Répondre à : Désinfection clé usb 2016-09-08T13:38:16+00:00
Photo du profil de carole06carole06
Participant
Post count: 12

Bonjour Billmaxime,

Je te remercie pour ton aide. Voici le rapport d’Usbfix. Je vais rester rester vigilante quant à ta réponse.
Bonne journée.

############################## | UsbFix V 7.169 | [Recherche]

Utilisateur: Louisa (Administrateur) # LOUISA-PC
Mis à jour le 31/03/2014 par El Desaparecido – Team SosVirus
Lancé à 17:51:57 | 02/05/2014

Site Web : http://www.usbfix.net/” onclick=”window.open(this.href);return false;
Changelog : http://www.usbfix.net/maj/” onclick=”window.open(this.href);return false;
Support : forum-virus-securite.html
Upload Malware : upload_malware.php
Contact : http://www.usbfix.net/contact/” onclick=”window.open(this.href);return false;

PC: Hewlett-Packard (143A)
CPU: Intel(R) Pentium(R) CPU P6000 @ 1.87GHz
RAM -> [Total : 3894 Mo| Free : 1762 Mo]
Bios: Hewlett-Packard
Boot: Normal boot

OS: Microsoft Windows 7 Édition Familiale Premium (6.1.7601 64-Bit) Service Pack 1
WB: Windows Internet Explorer : 11.0.9600.17105
WB: Google Chrome : 34.0.1847.131

SC: Security Center [Enabled]
WU: Windows Update [Enabled]
AS: Windows Defender [Enabled | Updated]
FW: Windows FireWall [(!) Disabled]

C: (%systemdrive%) -> Disque fixe # 451 Go (300 Go libre(s) – 66%) [] # NTFS
D: -> Disque fixe # 14 Go (2 Go libre(s) – 14%) [RECOVERY] # NTFS
E: -> Disque fixe # 99 Mo (91 Mo libre(s) – 92%) [HP_TOOLS] # FAT32
F: -> CD-ROM
G: -> Disque amovible # 4 Go (95 Mo libre(s) – 2%) [] # FAT32

