titiac
Participant
Nombre d'articles : 5

Tout d’abord, je te remercie pour ton aide !! :)
Mon PC et ma clé sont-ils toujours infectés ?
[spoiler:hscmtuaf][/spoiler:hscmtuaf]############################## | UsbFix V 7.171 | [Nettoyage]

Utilisateur: Poste (Administrateur) # PC-CL-TATIANA
Mis à jour le 18/05/2014 par El Desaparecido – SosVirus
Lancé à 18:29:42 | 20/05/2014

Site Web : http://www.usbfix.net/
Changelog : http://www.usbfix.net/maj/
Assistance : https://www.sosvirus.net/aide-nettoyage-pc/
Upload Malware : https://www.sosvirus.net/upload_malware.php
Contact : http://www.usbfix.net/contact/

PC: LENOVO (CAPELL VALLEY(NAPA) CRB)
CPU: Intel(R) Celeron(R) M CPU 430 @ 1.73GHz
RAM -> [Total : 2038 Mo| Free : 547 Mo]
Bios: LENOVO
Boot: Normal boot

OS: Microsoft® Windows Vista™ Édition Familiale Basique (6.0.6002 32-Bit) Service Pack 2
WB: Windows Internet Explorer : 9.0.8112.16421
WB: Google Chrome : 34.0.1847.137

SC: Security Center [Enabled]
WU: Windows Update [Enabled]
AV: Microsoft Security Essentials [(!) Disabled | Updated]
AS: Windows Defender [(!) Disabled | (!) Outdated]
AS: Microsoft Security Essentials [(!) Disabled | Updated]
FW: Windows FireWall [(!) Disabled]

C: (%SystemDrive%) -> Disque fixe # 233 Go (162 Go libre(s) – 69%) [] # NTFS
D: -> CD-ROM
H: -> Disque amovible # 15 Go (4 Go libre(s) – 25%) [TATCLO] # FAT32

################## | Processus Stoppés |

C:WindowsSystem32SLsvc.exe (ID: 1300|ParentID: 616|SERVICE RÉSEAU)
C:WindowsservicingTrustedInstaller.exe (ID: 1324|ParentID: 616|SYSTEM)
C:WindowsSystem32spoolsv.exe (ID: 1688|ParentID: 616|SYSTEM)
C:Program FilesCommon FilesAdobeARM1.0armsvc.exe (ID: 1872|ParentID: 616|SYSTEM)
C:WindowsSystem32rpcnetp.exe (ID: 336|ParentID: 616|SYSTEM)
C:Program FilesWestern DigitalWD Drive ManagerWDDriveService.exe (ID: 764|ParentID: 616|SYSTEM)
C:Program FilesCommon Filesmicrosoft sharedWindows LiveWLIDSVC.EXE (ID: 1248|ParentID: 616|SYSTEM)
C:WindowsSystem32SearchIndexer.exe (ID: 1732|ParentID: 616|SYSTEM)
C:Program FilesWestern DigitalWD SmartWareWDBackupEngine.exe (ID: 1196|ParentID: 616|SYSTEM)
C:Program FilesCommon Filesmicrosoft sharedWindows LiveWLIDSVCM.EXE (ID: 2096|ParentID: 1248|SYSTEM)
C:WindowsMicrosoft.NETFrameworkv4.0.30319mscorsvw.exe (ID: 2572|ParentID: 616|SYSTEM)
C:WindowsSystem32taskeng.exe (ID: 2584|ParentID: 1172|SYSTEM)
C:WindowsSystem32taskeng.exe (ID: 3088|ParentID: 1172|Poste)
C:Windowsexplorer.exe (ID: 3132|ParentID: 3064|Poste)
C:WindowsSystem32igfxtray.exe (ID: 3468|ParentID: 3132|Poste)
C:WindowsSystem32hkcmd.exe (ID: 3476|ParentID: 3132|Poste)
C:WindowsSystem32igfxpers.exe (ID: 3484|ParentID: 3132|Poste)
C:Program FilesHPHP Software UpdatehpwuSchd2.exe (ID: 3500|ParentID: 3132|Poste)
C:Program FilesMicrosoft Security Clientmsseces.exe (ID: 3508|ParentID: 3132|Poste)
C:WindowsWindowsMobilewmdSync.exe (ID: 3516|ParentID: 3132|Poste)
C:Program FilesLogitechLWSWebcam SoftwareLWS.exe (ID: 3524|ParentID: 3132|Poste)
C:WindowsSystem32igfxsrvc.exe (ID: 3540|ParentID: 832|Poste)
C:Program FilesZuneZuneLauncher.exe (ID: 3556|ParentID: 3132|Poste)
C:Program FilesWestern DigitalWD Quick ViewWDDMStatus.exe (ID: 3636|ParentID: 3132|Poste)
C:Program FilesCommon FilesJavaJava Updatejusched.exe (ID: 3660|ParentID: 3132|Poste)
C:Program FilesWindows Sidebarsidebar.exe (ID: 3672|ParentID: 3132|Poste)
C:Program FilesHPHP Envy 100 D410 seriesBinScanToPCActivationApp.exe (ID: 3680|ParentID: 3132|Poste)
C:Program FilesSkypePhoneSkype.exe (ID: 3696|ParentID: 3132|Poste)
C:Program FilesHPDigital Imagingbinhpqtra08.exe (ID: 3708|ParentID: 3132|Poste)
C:UsersPosteAppDataRoamingMicrosoftWindowsStart MenuProgramsStartuphpqtra08.exe (ID: 3716|ParentID: 3132|Poste)
C:Program FilesMicrosoft OfficeOffice14ONENOTEM.EXE (ID: 3724|ParentID: 3132|Poste)
C:Program FilesGoogleUpdate1.3.24.7GoogleCrashHandler.exe (ID: 3856|ParentID: 3180|SYSTEM)
C:Program FilesLogitechLWSWebcam SoftwareCameraHelperShell.exe (ID: 3780|ParentID: 3524|Poste)
C:Program FilesCommon FilesLogiShrdLQCVFXCOCIManager.exe (ID: 3244|ParentID: 832|Poste)
C:Program FilesHPDigital Imagingbinhpqste08.exe (ID: 2532|ParentID: 3708|Poste)
C:Program FilesGoogleChromeApplicationchrome.exe (ID: 4368|ParentID: 3132|Poste)
C:Program FilesGoogleChromeApplicationchrome.exe (ID: 5128|ParentID: 4368|Poste)
C:Program FilesGoogleChromeApplicationchrome.exe (ID: 5724|ParentID: 4368|Poste)
C:WindowsSystem32WUDFHost.exe (ID: 5268|ParentID: 1156|SERVICE LOCAL)
C:Program FilesHPHP Envy 100 D410 seriesBinHPNetworkCommunicator.exe (ID: 4272|ParentID: 3680|Poste)
C:WindowsSystem32taskeng.exe (ID: 4628|ParentID: 1172|SERVICE LOCAL)
C:WindowsSystem32RacAgent.exe (ID: 4128|ParentID: 4628|SERVICE LOCAL)

