############################## | UsbFix V 7.167 | [Recherche] Utilisateur: RONDEAU (Administrateur) # PC-DE-RONDEAU Mis à jour le 13/03/2014 par El Desaparecido - Team SosVirus Lancé à 22:14:18 | 27/03/2014 Site Web : http://www.usbfix.net/ Changelog : http://www.usbfix.net/maj/ Support : http://www.sosvirus.net/forum-virus-securite.html Upload Malware : http://www.sosvirus.net/upload_malware.php Contact : http://www.usbfix.net/contact/ PC: ASUSTeK Computer Inc. (M70Vn ) CPU: Intel(R) Core(TM)2 Duo CPU P8600 @ 2.40GHz RAM -> [Total : 3070 Mo| Free : 1784 Mo] Bios: American Megatrends Inc. Boot: Normal boot OS: Microsoft® Windows Vista™ Édition Familiale Premium (6.0.6002 32-Bit) Service Pack 2 WB: Windows Internet Explorer : 9.0.8112.16421 WB: Google Chrome : 33.0.1750.154 WB: Mozilla Firefox : 28.0 SC: Security Center [Enabled] WU: Windows Update [Enabled] AV: Avira Desktop [(!) Disabled | Updated] AS: Avira Desktop [(!) Disabled | Updated] AS: Windows Defender [Enabled | Updated] FW: Windows FireWall [(!) Disabled] AS: Malwarebytes' Anti-Malware : 1.75.0001 C:\ (%systemdrive%) -> Disque fixe # 116 Go (33 Go libre(s) - 29%) [VistaOS] # NTFS D:\ -> Disque fixe # 107 Go (107 Go libre(s) - 100%) [DATA] # NTFS E:\ -> CD-ROM F:\ -> Disque fixe # 116 Go (116 Go libre(s) - 100%) [] # NTFS G:\ -> Disque fixe # 116 Go (116 Go libre(s) - 100%) [] # NTFS I:\ -> Disque amovible # 15 Go (13 Go libre(s) - 85%) [FLASH DRIVE] # FAT32 ################## | Processus Actif | C:\Windows\system32\csrss.exe (ID: 648 |ParentID: 636) C:\Windows\system32\wininit.exe (ID: 704 |ParentID: 636) C:\Windows\system32\csrss.exe (ID: 712 |ParentID: 696) C:\Windows\system32\services.exe (ID: 752 |ParentID: 704) C:\Windows\system32\lsass.exe (ID: 780 |ParentID: 704) C:\Windows\system32\lsm.exe (ID: 788 |ParentID: 704) C:\Windows\system32\svchost.exe (ID: 932 |ParentID: 752) C:\Windows\System32\svchost.exe (ID: 984 |ParentID: 752) C:\Windows\system32\nvvsvc.exe (ID: 1012 |ParentID: 752) C:\Windows\system32\svchost.exe (ID: 1040 |ParentID: 752) C:\Windows\System32\svchost.exe (ID: 1096 |ParentID: 752) C:\Windows\System32\svchost.exe (ID: 1124 |ParentID: 752) C:\Windows\System32\svchost.exe (ID: 1164 |ParentID: 752) C:\Windows\system32\svchost.exe (ID: 1188 |ParentID: 752) C:\Windows\system32\winlogon.exe (ID: 1288 |ParentID: 696) C:\Windows\system32\svchost.exe (ID: 1324 |ParentID: 752) C:\Windows\system32\SLsvc.exe (ID: 1340 |ParentID: 752) C:\Windows\system32\svchost.exe (ID: 1384 |ParentID: 752) C:\Windows\system32\svchost.exe (ID: 1492 |ParentID: 752) C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe (ID: 1628 |ParentID: 752) C:\Program Files\ATKGFNEX\GFNEXSrv.exe (ID: 1648 |ParentID: 752) C:\Windows\system32\WLANExt.exe (ID: 1688 |ParentID: 1164) C:\Windows\system32\taskeng.exe (ID: 1760 |ParentID: 1188) C:\Windows\System32\spoolsv.exe (ID: 1768 |ParentID: 752) C:\Program Files\Avira\AntiVir Desktop\sched.exe (ID: 1820 |ParentID: 752) C:\Windows\system32\svchost.exe (ID: 1856 |ParentID: 752) C:\Windows\system32\nvvsvc.exe (ID: 636 |ParentID: 1012) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (ID: 2244 |ParentID: 752) C:\Program Files\Avira\AntiVir Desktop\avguard.exe (ID: 2320 |ParentID: 752) C:\Windows\system32\svchost.exe (ID: 2332 |ParentID: 752) C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe (ID: 2348 |ParentID: 752) C:\Program Files\Common Files\Nuance\dgnsvc.exe (ID: 2384 |ParentID: 752) C:\Windows\ehome\ehRecvr.exe (ID: 2424 |ParentID: 752) C:\Windows\ehome\ehsched.exe (ID: 2528 |ParentID: 752) C:\Program Files\Common Files\LightScribe\LSSrvc.exe (ID: 2564 |ParentID: 752) C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe (ID: 2608 |ParentID: 752) C:\Program Files\Microsoft SQL Server\MSSQL.2\MSSQL\Binn\sqlservr.exe (ID: 2676 |ParentID: 752) C:\Windows\system32\svchost.exe (ID: 2764 |ParentID: 752) C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe (ID: 2804 |ParentID: 