############################## | UsbFix V 7.169 | [Recherche]

Utilisateur: PC-PC (Administrateur) # PC-MAISON
Mis à jour le 31/03/2014 par El Desaparecido - Team SosVirus
Lancé à 16:18:05 | 26/04/2014

Site Web : http://www.usbfix.net/
Changelog : http://www.usbfix.net/maj/
Support : http://www.sosvirus.net/forum-virus-securite.html
Upload Malware : http://www.sosvirus.net/upload_malware.php
Contact : http://www.usbfix.net/contact/

PC: JETWAY (TI41M)
CPU: Pentium(R) Dual-Core  CPU      E5700  @ 3.00GHz
RAM -> [Total : 3037 Mo| Free : 1930 Mo]
Bios: American Megatrends Inc.
Boot: Normal boot

OS: Microsoft Windows 8 Professionnel (6.2.9200 32-Bit) 
WB: Windows Internet Explorer : 10.0.9200.16863
WB: Mozilla Firefox : 29.0

SC: Security Center [Enabled]
WU: Windows Update [Enabled]
AV: Avira Desktop [(!) Disabled | Updated]
AV: Windows Defender [(!) Disabled | Updated]
AS: Avira Desktop [(!) Disabled | Updated]
AS: Windows Defender [(!) Disabled | Updated]
AS: COMODO Antivirus [(!) Disabled | (!) Outdated]
FW: COMODO Firewall [(!) Disabled]
FW: Windows FireWall [Enabled]

C:\ (%systemdrive%) -> Disque fixe # 195 Go (163 Go libre(s) - 84%) [] # NTFS
D:\ -> Disque fixe # 117 Go (117 Go libre(s) - 100%) [] # NTFS
E:\ -> Disque fixe # 153 Go (153 Go libre(s) - 100%) [] # NTFS
F:\ -> CD-ROM
G:\ -> Disque amovible # 7 Go (2 Go libre(s) - 26%) [ADATA UFD] # FAT32
H:\ -> Disque amovible # 487 Mo (487 Mo libre(s) - 100%) [] # FAT

################## | Processus Actif |

C:\Windows\system32\csrss.exe (ID: 444 |ParentID: 428)
C:\Windows\system32\wininit.exe (ID: 496 |ParentID: 428)
C:\Windows\system32\csrss.exe (ID: 512 |ParentID: 504)
C:\Windows\system32\services.exe (ID: 556 |ParentID: 496)
C:\Windows\system32\lsass.exe (ID: 564 |ParentID: 496)
C:\Windows\system32\winlogon.exe (ID: 620 |ParentID: 504)
C:\Windows\system32\svchost.exe (ID: 704 |ParentID: 556)
C:\Windows\system32\svchost.exe (ID: 764 |ParentID: 556)
C:\Windows\system32\svchost.exe (ID: 804 |ParentID: 556)
C:\Windows\System32\svchost.exe (ID: 848 |ParentID: 556)
C:\Windows\system32\svchost.exe (ID: 904 |ParentID: 556)
C:\Windows\system32\dwm.exe (ID: 916 |ParentID: 620)
C:\Windows\system32\svchost.exe (ID: 980 |ParentID: 556)
C:\Windows\System32\svchost.exe (ID: 1064 |ParentID: 556)
C:\Windows\System32\spoolsv.exe (ID: 1312 |ParentID: 556)
C:\Program Files\Avira\AntiVir Desktop\sched.exe (ID: 1360 |ParentID: 556)
C:\Windows\system32\svchost.exe (ID: 1400 |ParentID: 556)
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (ID: 1544 |ParentID: 556)
C:\Program Files\Avira\AntiVir Desktop\avguard.exe (ID: 1584 |ParentID: 556)
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (ID: 1608 |ParentID: 556)
C:\Program Files\ma-config.com\MaConfigAgent.exe (ID: 1672 |ParentID: 556)
C:\Windows\system32\viakaraokesrv.exe (ID: 2012 |ParentID: 556)
C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe (ID: 2576 |ParentID: 704)
C:\Program Files\COMODO\COMODO Internet Security\cistray.exe (ID: 2608 |ParentID: 556)
C:\Windows\system32\taskhostex.exe (ID: 2624 |ParentID: 556)
C:\Windows\Explorer.EXE (ID: 3200 |ParentID: 2824)
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (ID: 3296 |ParentID: 1584)
C:\Program Files\COMODO\COMODO Internet Security\cis.exe (ID: 520 |ParentID: 2608)
C:\Program Files\Avira\AntiVir Desktop\avmailc7.exe (ID: 2588 |ParentID: 556)
C:\Program Files\Avira\AntiVir Desktop\avwebg7.exe (ID: 1420 |ParentID: 556)
C:\Windows\system32\SearchIndexer.exe (ID: 2832 |ParentID: 556)
C:\Windows\system32\svchost.exe (ID: 2308 |ParentID: 556)
C:\Program Files\Opera\20.0.1387.91\opera.exe (ID: 2088 |ParentID: 3732)
C:\Program Files\Opera\20.0.1387.91\opera_crashreporter.exe (ID: 1436 |ParentID: 2088)
C:\Program Files\Opera\20.0.1387.91\opera.exe (ID: 588 |ParentID: 2088)
C:\Program Files\Opera\20.0.1387.91\opera.exe (ID: 4444 |ParentID: 2088)
C:\Program Files\Opera\20.0.1387.91\opera.exe (ID: 4500 |ParentID: 2088)
C:\Program Files\Opera\20.0.1387.91\opera.exe (ID: 4384 |ParentID: 2088)
C:\Program Files\Opera\20.0.1387.91\opera.exe (ID: 5260 |ParentID: 2088)
C:\Program Files\Opera\20.0.1387.91\opera.exe (ID: 5768 |ParentID: 2088)
C:\Program Files\Opera\20.0.1387.91\opera.exe (ID: 5104 |ParentID: 2088)
C:\Windows\system32\taskhost.exe (ID: 3064 |ParentID: 556)
C:\Windows\system32\svchost.exe (ID: 5760 |ParentID: 556)
C:\Windows\System32\WUDFHost.exe (ID: 2020 |ParentID: 1064)
C:\Windows\system32\SearchProtocolHost.exe (ID: 3040 |ParentID: 2832)
C:\Windows\system32\SearchFilterHost.exe (ID: 5744 |ParentID: 2832)
C:\Windows\system32\wbem\wmiprvse.exe (ID: 412 |ParentID: 704)

################## | Regedit Run |

F2 - HKLM\..\Winlogon : [Shell] explorer.exe
F2 - [x64] HKLM\..\Winlogon : [Shell] explorer.exe
F2 - HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe,
F2 - [x64] HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe,
04 - HKCU\..\Run : [IDMan] C:\Program Files\Internet Download Manager\crack IDMan 6.19 build 2\IDMan.exe /onboot
04 - HKCU\..\Run : [CCleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
04 - HKLM\..\Run : [HDAudDeck] C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe -r
04 - HKLM\..\Run : [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
04 - HKLM\..\Run : [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
04 - HKLM\..\RunOnce : [] 
04 - HKU\S-1-5-21-386851183-796558344-1283533773-1001\..\Run : [IDMan] C:\Program Files\Internet Download Manager\crack IDMan 6.19 build 2\IDMan.exe /onboot
04 - HKU\S-1-5-21-386851183-796558344-1283533773-1001\..\Run : [CCleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO

################## | Recherche générique |


################## | Registre |


################## | E.O.F | http://www.usbfix.net/ - http://www.sosvirus.net |