[b]############################## | UsbFix V 7.178 | [Nettoyage][/b]

Utilisateur: Kaki (Administrateur) # KAKI-PC
Mis à jour le 08/08/2014 par El Desaparecido - SosVirus
Lancé à 19:23:53 | 18/08/2014

Site Web : [url=http://www.usbfix.net/]http://www.usbfix.net/[/url]
Changelog : [url=http://www.usbfix.net/maj/]http://www.usbfix.net/maj/[/url]
Assistance : [url=http://www.sosvirus.net/forum-virus-securite.html]http://www.sosvirus.net/forum-virus-securite.html[/url]
Upload Malware : [url=http://www.sosvirus.net/upload_malware.php]http://www.sosvirus.net/upload_malware.php[/url]
Contact : [url=http://www.usbfix.net/contact/]http://www.usbfix.net/contact/[/url]

[b]################## | System information |[/b]

MB: Hewlett-Packard (143A) 
CPU: Intel(R) Pentium(R) CPU        P6000  @ 1.87GHz
RAM -> [Total : 3894 Mo | Free : 2492 Mo]
Bios: Hewlett-Packard
Boot: Normal boot

OS: Microsoft™ Windows 7 Home Premium (6.1.7601 64-Bit) Service Pack 1
WB: Internet Explorer : 11.00.9600.16428

[b]################## | Security Information |[/b]

AV: Avira Desktop [Actif |A jour]
AS: Avira Desktop [Actif |A jour]
AS: Windows Defender [[b](!) Désactivé[/b] |A jour]
AS: Malwarebytes Anti-Malware : 2.0.2.1012
FW: Windows Firewall [Actif]
SC: Security Center [Actif]
WU: Windows Update [Actif]

[b]################## | Disk Information |[/b]

C:\ (%SystemDrive%) -> Disque fixe # 452 Go (376 Go libre(s) - 83%) [] # NTFS
D:\ -> Disque fixe # 14 Go (2 Go libre(s) - 14%) [RECOVERY] # NTFS
E:\ -> Disque fixe # 99 Mo (85 Mo libre(s) - 86%) [HP_TOOLS] # FAT32
G:\ -> Disque amovible # 15 Go (9 Go libre(s) - 59%) [] # FAT32
H:\ -> Disque fixe # 466 Go (395 Go libre(s) - 85%) [LG External HDD Drive] # NTFS
I:\ -> Disque amovible # 247 Mo (227 Mo libre(s) - 92%) [] # FAT32
J:\ -> Disque amovible # 15 Go (13 Go libre(s) - 86%) [TRANSCEND] # FAT32

[b]################## | Autorun |[/b]


[b]################## | Recherche générique |[/b]

Supprimé! H:\Thumbs.db
Supprimé! H:\Autorun.inf

(!) Fichiers temporaires supprimés. (170.025087356567 MB)

[b]################## | Registre |[/b]

Réparé ! HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer|EnableShellExecuteHooks -> 0

[b]################## | Regedit Run |[/b]

