benaissa
Participant
Nombre d'articles : 9

merci pour votre reponse imediate

voici le rapport de la premiere etape:
############################## | UsbFix V 7.171 | [Nettoyage]

Utilisateur: user (Administrateur) # USER-PC
Mis à jour le 18/05/2014 par El Desaparecido – SosVirus
Lancé à 19:27:16 | 01/06/2014

Site Web : http://www.usbfix.net/
Changelog : http://www.usbfix.net/maj/
Assistance : http://www.sosvirus.net/forum-virus-securite.html
Upload Malware : http://www.sosvirus.net/upload_malware.php
Contact : http://www.usbfix.net/contact/

PC: Dell Inc. (01HXXJ)
CPU: Intel(R) Core(TM) i5-2450M CPU @ 2.50GHz
RAM -> [Total : 2048 Mo| Free : 257 Mo]
Bios: Dell Inc.
Boot: Normal boot

OS: Microsoft Windows 7 Edition Starter (6.1.7601 32-Bit) Service Pack 1
WB: Windows Internet Explorer : 9.0.8112.16421
WB: Google Chrome : 32.0.1700.107

SC: Security Center [Enabled]
WU: Windows Update [Enabled]
AV: ESET NOD32 Antivirus 5.2 [Enabled | Updated]
AV: avast! Antivirus [Enabled | Updated]
AS: ESET NOD32 Antivirus 5.2 [Enabled | Updated]
AS: avast! Antivirus [Enabled | Updated]
AS: Windows Defender [Enabled | (!) Outdated]
FW: Windows FireWall [Enabled]

C: (%SystemDrive%) -> Disque fixe # 244 Go (106 Go libre(s) – 43%) [OS] # NTFS
D: -> Disque fixe # 222 Go (189 Go libre(s) – 85%) [Sauvegarde] # NTFS
E: -> CD-ROM
F: -> Disque amovible # 1003 Mo (942 Mo libre(s) – 94%) [CHAOUKI@] # FAT

