunJavaUpdateSched] “C:Program FilesCommon FilesJavaJava Updatejusched.exe”
04 – HKLM..Run : [bintin] C:WINDOWSsystem32wscript.exe /e:VBScript.Encode D:bin.doc
04 – HKLM..Run : [InstallerLauncher] “C:Program FilesCommon FilesBitdefenderSetupInformation{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}setuplauncher.exe” /run:”C:Program FilesCommon FilesBitdefenderSetupInformation{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}Installer.exe”
04 – HKUS-1-5-19..Run : [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /autoRun
04 – HKUS-1-5-20..Run : [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /autoRun
04 – HKUS-1-5-21-3294695882-1411545067-1793451932-1000..Run : [IDMan] C:Program FilesInternet Download ManagerIDMan.exe /onboot
04 – HKUS-1-5-21-3294695882-1411545067-1793451932-1000..Run : [pdiface] C:Program FilesBitdefender60-Second Virus Scannerpdiface.exe -noshow
04 – HKUS-1-5-18..Run : [Bitdefender Wallet Agent] “C:Program FilesBitdefenderBitdefenderpmbxag.exe”
04 – HKUS-1-5-18..Run : [Bitdefender Wallet] “C:Program FilesBitdefenderBitdefenderpwdmanui.exe” –hidden –nowizard
04 – HKUS-1-5-18..Run : [Bitdefender Agent de l’application Wallet] “C:Program FilesBitdefenderBitdefenderbdapppassmgr.exe”
04 – HKUS-1-5-19..RunOnce : [mctadmin] C:WindowsSystem32mctadmin.exe
04 – HKUS-1-5-20..RunOnce : [mctadmin] C:WindowsSystem32mctadmin.exe
04 – HKUS-1-5-18..RunOnce : [SPReview] “C:WindowsSystem32SPReviewSPReview.exe” /sp:1 /errorfwlink:”http://go.microsoft.com/fwlink/?LinkID=122915″ /build:7601

################## | Recherche générique |

Présent! D:Music.lnk
Présent! D:Nouveau Dossier.lnk
Présent! D:Soukaina.lnk
Présent! C:UsersSoukainaAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupStart.lnk
Présent! D:bin.doc
Présent! D:bizo.doc
Présent! D:img.jpg

################## | Registre |

Présent! HKLMSoftwareMicrosoftWindowsCurrentVersionRun|bintin

################## | E.O.F | https://www.sosvirus.net/ | http://www.usbfix.net/ |