############################## | UsbFix V 7.169 | [Suppression] Utilisateur: Parents (Administrateur) # LUCAS-HPDV7 Mis à jour le 08/05/2014 par El Desaparecido - Team SosVirus Lancé à 22:38:40 | 10/05/2014 Site Web : http://www.usbfix.net/ Changelog : http://www.usbfix.net/maj/ Support : http://www.sosvirus.net/forum-virus-securite.html Upload Malware : http://www.sosvirus.net/upload_malware.php Contact : http://www.usbfix.net/contact/ PC: Hewlett-Packard (149D) CPU: AMD Athlon(tm) II P320 Dual-Core Processor RAM -> [Total : 3835 Mo| Free : 2771 Mo] Bios: Hewlett-Packard Boot: Normal boot OS: Microsoft Windows 7 Édition Familiale Premium (6.1.7601 64-Bit) Service Pack 1 WB: Windows Internet Explorer : 11.0.9600.17105 WB: Mozilla Firefox : 29.0.1 SC: Security Center [Enabled] WU: Windows Update [Enabled] AV: avast! Antivirus [(!) Disabled | Updated] AS: Windows Defender [Enabled | Updated] AS: avast! Antivirus [(!) Disabled | Updated] FW: avast! Antivirus [(!) Disabled] FW: Windows FireWall [(!) Disabled] C:\ (%systemdrive%) -> Disque fixe # 466 Go (355 Go libre(s) - 76%) [] # NTFS D:\ -> CD-ROM F:\ -> Disque amovible # 4 Go (3 Go libre(s) - 89%) [USB DISK] # FAT32 G:\ -> Disque amovible # 4 Go (4 Go libre(s) - 98%) [USB DISK] # FAT32 ################## | Processus Actif | C:\Windows\system32\csrss.exe (ID: 408 |ParentID: 400) C:\Windows\system32\wininit.exe (ID: 480 |ParentID: 400) C:\Windows\system32\csrss.exe (ID: 516 |ParentID: 492) C:\Windows\system32\services.exe (ID: 548 |ParentID: 480) C:\Windows\system32\lsass.exe (ID: 564 |ParentID: 480) C:\Windows\system32\lsm.exe (ID: 572 |ParentID: 480) C:\Windows\system32\svchost.exe (ID: 680 |ParentID: 548) C:\Windows\system32\winlogon.exe (ID: 744 |ParentID: 492) C:\Windows\system32\svchost.exe (ID: 816 |ParentID: 548) C:\Windows\system32\atiesrxx.exe (ID: 864 |ParentID: 548) C:\Windows\System32\svchost.exe (ID: 916 |ParentID: 548) C:\Windows\System32\svchost.exe (ID: 948 |ParentID: 548) C:\Windows\system32\svchost.exe (ID: 976 |ParentID: 548) C:\Windows\system32\svchost.exe (ID: 1000 |ParentID: 548) C:\Windows\system32\Hpservice.exe (ID: 1036 |ParentID: 548) C:\Windows\system32\svchost.exe (ID: 1112 |ParentID: 548) C:\Windows\system32\atieclxx.exe (ID: 1276 |ParentID: 864) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (ID: 1360 |ParentID: 548) C:\Windows\system32\WLANExt.exe (ID: 1368 |ParentID: 948) C:\Windows\system32\conhost.exe (ID: 1376 |ParentID: 408) C:\Windows\System32\spoolsv.exe (ID: 1552 |ParentID: 548) C:\Windows\system32\svchost.exe (ID: 1580 |ParentID: 548) C:\Program Files\AVAST Software\Avast\afwServ.exe (ID: 1612 |ParentID: 548) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (ID: 1728 |ParentID: 548) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (ID: 1824 |ParentID: 548) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe (ID: 1924 |ParentID: 548) C:\Windows\system32\svchost.exe (ID: 1972 |ParentID: 548) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (ID: 392 |ParentID: 548) C:\Windows\system32\wbem\wmiprvse.exe (ID: 1664 |ParentID: 680) C:\Windows\system32\svchost.exe (ID: 2080 |ParentID: 548) C:\Windows\system32\taskhost.exe (ID: 2228 |ParentID: 548) C:\Windows\system32\Dwm.exe (ID: 2336 |ParentID: 948) C:\Windows\system32\svchost.exe (ID: 2468 |ParentID: 548) C:\Windows\system32\taskeng.exe (ID: 2496 |ParentID: 1000) C:\Windows\Explorer.EXE (ID: 2504 |ParentID: 2268) C:\Windows\System32\WUDFHost.exe (ID: 2512 |ParentID: 948) C:\Windows\system32\runonce.exe (ID: 2780 |ParentID: 2504) C:\Windows\SysWOW64\runonce.exe (ID: 2804 |ParentID: 2780) C:\Windows\System32\rundll32.exe (ID: 2844 |ParentID: 680) C:\Windows\system32\svchost.exe (ID: 2612 |ParentID: 548) ################## | Recherche générique | (!) Fichiers temporaires supprimés. ################## | Registre | ################## | Regedit Run | F2 - HKLM\..\Winlogon : [Shell] explorer.exe F2 - [x64] HKLM\..\Winlogon : [Shell] explorer.exe F2 - HKLM\..\Winlogon : [Userinit] userinit.exe, F2 - [x64] HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe, 04 - HKLM\..\Run : [Aeria Ignite] "C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe" silent 04 - HKLM\..\Run : [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start 04 - HKLM\..