############################## | UsbFix V 7.169 | [Recherche] Utilisateur: MaXiMe (Administrateur) # MAXIME-PC Mis à jour le 31/03/2014 par El Desaparecido - Team SosVirus Lancé à 23:29:58 | 01/05/2014 Site Web : http://www.usbfix.net/ Changelog : http://www.usbfix.net/maj/ Support : http://www.sosvirus.net/forum-virus-securite.html Upload Malware : http://www.sosvirus.net/upload_malware.php Contact : http://www.usbfix.net/contact/ PC: ASUSTeK Computer Inc. (K93SV) CPU: Intel(R) Core(TM) i5-2430M CPU @ 2.40GHz RAM -> [Total : 4005 Mo| Free : 1098 Mo] Bios: American Megatrends Inc. Boot: Normal boot OS: Microsoft Windows 7 Édition Familiale Premium (6.1.7601 64-Bit) Service Pack 1 WB: Windows Internet Explorer : 11.0.9600.16521 WB: Google Chrome : 26.0.1410.64 SC: Security Center [Enabled] WU: Windows Update [Enabled] AV: Bitdefender Antivirus [Enabled | Updated] AS: Windows Defender [(!) Disabled | Updated] AS: Bitdefender Antispyware [Enabled | Updated] FW: Bitdefender Pare-feu [Enabled] FW: Windows FireWall [(!) Disabled] C:\ (%systemdrive%) -> Disque fixe # 401 Go (41 Go libre(s) - 10%) [OS] # NTFS D:\ -> Disque fixe # 506 Go (107 Go libre(s) - 21%) [DATA] # NTFS E:\ -> CD-ROM F:\ -> CD-ROM G:\ -> Disque amovible # 14 Go (14 Go libre(s) - 100%) [USB DISK] # FAT32 H:\ -> Disque fixe # 244 Go (50 Go libre(s) - 20%) [Nouveau nom] # exFAT J:\ -> Disque fixe # 687 Go (214 Go libre(s) - 31%) [Elements] # NTFS ################## | Processus Actif | C:\Windows\system32\csrss.exe (ID: 596 |ParentID: 492) C:\Windows\system32\wininit.exe (ID: 708 |ParentID: 492) C:\Windows\system32\csrss.exe (ID: 728 |ParentID: 716) C:\Windows\system32\services.exe (ID: 772 |ParentID: 708) C:\Windows\system32\lsass.exe (ID: 784 |ParentID: 708) C:\Windows\system32\lsm.exe (ID: 792 |ParentID: 708) C:\Windows\system32\winlogon.exe (ID: 824 |ParentID: 716) C:\Windows\system32\svchost.exe (ID: 948 |ParentID: 772) C:\Program Files\Bitdefender\Bitdefender 2012\vsserv.exe (ID: 1004 |ParentID: 772) C:\Windows\system32\nvvsvc.exe (ID: 964 |ParentID: 772) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (ID: 1036 |ParentID: 772) C:\Windows\system32\svchost.exe (ID: 1084 |ParentID: 772) C:\Windows\System32\svchost.exe (ID: 1328 |ParentID: 772) C:\Windows\System32\svchost.exe (ID: 1368 |ParentID: 772) C:\Windows\system32\svchost.exe (ID: 1392 |ParentID: 772) C:\Windows\system32\svchost.exe (ID: 1432 |ParentID: 772) C:\Windows\system32\svchost.exe (ID: 1624 |ParentID: 772) C:\Windows\system32\WLANExt.exe (ID: 1760 |ParentID: 1368) C:\Windows\system32\FBAgent.exe (ID: 1780 |ParentID: 772) C:\Windows\system32\conhost.exe (ID: 1788 |ParentID: 596) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe (ID: 1844 |ParentID: 772) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ID: 1944 |ParentID: 772) C:\Windows\System32\spoolsv.exe (ID: 2012 |ParentID: 772) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (ID: 1388 |ParentID: 964) C:\Windows\system32\nvvsvc.exe (ID: 1724 |ParentID: 964) C:\Windows\system32\svchost.exe (ID: 2112 |ParentID: 772) C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe (ID: 2332 |ParentID: 772) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (ID: 2496 |ParentID: 772) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (ID: 2528 |ParentID: 772) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE (ID: 2576 |ParentID: 772) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE (ID: 2652 |ParentID: 772) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe (ID: 2680 |ParentID: 772) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe (ID: 2748 |ParentID: 772) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (ID: 2784 |ParentID: 772) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (ID: 2916 |ParentID: 772) C:\Windows\SysWOW64\PnkBstrA.exe (ID: 2952 |ParentID: 772) C:\Windows\system32\rundll32.exe (ID: 3012 |ParentID: 3000) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (ID: 3124 |ParentID: 772) C:\Program Files\Bitdefender\Bitdefender 2012\updatesrv.exe (ID: 3208 |ParentID: 772) C:\Program Files (x86)\Oodrive\WebSynchro\WS.WindowsService.exe (ID: 3244 |ParentID: 772) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (ID: 3632 |ParentID: 772) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (ID: 3672 |ParentID: 772) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (ID: 3784 |ParentID: 3632) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (ID: 3972 |ParentID: 772) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE (ID: 4228 |ParentID: 772) C:\Windows\system32\SearchIndexer.exe (ID: 4356 |ParentID: 772) C:\Windows\system32\svchost.exe (ID: 4404 |ParentID: 772) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (ID: 3748 |ParentID: 772) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (ID: 300 |ParentID: 772) C:\Windows\system32\svchost.exe (ID: 2524 |ParentID: 772) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (ID: 3456 |ParentID: 772) C:\Windows\system32\taskhost.exe (ID: 2816 |ParentID: 772) C:\Windows\system32\taskeng.exe (ID: 4324 |ParentID: 1432) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (ID: 1928 |ParentID: 2784) C:\Windows\system32\Dwm.exe (ID: 3752 |ParentID: 1368) C:\Program Files\Bitdefender\Bitdefender 2012\bdagent.exe (ID: 604 |ParentID: 1408) C:\Windows\Explorer.EXE (ID: 4100 |ParentID: 4148) C:\Windows\AsScrPro.exe (ID: 2036 |ParentID: 1780) C:\Program Files\P4G\BatteryLife.exe (ID: 2072 |ParentID: 4324) C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe (ID: 1572 |ParentID: 4324) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe (ID: 3096 |ParentID: 4324) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (ID: 1408 |ParentID: 1780) C:\Windows\system32\conhost.exe (ID: 2456 |ParentID: 728) C:\Windows\System32\hkcmd.exe (ID: 5256 |ParentID: 4100) C:\Windows\System32\igfxpers.exe (ID: 5264 |ParentID: 4100) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (ID: 5272 |ParentID: 4100) C:\Program Files\Elantech\ETDCtrl.exe (ID: 5280 |ParentID: 4100) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe (ID: 5336 |ParentID: 4100) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe (ID: 5364 |ParentID: 4100) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe (ID: 5380 |ParentID: 4100) C:\Program Files\Windows Sidebar\sidebar.exe (ID: 5388 |ParentID: 4100) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (ID: 5496 |ParentID: 1780) C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe (ID: 5832 |ParentID: 4100) C:\Program Files\Elantech\ETDCtrlHelper.exe (ID: 5948 |ParentID: 5280) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (ID: 6068 |ParentID: 5540) C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe (ID: 6076 |ParentID: 5540) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ID: 3760 |ParentID: 5540) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ID: 5140 |ParentID: 5540) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ID: 5148 |ParentID: 5540) C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe (ID: 5192 |ParentID: 5540) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe (ID: 5200 |ParentID: 5540) C:\Program Files (x86)\PDF Pro 10\vspdfprsrv.exe (ID: 5764 |ParentID: 5540) C:\Windows\System32\svchost.exe (ID: 6588 |ParentID: 772) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (ID: 6812 |ParentID: 1388) C:\Windows\system32\DllHost.exe (ID: 7780 |ParentID: 948) C:\Program Files\Windows Media Player\wmpnetwk.exe (ID: 8152 |ParentID: 772) C:\Program Files\Intel\TurboBoost\TurboBoost.exe (ID: 6864 |ParentID: 772) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe (ID: 2620 |ParentID: 772) C:\Windows\SysWOW64\ACEngSvr.exe (ID: 4200 |ParentID: 948) C:\Windows\system32\taskeng.exe (ID: 7968 |ParentID: 1432) C:\Windows\servicing\TrustedInstaller.exe (ID: 5072 |ParentID: 772) C:\Windows\system32\wuauclt.exe (ID: 2848 |ParentID: 1432) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 7060 |ParentID: 4100) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 1456 |ParentID: 7060) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 6680 |ParentID: 7060) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 1992 |ParentID: 7060) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 3224 |ParentID: 7060) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 3764 |ParentID: 7060) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 5944 |ParentID: 7060) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 5096 |ParentID: 7060) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 2480 |ParentID: 7060) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 6448 |ParentID: 7060) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 6048 |ParentID: 7060) C:\Windows\System32\WUDFHost.exe (ID: 4836 |ParentID: 1368) C:\Windows\system32\mmc.exe (ID: 5064 |ParentID: 4100) C:\Windows\system32\wbem\wmiprvse.exe (ID: 7716 |ParentID: 948) C:\Windows\system32\SearchProtocolHost.exe (ID: 6676 |ParentID: 4356) C:\Windows\system32\SearchFilterHost.exe (ID: 4676 |ParentID: 4356) C:\Windows\System32\WUDFHost.exe (ID: 1956 |ParentID: 1368) C:\Windows\System32\svchost.exe (ID: 5580 |ParentID: 772) C:\Program Files\Bitdefender\Bitdefender 2012\seccenter.exe (ID: 4920 |ParentID: 604) \\?