F2 - HKLM\..\Winlogon : [Shell] explorer.exe
F2 - [x64] HKLM\..\Winlogon : [Shell] explorer.exe
F2 - HKLM\..\Winlogon : [TaskMan] 
F2 - HKLM\..\Winlogon : [Userinit] userinit.exe,
F2 - [x64] HKLM\..\Winlogon : [Userinit] C:\Windows\System32\Userinit.exe,
04 - HKCU\..\Run : [OrangeInside] C:\Users\Kaki\AppData\Roaming\Orange\OrangeInside\one\OrangeInside.exe
04 - HKCU\..\Run : [TomTomHOME.exe] "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"
04 - HKCU\..\Run : [Rainlendar2] C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe
04 - HKCU\..\Run : [Orange Installer] "C:\Program Files (x86)\Orange\Orange Installer\OrangeInstaller.exe"
04 - HKCU\..\Run : [MoneyAgent] "C:\Program Files (x86)\Microsoft Money\System\mnyexpr.exe"
04 - HKCU\..\Run : [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
04 - HKCU\..\Run : [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe
04 - HKCU\..\Run : [GUDelayStartup] "C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe" -delayrun
04 - HKCU\..\Run : [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
04 - HKCU\..\Run : [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
04 - HKCU\..\Run : [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
04 - HKLM\..\Run : [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
04 - HKLM\..\Run : [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
04 - HKLM\..\Run : [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
04 - HKLM\..\Run : [ORAHSSSessionManager] "C:\Program Files (x86)\Orange\Connexion Internet Orange\SessionManager\SessionManager.exe"
04 - HKLM\..\Run : [NBAgent] "C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart
04 - HKLM\..\Run : [KeePass 2 PreLoad] "C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe" --preload
04 - HKLM\..\Run : [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
04 - HKLM\..\Run : [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
04 - HKLM\..\Run : [BingDesktop] C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe /fromkey
04 - HKLM\..\Run : [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
04 - HKLM\..\Run : [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
04 - HKLM\..\Run : [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
04 - HKLM\..\Run : [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
04 - HKLM\..\Run : [Wondershare Helper Compact.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
04 - [x64] HKLM\..\Run : [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
04 - [x64] HKLM\..\Run : [RtkOSD] C:\Program Files (x86)\Realtek\Audio\OSD\RtVOsd64.exe
04 - [x64] HKLM\..\Run : [Persistence] C:\Windows\system32\igfxpers.exe
04 - [x64] HKLM\..\Run : [LogiScrollApp] C:\Program Files\Logitech\FlowScroll\KhalScroll.exe
04 - [x64] HKLM\..\Run : [IgfxTray] C:\Windows\system32\igfxtray.exe
04 - [x64] HKLM\..\Run : [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe
04 - [x64] HKLM\..\Run : [HotKeysCmds] C:\Windows\system32\hkcmd.exe
04 - [x64] HKLM\..\Run : [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
04 - [x64] HKLM\..\Run : [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe /logon
04 - [x64] HKLM\..\Run : [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
04 - [x64] HKLM\..\Run : [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe /hidden
04 - [x64] HKLM\..\Run : [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
04 - [x64] HKLM\..\RunOnce : [NCPluginUpdater] "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update
04 - HKU\S-1-5-21-2861097751-2107483224-206683470-1001\..\Run : [OrangeInside] C:\Users\Kaki\AppData\Roaming\Orange\OrangeInside\one\OrangeInside.exe
04 - HKU\S-1-5-21-2861097751-2107483224-206683470-1001\..\Run : [TomTomHOME.exe] "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"
04 - HKU\S-1-5-21-2861097751-2107483224-206683470-1001\..\Run : [Rainlendar2] C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe
04 - HKU\S-1-5-21-2861097751-2107483224-206683470-1001\..\Run : [Orange Installer] "C:\Program Files (x86)\Orange\Orange Installer\OrangeInstaller.exe"
04 - HKU\S-1-5-21-2861097751-2107483224-206683470-1001\..\Run : [MoneyAgent] "C:\Program Files (x86)\Microsoft Money\System\mnyexpr.exe"
04 - HKU\S-1-5-21-2861097751-2107483224-206683470-1001\..\Run : [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
04 - HKU\S-1-5-21-2861097751-2107483224-206683470-1001\..\Run : [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe
04 - HKU\S-1-5-21-2861097751-2107483224-206683470-1001\..\Run : [GUDelayStartup] "C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe" -delayrun
04 - HKU\S-1-5-21-2861097751-2107483224-206683470-1001\..\Run : [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
04 - HKU\S-1-5-21-2861097751-2107483224-206683470-1001\..\Run : [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
04 - HKU\S-1-5-21-2861097751-2107483224-206683470-1001\..\Run : [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
04 - HKU\S-1-5-19\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-20\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe

[b]################## | UsbFix - Information |[/b]

Info : [url=https://www.youtube.com/watch?v=vUZYYASd7FE]Comment supprimer l'infection des raccourcis sur USB ? (Video)[/url]
Info : [url=http://www.en.usbfix.net/2014/03/remove-shortcut-virus-usb/]L'infection des raccourcis USB, c'est quoi ?[/url]

