Publicité
Publicité
Format du document : text/plain
Prévisualisation
############################## | UsbFix V 7.166 | [Recherche]
Utilisateur: thibmarie (Administrateur) # THIBMARIE-PC
Mis � jour le 26/02/2014 par El Desaparecido - Team SosVirus
Lanc� � 19:57:07 | 05/03/2014
Site Web : http://www.usbfix.net/
Changelog : http://www.usbfix.net/maj/
Support : http://www.sosvirus.net/
Upload Malware : http://www.sosvirus.net/upload_malware.php
Contact : http://www.usbfix.net/contact/
PC: Gigabyte Technology Co., Ltd. (990FXA-UD3)
CPU: AMD FX(tm)-4300 Quad-Core Processor
RAM -> [Total : 6109 Mo| Free : 4243 Mo]
Bios: American Megatrends Inc.
Boot: Normal boot
OS: Microsoft Windows�7 �dition Familiale Premium (6.1.7601 64-Bit) Service Pack 1
WB: Windows Internet Explorer : 11.0.9600.16518
WB: Mozilla Firefox : 26.0
SC: Security Center [Enabled]
WU: Windows Update [Enabled]
AV: avast! Antivirus [Enabled | Updated]
AS: Windows Defender [Enabled | Updated]
AS: avast! Antivirus [Enabled | Updated]
FW: Windows FireWall [(!) Disabled]
AS: Malwarebytes' Anti-Malware : 1.75.0001
C:\ (%systemdrive%) -> Disque fixe # 466 Go (421 Go libre(s) - 90%) [] # NTFS
D:\ -> CD-ROM
E:\ -> CD-ROM
F:\ -> Disque amovible # 2 Go (2 Go libre(s) - 98%) [] # FAT
################## | Processus Actif |
C:\Windows\system32\csrss.exe (ID: 520 |ParentID: 512)
C:\Windows\system32\wininit.exe (ID: 604 |ParentID: 512)
C:\Windows\system32\csrss.exe (ID: 624 |ParentID: 612)
C:\Windows\system32\services.exe (ID: 660 |ParentID: 604)
C:\Windows\system32\lsass.exe (ID: 684 |ParentID: 604)
C:\Windows\system32\lsm.exe (ID: 692 |ParentID: 604)
C:\Windows\system32\winlogon.exe (ID: 776 |ParentID: 612)
C:\Windows\system32\svchost.exe (ID: 844 |ParentID: 660)
C:\Windows\system32\svchost.exe (ID: 932 |ParentID: 660)
C:\Windows\system32\atiesrxx.exe (ID: 996 |ParentID: 660)
C:\Windows\System32\svchost.exe (ID: 320 |ParentID: 660)
C:\Windows\System32\svchost.exe (ID: 416 |ParentID: 660)
C:\Windows\system32\svchost.exe (ID: 512 |ParentID: 660)
C:\Windows\system32\svchost.exe (ID: 688 |ParentID: 660)
C:\Windows\system32\atieclxx.exe (ID: 1152 |ParentID: 996)
C:\Windows\system32\svchost.exe (ID: 1216 |ParentID: 660)
C:\Program Files\AVAST Software\Avast\AvastSvc.exe (ID: 1284 |ParentID: 660)
C:\Windows\System32\spoolsv.exe (ID: 1548 |ParentID: 660)
C:\Windows\system32\svchost.exe (ID: 1580 |ParentID: 660)
C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (ID: 1676 |ParentID: 660)
C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe (ID: 1764 |ParentID: 660)
C:\Program Files (x86)\EaseUS\Todo Backup\bin\GuardAgent.exe (ID: 1808 |ParentID: 660)
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (ID: 1828 |ParentID: 660)
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (ID: 1852 |ParentID: 660)
C:\Windows\System32\vds.exe (ID: 2676 |ParentID: 660)
C:\Windows\system32\svchost.exe (ID: 2716 |ParentID: 660)
C:\Windows\System32\WUDFHost.exe (ID: 2348 |ParentID: 416)
C:\Windows\system32\taskhost.exe (ID: 2960 |ParentID: 660)
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (ID: 2900 |ParentID: 1852)
C:\Windows\system32\Dwm.exe (ID: 2896 |ParentID: 416)
C:\Windows\Explorer.EXE (ID: 3088 |ParentID: 2788)
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (ID: 4020 |ParentID: 3088)
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (ID: 4084 |ParentID: 3088)
C:\Program Files (x86)\Skype\Phone\Skype.exe (ID: 3240 |ParentID: 3088)
C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe (ID: 3812 |ParentID: 4080)
