############################## | UsbFix V 7.161 | [Suppression]

Utilisateur: Rumbolo (Administrateur) # TOZ
Mis à jour le 15/01/2014 par El Desaparecido - Team SosVirus
Lancé à 14:23:29 | 26/01/2014

Site Web : http://www.usbfix.net
Changelog : http://www.usbfix.net/maj/
Support : http://www.sosvirus.net/
Upload Malware : http://www.sosvirus.net/upload_malware.php
Contact : http://www.usbfix.net/contact/

PC: ASUSTeK Computer Inc.         (F5N       )
CPU: AMD Athlon(tm) 64 X2 Dual-Core Processor TK-57
RAM -> [Total : 1919 Mo| Free : 892 Mo]
Bios: American Megatrends Inc.
Boot: Normal boot

OS: Microsoft® Windows Vista™ Édition Familiale Premium  (6.0.6000 32-Bit) 
WB: Windows Internet Explorer : 7.0.6000.16982
WB: Google Chrome : 32.0.1700.76

SC: Security Center Service [Enabled]
WU: Windows Update Service [Enabled]
AS: Windows Defender : 1.1.1505.0
FW: Windows FireWall Service [Enabled]

C:\ (%systemdrive%) -> Disque fixe # 116 Go (24 Go libre(s) - 20%) [VistaOS] # NTFS
D:\ -> Disque fixe # 109 Go (108 Go libre(s) - 100%) [DATA] # NTFS
E:\ -> CD-ROM
F:\ -> Disque amovible # 8 Go (4 Go libre(s) - 54%) [CLÉ FRANCK] # FAT32
H:\ -> CD-ROM
I:\ -> Disque amovible # 2 Go (285 Mo libre(s) - 15%) [TEL FRANCK] # FAT
K:\ -> Disque fixe # 298 Go (19 Go libre(s) - 6%) [Transcend] # FAT32

################## | Processus Stoppés |

Stoppé! C:\Program Files\AVAST Software\Avast\AvastSvc.exe (ID: 1676 |ParentID: 716)
Stoppé! C:\Windows\Explorer.EXE (ID: 1752 |ParentID: 796)
Stoppé! C:\Program Files\AVAST Software\Avast\AvastUI.exe (ID: 3688 |ParentID: 1752)
Stoppé! C:\Windows\Explorer.EXE (ID: 10188 |ParentID: 5912)
Stoppé! C:\Program Files\AVAST Software\Avast\AvastUI.exe (ID: 10776 |ParentID: 10188)
Stoppé! C:\Windows\system32\WUDFHost.exe (ID: 38448 |ParentID: 1132)
Stoppé! C:\Windows\system32\SearchIndexer.exe (ID: 38432 |ParentID: 716)
Stoppé! C:\Windows\system32\taskeng.exe (ID: 37900 |ParentID: 1176)
Stoppé! C:\Windows\System32\spoolsv.exe (ID: 40704 |ParentID: 716)
Stoppé! C:\Windows\system32\taskeng.exe (ID: 39320 |ParentID: 1176)
Stoppé! C:\Windows\system32\SLsvc.exe (ID: 31496 |ParentID: 716)
Stoppé! C:\Program Files\Google\Chrome\Application\chrome.exe (ID: 8800 |ParentID: 1752)
Stoppé! C:\Program Files\Google\Chrome\Application\chrome.exe (ID: 9884 |ParentID: 8800)
Stoppé! C:\Program Files\Google\Chrome\Application\chrome.exe (ID: 9712 |ParentID: 8800)
Stoppé! C:\Program Files\Google\Chrome\Application\chrome.exe (ID: 9940 |ParentID: 8800)
Stoppé! C:\Program Files\Google\Chrome\Application\chrome.exe (ID: 8280 |ParentID: 8800)
Stoppé! C:\Program Files\Google\Chrome\Application\chrome.exe (ID: 10184 |ParentID: 8800)
Stoppé! C:\Program Files\Google\Chrome\Application\chrome.exe (ID: 16608 |ParentID: 8800)
Stoppé! C:\Program Files\Google\Chrome\Application\chrome.exe (ID: 35152 |ParentID: 8800)
Stoppé! C:\Windows\System32\mobsync.exe (ID: 11944 |ParentID: 888)
Stoppé! C:\Program Files\Windows Media Player\wmplayer.exe (ID: 36464 |ParentID: 11944)
Stoppé! \\?\C:\Windows\system32\wbem\WMIADAP.EXE (ID: 40296 |ParentID: 1176)
Stoppé! C:\Windows\System32\mobsync.exe (ID: 37968 |ParentID: 888)