[b]################## | Hijack |[/b]


[b]################## | C:\ %SystemDrive% - Disque Fixe (NTFS) |[/b]

[07/11/2007 - 08:00:40 | N | 17 Ko] - C:\eula.1031.txt
[07/11/2007 - 08:00:40 | N | 10 Ko] - C:\eula.1033.txt
[07/11/2007 - 08:00:40 | N | 17 Ko] - C:\eula.3082.txt
[07/11/2007 - 08:00:40 | N | 17 Ko] - C:\eula.2052.txt
[07/11/2007 - 08:00:40 | N | 17 Ko] - C:\eula.1042.txt
[07/11/2007 - 08:00:40 | N | 0 Ko] - C:\eula.1041.txt
[07/11/2007 - 08:00:40 | N | 17 Ko] - C:\eula.1040.txt
[07/11/2007 - 08:00:40 | N | 17 Ko] - C:\eula.1036.txt
[07/11/2007 - 08:00:40 | N | 17 Ko] - C:\eula.1028.txt
[30/04/2014 - 17:57:48 | N | 0 Ko] - C:\xtViewer_err.txt
[30/04/2014 - 17:58:02 | N | 0 Ko] - C:\xtViewer_out.txt
[16/08/2014 - 21:08:57 | A | 104 Ko] - C:\AdsFix.txt
[18/08/2014 - 01:35:44 | ASH | 2990484 Ko] - C:\hiberfil.sys
[18/08/2014 - 01:35:45 | ASH | 3987312 Ko] - C:\pagefile.sys
[01/12/2010 - 16:01:40 | D] - C:\SYSTEM.SAV
[07/11/2007 - 08:12:28 | A | 228 Ko] - C:\VC_RED.MSI
[15/08/2014 - 11:29:28 | D] - C:\Config.Msi
[26/05/2013 - 01:34:40 | N | 2 Ko] - C:\RHDSetup.log
[12/10/2013 - 17:10:34 | N | 0 Ko] - C:\DiskDefrag.log
[07/11/2007 - 08:00:40 | A | 1 Ko] - C:\globdata.ini
[07/11/2007 - 08:00:40 | A | 1 Ko] - C:\install.ini
[21/06/2014 - 09:20:11 | A | 0 Ko] - C:\BackupLoader.ini
[07/11/2007 - 08:03:18 | A | 550 Ko] - C:\install.exe
[09/07/2013 - 00:38:07 | N | 118 Ko] - C:\StartupManager.dmp
[07/11/2007 - 08:03:18 | A | 74 Ko] - C:\install.res.2052.dll
[07/11/2007 - 08:03:18 | A | 93 Ko] - C:\install.res.1040.dll
[07/11/2007 - 08:03:18 | A | 95 Ko] - C:\install.res.1036.dll
[07/11/2007 - 08:03:18 | A | 80 Ko] - C:\install.res.1041.dll
[07/11/2007 - 08:03:18 | A | 78 Ko] - C:\install.res.1042.dll
[07/11/2007 - 08:03:18 | A | 94 Ko] - C:\install.res.3082.dll
[07/11/2007 - 08:03:18 | A | 75 Ko] - C:\install.res.1028.dll
[07/11/2007 - 08:03:18 | A | 94 Ko] - C:\install.res.1031.dll
[07/11/2007 - 08:03:18 | A | 89 Ko] - C:\install.res.1033.dll
[17/10/2011 - 17:57:27 | N | 146 Ko] - C:\aaw7boot.cmd
[07/11/2007 - 08:09:22 | N | 1409 Ko] - C:\VC_RED.cab
[29/02/2004 - 17:44:34 | N | 51 Ko] - C:\orange.bmp
[07/11/2007 - 08:00:40 | N | 6 Ko] - C:\vcredist.bmp
[16/08/2014 - 23:57:30 | SHD] - C:\$Recycle.Bin
[18/08/2014 - 14:55:29 | A | 1 Ko] - C:\PhysicalDisk0_MBR.bin
[17/12/2011 - 02:38:03 | N | 0 Ko] - C:\autoexec.bat
[14/07/2009 - 03:38:58 | RASH | 375 Ko] - C:\bootmgr
[14/07/2009 - 07:08:56 | D] - C:\Documents and Settings
[12/05/2010 - 19:02:30 | RHD] - C:\MSOCache
[13/05/2010 - 07:41:06 | SHD] - C:\boot
[29/06/2010 - 16:48:20 | D] - C:\HP
[05/11/2010 - 18:50:15 | D] - C:\Recovery
[09/11/2010 - 14:54:22 | D] - C:\NOVAXEL
[09/11/2010 - 14:54:31 | D] - C:\TEMPFULLTEXT
[14/11/2010 - 17:56:51 | D] - C:\BigFishGamesCache
[17/12/2011 - 10:30:26 | D] - C:\rsit
[23/11/2012 - 18:22:07 | D] - C:\Données EuroSoft Software Development
[30/01/2013 - 18:29:05 | D] - C:\tmp
[27/05/2013 - 15:06:12 | D] - C:\net-snmp-compil-win
[10/09/2013 - 20:50:56 | D] - C:\FFOutput
[28/07/2014 - 22:58:01 | D] - C:\history
[30/07/2014 - 17:52:17 | D] - C:\PerfLogs
[09/08/2014 - 17:05:28 | D] - C:\UpdateChromeLinksLogs
[12/08/2014 - 12:02:41 | D] - C:\SwSetup
[16/08/2014 - 23:57:31 | D] - C:\Intel
[16/08/2014 - 23:59:23 | RD] - C:\Users
[17/08/2014 - 00:01:43 | D] - C:\AdsFix
[17/08/2014 - 00:01:54 | RD] - C:\Program Files
[17/08/2014 - 10:21:54 | SHD] - C:\System Volume Information
[17/08/2014 - 11:51:20 | D] - C:\AdwCleaner
[17/08/2014 - 16:06:50 | D] - C:\Program Files (x86)
[17/08/2014 - 16:18:10 | HD] - C:\ProgramData
[18/08/2014 - 01:37:16 | D] - C:\Windows
[18/08/2014 - 17:18:57 | D] - C:\UsbFix

