choupinet
Participant
Nombre d'articles : 15

J’ai suivi tes conseils. Voici le premier rapport
############################## | UsbFix V 7.172 | [Nettoyage]

Utilisateur: yves (Administrateur) # YVES-HP
Mis à jour le 23/06/2014 par El Desaparecido – SosVirus
Lancé à 16:58:42 | 01/07/2014

Site Web : http://www.usbfix.net/
Changelog : http://www.usbfix.net/maj/
Assistance : https://www.sosvirus.net/aide-nettoyage-pc/
Upload Malware : https://www.sosvirus.net/upload_malware.php
Contact : http://www.usbfix.net/contact/

################## | System information |

MB: Hewlett-Packard (1842)
CPU: Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz
RAM -> [Total : 3994 Mo | Free : 1957 Mo]
Bios: Insyde
Boot: Normal boot

OS: Microsoft™ Windows 7 Home Premium (6.1.7601 64-Bit) Service Pack 1
WB: Internet Explorer : 11.00.9600.16428
WB: Google Chrome : 35.0.1916.153
WB: Mozilla Firefox : 30.0

################## | Security Information |

AV: Antivirus Bitdefender [(!) Désactivé |A jour]
AV: Bitdefender Antivirus [Actif |A jour]
AS: Windows Defender [(!) Désactivé |(!) Non à jour]
AS: Bitdefender Antispyware [Actif |A jour]
AS: Antispyware Bitdefender [(!) Désactivé |A jour]
FW: Pare-feu Bitdefender [(!) Désactivé]
FW: Bitdefender Pare-feu [(!) Désactivé]
AS: Malwarebytes Anti-Malware : 1.0.0.532
FW: Windows Firewall [Actif]
SC: Security Center [Actif]
WU: Windows Update [Actif]

################## | Disk Information |

C: (%SystemDrive%) -> Disque fixe # 910 Go (752 Go libre(s) – 83%) [] # NTFS
D: -> Disque fixe # 22 Go (2 Go libre(s) – 11%) [Recovery] # NTFS
F: -> Disque fixe # 98 Mo (80 Mo libre(s) – 82%) [HP_TOOLS] # FAT32
G: -> Disque amovible # 984 Mo (967 Mo libre(s) – 98%) [ATTACHE PRO] # FAT
H: -> Disque fixe # 466 Go (300 Go libre(s) – 64%) [] # FAT32

