[b]############################## | UsbFix V 7.178 | [Nettoyage][/b]

Utilisateur: TOSHIBA (Administrateur) # TOSHIBA-PC
Mis à jour le 08/08/2014 par El Desaparecido - SosVirus
Lancé à 18:52:26 | 19/08/2014

Site Web : [url=http://www.usbfix.net/]http://www.usbfix.net/[/url]
Changelog : [url=http://www.usbfix.net/maj/]http://www.usbfix.net/maj/[/url]
Assistance : [url=http://www.sosvirus.net/forum-virus-securite.html]http://www.sosvirus.net/forum-virus-securite.html[/url]
Upload Malware : [url=http://www.sosvirus.net/upload_malware.php]http://www.sosvirus.net/upload_malware.php[/url]
Contact : [url=http://www.usbfix.net/contact/]http://www.usbfix.net/contact/[/url]

[b]################## | System information |[/b]

MB: TOSHIBA (PWWAA) 
CPU: Intel(R) Pentium(R) CPU        P6100  @ 2.00GHz
GC: Intel(R) HD Graphics
RAM -> [Total : 2995 Mo | Free : 928 Mo]
Bios: TOSHIBA
Boot: Normal boot

OS: Microsoft™ Windows 7 Professional (6.1.7601 32-Bit) Service Pack 1
WB: Internet Explorer : 11.00.9600.16428

[b]################## | Security Information |[/b]

AV: Kaspersky Anti-Virus [Actif |A jour]
AS: Kaspersky Anti-Virus [Actif |A jour]
AS: Windows Defender [Actif |A jour]
AS: Malwarebytes Anti-Malware : 2.0.2.1012
FW: Windows Firewall [Actif]
SC: Security Center [Actif]
WU: Windows Update [Actif]

[b]################## | Disk Information |[/b]

C:\ (%SystemDrive%) -> Disque fixe # 244 Go (177 Go libre(s) - 73%) [] # NTFS
E:\ -> Disque fixe # 222 Go (95 Go libre(s) - 43%) [] # NTFS

[b]################## | Autorun |[/b]


[b]################## | Recherche générique |[/b]


(!) Fichiers temporaires supprimés. (1695.19624233246 MB)

[b]################## | Registre |[/b]


[b]################## | Regedit Run |[/b]

F2 - HKLM\..\Winlogon : [Shell] explorer.exe
F2 - HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe,
04 - HKCU\..\Run : [Google Update] "C:\Users\TOSHIBA\AppData\Local\Google\Update\GoogleUpdate.exe" /c
04 - HKCU\..\Run : [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
04 - HKCU\..\Run : [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
04 - HKLM\..\Run : [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
04 - HKLM\..\Run : [RtHDVBg_Dolby] C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe /FORPCEE3 
04 - HKLM\..\Run : [RtsCM] RTSCM.EXE
04 - HKLM\..\Run : [IgfxTray] C:\Windows\system32\igfxtray.exe
04 - HKLM\..\Run : [HotKeysCmds] C:\Windows\system32\hkcmd.exe
04 - HKLM\..\Run : [Persistence] C:\Windows\system32\igfxpers.exe
04 - HKLM\..\Run : [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
04 - HKLM\..\Run : [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
04 - HKLM\..\Run : [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
04 - HKLM\..\RunOnce : [Malwarebytes Anti-Malware (cleanup)] "C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe" "C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware"
04 - HKU\S-1-5-19\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-20\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-21-1798905813-111949996-522487556-1000\..\Run : [Google Update] "C:\Users\TOSHIBA\AppData\Local\Google\Update\GoogleUpdate.exe" /c
04 - HKU\S-1-5-21-1798905813-111949996-522487556-1000\..\Run : [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
04 - HKU\S-1-5-21-1798905813-111949996-522487556-1000\..\Run : [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
04 - HKU\S-1-5-19\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-20\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe

[b]################## | UsbFix - Information |[/b]

Info : [url=https://www.youtube.com/watch?v=vUZYYASd7FE]Comment supprimer l'infection des raccourcis sur USB ? (Video)[/url]
Info : [url=http://www.en.usbfix.net/2014/03/remove-shortcut-virus-usb/]L'infection des raccourcis USB, c'est quoi ?[/url]

