############################## | UsbFix V 7.161 | [Recherche] Utilisateur: Loïc (Administrateur) # LOÏC-PC Mis à jour le 15/01/2014 par El Desaparecido - Team SosVirus Lancé à 21:12:40 | 23/01/2014 Site Web : http://www.usbfix.net Changelog : http://www.usbfix.net/maj/ Support : http://www.sosvirus.net/ Upload Malware : http://www.sosvirus.net/upload_malware.php Contact : http://www.usbfix.net/contact/ PC: Packard Bell (EG50_HC_HR) CPU: Intel(R) Core(TM) i3-2310M CPU @ 2.10GHz RAM -> [Total : 3932 Mo| Free : 1793 Mo] Bios: Packard Bell Boot: Normal boot OS: Microsoft Windows 7 Édition Familiale Premium (6.1.7601 64-Bit) Service Pack 1 WB: Windows Internet Explorer : 11.0.9600.16476 WB: Google Chrome : 32.0.1700.76 WB: Mozilla Firefox : 26.0 SC: Security Center Service [Enabled] WU: Windows Update Service [Enabled] AV: AVG AntiVirus Free Edition 2013 [(!) Disabled | Updated] AS: Windows Defender : 6.1.7600.16385 (win7_rtm.090713-1255) AS: Malwarebytes' Anti-Malware : 1.75.0001 FW: Windows FireWall Service [Enabled] C:\ (%systemdrive%) -> Disque fixe # 448 Go (148 Go libre(s) - 33%) [Packard Bell] # NTFS D:\ -> CD-ROM E:\ -> Disque amovible # 2 Go (421 Mo libre(s) - 22%) [PAUL -] # FAT32 ################## | Processus Actif | C:\Windows\system32\csrss.exe (ID: 756 |ParentID: 748) C:\Windows\system32\wininit.exe (ID: 812 |ParentID: 748) C:\Windows\system32\csrss.exe (ID: 848 |ParentID: 824) C:\Windows\system32\services.exe (ID: 880 |ParentID: 812) C:\Windows\system32\lsass.exe (ID: 896 |ParentID: 812) C:\Windows\system32\lsm.exe (ID: 904 |ParentID: 812) C:\Windows\system32\svchost.exe (ID: 1012 |ParentID: 880) C:\Windows\system32\svchost.exe (ID: 768 |ParentID: 880) C:\Windows\system32\winlogon.exe (ID: 776 |ParentID: 824) C:\Windows\System32\svchost.exe (ID: 824 |ParentID: 880) C:\Windows\System32\svchost.exe (ID: 1060 |ParentID: 880) C:\Windows\system32\svchost.exe (ID: 1100 |ParentID: 880) C:\Windows\system32\svchost.exe (ID: 1132 |ParentID: 880) C:\Windows\system32\svchost.exe (ID: 1348 |ParentID: 880) C:\Windows\system32\WLANExt.exe (ID: 1488 |ParentID: 1060) C:\Windows\system32\conhost.exe (ID: 1520 |ParentID: 756) C:\Windows\System32\spoolsv.exe (ID: 1600 |ParentID: 880) C:\Windows\system32\svchost.exe (ID: 1640 |ParentID: 880) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (ID: 1756 |ParentID: 880) C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe (ID: 1812 |ParentID: 880) C:\Program Files (x86)\Launch Manager\dsiwmis.exe (ID: 1912 |ParentID: 880) C:\Program Files (x86)\Launch Manager\LMutilps32.exe (ID: 1964 |ParentID: 1912) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe (ID: 1972 |ParentID: 880) C:\Windows\system32\svchost.exe (ID: 1996 |ParentID: 880) C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe (ID: 2020 |ParentID: 880) C:\Program Files\Intel\iCLS Client\HeciServer.exe (ID: 1176 |ParentID: 880) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (ID: 1316 |ParentID: 880) C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe (ID: 1416 |ParentID: 880) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (ID: 2308 |ParentID: 880) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (ID: 2328 |ParentID: 880) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (ID: 2444 |ParentID: 880) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE (ID: 2972 |ParentID: 880) C:\Windows\system32\svchost.exe (ID: 3224 |ParentID: 880) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (ID: 4012 |ParentID: 880) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (ID: 3256 |ParentID: 880) C:\Program Files\Windows Media Player\wmpnetwk.exe (ID: 3536 |ParentID: 880) C:\Windows\system32\wbem\wmiprvse.exe (ID: 2232 |ParentID: 