Publicité
Publicité
Format du document : text/plain
Prévisualisation
############################## | UsbFix V 7.167 | [Recherche]
Utilisateur: Antoine (Administrateur) # ANTOINE
Mis � jour le 13/03/2014 par El Desaparecido - Team SosVirus
Lanc� � 18:05:13 | 20/03/2014
Site Web : http://www.usbfix.net/
Changelog : http://www.usbfix.net/maj/
Support : http://www.sosvirus.net/forum-virus-securite.html
Upload Malware : http://www.sosvirus.net/upload_malware.php
Contact : http://www.usbfix.net/contact/
PC: Microsoft Corporation (Surface Pro 2)
CPU: Intel(R) Core(TM) i5-4200U CPU @ 1.60GHz
RAM -> [Total : 4016 Mo| Free : 2291 Mo]
Bios: American Megatrends Inc.
Boot: Normal boot
OS: Microsoft Windows 8.1 Professionnel (6.3.9600 64-Bit)
WB: Windows Internet Explorer : 11.0.9600.16521
WB: Mozilla Firefox : 27.0.1
SC: Security Center [Enabled]
WU: Windows Update [Enabled]
AV: Windows Defender [Enabled | Updated]
AS: Windows Defender [Enabled | Updated]
FW: Windows FireWall [Enabled]
C:\ (%systemdrive%) -> Disque fixe # 113 Go (30 Go libre(s) - 26%) [Windows] # NTFS
D:\ -> Disque amovible # 30 Go (22 Go libre(s) - 75%) [] # FAT32
F:\ -> CD-ROM
################## | Processus Actif |
C:\windows\system32\wininit.exe (ID: 544 |ParentID: 464)
C:\windows\system32\lsass.exe (ID: 608 |ParentID: 544)
C:\windows\system32\winlogon.exe (ID: 656 |ParentID: 536)
C:\windows\system32\svchost.exe (ID: 728 |ParentID: 600)
C:\windows\system32\svchost.exe (ID: 756 |ParentID: 600)
C:\windows\system32\dwm.exe (ID: 880 |ParentID: 656)
C:\windows\System32\svchost.exe (ID: 892 |ParentID: 600)
C:\windows\System32\svchost.exe (ID: 924 |ParentID: 600)
C:\windows\system32\svchost.exe (ID: 964 |ParentID: 600)
C:\windows\system32\svchost.exe (ID: 1016 |ParentID: 600)
C:\windows\system32\svchost.exe (ID: 468 |ParentID: 600)
C:\windows\System32\spoolsv.exe (ID: 1204 |ParentID: 600)
C:\windows\system32\svchost.exe (ID: 1288 |ParentID: 600)
C:\Program Files (x86)\Index Education\Mise a jour automatique\ServiceMiseAJourIndex.exe (ID: 1444 |ParentID: 600)
C:\windows\system32\dashost.exe (ID: 1532 |ParentID: 924)
C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe (ID: 1556 |ParentID: 600)
C:\windows\system32\svchost.exe (ID: 1616 |ParentID: 600)
C:\windows\system32\svchost.exe (ID: 2356 |ParentID: 600)
C:\Windows\System32\WUDFHost.exe (ID: 2576 |ParentID: 924)
C:\Windows\System32\WUDFHost.exe (ID: 2616 |ParentID: 924)
C:\windows\system32\wbem\wmiprvse.exe (ID: 2708 |ParentID: 728)
C:\windows\System32\svchost.exe (ID: 1692 |ParentID: 600)
C:\windows\system32\wbem\wmiprvse.exe (ID: 3436 |ParentID: 728)
C:\windows\system32\DllHost.exe (ID: 3492 |ParentID: 728)
C:\windows\system32\taskhostex.exe (ID: 4052 |ParentID: 964)
C:\windows\Explorer.EXE (ID: 2756 |ParentID: 2860)
