cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

############################## | UsbFix V 7.169 | [Recherche]

Utilisateur: MaXiMe (Administrateur) # MAXIME-PC
Mis � jour le 31/03/2014 par El Desaparecido - Team SosVirus
Lanc� � 23:29:58 | 01/05/2014

Site Web : http://www.usbfix.net/
Changelog : http://www.usbfix.net/maj/
Support : http://www.sosvirus.net/forum-virus-securite.html
Upload Malware : http://www.sosvirus.net/upload_malware.php
Contact : http://www.usbfix.net/contact/

PC: ASUSTeK Computer Inc. (K93SV)
CPU: Intel(R) Core(TM) i5-2430M CPU @ 2.40GHz
RAM -> [Total : 4005 Mo| Free : 1098 Mo]
Bios: American Megatrends Inc.
Boot: Normal boot

OS: Microsoft Windows�7 �dition Familiale Premium (6.1.7601 64-Bit) Service Pack 1
WB: Windows Internet Explorer : 11.0.9600.16521
WB: Google Chrome : 26.0.1410.64

SC: Security Center [Enabled]
WU: Windows Update [Enabled]
AV: Bitdefender Antivirus [Enabled | Updated]
AS: Windows Defender [(!) Disabled | Updated]
AS: Bitdefender Antispyware [Enabled | Updated]
FW: Bitdefender Pare-feu [Enabled]
FW: Windows FireWall [(!) Disabled]

C:\ (%systemdrive%) -> Disque fixe # 401 Go (41 Go libre(s) - 10%) [OS] # NTFS
D:\ -> Disque fixe # 506 Go (107 Go libre(s) - 21%) [DATA] # NTFS
E:\ -> CD-ROM
F:\ -> CD-ROM
G:\ -> Disque amovible # 14 Go (14 Go libre(s) - 100%) [USB DISK] # FAT32
H:\ -> Disque fixe # 244 Go (50 Go libre(s) - 20%) [Nouveau nom] # exFAT
J:\ -> Disque fixe # 687 Go (214 Go libre(s) - 31%) [Elements] # NTFS

