cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

############################## | UsbFix V 7.165 | [Recherche]

Utilisateur: JEAN-CLAUDE (Administrateur) # JEAN-CLAUDE-HP
Mis � jour le16/02/2014 par El Desaparecido - Team SosVirus
Lanc� � 18:37:58 | 17/02/2014

Site Web : http://www.usbfix.net/
Changelog : http://www.usbfix.net/maj/
Support : http://www.sosvirus.net/
Upload Malware : http://www.sosvirus.net/upload_malware.php
Contact : http://www.usbfix.net/contact/

PC: Hewlett-Packard (1448)
CPU: Intel(R) Core(TM) i7 CPU Q 720 @ 1.60GHz
RAM -> [Total : 4030 Mo| Free : 2133 Mo]
Bios: Hewlett-Packard
Boot: Normal boot

OS: Microsoft Windows�7 �dition Familiale Premium (6.1.7601 64-Bit) Service Pack 1
WB: Windows Internet Explorer : 11.0.9600.16518

SC: Security Center [Enabled]
WU: Windows Update [Enabled]
AV: Kaspersky Anti-Virus [(!) Disabled | Updated]
AS: Kaspersky Anti-Virus [(!) Disabled | Updated]
AS: Windows Defender [Enabled | Updated]
FW: Windows FireWall [Enabled]
AS: Malwarebytes' Anti-Malware : 1.75.0001

C:\ (%systemdrive%) -> Disque fixe # 911 Go (815 Go libre(s) - 89%) [OS] # NTFS
D:\ -> Disque fixe # 21 Go (3 Go libre(s) - 15%) [RECOVERY] # NTFS
E:\ -> CD-ROM
F:\ -> Disque fixe # 99 Mo (83 Mo libre(s) - 84%) [HP_TOOLS] # FAT32
G:\ -> Disque amovible # 15 Go (15 Go libre(s) - 99%) [] # FAT32

