[b]############################## | UsbFix V 7.173 | [Recherche][/b]

Utilisateur: Lionel (Administrateur) # LIOSCH
Mis à jour le 04/07/2014 par El Desaparecido - SosVirus
Lancé à 17:32:16 | 07/07/2014

Site Web : [url=http://www.usbfix.net/]http://www.usbfix.net/[/url]
Changelog : [url=http://www.usbfix.net/maj/]http://www.usbfix.net/maj/[/url]
Assistance : [url=http://www.sosvirus.net/forum-virus-securite.html]http://www.sosvirus.net/forum-virus-securite.html[/url]
Upload Malware : [url=http://www.sosvirus.net/upload_malware.php]http://www.sosvirus.net/upload_malware.php[/url]
Contact : [url=http://www.usbfix.net/contact/]http://www.usbfix.net/contact/[/url]

[b]################## | System information |[/b]

MB: Hewlett-Packard (184B) 
CPU: AMD A6-4400M APU with Radeon(tm) HD Graphics   
RAM -> [Total : 7650 Mo | Free : 5508 Mo]
Bios: Insyde
Boot: Normal boot

OS: Microsoft™ Windows 8 (6.2.9200 64-Bit) 
WB: Internet Explorer : 10.00.9200.16384
WB: Google Chrome : 35.0.1916.153
WB: Mozilla Firefox : 30.0

[b]################## | Security Information |[/b]

AV: Windows Defender [[b](!) Désactivé[/b] |A jour]
AV: Norton Internet Security [[b](!) Désactivé[/b] |[b](!) Non à jour[/b]]
AV: avast! Antivirus [[b](!) Désactivé[/b] |A jour]
AS: Norton Internet Security [[b](!) Désactivé[/b] |[b](!) Non à jour[/b]]
AS: Windows Defender [[b](!) Désactivé[/b] |A jour]
AS: avast! Antivirus [[b](!) Désactivé[/b] |A jour]
FW: Norton Internet Security [[b](!) Désactivé[/b]]
FW: Windows Firewall [Actif]
SC: Security Center [Actif]
WU: Windows Update [Actif]

[b]################## | Disk Information |[/b]

C:\ (%SystemDrive%) -> Disque fixe # 913 Go (729 Go libre(s) - 80%) [] # NTFS
D:\ -> Disque fixe # 18 Go (2 Go libre(s) - 13%) [RECOVERY] # NTFS

[b]################## | Processus Actif |[/b]