\Run : [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" 04 - HKLM\..\Run : [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui 04 - [x64] HKLM\..\Run : [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe /hidden 04 - [x64] HKLM\..\Run : [IntelliPoint] "c:\Program Files\Microsoft IntelliPoint\ipoint.exe" 04 - [x64] HKLM\..\Run : [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe 04 - HKU\S-1-5-19\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun 04 - HKU\S-1-5-20\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun 04 - HKU\S-1-5-19\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe 04 - HKU\S-1-5-20\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe ################## | Listing | [21/03/2013 - 21:06:48 | SHD] - C:\$Recycle.Bin [27/02/2014 - 18:39:02 | D] - C:\55d17a5a321713f3095c2dadde07 [08/05/2014 - 16:35:07 | D] - C:\AdwCleaner [12/01/2014 - 20:44:10 | D] - C:\AeriaGames [04/01/2013 - 19:47:00 | D] - C:\AssassinCraft [29/04/2008 - 21:43:36 | A | 0 Ko] - C:\autoexec.bat [21/03/2013 - 21:04:31 | D] - C:\BrickForce [29/04/2008 - 21:43:36 | N | 0 Ko] - C:\config.sys [14/07/2009 - 07:08:56 | SHD] - C:\Documents and Settings [10/04/2014 - 21:17:47 | D] - C:\fd31b1bcdaadf6270c8608e7474d [20/01/2013 - 11:26:48 | D] - C:\Fraps [10/05/2014 - 22:37:43 | ASH | 2945200 Ko] - C:\hiberfil.sys [20/04/2014 - 17:33:31 | D] - C:\history [10/05/2014 - 22:37:47 | ASH | 3926936 Ko] - C:\pagefile.sys [14/07/2009 - 05:20:08 | D] - C:\PerfLogs [08/05/2014 - 23:35:32 | N | 1 Ko] - C:\PhysicalDisk0_MBR.bin [20/04/2014 - 17:26:05 | D] - C:\Program Files [10/05/2014 - 14:30:02 | D] - C:\Program Files (x86) [08/05/2014 - 19:44:05 | HD] - C:\ProgramData [09/06/2012 - 22:41:38 | SHD] - C:\Recovery [08/05/2014 - 19:25:27 | D] - C:\Shortcut_Module [08/05/2014 - 19:25:27 | N | 29 Ko | A36B78517A24106AD29B87B26A57DF55] - C:\Shortcut_Module_08_05_2014_19_25_27.txt [09/06/2012 - 22:45:50 | D] - C:\SwSetup [09/05/2014 - 11:14:55 | SHD] - C:\System Volume Information [10/05/2014 - 22:36:56 | D] - C:\UsbFix [10/05/2014 - 22:13:57 | N | 10 Ko | 7BABC9BE934C12F7C98B3EC39655FE2C] - C:\UsbFix [Clean 2] LUCAS-HPDV7.txt [10/05/2014 - 22:39:53 | A | 7 Ko | 0A5C5E90A430E1417E08E5ABA603182B] - C:\UsbFix [Clean 4] LUCAS-HPDV7.txt [21/03/2013 - 21:06:34 | D] - C:\Users [10/05/2014 - 11:38:15 | D] - C:\Windows [09/06/2012 - 18:41:10 | D] - C:\Windows.old [09/06/2012 - 23:10:05 | D] - C:\Windows.old.000 [13/06/2013 - 20:57:26 | D] - F:\Musique Jordan [18/07/2013 - 17:51:34 | N | 11 Ko] - F:\lettre d'info nouvelle rue.docx [18/02/2014 - 13:12:28 | N | 151 Ko] - F:\Devis CACES R 389 - Recy - 1 3 5 (1).pdf [20/03/2014 - 10:53:20 | N | 243 Ko] - F:\Affiche vente Peugeot 807.docx [01/04/2014 - 09:57:50 | N | 176 Ko] - F:\Devis_DEV201402015211 (1).pdf [01/04/2014 - 09:58:04 | N | 151 Ko] - F:\Devis CACES R 389 - Recy - 1 3 5.pdf [07/04/2014 - 08:20:12 | D] - F:\CV BJ [20/04/2014 - 18:08:48 | N | 1278 Ko | E0AA8A7D008C1E2A8612B492A1452AA5] - F:\adwcleaner.exe [21/11/2011 - 13:18:02 | D] - G:\Memory [07/11/2012 - 08:57:44 | N | 9092 Ko] - G:\03 - Burn It Down.mp3 [26/09/2009 - 21:02:06 | N | 8653 Ko] - G:\02. Charlie Winston - Like A Hobo - PANiC.mp3 [26/09/2009 - 21:01:54 | N | 6337 Ko] - G:\03. Charlie Winston - Kick The Bucket - PANiC.mp3 [26/09/2009 - 21:02:02 | N | 9143 Ko] - G:\01. Charlie Winston - In Your Hands - PANiC.mp3 [27/01/2011 - 22:53:12 | N | 15467 Ko] - G:\Mojave.mp3 [28/12/2012 - 18:12:30 | N | 8333 Ko] - G:\16 - One Day Reckoning Song (Wankelmut Remix) (Radio Edit).mp3 [19/11/2012 - 18:06:24 | N | 8224 Ko] - G:\Owl City & Carly Rae Jepsen - Good Time.mp3 [16/03/2013 - 22:53:10 | N | 5758 Ko] - G:\07. Swing Swing.mp3 [25/10/2007 - 22:48:36 | N | 5672 Ko] - G:\Mc Solaar [Qui sème le vent récolte le tempo - 12] Bouge de là (part 1).mp3 [27/02/2009 - 09:22:10 | N | 2150 Ko] - G:\03-Pas d'papier water.MP3 [27/06/2010 - 11:49:14 | N | 4258 Ko] - G:\01 Raoul mon pittbull.mp3 [27/06/2010 - 11:49:14 | N | 4808 Ko] - G:\02 Ker chansonnec.mp3 ################## | Vaccin | F:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido) G:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido) ################## | E.O.F | http://www.usbfix.net/ - http://www.sosvirus.net |