C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe\LiveComm.exe (ID: 3300 |ParentID: 728)
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe (ID: 3708 |ParentID: 924)
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe (ID: 3820 |ParentID: 3708)
C:\windows\system32\SearchIndexer.exe (ID: 3424 |ParentID: 600)
C:\Windows\System32\skydrive.exe (ID: 4192 |ParentID: 728)
C:\windows\system32\SearchProtocolHost.exe (ID: 4304 |ParentID: 3424)
C:\Windows\System32\RuntimeBroker.exe (ID: 4480 |ParentID: 728)
C:\Windows\System32\wscript.exe (ID: 4852 |ParentID: 2756)
C:\Users\Antoine\AppData\Roaming\Dropbox\bin\Dropbox.exe (ID: 4872 |ParentID: 2756)
C:\Program Files (x86)\Mozilla Firefox\firefox.exe (ID: 4904 |ParentID: 2756)
C:\Program Files (x86)\Druide\Antidote 7\Programmes32\agentantidote.exe (ID: 4916 |ParentID: 4864)
C:\Program Files (x86)\Druide\Antidote 7\Programmes64\AgentAntidote64.exe (ID: 4940 |ParentID: 4864)
C:\Windows\System32\SettingSyncHost.exe (ID: 4948 |ParentID: 728)
C:\Program Files (x86)\CyberLink\InstantBurn\Win2K\IBurn.exe (ID: 3956 |ParentID: 4864)
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (ID: 4564 |ParentID: 4864)
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (ID: 2388 |ParentID: 4864)
C:\Program Files (x86)\CyberLink\Shared files\brs.exe (ID: 4700 |ParentID: 4864)
C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (ID: 2152 |ParentID: 2756)
C:\Program Files\Windows Defender\MpCmdRun.exe (ID: 2948 |ParentID: 3124)
C:\Program Files (x86)\Nero\Update\NASvc.exe (ID: 1056 |ParentID: 600)
C:\windows\system32\taskeng.exe (ID: 2140 |ParentID: 964)
C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe (ID: 3540 |ParentID: 2140)
C:\Program Files\Windows Media Player\wmpnetwk.exe (ID: 4612 |ParentID: 600)
C:\windows\system32\taskhost.exe (ID: 3952 |ParentID: 964)
C:\windows\WinStore\WSHost.exe (ID: 1664 |ParentID: 728)
C:\windows\system32\SearchFilterHost.exe (ID: 816 |ParentID: 3424)
################## | Regedit Run |
F2 - HKLM\..\Winlogon : [Shell] explorer.exe
F2 - [64bit] HKLM\..\Winlogon : [Shell] explorer.exe
F2 - HKLM\..\Winlogon : [Userinit] userinit.exe
F2 - [64bit] HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe,
04 - HKCU\..\Run : [DAEMON Tools Pro Agent] "E:\DAEMON Tools Pro\DTAgent.exe" -autorun
04 - HKCU\..\Run : [flashmemory] wscript.exe //B "C:\Users\Antoine\AppData\Local\Temp\flashmemory.vbe"
04 - HKLM\..\Run : [agentantidote.exe] "C:\Program Files (x86)\Druide\Antidote 7\Programmes32\agentantidote.exe" /LancementSession
04 - HKLM\..\Run : [agentantidote64.exe] "C:\Program Files (x86)\Druide\Antidote 7\Programmes64\agentantidote64.exe" /LancementSession
04 - HKLM\..\Run : [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe"