################## | Regedit Run |

04 - HKLM\..\Run : [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
04 - HKLM\..\Run : [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
04 - HKLM\..\Run : [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
04 - HKLM\..\Run : [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
04 - HKLM\..\Run : [RtHDVCpl] RtHDVCpl.exe
04 - HKLM\..\Run : [Skytel] Skytel.exe
04 - HKLM\..\Run : [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
04 - HKLM\..\Run : [ASUSTPE] C:\Windows\system32\ASUSTPE.exe
04 - HKLM\..\Run : [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
04 - HKLM\..\Run : [ASUS Camera ScreenSaver] C:\Windows\ASScrProlog.exe
04 - HKLM\..\Run : [ASUS Screen Saver Protector] C:\Windows\ASScrPro.exe
04 - HKLM\..\Run : [PowerForPhone] C:\Program Files\PowerForPhone\PowerForPhone.exe
04 - HKLM\..\Run : [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
04 - HKLM\..\Run : [ooquickpdfv7] "C:\Windows\system32\oopmagentts.exe"
04 - HKLM\..\Run : [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
04 - HKLM\..\Run : [ORAHSSSessionManager] "C:\Program Files\Orange\Connexion Internet Orange\SessionManager\SessionManager.exe"
04 - HKLM\..\Run : [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
04 - HKLM\..\Run : [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
04 - HKLM\..\Run : [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
04 - HKLM\..\Run : [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
04 - HKLM\..\RunOnce : [] 
04 - HKU\S-1-5-19\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem
04 - HKU\S-1-5-19\..\Run : [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
04 - HKU\S-1-5-20\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem
04 - HKU\S-1-5-20\..\Run : [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
04 - HKU\S-1-5-21-570459300-3284928542-1834872935-1000\..\Run : [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
04 - HKU\S-1-5-21-570459300-3284928542-1834872935-1000\..\Run : [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
04 - HKU\S-1-5-21-570459300-3284928542-1834872935-1000\..\Run : [ehTray.exe] C:\Windows\ehome\ehTray.exe
04 - HKU\S-1-5-21-570459300-3284928542-1834872935-1000\..\Run : [MailNotifier] C:\Program Files\Orange\MailNotifier\MailNotifier.exe
04 - HKU\S-1-5-21-570459300-3284928542-1834872935-1001\..\Run : [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
04 - HKU\S-1-5-21-570459300-3284928542-1834872935-1001\..\Run : [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
04 - HKU\S-1-5-21-570459300-3284928542-1834872935-1001\..\Run : [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden

################## | Recherche générique |

Supprimé! K:\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx
Supprimé! K:\Recycler\S-5-3-42-2819952290-8240758988-879315005-3665

(!) Fichiers temporaires supprimés.

################## | Registre |

Réparé ! HKLM\Software\Microsoft\Security Center|UacDisableNotify -> 0
Supprimé! HKU\S-1-5-21-570459300-3284928542-1834872935-1000\Software\.\.\.\.\Mountpoints2\{29d20875-0112-11df-b4e5-001fc6452808}
Supprimé! HKU\S-1-5-21-570459300-3284928542-1834872935-1000\Software\.\.\.\.\Mountpoints2\{56589c1f-1613-11dd-876e-001fc6452808}
Supprimé! HKU\S-1-5-21-570459300-3284928542-1834872935-1000\Software\.\.\.\.\Mountpoints2\{8684ebce-f6a9-11dc-ac92-806e6f6e6963}
Supprimé! HKU\S-1-5-21-570459300-3284928542-1834872935-1000\Software\.\.\.\.\Mountpoints2\{8e150a41-275c-11dd-b549-001fc6452808}
Supprimé! HKU\S-1-5-21-570459300-3284928542-1834872935-1000\Software\.\.\.\.\Mountpoints2\{967cce88-094b-11dd-89ef-001fc6452808}
Supprimé! HKU\S-1-5-21-570459300-3284928542-1834872935-1000\Software\.\.\.\.\Mountpoints2\{b23e803c-25ca-11dd-8dbd-001fc6452808}
Supprimé! HKU\S-1-5-21-570459300-3284928542-1834872935-1000\Software\.\.\.\.\Mountpoints2\{d51f7b75-51ec-11dd-88c6-001fc6452808}
Supprimé! HKU\S-1-5-21-570459300-3284928542-1834872935-1000\Software\.\.\.\.\Mountpoints2\{e1c8c155-dd07-11e2-8fac-001fc6452808}

