Répondre à : Problème fichier de la clé usb transformé en raccourci 2016-09-08T13:28:20+00:00
Photo du profil de nehansnehans
Participant
Post count: 4

Voici pour mon PC.

[spoiler:jhtck8rx]############################## | UsbFix V 7.154 | [Recherche]

Utilisateur: Lionel (Administrateur) # LIONEL-PC
Mis à jour le 13/12/2013 par El Desaparecido – Team SosVirus
Lancé à 13:08:33 | 05/01/2014

Site Web : http://www.usbfix.net” onclick=”window.open(this.href);return false;
Forum : https://www.sosvirus.net/” onclick=”window.open(this.href);return false;
Upload Malware : upload_malware.php
Contact : http://www.usbfix.net/contact/” onclick=”window.open(this.href);return false;

PC: ASUSTeK Computer Inc. (K53SV)
CPU: Intel(R) Core(TM) i5-2410M CPU @ 2.30GHz
RAM -> [Total : 4008 | Free : 1022]
Bios: American Megatrends Inc.
Boot: Normal boot

OS: Microsoft Windows 7 Édition Familiale Premium (6.1.7601 64-Bit) Service Pack 1
WB: Windows Internet Explorer : 11.0.9600.16476
WB: Mozilla Firefox : 20.0.1
WB: Safari : 534.57.2

SC: Security Center Service [Enabled]
WU: Windows Update Service [Enabled]
AV: avast! Antivirus [Enabled | Updated]
AS: Windows Defender : 6.1.7600.16385 (win7_rtm.090713-1255)
FW: Windows FireWall Service [Enabled]

C: (%systemdrive%) -> Disque fixe # 279 Go (9 Go libre(s) – 3%) [OS] # NTFS
D: -> Disque fixe # 394 Go (94 Go libre(s) – 24%) [DATA] # NTFS
E: -> CD-ROM
F: -> CD-ROM
G: -> Disque amovible # 1004 Mo (596 Mo libre(s) – 59%) [LOGIÉ L] # FAT
H: -> CD-ROM
I: -> CD-ROM
J: -> CD-ROM
K: -> Disque amovible # 8 Go (3 Go libre(s) – 36%) [LOGIE L] # FAT32