################## | Processus Stoppés |

C:WindowsSystem32atiesrxx.exe (ID: 1148|ParentID: 952|Système)
C:Program FilesIDTWDMstacsv64.exe (ID: 1396|ParentID: 952|Système)
C:WindowsSystem32hpservice.exe (ID: 1684|ParentID: 952|Système)
C:WindowsSystem32atieclxx.exe (ID: 1776|ParentID: 1148|Système)
C:WindowsSystem32spoolsv.exe (ID: 1112|ParentID: 952|Système)
C:Program Files (x86)Common FilesAdobeARM1.0armsvc.exe (ID: 2176|ParentID: 952|Système)
C:Program FilesHewlett-PackardHP Client ServicesHPClientServices.exe (ID: 2312|ParentID: 952|Système)
C:Program Files (x86)Hewlett-PackardHP Quick LaunchHPWMISVC.exe (ID: 2332|ParentID: 952|Système)
C:Program FilesInteliCLS ClientHeciServer.exe (ID: 2380|ParentID: 952|Système)
C:Program Files (x86)IntelIntel(R) Management Engine ComponentsFWServiceIntelMeFWService.exe (ID: 2416|ParentID: 952|Système)
C:Program Files (x86)IntelIntel(R) Management Engine ComponentsDALJhi_service.exe (ID: 2444|ParentID: 952|Système)
C:Program Files (x86)SonyPlayMemories HomePMBDeviceInfoProvider.exe (ID: 2640|ParentID: 952|Système)
C:Program Files (x86)TomTom HOME 2TomTomHOMEService.exe (ID: 2728|ParentID: 952|Système)
C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSVC.EXE (ID: 2924|ParentID: 952|Système)
C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSVCM.EXE (ID: 3124|ParentID: 2924|Système)
C:Windowsexplorer.exe (ID: 3596|ParentID: 3496|yves)
C:WindowsSystem32taskhost.exe (ID: 3620|ParentID: 952|yves)
C:Program Files (x86)GoogleUpdate1.3.24.15GoogleCrashHandler.exe (ID: 3856|ParentID: 3708|Système)
C:Program Files (x86)GoogleUpdate1.3.24.15GoogleCrashHandler64.exe (ID: 3884|ParentID: 3708|Système)
C:Program Files (x86)FnacFnacSynchroWebSynchro.exe (ID: 4064|ParentID: 3596|yves)
C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID: 4088|ParentID: 3596|yves)
C:Program Files (x86)TomTom HOME 2TomTomHOMERunner.exe (ID: 3308|ParentID: 3596|yves)
C:Program Files (x86)MyDrive ConnectMyDriveConnect.exe (ID: 3328|ParentID: 3596|yves)
C:Program FilesHPHP Photosmart 6510 seriesBinScanToPCActivationApp.exe (ID: 3296|ParentID: 3596|yves)
C:Program FilesMcAfee Security Scan3.8.150SSScheduler.exe (ID: 3484|ParentID: 3596|yves)
C:WindowsSystem32rundll32.exe (ID: 3828|ParentID: 3596|yves)
C:WindowsSystem32rundll32.exe (ID: 3760|ParentID: 3596|yves)
C:Program Files (x86)Microsoft OfficeOffice14ONENOTEM.EXE (ID: 3716|ParentID: 3596|yves)
C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID: 4192|ParentID: 4088|yves)
C:WindowsSystem32SearchIndexer.exe (ID: 4204|ParentID: 952|Système)
C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID: 4276|ParentID: 4088|yves)
C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID: 4304|ParentID: 4088|yves)
C:Program FilesHPHP Photosmart 6510 seriesBinHPNetworkCommunicatorCom.exe (ID: 4636|ParentID: 684|yves)
C:WindowsSystem32taskeng.exe (ID: 4144|ParentID: 1292|yves)
C:Program Files (x86)CyberLinkYouCamYCMMirage.exe (ID: 3452|ParentID: 4144|yves)
C:Program Files (x86)Hewlett-PackardHP CoolSenseCoolSense.exe (ID: 1428|ParentID: 4144|yves)
C:WindowsMicrosoft.NETFramework64v3.0WPFPresentationFontCache.exe (ID: 4032|ParentID: 952|SERVICE LOCAL)
C:Program Files (x86)Hewlett-PackardSharedhpqwmiex.exe (ID: 6052|ParentID: 952|Système)
C:Program Files (x86)Hewlett-PackardHP Support FrameworkHPSA_Service.exe (ID: 5372|ParentID: 952|Système)
C:Program Files (x86)IntelIntel(R) Rapid Storage TechnologyIAStorDataMgrSvc.exe (ID: 3024|ParentID: 952|Système)
C:Program Files (x86)IntelIntel(R) Management Engine ComponentsLMSLMS.exe (ID: 3796|ParentID: 952|Système)
C:Program Files (x86)IntelIntel(R) Management Engine ComponentsUNSUNS.exe (ID: 5896|ParentID: 952|Système)
C:Program Files (x86)Mozilla Thunderbirdthunderbird.exe (ID: 716|ParentID: 3596|yves)
C:Program FilesHPHP Photosmart 6510 seriesBinHPNetworkCommunicator.exe (ID: 1952|ParentID: 3296|yves)
C:Program FilesCommon FilesMicrosoft SharedOfficeSoftwareProtectionPlatformOSPPSVC.EXE (ID: 5172|ParentID: 952|SERVICE RÉSEAU)
C:Program Files (x86)Microsoft OfficeOffice14WINWORD.EXE (ID: 8012|ParentID: 3596|yves)
C:WindowsSysWOW64ctfmon.exe (ID: 4404|ParentID: 1252|yves)
C:WindowsSystem32taskhost.exe (ID: 4824|ParentID: 952|yves)
C:Program Files (x86)Mozilla Firefoxfirefox.exe (ID: 7760|ParentID: 716|yves)
C:WindowsSystem32WUDFHost.exe (ID: 4660|ParentID: 1268|SERVICE LOCAL)
C:WindowsSystem32SearchProtocolHost.exe (ID: 7944|ParentID: 4204|Système)
C:WindowsSystem32SearchFilterHost.exe (ID: 7848|ParentID: 4204|Système)
C:WindowsSysWOW64notepad.exe (ID: 6148|ParentID: 6772|yves)

################## | Autorun |

################## | Recherche générique |

(!) Fichiers temporaires supprimés.

