############################## | UsbFix V 7.160 | [Suppression]

Utilisateur: marie christine (Administrateur) # PC-DE-MARIECHRI
Mis à jour le 11/01/2014 par El Desaparecido - Team SosVirus
Lancé à 20:28:59 | 14/01/2014

Site Web : http://www.usbfix.net
Changelog : http://www.usbfix.net/maj/
Support : http://www.sosvirus.net/
Upload Malware : http://www.sosvirus.net/upload_malware.php
Contact : http://www.usbfix.net/contact/

PC: Hewlett-Packard (30ED)
CPU: Intel(R) Core(TM)2 Duo CPU     T5750  @ 2.00GHz
RAM -> [Total : 3061 Mo| Free : 1843 Mo]
Bios: Hewlett-Packard
Boot: Normal boot

OS: Microsoft® Windows Vista™ Édition Familiale Premium  (6.0.6001 32-Bit) Service Pack 1
WB: Windows Internet Explorer : 8.0.6001.19088
WB: Mozilla Firefox : 26.0

SC: Security Center Service [Enabled]
WU: Windows Update Service [Enabled]
AS: Windows Defender : 1.1.1600.0
FW: Windows FireWall Service [Enabled]

C:\ (%systemdrive%) -> Disque fixe # 138 Go (74 Go libre(s) - 54%) [] # NTFS
D:\ -> Disque fixe # 11 Go (2 Go libre(s) - 21%) [PRESARIO_RP] # NTFS
E:\ -> CD-ROM
F:\ -> Disque amovible # 4 Go (4 Go libre(s) - 100%) [HP v125w] # FAT32

################## | Processus Stoppés |

Stoppé! C:\Program Files\AVAST Software\Avast\AvastSvc.exe (ID: 1676 |ParentID: 696)
Stoppé! C:\Program Files\AVAST Software\Avast\AvastUI.exe (ID: 3500 |ParentID: 3224)
Stoppé! C:\Windows\explorer.exe (ID: 3696 |ParentID: 800)
Stoppé! C:\Windows\system32\WUDFHost.exe (ID: 4372 |ParentID: 1136)
Stoppé! C:\Windows\System32\mobsync.exe (ID: 5384 |ParentID: 904)
Stoppé! C:\Windows\system32\SearchIndexer.exe (ID: 3820 |ParentID: 696)
Stoppé! C:\Windows\system32\wuauclt.exe (ID: 4364 |ParentID: 1176)
Stoppé! C:\Windows\system32\SearchProtocolHost.exe (ID: 1312 |ParentID: 3820)
Stoppé! C:\Windows\system32\SearchFilterHost.exe (ID: 1592 |ParentID: 3820)
Stoppé! C:\Program Files\Windows Media Player\wmpnetwk.exe (ID: 356 |ParentID: 696)
Stoppé! C:\Windows\system32\DllHost.exe (ID: 5636 |ParentID: 904)

################## | Regedit Run |

04 - HKLM\..\Run : [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
04 - HKLM\..\Run : [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
04 - HKLM\..\RunOnce : [] 
04 - HKU\S-1-5-19\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem
04 - HKU\S-1-5-19\..\Run : [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
04 - HKU\S-1-5-20\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem
04 - HKU\S-1-5-20\..\Run : [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
04 - HKU\S-1-5-21-1337057896-1288691675-2259306944-1000\..\Run : [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
04 - HKU\S-1-5-21-1337057896-1288691675-2259306944-1000\..\Run : [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
04 - HKU\S-1-5-21-1337057896-1288691675-2259306944-1000\..\Run : [ehTray.exe] C:\Windows\ehome\ehTray.exe
04 - HKU\S-1-5-21-1337057896-1288691675-2259306944-1000\..\Run : [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
04 - HKU\S-1-5-21-1337057896-1288691675-2259306944-1000\..\Run : [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
04 - HKU\S-1-5-21-1337057896-1288691675-2259306944-1000\..\Run : [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
04 - HKU\S-1-5-21-1337057896-1288691675-2259306944-1000\..\Run : [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
04 - HKU\S-1-5-21-1337057896-1288691675-2259306944-1000\..\Run : [Facebook Update] "C:\Users\marie christine\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver

################## | Recherche générique |


(!) Fichiers temporaires supprimés.

