[b]############################## | UsbFix V 7.901 | [Nettoyage][/b]

Utilisateur: Romain (Administrateur) # FLORIAN-PC
Mis à jour le 25/02/2015 par El Desaparecido - SosVirus
Lancé à 18:50:31 | 05/03/2015

Site Web : [url=http://www.usbfix.net/]http://www.usbfix.net/[/url]
Changelog : [url=http://www.usbfix.net/maj/]http://www.usbfix.net/maj/[/url]
Assistance : [url=http://www.sosvirus.net/forum-virus-securite.html]http://www.sosvirus.net/forum-virus-securite.html[/url]
Détection en Live : [url=http://comment-supprimer.fr/]http://comment-supprimer.fr/[/url]
Contact : [url=http://www.usbfix.net/contact/]http://www.usbfix.net/contact/[/url]

[b]################## | System information |[/b]

MB: PEGATRON CORPORATION (Eureka3) 
CPU: Intel(R) Core(TM)2 Quad CPU    Q8300  @ 2.50GHz
GC: NVIDIA GeForce GT 220
RAM -> [Total : 8191 Mo | Free : 5406 Mo]
Bios: American Megatrends Inc.
Boot: Normal boot

OS: Microsoft™ Windows 7 Home Premium (6.1.7601 64-Bit) Service Pack 1
WB: Internet Explorer : 11.00.9600.16428
WB: Google Chrome : 40.0.2214.115
WB: Mozilla Firefox : 26.0
WB: Safari : 534.57.2

[b]################## | Security Information |[/b]

AS: Malwarebytes Anti-Malware : 2.0.4.1028
FW: Windows Firewall [Actif]
SC: Security Center [[b](!) Désactivé[/b]]
WU: Windows Update [Actif]

[b]################## | Disk Information |[/b]

C:\ (%SystemDrive%) -> Disque fixe # 918 Go (522 Go libre(s) - 57%) [HP] # NTFS
D:\ -> Disque fixe # 14 Go (2 Go libre(s) - 17%) [FACTORY_IMAGE] # NTFS
E:\ -> CD-ROM # 4 Go (0 Mo libre(s) - 0%) [MY_DATA_030515] # UDF

[b]################## | Recherche générique |[/b]

Supprimé! C:\Users\Romain\AppData\Roaming\java\webview\.lock
Supprimé! C:\Users\Romain\AppData\Roaming\java
Supprimé! C:\Users\Romain\AppData\Roaming\java
Supprimé! C:\Users\Romain\AppData\Roaming\java

(!) Fichiers temporaires supprimés. (1495.44181442261 MB)

[b]################## | Registre |[/b]


[b]################## | Regedit Run |[/b]

F2 - HKLM\..\Winlogon : [Shell] explorer.exe
F2 - [x64] HKLM\..\Winlogon : [Shell] explorer.exe
F2 - HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe,
F2 - [x64] HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe,
04 - HKCU\..\Run : [Google Update] "C:\Users\Romain\AppData\Local\Google\Update\GoogleUpdate.exe" /c
04 - HKCU\..\Run : [Facebook Update] "C:\Users\Romain\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
04 - HKCU\..\Run : [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
04 - HKCU\..\Run : [Akamai NetSession Interface] "C:\Users\Romain\AppData\Local\Akamai\netsession_win.exe"
04 - HKCU\..\Run : [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
04 - HKCU\..\Run : [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
04 - HKCU\..\Run : [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
04 - HKCU\..\Run : [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
04 - HKCU\..\Run : [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
04 - HKLM\..\Run : [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
04 - HKLM\..\Run : [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
04 - HKLM\..\Run : [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
04 - HKLM\..\Run : [UpdatePRCShortCut] "C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Hewlett-Packard\Recovery" UpdateWithCreateOnce "Software\CyberLink\PowerRecover"
04 - HKLM\..\Run : [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
04 - HKLM\..\Run : [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
04 - HKLM\..\Run : [Magic Desktop for HP notification] "C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe"
04 - HKLM\..\Run : [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
04 - HKLM\..\Run : [LifeCam] "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe"
04 - HKLM\..\Run : [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
04 - HKLM\..\Run : [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
04 - HKLM\..\Run : [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
04 - [x64] HKLM\..\Run : [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
04 - [x64] HKLM\..\Run : [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
04 - [x64] HKLM\..\Run : [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
04 - [x64] HKLM\..\Run : [ShadowPlay] C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
04 - [x64] HKLM\..\Run : [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe /minimized
04 - HKU\S-1-5-19\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-20\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-21-1857643406-1364530019-2282397469-1001\..\Run : [Google Update] "C:\Users\Romain\AppData\Local\Google\Update\GoogleUpdate.exe" /c
04 - HKU\S-1-5-21-1857643406-1364530019-2282397469-1001\..\Run : [Facebook Update] "C:\Users\Romain\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
04 - HKU\S-1-5-21-1857643406-1364530019-2282397469-1001\..\Run : [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
04 - HKU\S-1-5-21-1857643406-1364530019-2282397469-1001\..\Run : [Akamai NetSession Interface] "C:\Users\Romain\AppData\Local\Akamai\netsession_win.exe"
04 - HKU\S-1-5-21-1857643406-1364530019-2282397469-1001\..\Run : [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
04 - HKU\S-1-5-21-1857643406-1364530019-2282397469-1001\..\Run : [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
04 - HKU\S-1-5-21-1857643406-1364530019-2282397469-1001\..\Run : [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
04 - HKU\S-1-5-21-1857643406-1364530019-2282397469-1001\..\Run : [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
04 - HKU\S-1-5-21-1857643406-1364530019-2282397469-1001\..\Run : [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
04 - HKU\S-1-5-19\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-20\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
04GS - Dropbox.lnk : C:\Users\Romain\AppData\Roaming\Dropbox\bin\Dropbox.exe
04GS - VPro620.lnk : C:\Windows\VPro620.exe