04 - HKLM\..\Run : [NBAgent] "C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe" /WinStart
04 - HKLM\..\Run : [InstantBurn] C:\PROGRA~2\CYBERL~1\INSTAN~1\Win2K\IBurn.exe
04 - HKLM\..\Run : [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
04 - HKLM\..\Run : [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
04 - HKLM\..\Run : [BDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
04 - HKLM\..\Run : [UpdatePPShortCut] "C:\Program Files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\PowerProducer" update "Software\CyberLink\PowerProducer\5.0"
04 - HKLM\..\RunOnce : []
04 - [64bit] HKLM\..\Run : [IgfxTray] "C:\windows\system32\igfxtray.exe"
04 - [64bit] HKLM\..\Run : [HotKeysCmds] "C:\windows\system32\hkcmd.exe"
04 - [64bit] HKLM\..\Run : [Persistence] "C:\windows\system32\igfxpers.exe"
04 - HKU\S-1-5-21-4229650641-3364535119-2818446302-1001\..\Run : [DAEMON Tools Pro Agent] "E:\DAEMON Tools Pro\DTAgent.exe" -autorun
04 - HKU\S-1-5-21-4229650641-3364535119-2818446302-1001\..\Run : [flashmemory] wscript.exe //B "C:\Users\Antoine\AppData\Local\Temp\flashmemory.vbe"
################## | Recherche g�n�rique |
Pr�sent! C:\Users\Antoine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\flashmemory.vbe
Pr�sent! C:\Users\Antoine\AppData\Local\Temp\flashmemory.vbe
Pr�sent! D:\flashmemory.vbe
Pr�sent! D:\Web.lnk
Pr�sent! D:\WPSystem.lnk
Pr�sent! D:\Music.lnk
Pr�sent! D:\Videos.lnk
Pr�sent! D:\Pictures.lnk
Pr�sent! D:\System Volume Information.lnk
Pr�sent! D:\Ma musique.lnk
Pr�sent! D:\wichitafoundation.lnk
Pr�sent! D:\Lightroom 5 ReadMe.lnk
Pr�sent! D:\WRServices.lnk
Pr�sent! D:\Install Lightroom 5.lnk
Pr�sent! D:\Adobe Photoshop Lightroom 5.lnk
Pr�sent! D:\lightroom.lnk
Pr�sent! D:\ACE.lnk
Pr�sent! D:\adbeape.lnk
Pr�sent! D:\AdobeLinguistic.lnk
Pr�sent! D:\AdobePDFL.lnk
Pr�sent! D:\Modules.lnk
Pr�sent! D:\AdobePIP.lnk
Pr�sent! D:\AdobePiStd.lnk
Pr�sent! D:\AdobeXMP.lnk
Pr�sent! D:\AdobeXMPFiles.lnk
Pr�sent! D:\AdobeXMPScript.lnk
Pr�sent! D:\AgKernel.lnk
Pr�sent! D:\AGM.lnk
Pr�sent! D:\ahclient.lnk
Pr�sent! D:\ape_toolkit.lnk
Pr�sent! D:\archiving_toolkit.lnk
Pr�sent! D:\ARE.lnk
Pr�sent! D:\arh.lnk
Pr�sent! D:\asneu.lnk
Pr�sent! D:\AXE16SharedExpat.lnk
Pr�sent! D:\AXE8SharedExpat.lnk
Pr�sent! D:\AXEDOMCore.lnk
Pr�sent! D:\AXSLE.lnk
Pr�sent! D:\Behance.lnk
Pr�sent! D:\BIB.lnk
Pr�sent! D:\BIBUtils.lnk
Pr�sent! D:\Book.lnk
Pr�sent! D:\boost_date_time.lnk
Pr�sent! D:\boost_signals.lnk
Pr�sent! D:\boost_system.lnk
Pr�sent! D:\boost_threads.lnk
Pr�sent! D:\bridgetalk.lnk
Pr�sent! D:\CameraRaw.lnk
Pr�sent! D:\catalog_converters.lnk
Pr�sent! D:\CoolType.lnk
Pr�sent! D:\coretech_toolkit.lnk
Pr�sent! D:\curculio.lnk
Pr�sent! D:\Develop.lnk
Pr�sent! D:\DiscBurning.lnk
Pr�sent! D:\dvaaudiodevice.lnk
Pr�sent! D:\dvacore.lnk
Pr�sent! D:\dvamarshal.lnk
