############################## | UsbFix V 7.167 | [Suppression]

Utilisateur: xxxxxx (Administrateur) # xxxxxx-PC
Mis à jour le 13/03/2014 par El Desaparecido - Team SosVirus
Lancé à 19:06:01 | 23/03/2014

Site Web : http://www.usbfix.net/
Changelog : http://www.usbfix.net/maj/
Support : http://www.sosvirus.net/forum-virus-securite.html
Upload Malware : http://www.sosvirus.net/upload_malware.php
Contact : http://www.usbfix.net/contact/

PC: ASRock (970 Extreme3)
CPU: AMD FX(tm)-6300 Six-Core Processor             
RAM -> [Total : 8150 Mo| Free : 4911 Mo]
Bios: American Megatrends Inc.
Boot: Normal boot

OS: Microsoft Windows 7 Édition Familiale Premium  (6.1.7601 64-Bit) Service Pack 1
WB: Windows Internet Explorer : 11.0.9600.16521
WB: Google Chrome : 33.0.1750.154

SC: Security Center [Enabled]
WU: Windows Update [Enabled]
AV: avast! Antivirus [Enabled | Updated]
AS: Windows Defendaer [Enabled | Updated]
AS: avast! Antivirus [Enabled | Updated]
FW: Windows FireWall [(!) Disabled]

C:\ (%systemdrive%) -> Disque fixe # 119 Go (27 Go libre(s) - 23%) [] # NTFS
D:\ -> CD-ROM
E:\ -> Disque fixe # 932 Go (381 Go libre(s) - 41%) [Disque n°2] # NTFS
G:\ -> CD-ROM
H:\ -> CD-ROM
I:\ -> Disque fixe # 4 Go (0 Mo libre(s) - 0%) [USB DISK] # FAT32