[b]################## | UsbFix - Information |[/b]

Info : [url=https://www.youtube.com/watch?v=vUZYYASd7FE]Comment supprimer l'infection des raccourcis sur USB ? (Video)[/url]
Info : [url=http://www.usbfix.net/2014/10/supprimer-virus-raccourcis-usb/]L'infection des raccourcis USB, c'est quoi ?[/url]
Détection en Live : [url=http://comment-supprimer.fr/]http://comment-supprimer.fr/[/url]

[b]################## | Hijack |[/b]


[b]################## | C:\ %SystemDrive% - Disque Fixe (NTFS) |[/b]

[19/07/2013 - 08:57:54 | A | 26 Ko] - C:\AdwCleaner[S2].txt
[01/08/2013 - 14:44:43 | A | 10 Ko] - C:\AdwCleaner[S3].txt
[05/03/2015 - 13:18:51 | ASH | 6290824 Ko] - C:\hiberfil.sys
[05/03/2015 - 13:19:00 | ASH | 8387768 Ko] - C:\pagefile.sys
[03/04/2010 - 19:35:56 | A | 542 Ko] - C:\VS_EXPBSLN_x64_fra.MSI
[02/10/2011 - 17:41:23 | A | 35 Ko] - C:\shared.log
[15/01/2013 - 20:39:03 | A | 0 Ko] - C:\find_installed_search_provider.log
[01/12/2006 - 22:37:14 | A | 884 Ko] - C:\msdia80.dll
[03/04/2010 - 19:33:31 | A | 2040 Ko] - C:\VS_EXPBSLN_x64_fra.CAB
[23/06/2011 - 15:20:32 | SHD] - C:\$Recycle.Bin
[01/03/2015 - 16:21:50 | A | 1 Ko] - C:\PhysicalDisk0_MBR.bin
[14/07/2009 - 04:20:08 | D] - C:\PerfLogs
[14/07/2009 - 06:08:56 | SHD] - C:\Documents and Settings
[23/06/2011 - 15:07:22 | RHD] - C:\MSOCache
[31/07/2011 - 09:23:18 | D] - C:\hp
[16/10/2012 - 17:49:17 | D] - C:\PWRD
[12/06/2013 - 14:15:43 | D] - C:\ElementalTinkerer
[08/01/2014 - 20:47:46 | D] - C:\Games
[16/01/2014 - 17:22:14 | D] - C:\Riot Games
[28/02/2014 - 19:29:11 | D] - C:\AeriaGames
[06/04/2014 - 19:24:38 | D] - C:\Utopia Box V3
[12/06/2014 - 18:12:54 | D] - C:\Fraps
[26/07/2014 - 18:59:03 | D] - C:\Python27
[29/07/2014 - 21:25:52 | D] - C:\NVIDIA Corporation
[25/08/2014 - 19:46:37 | RD] - C:\Users
[17/09/2014 - 21:20:21 | D] - C:\68f56f080effc3f2e1
[28/09/2014 - 10:51:26 | D] - C:\S
[28/09/2014 - 11:05:13 | D] - C:\Download Genius
[05/10/2014 - 17:25:37 | D] - C:\Pylo
[28/02/2015 - 19:04:25 | D] - C:\AdwCleaner
[01/03/2015 - 15:01:01 | D] - C:\Program Files (x86)
[02/03/2015 - 20:28:41 | RD] - C:\Program Files
[03/03/2015 - 16:53:55 | HD] - C:\ProgramData
[03/03/2015 - 21:42:21 | D] - C:\UsbFix
[04/03/2015 - 13:48:17 | D] - C:\Windows

[b]################## | D:\ - Disque Fixe (NTFS) |[/b]

[30/03/2013 - 12:13:50 | A | 0 Ko] - D:\FirexFoxXPCOMLogging.txt
[26/12/2009 - 22:04:22 | N | 0 Ko] - D:\hpdrcu.prc
[23/06/2011 - 22:20:37 | N | 0 Ko] - D:\RPCONFIG.LOG
[23/06/2011 - 13:20:51 | N | 0 Ko] - D:\language.ini
[23/06/2011 - 13:20:51 | N | 0 Ko] - D:\BT_HP.FLG
[26/12/2009 - 22:04:19 | N | 0 Ko] - D:\CSP.dat
[23/06/2011 - 13:20:55 | SHD] - D:\$RECYCLE.BIN
[26/12/2009 - 22:04:19 | ASH | 375 Ko] - D:\bootmgr
[23/06/2011 - 13:20:52 | SHD] - D:\boot
[23/06/2011 - 13:20:53 | SD] - D:\Recovery
[23/06/2011 - 22:34:49 | D] - D:\hp
[23/06/2011 - 22:48:47 | SHD] - D:\preload

[b]################## | Vaccin |[/b]

C:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
D:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)

[b]################## | E.O.F | [url=http://www.sosvirus.net/]http://www.sosvirus.net/[/url] | [url=http://www.usbfix.net/]http://www.usbfix.net/[/url] |[/b]