################## | Processus Stoppés |

C:WindowsSystem32wlanext.exe (ID: 1348|ParentID: 884)
C:WindowsSystem32conhost.exe (ID: 1356|ParentID: 436)
C:WindowsSystem32spoolsv.exe (ID: 1856|ParentID: 556)
C:Program FilesCommon FilesAdobeARM1.0armsvc.exe (ID: 1936|ParentID: 556|Système)
C:Program FilesWIDCOMMBluetooth Softwarebtwdins.exe (ID: 1956|ParentID: 556|Système)
C:Program FilesCommon FilesInterVideoDeviceServiceDevSvc.exe (ID: 1980|ParentID: 556|Système)
C:ProgramDataDatacardServiceHWDeviceService.exe (ID: 456|ParentID: 556|Système)
C:Program FilesCanonIJPLMijplmsvc.exe (ID: 368|ParentID: 556|Système)
C:ProgramDataInternet MobileOnlineUpdateouc.exe (ID: 776|ParentID: 632|Système)
C:Program FilesCommon Filesmicrosoft sharedVS7DEBUGMDM.EXE (ID: 504|ParentID: 556|Système)
C:ProgramDataMobileBrServmbbService.exe (ID: 1096|ParentID: 556|Système)
C:WindowsSystem32taskhost.exe (ID: 2540|ParentID: 556|user)
C:WindowsSystem32taskeng.exe (ID: 2572|ParentID: 952|Système)
C:Program FilesGoogleUpdateGoogleUpdate.exe (ID: 2636|ParentID: 2572|Système)
C:Windowsexplorer.exe (ID: 2724|ParentID: 2652|user)
C:Program FilesIntelIntel(R) Rapid Storage TechnologyIAStorIcon.exe (ID: 2888|ParentID: 2724|user)
C:ProgramDataDatacardServiceDCSHelper.exe (ID: 2924|ParentID: 456|user)
C:WindowsSystem32hkcmd.exe (ID: 2956|ParentID: 2724|user)
C:WindowsSystem32igfxpers.exe (ID: 2996|ParentID: 2724|user)
C:Program FilesUSB Disk SecurityUSBGuard.exe (ID: 3072|ParentID: 2724|user)
C:ProgramDataAnti-phishing Domain Advisorvisicom_antiphishing.exe (ID: 3176|ParentID: 2724|user)
C:WindowsSystem32SearchIndexer.exe (ID: 3256|ParentID: 556|Système)
C:Program FilesCanonQuick MenuCNQMMAIN.EXE (ID: 3356|ParentID: 2724|user)
C:Program FilesStarterBackgroundChangerStarterBackgroundChangerTask.exe (ID: 3484|ParentID: 2724|user)
C:Program FilesInternet Download ManagerIDMan.exe (ID: 3672|ParentID: 2724|user)
C:Program FilesSkypePhoneSkype.exe (ID: 2800|ParentID: 2724|user)
C:WindowsSystem32wscript.exe (ID: 2788|ParentID: 2724|user)
C:Program FilesWIDCOMMBluetooth SoftwareBTTray.exe (ID: 2744|ParentID: 2724|user)
C:Program FilesInternet Download ManagerIEMonitor.exe (ID: 1476|ParentID: 3672|user)
C:Program FilesWIDCOMMBluetooth SoftwareBTStackServer.exe (ID: 3092|ParentID: 700|user)
C:Program FilesWIDCOMMBluetooth SoftwareBluetooth Headset Helper.exe (ID: 904|ParentID: 2744|user)
C:Program FilesGoogleChromeApplicationchrome.exe (ID: 4600|ParentID: 2724|user)
C:Program FilesGoogleChromeApplicationchrome.exe (ID: 4724|ParentID: 4600|user)
C:Program FilesCanonQuick MenuCNQMUPDT.EXE (ID: 4984|ParentID: 3356|user)
C:Program FilesCanonQuick MenuCNQMSWCS.EXE (ID: 5020|ParentID: 3356|user)
C:Program FilesGoogleChromeApplicationchrome.exe (ID: 5216|ParentID: 4600|user)
C:Program FilesGoogleChromeApplicationchrome.exe (ID: 5280|ParentID: 4600|user)
C:Program FilesGoogleChromeApplicationchrome.exe (ID: 5304|ParentID: 4600|user)
C:Program FilesGoogleChromeApplicationchrome.exe (ID: 5320|ParentID: 4600|user)
C:Program FilesGoogleChromeApplicationchrome.exe (ID: 5332|ParentID: 4600|user)
C:Program FilesGoogleChromeApplicationchrome.exe (ID: 5364|ParentID: 4600|user)
C:Program FilesGoogleChromeApplicationchrome.exe (ID: 5380|ParentID: 4600|user)
C:Program FilesIntelIntel(R) Rapid Storage TechnologyIAStorDataMgrSvc.exe (ID: 2300|ParentID: 556|Système)
C:Program FilesIntelIntel(R) Management Engine ComponentsLMSLMS.exe (ID: 2316|ParentID: 556|Système)
C:Program FilesIntelIntel(R) Management Engine ComponentsUNSUNS.exe (ID: 3416|ParentID: 556|Système)
C:Program FilesGoogleChromeApplicationchrome.exe (ID: 4956|ParentID: 4600|user)
C:Program FilesGoogleChromeApplicationchrome.exe (ID: 4196|ParentID: 4600|user)
C:WindowsSystem32WUDFHost.exe (ID: 3972|ParentID: 884|SERVICE LOCAL)
C:Program FilesGoogleChromeApplicationchrome.exe (ID: 1896|ParentID: 4600|user)
C:Program FilesGoogleChromeApplicationchrome.exe (ID: 1484|ParentID: 4600|user)