[b]################## | D:\ - Disque Fixe (NTFS) |[/b]

[19/01/2012 - 19:49:54 | A | 0 Ko] - D:\HPSF_Rep.txt
[05/11/2010 - 18:59:49 | D] - D:\system.sav
[06/11/2010 - 12:20:18 | N | 0 Ko] - D:\hpdrcu.prc
[30/06/2010 - 03:31:38 | N | 0 Ko] - D:\RPCONFIG.LOG
[30/06/2010 - 03:31:39 | N | 14 Ko] - D:\DeployRp.log
[31/01/2012 - 15:37:20 | A | 0 Ko] - D:\ProcessorLog.log
[05/11/2010 - 18:59:48 | N | 0 Ko] - D:\language.ini
[05/11/2010 - 18:59:48 | N | 0 Ko] - D:\BT_HP.FLG
[30/06/2010 - 03:25:05 | N | 0 Ko] - D:\CSP.DAT
[03/09/2013 - 09:17:28 | SHD] - D:\$RECYCLE.BIN
[14/07/2009 - 20:39:00 | ASH | 375 Ko] - D:\bootmgr
[05/11/2010 - 18:59:48 | SHD] - D:\boot
[05/11/2010 - 18:59:48 | SHD] - D:\preload
[05/11/2010 - 18:59:48 | SD] - D:\Recovery
[06/11/2010 - 12:20:18 | D] - D:\hp
[14/10/2013 - 11:49:33 | SHD] - D:\System Volume Information

[b]################## | E:\ - Disque Fixe (FAT32) |[/b]

[19/01/2012 - 18:49:56 | A | 0 Ko] - E:\HPSF_Rep.txt
[17/08/2012 - 09:19:34 | A | 2 Ko] - E:\TEXT.TXT
[29/06/2010 - 16:37:06 | SHD] - E:\$RECYCLE.BIN
[03/11/2013 - 17:26:42 | AD] - E:\Hewlett-Packard

