############################## | UsbFix V 7.161 | [Suppression]

Utilisateur: Zoulettee (Administrateur) # HEHUU42400MAGLL
Mis à jour le 15/01/2014 par El Desaparecido - Team SosVirus
Lancé à 19:29:33 | 23/01/2014

Site Web : http://www.usbfix.net
Changelog : http://www.usbfix.net/maj/
Support : http://www.sosvirus.net/
Upload Malware : http://www.sosvirus.net/upload_malware.php
Contact : http://www.usbfix.net/contact/

PC: eMachines (WMCP61M)
CPU: AMD Athlon(tm) Dual Core Processor 4050e
RAM -> [Total : 2814 Mo| Free : 2346 Mo]
Bios: Phoenix Technologies, LTD
Boot: Fail-safe with network boot

OS: Microsoft® Windows Vista™ Édition Familiale Basique  (6.0.6002 32-Bit) Service Pack 2
WB: Windows Internet Explorer : 9.0.8112.16421
WB: Google Chrome : 32.0.1700.76
WB: Mozilla Firefox : 26.0

SC: Security Center Service [(!) Disabled]
WU: Windows Update Service [Enabled]
AS: Windows Defender : 1.1.1600.0
AS: Malwarebytes' Anti-Malware : 1.75.0001
FW: Windows FireWall Service [Enabled]

C:\ (%systemdrive%) -> Disque fixe # 70 Go (11 Go libre(s) - 16%) [OS] # NTFS
D:\ -> Disque fixe # 70 Go (20 Go libre(s) - 29%) [DATA] # NTFS
E:\ -> CD-ROM
G:\ -> Disque amovible # 4 Go (721 Mo libre(s) - 19%) [KESSAÏ] # FAT32
H:\ -> CD-ROM

################## | Processus Stoppés |

Stoppé! C:\Windows\Explorer.EXE (ID: 7880 |ParentID: 7868)
Stoppé! C:\Program Files\Windows Media Player\wmpnscfg.exe (ID: 1716 |ParentID: 7880)
Stoppé! C:\Windows\system32\DllHost.exe (ID: 944 |ParentID: 7256)

################## | Regedit Run |

04 - HKLM\..\Run : [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
04 - HKLM\..\Run : [eRecoveryService] 
04 - HKLM\..\Run : [RtHDVCpl] RtHDVCpl.exe
04 - HKLM\..\Run : [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
04 - HKLM\..\Run : [BlueStacks Agent] C:\Program Files\BlueStacks\HD-Agent.exe
04 - HKLM\..\RunOnce : [] 
04 - HKU\S-1-5-19\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem
04 - HKU\S-1-5-19\..\Run : [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
04 - HKU\S-1-5-20\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem
04 - HKU\S-1-5-20\..\Run : [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
04 - HKU\S-1-5-21-4144005963-1606987439-327945767-1000\..\Run : [Peek Through] C:\Program Files\Peek Through\Peek Through.exe /startup
04 - HKU\S-1-5-21-4144005963-1606987439-327945767-1000\..\Run : [Spotify Web Helper] "C:\Users\Zoulettee\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
04 - HKU\S-1-5-21-4144005963-1606987439-327945767-1000\..\Run : [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

################## | Recherche générique |

Supprimé! D:\msdll.exe
Supprimé! D:\particleIllusion.lnk
Supprimé! C:\Users\Zoulettee\AppData\Local\S-1-5-31-1286970278978-5713669491-166975984-320
Supprimé! C:\Users\Zoulettee\AppData\Local\Start
Supprimé! C:\Users\ZOULET~1\AppData\Local\Temp\winbxbbg.exe
Supprimé! C:\Users\ZOULET~1\AppData\Local\Temp\windawt.exe
Supprimé! C:\Users\ZOULET~1\AppData\Local\Temp\windguc.exe
Supprimé! C:\Users\ZOULET~1\AppData\Local\Temp\winhdnjqn.exe
Supprimé! C:\Users\ZOULET~1\AppData\Local\Temp\winhepaiq.exe
Supprimé! C:\Users\ZOULET~1\AppData\Local\Temp\winkriukt.exe
Supprimé! C:\Users\ZOULET~1\AppData\Local\Temp\winksnlh.exe
Supprimé! C:\Users\ZOULET~1\AppData\Local\Temp\wintgpnrm.exe
Supprimé! C:\Users\ZOULET~1\AppData\Local\Temp\winxgoi.exe
Supprimé! C:\Users\ZOULET~1\AppData\Local\Temp\winyxgq.exe
Supprimé! C:\msdll.exe

(!) Fichiers temporaires supprimés.