################## | Processus Actif |

C:\Windows\system32\csrss.exe (ID: 536 |ParentID: 476)
C:\Windows\system32\wininit.exe (ID: 624 |ParentID: 476)
C:\Windows\system32\csrss.exe (ID: 632 |ParentID: 616)
C:\Windows\system32\services.exe (ID: 672 |ParentID: 624)
C:\Windows\system32\lsass.exe (ID: 696 |ParentID: 624)
C:\Windows\system32\lsm.exe (ID: 704 |ParentID: 624)
C:\Windows\system32\winlogon.exe (ID: 756 |ParentID: 616)
C:\Windows\system32\svchost.exe (ID: 856 |ParentID: 672)
C:\Windows\system32\svchost.exe (ID: 948 |ParentID: 672)
C:\Windows\system32\atiesrxx.exe (ID: 1012 |ParentID: 672)
C:\Windows\System32\svchost.exe (ID: 284 |ParentID: 672)
C:\Windows\System32\svchost.exe (ID: 316 |ParentID: 672)
C:\Windows\system32\svchost.exe (ID: 432 |ParentID: 672)
C:\Windows\system32\svchost.exe (ID: 464 |ParentID: 672)
C:\Windows\system32\atieclxx.exe (ID: 1172 |ParentID: 1012)
C:\Windows\system32\svchost.exe (ID: 1208 |ParentID: 672)
C:\Program Files\AVAST Software\Avast\AvastSvc.exe (ID: 1388 |ParentID: 672)
C:\Windows\system32\Dwm.exe (ID: 1464 |ParentID: 316)
C:\Windows\Explorer.EXE (ID: 1488 |ParentID: 1456)
C:\Windows\System32\spoolsv.exe (ID: 1704 |ParentID: 672)
C:\Windows\system32\taskhost.exe (ID: 1724 |ParentID: 672)
C:\Windows\system32\svchost.exe (ID: 1796 |ParentID: 672)
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (ID: 1832 |ParentID: 1488)
C:\Program Files (x86)\Steam\Steam.exe (ID: 1856 |ParentID: 1488)
E:\TomTom HOME 2\TomTomHOMERunner.exe (ID: 1888 |ParentID: 1488)
C:\Program Files (x86)\Hercules\WiFi Station pour Livebox\WiFiLB.exe (ID: 1928 |ParentID: 1488)
C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (ID: 476 |ParentID: 672)
C:\Program Files\AVAST Software\Avast\AvastUI.exe (ID: 2092 |ParentID: 1912)
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (ID: 2136 |ParentID: 1660)
C:\Windows\SysWOW64\PnkBstrA.exe (ID: 2292 |ParentID: 672)
C:\Windows\SysWOW64\PnkBstrB.exe (ID: 2336 |ParentID: 672)
c:\postgreSQL\bin\pg_ctl.exe (ID: 2492 |ParentID: 672)
C:\Windows\system32\svchost.exe (ID: 2568 |ParentID: 672)
E:\TomTom HOME 2\TomTomHOMEService.exe (ID: 2596 |ParentID: 672)
C:\Program Files (x86)\Mega Browse\updateMegaBrowse.exe (ID: 2632 |ParentID: 672)
c:\postgreSQL\bin\postgres.exe (ID: 2664 |ParentID: 2492)
C:\Windows\system32\conhost.exe (ID: 2672 |ParentID: 536)
c:\postgreSQL\bin\postgres.exe (ID: 2784 |ParentID: 2664)
c:\postgreSQL\bin\postgres.exe (ID: 2792 |ParentID: 2664)
c:\postgreSQL\bin\postgres.exe (ID: 2800 |ParentID: 2664)
c:\postgreSQL\bin\postgres.exe (ID: 2808 |ParentID: 2664)
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (ID: 932 |ParentID: 2136)
C:\Program Files (x86)\Mega Browse\bin\utilMegaBrowse.exe (ID: 1912 |ParentID: 672)
C:\Windows\system32\SearchIndexer.exe (ID: 3216 |ParentID: 672)
C:\Windows\system32\svchost.exe (ID: 3644 |ParentID: 672)
C:\Windows\system32\WUDFHost.exe (ID: 3684 |ParentID: 316)
C:\Windows\system32\svchost.exe (ID: 4012 |ParentID: 672)
C:\Windows\system32\wbem\wmiprvse.exe (ID: 2148 |ParentID: 856)
C:\Program Files (x86)\Common Files\Steam\SteamService.exe (ID: 2512 |ParentID: 672)
C:\Program Files (x86)\Mega Browse\bin\XTLSApp.exe (ID: 4500 |ParentID: 1912)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 5084 |ParentID: 1488)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 4100 |ParentID: 5084)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 4248 |ParentID: 5084)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 2432 |ParentID: 5084)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 3904 |ParentID: 5084)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 4608 |ParentID: 5084)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 4412 |ParentID: 5084)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 5056 |ParentID: 5084)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 4748 |ParentID: 5084)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 5304 |ParentID: 5084)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 5368 |ParentID: 5084)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 5444 |ParentID: 5084)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 5508 |ParentID: 5084)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 5608 |ParentID: 5084)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 5736 |ParentID: 5084)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 5812 |ParentID: 5084)
C:\Windows\System32\svchost.exe (ID: 3440 |ParentID: 672)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 1104 |ParentID: 5084)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 2084 |ParentID: 5084)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 1896 |ParentID: 5084)
C:\Windows\system32\msiexec.exe (ID: 4832 |ParentID: 672)
C:\Windows\system32\vssvc.exe (ID: 2696 |ParentID: 672)
C:\Windows\System32\svchost.exe (ID: 2272 |ParentID: 672)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 4840 |ParentID: 5084)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 2360 |ParentID: 5084)
C:\Program Files\AVAST Software\Avast\setup\instup.exe (ID: 2012 |ParentID: 1388)
C:\Windows\system32\SearchProtocolHost.exe (ID: 6140 |ParentID: 3216)
C:\Windows\system32\SearchFilterHost.exe (ID: 3788 |ParentID: 3216)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 4364 |ParentID: 5084)

