<bold>############################## | UsbFix V 7.178 | [Nettoyage]</bold>

Utilisateur: Mr Ben (Administrateur) # PC-DE-THIERRY
Mis à jour le 08/08/2014 par El Desaparecido - SosVirus
Lancé à 01:24:41 | 27/08/2014

Site Web : [http://www.usbfix.net/ http://www.usbfix.net/]
Changelog : [http://www.usbfix.net/maj/ http://www.usbfix.net/maj/]
Assistance : [http://www.sosvirus.net/forum-virus-securite.html http://www.sosvirus.net/forum-virus-securite.html]
Upload Malware : [http://www.sosvirus.net/upload_malware.php http://www.sosvirus.net/upload_malware.php]
Contact : [http://www.usbfix.net/contact/ http://www.usbfix.net/contact/]

<bold>################## | System information |</bold>

MB:  (2Core1333-2.66G) 
CPU: Genuine Intel(R) CPU            2140  @ 1.60GHz
RAM -> [Total : 2047 Mo | Free : 880 Mo]
Bios: American Megatrends Inc.
Boot: Normal boot

OS: Microsoft™ Windows Vista (TM) Home Premium (6.0.6002 32-Bit) Service Pack 2
WB: Internet Explorer : 9.00.8112.16421
WB: Mozilla Firefox : 27.0.1

<bold>################## | Security Information |</bold>

AV: Microsoft Security Essentials [Actif |A jour]
AS: Windows Defender [<bold>(!) Désactivé</bold> |<bold>(!) Non à jour</bold>]
AS: Microsoft Security Essentials [Actif |A jour]
AS: Malwarebytes Anti-Malware : 1.75.0001
FW: Windows Firewall [Actif]
SC: Security Center [Actif]
WU: Windows Update [Actif]

<bold>################## | Disk Information |</bold>

C:\ (%SystemDrive%) -> Disque fixe # 271 Go (66 Go libre(s) - 24%) [HDD] # NTFS
E:\ -> Disque fixe # 2 Go (2 Go libre(s) - 98%) [INSTALL] # NTFS
F:\ -> Disque fixe # 20 Go (19 Go libre(s) - 99%) [] # NTFS
G:\ -> Disque fixe # 125 Go (125 Go libre(s) - 100%) [] # NTFS
L:\ -> Disque fixe # 186 Go (186 Go libre(s) - 100%) [sauvegarde] # NTFS

<bold>################## | Autorun |</bold>


<bold>################## | Recherche générique |</bold>

Supprimé! F:\resycled
Supprimé! G:\resycled

(!) Fichiers temporaires supprimés. (442.185007095337 MB)

<bold>################## | Registre |</bold>


<bold>################## | Regedit Run |</bold>

F2 - HKLM\..\Winlogon : [Shell] explorer.exe
F2 - HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe,
04 - HKCU\..\Run : [Google Update] "C:\Users\Mr Ben\AppData\Local\Google\Update\GoogleUpdate.exe" /c
04 - HKCU\..\Run : [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
04 - HKCU\..\Run : [Facebook Update] "C:\Users\Mr Ben\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
04 - HKLM\..\Run : [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
04 - HKLM\..\Run : [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
04 - HKLM\..\Run : [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
04 - HKLM\..\Run : [Hercules DJ Series] C:\Program Files\Hercules\Audio\DJ Console Series\HDJSeriesCPL.exe /boot
04 - HKLM\..\Run : [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
04 - HKLM\..\Run : [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
04 - HKLM\..\Run : [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
04 - HKLM\..\Run : [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
04 - HKLM\..\Run : [ApnTBMon] "C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
04 - HKLM\..\Run : [VNT] "C:\Program Files\VNT\vntldr.exe"
04 - HKLM\..\Run : [RtHDVCpl] RtHDVCpl.exe
04 - HKLM\..\Run : [HarmonyUserStartup] C:\Program Files\CSR\CSR Harmony Wireless Software Stack\HarmonyUserStartup.exe
04 - HKLM\..\Run : [CsrHCRPServer] C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrHCRPServer.exe
04 - HKLM\..\Run : [CsrSyncMLServer] C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrSyncMLServer.exe
04 - HKLM\..\Run : [vksts] C:\Program Files\CSR\CSR Harmony Wireless Software Stack\vksts.exe
04 - HKLM\..\Run : [CsrAudioguiCtrl] C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrAudioguiCtrl.exe
04 - HKLM\..\Run : [CSRHarmonySkypePlugin] C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CSRHarmonySkypePlugin.exe
04 - HKLM\..\Run : [TrayApplication] C:\Program Files\CSR\CSR Harmony Wireless Software Stack\TrayApplication.exe
04 - HKLM\..\Run : [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
04 - HKLM\..\Run : [F-Secure Manager] "C:\Program Files\F-Secure\Common\FSM32.EXE" /splash
04 - HKLM\..\Run : [F-Secure TNB] "C:\Program Files\F-Secure\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
04 - HKU\S-1-5-19\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem
04 - HKU\S-1-5-19\..\Run : [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
04 - HKU\S-1-5-20\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem
04 - HKU\S-1-5-20\..\Run : [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
04 - HKU\S-1-5-21-2127244368-502816096-3983514675-1005\..\Run : [Google Update] "C:\Users\Mr Ben\AppData\Local\Google\Update\GoogleUpdate.exe" /c
04 - HKU\S-1-5-21-2127244368-502816096-3983514675-1005\..\Run : [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
04 - HKU\S-1-5-21-2127244368-502816096-3983514675-1005\..\Run : [Facebook Update] "C:\Users\Mr Ben\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver

