cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

[b]############################## | UsbFix V 7.926.3 | [Recherche][/b]

Utilisateur: Saida Kabil (Administrateur) # HP-SAIDA
Mis � jour le 19/04/2015 par El Desaparecido - SosVirus
Lanc� � 09:16:56 | 22/04/2015

Site Web : [url=http://www.usbfix.net/]http://www.usbfix.net/[/url]
Changelog : [url=http://www.usbfix.net/maj/]http://www.usbfix.net/maj/[/url]
Assistance : [url=http://www.sosvirus.net/forum-virus-securite.html]http://www.sosvirus.net/forum-virus-securite.html[/url]
D�tection en Live : [url=http://comment-supprimer.fr/]http://comment-supprimer.fr/[/url]
Contact : [url=http://www.usbfix.net/contact/]http://www.usbfix.net/contact/[/url]

[b]################## | System information |[/b]

MB: Hewlett-Packard (3048h)
CPU: Intel(R) Core(TM)2 Duo CPU E8500 @ 3.16GHz
GC: Intel(R) Q45/Q43 Express Chipset
RAM -> [Total : 1977 Mo | Free : 692 Mo]
Bios: Hewlett-Packard
Boot: Normal boot

OS: Microsoft� Windows 7 Professional (6.1.7601 32-Bit) Service Pack 1
WB: Internet Explorer : 11.00.9600.16428
WB: Google Chrome : 42.0.2311.90

[b]################## | Security Information |[/b]

AV: avast! Antivirus [[b](!) D�sactiv�[/b] |A jour]
AS: avast! Antivirus [[b](!) D�sactiv�[/b] |A jour]
AS: Windows Defender [Actif |A jour]
FW: Windows Firewall [Actif]
SC: Security Center [Actif]
WU: Windows Update [Actif]

[b]################## | Disk Information |[/b]

C:\ (%SystemDrive%) -> Disque fixe # 225 Go (180 Go libre(s) - 80%) [OS] # NTFS
D:\ -> Disque fixe # 6 Go (688 Mo libre(s) - 11%) [HP_RECOVERY] # NTFS
F:\ -> Disque amovible # 7 Go (5 Go libre(s) - 72%) [FLASH DRIVE] # FAT32

[b]################## | Autorun |[/b]


[b]################## | Regedit Run |[/b]

F2 - HKLM\..\Winlogon : [Shell] explorer.exe
F2 - HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe,
04 - HKCU\..\Run : [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
04 - HKCU\..\Run : [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
04 - HKCU\..\Run : [LMab1err] C:\Program Files\Lexmark\ErrorApp\LMab1err.exe
04 - HKCU\..\Run : [GoogleChromeAutoLaunch_B19EBE6B59F765E21CBBF3B8CAEE8387] "C:\Program Files\Google\Chrome\Application\chrome.exe" --no-startup-window
04 - HKCU\..\Run : [cacaoweb] "C:\Users\Saida Kabil\AppData\Roaming\cacaoweb\cacaoweb.exe" -noplayer
04 - HKCU\..\Run : [listes_stages (5)] wscript.exe //B "C:\Users\SAIDAK~1\AppData\Local\Temp\listes_stages (5).vbs"
04 - HKLM\..\Run : [IgfxTray] C:\Windows\system32\igfxtray.exe
04 - HKLM\..\Run : [HotKeysCmds] C:\Windows\system32\hkcmd.exe
04 - HKLM\..\Run : [Persistence] C:\Windows\system32\igfxpers.exe
04 - HKLM\..\Run : [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
04 - HKLM\..\Run : [picon] "C:\Program Files\Common Files\Intel\Privacy Icon\PrivacyIconClient.exe" -startup
04 - HKLM\..\Run : [PivotSoftware] "C:\Program Files\Portrait Displays\Pivot Software\wpctrl.exe"
04 - HKLM\..\Run : [DT HWP] C:\Program Files\Common Files\Portrait Displays\Shared\DT_startup.exe -HWP
04 - HKLM\..\Run : [PDF Complete] C:\Program Files\PDF Complete\pdfsty.exe
04 - HKLM\..\Run : [RoxioDragToDisc] "C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe"
04 - HKLM\..\Run : [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
04 - HKLM\..\Run : [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
04 - HKU\S-1-5-19\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-20\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-21-876341528-3958631926-3853215678-1000\..\Run : [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
04 - HKU\S-1-5-21-876341528-3958631926-3853215678-1000\..\Run : [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
04 - HKU\S-1-5-21-876341528-3958631926-3853215678-1000\..\Run : [LMab1err] C:\Program Files\Lexmark\ErrorApp\LMab1err.exe
04 - HKU\S-1-5-21-876341528-3958631926-3853215678-1000\..\Run : [GoogleChromeAutoLaunch_B19EBE6B59F765E21CBBF3B8CAEE8387] "C:\Program Files\Google\Chrome\Application\chrome.exe" --no-startup-window
04 - HKU\S-1-5-21-876341528-3958631926-3853215678-1000\..\Run : [cacaoweb] "C:\Users\Saida Kabil\AppData\Roaming\cacaoweb\cacaoweb.exe" -noplayer
04 - HKU\S-1-5-21-876341528-3958631926-3853215678-1000\..\Run : [listes_stages (5)] wscript.exe //B "C:\Users\SAIDAK~1\AppData\Local\Temp\listes_stages (5).vbs"
04 - HKU\S-1-5-19\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-20\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-18\..\RunOnce : [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
04GS - HP Display LiteSaver Startup.lnk : C:\Windows\HPLiteSaver.exe