C:\Windows\System32\smss.exe (ID: 332|ParentID: 4|Système)
C:\Windows\System32\wininit.exe (ID: 620|ParentID: 516)
C:\Windows\System32\services.exe (ID: 716|ParentID: 620)
C:\Windows\System32\lsass.exe (ID: 724|ParentID: 620)
C:\Windows\System32\svchost.exe (ID: 808|ParentID: 716)
C:\Windows\System32\svchost.exe (ID: 880|ParentID: 716)
C:\Windows\System32\atiesrxx.exe (ID: 928|ParentID: 716)
C:\Windows\System32\svchost.exe (ID: 976|ParentID: 716)
C:\Windows\System32\svchost.exe (ID: 116|ParentID: 716)
C:\Windows\System32\svchost.exe (ID: 504|ParentID: 716)
C:\Windows\System32\svchost.exe (ID: 436|ParentID: 716)
C:\Program Files\IDT\WDM\stacsv64.exe (ID: 828|ParentID: 716)
C:\Windows\System32\hpservice.exe (ID: 1164|ParentID: 716)
C:\Windows\System32\svchost.exe (ID: 1328|ParentID: 716)
C:\Program Files\AVAST Software\Avast\AvastSvc.exe (ID: 1500|ParentID: 716)
C:\Windows\System32\spoolsv.exe (ID: 1688|ParentID: 716)
C:\Windows\System32\svchost.exe (ID: 1728|ParentID: 716)
C:\Windows\System32\svchost.exe (ID: 1748|ParentID: 716)
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (ID: 1960|ParentID: 716)
C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (ID: 1212|ParentID: 716)
C:\Windows\System32\svchost.exe (ID: 1232|ParentID: 716)
C:\Program Files\Bonjour\mDNSResponder.exe (ID: 2460|ParentID: 716)
C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe (ID: 2496|ParentID: 716)
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe (ID: 2572|ParentID: 716)
C:\Windows\System32\svchost.exe (ID: 2668|ParentID: 716)
C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe (ID: 3144|ParentID: 716)
C:\Windows\System32\svchost.exe (ID: 3212|ParentID: 716)
C:\Windows\System32\SearchIndexer.exe (ID: 2524|ParentID: 716)
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe (ID: 4292|ParentID: 716)
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe (ID: 3136|ParentID: 716)
C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe (ID: 4288|ParentID: 716)
C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe (ID: 4712|ParentID: 716)
C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\ccsvchst.exe (ID: 1420|ParentID: 716)
C:\Program Files\Windows Media Player\wmpnetwk.exe (ID: 5160|ParentID: 716)
C:\Program Files\AVAST Software\Avast\avastui.exe (ID: 5528|ParentID: 1500|Lionel)
C:\Windows\System32\wbem\unsecapp.exe (ID: 5692|ParentID: 808|Lionel)
C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (ID: 32|ParentID: 716)
C:\Windows\System32\wbem\WmiApSrv.exe (ID: 4824|ParentID: 716)
C:\Windows\System32\winlogon.exe (ID: 3556|ParentID: 3620)
C:\Windows\System32\atieclxx.exe (ID: 5016|ParentID: 928)
C:\Windows\System32\taskhostex.exe (ID: 7812|ParentID: 716|Lionel)
C:\Windows\explorer.exe (ID: 4012|ParentID: 4324|Lionel)
C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\ccsvchst.exe (ID: 7864|ParentID: 1420|Lionel)
C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe (ID: 6052|ParentID: 808|Lionel)
C:\Program Files\IDT\WDM\sttray64.exe (ID: 8172|ParentID: 4012|Lionel)
C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe (ID: 1760|ParentID: 716|Lionel)
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (ID: 6056|ParentID: 4012|Lionel)
C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe (ID: 2236|ParentID: 716|Lionel)
C:\Users\Lionel\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (ID: 2184|ParentID: 4012|Lionel)
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (ID: 1096|ParentID: 6100|Lionel)
C:\Windows\System32\spool\drivers\x64\3\E_IATIHAE.EXE (ID: 4408|ParentID: 4012|Lionel)
C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (ID: 7672|ParentID: 4012|Lionel)
C:\Windows\System32\RuntimeBroker.exe (ID: 8096|ParentID: 808|Lionel)
C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe (ID: 5984|ParentID: 740|Lionel)
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (ID: 7716|ParentID: 740|Lionel)
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (ID: 6756|ParentID: 740|Lionel)
C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe (ID: 4840|ParentID: 716)
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (ID: 3224|ParentID: 740|Lionel)
C:\Program Files\AVAST Software\Avast\avastui.exe (ID: 6224|ParentID: 740|Lionel)
C:\Windows\System32\wbem\unsecapp.exe (ID: 6160|ParentID: 808|Lionel)
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (ID: 7424|ParentID: 7476|Lionel)
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (ID: 6904|ParentID: 7424|Lionel)
C:\Program Files (x86)\Mozilla Firefox\firefox.exe (ID: 1240|ParentID: 4012|Lionel)
C:\Windows\System32\audiodg.exe (ID: 3696|ParentID: 976)
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe (ID: 7436|ParentID: 1240|Lionel)
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_125.exe (ID: 7800|ParentID: 7436|Lionel)
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_125.exe (ID: 6760|ParentID: 7800|Lionel)
C:\Windows\System32\SearchProtocolHost.exe (ID: 4036|ParentID: 2524)
C:\Windows\System32\SearchFilterHost.exe (ID: 4708|ParentID: 2524|Système)
C:\UsbFix\UsbFix.exe (ID: 6624|ParentID: 4012|Lionel)

[b]################## | Autorun |[/b]


[b]################## | Regedit Run |[/b]

F2 - HKLM\..\Winlogon : [Shell] explorer.exe
F2 - [x64] HKLM\..\Winlogon : [Shell] explorer.exe
F2 - HKLM\..\Winlogon : [Userinit] userinit.exe
F2 - [x64] HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe,
04 - HKCU\..\Run : [Spotify Web Helper] "C:\Users\Lionel\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
04 - HKCU\..\Run : [Facebook Update] "C:\Users\Lionel\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
04 - HKCU\..\Run : [EPLTarget\P0000000000000000] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHAE.EXE /EPT "EPLTarget\P0000000000000000" /M "Epson Stylus SX430"
04 - HKCU\..\Run : [yeayel] C:\Users\Lionel\yeayel.exe
04 - HKLM\..\Run : [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
04 - HKLM\..\Run : [BtTray] "C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe"
04 - HKLM\..\Run : [CLVirtualDrive] "C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R
04 - HKLM\..\Run : [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
04 - HKLM\..\Run : [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
04 - HKLM\..\Run : [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
04 - HKLM\..\Run : [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
04 - HKLM\..\Run : [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
04 - [x64] HKLM\..\Run : [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
04 - [x64] HKLM\..\Run : [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
04 - [x64] HKLM\..\RunOnce : [NCPluginUpdater] "c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\NCPluginUpdater.exe" Update
04 - HKU\S-1-5-21-1120527531-1226421213-1539900447-1002\..\Run : [Spotify Web Helper] "C:\Users\Lionel\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
04 - HKU\S-1-5-21-1120527531-1226421213-1539900447-1002\..\Run : [Facebook Update] "C:\Users\Lionel\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
04 - HKU\S-1-5-21-1120527531-1226421213-1539900447-1002\..\Run : [EPLTarget\P0000000000000000] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHAE.EXE /EPT "EPLTarget\P0000000000000000" /M "Epson Stylus SX430"
04 - HKU\S-1-5-21-1120527531-1226421213-1539900447-1002\..\Run : [yeayel] C:\Users\Lionel\yeayel.exe

[b]################## | Recherche générique |[/b]


[b]################## | Registre |[/b]


[b]################## | E.O.F | [url=http://www.sosvirus.net/]http://www.sosvirus.net/[/url] | [url=http://www.usbfix.net/]http://www.usbfix.net/[/url] |[/b]