################## | Processus Actif |

C:\Windows\system32\csrss.exe (ID: 596 |ParentID: 492)
C:\Windows\system32\wininit.exe (ID: 708 |ParentID: 492)
C:\Windows\system32\csrss.exe (ID: 728 |ParentID: 716)
C:\Windows\system32\services.exe (ID: 772 |ParentID: 708)
C:\Windows\system32\lsass.exe (ID: 784 |ParentID: 708)
C:\Windows\system32\lsm.exe (ID: 792 |ParentID: 708)
C:\Windows\system32\winlogon.exe (ID: 824 |ParentID: 716)
C:\Windows\system32\svchost.exe (ID: 948 |ParentID: 772)
C:\Program Files\Bitdefender\Bitdefender 2012\vsserv.exe (ID: 1004 |ParentID: 772)
C:\Windows\system32\nvvsvc.exe (ID: 964 |ParentID: 772)
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (ID: 1036 |ParentID: 772)
C:\Windows\system32\svchost.exe (ID: 1084 |ParentID: 772)
C:\Windows\System32\svchost.exe (ID: 1328 |ParentID: 772)
C:\Windows\System32\svchost.exe (ID: 1368 |ParentID: 772)
C:\Windows\system32\svchost.exe (ID: 1392 |ParentID: 772)
C:\Windows\system32\svchost.exe (ID: 1432 |ParentID: 772)
C:\Windows\system32\svchost.exe (ID: 1624 |ParentID: 772)
C:\Windows\system32\WLANExt.exe (ID: 1760 |ParentID: 1368)
C:\Windows\system32\FBAgent.exe (ID: 1780 |ParentID: 772)
C:\Windows\system32\conhost.exe (ID: 1788 |ParentID: 596)
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe (ID: 1844 |ParentID: 772)
C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ID: 1944 |ParentID: 772)
C:\Windows\System32\spoolsv.exe (ID: 2012 |ParentID: 772)
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (ID: 1388 |ParentID: 964)
C:\Windows\system32\nvvsvc.exe (ID: 1724 |ParentID: 964)
C:\Windows\system32\svchost.exe (ID: 2112 |ParentID: 772)
C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe (ID: 2332 |ParentID: 772)
C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (ID: 2496 |ParentID: 772)
C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (ID: 2528 |ParentID: 772)
C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE (ID: 2576 |ParentID: 772)
C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE (ID: 2652 |ParentID: 772)
C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe (ID: 2680 |ParentID: 772)
C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe (ID: 2748 |ParentID: 772)
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (ID: 2784 |ParentID: 772)
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (ID: 2916 |ParentID: 772)
C:\Windows\SysWOW64\PnkBstrA.exe (ID: 2952 |ParentID: 772)
C:\Windows\system32\rundll32.exe (ID: 3012 |ParentID: 3000)
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (ID: 3124 |ParentID: 772)
C:\Program Files\Bitdefender\Bitdefender 2012\updatesrv.exe (ID: 3208 |ParentID: 772)
C:\Program Files (x86)\Oodrive\WebSynchro\WS.WindowsService.exe (ID: 3244 |ParentID: 772)
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (ID: 3632 |ParentID: 772)
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (ID: 3672 |ParentID: 772)
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (ID: 3784 |ParentID: 3632)
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (ID: 3972 |ParentID: 772)
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE (ID: 4228 |ParentID: 772)
C:\Windows\system32\SearchIndexer.exe (ID: 4356 |ParentID: 772)
C:\Windows\system32\svchost.exe (ID: 4404 |ParentID: 772)
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (ID: 3748 |ParentID: 772)
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (ID: 300 |ParentID: 772)
C:\Windows\system32\svchost.exe (ID: 2524 |ParentID: 772)
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (ID: 3456 |ParentID: 772)
C:\Windows\system32\taskhost.exe (ID: 2816 |ParentID: 772)
C:\Windows\system32\taskeng.exe (ID: 4324 |ParentID: 1432)
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (ID: 1928 |ParentID: 2784)
C:\Windows\system32\Dwm.exe (ID: 3752 |ParentID: 1368)
C:\Program Files\Bitdefender\Bitdefender 2012\bdagent.exe (ID: 604 |ParentID: 1408)
C:\Windows\Explorer.EXE (ID: 4100 |ParentID: 4148)
C:\Windows\AsScrPro.exe (ID: 2036 |ParentID: 1780)
C:\Program Files\P4G\BatteryLife.exe (ID: 2072 |ParentID: 4324)
C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe (ID: 1572 |ParentID: 4324)
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe (ID: 3096 |ParentID: 4324)
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (ID: 1408 |ParentID: 1780)
C:\Windows\system32\conhost.exe (ID: 2456 |ParentID: 728)
C:\Windows\System32\hkcmd.exe (ID: 5256 |ParentID: 4100)
C:\Windows\System32\igfxpers.exe (ID: 5264 |ParentID: 4100)
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (ID: 5272 |ParentID: 4100)
C:\Program Files\Elantech\ETDCtrl.exe (ID: 5280 |ParentID: 4100)
C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe (ID: 5336 |ParentID: 4100)
C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe (ID: 5364 |ParentID: 4100)
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe (ID: 5380 |ParentID: 4100)
C:\Program Files\Windows Sidebar\sidebar.exe (ID: 5388 |ParentID: 4100)
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (ID: 5496 |ParentID: 1780)
C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe (ID: 5832 |ParentID: 4100)
C:\Program Files\Elantech\ETDCtrlHelper.exe (ID: 5948 |ParentID: 5280)
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (ID: 6068 |ParentID: 5540)
C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe (ID: 6076 |ParentID: 5540)
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ID: 3760 |ParentID: 5540)
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ID: 5140 |ParentID: 5540)
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ID: 5148 |ParentID: 5540)
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe (ID: 5192 |ParentID: 5540)
C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe (ID: 5200 |ParentID: 5540)
C:\Program Files (x86)\PDF Pro 10\vspdfprsrv.exe (ID: 5764 |ParentID: 5540)
C:\Windows\System32\svchost.exe (ID: 6588 |ParentID: 772)
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (ID: 6812 |ParentID: 1388)
C:\Windows\system32\DllHost.exe (ID: 7780 |ParentID: 948)
C:\Program Files\Windows Media Player\wmpnetwk.exe (ID: 8152 |ParentID: 772)
C:\Program Files\Intel\TurboBoost\TurboBoost.exe (ID: 6864 |ParentID: 772)
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe (ID: 2620 |ParentID: 772)
C:\Windows\SysWOW64\ACEngSvr.exe (ID: 4200 |ParentID: 948)
C:\Windows\system32\taskeng.exe (ID: 7968 |ParentID: 1432)
C:\Windows\servicing\TrustedInstaller.exe (ID: 5072 |ParentID: 772)
C:\Windows\system32\wuauclt.exe (ID: 2848 |ParentID: 1432)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 7060 |ParentID: 4100)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 1456 |ParentID: 7060)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 6680 |ParentID: 7060)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 1992 |ParentID: 7060)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 3224 |ParentID: 7060)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 3764 |ParentID: 7060)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 5944 |ParentID: 7060)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 5096 |ParentID: 7060)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 2480 |ParentID: 7060)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 6448 |ParentID: 7060)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 6048 |ParentID: 7060)
C:\Windows\System32\WUDFHost.exe (ID: 4836 |ParentID: 1368)
C:\Windows\system32\mmc.exe (ID: 5064 |ParentID: 4100)
C:\Windows\system32\wbem\wmiprvse.exe (ID: 7716 |ParentID: 948)
C:\Windows\system32\SearchProtocolHost.exe (ID: 6676 |ParentID: 4356)
C:\Windows\system32\SearchFilterHost.exe (ID: 4676 |ParentID: 4356)
C:\Windows\System32\WUDFHost.exe (ID: 1956 |ParentID: 1368)
C:\Windows\System32\svchost.exe (ID: 5580 |ParentID: 772)
C:\Program Files\Bitdefender\Bitdefender 2012\seccenter.exe (ID: 4920 |ParentID: 604)
\\?\C:\Windows\system32\wbem\WMIADAP.EXE (ID: 7116 |ParentID: 1432)
C:\Windows\system32\wbem\wmiprvse.exe (ID: 3268 |ParentID: 948)