1012) C:\Windows\system32\SearchIndexer.exe (ID: 1892 |ParentID: 880) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (ID: 1280 |ParentID: 880) C:\Windows\system32\taskhost.exe (ID: 3996 |ParentID: 880) C:\Windows\system32\taskeng.exe (ID: 428 |ParentID: 1132) C:\Windows\system32\Dwm.exe (ID: 940 |ParentID: 1060) C:\Windows\Explorer.EXE (ID: 164 |ParentID: 1192) C:\Windows\System32\igfxtray.exe (ID: 3852 |ParentID: 164) C:\Windows\System32\hkcmd.exe (ID: 3876 |ParentID: 164) C:\Windows\System32\igfxpers.exe (ID: 3892 |ParentID: 164) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (ID: 3272 |ParentID: 164) C:\Program Files\Elantech\ETDCtrl.exe (ID: 1244 |ParentID: 164) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe (ID: 1292 |ParentID: 164) C:\Windows\system32\igfxsrvc.exe (ID: 3888 |ParentID: 1012) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (ID: 4028 |ParentID: 3756) C:\Program Files (x86)\AVG\AVG2013\avgui.exe (ID: 3388 |ParentID: 3756) C:\Windows\system32\igfxext.exe (ID: 4120 |ParentID: 1012) C:\Windows\system32\wbem\unsecapp.exe (ID: 4344 |ParentID: 1012) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerEvent.exe (ID: 4508 |ParentID: 1972) C:\Program Files\Elantech\ETDCtrlHelper.exe (ID: 4724 |ParentID: 1244) C:\Windows\System32\svchost.exe (ID: 4988 |ParentID: 880) C:\Windows\system32\DllHost.exe (ID: 1556 |ParentID: 1012) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe (ID: 4504 |ParentID: 428) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (ID: 5052 |ParentID: 164) C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe (ID: 3348 |ParentID: 5052) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe (ID: 4636 |ParentID: 3348) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe (ID: 3980 |ParentID: 4636) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (ID: 1448 |ParentID: 880) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (ID: 4884 |ParentID: 1448) C:\Windows\System32\WUDFHost.exe (ID: 4808 |ParentID: 1060) C:\Program Files (x86)\AVG\AVG2013\avgcfgex.exe (ID: 6040 |ParentID: 3388) C:\Windows\system32\wbem\wmiprvse.exe (ID: 4576 |ParentID: 1012) ################## | Regedit Run | 04 - HKLM\..\Run : [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" 04 - HKLM\..\Run : [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY 04 - HKLM\..\RunOnce : [] 04 - HKLM64\..\Run : [IgfxTray] C:\Windows\system32\igfxtray.exe 04 - HKLM64\..\Run : [HotKeysCmds] C:\Windows\system32\hkcmd.exe 04 - HKLM64\..\Run : [Persistence] C:\Windows\system32\igfxpers.exe 04 - HKLM64\..\Run : [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s 04 - HKLM64\..\Run : [ETDCtrl] %ProgramFiles%\Elantech\ETDCtrl.exe 04 - HKLM64\..\Run : [Power Management] C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe 04 - HKU\S-1-5-19\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun 04 - HKU\S-1-5-20\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun 04 - HKU\S-1-5-21-1484964362-2099047394-3726948834-1000\..\Run : [msnmsgr] ~"C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background 04 - HKU\S-1-5-21-1484964362-2099047394-3726948834-1000\..\Run : [AVG-Secure-Search-Update_0913b] C:\Users\Loïc\AppData\Roaming\AVG 0913b Campaign\AVG-Secure-Search-Update-0913b.exe /PROMPT --mid aae7690294954039bcd70e188b2a2b55-705b76e7048b4c1eb19ec4cb3b489f52d4bcfa9b --CMPID 0913b 04 - HKU\S-1-5-19\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe 04 - HKU\S-1-5-20\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe ################## | Recherche générique | Présent! C:\Windows\SysWOW64\update.exe ################## | Registre | ################## | Vaccin | ################## | E.O.F | http://www.usbfix.net - http://www.sosvirus.net |