################## | Processus Actif |

C:Windowssystem32csrss.exe (ID: 484 |ParentID: 440)
C:Windowssystem32wininit.exe (ID: 560 |ParentID: 440)
C:Windowssystem32csrss.exe (ID: 576 |ParentID: 552)
C:Windowssystem32services.exe (ID: 608 |ParentID: 560)
C:Windowssystem32lsass.exe (ID: 632 |ParentID: 560)
C:Windowssystem32lsm.exe (ID: 640 |ParentID: 560)
C:Windowssystem32winlogon.exe (ID: 672 |ParentID: 552)
C:Windowssystem32svchost.exe (ID: 788 |ParentID: 608)
C:Windowssystem32svchost.exe (ID: 888 |ParentID: 608)
C:Windowssystem32atiesrxx.exe (ID: 936 |ParentID: 608)
C:WindowsSystem32svchost.exe (ID: 1008 |ParentID: 608)
C:WindowsSystem32svchost.exe (ID: 396 |ParentID: 608)
C:Windowssystem32svchost.exe (ID: 556 |ParentID: 608)
C:Windowssystem32svchost.exe (ID: 804 |ParentID: 608)
C:Windowssystem32atieclxx.exe (ID: 1204 |ParentID: 936)
C:Windowssystem32svchost.exe (ID: 1220 |ParentID: 608)
C:Windowssystem32WLANExt.exe (ID: 1336 |ParentID: 396)
C:Windowssystem32conhost.exe (ID: 1352 |ParentID: 484)
C:WindowsSystem32spoolsv.exe (ID: 1552 |ParentID: 608)
C:Windowssystem32svchost.exe (ID: 1580 |ParentID: 608)
C:Program Files (x86)Common FilesAdobeARM1.0armsvc.exe (ID: 1664 |ParentID: 608)
C:Program FilesRealtekAudioHDAAERTSr64.exe (ID: 1792 |ParentID: 608)
C:Program Files (x86)MicrosoftBingBarSeaPort.EXE (ID: 1848 |ParentID: 608)
C:WindowsSysWOW64ezSharedSvcHost.exe (ID: 1896 |ParentID: 608)
C:Program FilesHewlett-PackardHP Quick LaunchHPWMISVC.exe (ID: 1956 |ParentID: 608)
C:Program Files (x86)Jumpstartjswpbapi.exe (ID: 1980 |ParentID: 608)
C:Program Files (x86)Common FilesLightScribeLSSrvc.exe (ID: 2124 |ParentID: 608)
C:Program Files (x86)IntelIntel(R) Management Engine ComponentsLMSLMS.exe (ID: 2148 |ParentID: 608)
C:Program Files (x86)Microsoft Application Virtualization Clientsftvsa.exe (ID: 2404 |ParentID: 608)
C:Windowssystem32svchost.exe (ID: 2452 |ParentID: 608)
C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSVC.EXE (ID: 2520 |ParentID: 608)
C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSvcM.exe (ID: 2616 |ParentID: 2520)
C:Program Files (x86)IntelIntel Matrix Storage ManagerIAANTMon.exe (ID: 2744 |ParentID: 608)
C:Windowssystem32taskhost.exe (ID: 2776 |ParentID: 608)
C:Windowssystem32Dwm.exe (ID: 2856 |ParentID: 396)
C:WindowsExplorer.EXE (ID: 2916 |ParentID: 2832)
C:Program Files (x86)Microsoft Application Virtualization Clientsftlist.exe (ID: 2820 |ParentID: 608)
C:Program FilesSynapticsSynTPSynTPEnh.exe (ID: 2940 |ParentID: 2916)
C:Program Files (x86)IntelIntel Matrix Storage ManagerIAAnotif.exe (ID: 3020 |ParentID: 2916)
C:Program FilesRealtekAudioHDARtkNGUI64.exe (ID: 2100 |ParentID: 2916)
C:Program Files (x86)RealtekAudioOSDRtVOsd64.exe (ID: 3208 |ParentID: 2916)
C:WindowsSystem32hkcmd.exe (ID: 3312 |ParentID: 2916)
C:Windowssystem32igfxsrvc.exe (ID: 3356 |ParentID: 788)
C:WindowsSystem32igfxpers.exe (ID: 3412 |ParentID: 2916)
C:Program FilesJavajre6binjusched.exe (ID: 3472 |ParentID: 2916)
C:Program Files (x86)Common FilesLightScribeLightScribeControlPanel.exe (ID: 3636 |ParentID: 2916)
C:Program FilesMcAfee Security Scan3.8.141SSScheduler.exe (ID: 3708 |ParentID: 2916)
C:Program Files (x86)Javajre6binjusched.exe (ID: 3792 |ParentID: 3644)
C:Program Files (x86)HpHP Software Updatehpwuschd2.exe (ID: 3800 |ParentID: 3644)
C:Program FilesAVAST SoftwareAvastAvastUI.exe (ID: 3808 |ParentID: 3644)
C:Program Files (x86)Hosts_Anti_Adwares_PUPsHOSTS_Anti-Adware_main.exe (ID: 3940 |ParentID: 3644)
C:Program Files (x86)Common FilesMicrosoft SharedVirtualization HandlerCVHSVC.EXE (ID: 3288 |ParentID: 608)
C:Windowssystem32SearchIndexer.exe (ID: 368 |ParentID: 608)
C:Windowssystem32svchost.exe (ID: 4040 |ParentID: 608)
C:Program FilesSynapticsSynTPSynTPHelper.exe (ID: 2440 |ParentID: 2940)
C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticMOM.exe (ID: 3632 |ParentID: 3748)
C:Program Files (x86)Hewlett-PackardHP AdvisorHPAdvisor.exe (ID: 3372 |ParentID: 3564)
C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticCCC.exe (ID: 3704 |ParentID: 3632)
C:WindowsMicrosoft.NetFramework64v3.0WPFPresentationFontCache.exe (ID: 4264 |ParentID: 608)
C:Program FilesHewlett-PackardHP Wireless AssistantHPWA_Main.exe (ID: 4604 |ParentID: 3552)
C:Windowssystem32svchost.exe (ID: 2904 |ParentID: 608)
C:Program Files (x86)Hewlett-PackardHP Health Checkhphc_service.exe (ID: 3820 |ParentID: 608)
C:Program FilesHewlett-PackardHP Wireless AssistantHPWA_Service.exe (ID: 2712 |ParentID: 608)
C:Program Files (x86)IntelIntel(R) Management Engine ComponentsUNSUNS.exe (ID: 4356 |ParentID: 608)
C:Windowssystem32wbemwmiprvse.exe (ID: 1156 |ParentID: 788)
C:Program Files (x86)Hewlett-PackardSharedhpqwmiex.exe (ID: 4060 |ParentID: 608)
C:WindowsSystem32svchost.exe (ID: 2316 |ParentID: 608)
C:Windowssystem32wbemwmiprvse.exe (ID: 4236 |ParentID: 788)
C:Program FilesWindows Media Playerwmpnetwk.exe (ID: 2160 |ParentID: 608)
C:Program Files (x86)Hewlett-PackardSharedhpCaslNotification.exe (ID: 2852 |ParentID: 4604)
C:Program FilesInternet Exploreriexplore.exe (ID: 4896 |ParentID: 2916)
C:Program Files (x86)Internet ExplorerIEXPLORE.EXE (ID: 5012 |ParentID: 4896)
C:Program Files (x86)Internet ExplorerIEXPLORE.EXE (ID: 6108 |ParentID: 4896)
C:Windowssystem32MacromedFlashFlashUtil64_13_0_0_206_ActiveX.exe (ID: 5212 |ParentID: 788)
C:Program Files (x86)Internet ExplorerIEXPLORE.EXE (ID: 5936 |ParentID: 4896)
C:Program Files (x86)Internet ExplorerIEXPLORE.EXE (ID: 1044 |ParentID: 4896)
C:WindowsSysWOW64DllHost.exe (ID: 3204 |ParentID: 788)
C:Program FilesAVAST SoftwareAvastaswRunDll.exe (ID: 1268 |ParentID: 3204)
C:Program FilesAVAST SoftwareAvastsetupavast.setup (ID: 8132 |ParentID: 1268)
C:Windowssystem32taskhost.exe (ID: 7156 |ParentID: 608)
C:Program Files (x86)Internet ExplorerIEXPLORE.EXE (ID: 8044 |ParentID: 4896)
C:Windowssystem32taskeng.exe (ID: 7832 |ParentID: 804)
c:program fileswindows defenderMpCmdRun.exe (ID: 8288 |ParentID: 8264)
C:Windowssystem32SearchProtocolHost.exe (ID: 8928 |ParentID: 368)
C:WindowsSystem32WUDFHost.exe (ID: 5760 |ParentID: 396)