################## | Regedit Run |

F2 - HKLM\..\Winlogon : [Shell] explorer.exe
F2 - [x64] HKLM\..\Winlogon : [Shell] explorer.exe
F2 - HKLM\..\Winlogon : [Userinit] userinit.exe
F2 - [x64] HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe,
04 - HKCU\..\Run : [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
04 - HKCU\..\Run : [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
04 - HKCU\..\Run : [Power2GoExpress]
04 - HKCU\..\Run : [SDP] C:\Users\MaXiMe\AppData\Local\FilesFrog Update Checker\update_checker.exe /auto
04 - HKCU\..\Run : [Speech Recognition] "C:\Windows\Speech\Common\sapisvr.exe" -SpeechUX -Startup
04 - HKCU\..\Run : [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
04 - HKLM\..\Run : [Nuance PDF Reader-reminder] "C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini"
04 - HKLM\..\Run : [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
04 - HKLM\..\Run : [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
04 - HKLM\..\Run : [SonicMasterTray] C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
04 - HKLM\..\Run : [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
04 - HKLM\..\Run : [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
04 - HKLM\..\Run : [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
04 - HKLM\..\Run : [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
04 - HKLM\..\Run : [USBChargerPlusTray] C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
04 - HKLM\..\Run : [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
04 - HKLM\..\Run : [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
04 - HKLM\..\Run : [vspdfprsrv.exe] C:\Program Files (x86)\PDF Pro 10\vspdfprsrv.exe --background
04 - HKLM\..\Run : [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
04 - HKLM\..\Run : [BingDesktop] C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe /fromkey
04 - HKLM\..\RunOnce : []
04 - [x64] HKLM\..\Run : [IgfxTray] C:\Windows\system32\igfxtray.exe
04 - [x64] HKLM\..\Run : [HotKeysCmds] C:\Windows\system32\hkcmd.exe
04 - [x64] HKLM\..\Run : [Persistence] C:\Windows\system32\igfxpers.exe
04 - [x64] HKLM\..\Run : [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /SF3
04 - [x64] HKLM\..\Run : [ETDCtrl] %ProgramFiles%\Elantech\ETDCtrl.exe
04 - [x64] HKLM\..\Run : [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
04 - [x64] HKLM\..\Run : [BDAgent] "C:\Program Files\Bitdefender\Bitdefender 2012\bdagent.exe"
04 - [x64] HKLM\..\Run : [IntelliType Pro] "C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe"
04 - [x64] HKLM\..\Run : [IntelliPoint] "C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe"
04 - [x64] HKLM\..\Run : [Eraser] "C:\PROGRA~1\Eraser\Eraser.exe" --atRestart
04 - [x64] HKLM\..\Run : [Nvtmru] "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
04 - HKU\S-1-5-19\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-20\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-21-2854789022-1049439127-2229590531-1001\..\Run : [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
04 - HKU\S-1-5-21-2854789022-1049439127-2229590531-1001\..\Run : [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
04 - HKU\S-1-5-21-2854789022-1049439127-2229590531-1001\..\Run : [Power2GoExpress]
04 - HKU\S-1-5-21-2854789022-1049439127-2229590531-1001\..\Run : [SDP] C:\Users\MaXiMe\AppData\Local\FilesFrog Update Checker\update_checker.exe /auto
04 - HKU\S-1-5-21-2854789022-1049439127-2229590531-1001\..\Run : [Speech Recognition] "C:\Windows\Speech\Common\sapisvr.exe" -SpeechUX -Startup
04 - HKU\S-1-5-21-2854789022-1049439127-2229590531-1001\..\Run : [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
04 - HKU\S-1-5-21-2854789022-1049439127-2229590531-1004\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-19\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-20\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-21-2854789022-1049439127-2229590531-1004\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe

################## | Recherche g�n�rique |


################## | Registre |


################## | E.O.F | http://www.usbfix.net/ - http://www.sosvirus.net |

Publicité


Signaler le contenu de ce document

Publicité