C:\Program Files\AVAST Software\Avast\AvastUI.exe (ID: 3876 |ParentID: 4080)
C:\Program Files (x86)\EaseUS\Todo Backup\bin\EuWatch.exe (ID: 3892 |ParentID: 4080)
C:\Program Files (x86)\EaseUS\Todo Backup\bin\TrayNotify.exe (ID: 3080 |ParentID: 4080)
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (ID: 268 |ParentID: 3864)
C:\Windows\system32\SearchIndexer.exe (ID: 3432 |ParentID: 660)
C:\Program Files\Windows Media Player\wmpnetwk.exe (ID: 3836 |ParentID: 660)
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (ID: 3692 |ParentID: 268)
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (ID: 924 |ParentID: 660)
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe (ID: 4616 |ParentID: 660)
C:\Windows\System32\svchost.exe (ID: 3588 |ParentID: 660)
C:\Windows\system32\wuauclt.exe (ID: 2652 |ParentID: 688)
C:\Program Files (x86)\Mozilla Firefox\firefox.exe (ID: 4612 |ParentID: 3088)
C:\Windows\system32\wbem\wmiprvse.exe (ID: 4324 |ParentID: 844)
C:\Windows\system32\SearchProtocolHost.exe (ID: 4092 |ParentID: 3432)
C:\Windows\system32\wbem\wmiprvse.exe (ID: 2920 |ParentID: 844)
C:\Windows\system32\SearchFilterHost.exe (ID: 1564 |ParentID: 3432)
c:\program files\windows defender\MpCmdRun.exe (ID: 2268 |ParentID: 2824)
C:\Windows\system32\DllHost.exe (ID: 4548 |ParentID: 844)
\\?\C:\Windows\system32\wbem\WMIADAP.EXE (ID: 2672 |ParentID: 688)
################## | Regedit Run |
04 - HKCU\..\Run : [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
04 - HKCU\..\Run : [Overwolf] C:\Program Files (x86)\Overwolf\Overwolf.exe -silent
04 - HKCU\..\Run : [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
04 - HKLM\..\Run : [Dolby Home Theater v4] "C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe" -autostart
04 - HKLM\..\Run : [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
04 - HKLM\..\Run : [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
04 - HKLM\..\Run : [EaseUs Watch] "C:\Program Files (x86)\EaseUS\Todo Backup\bin\EuWatch.exe"
04 - HKLM\..\Run : [EaseUs Tray] "C:\Program Files (x86)\EaseUS\Todo Backup\bin\TrayNotify.exe"
04 - HKLM\..\RunOnce : []
04 - HKLM64\..\Run : [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
04 - HKLM64\..\Run : [RtHDVBg_Dolby] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4
04 - HKU\S-1-5-19\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-20\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-21-2819134896-1330970099-3206916520-1000\..\Run : [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
04 - HKU\S-1-5-21-2819134896-1330970099-3206916520-1000\..\Run : [Overwolf] C:\Program Files (x86)\Overwolf\Overwolf.exe -silent
04 - HKU\S-1-5-21-2819134896-1330970099-3206916520-1000\..\Run : [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
04 - HKU\S-1-5-19\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-20\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
################## | Recherche g�n�rique |
################## | Registre |
################## | E.O.F | http://www.usbfix.net/ - http://www.sosvirus.net |
Utilisateur: thibmarie (Administrateur) # THIBMARIE-PC
Mis � jour le 26/02/2014 par El Desaparecido - Team SosVirus
Lanc� � 19:57:07 | 05/03/2014
Site Web : http://www.usbfix.net/
Changelog : http://www.usbfix.net/maj/
Support : http://www.sosvirus.net/
Upload Malware : http://www.sosvirus.net/upload_malware.php
Contact : http://www.usbfix.net/contact/
PC: Gigabyte Technology Co., Ltd. (990FXA-UD3)
CPU: AMD FX(tm)-4300 Quad-Core Processor
RAM -> [Total : 6109 Mo| Free : 4243 Mo]
Bios: American Megatrends Inc.