################## | Regedit Run |

F2 – HKLM..Winlogon : [Shell] explorer.exe
F2 – [x64] HKLM..Winlogon : [Shell] explorer.exe
F2 – HKLM..Winlogon : [Userinit] userinit.exe
F2 – [x64] HKLM..Winlogon : [Userinit] C:Windowssystem32userinit.exe,
04 – HKCU..Run : [HPAdvisorDock] C:Program Files (x86)Hewlett-PackardHP AdvisorDockHPAdvisorDock.exe
04 – HKCU..Run : [LightScribe Control Panel] C:Program Files (x86)Common FilesLightScribeLightScribeControlPanel.exe -hidden
04 – HKCU..Run : [msnmsgr] “C:Program Files (x86)Windows LiveMessengermsnmsgr.exe” /background
04 – HKLM..Run : [StartCCC] “C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticCLIStart.exe” MSRun
04 – HKLM..Run : [Easybits Recovery] C:Program Files (x86)EasyBits For KidsezRecover.exe
04 – HKLM..Run : [SunJavaUpdateSched] “C:Program Files (x86)Javajre6binjusched.exe”
04 – HKLM..Run : [HP Software Update] C:Program Files (x86)HpHP Software UpdateHPWuSchd2.exe
04 – HKLM..Run : []
04 – HKLM..Run : [Adobe ARM] “C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe”
04 – HKLM..Run : [HOSTS Anti-Adware_PUPs] C:Program Files (x86)Hosts_Anti_Adwares_PUPsHOSTS_Anti-Adware_main.exe
04 – HKLM..RunOnce : []
04 – [x64] HKLM..Run : [SynTPEnh] %ProgramFiles%SynapticsSynTPSynTPEnh.exe
04 – [x64] HKLM..Run : [IAAnotif] C:Program Files (x86)IntelIntel Matrix Storage Manageriaanotif.exe
04 – [x64] HKLM..Run : [RTHDVCPL] C:Program FilesRealtekAudioHDARtkNGUI64.exe -s
04 – [x64] HKLM..Run : [RtkOSD] C:Program Files (x86)RealtekAudioOSDRtVOsd64.exe
04 – [x64] HKLM..Run : [IgfxTray] C:Windowssystem32igfxtray.exe
04 – [x64] HKLM..Run : [HotKeysCmds] C:Windowssystem32hkcmd.exe
04 – [x64] HKLM..Run : [Persistence] C:Windowssystem32igfxpers.exe
04 – [x64] HKLM..Run : [SunJavaUpdateSched] “C:Program FilesJavajre6binjusched.exe”
04 – [x64] HKLM..Run : [HPWirelessAssistant] C:Program FilesHewlett-PackardHP Wireless AssistantDelayedAppStarter.exe 120 C:Program FilesHewlett-PackardHP Wireless AssistantHPWA_Main.exe /hidden
04 – HKUS-1-5-19..Run : [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /autoRun
04 – HKUS-1-5-20..Run : [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /autoRun
04 – HKUS-1-5-21-2438885668-180924057-1699815265-1000..Run : [HPAdvisorDock] C:Program Files (x86)Hewlett-PackardHP AdvisorDockHPAdvisorDock.exe
04 – HKUS-1-5-21-2438885668-180924057-1699815265-1000..Run : [LightScribe Control Panel] C:Program Files (x86)Common FilesLightScribeLightScribeControlPanel.exe -hidden
04 – HKUS-1-5-21-2438885668-180924057-1699815265-1000..Run : [msnmsgr] “C:Program Files (x86)Windows LiveMessengermsnmsgr.exe” /background
04 – HKUS-1-5-19..RunOnce : [mctadmin] C:WindowsSystem32mctadmin.exe
04 – HKUS-1-5-20..RunOnce : [mctadmin] C:WindowsSystem32mctadmin.exe

################## | Recherche générique |

Présent! G:iTunesHelper.vbe
Présent! G:autorun.lnk
Présent! G:Etiquettes boites.lnk
Présent! G:Boarding_Pass.lnk
Présent! G:Etiquettes boites (2).lnk
Présent! G:CartevisiteRégis.lnk
Présent! G:Etiquettes boites 1.lnk
Présent! G:CONTRAT DE LOCATION.lnk