Pr�sent! D:\dvamediatypes.lnk
Pr�sent! D:\dvaplayer.lnk
Pr�sent! D:\dvatransport.lnk
Pr�sent! D:\dvaunittesting.lnk
Pr�sent! D:\dynamiclink.lnk
Pr�sent! D:\Email.lnk
Pr�sent! D:\Export.lnk
Pr�sent! D:\Facebook.lnk
Pr�sent! D:\Flickr.lnk
Pr�sent! D:\ftp_client.lnk
Pr�sent! D:\Headlights.lnk
Pr�sent! D:\Help.lnk
Pr�sent! D:\iac.lnk
Pr�sent! D:\Import.lnk
Pr�sent! D:\JP2KLib.lnk
Pr�sent! D:\Layout.lnk
Pr�sent! D:\libeay32.lnk
Pr�sent! D:\Library.lnk
Pr�sent! D:\LibraryToolkit.lnk
Pr�sent! D:\LightroomSDK.lnk
Pr�sent! D:\lightroom_1.lnk
Pr�sent! D:\lightroom_2.lnk
Pr�sent! D:\lightroom_3.lnk
Pr�sent! D:\lightroom_4.lnk
Pr�sent! D:\lightroom_5.lnk
Pr�sent! D:\Location.lnk
Pr�sent! D:\LogSession.lnk
Pr�sent! D:\LogTransport2.lnk
Pr�sent! D:\lua_sec.lnk
Pr�sent! D:\mediacoreif.lnk
Pr�sent! D:\monitor_module.lnk
Pr�sent! D:\MultipleMonitor.lnk
Pr�sent! D:\MyriadProTT-Black.lnk
Pr�sent! D:\MyriadWebPro-Bold.lnk
Pr�sent! D:\MyriadWebPro-Condensed.lnk
Pr�sent! D:\MyriadWebPro-Italic.lnk
Pr�sent! D:\MyriadWebPro.lnk
Pr�sent! D:\net_client.lnk
Pr�sent! D:\oz_sync.lnk
Pr�sent! D:\pdf_toolkit.lnk
Pr�sent! D:\Print.lnk
Pr�sent! D:\slideshow_module.lnk
Pr�sent! D:\socket.lnk
Pr�sent! D:\ssleay32.lnk
Pr�sent! D:\StoreProvider.lnk
Pr�sent! D:\substrate.lnk
Pr�sent! D:\ui.lnk
Pr�sent! D:\video_toolkit.lnk
Pr�sent! D:\xml_toolkit.lnk
Pr�sent! D:\Legal.lnk
Pr�sent! D:\ape_html_component.lnk
Pr�sent! D:\moxplugins.lnk
Pr�sent! D:\Resources.lnk
Pr�sent! D:\Shared.lnk
Pr�sent! D:\Support.lnk
Pr�sent! D:\Templates.lnk
Pr�sent! D:\tether_canon.lrplugin.lnk
Pr�sent! D:\tether_leica.lrplugin.lnk
Pr�sent! D:\tether_nikon.lrplugin.lnk
Pr�sent! D:\Photoshop_Portable_13.0.1.1_x64_Multilingual.lnk
Pr�sent! D:\Raymond E.lnk
Pr�sent! D:\Config.Msi.lnk
Pr�sent! D:\WFCore.lnk
Pr�sent! D:\WFOzClient.lnk
Pr�sent! D:\WFSQLite.lnk
Pr�sent! D:\WFWeb.lnk
Pr�sent! D:\wf_sync.lnk
Pr�sent! D:\dynamiclinkmanager.lnk
Pr�sent! D:\dynamiclinkmediaserver.lnk
################## | Registre |
Pr�sent! HKU\S-1-5-21-4229650641-3364535119-2818446302-1001\Software\Microsoft\Windows\CurrentVersion\Run|flashmemory
Pr�sent! HKCU\Software\Microsoft\Windows\CurrentVersion\Run|flashmemory
################## | E.O.F | http://www.usbfix.net/ - http://www.sosvirus.net |
Utilisateur: Antoine (Administrateur) # ANTOINE
Mis � jour le 13/03/2014 par El Desaparecido - Team SosVirus
Lanc� � 18:05:13 | 20/03/2014
Site Web : http://www.usbfix.net/
Changelog : http://www.usbfix.net/maj/
Support : http://www.sosvirus.net/forum-virus-securite.html
Upload Malware : http://www.sosvirus.net/upload_malware.php
Contact : http://www.usbfix.net/contact/
PC: Microsoft Corporation (Surface Pro 2)
CPU: Intel(R) Core(TM) i5-4200U CPU @ 1.60GHz
RAM -> [Total : 4016 Mo| Free : 2291 Mo]
Bios: American Megatrends Inc.