################## | Autorun |

F:IdentificationPlantules.lnk -> F:Funny.vbs.vbs – (SHA1: A6DD556A1B2DD112C16AF22AB2F057CF6E069DAB)
F:biologie mauvaises herbest11 [Mode de compatibilité].lnk -> F:Funny.vbs.vbs – (SHA1: A6DD556A1B2DD112C16AF22AB2F057CF6E069DAB)
F:orobanche_presentation [Lecture seule] [Mode de compatibilité].lnk -> F:Funny.vbs.vbs – (SHA1: A6DD556A1B2DD112C16AF22AB2F057CF6E069DAB)
F:dossier sponsoring.lnk -> F:Funny.vbs.vbs – (SHA1: A6DD556A1B2DD112C16AF22AB2F057CF6E069DAB)
F:DSC_3923.lnk -> F:Funny.vbs.vbs – (SHA1: A6DD556A1B2DD112C16AF22AB2F057CF6E069DAB)
F:F12.lnk -> F:Funny.vbs.vbs – (SHA1: A6DD556A1B2DD112C16AF22AB2F057CF6E069DAB)
F:6122013354.lnk -> F:Funny.vbs.vbs – (SHA1: A6DD556A1B2DD112C16AF22AB2F057CF6E069DAB)
F:Sans titre.lnk -> F:Funny.vbs.vbs – (SHA1: A6DD556A1B2DD112C16AF22AB2F057CF6E069DAB)
F:poster paysage.lnk -> F:Funny.vbs.vbs – (SHA1: A6DD556A1B2DD112C16AF22AB2F057CF6E069DAB)
F:centre alami fin.lnk -> F:Funny.vbs.vbs – (SHA1: A6DD556A1B2DD112C16AF22AB2F057CF6E069DAB)
F:EIE tourisme.lnk -> F:Funny.vbs.vbs – (SHA1: A6DD556A1B2DD112C16AF22AB2F057CF6E069DAB)
F:etude d’impact garde.lnk -> F:Funny.vbs.vbs – (SHA1: A6DD556A1B2DD112C16AF22AB2F057CF6E069DAB)
F:img.lnk -> F:Funny.vbs.vbs – (SHA1: A6DD556A1B2DD112C16AF22AB2F057CF6E069DAB)
F:bizo.lnk -> F:Funny.vbs.vbs – (SHA1: A6DD556A1B2DD112C16AF22AB2F057CF6E069DAB)
F:pict.lnk -> F:Funny.vbs.vbs – (SHA1: A6DD556A1B2DD112C16AF22AB2F057CF6E069DAB)
F:bin.lnk -> F:Funny.vbs.vbs – (SHA1: A6DD556A1B2DD112C16AF22AB2F057CF6E069DAB)
F:.lnk -> F:Funny.vbs.vbs – (SHA1: A6DD556A1B2DD112C16AF22AB2F057CF6E069DAB)
F:rapactivites-rapactivites08.lnk -> F:Funny.vbs.vbs – (SHA1: A6DD556A1B2DD112C16AF22AB2F057CF6E069DAB)
F:63.lnk -> F:Funny.vbs.vbs – (SHA1: A6DD556A1B2DD112C16AF22AB2F057CF6E069DAB)
F:Sp Mauvaises herbes 9(3&4).lnk -> F:Funny.vbs.vbs – (SHA1: A6DD556A1B2DD112C16AF22AB2F057CF6E069DAB)

################## | Recherche générique |

Supprimé! C:UsersuserAppDataRoamingFunny.vbs.vbs
Supprimé! C:UsersuserAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupFunny.vbs.vbs
Supprimé! C:UsersuserAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupUpdat.exe
Supprimé! C:UsersuserAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupUpdate.exe
Supprimé! F:Funny.vbs.vbs
Supprimé! F:.lnk
Supprimé! F:63.lnk
Supprimé! F:rapactivites-rapactivites08.lnk
Supprimé! F:Sp Mauvaises herbes 9(3&4).lnk
Supprimé! F:biologie mauvaises herbest11 [Mode de compatibilité].lnk
Supprimé! F:IdentificationPlantules.lnk
Supprimé! F:orobanche_presentation [Lecture seule] [Mode de compatibilité].lnk
Supprimé! F:dossier sponsoring.lnk
Supprimé! F:F12.lnk
Supprimé! F:DSC_3923.lnk
Supprimé! F:6122013354.lnk
Supprimé! F:Sans titre.lnk
Supprimé! F:poster paysage.lnk
Supprimé! F:centre alami fin.lnk
Supprimé! F:EIE tourisme.lnk
Supprimé! F:etude d’impact garde.lnk
Supprimé! F:img.lnk
Supprimé! F:pict.lnk
Supprimé! F:bizo.lnk
Supprimé! F:bin.lnk
Supprimé! C:UsersuserAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupStart.lnk
Supprimé! F:bin.doc
Supprimé! F:bizo.doc
Supprimé! F:img.jpg

(!) Fichiers temporaires supprimés.