################## | Registre |

Réparé ! HKLMSOFTWAREMicrosoftWindowsCurrentVersionPoliciesExplorer|EnableShellExecuteHooks -> 0
Supprimé! HKUS-1-5-21-3377687228-4155916631-2917199602-1000Software….Mountpoints2{8c8f065e-94c1-11e1-b226-806e6f6e6963}

################## | Regedit Run |

F2 – HKLM..Winlogon : [Shell] explorer.exe
F2 – [x64] HKLM..Winlogon : [Shell] explorer.exe
F2 – HKLM..Winlogon : [Userinit] userinit.exe
F2 – [x64] HKLM..Winlogon : [Userinit] C:Windowssystem32userinit.exe,
04 – HKCU..Run : [WebSynchro] “C:Program Files (x86)FNACFnacSynchroWebSynchro.exe” Command::MinimizeRun
04 – HKCU..Run : [GoogleChromeAutoLaunch_5F3CDBAA00E1EFE8ABF6E3F87AEA1EB5] “C:Program Files (x86)GoogleChromeApplicationchrome.exe” –no-startup-window
04 – HKCU..Run : [TomTomHOME.exe] “C:Program Files (x86)TomTom HOME 2TomTomHOMERunner.exe”
04 – HKCU..Run : [MyDriveConnect.exe] “C:Program Files (x86)MyDrive ConnectMyDriveConnect.exe”
04 – HKCU..Run : [HP Photosmart 6510 series (NET)] “C:Program FilesHPHP Photosmart 6510 seriesBinScanToPCActivationApp.exe” -deviceID “CN1AT420S105QB:NW” -scfn “HP Photosmart 6510 series (NET)” -AutoStart 1
04 – [x64] HKLM..Run : [Bdagent] C:Program FilesBitdefenderBitdefender 2013bdagent.exe
04 – [x64] HKLM..RunOnce : [NCPluginUpdater] “c:program files (x86)hewlett-packardhp health checkactivecheckproduct_lineNCPluginUpdater.exe” Update
04 – HKUS-1-5-19..Run : [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /autoRun
04 – HKUS-1-5-20..Run : [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /autoRun
04 – HKUS-1-5-21-3377687228-4155916631-2917199602-1000..Run : [WebSynchro] “C:Program Files (x86)FNACFnacSynchroWebSynchro.exe” Command::MinimizeRun
04 – HKUS-1-5-21-3377687228-4155916631-2917199602-1000..Run : [GoogleChromeAutoLaunch_5F3CDBAA00E1EFE8ABF6E3F87AEA1EB5] “C:Program Files (x86)GoogleChromeApplicationchrome.exe” –no-startup-window
04 – HKUS-1-5-21-3377687228-4155916631-2917199602-1000..Run : [TomTomHOME.exe] “C:Program Files (x86)TomTom HOME 2TomTomHOMERunner.exe”
04 – HKUS-1-5-21-3377687228-4155916631-2917199602-1000..Run : [MyDriveConnect.exe] “C:Program Files (x86)MyDrive ConnectMyDriveConnect.exe”
04 – HKUS-1-5-21-3377687228-4155916631-2917199602-1000..Run : [HP Photosmart 6510 series (NET)] “C:Program FilesHPHP Photosmart 6510 seriesBinScanToPCActivationApp.exe” -deviceID “CN1AT420S105QB:NW” -scfn “HP Photosmart 6510 series (NET)” -AutoStart 1
04 – HKUS-1-5-19..RunOnce : [mctadmin] C:WindowsSystem32mctadmin.exe
04 – HKUS-1-5-20..RunOnce : [mctadmin] C:WindowsSystem32mctadmin.exe

