############################## | UsbFix V 7.167 | [Suppression]

Utilisateur: Utilisateur (Administrateur) # UTILISATEUR-PC
Mis à jour le 13/03/2014 par El Desaparecido - Team SosVirus
Lancé à 15:47:16 | 19/03/2014

Site Web : http://www.usbfix.net/
Changelog : http://www.usbfix.net/maj/
Support : http://www.sosvirus.net/forum-virus-securite.html
Upload Malware : http://www.sosvirus.net/upload_malware.php
Contact : http://www.usbfix.net/contact/

PC: Acer (FIH57)
CPU: Intel(R) Core(TM) i3 CPU         540  @ 3.07GHz
RAM -> [Total : 3063 Mo| Free : 1934 Mo]
Bios: American Megatrends Inc.
Boot: Normal boot

OS: Microsoft Windows 7 Édition Familiale Premium  (6.1.7601 32-Bit) Service Pack 1
WB: Windows Internet Explorer : 10.0.9200.16844
WB: Mozilla Firefox : 27.0.1

SC: Security Center [Enabled]
WU: Windows Update [Enabled]
AV: avast! Internet Security [Enabled | Updated]
AS: Windows Defender [(!) Disabled | Updated]
AS: Spybot - Search and Destroy [Enabled | (!) Outdated]
AS: avast! Internet Security [Enabled | Updated]
FW: avast! Internet Security [Enabled]
FW: Windows FireWall [(!) Disabled]
AS: Malwarebytes' Anti-Malware : 1.75.0001

C:\ (%systemdrive%) -> Disque fixe # 466 Go (338 Go libre(s) - 72%) [] # NTFS
D:\ -> CD-ROM
E:\ -> Disque fixe # 596 Go (272 Go libre(s) - 46%) [SAMSUNG] # NTFS
H:\ -> CD-ROM
I:\ -> Disque amovible # 2 Go (2 Go libre(s) - 96%) [] # FAT

################## | Processus Actif |

C:\Windows\system32\csrss.exe (ID: 408 |ParentID: 400)
C:\Windows\system32\wininit.exe (ID: 480 |ParentID: 400)
C:\Windows\system32\csrss.exe (ID: 488 |ParentID: 472)
C:\Windows\system32\services.exe (ID: 536 |ParentID: 480)
C:\Windows\system32\winlogon.exe (ID: 568 |ParentID: 472)
C:\Windows\system32\lsass.exe (ID: 596 |ParentID: 480)
C:\Windows\system32\lsm.exe (ID: 604 |ParentID: 480)
C:\Windows\system32\svchost.exe (ID: 708 |ParentID: 536)
C:\Windows\system32\nvvsvc.exe (ID: 780 |ParentID: 536)
C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (ID: 804 |ParentID: 536)
C:\Windows\system32\svchost.exe (ID: 852 |ParentID: 536)
C:\Windows\System32\svchost.exe (ID: 948 |ParentID: 536)
C:\Windows\System32\svchost.exe (ID: 988 |ParentID: 536)
C:\Windows\system32\svchost.exe (ID: 1028 |ParentID: 536)
C:\Windows\system32\svchost.exe (ID: 1064 |ParentID: 536)
C:\Windows\system32\svchost.exe (ID: 1180 |ParentID: 536)
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (ID: 1280 |ParentID: 780)
C:\Windows\system32\nvvsvc.exe (ID: 1288 |ParentID: 780)
C:\Program Files\AVAST Software\Avast\AvastSvc.exe (ID: 1484 |ParentID: 536)
C:\Windows\system32\Dwm.exe (ID: 1572 |ParentID: 988)
C:\Windows\Explorer.EXE (ID: 1604 |ParentID: 1556)
C:\Windows\system32\runonce.exe (ID: 1636 |ParentID: 1604)
C:\Program Files\AVAST Software\Avast\afwServ.exe (ID: 1680 |ParentID: 536)
C:\Windows\system32\taskeng.exe (ID: 1836 |ParentID: 1064)
C:\Windows\System32\spoolsv.exe (ID: 1844 |ParentID: 536)
C:\Windows\system32\svchost.exe (ID: 1880 |ParentID: 536)
C:\Windows\system32\svchost.exe (ID: 1916 |ParentID: 536)
C:\Windows\system32\taskhost.exe (ID: 1984 |ParentID: 536)
C:\Windows\System32\svchost.exe (ID: 416 |ParentID: 536)
C:\Windows\system32\FsUsbExService.Exe (ID: 696 |ParentID: 536)
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe (ID: 1200 |ParentID: 536)
C:\Windows\system32\taskeng.exe (ID: 1296 |ParentID: 1064)
C:\Program Files\ZebraNetworkSystems\NeoRouter\NRService.exe (ID: 1624 |ParentID: 536)
C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe (ID: 1952 |ParentID: 536)
C:\Program Files\Glary Utilities 4\Initialize.exe (ID: 2072 |ParentID: 1296)
C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe (ID: 2848 |ParentID: 536)
C:\Windows\system32\svchost.exe (ID: 2868 |ParentID: 536)
C:\Windows\System32\svchost.exe (ID: 2888 |ParentID: 536)
C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe (ID: 2952 |ParentID: 536)
C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe (ID: 3076 |ParentID: 536)
C:\Windows\system32\wbem\wmiprvse.exe (ID: 3176 |ParentID: 708)
C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE (ID: 3276 |ParentID: 536)
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (ID: 3364 |ParentID: 536)
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (ID: 3752 |ParentID: 1280)
C:\Windows\system32\wbem\wmiprvse.exe (ID: 3788 |ParentID: 708)
C:\Windows\system32\sppsvc.exe (ID: 3856 |ParentID: 536)

