############################## | UsbFix V 7.807 | [Nettoyage]
Utilisateur: lionel (Administrateur) # LIONEL-TOSH
Mis à jour le 18/12/2014 par El Desaparecido - SosVirus
Lancé à 20:37:24 | 02/01/2015
Site Web :
http://www.usbfix.net/
Changelog :
http://www.usbfix.net/maj/
Assistance :
http://www.sosvirus.net/forum-virus-securite.html
Upload Malware :
http://www.sosvirus.net/upload_malware.php
Détection en Live :
http://comment-supprimer.fr/
Contact :
http://www.usbfix.net/contact/
################## | System information |
MB: TOSHIBA (KTWAA)
CPU: Pentium(R) Dual-Core CPU T4300 @ 2.10GHz
GC: ATI Mobility Radeon HD 4500/5100 Series
RAM -> [Total : 4061 Mo | Free : 1381 Mo]
Bios: TOSHIBA
Boot: Normal boot
OS: Microsoft™ Windows 7 Home Premium (6.1.7601 64-Bit) Service Pack 1
WB: Internet Explorer : 11.00.9600.16428
WB: Mozilla Firefox : 34.0.5
################## | Security Information |
AV: Microsoft Security Essentials [Actif |A jour]
AS: Microsoft Security Essentials [Actif |A jour]
AS: Windows Defender [
(!) Désactivé |A jour]
AS: Malwarebytes Anti-Malware : 2.0.4.1028
FW: Windows Firewall [Actif]
SC: Security Center [Actif]
WU: Windows Update [Actif]
################## | Disk Information |
C:\ (%SystemDrive%) -> Disque fixe # 186 Go (62 Go libre(s) - 33%) [WINDOWS] # NTFS
D:\ -> Disque fixe # 186 Go (151 Go libre(s) - 81%) [Data] # NTFS
G:\ -> Disque amovible # 59 Go (55 Go libre(s) - 93%) [CORSANEL] # NTFS
################## | Recherche générique |
Non supprimé ! ... Tentative au redémarrage... G:\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx
Supprimé! G:\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665
(!) Fichiers temporaires supprimés. (18.3767614364624 MB)
################## | Registre |
Supprimé! HKCU\Software\8322898
################## | Regedit Run |
F2 - HKLM\..\Winlogon : [Shell] explorer.exe
F2 - [x64] HKLM\..\Winlogon : [Shell] explorer.exe
F2 - HKLM\..\Winlogon : [TaskMan]
F2 - HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe,
F2 - [x64] HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe,
04 - HKCU\..\Run : [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
04 - HKCU\..\Run : [uTorrent] "C:\Users\lionel\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
04 - HKCU\..\Run : [CCleaner Monitoring] "C:\Program Files (x86)\CCleaner\CCleaner64.exe" /MONITOR
04 - HKCU\..\Run : [HydraVisionDesktopManager] "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
04 - HKLM\..\Run : [SVPWUTIL] C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL
04 - HKLM\..\Run : [HWSetup] "C:\Program Files\TOSHIBA\Utilities\HWSetup.exe" hwSetUP
04 - HKLM\..\Run : [KeNotify] C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
04 - HKLM\..\Run : [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
04 - HKLM\..\Run : [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
04 - HKLM\..\Run : [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
04 - HKLM\..\Run : [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
04 - HKLM\..\Run : [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
04 - HKLM\..\Run : [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
04 - HKLM\..\Run : [NielsenOnline] C:\Program Files (x86)\NetRatingsNetSight\NetSight\NielsenOnline.exe
04 - [x64] HKLM\..\Run : [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
04 - [x64] HKLM\..\Run : [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
04 - [x64] HKLM\..\Run : [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
04 - [x64] HKLM\..\Run : [Logitech Download Assistant] C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
04 - HKU\S-1-5-19\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-20\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-21-3211502705-3115567398-1147419632-1000\..\Run : [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
04 - HKU\S-1-5-21-3211502705-3115567398-1147419632-1000\..\Run : [uTorrent] "C:\Users\lionel\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
04 - HKU\S-1-5-21-3211502705-3115567398-1147419632-1000\..\Run : [CCleaner Monitoring] "C:\Program Files (x86)\CCleaner\CCleaner64.exe" /MONITOR
04 - HKU\S-1-5-21-3211502705-3115567398-1147419632-1000\..\Run : [HydraVisionDesktopManager] "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
04 - HKU\S-1-5-18\..\Run : [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\topi.exe
04 - HKU\S-1-5-19\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-20\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
04GS - Firefox.lnk : C:\Program Files (x86)\Mozilla Firefox\firefox.exe
04GS - Thunderbird.lnk : C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
################## | UsbFix - Information |
Info :
Comment supprimer l'infection des raccourcis sur USB ? (Video)
Info :
L'infection des raccourcis USB, c'est quoi ?