################## | Regedit Run |

F2 - HKLM\..\Winlogon : [Shell] explorer.exe
F2 - [64bit] HKLM\..\Winlogon : [Shell] explorer.exe
F2 - HKLM\..\Winlogon : [Userinit] userinit.exe
F2 - [64bit] HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe,
04 - HKCU\..\Run : [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
04 - HKCU\..\Run : [DAEMON Tools Lite] "E:\Users\Laly&Soren\Documents\DAEMON Tools Lite\DTLite.exe" -autorun
04 - HKCU\..\Run : [TomTomHOME.exe] "E:\TomTom HOME 2\TomTomHOMERunner.exe"
04 - HKLM\..\Run : [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
04 - HKLM\..\Run : [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
04 - HKLM\..\Run : [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
04 - HKLM\..\RunOnce : [] 
04 - [64bit] HKLM\..\Run : [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
04 - HKU\S-1-5-19\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-20\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-21-2853260608-3024498857-3968875438-1000\..\Run : [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
04 - HKU\S-1-5-21-2853260608-3024498857-3968875438-1000\..\Run : [DAEMON Tools Lite] "E:\Users\Laly&Soren\Documents\DAEMON Tools Lite\DTLite.exe" -autorun
04 - HKU\S-1-5-21-2853260608-3024498857-3968875438-1000\..\Run : [TomTomHOME.exe] "E:\TomTom HOME 2\TomTomHOMERunner.exe"
04 - HKU\S-1-5-21-2853260608-3024498857-3968875438-1004\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-19\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-20\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-21-2853260608-3024498857-3968875438-1004\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe

################## | Recherche générique |


(!) Fichiers temporaires supprimés.

################## | Registre |

Supprimé! HKU\S-1-5-21-2853260608-3024498857-3968875438-1000\Software\.\.\.\.\Mountpoints2\H
Supprimé! HKU\S-1-5-21-2853260608-3024498857-3968875438-1000\Software\.\.\.\.\Mountpoints2\{4e821dd1-909f-11e3-9fd0-bc5ff478b515}
Supprimé! HKU\S-1-5-21-2853260608-3024498857-3968875438-1000\Software\.\.\.\.\Mountpoints2\{c1dc4145-6408-11e3-accd-bc5ff478b515}