################## | C: %SystemDrive% – Disque Fixe (NTFS) |

[28/05/2013 – 08:39:44 | N | 7 Ko] – C:last.txt
[30/06/2014 – 12:32:28 | N | 15 Ko] – C:Shortcut_Module.txt
[30/06/2014 – 23:02:44 | N | 225 Ko] – C:bdlog.txt
[01/07/2014 – 07:38:18 | ASH | 3067664 Ko] – C:hiberfil.sys
[01/07/2014 – 07:38:23 | ASH | 4090220 Ko] – C:pagefile.sys
[07/10/2012 – 20:53:31 | D] – C:SYSTEM.SAV
[01/07/2014 – 07:49:13 | D] – C:Config.Msi
[29/06/2014 – 15:54:05 | N | 9 Ko] – C:bdr-ld01.mbr
[24/09/2013 – 15:38:18 | N | 45781 Ko] – C:bdr-im01.gz
[05/09/2001 – 21:00:58 | N | 1661 Ko | SHA1: 0A222F319B7712B861EF6ADF0C38CC2C5A2790FA] – C:gdiplus.dll
[06/01/2014 – 16:11:31 | D] – C:$Recycle.Bin
[30/06/2014 – 13:20:33 | N | 1 Ko] – C:PhysicalDisk0_MBR.bin
[25/06/2014 – 08:00:47 | N | 0 Ko] – C:autoexec.bat
[14/07/2009 – 05:20:08 | D] – C:PerfLogs
[14/07/2009 – 07:08:56 | D] – C:Documents and Settings
[21/11/2010 – 05:23:51 | RASH | 375 Ko] – C:bootmgr
[09/02/2012 – 19:42:04 | D] – C:HP
[10/02/2012 – 05:12:37 | D] – C:boot
[03/05/2012 – 02:40:57 | D] – C:Intel
[07/10/2012 – 20:52:29 | D] – C:Users
[07/10/2012 – 20:53:23 | D] – C:Recovery
[07/10/2012 – 21:10:31 | D] – C:MSOCache
[20/12/2012 – 19:27:22 | D] – C:TELL ME MORE NV
[13/08/2013 – 12:38:37 | N | 3195 Ko] – C:bdr-bz01
[22/01/2014 – 21:48:11 | D] – C:SWSetup
[06/06/2014 – 14:36:02 | D] – C:Photoshop
[27/06/2014 – 09:21:12 | SHD] – C:System Volume Information
[29/06/2014 – 15:54:05 | N | 247 Ko] – C:bdr-ld01
[29/06/2014 – 15:54:05 | N | 1 Ko] – C:bdr-cf01
[30/06/2014 – 10:48:33 | D] – C:AdwCleaner
[30/06/2014 – 10:56:48 | HD] – C:ProgramData
[30/06/2014 – 12:10:26 | D] – C:Program Files
[30/06/2014 – 12:46:23 | D] – C:Shortcut_Module
[30/06/2014 – 12:58:34 | D] – C:Program Files (x86)
[01/07/2014 – 15:38:25 | D] – C:Windows
[01/07/2014 – 16:54:24 | D] – C:UsbFix

################## | D: – Disque Fixe (NTFS) |

[09/10/2012 – 21:50:50 | C | 0 Ko] – D:HPSF_Rep.txt
[23/05/2010 – 14:55:46 | RASH | 0 Ko] – D:Desktop.ini
[07/10/2012 – 20:54:13 | C | 0 Ko] – D:HP_WSD.dat
[07/10/2012 – 20:59:04 | SHDC] – D:$RECYCLE.BIN
[05/03/2013 – 22:08:47 | C | 0 Ko] – D:RMCStatus.bin
[14/07/2009 – 20:39:00 | RASH | 375 Ko] – D:bootmgr
[07/10/2012 – 20:59:02 | DC] – D:hp
[07/10/2012 – 20:59:02 | RASHDC] – D:boot
[07/10/2012 – 20:59:02 | RSHDC] – D:preload
[07/10/2012 – 20:59:02 | RSD] – D:recovery
[07/10/2012 – 20:59:02 | D] – D:RM_Reserve
[07/10/2012 – 20:59:02 | DC] – D:FactoryUpdate
[10/10/2012 – 18:28:58 | SHD] – D:System Volume Information

################## | F: – Disque Fixe (FAT32) |

[09/10/2012 – 21:50:52 | N | 0 Ko] – F:HPSF_Rep.txt
[16/10/2012 – 22:15:46 | N | 0 Ko] – F:HP_WSD.dat
[03/05/2012 – 03:02:46 | SHD] – F:$RECYCLE.BIN
[27/06/2014 – 18:15:54 | D] – F:Hewlett-Packard