################## | Regedit Run |

F2 - HKLM\..\Winlogon : [Shell] explorer.exe
F2 - [64bit] HKLM\..\Winlogon : [Shell] explorer.exe
F2 - HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe,
F2 - [64bit] HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe,
04 - HKCU\..\Run : [] 
04 - HKLM\..\Run : [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
04 - HKU\S-1-5-19\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-20\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-21-494048827-1650175510-1422529119-1000\..\Run : [] 
04 - HKU\S-1-5-19\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-20\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe

################## | Recherche générique |

Supprimé! C:\Windows\system32\secushr.dat
Supprimé! C:\Windows\rundl132.exe
Supprimé! I:\ipak

(!) Fichiers temporaires supprimés.

################## | Registre |

Réparé ! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System|EnableLUA -> 1
Réparé ! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System|ConsentPromptBehaviorAdmin -> 5
Supprimé! HKU\S-1-5-21-494048827-1650175510-1422529119-1000\Software\.\.\.\.\Mountpoints2\{e6d31b1e-48e9-11e1-bb6b-90fba68897a0}

################## | Listing |

[02/07/2012 - 06:19:42 | SHD] - C:\$Recycle.Bin
[14/09/2013 - 16:01:03 | D] - C:\1178ea4a6053d659b066
[19/06/2012 - 17:31:43 | D] - C:\1fcab0dae0d765664802f8a9a68f4341
[20/06/2012 - 17:30:34 | D] - C:\6e9c3af12f5d3449d7f20fe2be4918
[06/10/2012 - 17:54:59 | D] - C:\89e4ab5dd2d88ea606b9
[26/11/2011 - 14:31:51 | D] - C:\A Pack logiciel - Ok
[14/09/2013 - 16:01:03 | D] - C:\aba3b751032be0e078fdf6b6
[20/08/2012 - 10:29:33 | D] - C:\ac83814f4cc09673c5fb8b3fd4
[26/11/2011 - 01:11:50 | D] - C:\Acer - Aspire X3950
[16/03/2014 - 05:33:38 | D] - C:\AdwCleaner
[27/01/2013 - 12:52:32 | D] - C:\Anuman Interactive
[10/06/2009 - 22:42:20 | N | 0 Ko] - C:\autoexec.bat
[20/05/2012 - 07:18:09 | D] - C:\Boonty
[15/03/2014 - 03:35:54 | D] - C:\Config.Msi
[10/06/2009 - 22:42:20 | N | 0 Ko] - C:\config.sys
[25/02/2014 - 15:36:45 | D] - C:\corbeille
[02/03/2014 - 07:21:52 | N | 2 Ko | C28649E3681E7F4628D0F080D547D22F] - C:\DelFix.txt
[25/09/2013 - 02:47:00 | N | 0 Ko] - C:\DiskDefrag.log