################## | Registre |

Réparé ! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System|EnableLUA -> 1
Réparé ! HKLM\Software\Microsoft\Security Center|UacDisableNotify -> 0
Supprimé! HKU\S-1-5-21-4144005963-1606987439-327945767-1000\Software\.\.\.\.\Mountpoints2\{1b971482-1562-11e2-976c-001d72b1382b}

################## | Listing |

[13/10/2012 - 19:06:12 | SHD] - C:\$Recycle.Bin
[13/10/2012 - 19:17:43 | D] - C:\ACER
[23/01/2014 - 12:46:09 | D] - C:\AdwCleaner
[12/08/2013 - 23:12:28 | N | 42 Ko | F2CF8D96E8D7324D7C2A701BF79902CC] - C:\AdwCleaner[R1].txt
[12/08/2013 - 23:10:44 | N | 0 Ko | CE79F07F55EE5C51E3D8774CE9F6B492] - C:\AdwCleaner[S1].txt
[12/08/2013 - 23:15:31 | N | 42 Ko | 6FBAAC52CDA102A6FE1E0CE6F9F7BFEC] - C:\AdwCleaner[S2].txt
[18/09/2006 - 22:43:36 | A | 0 Ko] - C:\autoexec.bat
[13/12/2013 - 18:53:40 | N | 0 Ko] - C:\AUTORUN.INF
[01/09/2013 - 23:32:31 | SHD] - C:\Boot
[10/04/2009 - 22:36:38 | RASH | 325 Ko] - C:\bootmgr
[19/11/2008 - 00:57:46 | N | 8 Ko] - C:\BOOTSECT.BAK
[13/10/2012 - 19:14:43 | N | 0 Ko] - C:\cds.log
[18/09/2006 - 22:43:37 | N | 0 Ko] - C:\config.sys
[02/11/2006 - 13:59:44 | SHD] - C:\Documents and Settings
[21/11/2013 - 16:37:06 | D] - C:\Downloads
[26/12/2012 - 19:09:16 | D] - C:\FFOutput
[02/01/2013 - 10:11:57 | D] - C:\found.000
[10/03/2013 - 11:16:48 | D] - C:\found.001
[28/04/2013 - 07:03:22 | D] - C:\found.002
[11/09/2013 - 21:52:37 | D] - C:\Fraps
[12/10/2013 - 22:16:19 | D] - C:\Games
[17/04/2013 - 20:41:19 | N | 0 Ko] - C:\IO.SYS
[19/11/2008 - 09:04:37 | N | 0 Ko] - C:\Labelprint.log
[17/04/2013 - 20:41:19 | N | 0 Ko] - C:\MSDOS.SYS
[19/11/2008 - 08:39:46 | RHD] - C:\MSOCache
[23/01/2014 - 13:38:49 | N | 0 Ko] - C:\ntuser.dat
[23/01/2014 - 18:36:39 | N | 0 Ko] - C:\ntuser.dat.LOG1
[23/01/2014 - 18:36:39 | N | 0 Ko] - C:\ntuser.dat.LOG2
[23/01/2014 - 19:27:24 | ASH | 3188488 Ko] - C:\pagefile.sys
[21/01/2008 - 03:43:50 | D] - C:\PerfLogs
[23/01/2014 - 19:00:57 | N | 1 Ko] - C:\PhysicalDisk0_MBR.bin
[23/01/2014 - 19:27:24 | D] - C:\Program Files
[23/01/2014 - 12:45:01 | HD] - C:\ProgramData
[18/11/2008 - 16:55:42 | N | 0 Ko] - C:\RHDSetup.log
[09/12/2013 - 20:00:20 | D] - C:\rsit
[23/01/2014 - 19:18:24 | SHD] - C:\System Volume Information
[18/11/2013 - 22:20:34 | D] - C:\tmp
[23/01/2014 - 19:29:34 | D] - C:\UsbFix
[23/01/2014 - 19:25:41 | N | 1 Ko | 4DB30E2453952B2C164E3EC39F12AECE] - C:\UsbFix [Clean 2] HEHUU42400MAGLL.txt
[23/01/2014 - 19:34:22 | A | 6 Ko | 2370C7C418DBEBBFD288A0CA384120F8] - C:\UsbFix [Clean 3] HEHUU42400MAGLL.txt
[19/11/2012 - 13:23:15 | D] - C:\Users
[23/01/2014 - 19:27:26 | D] - C:\Windows
[10/05/2013 - 11:00:00 | D] - D:\$AVG
[27/07/2012 - 18:30:14 | SHD] - D:\$RECYCLE.BIN
[07/12/2013 - 16:32:48 | N | 1 Ko] - D:\2 ans zaza - Raccourci.lnk