################## | Processus Actif |

C:Windowssystem32csrss.exe (ID: 560 |ParentID: 488)
C:Windowssystem32wininit.exe (ID: 696 |ParentID: 488)
C:Windowssystem32csrss.exe (ID: 720 |ParentID: 708)
C:Windowssystem32services.exe (ID: 764 |ParentID: 696)
C:Windowssystem32lsass.exe (ID: 780 |ParentID: 696)
C:Windowssystem32lsm.exe (ID: 788 |ParentID: 696)
C:Windowssystem32svchost.exe (ID: 892 |ParentID: 764)
C:Windowssystem32winlogon.exe (ID: 956 |ParentID: 708)
C:Windowssystem32nvvsvc.exe (ID: 1016 |ParentID: 764)
C:Windowssystem32svchost.exe (ID: 332 |ParentID: 764)
C:WindowsSystem32svchost.exe (ID: 596 |ParentID: 764)
C:WindowsSystem32svchost.exe (ID: 480 |ParentID: 764)
C:Windowssystem32svchost.exe (ID: 908 |ParentID: 764)
C:Windowssystem32svchost.exe (ID: 1028 |ParentID: 764)
C:Windowssystem32svchost.exe (ID: 1228 |ParentID: 764)
C:Program FilesNVIDIA CorporationDisplayNvXDSync.exe (ID: 1408 |ParentID: 1016)
C:Windowssystem32nvvsvc.exe (ID: 1420 |ParentID: 1016)
C:WindowsSYSTEM32WISPTIS.EXE (ID: 1448 |ParentID: 480)
C:Windowssystem32FBAgent.exe (ID: 1564 |ParentID: 764)
C:Program Files (x86)ASUSATK PackageATK HotkeyASLDRSrv.exe (ID: 1588 |ParentID: 764)
C:Windowssystem32WLANExt.exe (ID: 1596 |ParentID: 480)
C:Windowssystem32conhost.exe (ID: 1604 |ParentID: 560)
C:Program Files (x86)ASUSATK PackageATKGFNEXGFNEXSrv.exe (ID: 1680 |ParentID: 764)
C:Program FilesAVAST SoftwareAvastAvastSvc.exe (ID: 1708 |ParentID: 764)
C:WindowsSystem32spoolsv.exe (ID: 1856 |ParentID: 764)
C:Windowssystem32svchost.exe (ID: 1900 |ParentID: 764)
C:Program Files (x86)Common FilesAdobeARM1.0armsvc.exe (ID: 2000 |ParentID: 764)
C:Program FilesDAZ 3DContent Management ServiceContentManagementServer.exe (ID: 1484 |ParentID: 764)
C:ProgramDataEPSONEPW!3 SSRPE_S40STB.EXE (ID: 440 |ParentID: 764)
C:ProgramDataEPSONEPW!3 SSRPE_S40RPB.EXE (ID: 2064 |ParentID: 764)
C:Program FilesIntelWiFibinEvtEng.exe (ID: 2092 |ParentID: 764)
c:Program FilesCommon FilesProtexisLicense ServicePsiService_2.exe (ID: 2480 |ParentID: 764)
C:Program Files (x86)RealNetworksRealDownloaderrndlresolversvc.exe (ID: 2512 |ParentID: 764)
C:Program FilesCommon FilesIntelWirelessCommonRegSrvc.exe (ID: 2540 |ParentID: 764)
C:Program Files (x86)Microsoft Application Virtualization Clientsftvsa.exe (ID: 2828 |ParentID: 764)
C:Program Files (x86)Alcohol SoftAlcohol 52StarWindStarWindServiceAE.exe (ID: 2892 |ParentID: 764)
C:Windowssystem32svchost.exe (ID: 2912 |ParentID: 764)
C:Program FilesIntelTurboBoostTurboBoost.exe (ID: 2980 |ParentID: 764)
C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSVC.EXE (ID: 3004 |ParentID: 764)
C:WindowsSystem32atwtusb.exe (ID: 3068 |ParentID: 764)