################## | Listing |

[06/03/2011 - 12:18:47 | SHD] - C:\$RECYCLE.BIN
[18/09/2006 - 22:43:36 | A | 0 Ko] - C:\autoexec.bat
[18/04/2007 - 10:26:26 | SHD] - C:\Boot
[02/11/2006 - 10:53:57 | RASH | 429 Ko] - C:\bootmgr
[18/04/2007 - 10:26:27 | N | 8 Ko] - C:\BOOTSECT.BAK
[04/04/2007 - 05:01:54 | N | 0 Ko | 78E5AC1AA5D0A50BB4B6B7354F923068] - C:\CA13.txt
[18/01/2014 - 00:01:44 | D] - C:\Config.Msi
[18/09/2006 - 22:43:37 | N | 0 Ko] - C:\config.sys
[14/04/2008 - 18:56:14 | N | 280 Ko | 4C766D42025A171216AE0918A8E27C41] - C:\Debug.txt
[20/03/2008 - 22:16:27 | N | 19 Ko | F4C05578D97FC788BC5BAF97C8043EBB] - C:\devlist.txt
[02/11/2006 - 14:02:03 | SHD] - C:\Documents and Settings
[29/12/2012 - 16:42:14 | N | 0 Ko] - C:\end
[21/08/2007 - 02:58:49 | N | 512 Ko] - C:\F5N.ROM
[25/10/2007 - 02:09:13 | N | 0 Ko] - C:\F5N_Vista.20
[20/03/2008 - 22:16:26 | N | 0 Ko] - C:\Finish.log
[07/07/2009 - 21:48:12 | D] - C:\found.000
[25/01/2014 - 14:23:55 | ASH | 1965336 Ko] - C:\hiberfil.sys
[14/05/2008 - 20:49:44 | N | 0 Ko] - C:\IO.SYS
[14/05/2008 - 20:49:44 | N | 0 Ko] - C:\MSDOS.SYS
[20/03/2008 - 19:25:57 | RHD] - C:\MSOCache
[07/08/2007 - 22:43:02 | N | 0 Ko] - C:\NERO.LOG
[17/05/2007 - 04:35:24 | N | 0 Ko | 440F3C847C02B75A30FE643F5A9E823D] - C:\NIS2007_A.TXT
[16/03/2007 - 00:18:45 | N | 0 Ko | 9F9F657D665A4FDD8ADF0DAC16C4DF21] - C:\OFFICE2007_A.TXT
[25/01/2014 - 14:46:38 | ASH | 2271904 Ko] - C:\pagefile.sys
[20/03/2008 - 09:10:28 | N | 0 Ko | 3C3B2C81008771BA6B641FE1B074AF72] - C:\Pass.txt
[22/01/2008 - 01:22:18 | N | 1 Ko] - C:\Patch.LOG
[25/01/2014 - 18:20:08 | N | 1 Ko] - C:\PhysicalDisk0_MBR.bin
[25/01/2014 - 18:14:11 | D] - C:\Program Files
[15/12/2013 - 13:03:33 | HD] - C:\ProgramData
[23/05/2007 - 23:43:40 | N | 0 Ko | D418C03D6DB31B77DD48BF2A8DA9737A] - C:\READER_A.TXT
[06/04/2007 - 12:38:05 | N | 0 Ko] - C:\RECOVERY.DAT
[20/03/2008 - 21:48:56 | N | 0 Ko] - C:\RHDSetup.log
[29/12/2012 - 16:42:34 | N | 0 Ko | C75F6E963E28313C59945CD686923E9D] - C:\SetSearchAndHomepageInBrowserLog.txt
[04/01/2009 - 19:26:49 | N | 0 Ko] - C:\Setup.log
[25/08/2012 - 18:33:55 | D] - C:\SIERRA
[26/03/2013 - 11:33:46 | D] - C:\SPDISK