<bold>################## | UsbFix - Information |</bold>

Info : [https://www.youtube.com/watch?v=vUZYYASd7FE Comment supprimer l'infection des raccourcis sur USB ? (Video)]
Info : [http://www.en.usbfix.net/2014/03/remove-shortcut-virus-usb/ L'infection des raccourcis USB, c'est quoi ?]

<bold>################## | Hijack |</bold>


<bold>################## | C:\ %SystemDrive% - Disque Fixe (NTFS) |</bold>

[18/09/2006 - 23:43:37 | A | 0 Ko] - C:\config.sys
[04/03/2012 - 22:26:23 | RASH | 0 Ko] - C:\MSDOS.SYS
[04/03/2012 - 22:26:23 | RASH | 0 Ko] - C:\IO.SYS
[26/08/2014 - 22:38:10 | ASH | 2402900 Ko] - C:\pagefile.sys
[26/08/2014 - 22:38:12 | ASH | 2096440 Ko] - C:\hiberfil.sys
[09/05/2007 - 16:04:12 | N | 2 Ko] - C:\IPH.PH
[15/08/2014 - 21:01:11 | D] - C:\Config.Msi
[21/02/2012 - 12:34:51 | N | 0 Ko] - C:\winv.ld
[10/08/2012 - 19:31:13 | A | 0 Ko] - C:\user.js
[16/07/2012 - 15:28:40 | SHD] - C:\$Recycle.Bin
[18/09/2006 - 23:43:36 | A | 0 Ko] - C:\autoexec.bat
[09/05/2007 - 15:36:43 | D] - C:\Intel
[09/05/2007 - 15:43:26 | D] - C:\RaidTool
[10/05/2007 - 01:02:01 | D] - C:\drivers
[11/04/2009 - 08:36:36 | RASH | 325 Ko] - C:\bootmgr
[20/02/2012 - 17:44:31 | D] - C:\WimSoft
[20/02/2012 - 18:02:31 | D] - C:\Documents and Settings
[21/02/2012 - 12:34:51 | N | 323 Ko] - C:\QVCMO
[22/02/2012 - 10:58:47 | RHD] - C:\MSOCache
[25/02/2012 - 16:05:53 | D] - C:\PerfLogs
[26/02/2012 - 16:02:19 | SHD] - C:\boot
[23/11/2012 - 09:31:40 | RD] - C:\Users
[14/04/2013 - 08:53:31 | D] - C:\Temp
[22/04/2013 - 12:30:08 | SHD] - C:\System Volume Information
[20/04/2014 - 15:17:44 | D] - C:\BluetoothExchangeFolder
[13/07/2014 - 19:56:05 | HD] - C:\ProgramData
[14/07/2014 - 09:11:43 | D] - C:\Windows
[27/08/2014 - 00:27:17 | RD] - C:\Program Files
[27/08/2014 - 01:23:25 | D] - C:\UsbFix

<bold>################## | E:\ - Disque Fixe (NTFS) |</bold>

[16/07/2012 - 15:28:40 | SHD] - E:\$RECYCLE.BIN
[25/02/2012 - 14:24:54 | SHD] - E:\System Volume Information

<bold>################## | F:\ - Disque Fixe (NTFS) |</bold>

[16/07/2012 - 15:28:40 | SHD] - F:\$RECYCLE.BIN
[04/11/2007 - 00:37:05 | SHD] - F:\System Volume Information
[01/03/2010 - 21:51:49 | D] - F:\resycled

<bold>################## | G:\ - Disque Fixe (NTFS) |</bold>

[16/07/2012 - 15:28:40 | SHD] - G:\$RECYCLE.BIN
[04/11/2007 - 00:37:05 | SHD] - G:\System Volume Information
[01/03/2010 - 21:52:27 | D] - G:\resycled
[08/04/2010 - 18:03:43 | D] - G:\28ebf64f56d8c790c9
[06/11/2010 - 15:24:10 | D] - G:\62b5a1f9a96a31bb920c3b
[12/01/2012 - 04:01:08 | D] - G:\3b3a304f0963c23c525fbd42
[14/04/2012 - 22:40:17 | D] - G:\e96e723b7e687989d297

<bold>################## | L:\ - Disque Fixe (NTFS) |</bold>

[16/10/2012 - 08:04:37 | SHD] - L:\$RECYCLE.BIN
[25/08/2012 - 19:36:56 | SHD] - L:\System Volume Information

<bold>################## | Vaccin |</bold>

C:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
E:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
F:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
G:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
L:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)

<bold>################## | E.O.F | [http://www.sosvirus.net/ http://www.sosvirus.net/] | [http://www.usbfix.net/ http://www.usbfix.net/] |</bold>