C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSvcM.exe (ID: 1372 |ParentID: 3004)
C:Windowssystem32wbemunsecapp.exe (ID: 1380 |ParentID: 892)
C:Windowssystem32wbemwmiprvse.exe (ID: 2852 |ParentID: 892)
C:Windowssystem32atwtusb.exe (ID: 3180 |ParentID: 3068)
C:Program Files (x86)CodeMeterRuntimebinCodeMeter.exe (ID: 3192 |ParentID: 764)
C:Program Files (x86)Microsoft Application Virtualization Clientsftlist.exe (ID: 3220 |ParentID: 764)
C:Program Files (x86)Common FilesMicrosoft SharedVirtualization HandlerCVHSVC.EXE (ID: 3592 |ParentID: 764)
C:Windowssystem32svchost.exe (ID: 4040 |ParentID: 764)
C:WindowsSystem32WUDFHost.exe (ID: 3772 |ParentID: 480)
C:Windowssystem32svchost.exe (ID: 264 |ParentID: 764)
C:Windowssystem32taskhost.exe (ID: 4636 |ParentID: 764)
C:Windowssystem32taskeng.exe (ID: 4660 |ParentID: 1028)
C:WindowsSYSTEM32WISPTIS.EXE (ID: 4680 |ParentID: 480)
C:Windowssystem32Dwm.exe (ID: 4872 |ParentID: 480)
C:WindowsExplorer.EXE (ID: 4900 |ParentID: 4844)
C:Windowssystem32taskeng.exe (ID: 4944 |ParentID: 1028)
C:Program Files (x86)ASUSSplendidACMON.exe (ID: 4132 |ParentID: 4944)
C:WindowsSystem32igfxtray.exe (ID: 4240 |ParentID: 4900)
C:WindowsSystem32hkcmd.exe (ID: 3336 |ParentID: 4900)
C:WindowsSystem32igfxpers.exe (ID: 3340 |ParentID: 4900)
C:Program FilesP4GBatteryLife.exe (ID: 3216 |ParentID: 4944)
C:Program Files (x86)ASUSASUS Live UpdateLiveUpdate.exe (ID: 3160 |ParentID: 4944)
C:Program Files (x86)ASUSATK PackageATKOSD2ATKOSD2.exe (ID: 4308 |ParentID: 4660)
C:WindowsAsScrPro.exe (ID: 4220 |ParentID: 1564)
C:Program FilesCommon FilesIntelWirelessCommoniFrmewrk.exe (ID: 4120 |ParentID: 4900)
C:Program FilesElantechETDCtrl.exe (ID: 3204 |ParentID: 4900)
C:Windowssystem32wbemunsecapp.exe (ID: 3252 |ParentID: 892)
C:Program FilesSynapticsSynTPSynTPEnh.exe (ID: 3940 |ParentID: 4900)
C:Program Files (x86)CyberLinkPower2GoCLMLSvc.exe (ID: 1088 |ParentID: 1564)
C:WindowsSystem32WTMKM.exe (ID: 5064 |ParentID: 4900)
C:Program FilesSynapticsSynTPSynTPHelper.exe (ID: 5084 |ParentID: 3940)
C:Program Files (x86)SkypePhoneSkype.exe (ID: 4140 |ParentID: 4900)
C:Program Files (x86)ASUSATK PackageATK MediaDMedia.exe (ID: 3300 |ParentID: 4092)
C:Windowssystem32SearchIndexer.exe (ID: 3108 |ParentID: 764)
C:Program Files (x86)ASUSATK PackageATK HotkeyHControlUser.exe (ID: 3416 |ParentID: 4092)
C:Program Files (x86)ASUSWireless Console 3wcourier.exe (ID: 2804 |ParentID: 4092)
C:Program FilesWindows Media Playerwmpnetwk.exe (ID: 3344 |ParentID: 764)
C:Program Files (x86)nerds.deLoopBe1loopBeMon.exe (ID: 4320 |ParentID: 4900)
C:Program Files (x86)DivXDivX UpdateDivXUpdate.exe (ID: 4480 |ParentID: 4092)
C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe (ID: 3360 |ParentID: 4092)