################## | Autorun |

################## | Recherche générique |

Supprimé! C:UsersPosteAppDataRoamingMicrosoftWindowsStart MenuProgramsStartuphpqtra08.exe
Supprimé! C:Program FilesHPDigital Imagingbinhpqtra08.exe

(!) Fichiers temporaires supprimés.

################## | Registre |

################## | Regedit Run |

F2 – HKLM..Winlogon : [Shell] explorer.exe
F2 – HKLM..Winlogon : [Userinit] C:Windowssystem32userinit.exe,
04 – HKCU..Run : [Sidebar] C:Program FilesWindows Sidebarsidebar.exe /autoRun
04 – HKCU..Run : [HP Envy 100 D410 series (NET)] “C:Program FilesHPHP Envy 100 D410 seriesBinScanToPCActivationApp.exe” -deviceID “CN0A5D207K05KZ:NW” -scfn “HP Envy 100 D410 series (NET)” -AutoStart 1
04 – HKCU..Run : [Skype] “C:Program FilesSkypePhoneSkype.exe” /minimized /regrun
04 – HKLM..Run : [Windows Defender] %ProgramFiles%Windows DefenderMSASCui.exe -hide
04 – HKLM..Run : [IgfxTray] C:Windowssystem32igfxtray.exe
04 – HKLM..Run : [HotKeysCmds] C:Windowssystem32hkcmd.exe
04 – HKLM..Run : [Persistence] C:Windowssystem32igfxpers.exe
04 – HKLM..Run : [Adobe ARM] “C:Program FilesCommon FilesAdobeARM1.0AdobeARM.exe”
04 – HKLM..Run : [HP Software Update] C:Program FilesHPHP Software UpdateHPWuSchd2.exe
04 – HKLM..Run : [MSC] “c:Program FilesMicrosoft Security Clientmsseces.exe” -hide -runkey
04 – HKLM..Run : [Windows Mobile-based device management] %windir%WindowsMobilewmdSync.exe
04 – HKLM..Run : [LWS] C:Program FilesLogitechLWSWebcam SoftwareLWS.exe -hide
04 – HKLM..Run : [Zune Launcher] “C:Program FilesZuneZuneLauncher.exe”
04 – HKLM..Run : [APSDaemon] “C:Program FilesCommon FilesAppleApple Application SupportAPSDaemon.exe”
04 – HKLM..Run : [WD Quick View] C:Program FilesWestern DigitalWD Quick ViewWDDMStatus.exe
04 – HKLM..Run : [SunJavaUpdateSched] “C:Program FilesCommon FilesJavaJava Updatejusched.exe”
04 – HKUS-1-5-19..Run : [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /detectMem
04 – HKUS-1-5-19..Run : [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
04 – HKUS-1-5-20..Run : [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /detectMem
04 – HKUS-1-5-20..Run : [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
04 – HKUS-1-5-21-1517215651-3075933625-3900454793-1000..Run : [Sidebar] C:Program FilesWindows Sidebarsidebar.exe /autoRun
04 – HKUS-1-5-21-1517215651-3075933625-3900454793-1000..Run : [HP Envy 100 D410 series (NET)] “C:Program FilesHPHP Envy 100 D410 seriesBinScanToPCActivationApp.exe” -deviceID “CN0A5D207K05KZ:NW” -scfn “HP Envy 100 D410 series (NET)” -AutoStart 1
04 – HKUS-1-5-21-1517215651-3075933625-3900454793-1000..Run : [Skype] “C:Program FilesSkypePhoneSkype.exe” /minimized /regrun