################## | Registre |

Supprimé! HKU\S-1-5-21-1337057896-1288691675-2259306944-1000\Software\.\.\.\.\Mountpoints2\{4105216c-7016-11e1-bbdc-001eec903734}
Supprimé! HKU\S-1-5-21-1337057896-1288691675-2259306944-1000\Software\.\.\.\.\Mountpoints2\{c3e6ef85-68a1-11df-843e-001eec903734}

################## | Listing |

[16/01/2013 - 11:33:59 | SHD] - C:\$RECYCLE.BIN
[14/01/2014 - 17:07:53 | D] - C:\AdwCleaner
[07/03/2008 - 03:19:10 | A | 0 Ko] - C:\autoexec.bat
[08/02/2008 - 08:01:42 | SHD] - C:\boot
[21/01/2008 - 03:24:42 | RASH | 325 Ko] - C:\bootmgr
[18/09/2006 - 22:43:37 | N | 0 Ko] - C:\config.sys
[07/03/2008 - 03:48:41 | D] - C:\CVS
[02/11/2006 - 14:02:03 | SHD] - C:\Documents and Settings
[26/11/2008 - 12:25:54 | N | 2 Ko] - C:\FT_Splash.img
[14/01/2014 - 17:08:52 | ASH | 3135504 Ko] - C:\hiberfil.sys
[08/08/2008 - 14:23:55 | D] - C:\HP
[08/08/2008 - 14:02:51 | D] - C:\Intel
[14/01/2009 - 10:52:39 | N | 0 Ko] - C:\IO.SYS
[07/03/2008 - 02:55:57 | N | 0 Ko] - C:\IPH.PH
[18/02/2009 - 16:25:44 | D] - C:\MicroGaming
[14/01/2009 - 10:52:39 | N | 0 Ko] - C:\MSDOS.SYS
[07/03/2008 - 03:28:52 | RHD] - C:\MSOCache
[14/01/2014 - 17:08:51 | ASH | 3441940 Ko] - C:\pagefile.sys
[21/01/2008 - 03:32:31 | D] - C:\PerfLogs
[14/01/2014 - 14:16:30 | N | 1 Ko] - C:\PhysicalDisk0_MBR.bin
[14/01/2014 - 19:26:55 | D] - C:\Program Files
[14/01/2014 - 16:19:40 | HD] - C:\ProgramData
[13/09/2008 - 13:47:36 | D] - C:\SwSetup
[14/01/2014 - 20:18:12 | SHD] - C:\System Volume Information
[13/09/2008 - 13:47:52 | D] - C:\System.sav
[14/01/2014 - 20:29:01 | D] - C:\UsbFix
[14/01/2014 - 20:29:25 | A | 5 Ko | 8A872BC718B7CA901ED5334A6017454C] - C:\UsbFix [Clean 1] PC-DE-MARIECHRI.txt
[14/01/2014 - 20:28:41 | N | 6 Ko | 549CCC781A045B4190145D0E1574B833] - C:\UsbFix [Scan 2] PC-DE-MARIECHRI.txt
[14/01/2014 - 14:12:27 | D] - C:\Users
[14/01/2014 - 18:51:33 | D] - C:\Windows
[15/04/2011 - 10:54:01 | SHD] - D:\$RECYCLE.BIN
[11/09/2005 - 16:18:54 | N | 0 Ko] - D:\AUTOMODE
[13/09/2008 - 13:40:51 | N | 0 Ko] - D:\BLOCK.RIN
[08/08/2008 - 16:22:52 | SHD] - D:\boot
[04/10/2006 - 00:02:44 | SH | 428 Ko] - D:\bootmgr
[06/09/2008 - 12:19:22 | SH | 1 Ko] - D:\Desktop.ini
[10/09/2002 - 17:14:28 | N | 8 Ko] - D:\Folder.htt
[08/08/2008 - 16:22:52 | D] - D:\HP
[15/09/2008 - 15:49:12 | N | 1 Ko] - D:\MASTER.LOG
[08/08/2008 - 16:22:52 | SHD] - D:\preload