C:Program Files (x86)AdobeAcrobat 10.0Acrobatacrotray.exe (ID: 2904 |ParentID: 4092)
C:Program FilesAVAST SoftwareAvastAvastUI.exe (ID: 5080 |ParentID: 4092)
C:WindowsSysWOW64ACEngSvr.exe (ID: 5612 |ParentID: 892)
C:Program Files (x86)NVIDIA CorporationNVIDIA Updatusdaemonu.exe (ID: 1476 |ParentID: 764)
C:WindowsMicrosoft.NetFramework64v3.0WPFPresentationFontCache.exe (ID: 1956 |ParentID: 764)
C:UsersLionelAppDataLocalGoogleChromeApplicationchrome.exe (ID: 5524 |ParentID: 4900)
C:WindowsSystem32svchost.exe (ID: 5396 |ParentID: 764)
C:UsersLionelAppDataLocalGoogleChromeApplicationchrome.exe (ID: 6368 |ParentID: 5524)
C:UsersLionelAppDataLocalGoogleChromeApplicationchrome.exe (ID: 6556 |ParentID: 5524)
C:UsersLionelAppDataLocalGoogleChromeApplicationchrome.exe (ID: 6572 |ParentID: 5524)
C:UsersLionelAppDataLocalGoogleChromeApplicationchrome.exe (ID: 6612 |ParentID: 5524)
C:UsersLionelAppDataLocalGoogleChromeApplicationchrome.exe (ID: 6652 |ParentID: 5524)
C:UsersLionelAppDataLocalGoogleChromeApplicationchrome.exe (ID: 6672 |ParentID: 5524)
C:UsersLionelAppDataLocalGoogleChromeApplicationchrome.exe (ID: 6700 |ParentID: 5524)
C:UsersLionelAppDataLocalGoogleChromeApplicationchrome.exe (ID: 6720 |ParentID: 5524)
C:UsersLionelAppDataLocalGoogleChromeApplicationchrome.exe (ID: 6756 |ParentID: 5524)
C:UsersLionelAppDataLocalGoogleChromeApplicationchrome.exe (ID: 6792 |ParentID: 5524)
C:UsersLionelAppDataLocalGoogleChromeApplicationchrome.exe (ID: 6828 |ParentID: 5524)
C:UsersLionelAppDataLocalGoogleChromeApplicationchrome.exe (ID: 6868 |ParentID: 5524)
C:Windowssystem32DllHost.exe (ID: 7032 |ParentID: 892)
C:UsersLionelAppDataLocalGoogleChromeApplicationchrome.exe (ID: 7116 |ParentID: 5524)
C:UsersLionelAppDataLocalGoogleChromeApplicationchrome.exe (ID: 7344 |ParentID: 5524)
C:UsersLionelAppDataLocalGoogleChromeApplicationchrome.exe (ID: 7444 |ParentID: 5524)
C:UsersLionelAppDataLocalGoogleChromeApplicationchrome.exe (ID: 7504 |ParentID: 5524)
C:UsersLionelAppDataLocalGoogleChromeApplicationchrome.exe (ID: 7604 |ParentID: 5524)
C:UsersLionelAppDataLocalGoogleChromeApplicationchrome.exe (ID: 4000 |ParentID: 5524)
C:WindowsSystem32svchost.exe (ID: 7600 |ParentID: 764)
C:Windowssystem32svchost.exe (ID: 4568 |ParentID: 764)
C:Program Files (x86)Common FilesAdobeOOBEPDAppUWAAAM Updates Notifier.exe (ID: 8100 |ParentID: 124)
C:UsersLionelAppDataLocalGoogleChromeApplicationchrome.exe (ID: 8180 |ParentID: 5524)
C:Windowssystem32SearchProtocolHost.exe (ID: 7852 |ParentID: 3108)
C:Windowssystem32SearchFilterHost.exe (ID: 1660 |ParentID: 3108)
C:UsbFixGo.exe (ID: 4424 |ParentID: 3048)
C:Windowssystem32wbemwmiprvse.exe (ID: 7224 |ParentID: 892)

