[b]############################## | UsbFix V 8.011 | [Research][/b]

User: Dr.M.Abou Shaar (Administrator) # DRMABOUSHAAR-PC
Updated 09/08/2015 by El Desaparecido - SosVirus
Started at 23:20:09 | 11/08/2015

Website : [url=http://www.en.usbfix.net/]http://www.en.usbfix.net/[/url]
Changelog : [url=http://www.en.usbfix.net/changelog/]http://www.en.usbfix.net/changelog/[/url]
Support : [url=http://www.sos-virus.net/]http://www.sos-virus.net/[/url]
Live detection : [url=http://how-to-remove.us/]http://how-to-remove.us/[/url]
Contact : [url=http://www.en.usbfix.net/contact/]http://www.en.usbfix.net/contact/[/url]

[b]################## | System information |[/b]

MB: Hewlett-Packard (1670) 
CPU: Intel(R) Core(TM) i5-2410M CPU @ 2.30GHz
GC: Intel(R) HD Graphics 3000
RAM -> [Total : 2510 Mo | Free : 904 Mo]
Bios: Hewlett-Packard
Boot: Normal boot

OS: Microsoft Windows 7 Ultimate (6.1.7601 32-Bit) Service Pack 1
WB: Internet Explorer : 11.00.9600.16428
WB: Mozilla Firefox : 36.0.4

[b]################## | Security Information |[/b]

AV: ESET Smart Security 7.0 [[b](!) Disabled[/b] |[b](!) Outdated[/b]]
AS: Windows Defender [Enabled |[b](!) Outdated[/b]]
AS: ESET Smart Security 7.0 [[b](!) Disabled[/b] |[b](!) Outdated[/b]]
FW: ESET Personal firewall [Enabled]
FW: Windows Firewall [Enabled]
SC: Security Center [Enabled]
WU: Windows Update [Enabled]

[b]################## | Disk Information |[/b]

C:\ (%SystemDrive%) -> Fixed disk # 100 Gb (21 Gb free - 21%) [] # NTFS
D:\ -> Fixed disk # 120 Gb (2 Gb free - 2%) [] # NTFS
E:\ -> Fixed disk # 120 Gb (13 Gb free - 11%) [] # NTFS
F:\ -> Fixed disk # 126 Gb (86 Gb free - 68%) [] # NTFS
I:\ -> Removable disk # 4 Gb (4 Gb free - 99%) [ABOU SHAAR] # FAT32

[b]################## | Startup |[/b]

F2 - HKLM\..\Winlogon : [Shell] Explorer.exe
F2 - HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe,
F3 - HKCU\..\Windows : [Load] C:\ProgramData\msmfpfu.exe
04 - HKCU\..\Run : [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
04 - HKCU\..\Run : [IDMan] C:\Program Files\MisterKen-Studios\Internet Download Manager\IDMan.exe /onboot
04 - HKCU\..\Run : [Steam] C:\Program Files\Steam\Steam.exe -silent
04 - HKCU\..\Run : [????????] C:\Program Files\Tongbu\tbMobileService.exe /start
04 - HKLM\..\Run : [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
04 - HKLM\..\Run : [cmsc] "c:\program files\cmcm\Clean Master\cmtray.exe" -autorun
04 - HKLM\..\Run : [IgfxTray] "C:\Windows\system32\igfxtray.exe"
04 - HKLM\..\Run : [Persistence] "C:\Windows\system32\igfxpers.exe"
04 - HKLM\..\Run : [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
04 - HKLM\..\Run : [HotKeysCmds] "C:\Windows\system32\hkcmd.exe"
04 - HKLM\..\Run : [BlueStacks Agent] C:\Program Files\BlueStacks\HD-Agent.exe
04 - HKLM\..\Run : [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe
04 - HKLM\..\Run : [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
04 - HKLM\..\Run : [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
04 - HKU\S-1-5-19\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-20\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-21-1935820700-733707283-127377599-1000\..\Run : [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
04 - HKU\S-1-5-21-1935820700-733707283-127377599-1000\..\Run : [IDMan] C:\Program Files\MisterKen-Studios\Internet Download Manager\IDMan.exe /onboot
04 - HKU\S-1-5-21-1935820700-733707283-127377599-1000\..\Run : [Steam] C:\Program Files\Steam\Steam.exe -silent
04 - HKU\S-1-5-21-1935820700-733707283-127377599-1000\..\Run : [????????] C:\Program Files\Tongbu\tbMobileService.exe /start
04 - HKU\S-1-5-19\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-20\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-18\..\RunOnce : [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601

[b]################## | Generic Research |[/b]

Found! I:\ABOU SHAAR (4GB).lnk
Found! I:\ \qS8oIua.kM2eK4s.iGs.YEqW8w.GwAqG.wU2S4c.KoQuC.8oU6aGwE
Found! C:\ProgramData\msmfpfu.exe
Found! I:\ \æÓíã ÃÞÏÍ\- Shortcut.lnk
Found! C:\Users\All Users\msmfpfu.exe
Found! HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows|load (C:\ProgramData\msmfpfu.exe)
Found! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsemngr.exe
Found! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsermngr.exe
Found! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cltmngsvc.exe
Found! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta babylon.exe
Found! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta tb.exe
Found! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta2.exe
Found! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltainstaller.exe
Found! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltasetup.exe
Found! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltatb_2501-c733154b.exe
Found! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\iminentsetup.exe
Found! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rjatydimofu.exe
Found! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sweetimsetup.exe
Found! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tbdelta.exetoolbar783881609.exe

[b]################## | UsbFix - Information |[/b]

Info : [url=https://www.youtube.com/watch?v=vUZYYASd7FE]How to remove shortcut virus on flash disk (Video)[/url]
Info : [url=http://www.en.usbfix.net/2014/03/remove-shortcut-virus-usb/]Shortcut virus on flash disk, What is it ?[/url]
Live detection : [url=http://how-to-remove.us/]http://how-to-remove.us/[/url]

[b]################## | E.O.F | [url=http://www.sosvirus.net/]http://www.sosvirus.net/[/url] | [url=http://www.en.usbfix.net/]http://www.en.usbfix.net/[/url] |[/b]