################## | Listing |

[13/12/2013 - 16:06:03 | SHD] - C:\$Recycle.Bin
[11/12/2013 - 19:00:06 | D] - C:\AMD
[14/07/2009 - 06:08:56 | SHD] - C:\Documents and Settings
[05/03/2014 - 20:20:16 | D] - C:\EuroPoker
[23/03/2014 - 17:50:16 | ASH | 6258924 Ko] - C:\hiberfil.sys
[04/02/2014 - 22:39:08 | D] - C:\HM2Archive
[27/02/2014 - 20:54:23 | N | 41 Ko | 25040D561827ACBA1823BFE398AA63AD] - C:\OngameGrab.txt
[23/03/2014 - 17:50:24 | ASH | 8345236 Ko] - C:\pagefile.sys
[14/07/2009 - 04:20:08 | D] - C:\PerfLogs
[21/03/2014 - 23:53:02 | N | 1 Ko] - C:\PhysicalDisk0_MBR.bin
[02/02/2014 - 23:31:12 | D] - C:\postgreSQL
[14/03/2014 - 21:52:03 | D] - C:\Program Files
[21/03/2014 - 23:22:09 | D] - C:\Program Files (x86)
[14/03/2014 - 21:51:42 | HD] - C:\ProgramData
[11/12/2013 - 18:49:12 | SHD] - C:\Recovery
[23/03/2014 - 19:03:04 | SHD] - C:\System Volume Information
[23/03/2014 - 19:05:55 | D] - C:\UsbFix
[23/03/2014 - 19:07:52 | A | 10 Ko | 560D207EDE6B1BEC552E8B4FD4ED3A6B] - C:\UsbFix [Clean 2] xxxxxx-PC.txt
[02/02/2014 - 23:30:59 | D] - C:\Users
[15/03/2014 - 21:43:25 | D] - C:\Windows
[11/12/2013 - 20:30:54 | SHD] - E:\$Recycle.Bin
[29/10/2013 - 15:03:46 | D] - E:\2013
[22/11/2013 - 19:24:11 | D] - E:\AMD
[22/11/2013 - 18:59:26 | SHD] - E:\Boot
[21/11/2010 - 04:23:51 | RASH | 375 Ko] - E:\bootmgr
[22/11/2013 - 18:59:28 | RASH | 8 Ko] - E:\BOOTSECT.BAK
[09/03/2014 - 23:39:43 | D] - E:\Cheat Engine 6.1
[02/03/2014 - 12:50:03 | D] - E:\Config.Msi
[18/12/2013 - 07:34:10 | D] - E:\dea5d3d37d416408bef805c70466c3
[14/07/2009 - 06:08:56 | SHD] - E:\Documents and Settings
[05/02/2014 - 20:53:58 | D] - E:\europoker
[10/12/2013 - 09:08:43 | ASH | 6258924 Ko] - E:\hiberfil.sys
[05/02/2014 - 20:20:38 | D] - E:\Holdem Manager
[29/01/2014 - 14:21:40 | D] - E:\laly 2013
[29/08/2013 - 20:55:58 | D] - E:\livre foto
[19/10/2013 - 14:46:00 | D] - E:\mariage
[01/12/2006 - 22:37:14 | N | 884 Ko | 800B746FDC4D80469AFC7E5E9B510C9C] - E:\msdia80.dll
[11/10/2012 - 23:15:56 | D] - E:\msdownld.tmp
[29/01/2014 - 14:23:27 | D] - E:\noel 2013
[10/12/2013 - 09:09:08 | N | 8345236 Ko] - E:\pagefile.sys
[14/07/2009 - 04:20:08 | D] - E:\PerfLogs
[02/12/2013 - 23:47:58 | D] - E:\Program Files
[10/12/2013 - 09:38:30 | D] - E:\Program Files (x86)
[10/12/2013 - 09:38:30 | HD] - E:\ProgramData
[22/11/2013 - 19:09:41 | SHD] - E:\Recovery
[30/05/2013 - 09:18:44 | D] - E:\sauvegarde
[17/03/2014 - 14:47:52 | D] - E:\Soren
[10/12/2013 - 09:39:00 | SHD] - E:\System Volume Information
[02/03/2014 - 12:50:01 | D] - E:\TomTom HOME 2
[23/11/2013 - 15:43:22 | D] - E:\truc a instaler
[22/11/2013 - 19:09:49 | D] - E:\Users
[10/12/2013 - 09:39:50 | D] - E:\Windows
[21/03/2014 - 23:51:51 | D] - E:\ZHPDiag
[16/04/2013 - 07:17:08 | D] - I:\Photos Rose
[14/04/2013 - 10:25:10 | D] - I:\Photos Christelle
[16/12/2011 - 11:12:40 | D] - I:\Recycled
[14/04/2013 - 10:25:38 | D] - I:\Photos anniversaires Mars 2013
[14/04/2013 - 10:17:12 | D] - I:\Photos Elliott
[08/04/2013 - 12:33:10 | D] - I:\Photos Eva
[11/04/2013 - 12:10:20 | D] - I:\Photos Julian
[05/04/2013 - 20:44:40 | D] - I:\Photos Nicolas
[19/04/2013 - 04:25:22 | N | 2091492 Ko] - I:\03 gp 2013 Chine Course .avi
[02/03/2014 - 21:41:36 | D] - I:\PAMELA
[02/03/2014 - 21:41:36 | SHD] - I:\System Volume Information
[13/07/2011 - 20:45:40 | SHD] - I:\$RECYCLE.BIN

################## | Vaccin |

E:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
I:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)

################## | E.O.F | http://www.usbfix.net/ - http://www.sosvirus.net |