[29/01/2007 - 18:59:36 | SH | 107 Ko] - D:\protect.chinese hong kong
[29/01/2007 - 18:59:24 | SH | 107 Ko] - D:\protect.chinese simplified
[29/01/2007 - 18:59:36 | SH | 107 Ko] - D:\protect.chinese traditional
[14/02/2007 - 19:30:34 | SH | 109 Ko] - D:\protect.czech
[29/01/2007 - 18:55:24 | SH | 107 Ko] - D:\protect.danish
[29/01/2007 - 18:57:48 | SH | 106 Ko] - D:\protect.dutch
[29/01/2007 - 18:55:48 | SH | 107 Ko] - D:\protect.ed
[29/01/2007 - 18:55:48 | SH | 107 Ko] - D:\protect.english
[29/01/2007 - 18:56:08 | SH | 107 Ko] - D:\protect.finnish
[29/01/2007 - 18:56:20 | SH | 107 Ko] - D:\protect.french
[29/01/2007 - 18:55:34 | SH | 107 Ko] - D:\protect.german
[14/02/2007 - 19:38:50 | SH | 110 Ko] - D:\protect.greek
[14/02/2007 - 19:40:00 | SH | 110 Ko] - D:\protect.hebrew
[28/08/2007 - 15:57:46 | N | 109 Ko] - D:\protect.hungarian
[29/01/2007 - 18:56:46 | SH | 106 Ko] - D:\protect.italian
[29/01/2007 - 18:57:30 | SH | 107 Ko] - D:\protect.japanese
[29/01/2007 - 18:57:36 | SH | 107 Ko] - D:\protect.korean
[14/02/2007 - 19:44:28 | SH | 109 Ko] - D:\protect.norwegian
[14/02/2007 - 19:45:16 | SH | 109 Ko] - D:\protect.polish
[14/02/2007 - 19:46:04 | SH | 109 Ko] - D:\protect.portuguese
[14/02/2007 - 19:46:40 | SH | 109 Ko] - D:\protect.portuguese brazilian
[29/01/2007 - 18:58:20 | SH | 160 Ko] - D:\protect.russian
[29/01/2007 - 18:55:54 | SH | 106 Ko] - D:\protect.spanish
[14/02/2007 - 19:48:56 | SH | 109 Ko] - D:\protect.swedish
[14/02/2007 - 19:49:30 | SH | 109 Ko] - D:\protect.turkish
[08/08/2008 - 16:22:53 | RD] - D:\RECOVERY
[08/08/2008 - 16:22:52 | SHD] - D:\SOURCES
[13/01/2014 - 18:37:24 | SHD] - D:\System Volume Information
[08/08/2008 - 16:22:53 | D] - D:\Tools
[08/08/2008 - 14:31:16 | N | 0 Ko] - D:\USER
[08/08/2008 - 16:22:53 | D] - D:\WINDOWS
[19/12/2013 - 10:55:56 | N | 443 Ko] - F:\Numérisé à 19-12-2013 09-19.pdf
[19/12/2013 - 09:04:58 | N | 638 Ko] - F:\doc00872520131217182631.pdf
[16/12/2013 - 17:40:18 | N | 174 Ko] - F:\Unidialog_2.pdf
[16/12/2013 - 17:38:10 | N | 184 Ko] - F:\Unidialog_7546678.pdf
[17/12/2013 - 11:54:36 | N | 139 Ko] - F:\Facture tel.pdf

################## | Vaccin |

D:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
F:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)

################## | E.O.F | http://www.usbfix.net - http://www.sosvirus.net |