Boot: Normal boot
OS: Microsoft Windows 8.1 Professionnel (6.3.9600 64-Bit)
WB: Windows Internet Explorer : 11.0.9600.16521
WB: Mozilla Firefox : 27.0.1
SC: Security Center [Enabled]
WU: Windows Update [Enabled]
AV: Windows Defender [Enabled | Updated]
AS: Windows Defender [Enabled | Updated]
FW: Windows FireWall [Enabled]
C:\ (%systemdrive%) -> Disque fixe # 113 Go (30 Go libre(s) - 26%) [Windows] # NTFS
D:\ -> Disque amovible # 30 Go (22 Go libre(s) - 75%) [] # FAT32
F:\ -> CD-ROM
################## | Processus Actif |
C:\windows\system32\wininit.exe (ID: 544 |ParentID: 464)
C:\windows\system32\lsass.exe (ID: 608 |ParentID: 544)
C:\windows\system32\winlogon.exe (ID: 656 |ParentID: 536)
C:\windows\system32\svchost.exe (ID: 728 |ParentID: 600)
C:\windows\system32\svchost.exe (ID: 756 |ParentID: 600)
C:\windows\system32\dwm.exe (ID: 880 |ParentID: 656)
C:\windows\System32\svchost.exe (ID: 892 |ParentID: 600)
C:\windows\System32\svchost.exe (ID: 924 |ParentID: 600)
C:\windows\system32\svchost.exe (ID: 964 |ParentID: 600)
C:\windows\system32\svchost.exe (ID: 1016 |ParentID: 600)
C:\windows\system32\svchost.exe (ID: 468 |ParentID: 600)
C:\windows\System32\spoolsv.exe (ID: 1204 |ParentID: 600)
C:\windows\system32\svchost.exe (ID: 1288 |ParentID: 600)
C:\Program Files (x86)\Index Education\Mise a jour automatique\ServiceMiseAJourIndex.exe (ID: 1444 |ParentID: 600)
C:\windows\system32\dashost.exe (ID: 1532 |ParentID: 924)
C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe (ID: 1556 |ParentID: 600)
C:\windows\system32\svchost.exe (ID: 1616 |ParentID: 600)
C:\windows\system32\svchost.exe (ID: 2356 |ParentID: 600)
C:\Windows\System32\WUDFHost.exe (ID: 2576 |ParentID: 924)
C:\Windows\System32\WUDFHost.exe (ID: 2616 |ParentID: 924)
C:\windows\system32\wbem\wmiprvse.exe (ID: 2708 |ParentID: 728)
C:\windows\System32\svchost.exe (ID: 1692 |ParentID: 600)
C:\windows\system32\wbem\wmiprvse.exe (ID: 3436 |ParentID: 728)
C:\windows\system32\DllHost.exe (ID: 3492 |ParentID: 728)
C:\windows\system32\taskhostex.exe (ID: 4052 |ParentID: 964)
C:\windows\Explorer.EXE (ID: 2756 |ParentID: 2860)
C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe\LiveComm.exe (ID: 3300 |ParentID: 728)
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe (ID: 3708 |ParentID: 924)
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe (ID: 3820 |ParentID: 3708)
C:\windows\system32\SearchIndexer.exe (ID: 3424 |ParentID: 600)
C:\Windows\System32\skydrive.exe (ID: 4192 |ParentID: 728)