################## | Regedit Run |

04 – HKLMSOFTWARE | Run : [Nuance PDF Reader-reminder] – “C:Program Files (x86)NuancePDF ReaderEregEreg.exe” -r “C:ProgramDataNuancePDF ReaderEregEreg.ini”
04 – HKLMSOFTWARE | Run : [ASUSPRP] – “C:Program Files (x86)ASUSAPRPAPRP.EXE”
04 – HKLMSOFTWARE | Run : [ATKOSD2] – C:Program Files (x86)ASUSATK PackageATKOSD2ATKOSD2.exe
04 – HKLMSOFTWARE | Run : [ATKMEDIA] – C:Program Files (x86)ASUSATK PackageATK MediaDMedia.exe
04 – HKLMSOFTWARE | Run : [HControlUser] – C:Program Files (x86)ASUSATK PackageATK HotkeyHControlUser.exe
04 – HKLMSOFTWARE | Run : [Wireless Console 3] – C:Program Files (x86)ASUSWireless Console 3wcourier.exe
04 – HKLMSOFTWARE | Run : [UpdateLBPShortCut] – “C:Program Files (x86)CyberLinkLabelPrintMUITransferMUIStartMenu.exe” “C:Program Files (x86)CyberLinkLabelPrint” UpdateWithCreateOnce “SoftwareCyberLinkLabelPrint2.5”
04 – HKLMSOFTWARE | Run : [UpdateP2GoShortCut] – “C:Program Files (x86)CyberLinkPower2GoMUITransferMUIStartMenu.exe” “C:Program Files (x86)CyberLinkPower2Go” UpdateWithCreateOnce “SOFTWARECyberLinkPower2Go6.0”
04 – HKLMSOFTWARE | Run : [DivXUpdate] – “C:Program Files (x86)DivXDivX UpdateDivXUpdate.exe” /CHECKNOW
04 – HKLMSOFTWARE | Run : [SwitchBoard] – C:Program Files (x86)Common FilesAdobeSwitchBoardSwitchBoard.exe
04 – HKLMSOFTWARE | Run : [Adobe ARM] – “C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe”
04 – HKLMSOFTWARE | Run : [Adobe Acrobat Speed Launcher] – “C:Program Files (x86)AdobeAcrobat 10.0AcrobatAcrobat_sl.exe”
04 – HKLMSOFTWARE | Run : [Acrobat Assistant 8.0] – “C:Program Files (x86)AdobeAcrobat 10.0AcrobatAcrotray.exe”
04 – HKLMSOFTWARE | Run : [AvastUI.exe] – “C:Program FilesAVAST SoftwareAvastAvastUI.exe” /nogui
04 – HKLMSOFTWAREwow6432Node | Run : [Nuance PDF Reader-reminder] – “C:Program Files (x86)NuancePDF ReaderEregEreg.exe” -r “C:ProgramDataNuancePDF ReaderEregEreg.ini”
04 – HKLMSOFTWAREwow6432Node | Run : [ASUSPRP] – “C:Program Files (x86)ASUSAPRPAPRP.EXE”
04 – HKLMSOFTWAREwow6432Node | Run : [ATKOSD2] – C:Program Files (x86)ASUSATK PackageATKOSD2ATKOSD2.exe
04 – HKLMSOFTWAREwow6432Node | Run : [ATKMEDIA] – C:Program Files (x86)ASUSATK PackageATK MediaDMedia.exe
04 – HKLMSOFTWAREwow6432Node | Run : [HControlUser] – C:Program Files (x86)ASUSATK PackageATK HotkeyHControlUser.exe
04 – HKLMSOFTWAREwow6432Node | Run : [Wireless Console 3] – C:Program Files (x86)ASUSWireless Console 3wcourier.exe
04 – HKLMSOFTWAREwow6432Node | Run : [UpdateLBPShortCut] – “C:Program Files (x86)CyberLinkLabelPrintMUITransferMUIStartMenu.exe” “C:Program Files (x86)CyberLinkLabelPrint” UpdateWithCreateOnce “SoftwareCyberLinkLabelPrint2.5”
04 – HKLMSOFTWAREwow6432Node | Run : [UpdateP2GoShortCut] – “C:Program Files (x86)CyberLinkPower2GoMUITransferMUIStartMenu.exe” “C:Program Files (x86)CyberLinkPower2Go” UpdateWithCreateOnce “SOFTWARECyberLinkPower2Go6.0”
04 – HKLMSOFTWAREwow6432Node | Run : [DivXUpdate] – “C:Program Files (x86)DivXDivX UpdateDivXUpdate.exe” /CHECKNOW
04 – HKLMSOFTWAREwow6432Node | Run : [SwitchBoard] – C:Program Files (x86)Common FilesAdobeSwitchBoardSwitchBoard.exe
04 – HKLMSOFTWAREwow6432Node | Run : [Adobe ARM] – “C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe”
04 – HKLMSOFTWAREwow6432Node | Run : [Adobe Acrobat Speed Launcher] – “C:Program Files (x86)AdobeAcrobat 10.0AcrobatAcrobat_sl.exe”
04 – HKLMSOFTWAREwow6432Node | Run : [Acrobat Assistant 8.0] – “C:Program Files (x86)AdobeAcrobat 10.0AcrobatAcrotray.exe”
04 – HKLMSOFTWAREwow6432Node | Run : [AvastUI.exe] – “C:Program FilesAVAST SoftwareAvastAvastUI.exe” /nogui
04 – HKLMSOFTWARE | RunOnce : [] –
04 – HKLMSOFTWAREwow6432Node | RunOnce : [] –
04 – HKUS-1-5-19SOFTWARE | Run : [Sidebar] – %ProgramFiles%Windows SidebarSidebar.exe /autoRun
04 – HKUS-1-5-20SOFTWARE | Run : [Sidebar] – %ProgramFiles%Windows SidebarSidebar.exe /autoRun
04 – HKUS-1-5-21-1642840011-1558664463-1802988879-1001SOFTWARE | Run : [Google Update] – “C:UsersLionelAppDataLocalGoogleUpdateGoogleUpdate.exe” /c
04 – HKUS-1-5-21-1642840011-1558664463-1802988879-1001SOFTWARE | Run : [AdobeBridge] –
04 – HKUS-1-5-21-1642840011-1558664463-1802988879-1001SOFTWARE | Run : [Skype] – “C:Program Files (x86)SkypePhoneSkype.exe” /minimized /regrun
04 – HKUS-1-5-21-1642840011-1558664463-1802988879-1001SOFTWARE | Run : [Bubble Dock] – “C:UsersLionelAppDataRoamingNosibayBubble DockLBubble Dock.exe” /winstartup
04 – HKUS-1-5-21-1642840011-1558664463-1802988879-1001SOFTWARE | Run : [uTorrent] – “C:UsersLionelAppDataRoaminguTorrentuTorrent.exe” /MINIMIZED
04 – HKUS-1-5-19SOFTWARE | RunOnce : [mctadmin] – C:WindowsSystem32mctadmin.exe
04 – HKUS-1-5-20SOFTWARE | RunOnce : [mctadmin] – C:WindowsSystem32mctadmin.exe