\C:\Windows\system32\wbem\WMIADAP.EXE (ID: 7116 |ParentID: 1432) C:\Windows\system32\wbem\wmiprvse.exe (ID: 3268 |ParentID: 948) ################## | Regedit Run | F2 - HKLM\..\Winlogon : [Shell] explorer.exe F2 - [x64] HKLM\..\Winlogon : [Shell] explorer.exe F2 - HKLM\..\Winlogon : [Userinit] userinit.exe F2 - [x64] HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe, 04 - HKCU\..\Run : [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun 04 - HKCU\..\Run : [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun 04 - HKCU\..\Run : [Power2GoExpress] 04 - HKCU\..\Run : [SDP] C:\Users\MaXiMe\AppData\Local\FilesFrog Update Checker\update_checker.exe /auto 04 - HKCU\..\Run : [Speech Recognition] "C:\Windows\Speech\Common\sapisvr.exe" -SpeechUX -Startup 04 - HKCU\..\Run : [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun 04 - HKLM\..\Run : [Nuance PDF Reader-reminder] "C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini" 04 - HKLM\..\Run : [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE" 04 - HKLM\..\Run : [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe 04 - HKLM\..\Run : [SonicMasterTray] C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe 04 - HKLM\..\Run : [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe 04 - HKLM\..\Run : [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe 04 - HKLM\..\Run : [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe 04 - HKLM\..\Run : [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe 04 - HKLM\..\Run : [USBChargerPlusTray] C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe 04 - HKLM\..\Run : [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5" 04 - HKLM\..\Run : [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" 04 - HKLM\..\Run : [vspdfprsrv.exe] C:\Program Files (x86)\PDF Pro 10\vspdfprsrv.exe --background 04 - HKLM\..\Run : [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start 04 - HKLM\..\Run : [BingDesktop] C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe /fromkey 04 - HKLM\..\RunOnce : [] 04 - [x64] HKLM\..\Run : [IgfxTray] C:\Windows\system32\igfxtray.exe 04 - [x64] HKLM\..\Run : [HotKeysCmds] C:\Windows\system32\hkcmd.exe 04 - [x64] HKLM\..\Run : [Persistence] C:\Windows\system32\igfxpers.exe 04 - [x64] HKLM\..\Run : [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /SF3 04 - [x64] HKLM\..\Run : [ETDCtrl] %ProgramFiles%\Elantech\ETDCtrl.exe 04 - [x64] HKLM\..\Run : [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" 04 - [x64] HKLM\..\Run : [BDAgent] "C:\Program Files\Bitdefender\Bitdefender 2012\bdagent.exe" 04 - [x64] HKLM\..\Run : [IntelliType Pro] "C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe" 04 - [x64] HKLM\..\Run : [IntelliPoint] "C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe" 04 - [x64] HKLM\..\Run : [Eraser] "C:\PROGRA~1\Eraser\Eraser.exe" --atRestart 04 - [x64] HKLM\..\Run : [Nvtmru] "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" 04 - HKU\S-1-5-19\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun 04 - HKU\S-1-5-20\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun 04 - HKU\S-1-5-21-2854789022-1049439127-2229590531-1001\..\Run : [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun 04 - HKU\S-1-5-21-2854789022-1049439127-2229590531-1001\..\Run : [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun 04 - HKU\S-1-5-21-2854789022-1049439127-2229590531-1001\..\Run : [Power2GoExpress] 04 - HKU\S-1-5-21-2854789022-1049439127-2229590531-1001\..\Run : [SDP] C:\Users\MaXiMe\AppData\Local\FilesFrog Update Checker\update_checker.exe /auto 04 - HKU\S-1-5-21-2854789022-1049439127-2229590531-1001\..\Run : [Speech Recognition] "C:\Windows\Speech\Common\sapisvr.exe" -SpeechUX -Startup 04 - HKU\S-1-5-21-2854789022-1049439127-2229590531-1001\..\Run : [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun 04 - HKU\S-1-5-21-2854789022-1049439127-2229590531-1004\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun 04 - HKU\S-1-5-19\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe 04 - HKU\S-1-5-20\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe 04 - HKU\S-1-5-21-2854789022-1049439127-2229590531-1004\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe ################## | Recherche générique | ################## | Registre | ################## | E.O.F | http://www.usbfix.net/ - http://www.sosvirus.net |