################## | Registre |

Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000SoftwareMicrosoftWindowsCurrentVersionRun|Funny
Supprimé! HKCU|di
Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2G
Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2{094742f8-e13b-11e3-bc29-642737d0044e}
Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2{0a1f3498-29b6-11e2-a654-24b6fd1cdda0}
Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2{12b217d5-eba6-11e2-b465-001e101fb681}
Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2{1330ca65-bb2a-11e3-b6f2-806e6f6e6963}
Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2{1a6522d3-211d-11e2-a6f4-642737d0044e}
Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2{1a652310-211d-11e2-a6f4-642737d0044e}
Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2{1f0efd4d-a6a9-11e2-b004-642737d0044e}
Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2{25aae9eb-499a-11e3-9f64-642737d0044e}
Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2{28c6d6d9-48d0-11e3-9ef7-642737d0044e}
Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2{2b423cde-793c-11e2-8625-642737d0044e}
Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2{2ef2909b-11bb-11e3-836c-642737d0044e}
Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2{2ef290cc-11bb-11e3-836c-642737d0044e}
Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2{2f9d32b0-ad8f-11e2-aea3-642737d0044e}
Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2{302b3b0e-8a34-11e2-8eae-001e101f8924}
Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2{38cc1c4f-7121-11e2-855b-001e101f8ed0}
Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2{3e340e5b-242c-11e2-8766-642737d0044e}
Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2{480aeda9-23c5-11e3-8379-642737d0044e}
Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2{4ec1ffbe-7f76-11e3-8519-001e101f63cf}
Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2{60732888-25ee-11e2-a723-24b6fd1cdda0}
Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2{62af7174-8bb3-11e2-892e-642737d0044e}
Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2{6724e2b3-79cc-11e2-afb5-642737d0044e}
Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2{696aa803-96d6-11e3-8323-642737d0044e}
Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2{6bc6fe6e-d605-11e2-836f-642737d0044e}
Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2{75e9f100-79ed-11e2-9f34-642737d0044e}
Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2{7c2caeb1-87df-11e2-b454-642737d0044e}
Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2{7c2caef9-87df-11e2-b454-642737d0044e}
Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2{7d0dbd17-ca9e-11e2-a9eb-642737d0044e}
Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2{869e9728-8e9e-11e3-924a-642737d0044e}
Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2{869e973c-8e9e-11e3-924a-642737d0044e}
Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2{87dcbaa6-716b-11e3-950d-642737d0044e}
Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2{8cc46a18-e901-11e3-9bb5-642737d0044e}
Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2{8cc46a35-e901-11e3-9bb5-642737d0044e}
Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2{8d2d8e01-8e79-11e2-861b-642737d0044e}
Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2{9a87b33f-72e2-11e2-8950-001e101f3315}
Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2{9a87b370-72e2-11e2-8950-001e101f3315}
Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2{9ebb87df-5b0e-11e2-8865-24b6fd1cdda0}
Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2{a01a39ee-22ad-11e2-8670-642737d0044e}
Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2{a57f1233-7cea-11e2-8a31-642737d0044e}
Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2{aed799dc-52ba-11e2-b169-24b6fd1cdda0}
Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2{afe925f9-89e4-11e3-a2ce-806e6f6e6963}
Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2{b2261d38-1f03-11e3-9582-642737d0044e}
Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2{b2261d6d-1f03-11e3-9582-642737d0044e}
Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2{b7486817-1d5b-11e3-bd64-642737d0044e}
Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2{bc7a288a-a923-11e2-8c57-642737d0044e}
Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2{c0a57387-38e9-11e2-9e5c-001e101f63cf}
Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2{c154270c-511a-11e3-927c-642737d0044e}
Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2{c154272d-511a-11e3-927c-642737d0044e}
Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2{d0c30ad1-2111-11e2-a329-642737d0044d}
Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2{d0c30b1f-2111-11e2-a329-001e101f1f81}
Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2{d0c30b40-2111-11e2-a329-001e101f1f81}
Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2{d501dd62-4c4e-11e3-94a9-24b6fd1cdda0}
Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2{d6b654f9-9cc3-11e3-8e93-642737d0044e}
Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2{d97b4e80-5a16-11e3-91da-642737d0044e}
Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2{dba3b83b-92d1-11e2-855d-642737d0044e}
Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2{e2cdcb35-2ce7-11e3-bd25-642737d0044e}
Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2{e5be0f44-3a8e-11e3-9974-642737d0044e}
Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2{e86a60fc-2441-11e2-b43a-642737d0044d}
Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2{e9195d3f-9251-11e2-8326-642737d0044e}
Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2{eed18bc9-2a84-11e2-87d4-24b6fd1cdda0}
Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2{f55177b9-58fc-11e2-b1b1-642737d0044d}
Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2{f5517807-58fc-11e2-b1b1-001e101f8ed0}
Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2{fa50e63d-42c0-11e2-b1af-24b6fd1cdda0}
Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2{fa64bae6-36f6-11e2-87db-24b6fd1cdda0}
Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2{fddf13b2-8895-11e2-8569-642737d0044e}