[b]################## | G:\ - Disque USB (FAT32) |[/b]

[27/02/2012 - 01:50:28 | A | 76891 Ko] - G:\Précis littérature.pdf
[11/03/2012 - 16:50:20 | A | 83 Ko] - G:\TM.pdf
[03/03/2011 - 08:23:18 | D] - G:\Disque amovible (F)
[03/03/2011 - 08:40:16 | D] - G:\Microsoft Money
[15/05/2011 - 19:36:02 | D] - G:\2011-05-15 Anniv La Noune
[22/05/2011 - 19:30:22 | D] - G:\2011-05-21 Noces d'or
[25/06/2011 - 17:58:36 | D] - G:\Mathilde Théâtre
[25/06/2011 - 18:07:46 | D] - G:\Mathilde fête école
[15/08/2011 - 15:50:30 | D] - G:\Aout 2011
[24/08/2011 - 18:06:10 | D] - G:\2011 Marineland
[25/08/2011 - 14:53:28 | D] - G:\2010 Jeannette
[07/10/2011 - 09:34:10 | D] - G:\Dancing
[07/10/2011 - 12:10:30 | D] - G:\Dédé
[07/10/2011 - 22:10:22 | D] - G:\2011-10-01 001

[b]################## | H:\ - Disque Fixe (NTFS) |[/b]

[05/01/2010 - 05:24:22 | A | 41 Ko] - H:\ICON.ico
[06/05/2013 - 14:49:55 | SHD] - H:\$RECYCLE.BIN
[19/06/2010 - 17:00:28 | SHD] - H:\RECYCLER
[22/06/2010 - 15:16:20 | D] - H:\Dossiers Autres
[03/01/2012 - 17:58:01 | D] - H:\USB La Noune mp3
[05/03/2013 - 17:34:46 | D] - H:\Dossiers Actifs
[15/05/2013 - 14:57:27 | D] - H:\iPhone Contacts
[15/05/2013 - 14:58:25 | D] - H:\iPhone Photos
[20/08/2013 - 14:08:37 | D] - H:\iPhone Clips vidéo
[24/08/2013 - 11:07:02 | D] - H:\Photos Anne transfert son iPhone
[26/10/2013 - 09:07:41 | N | 0 Ko] - H:\nmdsdcid
[26/10/2013 - 17:29:08 | D] - H:\iPhone Music
[09/11/2013 - 22:57:51 | D] - H:\SANTE
[19/01/2014 - 13:50:15 | SHD] - H:\System Volume Information
[01/02/2014 - 19:03:34 | D] - H:\VHS transférés sans retouche
[23/02/2014 - 19:36:09 | D] - H:\Pubs
[19/05/2014 - 09:48:08 | D] - H:\Documents divers
[21/05/2014 - 09:43:26 | D] - H:\Photos
[17/08/2014 - 01:01:00 | D] - H:\01 DDR Documents
[18/08/2014 - 15:05:43 | D] - H:\Music

[b]################## | I:\ - Disque USB (FAT32) |[/b]

[01/02/2014 - 18:34:04 | D] - I:\Analyses
[01/02/2014 - 18:34:14 | D] - I:\Cardiologie
[01/02/2014 - 18:34:18 | D] - I:\Gastro-entérologie
[01/02/2014 - 18:34:22 | D] - I:\Urologie

[b]################## | J:\ - Disque USB (FAT32) |[/b]

[30/03/2014 - 16:12:00 | D] - J:\2014 Anniversaire Marine
[22/04/2014 - 14:25:32 | D] - J:\2014 Lundi de Pâques
[27/05/2014 - 10:04:08 | D] - J:\2014 Lundi de Pâques par Maud

[b]################## | Vaccin |[/b]

C:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
D:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
E:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
G:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
H:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
I:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
J:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)

[b]################## | E.O.F | [url=http://www.sosvirus.net/]http://www.sosvirus.net/[/url] | [url=http://www.usbfix.net/]http://www.usbfix.net/[/url] |[/b]