################## | Processus Actif |

C:\Windows\system32\csrss.exe (ID: 556 |ParentID: 536)
C:\Windows\system32\wininit.exe (ID: 620 |ParentID: 536)
C:\Windows\system32\csrss.exe (ID: 640 |ParentID: 628)
C:\Windows\system32\services.exe (ID: 684 |ParentID: 620)
C:\Windows\system32\lsass.exe (ID: 700 |ParentID: 620)
C:\Windows\system32\lsm.exe (ID: 708 |ParentID: 620)
C:\Windows\system32\svchost.exe (ID: 852 |ParentID: 684)
C:\Windows\system32\svchost.exe (ID: 928 |ParentID: 684)
C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe (ID: 992 |ParentID: 684)
C:\Windows\system32\winlogon.exe (ID: 152 |ParentID: 628)
C:\Windows\system32\atiesrxx.exe (ID: 1032 |ParentID: 684)
C:\Windows\System32\svchost.exe (ID: 1064 |ParentID: 684)
C:\Windows\System32\svchost.exe (ID: 1100 |ParentID: 684)
C:\Windows\system32\svchost.exe (ID: 1144 |ParentID: 684)
C:\Windows\system32\svchost.exe (ID: 1180 |ParentID: 684)
C:\Program Files\IDT\WDM\STacSV64.exe (ID: 1208 |ParentID: 684)
C:\Windows\system32\svchost.exe (ID: 1480 |ParentID: 684)
C:\Windows\system32\Hpservice.exe (ID: 1544 |ParentID: 684)
C:\Windows\system32\vcsFPService.exe (ID: 1580 |ParentID: 684)
C:\Windows\system32\svchost.exe (ID: 1636 |ParentID: 684)
C:\Windows\system32\atieclxx.exe (ID: 1680 |ParentID: 1032)
C:\Windows\System32\spoolsv.exe (ID: 1864 |ParentID: 684)
C:\Program Files\DigitalPersona\Bin\DpHostW.exe (ID: 1908 |ParentID: 684)
C:\Windows\system32\svchost.exe (ID: 1984 |ParentID: 684)
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (ID: 1376 |ParentID: 684)
C:\Program Files\IDT\WDM\AESTSr64.exe (ID: 1540 |ParentID: 684)
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe (ID: 1760 |ParentID: 684)
C:\Windows\SysWOW64\ezSharedSvcHost.exe (ID: 2076 |ParentID: 684)
C:\Windows\system32\svchost.exe (ID: 2144 |ParentID: 684)
C:\Windows\SysWOW64\svchost.exe (ID: 2168 |ParentID: 684)
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe (ID: 2188 |ParentID: 684)
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe (ID: 2228 |ParentID: 684)
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (ID: 2264 |ParentID: 684)
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (ID: 2368 |ParentID: 684)
C:\Windows\System32\svchost.exe (ID: 2424 |ParentID: 684)
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (ID: 2816 |ParentID: 684)
C:\Windows\system32\svchost.exe (ID: 2856 |ParentID: 684)
C:\Windows\system32\svchost.exe (ID: 2876 |ParentID: 684)
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (ID: 2924 |ParentID: 684)
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (ID: 3012 |ParentID: 684)
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (ID: 3348 |ParentID: 2924)
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE (ID: 3420 |ParentID: 684)
C:\Windows\system32\taskhost.exe (ID: 4004 |ParentID: 684)
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (ID: 3544 |ParentID: 2368)
C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe (ID: 2608 |ParentID: 152)
C:\Windows\system32\Dwm.exe (ID: 3932 |ParentID: 1100)
C:\Windows\Explorer.EXE (ID: 3992 |ParentID: 3908)
C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe (ID: 1356 |ParentID: 3864)
C:\Windows\system32\taskeng.exe (ID: 4140 |ParentID: 1180)
c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe (ID: 4372 |ParentID: 4140)
c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe (ID: 4388 |ParentID: 4140)
C:\Program Files\DigitalPersona\Bin\DPAgent.exe (ID: 4308 |ParentID: 2608)
C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exe (ID: 3144 |ParentID: 4140)
C:\Windows\system32\svchost.exe (ID: 4208 |ParentID: 684)
C:\Windows\System32\rundll32.exe (ID: 4648 |ParentID: 852)
C:\Windows\system32\svchost.exe (ID: 2332 |ParentID: 684)
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (ID: 884 |ParentID: 3992)
C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe (ID: 5072 |ParentID: 3992)
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (ID: 3660 |ParentID: 3992)
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe (ID: 4884 |ParentID: 3640)
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (ID: 2904 |ParentID: 3640)
C:\Windows\system32\wbem\wmiprvse.exe (ID: 4896 |ParentID: 852)
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE (ID: 5688 |ParentID: 4540)
C:\Windows\system32\SearchIndexer.exe (ID: 6052 |ParentID: 684)
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe (ID: 4612 |ParentID: 684)
C:\Program Files\Windows Media Player\wmpnetwk.exe (ID: 6088 |ParentID: 684)
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe (ID: 5696 |ParentID: 3660)
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe (ID: 5160 |ParentID: 852)
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe (ID: 4892 |ParentID: 852)
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (ID: 3828 |ParentID: 500)
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (ID: 4816 |ParentID: 3828)
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe (ID: 3612 |ParentID: 684)
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (ID: 1236 |ParentID: 684)
C:\Windows\System32\svchost.exe (ID: 5016 |ParentID: 684)
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (ID: 2052 |ParentID: 684)
C:\Program Files (x86)\Microsoft Money\System\reminder.exe (ID: 5616 |ParentID: 4284)
C:\Program Files (x86)\Internet Explorer\IELowutil.exe (ID: 6812 |ParentID: 4472)
C:\Windows\system32\taskeng.exe (ID: 4496 |ParentID: 1180)
C:\Users\JEAN-CLAUDE\AppData\Local\Google\Chrome\Application\chrome.exe (ID: 6772 |ParentID: 3992)
C:\Users\JEAN-CLAUDE\AppData\Local\Google\Chrome\Application\chrome.exe (ID: 2956 |ParentID: 6772)
C:\Users\JEAN-CLAUDE\AppData\Local\Google\Chrome\Application\chrome.exe (ID: 5628 |ParentID: 6772)
C:\Windows\System32\WUDFHost.exe (ID: 1012 |ParentID: 1100)
C:\Windows\system32\SearchProtocolHost.exe (ID: 5776 |ParentID: 6052)
C:\Windows\system32\SearchFilterHost.exe (ID: 6520 |ParentID: 6052)
C:\Windows\system32\wbem\wmiprvse.exe (ID: 1224 |ParentID: 852)

################## | Regedit Run |

04 - HKCU\..\Run : [Google Update] "C:\Users\JEAN-CLAUDE\AppData\Local\Google\Update\GoogleUpdate.exe" /c
04 - HKCU\..\Run : [ISUSPM] "C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe" -scheduler
04 - HKCU\..\Run : [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
04 - HKLM\..\Run : []
04 - HKLM\..\Run : [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe"
04 - HKLM\..\Run : [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
04 - HKLM\..\Run : [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
04 - HKLM\..\Run : [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
04 - HKLM\..\Run : [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
04 - HKLM\..\RunOnce : []
04 - HKLM64\..\Run : [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
04 - HKLM64\..\RunOnce : [NCPluginUpdater] "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update
04 - HKU\S-1-5-19\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-20\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-21-1928375350-316857322-2771915900-1001\..\Run : [Google Update] "C:\Users\JEAN-CLAUDE\AppData\Local\Google\Update\GoogleUpdate.exe" /c
04 - HKU\S-1-5-21-1928375350-316857322-2771915900-1001\..\Run : [ISUSPM] "C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe" -scheduler
04 - HKU\S-1-5-21-1928375350-316857322-2771915900-1001\..\Run : [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
04 - HKU\S-1-5-19\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-20\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe

################## | Recherche g�n�rique |

Pr�sent! C:\Program Files (x86)\System

################## | Registre |

Pr�sent! HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer|EnableShellExecuteHooks -> 1

################## | E.O.F | http://www.usbfix.net/ - http://www.sosvirus.net |

Publicité


Signaler le contenu de ce document

Publicité