[14/07/2009 - 05:53:55 | SHD] - C:\Documents and Settings
[28/08/2013 - 09:20:47 | D] - C:\ead4a282326516ccd48e6b
[07/11/2007 - 08:00:40 | N | 17 Ko | 9147A93F43D8E58218EBCB15FDA888C9] - C:\eula.1028.txt
[07/11/2007 - 08:00:40 | N | 17 Ko | 9147A93F43D8E58218EBCB15FDA888C9] - C:\eula.1031.txt
[07/11/2007 - 08:00:40 | N | 10 Ko | 99C22D4A31F4EAD4351B71D6F4E5F6A1] - C:\eula.1033.txt
[07/11/2007 - 08:00:40 | N | 17 Ko | 9147A93F43D8E58218EBCB15FDA888C9] - C:\eula.1036.txt
[07/11/2007 - 08:00:40 | N | 17 Ko | 9147A93F43D8E58218EBCB15FDA888C9] - C:\eula.1040.txt
[07/11/2007 - 08:00:40 | N | 0 Ko | 9B15A3A055CC6E67EA191A1B7885649A] - C:\eula.1041.txt
[07/11/2007 - 08:00:40 | N | 17 Ko | 9147A93F43D8E58218EBCB15FDA888C9] - C:\eula.1042.txt
[07/11/2007 - 08:00:40 | N | 17 Ko | 9147A93F43D8E58218EBCB15FDA888C9] - C:\eula.2052.txt
[07/11/2007 - 08:00:40 | N | 17 Ko | 9147A93F43D8E58218EBCB15FDA888C9] - C:\eula.3082.txt
[29/06/2013 - 03:15:13 | D] - C:\FreeOCR
[27/02/2013 - 09:04:11 | D] - C:\games
[07/11/2007 - 08:00:40 | N | 1 Ko] - C:\globdata.ini
[19/03/2014 - 15:46:27 | ASH | 2352468 Ko] - C:\hiberfil.sys
[07/11/2007 - 08:03:18 | N | 550 Ko | 520A6D1CBCC9CF642C625FE814C93C58] - C:\install.exe
[07/11/2007 - 08:00:40 | N | 1 Ko] - C:\install.ini
[07/11/2007 - 08:03:18 | N | 75 Ko | 4151A4D07640863783F837E588235837] - C:\install.res.1028.dll
[07/11/2007 - 08:03:18 | N | 94 Ko | 3B8A82E04238655EAEF97E074FB29911] - C:\install.res.1031.dll
[07/11/2007 - 08:03:18 | N | 89 Ko | 9EDEB8B1C5C0A4CD3A3016B85108127D] - C:\install.res.1033.dll
[07/11/2007 - 08:03:18 | N | 95 Ko | 5B6FF470CFA7087690E61F87E81EF78A] - C:\install.res.1036.dll
[07/11/2007 - 08:03:18 | N | 93 Ko | 6310AB8FC9E3DBEE80592FC453A34FEE] - C:\install.res.1040.dll
[07/11/2007 - 08:03:18 | N | 80 Ko | 13ED4517152203DE4BC52ACC0255D952] - C:\install.res.1041.dll
[07/11/2007 - 08:03:18 | N | 78 Ko | 0D4FB4095EA49C1EC89B9E8DB0B936A3] - C:\install.res.1042.dll
[07/11/2007 - 08:03:18 | N | 74 Ko | D7366B34E8AFB605C39EF56E2201FE85] - C:\install.res.2052.dll
[07/11/2007 - 08:03:18 | N | 94 Ko | 41BB37A347121F3E5E88D85100638B79] - C:\install.res.3082.dll
[07/07/2012 - 06:47:43 | RASH | 0 Ko] - C:\IO.SYS
[16/02/2013 - 18:02:02 | D] - C:\Jeux