[26/02/2011 - 22:22:29 | D] - D:\2a3b5008e2281d3b201439
[27/03/2011 - 20:24:59 | D] - D:\9f57764ad59ff2b282660a7bb9d2d956
[20/04/2013 - 17:41:57 | D] - D:\Adobe
[20/04/2013 - 17:47:13 | N | 0 Ko] - D:\asoutput.log
[13/12/2013 - 18:53:40 | N | 0 Ko] - D:\AUTORUN.INF
[09/07/2012 - 22:28:05 | N | 0 Ko] - D:\Beat.avi.wav
[20/04/2013 - 18:32:42 | N | 34994 Ko] - D:\BETISIER LEV 2.avi
[20/04/2013 - 18:28:40 | N | 21977 Ko] - D:\BETISIER LEV.avi
[12/12/2013 - 13:47:08 | D] - D:\blender-2.49b-windows
[27/12/2013 - 11:50:42 | D] - D:\Cartememoireappareilphoto
[22/01/2014 - 16:57:25 | D] - D:\d
[17/04/2013 - 10:57:17 | D] - D:\DBO
[02/05/2013 - 08:48:20 | D] - D:\Film
[13/12/2013 - 09:17:34 | D] - D:\FL
[03/08/2013 - 22:36:47 | D] - D:\Fraps Movies
[18/01/2014 - 22:54:12 | D] - D:\Games
[14/11/2009 - 00:06:27 | D] - D:\Google Desktop Data
[02/01/2013 - 22:26:53 | N | 65270 Ko] - D:\kakamemehahamemehaha.avi
[01/01/2013 - 12:59:27 | N | 13 Ko] - D:\lapin_11.jpg
[20/04/2013 - 18:03:11 | N | 180853 Ko] - D:\LeveGTA.swf
[20/04/2013 - 18:03:11 | N | 1 Ko] - D:\LeveGTA.swf.html
[02/11/2013 - 14:06:37 | D] - D:\msdownld.tmp
[05/01/2002 - 02:38:38 | N | 54 Ko | CA3A59D92F479A17E5CA6A0E13896846] - D:\msvci70.dll
[22/01/2014 - 17:57:46 | D] - D:\Program Files
[27/07/2012 - 22:30:32 | D] - D:\rayman
[29/01/2000 - 00:17:13 | SHD] - D:\RECYCLER
[11/12/2013 - 12:49:48 | D] - D:\Root
[23/04/2013 - 23:29:33 | N | 23270 Ko] - D:\SansTitre.wmv
[04/12/2010 - 19:13:00 | D] - D:\skins
[10/12/2013 - 17:31:54 | SHD] - D:\System Volume Information
[30/11/2013 - 21:57:12 | D] - D:\Telechargage
[11/12/2013 - 12:45:56 | D] - D:\Vieux trucs
[06/04/2013 - 14:18:18 | D] - D:\Vuze downloads
[21/11/2013 - 18:31:35 | D] - D:\Walibi 2011
[29/07/2011 - 11:35:07 | N | 0 Ko] - D:\Walibi 2011 - Raccourci.lnk
[08/10/2013 - 17:41:20 | N | 364 Ko] - G:\Kessaï plan.SLDDRW
[25/10/2013 - 12:19:22 | N | 716572 Ko] - G:\Les Beaux Gosses.avi
[01/12/2013 - 13:55:02 | N | 1101824 Ko] - G:\buda_vfs.img
[04/01/2014 - 15:20:42 | N | 1349571 Ko] - G:\Amityville La Maison Du Diable 1979 TRUEFRENCH DVDRIP Xvid CYRAX.avi
[24/09/2013 - 17:34:00 | N | 141 Ko] - G:\Bouddaoui.SLDPRT
[24/09/2013 - 17:51:22 | N | 172 Ko] - G:\3069A.SLDPRT
[01/10/2013 - 15:08:06 | N | 90 Ko] - G:\Pièce1.SLDPRT
[01/10/2013 - 15:08:06 | N | 0 Ko] - G:\~$Pièce1.SLDPRT
[01/10/2013 - 16:04:52 | N | 287 Ko] - G:\Kessaï.SLDDRW
[01/10/2013 - 17:20:08 | N | 337 Ko] - G:\Merc.doc
[01/10/2013 - 17:22:04 | N | 17 Ko] - G:\Mercedes-logo-crom.gif
[08/10/2013 - 17:41:20 | N | 232 Ko] - G:\Kessaï.SLDPRT
[23/01/2014 - 19:27:24 | N | 2 Ko] - G:\BOOTEX.LOG

################## | Vaccin |

D:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
G:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)

################## | E.O.F | http://www.usbfix.net - http://www.sosvirus.net |