Détection en Live :
http://comment-supprimer.fr/
################## | Hijack |
################## | C:\ %SystemDrive% - Disque Fixe (NTFS) |
[04/09/2009 - 15:18:06 | N | 0 Ko] - C:\SWSTAMP.TXT
[23/11/2013 - 13:32:51 | A | 2 Ko] - C:\DelFix.txt
[02/01/2015 - 16:49:20 | ASH | 3118752 Ko] - C:\hiberfil.sys
[02/01/2015 - 16:49:28 | ASH | 4158336 Ko] - C:\pagefile.sys
[26/12/2014 - 10:31:55 | D] - C:\Config.Msi
[25/09/2009 - 19:22:49 | A | 3 Ko] - C:\RHDSetup.log
[17/03/2012 - 11:20:15 | A | 0 Ko] - C:\user.js
[25/10/2009 - 12:03:11 | SHD] - C:\$RECYCLE.BIN
[01/01/2015 - 09:14:39 | A | 1 Ko] - C:\PhysicalDisk0_MBR.bin
[14/07/2009 - 04:20:08 | D] - C:\PerfLogs
[14/07/2009 - 06:08:56 | SHD] - C:\Documents and Settings
[04/09/2009 - 14:47:52 | D] - C:\Works
[04/09/2009 - 14:49:05 | D] - C:\1033
[04/09/2009 - 14:49:13 | RHD] - C:\MSOCache
[23/10/2009 - 15:48:00 | D] - C:\Toshiba
[25/10/2009 - 08:29:58 | D] - C:\inetpub
[03/02/2010 - 17:24:54 | D] - C:\archive BL
[10/07/2010 - 14:51:37 | D] - C:\downloads
[15/09/2010 - 19:14:14 | D] - C:\Nokia
[25/12/2010 - 16:22:04 | D] - C:\ATI
[25/12/2010 - 16:36:12 | D] - C:\Intel
[28/02/2011 - 18:40:16 | RD] - C:\Users
[17/03/2012 - 11:17:04 | D] - C:\Temp
[30/09/2012 - 13:14:53 | D] - C:\AMD
[11/11/2013 - 15:28:28 | D] - C:\Multimedia Files
[21/12/2014 - 12:10:00 | D] - C:\Program Files
[21/12/2014 - 12:10:01 | D] - C:\ProgramData
[21/12/2014 - 12:29:21 | D] - C:\AdwCleaner
[30/12/2014 - 18:21:50 | D] - C:\Program Files (x86)
[31/12/2014 - 16:43:49 | AD] - C:\Windows
[02/01/2015 - 20:37:43 | D] - C:\UsbFix
################## | D:\ - Disque Fixe (NTFS) |
[07/12/2013 - 15:33:33 | A | 3252935 Ko] - D:\Mobile Atlas Creator 1.9.15.zip
[29/04/2010 - 17:54:29 | SHD] - D:\$RECYCLE.BIN
[24/06/2012 - 08:21:52 | RA | 1 Ko] - D:\MediaID.bin
[21/12/2014 - 18:59:37 | D] - D:\captvty-2.3.3
[25/12/2014 - 18:55:08 | D] - D:\asciipic2.0
[24/10/2009 - 01:32:45 | D] - D:\HDDRecovery
[31/03/2012 - 10:32:01 | D] - D:\supercard
[29/11/2013 - 18:46:30 | D] - D:\Files
[21/12/2014 - 18:59:21 | D] - D:\Zedeo
[25/12/2014 - 18:43:14 | D] - D:\Mobile Atlas Creator
################## | G:\ - Disque USB (NTFS) |
[24/02/2014 - 10:55:02 | A | 842987 Ko] - G:\AllDrivers - luna styles XP + flurry.zip
[02/01/2015 - 20:37:43 | RSHD] - G:\RECYCLER
[09/12/2014 - 19:55:19 | D] - G:\apps
[30/12/2014 - 16:57:02 | D] - G:\Nouveau dossier
################## | Vaccin |
C:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
D:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
G:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
################## | E.O.F | http://www.sosvirus.net/ | http://www.usbfix.net/ | 
Ne fais pas la suppression tant que je ne te l'ai pas demandé 