[07/07/2012 - 06:47:43 | RASH | 0 Ko] - C:\MSDOS.SYS
[16/12/2012 - 06:11:52 | RHD] - C:\MSOCache
[01/04/2012 - 19:20:25 | D] - C:\NVIDIA
[02/07/2012 - 11:21:51 | D] - C:\OutputFolder
[19/03/2014 - 15:46:27 | ASH | 3136624 Ko] - C:\pagefile.sys
[18/03/2014 - 16:13:37 | N | 1 Ko] - C:\PhysicalDisk0_MBR.bin
[14/03/2014 - 03:38:59 | D] - C:\Program Files
[05/03/2014 - 12:26:38 | HD] - C:\ProgramData
[27/01/2012 - 14:38:49 | SHD] - C:\Recovery
[15/03/2012 - 16:12:44 | N | 0 Ko] - C:\settings.ini.mwt
[30/01/2013 - 16:31:46 | D] - C:\StealthBastard
[19/03/2014 - 06:17:32 | SHD] - C:\System Volume Information
[25/02/2014 - 16:53:04 | D] - C:\Temp
[19/03/2014 - 15:45:26 | D] - C:\UsbFix
[19/03/2014 - 15:48:04 | A | 10 Ko | 342B4A07AF4F4533C0ACE041B842D998] - C:\UsbFix [Clean 2] UTILISATEUR-PC.txt
[19/03/2014 - 09:35:20 | N | 6 Ko | EC70F0722C39E96B334FB8EB9308AFDF] - C:\UsbFix [Scan 1] UTILISATEUR-PC.txt
[28/08/2013 - 09:24:16 | D] - C:\Users
[07/11/2007 - 08:00:40 | N | 6 Ko] - C:\vcredist.bmp
[07/11/2007 - 08:09:22 | N | 1409 Ko] - C:\VC_RED.cab
[07/11/2007 - 08:12:28 | N | 228 Ko] - C:\VC_RED.MSI
[19/03/2014 - 15:47:43 | D] - C:\Windows
[01/04/2013 - 14:59:22 | SHD] - E:\$RECYCLE.BIN
[03/03/2011 - 14:48:52 | N | 0 Ko] - E:\autorun.inf
[17/03/2014 - 05:16:06 | D] - E:\cinema
[08/07/2013 - 10:02:44 | D] - E:\photos
[16/02/2011 - 16:26:36 | N | 81 Ko] - E:\SAMSUNG_EHDD.ico
[11/10/2011 - 05:58:48 | SHD] - E:\System Volume Information
[26/11/2013 - 12:05:54 | D] - I:\diaporama
[03/01/2014 - 19:09:34 | N | 10 Ko] - I:\2013-12-23_12.49.47.jpg
[19/01/2014 - 11:09:56 | N | 10 Ko] - I:\2014-01-18_19.11.56.jpg
[03/01/2014 - 19:13:06 | N | 6 Ko] - I:\IMG_0337.jpg
[03/01/2014 - 19:13:06 | N | 6 Ko] - I:\IMG_0338.jpg
[03/01/2014 - 19:13:06 | N | 9 Ko] - I:\IMG_0343.jpg
[03/01/2014 - 19:13:06 | N | 8 Ko] - I:\IMG_0344.jpg
[05/01/2014 - 17:06:16 | N | 5 Ko] - I:\IMG_0350.jpg
[05/01/2014 - 17:06:24 | N | 6 Ko] - I:\IMG_0359.jpg
[05/01/2014 - 17:06:20 | N | 12 Ko] - I:\IMG_0366.jpg

################## | Vaccin |

E:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
I:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)

################## | E.O.F | http://www.usbfix.net/ - http://www.sosvirus.net |