############################## | UsbFix V 7.169 | [Suppression] Utilisateur: user (Administrateur) # PC Mis à jour le 31/03/2014 par El Desaparecido - Team SosVirus Lancé à 17:18:11 | 30/04/2014 Site Web : http://www.usbfix.net/ Changelog : http://www.usbfix.net/maj/ Support : http://www.sosvirus.net/forum-virus-securite.html Upload Malware : http://www.sosvirus.net/upload_malware.php Contact : http://www.usbfix.net/contact/ PC: Acer (BA51_HC_CR) CPU: Intel(R) Core(TM) i3-2328M CPU @ 2.20GHz RAM -> [Total : 5957 Mo| Free : 4420 Mo] Bios: Insyde Corp. Boot: Normal boot OS: Microsoft Windows 8 (6.2.9200 64-Bit) WB: Windows Internet Explorer : 10.0.9200.16863 WB: Mozilla Firefox : 28.0 SC: Security Center [Enabled] WU: Windows Update [Enabled] AV: Windows Defender [(!) Disabled | Updated] AV: avast! Antivirus [Enabled | Updated] AS: Windows Defender [(!) Disabled | Updated] AS: avast! Antivirus [Enabled | Updated] FW: Windows FireWall [(!) Disabled] C:\ (%systemdrive%) -> Disque fixe # 339 Go (289 Go libre(s) - 85%) [Acer] # NTFS D:\ -> Disque fixe # 339 Go (338 Go libre(s) - 100%) [DATA] # NTFS E:\ -> CD-ROM F:\ -> Disque amovible # 4 Go (2 Go libre(s) - 63%) [CE2 CM1 CM2] # FAT32 ################## | Processus Actif | C:\Windows\system32\csrss.exe (ID: 580 |ParentID: 572) C:\Windows\system32\wininit.exe (ID: 692 |ParentID: 572) C:\Windows\system32\services.exe (ID: 796 |ParentID: 692) C:\Windows\system32\lsass.exe (ID: 804 |ParentID: 692) C:\Windows\system32\svchost.exe (ID: 912 |ParentID: 796) C:\Windows\system32\nvvsvc.exe (ID: 972 |ParentID: 796) C:\Windows\system32\svchost.exe (ID: 1016 |ParentID: 796) C:\Windows\System32\svchost.exe (ID: 336 |ParentID: 796) C:\Windows\system32\svchost.exe (ID: 428 |ParentID: 796) C:\Windows\system32\svchost.exe (ID: 572 |ParentID: 796) C:\Windows\System32\svchost.exe (ID: 288 |ParentID: 796) C:\Windows\system32\svchost.exe (ID: 1348 |ParentID: 796) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (ID: 1424 |ParentID: 796) C:\Windows\System32\spoolsv.exe (ID: 1764 |ParentID: 796) C:\Windows\system32\svchost.exe (ID: 1868 |ParentID: 796) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (ID: 1888 |ParentID: 796) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe (ID: 1776 |ParentID: 796) C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe (ID: 2028 |ParentID: 796) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe (ID: 2008 |ParentID: 796) C:\Program Files (x86)\Launch Manager\dsiwmis.exe (ID: 2160 |ParentID: 796) C:\Windows\system32\dashost.exe (ID: 2180 |ParentID: 288) C:\Program Files\Elantech\ETDService.exe (ID: 2232 |ParentID: 796) C:\Windows\SysWOW64\svchost.exe (ID: 2268 |ParentID: 796) C:\Program Files\Intel\iCLS Client\HeciServer.exe (ID: 2324 |ParentID: 796) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (ID: 2364 |ParentID: 796) C:\Windows\RfBtnSvc64.exe (ID: 2468 |ParentID: 796) C:\Windows\system32\svchost.exe (ID: 2712 |ParentID: 796) C:\Windows\system32\SearchIndexer.exe (ID: 1120 |ParentID: 796) C:\Windows\system32\wbem\unsecapp.exe (ID: 3420 |ParentID: 912) C:\Windows\system32\wbem\wmiprvse.exe (ID: 3452 |ParentID: 912) C:\Windows\system32\svchost.exe (ID: 3596 |ParentID: 796) C:\Windows\system32\wbem\wmiprvse.exe (ID: 3964 |ParentID: 912) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe (ID: 5068 |ParentID: 796) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (ID: 5904 |ParentID: 796) c:\Program Files (x86)\Nero\Update\NASvc.exe (ID: 5936 |ParentID: 796) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (ID: 6008 |ParentID: 796) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (ID: 6048 |ParentID: 796) C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe (ID: 5180 |ParentID: 796) C:\Windows\system32\csrss.exe (ID: 3524 |ParentID: 4244) C:\Windows\System32\WinLogon.exe (ID: 2456 |ParentID: 4244) C:\Windows\System32\dwm.exe (ID: 2140 |ParentID: 2456) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (ID: 1152 |ParentID: 972) C:\Windows\system32\nvvsvc.exe (ID: 3104 |ParentID: 972) C:\Windows\system32\taskhostex.exe (ID: 888 |ParentID: 796) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe (ID: 2524 |ParentID: 796) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe (ID: 1180 |ParentID: 796) C:\Windows\Explorer.EXE (ID: 2304 |ParentID: 3392) C:\Program Files\Elantech\ETDCtrl.exe (ID: 1312 |ParentID: 2232) C:\Program Files (x86)\Launch Manager\LMutilps32.exe (ID: 3492 |ParentID: 2160) C:\Program Files (x86)\Launch Manager\LManager.exe (ID: 4760 |ParentID: 4012) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (ID: 2444 |ParentID: 1152) C:\Program Files\Elantech\ETDCtrlHelper.exe (ID: 5536 |ParentID: 1312) C:\Windows\system32\wbem\unsecapp.exe (ID: 3612 |ParentID: 912) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe (ID: 5000 |ParentID: 4760) C:\Windows\system32\igfxext.exe (ID: 5168 |ParentID: 912) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe (ID: 3640 |ParentID: 2304) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe (ID: 5704 |ParentID: 3640) C:\Windows\System32\igfxtray.exe (ID: 4156 |ParentID: 2304) C:\Windows\System32\hkcmd.exe (ID: 4440 |ParentID: 2304) C:\Windows\System32\igfxpers.exe (ID: 2892 |ParentID: 2304) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (ID: 5672 |ParentID: 2304) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (ID: 760 |ParentID: 2304) C:\Program Files (x86)\RadioController\RfBtnHelper.exe (ID: 1664 |ParentID: 2468) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (ID: 5380 |ParentID: 4748) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (ID: 4584 |ParentID: 4748) C:\Program Files\AVAST Software\Avast\AvastUI.exe (ID: 2836 |ParentID: 4748) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (ID: 4240 |ParentID: 2304) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe (ID: 3824 |ParentID: 796) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe (ID: 5436 |ParentID: 760) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe (ID: 5668 |ParentID: 912) C:\Windows\System32\svchost.exe (ID: 4268 |ParentID: 796) C:\Windows\system32\igfxsrvc.exe (ID: 5212 |ParentID: 912) C:\Windows\system32\wbem\unsecapp.exe (ID: 4668 |ParentID: 912) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe (ID: 3512 |ParentID: 5068) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe (ID: 2260 |ParentID: 796) C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe (ID: 4100 |ParentID: 796) C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe (ID: 5776 |ParentID: 796) C:\Windows\system32\SearchProtocolHost.exe (ID: 5592 |ParentID: 1120) C:\Windows\system32\SearchFilterHost.exe (ID: 5348 |ParentID: 1120) C:\Windows\system32\DllHost.exe (ID: 6092 |ParentID: 912) C:\Windows\System32\WUDFHost.exe (ID: 5364 |ParentID: 288) C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe (ID: 4352 |ParentID: 4240) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe (ID: 2212 |ParentID: 4352) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe (ID: 836 |ParentID: 2212) ################## | Recherche générique | (!) Fichiers temporaires supprimés. ################## | Registre | ################## | Regedit Run | F2 - HKLM\..\Winlogon : [Shell] explorer.exe F2 - [x64] HKLM\..\Winlogon : [Shell] explorer.exe F2 - HKLM\..\Winlogon : [Userinit] userinit.exe, F2 - [x64] HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe, 04 - HKLM\..\Run : [LManager] 04 - HKLM\..\Run : [RadioController] "C:\Program Files (x86)\RadioController\RfBtnHelper.exe" Start_Run 04 - HKLM\..\Run : [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" 04 - HKLM\..\Run : [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe 04 - HKLM\..\Run : [] 04 - HKLM\..\Run : [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" 04 - HKLM\..