################## | Recherche générique |

################## | Registre |

################## | Vaccin |

D:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
G:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
K:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)

################## | E.O.F | http://www.usbfix.net” onclick=”window.open(this.href);return false; – https://www.sosvirus.net” onclick=”window.open(this.href);return false; |[/spoiler:jhtck8rx]

Et pour le PC de ma copine.
[spoiler:jhtck8rx]############################## | UsbFix V 7.158 | [Recherche]

Utilisateur: Louise (Administrateur) # LOUISE-PC
Mis à jour le 02/01/2014 par El Desaparecido – Team SosVirus
Lancé à 13:09:33 | 05/01/2014

Site Web : http://www.usbfix.net” onclick=”window.open(this.href);return false;
Changelog : http://www.usbfix.net/maj/” onclick=”window.open(this.href);return false;
Support : https://www.sosvirus.net/” onclick=”window.open(this.href);return false;
Upload Malware : upload_malware.php
Contact : http://www.usbfix.net/contact/” onclick=”window.open(this.href);return false;

PC: ASUSTeK Computer Inc. (1225B)
CPU: AMD C-60 APU with Radeon(tm) HD Graphics
RAM -> [Total : 3692 Mo| Free : 1843 Mo]
Bios: American Megatrends Inc.
Boot: Normal boot

OS: Microsoft Windows 7 Édition Familiale Premium (6.1.7601 64-Bit) Service Pack 1
WB: Windows Internet Explorer : 11.0.9600.16476

SC: Security Center Service [Enabled]
WU: Windows Update Service [Enabled]
AV: Pack Sécurité Numericable 9.01 [Enabled | Updated]
AS: Windows Defender : 6.1.7600.16385 (win7_rtm.090713-1255)
FW: Windows FireWall Service [Enabled]

C: (%systemdrive%) -> Disque fixe # 100 Go (47 Go libre(s) – 47%) [] # NTFS
D: -> Disque fixe # 351 Go (351 Go libre(s) – 100%) [] # NTFS
E: -> CD-ROM