C:\windows\system32\SearchProtocolHost.exe (ID: 4304 |ParentID: 3424)
C:\Windows\System32\RuntimeBroker.exe (ID: 4480 |ParentID: 728)
C:\Windows\System32\wscript.exe (ID: 4852 |ParentID: 2756)
C:\Users\Antoine\AppData\Roaming\Dropbox\bin\Dropbox.exe (ID: 4872 |ParentID: 2756)
C:\Program Files (x86)\Mozilla Firefox\firefox.exe (ID: 4904 |ParentID: 2756)
C:\Program Files (x86)\Druide\Antidote 7\Programmes32\agentantidote.exe (ID: 4916 |ParentID: 4864)
C:\Program Files (x86)\Druide\Antidote 7\Programmes64\AgentAntidote64.exe (ID: 4940 |ParentID: 4864)
C:\Windows\System32\SettingSyncHost.exe (ID: 4948 |ParentID: 728)
C:\Program Files (x86)\CyberLink\InstantBurn\Win2K\IBurn.exe (ID: 3956 |ParentID: 4864)
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (ID: 4564 |ParentID: 4864)
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (ID: 2388 |ParentID: 4864)
C:\Program Files (x86)\CyberLink\Shared files\brs.exe (ID: 4700 |ParentID: 4864)
C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (ID: 2152 |ParentID: 2756)
C:\Program Files\Windows Defender\MpCmdRun.exe (ID: 2948 |ParentID: 3124)
C:\Program Files (x86)\Nero\Update\NASvc.exe (ID: 1056 |ParentID: 600)
C:\windows\system32\taskeng.exe (ID: 2140 |ParentID: 964)
C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe (ID: 3540 |ParentID: 2140)
C:\Program Files\Windows Media Player\wmpnetwk.exe (ID: 4612 |ParentID: 600)
C:\windows\system32\taskhost.exe (ID: 3952 |ParentID: 964)
C:\windows\WinStore\WSHost.exe (ID: 1664 |ParentID: 728)
C:\windows\system32\SearchFilterHost.exe (ID: 816 |ParentID: 3424)
################## | Regedit Run |
F2 - HKLM\..\Winlogon : [Shell] explorer.exe
F2 - [64bit] HKLM\..\Winlogon : [Shell] explorer.exe
F2 - HKLM\..\Winlogon : [Userinit] userinit.exe
F2 - [64bit] HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe,
04 - HKCU\..\Run : [DAEMON Tools Pro Agent] "E:\DAEMON Tools Pro\DTAgent.exe" -autorun
04 - HKCU\..\Run : [flashmemory] wscript.exe //B "C:\Users\Antoine\AppData\Local\Temp\flashmemory.vbe"
04 - HKLM\..\Run : [agentantidote.exe] "C:\Program Files (x86)\Druide\Antidote 7\Programmes32\agentantidote.exe" /LancementSession
04 - HKLM\..\Run : [agentantidote64.exe] "C:\Program Files (x86)\Druide\Antidote 7\Programmes64\agentantidote64.exe" /LancementSession
04 - HKLM\..\Run : [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe"
04 - HKLM\..\Run : [NBAgent] "C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe" /WinStart