Boot: Normal boot
OS: Microsoft Windows�7 �dition Familiale Premium (6.1.7601 64-Bit) Service Pack 1
WB: Windows Internet Explorer : 11.0.9600.16518
WB: Mozilla Firefox : 26.0
SC: Security Center [Enabled]
WU: Windows Update [Enabled]
AV: avast! Antivirus [Enabled | Updated]
AS: Windows Defender [Enabled | Updated]
AS: avast! Antivirus [Enabled | Updated]
FW: Windows FireWall [(!) Disabled]
AS: Malwarebytes' Anti-Malware : 1.75.0001
C:\ (%systemdrive%) -> Disque fixe # 466 Go (421 Go libre(s) - 90%) [] # NTFS
D:\ -> CD-ROM
E:\ -> CD-ROM
F:\ -> Disque amovible # 2 Go (2 Go libre(s) - 98%) [] # FAT
################## | Processus Actif |
C:\Windows\system32\csrss.exe (ID: 520 |ParentID: 512)
C:\Windows\system32\wininit.exe (ID: 604 |ParentID: 512)
C:\Windows\system32\csrss.exe (ID: 624 |ParentID: 612)
C:\Windows\system32\services.exe (ID: 660 |ParentID: 604)
C:\Windows\system32\lsass.exe (ID: 684 |ParentID: 604)
C:\Windows\system32\lsm.exe (ID: 692 |ParentID: 604)
C:\Windows\system32\winlogon.exe (ID: 776 |ParentID: 612)
C:\Windows\system32\svchost.exe (ID: 844 |ParentID: 660)
C:\Windows\system32\svchost.exe (ID: 932 |ParentID: 660)
C:\Windows\system32\atiesrxx.exe (ID: 996 |ParentID: 660)
C:\Windows\System32\svchost.exe (ID: 320 |ParentID: 660)
C:\Windows\System32\svchost.exe (ID: 416 |ParentID: 660)
C:\Windows\system32\svchost.exe (ID: 512 |ParentID: 660)
C:\Windows\system32\svchost.exe (ID: 688 |ParentID: 660)
C:\Windows\system32\atieclxx.exe (ID: 1152 |ParentID: 996)
C:\Windows\system32\svchost.exe (ID: 1216 |ParentID: 660)
C:\Program Files\AVAST Software\Avast\AvastSvc.exe (ID: 1284 |ParentID: 660)
C:\Windows\System32\spoolsv.exe (ID: 1548 |ParentID: 660)
C:\Windows\system32\svchost.exe (ID: 1580 |ParentID: 660)
C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (ID: 1676 |ParentID: 660)
C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe (ID: 1764 |ParentID: 660)
C:\Program Files (x86)\EaseUS\Todo Backup\bin\GuardAgent.exe (ID: 1808 |ParentID: 660)
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (ID: 1828 |ParentID: 660)
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (ID: 1852 |ParentID: 660)
C:\Windows\System32\vds.exe (ID: 2676 |ParentID: 660)
C:\Windows\system32\svchost.exe (ID: 2716 |ParentID: 660)
C:\Windows\System32\WUDFHost.exe (ID: 2348 |ParentID: 416)
C:\Windows\system32\taskhost.exe (ID: 2960 |ParentID: 660)
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (ID: 2900 |ParentID: 1852)
C:\Windows\system32\Dwm.exe (ID: 2896 |ParentID: 416)
C:\Windows\Explorer.EXE (ID: 3088 |ParentID: 2788)
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (ID: 4020 |ParentID: 3088)
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (ID: 4084 |ParentID: 3088)
C:\Program Files (x86)\Skype\Phone\Skype.exe (ID: 3240 |ParentID: 3088)
C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe (ID: 3812 |ParentID: 4080)
C:\Program Files\AVAST Software\Avast\AvastUI.exe (ID: 3876 |ParentID: 4080)