################## | Regedit Run |

F2 – HKLM..Winlogon : [Shell] explorer.exe
F2 – HKLM..Winlogon : [Userinit] C:Windowssystem32userinit.exe,
04 – HKCU..Run : [StarterBackgroundChanger] « C:Program FilesStarterBackgroundChangerStarterBackgroundChangerTask.exe »
04 – HKCU..Run : [Internet Download Accelerator] C:Program FilesIDAida.exe -autorun
04 – HKCU..Run : [IDMan] C:Program FilesInternet Download ManagerIDMan.exe /onboot
04 – HKCU..Run : [Speech Recognition] « C:WindowsSpeechCommonsapisvr.exe » -SpeechUX -Startup
04 – HKCU..Run : [Facebook Update] « C:UsersuserAppDataLocalFacebookUpdateFacebookUpdate.exe » /c /nocrashserver
04 – HKCU..Run : [Apps Hat] C:UsersuserAppDataLocalWebPlayerAppsHatWebPlayer.exe
04 – HKCU..Run : [Skype] « C:Program FilesSkypePhoneSkype.exe » /minimized /regrun
04 – HKLM..Run : [IAStorIcon] C:Program FilesIntelIntel(R) Rapid Storage TechnologyIAStorIcon.exe
04 – HKLM..Run : [IgfxTray] C:Windowssystem32igfxtray.exe
04 – HKLM..Run : [HotKeysCmds] C:Windowssystem32hkcmd.exe
04 – HKLM..Run : [Persistence] C:Windowssystem32igfxpers.exe
04 – HKLM..Run : [egui] « C:Program FilesESETESET NOD32 Antivirusegui.exe » /hide /waitservice
04 – HKLM..Run : [USB Antivirus] C:Program FilesUSB Disk SecurityUSBGuard.exe
04 – HKLM..Run : [Adobe ARM] « C:Program FilesCommon FilesAdobeARM1.0AdobeARM.exe »
04 – HKLM..Run : [AMD Catalyst] C:ProgramDataCatalystcolor.exe
04 – HKLM..Run : [Anti-phishing Domain Advisor] « C:ProgramDataAnti-phishing Domain Advisorvisicom_antiphishing.exe »
04 – HKLM..Run : [SweetIM] C:Program FilesSweetIMMessengerSweetIM.exe
04 – HKLM..Run : [CanonQuickMenu] C:Program FilesCanonQuick MenuCNQMMAIN.EXE /logon
04 – HKLM..Run : [avast5] « C:Program FilesAlwil SoftwareAvast5avastUI.exe » /nogui
04 – HKUS-1-5-19..Run : [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /autoRun
04 – HKUS-1-5-20..Run : [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /autoRun
04 – HKUS-1-5-21-2931659078-2909613575-642730951-1000..Run : [StarterBackgroundChanger] « C:Program FilesStarterBackgroundChangerStarterBackgroundChangerTask.exe »
04 – HKUS-1-5-21-2931659078-2909613575-642730951-1000..Run : [Internet Download Accelerator] C:Program FilesIDAida.exe -autorun
04 – HKUS-1-5-21-2931659078-2909613575-642730951-1000..Run : [IDMan] C:Program FilesInternet Download ManagerIDMan.exe /onboot
04 – HKUS-1-5-21-2931659078-2909613575-642730951-1000..Run : [Speech Recognition] « C:WindowsSpeechCommonsapisvr.exe » -SpeechUX -Startup
04 – HKUS-1-5-21-2931659078-2909613575-642730951-1000..Run : [Facebook Update] « C:UsersuserAppDataLocalFacebookUpdateFacebookUpdate.exe » /c /nocrashserver
04 – HKUS-1-5-21-2931659078-2909613575-642730951-1000..Run : [Apps Hat] C:UsersuserAppDataLocalWebPlayerAppsHatWebPlayer.exe
04 – HKUS-1-5-21-2931659078-2909613575-642730951-1000..Run : [Skype] « C:Program FilesSkypePhoneSkype.exe » /minimized /regrun
04 – HKUS-1-5-19..RunOnce : [mctadmin] C:WindowsSystem32mctadmin.exe
04 – HKUS-1-5-20..RunOnce : [mctadmin] C:WindowsSystem32mctadmin.exe