################## | G: – Disque USB (FAT) |

[16/06/2014 – 15:53:50 | N | 17443 Ko] – G:Regards-croises_ZH.pdf

################## | H: – Disque Fixe (FAT32) |

[02/04/2006 – 17:56:56 | N | 43 Ko] – H:Cadre conjugaison verbes italiens.xls
[23/10/2010 – 09:04:20 | N | 16 Ko] – H:Chaines TV.xls
[23/10/2013 – 19:48:36 | N | 150590 Ko] – H:P1100186.xcf
[21/06/2009 – 21:16:20 | N | 7321 Ko] – H:faire part.ppt
[01/12/2008 – 21:07:24 | N | 1747 Ko] – H:SPERMATOZOIDES.pps
[13/12/2008 – 17:31:02 | N | 502 Ko] – H:Station meteo Mode d’emploi.pdf
[29/11/2010 – 21:03:58 | N | 10 Ko] – H:mesure tension régine.pdf
[08/07/2010 – 07:30:46 | N | 161 Ko] – H:Abonnement Balade AREA.mht
[21/04/2010 – 06:52:12 | N | 8215 Ko | SHA1: A6D8224147DD78B86745A76744AD562AC70F3966] – H:Firefox Setup 3.6.3.exe
[16/11/2010 – 22:28:56 | N | 2725 Ko | SHA1: 09F2491C5BEC7286155234F4E6E1AF70C7CEF78F] – H:install_flash_player.exe
[06/05/2006 – 17:54:18 | N | 5 Ko] – H:GUARDI.eml
[06/05/2006 – 18:34:24 | N | 2955 Ko] – H:Accord A et Y tableau Guardi (scan).doc
[01/11/2006 – 12:13:46 | N | 42 Ko] – H:Liste des films super 8.doc
[14/05/2009 – 17:57:02 | N | 25 Ko] – H:Lettre AR SFR pack sécurité.doc
[07/05/2010 – 16:06:20 | N | 20 Ko] – H:Fin de contrat Canalsat.doc
[04/06/2010 – 12:09:36 | N | 1128 Ko] – H:Acte de vente recto.doc
[04/06/2010 – 12:11:08 | N | 1382 Ko] – H:acte de vente verso.doc
[07/01/2011 – 09:55:30 | N | 25 Ko] – H:Bilan santé Yves.doc
[17/12/2010 – 15:42:56 | SHD] – H:$RECYCLE.BIN
[04/02/2010 – 17:54:22 | D] – H:Retraite
[12/03/2010 – 11:06:50 | D] – H:ING Directe
[13/08/2010 – 10:03:16 | D] – H:MUTUELLE MMA
[16/01/2011 – 14:31:40 | SHD] – H:System Volume Information
[16/01/2011 – 14:31:40 | D] – H:Recycled
[16/01/2011 – 15:46:32 | D] – H:OENOTHEQUE
[16/01/2011 – 15:46:34 | D] – H:REPERTOIRE TELEPHONIQUE
[16/01/2011 – 15:46:34 | D] – H:RETRAITE Y
[16/01/2011 – 15:46:42 | D] – H:SUCCESSION NENENE
[16/01/2011 – 15:46:42 | D] – H:Succession Nénène
[16/01/2011 – 15:46:58 | D] – H:UFF
[16/01/2011 – 15:53:44 | D] – H:ZODIAC
[16/01/2011 – 15:54:02 | D] – H:Blagues
[16/01/2011 – 15:54:08 | D] – H:BUDGET-FINANCES
[16/01/2011 – 15:54:10 | D] – H:CHAMPIGNONS
[16/01/2011 – 15:54:12 | D] – H:CHANGEMENT ADRESSE
[16/01/2011 – 15:54:12 | D] – H:COMMISSAIRE ENQUETEUR
[16/01/2011 – 15:54:18 | D] – H:COSTA RICA
[16/01/2011 – 15:54:20 | D] – H:dessins animés
[16/01/2011 – 17:13:46 | D] – H:DIVERS
[16/01/2011 – 17:14:04 | D] – H:Fims super 8
[16/01/2011 – 17:17:18 | D] – H:GENEALOGIE
[16/01/2011 – 17:17:20 | D] – H:IMPOTS
[16/01/2011 – 17:17:20 | D] – H:ING Direct
[16/01/2011 – 17:17:26 | D] – H:Ma musique
[16/01/2011 – 17:29:32 | D] – H:MEUDON vente
[30/07/2012 – 08:25:54 | D] – H:Mes images
[13/09/2012 – 08:00:48 | D] – H:CONSUL
[25/10/2012 – 15:27:16 | D] – H:YVES-HP
[18/11/2012 – 10:07:12 | D] – H:BELLEMIN Marcel
[18/11/2012 – 11:16:44 | D] – H:MORANDAT
[14/01/2013 – 10:29:44 | D] – H:ITALIANO
[28/06/2014 – 19:09:28 | D] – H:VIDEO

################## | Vaccin |

D:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
F:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
G:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
H:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)

################## | E.O.F | https://www.sosvirus.net/ | http://www.usbfix.net/ |