\Run : [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui 04 - HKLM\..\RunOnce : [] 04 - HKLM\..\Policies\Explorer\run : [BtvStack] "C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe" 04 - [x64] HKLM\..\Run : [IgfxTray] C:\Windows\system32\igfxtray.exe 04 - [x64] HKLM\..\Run : [HotKeysCmds] C:\Windows\system32\hkcmd.exe 04 - [x64] HKLM\..\Run : [Persistence] C:\Windows\system32\igfxpers.exe 04 - [x64] HKLM\..\Run : [ETDCtrl] %ProgramFiles%\Elantech\ETDCtrl.exe 04 - [x64] HKLM\..\Run : [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s 04 - [x64] HKLM\..\Policies\Explorer\run : [BtvStack] "C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe" ################## | Listing | [14/08/2013 - 12:12:10 | SHD] - C:\$Recycle.Bin [29/04/2014 - 18:37:04 | D] - C:\AdwCleaner [02/06/2012 - 16:30:55 | N | 0 Ko] - C:\BOOTNXT [23/01/2013 - 21:56:03 | RASH | 8 Ko] - C:\BOOTSECT.BAK [16/04/2014 - 09:36:35 | D] - C:\Config.Msi [26/07/2012 - 09:22:08 | SHD] - C:\Documents and Settings [14/08/2013 - 11:22:28 | D] - C:\Dolby PCEE4 [29/04/2014 - 13:37:04 | D] - C:\f31defc28263092cbaa0ceaf [30/04/2014 - 14:52:42 | ASH | 4880196 Ko] - C:\hiberfil.sys [14/08/2013 - 10:36:15 | D] - C:\Intel [14/08/2013 - 16:06:14 | D] - C:\OEM [30/04/2014 - 14:52:49 | ASH | 983040 Ko] - C:\pagefile.sys [26/07/2012 - 09:33:46 | D] - C:\PerfLogs [30/04/2014 - 15:05:44 | N | 1 Ko] - C:\PhysicalDisk0_MBR.bin [25/01/2014 - 22:21:14 | D] - C:\Program Files [30/04/2014 - 14:48:27 | D] - C:\Program Files (x86) [30/04/2014 - 16:23:47 | HD] - C:\ProgramData [30/04/2014 - 14:34:29 | D] - C:\RegBackup [14/08/2013 - 20:25:12 | HD] - C:\sources [30/04/2014 - 14:53:16 | ASH | 262144 Ko] - C:\swapfile.sys [30/04/2014 - 14:34:47 | SHD] - C:\System Volume Information [30/04/2014 - 17:16:54 | D] - C:\UsbFix [30/04/2014 - 17:18:51 | A | 10 Ko | A859618B77592BBCF35EC529D76BFC55] - C:\UsbFix [Clean 2] PC.txt [14/08/2013 - 12:10:19 | D] - C:\Users [30/04/2014 - 16:25:25 | D] - C:\Windows [14/08/2013 - 10:44:29 | SHD] - D:\$RECYCLE.BIN [29/09/2013 - 13:26:52 | D] - D:\FFOutput [14/08/2013 - 10:33:13 | SHD] - D:\System Volume Information [20/09/2013 - 17:21:04 | D] - F:\sciences et technologie [20/09/2013 - 17:21:00 | D] - F:\1. cahier journal [20/09/2013 - 17:21:02 | D] - F:\3. contrats [20/09/2013 - 17:19:52 | D] - F:\Français [20/09/2013 - 17:19:40 | D] - F:\coopé [20/09/2013 - 17:19:40 | D] - F:\2. administratif [20/09/2013 - 17:19:10 | D] - F:\affichage&rituels [20/09/2013 - 17:19:46 | D] - F:\Arts visuels [20/09/2013 - 17:20:52 | D] - F:\bibliothèque de classe [15/01/2014 - 21:15:26 | N | 262 Ko] - F:\IMGP7141.jpg [29/01/2014 - 10:07:50 | N | 2691 Ko] - F:\azurjdi.pdf [08/12/2013 - 16:33:12 | D] - F:\anglais [28/09/2013 - 17:11:14 | N | 854 Ko | D42535A8D18BB7F50486E4D9BBCB307E] - F:\installe_7x8m.exe [25/09/2013 - 15:44:32 | D] - F:\geographie [04/12/2013 - 14:06:02 | D] - F:\aide perso [26/01/2014 - 18:47:52 | D] - F:\multiplication_C3.gallery [05/10/2013 - 18:58:26 | D] - F:\autonomie [05/10/2013 - 19:58:22 | D] - F:\s6 utile [17/04/2014 - 19:05:20 | N | 301327 Ko] - F:\bernard et bianca.mp4 [05/11/2013 - 12:04:46 | D] - F:\musique [11/11/2013 - 12:12:32 | D] - F:\classe découverte [29/01/2014 - 10:06:32 | N | 1867 Ko] - F:\azur_et_asmar.pdf [08/02/2014 - 20:12:40 | N | 24 Ko] - F:\division aff 03.pdf [16/02/2014 - 11:52:48 | N | 153807 Ko] - F:\Princes et Princesses FRENCH DVDRiP DiVX by qowe teste DivXo.flv [04/03/2014 - 10:17:38 | D] - F:\EPs [20/09/2013 - 17:20:54 | D] - F:\histoire [20/09/2013 - 17:19:50 | D] - F:\jeux [20/09/2013 - 17:20:24 | D] - F:\maths [22/09/2013 - 15:53:48 | D] - F:\projet ################## | Vaccin | D:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido) F:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido) ################## | E.O.F | http://www.usbfix.net/ - http://www.sosvirus.net |