[b]################## | Recherche g�n�rique |[/b]

Pr�sent! C:\Users\Saida Kabil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\listes_stages (5).vbs
Pr�sent! F:\listes_stages (5).vbs
Pr�sent! F:\Recycle.exe
Pr�sent! F:\System Volume Information.lnk
Pr�sent! F:\SUPPORT FCO TRM.lnk
Pr�sent! F:\AMI formation professionnelle.lnk
Pr�sent! F:\courrier.lnk
Pr�sent! F:\courrier.docx.lnk
Pr�sent! F:\test.lnk
Pr�sent! F:\Nouveau dossier.lnk
Pr�sent! F:\Cartes JDIDA TRM.lnk
Pr�sent! F:\Recycle.lnk
Pr�sent! F:\Note sur les montants Primes TPV.lnk
Pr�sent! F:\AutorisationRetraitVehiculeALVSC.lnk
Pr�sent! F:\Programme- FCO TRV-.lnk
Pr�sent! F:\My Work.lnk
Pr�sent! F:\Contrat-programme voyageurs.lnk
Pr�sent! F:\Situation CCP.lnk
Pr�sent! F:\Visio Professional 2007.lnk
Pr�sent! F:\S3.lnk
Pr�sent! C:\Users\SAIDAK~1\AppData\Local\Temp\listes_stages (5).vbs
Pr�sent! C:\Users\SAIDAK~1\AppData\Local\Temp\E_N4\cnvpe.fne
Pr�sent! C:\Users\SAIDAK~1\AppData\Local\Temp\E_N4\dp1.fne
Pr�sent! C:\Users\SAIDAK~1\AppData\Local\Temp\E_N4\eAPI.fne
Pr�sent! C:\Users\SAIDAK~1\AppData\Local\Temp\E_N4\HtmlView.fne
Pr�sent! C:\Users\SAIDAK~1\AppData\Local\Temp\E_N4\internet.fne
Pr�sent! C:\Users\SAIDAK~1\AppData\Local\Temp\E_N4\krnln.fnr
Pr�sent! C:\Users\SAIDAK~1\AppData\Local\Temp\E_N4\shell.fne
Pr�sent! C:\Users\SAIDAK~1\AppData\Local\Temp\E_N4\spec.fne
Pr�sent! C:\Users\SAIDAK~1\AppData\Local\Temp\E_N4
Pr�sent! C:\Users\Saida Kabil\AppData\Local\Temp\listes_stages (5).vbs

[b]################## | Registre |[/b]

Pr�sent! HKU\S-1-5-21-876341528-3958631926-3853215678-1000\Software\Microsoft\Windows\CurrentVersion\Run|listes_stages (5)
Pr�sent! HKCU\Software\Microsoft\Windows\CurrentVersion\Run|listes_stages (5)

[b]################## | UsbFix - Information |[/b]

Info : [url=https://www.youtube.com/watch?v=vUZYYASd7FE]Comment supprimer l'infection des raccourcis sur USB ? (Video)[/url]
Info : [url=http://www.usbfix.net/2014/10/supprimer-virus-raccourcis-usb/]L'infection des raccourcis USB, c'est quoi ?[/url]
D�tection en Live : [url=http://comment-supprimer.fr/]http://comment-supprimer.fr/[/url]

[b]################## | Attrib - Restore |[/b]


[b]################## | E.O.F | [url=http://www.sosvirus.net/]http://www.sosvirus.net/[/url] | [url=http://www.usbfix.net/]http://www.usbfix.net/[/url] |[/b]

Publicité


Signaler le contenu de ce document

Publicité