################## | Processus Actif |

C:windowssystem32csrss.exe (ID: 408 |ParentID: 400)
C:windowssystem32wininit.exe (ID: 528 |ParentID: 400)
C:windowssystem32csrss.exe (ID: 544 |ParentID: 520)
C:windowssystem32services.exe (ID: 584 |ParentID: 528)
C:windowssystem32lsass.exe (ID: 600 |ParentID: 528)
C:windowssystem32lsm.exe (ID: 608 |ParentID: 528)
C:windowssystem32winlogon.exe (ID: 636 |ParentID: 520)
C:windowssystem32svchost.exe (ID: 748 |ParentID: 584)
C:windowssystem32svchost.exe (ID: 828 |ParentID: 584)
C:windowssystem32atiesrxx.exe (ID: 876 |ParentID: 584)
C:windowsSystem32svchost.exe (ID: 948 |ParentID: 584)
C:windowsSystem32svchost.exe (ID: 1004 |ParentID: 584)
C:windowssystem32svchost.exe (ID: 292 |ParentID: 584)
C:windowssystem32svchost.exe (ID: 548 |ParentID: 584)
C:windowssystem32atieclxx.exe (ID: 1144 |ParentID: 876)
C:windowssystem32svchost.exe (ID: 1184 |ParentID: 584)
C:Program FilesBroadcomBroadcom 802.11 Network AdapterWLTRYSVC.EXE (ID: 1336 |ParentID: 584)
C:windowssystem32WLANExt.exe (ID: 1356 |ParentID: 1004)
C:windowssystem32conhost.exe (ID: 1380 |ParentID: 408)
C:Program FilesBroadcomBroadcom 802.11 Network Adapterbcmwltry.exe (ID: 1400 |ParentID: 1336)
C:windowsSystem32spoolsv.exe (ID: 1504 |ParentID: 584)
C:windowssystem32svchost.exe (ID: 1552 |ParentID: 584)
C:Program Files (x86)Common FilesAdobeARM1.0armsvc.exe (ID: 1660 |ParentID: 584)
C:Program FilesATI TechnologiesATI.ACEFuelFuel.Service.exe (ID: 1768 |ParentID: 584)
C:windowsSysWOW64AsusService.exe (ID: 1800 |ParentID: 584)
C:Program FilesWIDCOMMBluetooth Softwarebtwdins.exe (ID: 1848 |ParentID: 584)
C:Program Files (x86)PacksecuriteNumericableAnti-Virusfsgk32st.exe (ID: 1888 |ParentID: 584)
C:Program Files (x86)PacksecuriteNumericableCommonFSMA32.EXE (ID: 1928 |ParentID: 584)
C:Program Files (x86)PacksecuriteNumericableAnti-VirusFSGK32.EXE (ID: 1940 |ParentID: 1888)
C:Program Files (x86)MicrosoftBingBarSeaPort.EXE (ID: 2004 |ParentID: 584)
C:Program Files (x86)PacksecuriteNumericableCommonFSHDLL32.EXE (ID: 1028 |ParentID: 1928)
C:ProgramDataSkypeToolbarsSkype C2C Servicec2c_service.exe (ID: 1748 |ParentID: 584)
C:windowssystem32svchost.exe (ID: 1080 |ParentID: 584)
C:Program Files (x86)TomTom HOME 2TomTomHOMEService.exe (ID: 2080 |ParentID: 584)
C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSVC.EXE (ID: 2192 |ParentID: 584)
C:Program Files (x86)PacksecuriteNumericableCommonFSHDLL64.EXE (ID: 2472 |ParentID: 1928)
C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSvcM.exe (ID: 2572 |ParentID: 2192)
C:windowssystem32wbemwmiprvse.exe (ID: 2580 |ParentID: 748)
C:Program Files (x86)PacksecuriteNumericableORSP Clientfsorsp.exe (ID: 2692 |ParentID: 584)
C:Program Files (x86)PacksecuriteNumericableFWESProgramfsdfwd.exe (ID: 2720 |ParentID: 584)
C:windowssystem32svchost.exe (ID: 2864 |ParentID: 584)
C:Program Files (x86)PacksecuriteNumericableAnti-Virusfssm32.exe (ID: 2892 |ParentID: 1940)
C:windowssystem32svchost.exe (ID: 1364 |ParentID: 584)
C:windowssystem32svchost.exe (ID: 1708 |ParentID: 584)
C:windowssystem32taskhost.exe (ID: 3472 |ParentID: 584)
C:windowssystem32Dwm.exe (ID: 3576 |ParentID: 1004)
C:windowsExplorer.EXE (ID: 3616 |ParentID: 3560)