[16/05/2006 - 01:22:24 | N | 0 Ko] - C:\store.log
[20/03/2008 - 20:00:40 | N | 0 Ko | E407677A3AF307821884DD7DF43C1257] - C:\SumHidd.txt
[20/03/2008 - 19:59:46 | N | 0 Ko | 84BC5BEC99EBDCA0EE9C2B00C595B71D] - C:\SumOS.txt
[25/01/2014 - 20:02:11 | SHD] - C:\System Volume Information
[26/01/2014 - 14:23:31 | D] - C:\UsbFix
[26/01/2014 - 14:25:28 | A | 10 Ko | DE8CE25B7FEB058E1832C4461F4021C1] - C:\UsbFix [Clean 1] TOZ.txt
[26/01/2014 - 12:23:56 | N | 12 Ko | 3CC7A9CE8BF56061A9479BFC0245C874] - C:\UsbFix [Scan 1] TOZ.txt
[06/03/2011 - 12:16:56 | D] - C:\Users
[06/12/2007 - 21:22:16 | N | 0 Ko | 8AE1554BEEE1A12B87B1BC2EEDD6B99C] - C:\V54.TXT
[10/01/2014 - 18:22:42 | D] - C:\Windows
[06/03/2011 - 12:18:47 | SHD] - D:\$RECYCLE.BIN
[20/03/2008 - 19:19:05 | SHD] - D:\System Volume Information
[11/01/2012 - 09:14:52 | D] - F:\cv +lettre
[09/06/2012 - 23:06:54 | D] - F:\saut à l'élastique 8-6-2012
[30/06/2012 - 14:00:30 | D] - F:\Photo seb
[10/08/2013 - 09:34:34 | N | 15 Ko] - F:\état des lieux apart.odt
[23/12/2012 - 17:19:06 | D] - F:\music
[25/02/2012 - 14:10:40 | D] - F:\photo jeanie
[14/09/2011 - 09:03:24 | N | 0 Ko | C90FE12968CD386D430A34DA398972AB] - I:\CDAInfo.txt
[14/09/2011 - 09:03:24 | N | 0 Ko] - I:\MEMSTICK.IND
[14/09/2011 - 09:03:24 | N | 0 Ko] - I:\MSTK_PRO.IND
[13/05/2012 - 19:14:42 | D] - I:\LOST.DIR
[23/04/2013 - 13:00:08 | D] - I:\bluetooth
[01/06/2013 - 17:31:52 | D] - I:\Android
[26/01/2014 - 14:23:14 | N | 7 Ko] - I:\default-capability.xml
[26/01/2014 - 14:23:14 | N | 0 Ko] - I:\customized-capability.xml
[14/09/2011 - 09:09:16 | D] - I:\PCCompanion
[14/06/2013 - 18:36:16 | D] - I:\download
[18/08/2012 - 21:42:08 | D] - I:\funzio
[14/09/2011 - 09:09:30 | D] - I:\TryAndBuy
[17/09/2011 - 02:32:06 | N | 0 Ko | D4AA908F2AF91ECA90DD3E2D4AF5859D] - I:\Traceability.txt
[17/09/2011 - 02:32:06 | N | 0 Ko | B3A509B0043B62AA84FC88A0A4D87529] - I:\MemStickInfo.txt
[10/11/2012 - 18:42:34 | D] - I:\svox
[15/12/2013 - 21:43:46 | D] - I:\.android_secure
[06/01/1980 - 00:03:02 | D] - I:\Evernote
[18/08/2012 - 21:14:36 | N | 6 Ko] - I:\angryseasonsbackup.lua
[25/01/2014 - 09:48:26 | D] - I:\dictaphone
[19/08/2012 - 12:20:18 | D] - I:\.mmsyscache