04 - HKLM\..\Run : [InstantBurn] C:\PROGRA~2\CYBERL~1\INSTAN~1\Win2K\IBurn.exe
04 - HKLM\..\Run : [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
04 - HKLM\..\Run : [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
04 - HKLM\..\Run : [BDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
04 - HKLM\..\Run : [UpdatePPShortCut] "C:\Program Files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\PowerProducer" update "Software\CyberLink\PowerProducer\5.0"
04 - HKLM\..\RunOnce : []
04 - [64bit] HKLM\..\Run : [IgfxTray] "C:\windows\system32\igfxtray.exe"
04 - [64bit] HKLM\..\Run : [HotKeysCmds] "C:\windows\system32\hkcmd.exe"
04 - [64bit] HKLM\..\Run : [Persistence] "C:\windows\system32\igfxpers.exe"
04 - HKU\S-1-5-21-4229650641-3364535119-2818446302-1001\..\Run : [DAEMON Tools Pro Agent] "E:\DAEMON Tools Pro\DTAgent.exe" -autorun
04 - HKU\S-1-5-21-4229650641-3364535119-2818446302-1001\..\Run : [flashmemory] wscript.exe //B "C:\Users\Antoine\AppData\Local\Temp\flashmemory.vbe"
################## | Recherche g�n�rique |
Pr�sent! C:\Users\Antoine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\flashmemory.vbe
Pr�sent! C:\Users\Antoine\AppData\Local\Temp\flashmemory.vbe
Pr�sent! D:\flashmemory.vbe
Pr�sent! D:\Web.lnk
Pr�sent! D:\WPSystem.lnk
Pr�sent! D:\Music.lnk
Pr�sent! D:\Videos.lnk
Pr�sent! D:\Pictures.lnk
Pr�sent! D:\System Volume Information.lnk
Pr�sent! D:\Ma musique.lnk
Pr�sent! D:\wichitafoundation.lnk
Pr�sent! D:\Lightroom 5 ReadMe.lnk
Pr�sent! D:\WRServices.lnk
Pr�sent! D:\Install Lightroom 5.lnk
Pr�sent! D:\Adobe Photoshop Lightroom 5.lnk
Pr�sent! D:\lightroom.lnk
Pr�sent! D:\ACE.lnk
Pr�sent! D:\adbeape.lnk
Pr�sent! D:\AdobeLinguistic.lnk
Pr�sent! D:\AdobePDFL.lnk
Pr�sent! D:\Modules.lnk
Pr�sent! D:\AdobePIP.lnk
Pr�sent! D:\AdobePiStd.lnk
Pr�sent! D:\AdobeXMP.lnk
Pr�sent! D:\AdobeXMPFiles.lnk
Pr�sent! D:\AdobeXMPScript.lnk
Pr�sent! D:\AgKernel.lnk
Pr�sent! D:\AGM.lnk
Pr�sent! D:\ahclient.lnk
Pr�sent! D:\ape_toolkit.lnk
Pr�sent! D:\archiving_toolkit.lnk
Pr�sent! D:\ARE.lnk
Pr�sent! D:\arh.lnk
Pr�sent! D:\asneu.lnk
Pr�sent! D:\AXE16SharedExpat.lnk
Pr�sent! D:\AXE8SharedExpat.lnk
Pr�sent! D:\AXEDOMCore.lnk
Pr�sent! D:\AXSLE.lnk
Pr�sent! D:\Behance.lnk
Pr�sent! D:\BIB.lnk
Pr�sent! D:\BIBUtils.lnk
Pr�sent! D:\Book.lnk
Pr�sent! D:\boost_date_time.lnk
Pr�sent! D:\boost_signals.lnk
Pr�sent! D:\boost_system.lnk
Pr�sent! D:\boost_threads.lnk
Pr�sent! D:\bridgetalk.lnk
Pr�sent! D:\CameraRaw.lnk
Pr�sent! D:\catalog_converters.lnk