C:\Program Files (x86)\EaseUS\Todo Backup\bin\EuWatch.exe (ID: 3892 |ParentID: 4080)
C:\Program Files (x86)\EaseUS\Todo Backup\bin\TrayNotify.exe (ID: 3080 |ParentID: 4080)
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (ID: 268 |ParentID: 3864)
C:\Windows\system32\SearchIndexer.exe (ID: 3432 |ParentID: 660)
C:\Program Files\Windows Media Player\wmpnetwk.exe (ID: 3836 |ParentID: 660)
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (ID: 3692 |ParentID: 268)
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (ID: 924 |ParentID: 660)
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe (ID: 4616 |ParentID: 660)
C:\Windows\System32\svchost.exe (ID: 3588 |ParentID: 660)
C:\Windows\system32\wuauclt.exe (ID: 2652 |ParentID: 688)
C:\Program Files (x86)\Mozilla Firefox\firefox.exe (ID: 4612 |ParentID: 3088)
C:\Windows\system32\wbem\wmiprvse.exe (ID: 4324 |ParentID: 844)
C:\Windows\system32\SearchProtocolHost.exe (ID: 4092 |ParentID: 3432)
C:\Windows\system32\wbem\wmiprvse.exe (ID: 2920 |ParentID: 844)
C:\Windows\system32\SearchFilterHost.exe (ID: 1564 |ParentID: 3432)
c:\program files\windows defender\MpCmdRun.exe (ID: 2268 |ParentID: 2824)
C:\Windows\system32\DllHost.exe (ID: 4548 |ParentID: 844)
\\?\C:\Windows\system32\wbem\WMIADAP.EXE (ID: 2672 |ParentID: 688)
################## | Regedit Run |
04 - HKCU\..\Run : [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
04 - HKCU\..\Run : [Overwolf] C:\Program Files (x86)\Overwolf\Overwolf.exe -silent
04 - HKCU\..\Run : [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
04 - HKLM\..\Run : [Dolby Home Theater v4] "C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe" -autostart
04 - HKLM\..\Run : [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
04 - HKLM\..\Run : [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
04 - HKLM\..\Run : [EaseUs Watch] "C:\Program Files (x86)\EaseUS\Todo Backup\bin\EuWatch.exe"
04 - HKLM\..\Run : [EaseUs Tray] "C:\Program Files (x86)\EaseUS\Todo Backup\bin\TrayNotify.exe"
04 - HKLM\..\RunOnce : []
04 - HKLM64\..\Run : [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
04 - HKLM64\..\Run : [RtHDVBg_Dolby] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4
04 - HKU\S-1-5-19\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-20\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-21-2819134896-1330970099-3206916520-1000\..\Run : [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
04 - HKU\S-1-5-21-2819134896-1330970099-3206916520-1000\..\Run : [Overwolf] C:\Program Files (x86)\Overwolf\Overwolf.exe -silent
04 - HKU\S-1-5-21-2819134896-1330970099-3206916520-1000\..\Run : [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
04 - HKU\S-1-5-19\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-20\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
################## | Recherche g�n�rique |
################## | Registre |
################## | E.O.F | http://www.usbfix.net/ - http://www.sosvirus.net |