752) C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe (ID: 2852 |ParentID: 752) C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe (ID: 3068 |ParentID: 752) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (ID: 3092 |ParentID: 752) C:\Windows\system32\svchost.exe (ID: 3124 |ParentID: 752) C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe (ID: 3164 |ParentID: 752) C:\Windows\System32\svchost.exe (ID: 3184 |ParentID: 752) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (ID: 3272 |ParentID: 752) C:\Windows\system32\SearchIndexer.exe (ID: 3304 |ParentID: 752) C:\Program Files\Windows Media Player\wmpnetwk.exe (ID: 3484 |ParentID: 752) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (ID: 3552 |ParentID: 3272) C:\Windows\system32\Dwm.exe (ID: 3664 |ParentID: 1164) C:\Windows\Explorer.EXE (ID: 3780 |ParentID: 3632) C:\Windows\system32\taskeng.exe (ID: 3900 |ParentID: 1188) C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\AsGHost.exe (ID: 3916 |ParentID: 932) C:\Program Files\ASUS\ATK Hotkey\MsgTranAgt.exe (ID: 4088 |ParentID: 1628) C:\Program Files\ASUS\ATK Hotkey\HControl.exe (ID: 2072 |ParentID: 1628) C:\Program Files\Wireless Console 2\wcourier.exe (ID: 768 |ParentID: 1628) C:\Program Files\P4G\BatteryLife.exe (ID: 2152 |ParentID: 1628) C:\Program Files\ASUS\Splendid\ACMON.exe (ID: 2160 |ParentID: 1628) C:\Program Files\ASUS\ASUS CopyProtect\aspg.exe (ID: 2128 |ParentID: 1628) C:\Windows\system32\taskeng.exe (ID: 2228 |ParentID: 1188) C:\Windows\System32\ACEngSvr.exe (ID: 2116 |ParentID: 932) C:\Program Files\ASUS\ASUS Live Update\ALU.exe (ID: 1992 |ParentID: 2228) C:\Program Files\ASUS\SmartLogon\sensorsrv.exe (ID: 2172 |ParentID: 2228) C:\Program Files\ASUS\ATK Hotkey\ATKOSD.exe (ID: 3792 |ParentID: 2072) C:\Program Files\ASUS\ATK Hotkey\KBFiltr.exe (ID: 2132 |ParentID: 2072) C:\Program Files\ASUS\ATK Hotkey\WDC.exe (ID: 3208 |ParentID: 2072) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (ID: 3256 |ParentID: 2320) C:\Windows\System32\wbem\WmiPrvSE.exe (ID: 4416 |ParentID: 932) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (ID: 4672 |ParentID: 3780) C:\Windows\System32\wbem\unsecapp.exe (ID: 5104 |ParentID: 932) C:\Windows\system32\svchost.exe (ID: 3968 |ParentID: 752) C:\Program Files\Google\Update\GoogleUpdate.exe (ID: 4228 |ParentID: 4040) C:\Program Files\Windows Defender\MSASCui.exe (ID: 6136 |ParentID: 3780) C:\Program Files\Google\Chrome\Application\chrome.exe (ID: 5332 |ParentID: 3780) C:\Program Files\Google\Chrome\Application\chrome.exe (ID: 5724 |ParentID: 5332) C:\Windows\system32\SearchProtocolHost.exe (ID: 4200 |ParentID: 3304) C:\Windows\system32\SearchFilterHost.exe (ID: 5012 |ParentID: 3304) C:\Windows\System32\wbem\WmiPrvSE.exe (ID: 5624 |ParentID: 932) ################## | Regedit Run | F2 - HKLM\..\Winlogon : [Shell] explorer.exe F2 - [64bit] HKLM\..\Winlogon : [Shell] explorer.exe F2 - HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe, F2 - [64bit] HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe, 04 - HKLM\..\Run : [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide 04 - HKLM\..\Run : [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup 04 - HKLM\..\Run : [SunJavaUpdateSched] "C:\Program Files\Java\jre7\bin\jusched.exe" 04 - HKLM\..\Run : [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey 04 - HKLM\..\Run : [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min 04 - HKLM\..\RunOnce : [] 04 - HKU\S-1-5-19\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem 04 - HKU\S-1-5-19\..\Run : [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter 04 - HKU\S-1-5-20\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem 04 - HKU\S-1-5-20\..\Run : [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter ################## | Recherche générique | Présent! I:\PDFCreator.lnk ################## | Registre | ################## | E.O.F | http://www.usbfix.net/ - http://www.sosvirus.net |