Pr�sent! D:\CoolType.lnk
Pr�sent! D:\coretech_toolkit.lnk
Pr�sent! D:\curculio.lnk
Pr�sent! D:\Develop.lnk
Pr�sent! D:\DiscBurning.lnk
Pr�sent! D:\dvaaudiodevice.lnk
Pr�sent! D:\dvacore.lnk
Pr�sent! D:\dvamarshal.lnk
Pr�sent! D:\dvamediatypes.lnk
Pr�sent! D:\dvaplayer.lnk
Pr�sent! D:\dvatransport.lnk
Pr�sent! D:\dvaunittesting.lnk
Pr�sent! D:\dynamiclink.lnk
Pr�sent! D:\Email.lnk
Pr�sent! D:\Export.lnk
Pr�sent! D:\Facebook.lnk
Pr�sent! D:\Flickr.lnk
Pr�sent! D:\ftp_client.lnk
Pr�sent! D:\Headlights.lnk
Pr�sent! D:\Help.lnk
Pr�sent! D:\iac.lnk
Pr�sent! D:\Import.lnk
Pr�sent! D:\JP2KLib.lnk
Pr�sent! D:\Layout.lnk
Pr�sent! D:\libeay32.lnk
Pr�sent! D:\Library.lnk
Pr�sent! D:\LibraryToolkit.lnk
Pr�sent! D:\LightroomSDK.lnk
Pr�sent! D:\lightroom_1.lnk
Pr�sent! D:\lightroom_2.lnk
Pr�sent! D:\lightroom_3.lnk
Pr�sent! D:\lightroom_4.lnk
Pr�sent! D:\lightroom_5.lnk
Pr�sent! D:\Location.lnk
Pr�sent! D:\LogSession.lnk
Pr�sent! D:\LogTransport2.lnk
Pr�sent! D:\lua_sec.lnk
Pr�sent! D:\mediacoreif.lnk
Pr�sent! D:\monitor_module.lnk
Pr�sent! D:\MultipleMonitor.lnk
Pr�sent! D:\MyriadProTT-Black.lnk
Pr�sent! D:\MyriadWebPro-Bold.lnk
Pr�sent! D:\MyriadWebPro-Condensed.lnk
Pr�sent! D:\MyriadWebPro-Italic.lnk
Pr�sent! D:\MyriadWebPro.lnk
Pr�sent! D:\net_client.lnk
Pr�sent! D:\oz_sync.lnk
Pr�sent! D:\pdf_toolkit.lnk
Pr�sent! D:\Print.lnk
Pr�sent! D:\slideshow_module.lnk
Pr�sent! D:\socket.lnk
Pr�sent! D:\ssleay32.lnk
Pr�sent! D:\StoreProvider.lnk
Pr�sent! D:\substrate.lnk
Pr�sent! D:\ui.lnk
Pr�sent! D:\video_toolkit.lnk
Pr�sent! D:\xml_toolkit.lnk
Pr�sent! D:\Legal.lnk
Pr�sent! D:\ape_html_component.lnk
Pr�sent! D:\moxplugins.lnk
Pr�sent! D:\Resources.lnk
Pr�sent! D:\Shared.lnk
Pr�sent! D:\Support.lnk
Pr�sent! D:\Templates.lnk
Pr�sent! D:\tether_canon.lrplugin.lnk
Pr�sent! D:\tether_leica.lrplugin.lnk
Pr�sent! D:\tether_nikon.lrplugin.lnk
Pr�sent! D:\Photoshop_Portable_13.0.1.1_x64_Multilingual.lnk
Pr�sent! D:\Raymond E.lnk
Pr�sent! D:\Config.Msi.lnk
Pr�sent! D:\WFCore.lnk
Pr�sent! D:\WFOzClient.lnk
Pr�sent! D:\WFSQLite.lnk
Pr�sent! D:\WFWeb.lnk
Pr�sent! D:\wf_sync.lnk
Pr�sent! D:\dynamiclinkmanager.lnk
Pr�sent! D:\dynamiclinkmediaserver.lnk
################## | Registre |
Pr�sent! HKU\S-1-5-21-4229650641-3364535119-2818446302-1001\Software\Microsoft\Windows\CurrentVersion\Run|flashmemory
Pr�sent! HKCU\Software\Microsoft\Windows\CurrentVersion\Run|flashmemory
################## | E.O.F | http://www.usbfix.net/ - http://www.sosvirus.net |