[b]################## | Hijack |[/b]


[b]################## | C:\ %SystemDrive% - Disque Fixe (NTFS) |[/b]

[30/06/2012 - 18:46:48 | A | 1 Ko] - C:\AdwCleaner[S1].txt
[28/11/2012 - 14:33:24 | A | 16 Ko] - C:\debug1214.txt
[10/06/2009 - 22:42:20 | A | 0 Ko] - C:\config.sys
[19/08/2014 - 00:38:38 | ASH | 2299908 Ko] - C:\hiberfil.sys
[19/08/2014 - 00:38:38 | ASH | 3066544 Ko] - C:\pagefile.sys
[19/08/2014 - 18:51:35 | D] - C:\Config.Msi
[19/06/2012 - 18:30:51 | SHD] - C:\$Recycle.Bin
[19/08/2014 - 17:50:18 | A | 1 Ko] - C:\PhysicalDisk0_MBR.bin
[10/06/2009 - 22:42:20 | A | 0 Ko] - C:\autoexec.bat
[15/07/2014 - 02:29:02 | SHD] - C:\found.000
[14/07/2009 - 03:37:05 | D] - C:\PerfLogs
[14/07/2009 - 05:53:55 | SHD] - C:\Documents and Settings
[05/05/2012 - 17:41:51 | SHD] - C:\Recovery
[05/05/2012 - 17:49:56 | D] - C:\Intel
[05/05/2012 - 21:16:58 | RHD] - C:\MSOCache
[02/06/2012 - 02:25:28 | D] - C:\Mes Sites Web
[19/06/2012 - 18:30:41 | RD] - C:\Users
[10/06/2014 - 12:05:01 | D] - C:\EASy68K
[18/08/2014 - 23:24:14 | D] - C:\Windows
[19/08/2014 - 00:30:40 | D] - C:\AdwCleaner
[19/08/2014 - 15:22:47 | D] - C:\Program Files
[19/08/2014 - 15:22:47 | HD] - C:\ProgramData
[19/08/2014 - 18:49:58 | SHD] - C:\System Volume Information
[19/08/2014 - 18:52:01 | D] - C:\UsbFix

[b]################## | E:\ - Disque Fixe (NTFS) |[/b]

[04/05/2012 - 11:03:46 | N | 262144 Ko] - E:\WinPEpge.sys
[19/05/2011 - 07:40:48 | A | 775273 Ko] - E:\autocad2008.rar
[25/03/2013 - 02:01:48 | A | 13 Ko] - E:\convocationCandidat_4_225953.ps.pdf
[25/06/2013 - 11:06:39 | A | 108 Ko] - E:\tsi_aom.pdf
[29/05/2013 - 22:33:12 | A | 105 Ko] - E:\943058_4259899516208_1433983521_n.jpg
[19/06/2012 - 18:30:51 | SHD] - E:\$Recycle.Bin
[06/05/2012 - 03:35:37 | RASH | 8 Ko] - E:\BOOTSECT.BAK
[20/11/2010 - 13:40:07 | RASH | 375 Ko] - E:\bootmgr
[20/05/2012 - 13:03:34 | D] - E:\Fifa12_fullrip
[09/06/2012 - 23:54:51 | D] - E:\autocad2006
[19/06/2012 - 17:59:31 | D] - E:\Pes 2012
[28/06/2012 - 16:29:44 | D] - E:\FIFA2012
[01/04/2013 - 00:49:06 | D] - E:\autocad2008
[04/02/2014 - 23:29:17 | SHD] - E:\Boot
[26/03/2014 - 09:39:27 | D] - E:\]-[ @ ]v[ ! ])
[19/08/2014 - 00:11:53 | SHD] - E:\System Volume Information

[b]################## | Vaccin |[/b]

C:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
E:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)

[b]################## | E.O.F | [url=http://www.sosvirus.net/]http://www.sosvirus.net/[/url] | [url=http://www.usbfix.net/]http://www.usbfix.net/[/url] |[/b]