################## | C: %SystemDrive% – Disque Fixe (NTFS) |

[10/06/2009 – 22:42:20 | N | 0 Ko] – C:config.sys
[28/03/2012 – 05:39:02 | N | 256 Ko] – C:index.sys
[10/10/2013 – 21:11:19 | RASH | 0 Ko] – C:MSDOS.SYS
[10/10/2013 – 21:11:19 | RASH | 0 Ko] – C:IO.SYS
[01/06/2014 – 18:34:11 | ASH | 1572864 Ko] – C:hiberfil.sys
[01/06/2014 – 18:34:13 | ASH | 2097152 Ko] – C:pagefile.sys
[31/05/2014 – 21:46:23 | D] – C:Config.Msi
[27/03/2012 – 12:11:44 | SHD] – C:$Recycle.Bin
[10/06/2009 – 22:42:20 | A | 0 Ko] – C:autoexec.bat
[14/07/2009 – 05:53:55 | SHD] – C:Documents and Settings
[27/03/2012 – 12:11:24 | SHD] – C:Recovery
[28/03/2012 – 04:54:49 | D] – C:Intel
[02/02/2013 – 01:07:13 | RHD] – C:MSOCache
[10/04/2013 – 11:51:47 | D] – C:Othmany Quran
[24/11/2013 – 18:15:36 | D] – C:SmartSound Software
[13/02/2014 – 00:53:05 | D] – C:Users
[31/05/2014 – 21:45:32 | SHD] – C:System Volume Information
[31/05/2014 – 21:45:36 | D] – C:Program Files
[31/05/2014 – 21:45:45 | D] – C:Windows
[01/06/2014 – 11:33:02 | HD] – C:ProgramData
[01/06/2014 – 18:57:11 | D] – C:UsbFix

################## | D: – Disque Fixe (NTFS) |

[27/03/2012 – 12:19:31 | SHD] – D:$RECYCLE.BIN
[27/03/2012 – 12:19:36 | SHD] – D:System Volume Information
[06/01/2014 – 21:13:05 | D] – D:music
[30/05/2014 – 18:44:38 | D] – D:ismail

################## | F: – Disque USB (FAT) |

[16/05/2014 – 18:02:10 | HD] – F:.Trashes
[16/05/2014 – 18:02:10 | SH | 4 Ko] – F:._.Trashes
[16/05/2014 – 18:02:12 | HD] – F:.Spotlight-V100
[15/05/2014 – 01:04:14 | N | 71 Ko] – F:Sans titre.png
[15/05/2014 – 02:22:20 | N | 1141 Ko] – F:6122013354.png
[18/01/2007 – 09:56:58 | N | 14041 Ko] – F:Sp Mauvaises herbes 9(3&4).PDF
[06/05/2014 – 10:07:50 | N | 7185 Ko] – F:rapactivites-rapactivites08.pdf
[06/05/2014 – 10:09:50 | N | 427 Ko] – F:63.pdf
[06/05/2014 – 10:17:02 | N | 8800 Ko] – F:biologie mauvaises herbest11 [Mode de compatibilité].pdf
[06/05/2014 – 10:18:20 | N | 1701 Ko] – F:orobanche_presentation [Lecture seule] [Mode de compatibilité].pdf
[06/05/2014 – 10:23:00 | N | 5383 Ko] – F:IdentificationPlantules.pdf
[08/05/2014 – 23:23:20 | N | 717 Ko] – F:dossier sponsoring.pdf
[14/05/2014 – 16:25:44 | N | 626 Ko] – F:centre alami fin.pdf
[18/05/2014 – 21:26:42 | N | 208 Ko] – F:etude d’impact garde.pdf
[18/05/2014 – 22:50:24 | N | 2291 Ko] – F:EIE tourisme.pdf
[22/09/2013 – 21:39:22 | N | 1 Ko] – F:pict.jpg
[23/12/2013 – 21:06:30 | N | 129 Ko] – F:DSC_3923.jpg
[16/05/2014 – 15:29:46 | N | 14819 Ko] – F:poster paysage.jpg
[16/05/2014 – 18:02:12 | HD] – F:.fseventsd
[08/05/2014 – 23:23:58 | N | 1007 Ko] – F:F12.docx
[16/08/2013 – 16:19:32 | N | 1 Ko] – F:Zain
[08/05/2014 – 21:26:30 | SHD] – F:System Volume Information
[19/05/2014 – 10:12:02 | D] – F:Nouveau dossier

################## | Vaccin |

D:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
F:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)

################## | E.O.F | http://www.sosvirus.net/ | http://www.usbfix.net/ |