C:Program Files (x86)PacksecuriteNumericableAnti-Virusfsav32.exe (ID: 3752 |ParentID: 1940)
C:Program FilesSynapticsSynTPSynTPEnh.exe (ID: 4036 |ParentID: 3616)
C:Program Files (x86)AmIcoSingLunAmIcoSinglun64.exe (ID: 4060 |ParentID: 3616)
C:Program FilesASUSEee DockingEee Docking.exe (ID: 3084 |ParentID: 3616)
C:Program FilesRealtekAudioHDARAVCpl64.exe (ID: 3112 |ParentID: 3616)
C:Program Files (x86)AsusLiveUpdateLiveUpdate.exe (ID: 3140 |ParentID: 1800)
C:Program FilesBroadcomBroadcom 802.11 Network AdapterWLTRAY.EXE (ID: 1680 |ParentID: 3616)
C:Program Files (x86)SkypePhoneSkype.exe (ID: 3180 |ParentID: 3616)
C:Program Files (x86)TomTom HOME 2TomTomHOMERunner.exe (ID: 2816 |ParentID: 3616)
C:Program FilesWIDCOMMBluetooth SoftwareBTTray.exe (ID: 3452 |ParentID: 3616)
C:UsersLouiseAppDataRoamingDropboxbinDropbox.exe (ID: 3628 |ParentID: 3616)
C:Program Files (x86)ASUSHotkeyServiceHotKeyMon.exe (ID: 3436 |ParentID: 1800)
C:Program Files (x86)ASUSHotkeyServiceHotkeyService.exe (ID: 3032 |ParentID: 1800)
C:Program Files (x86)ASUSSHESuperHybridEngine.exe (ID: 4076 |ParentID: 1800)
C:Program Files (x86)ASUSCapsHookCapsHook.exe (ID: 1432 |ParentID: 1800)
C:Program Files (x86)ASUSSmartCameraSmartCamera.exe (ID: 3904 |ParentID: 2960)
C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticMOM.exe (ID: 3964 |ParentID: 3520)
C:Program Files (x86)PacksecuriteNumericableCommonFSM32.EXE (ID: 3252 |ParentID: 2960)
C:Program Files (x86)ASUSUSBChargeSettingiSeriesCharge.exe (ID: 4116 |ParentID: 1800)
C:windowsSysWOW64RunDll32.exe (ID: 4124 |ParentID: 3452)
C:windowssystem32SearchIndexer.exe (ID: 4252 |ParentID: 584)
C:Program FilesWIDCOMMBluetooth SoftwareBtStackServer.exe (ID: 4780 |ParentID: 748)
C:Program Files (x86)PacksecuriteNumericableSpam Controlfsscoepl_x64.exe (ID: 4880 |ParentID: 3252)
C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticCCC.exe (ID: 4928 |ParentID: 3964)
C:PROGRAM FILESSYNAPTICSSYNTPSYNTPHELPER.EXE (ID: 824 |ParentID: 3224)
C:Program FilesWIDCOMMBluetooth SoftwareBluetoothHeadsetProxy.exe (ID: 1756 |ParentID: 4780)
C:Program FilesWindows Media Playerwmpnetwk.exe (ID: 924 |ParentID: 584)
C:windowsSystem32svchost.exe (ID: 3300 |ParentID: 584)
C:windowssystem32DllHost.exe (ID: 5800 |ParentID: 748)
C:windowsSystem32svchost.exe (ID: 5168 |ParentID: 584)
C:windowsMicrosoft.NetFramework64v3.0WPFPresentationFontCache.exe (ID: 4428 |ParentID: 584)
C:windowssystem32svchost.exe (ID: 4404 |ParentID: 584)
C:UsersLouiseAppDataLocalGoogleChromeApplicationchrome.exe (ID: 6124 |ParentID: 3616)
C:UsersLouiseAppDataLocalGoogleChromeApplicationchrome.exe (ID: 4768 |ParentID: 6124)
C:UsersLouiseAppDataLocalGoogleChromeApplicationchrome.exe (ID: 4764 |ParentID: 6124)
C:UsersLouiseAppDataLocalGoogleChromeApplicationchrome.exe (ID: 5216 |ParentID: 6124)
C:UsersLouiseAppDataLocalGoogleChromeApplicationchrome.exe (ID: 1136 |ParentID: 6124)
C:UsersLouiseAppDataLocalGoogleChromeApplicationchrome.exe (ID: 4516 |ParentID: 6124)
C:UsersLouiseAppDataLocalGoogleChromeApplicationchrome.exe (ID: 2648 |ParentID: 6124)
C:UsbFixGo.exe (ID: 5660 |ParentID: 5612)
C:windowssystem32wbemwmiprvse.exe (ID: 5112 |ParentID: 748)

################## | Regedit Run..[/spoiler:jhtck8rx]