################## | C: %SystemDrive% – Disque Fixe (NTFS) |

[18/09/2006 – 23:43:37 | | 0 Ko] – C:config.sys
[20/05/2014 – 18:13:37 | ASH | 2393864 Ko] – C:pagefile.sys
[19/05/2014 – 21:32:26 | D] – C:Config.Msi
[07/12/2011 – 18:23:59 | SHD] – C:$Recycle.Bin
[18/09/2006 – 23:43:36 | A | 0 Ko] – C:autoexec.bat
[07/12/2011 – 18:10:06 | RAS | 8 Ko] – C:BOOTSECT.BAK
[02/11/2006 – 14:59:44 | SHD] – C:Documents and Settings
[21/01/2008 – 04:43:50 | D] – C:PerfLogs
[11/04/2009 – 00:36:38 | RASH | 325 Ko] – C:bootmgr
[07/12/2011 – 18:23:13 | D] – C:Users
[07/12/2011 – 18:59:53 | SHD] – C:Boot
[07/12/2011 – 19:07:30 | D] – C:Intel
[08/12/2011 – 17:46:57 | RHD] – C:MSOCache
[17/05/2012 – 18:09:19 | D] – C:Données Ciel
[27/06/2013 – 11:11:09 | D] – C:5720596a217407cb58734e86a94cc151
[20/10/2013 – 14:41:27 | HD] – C:ProgramData
[14/05/2014 – 18:53:37 | D] – C:Windows
[19/05/2014 – 21:41:07 | D] – C:UsbFix
[19/05/2014 – 21:56:33 | SHD] – C:System Volume Information
[19/05/2014 – 22:17:20 | D] – C:Program Files

################## | H: – Disque USB (FAT32) |

[20/08/2011 – 09:38:22 | N | 312768 Ko] – H:.HPIMAGE.VFS
[01/08/2013 – 18:14:24 | N | 43169 Ko] – H:CD_Content_MappyIti407.rar
[07/08/2013 – 23:11:58 | N | 0 Ko] – H:_disk_id.pod
[27/02/2013 – 22:49:32 | N | 9714 Ko] – H:guidePreparatoirerouen2013.pdf
[30/04/2013 – 15:33:02 | N | 9 Ko] – H:Ap-13-6891.pdf
[28/06/2013 – 10:48:50 | N | 385 Ko] – H:Ligne300_8v.indd.web.pdf
[28/06/2013 – 10:51:02 | N | 372 Ko] – H:Ligne250_4v.web.pdf
[28/06/2013 – 10:52:46 | N | 680 Ko] – H:Ligne390_10v.indd.web.pdf
[03/03/2014 – 09:21:16 | N | 11424 Ko] – H:guideForumrouen2014.pdf
[07/05/2014 – 16:41:54 | N | 30 Ko] – H:numérisation0002.pdf
[14/05/2014 – 15:59:16 | N | 176 Ko] – H:ResileLigne-Free.pdf
[19/07/2012 – 22:57:30 | N | 28 Ko] – H:INTRODUCTION AU DROIT CIVIL.docx
[20/07/2012 – 21:12:36 | N | 53 Ko] – H:suite introduction au droit civil.doc
[03/02/2013 – 20:51:02 | N | 22 Ko] – H:Lettre demande de tableau récapitulatif de soins.doc
[12/05/2011 – 09:04:42 | D] – H:PERSONNEL
[20/08/2011 – 09:26:48 | D] – H:DCIM
[15/03/2012 – 13:38:10 | D] – H:Carte de la Guyane
[16/03/2012 – 13:44:32 | D] – H:Les emplois en Seine
[09/05/2012 – 10:36:06 | D] – H:Ciel
[23/05/2012 – 10:52:22 | D] – H:ASCA
[28/06/2012 – 08:10:02 | D] – H:DIVERS
[18/12/2012 – 08:10:56 | D] – H:Sinistre super 5 12 dec 2012
[02/04/2013 – 16:18:20 | D] – H:EDF
[31/07/2013 – 18:02:50 | D] – H:Vacances 2013 Vince&Tat
[01/08/2013 – 18:14:58 | D] – H:CD_Content_MappyIti407
[04/10/2013 – 11:45:14 | N | 28 Ko] – H:Attestation_MGEN_Tatiana_CLOVIS_15051978_
[18/11/2013 – 18:05:12 | D] – H:Dossier professionnel fact 13-14
[09/05/2014 – 16:36:48 | D] – H:pictures

################## | Vaccin |

H:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)

################## | E.O.F | https://www.sosvirus.net/ | http://www.usbfix.net/ |