Vous pensez être infecté, des pubs s'affichent quand vous naviguez sur internet ?
Perte de données, ralentissement système, virus USB ?
Désinfectez votre ordinateur gratuitement !
  • Avatar du membre
  • Avatar du membre
Avatar du membre
par pic4273
#196606
BONJOUR J AI UN PROBLEME SUR MA CLE USB SVP

############################## | UsbFix V 7.178 | [Nettoyage]

Utilisateur: CHAIMA (Administrateur) # CHAIMA-HP
Mis à  jour le 08/08/2014 par El Desaparecido - SosVirus
Lancé à  21:40:13 | 15/08/2014

Site Web : http://www.usbfix.net/
Changelog : http://www.usbfix.net/maj/
Assistance : http://www.sosvirus.net/forum-virus-securite.html
Upload Malware : http://www.sosvirus.net/upload_malware.php
Contact : http://www.usbfix.net/contact/

################## | System information |

MB: Hewlett-Packard (1604)
CPU: AMD Athlon(tm) II P320 Dual-Core Processor
GC: AMD M880G with ATI Mobility Radeon HD 4250
RAM -> [Total : 2811 Mo | Free : 843 Mo]
Bios: Hewlett-Packard
Boot: Normal boot

OS: Microsoftâ„¢ Windows 7 Home Premium (6.1.7601 64-Bit) Service Pack 1
WB: Internet Explorer : 11.00.9600.16428
WB: Google Chrome : 36.0.1985.125
WB: Mozilla Firefox : 31.0
WB: Safari : 534.55.3

################## | Security Information |

AV: avast! Antivirus [Actif |(!) Non à  jour]
AS: avast! Antivirus [Actif |(!) Non à  jour]
AS: Windows Defender [(!) Désactivé |A jour]
FW: avast! Antivirus [(!) Désactivé]
FW: Windows Firewall [(!) Désactivé]
SC: Security Center [Actif]
WU: Windows Update [Actif]

################## | Disk Information |

C:\ -> Disque fixe # 281 Go (57 Go libre(s) - 20%) [] # NTFS
D:\ -> Disque fixe # 17 Go (2 Go libre(s) - 14%) [RECOVERY] # NTFS
H:\ -> Disque amovible # 4 Go (745 Mo libre(s) - 19%) [] # FAT32

################## | Autorun |


################## | Recherche générique |

Supprimé! C:\Users\CHAIMA\AppData\Roaming\844354531531.exe
Supprimé! H:\2014.lnk
Supprimé! H:\AutoRun.lnk
Supprimé! H:\[www.lnk
Supprimé! H:\~$lahmar.lnk
Supprimé! H:\~$2014.lnk
Supprimé! H:\.lnk
Supprimé! H:\Sytvsm.lnk
Supprimé! H:\~$Année 2013 tnt nation.lnk
Supprimé! H:\~$VOITURE213.lnk
Supprimé! H:\~$2014 tnt.lnk
Supprimé! H:\DEMO FACTURE.lnk
Supprimé! H:\BILAN 30092014.lnk
Supprimé! H:\Avast! Premier 8.0.1489.300-SpeedSoft.lnk
Supprimé! H:\.Trashes.lnk
Supprimé! H:\.fseventsd.lnk
Supprimé! H:\.Spotlight-V100.lnk
Supprimé! C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe

(!) Fichiers temporaires supprimés. (1590.66918373108 MB)

################## | Registre |

Réparé ! HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer|EnableShellExecuteHooks -> 0
Supprimé! HKCU\Software\VB and VBA Program Settings\INSTALL
Supprimé! HKCU\Software\VB and VBA Program Settings\SrvID
Supprimé! HKLM\SYSTEM\ControlSet001\services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List|C:\Users\CHAIMA\AppData\Roaming\844354531531.exe
Supprimé! HKLM\SYSTEM\ControlSet002\services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List|C:\Users\CHAIMA\AppData\Roaming\844354531531.exe
Supprimé! HKLM\SYSTEM\ControlSet001\services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List|C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe
Supprimé! HKLM\SYSTEM\ControlSet002\services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List|C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe

################## | Regedit Run |

F2 - HKLM\..\Winlogon : [Shell] explorer.exe
F2 - [x64] HKLM\..\Winlogon : [Shell] explorer.exe
F2 - HKLM\..\Winlogon : [Userinit] userinit.exe
F2 - [x64] HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe,
04 - HKCU\..\Run : [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe
04 - HKCU\..\Run : [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
04 - HKCU\..\Run : [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
04 - HKCU\..\Run : [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
04 - HKCU\..\Run : [Google Update] "C:\Users\CHAIMA\AppData\Local\Google\Update\GoogleUpdate.exe" /c
04 - HKCU\..\Run : [Allmyapps] "C:\Users\CHAIMA\AppData\Roaming\Allmyapps\Allmyapps.exe" startup
04 - HKCU\..\Run : [Allmyapps Update] "C:\Users\CHAIMA\AppData\Roaming\Allmyapps\AllmyappsUpdater.exe" check startup
04 - HKCU\..\Run : [4864864354] C:\Users\CHAIMA\AppData\Roaming\844354531531.exe
04 - HKCU\..\Run : [lollipop] "c:\users\chaima\appdata\local\lollipop\lollipop.exe" lollipop
04 - HKLM\..\Run : [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
04 - HKLM\..\Run : [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
04 - HKLM\..\Run : [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
04 - HKLM\..\Run : [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
04 - HKLM\..\Run : [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
04 - HKLM\..\Run : [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
04 - HKLM\..\Run : [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
04 - HKLM\..\Run : [vspdfprsrv.exe] C:\Program Files (x86)\PDF Pro 10\vspdfprsrv.exe --background
04 - HKLM\..\Run : [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
04 - HKLM\..\Run : [4864864354] C:\Users\CHAIMA\AppData\Roaming\844354531531.exe
04 - HKLM\..\Run : [PsaStart] 0\APP\ddc\bin\psastart.exe 0\APP\ddc\bin\psaagent.exe
04 - HKLM\..\Run : [fst_fr_134] "C:\Program Files (x86)\fst_fr_134\fst_fr_134.exe"
04 - HKLM\..\Run : [Iminent] C:\Program Files (x86)\Iminent\Iminent.exe /warmup "F77F87E5-A6BD-4922-A530-EDF63D7E9F8C"
04 - HKLM\..\Run : [IminentMessenger] C:\Program Files (x86)\Iminent\Iminent.Messengers.exe
04 - HKLM\..\Run : [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
04 - HKLM\..\Run : [Boxore Client] C:\Program Files (x86)\Boxore\BoxoreClient\boxore.exe
04 - HKLM\..\RunOnce : [upfst_fr_134.exe] C:\Users\CHAIMA\AppData\Local\fst_fr_134\upfst_fr_134.exe -runonce
04 - HKLM\..\RunOnce : [SPUpdSentinel] "C:\Program Files (x86)\Common Files\Umbrella\Umbrella206_bkp.exe" -SERVICEARGS=c -HKLMRunOnce=1
04 - HKLM\..\Policies\Explorer\run : [4864864354] C:\Users\CHAIMA\AppData\Roaming\844354531531.exe
04 - [x64] HKLM\..\Run : [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
04 - [x64] HKLM\..\Run : [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
04 - [x64] HKLM\..\Run : [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe /hidden
04 - [x64] HKLM\..\Run : [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe
04 - [x64] HKLM\..\Policies\Explorer\run : [4864864354] C:\Users\CHAIMA\AppData\Roaming\844354531531.exe
04 - HKU\S-1-5-19\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-20\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-21-2347925159-1103078289-2455849278-1000\..\Run : [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe
04 - HKU\S-1-5-21-2347925159-1103078289-2455849278-1000\..\Run : [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
04 - HKU\S-1-5-21-2347925159-1103078289-2455849278-1000\..\Run : [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
04 - HKU\S-1-5-21-2347925159-1103078289-2455849278-1000\..\Run : [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
04 - HKU\S-1-5-21-2347925159-1103078289-2455849278-1000\..\Run : [Google Update] "C:\Users\CHAIMA\AppData\Local\Google\Update\GoogleUpdate.exe" /c
04 - HKU\S-1-5-21-2347925159-1103078289-2455849278-1000\..\Run : [Allmyapps] "C:\Users\CHAIMA\AppData\Roaming\Allmyapps\Allmyapps.exe" startup
04 - HKU\S-1-5-21-2347925159-1103078289-2455849278-1000\..\Run : [Allmyapps Update] "C:\Users\CHAIMA\AppData\Roaming\Allmyapps\AllmyappsUpdater.exe" check startup
04 - HKU\S-1-5-21-2347925159-1103078289-2455849278-1000\..\Run : [4864864354] C:\Users\CHAIMA\AppData\Roaming\844354531531.exe
04 - HKU\S-1-5-21-2347925159-1103078289-2455849278-1000\..\Run : [lollipop] "c:\users\chaima\appdata\local\lollipop\lollipop.exe" lollipop
04 - HKU\S-1-5-21-2347925159-1103078289-2455849278-1001\..\Run : [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe
04 - HKU\S-1-5-21-2347925159-1103078289-2455849278-1001\..\Run : [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
04 - HKU\S-1-5-21-2347925159-1103078289-2455849278-1001\..\Run : [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
04 - HKU\S-1-5-21-2347925159-1103078289-2455849278-1001\..\Run : [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
04 - HKU\S-1-5-21-2347925159-1103078289-2455849278-1001\..\Run : [Google Update] "C:\Users\CHAIMA\AppData\Local\Google\Update\GoogleUpdate.exe" /c
04 - HKU\S-1-5-21-2347925159-1103078289-2455849278-1001\..\Run : [Allmyapps] "C:\Users\CHAIMA\AppData\Roaming\Allmyapps\Allmyapps.exe" startup
04 - HKU\S-1-5-21-2347925159-1103078289-2455849278-1001\..\Run : [Allmyapps Update] "C:\Users\CHAIMA\AppData\Roaming\Allmyapps\AllmyappsUpdater.exe" check startup
04 - HKU\S-1-5-21-2347925159-1103078289-2455849278-1001\..\Run : [4864864354] C:\Users\Ibtisame\AppData\Roaming\844354531531.exe
04 - HKU\S-1-5-21-2347925159-1103078289-2455849278-1001\..\Run : [Bitdefender Wallet Agent] "C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe"
04 - HKU\S-1-5-21-2347925159-1103078289-2455849278-1001\..\Run : [Bitdefender Wallet] "C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe" --hidden --nowizard
04 - HKU\S-1-5-21-2347925159-1103078289-2455849278-1001\..\Run : [Bitdefender Wallet Application Agent] "C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe"
04 - HKU\S-1-5-19\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-20\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe

################## | UsbFix - Information |

Info : Comment supprimer l'infection des raccourcis sur USB ? (Video)
Info : L'infection des raccourcis USB, c'est quoi ?

################## | Hijack |

Restauré! [D] H:\DEMO FACTURE
Restauré! [N] H:\2014.xlsx
Restauré! [D] H:\BILAN 30092014
Restauré! [D] H:\Avast! Premier 8.0.1489.300-SpeedSoft
Restauré! [N] H:\[www.Cpasbien.com] Act.of.Valor.2012.FRENCH.BRRiP.XviD-AUTOPSiE.avi
Restauré! [N] H:\~$lahmar.xlsx
Restauré! [N] H:\~$Année 2013 tnt nation.xlsx
Restauré! [N] H:\~$2014.xlsx
Restauré! [N] H:\~$VOITURE213.xlsx
Restauré! [N] H:\~$2014 tnt.xlsx

################## | C:\ - Disque Fixe (NTFS) |

[22/03/2014 - 17:10:09 | A | 1 Ko] - C:\IS_PP2000.txt
[30/04/2014 - 09:08:36 | A | 34 Ko] - C:\bdlog.txt
[15/08/2014 - 04:48:15 | ASH | 2158772 Ko] - C:\hiberfil.sys
[15/08/2014 - 04:48:18 | ASH | 2878364 Ko] - C:\pagefile.sys
[18/01/2011 - 19:09:19 | D] - C:\SYSTEM.SAV
[27/07/2014 - 14:27:53 | D] - C:\Config.Msi
[22/03/2014 - 16:01:25 | A | 0 Ko] - C:\setup.log
[22/03/2014 - 17:07:28 | A | 0 Ko] - C:\TraceInstPC.log
[02/11/2009 - 14:22:26 | A | 95 Ko] - C:\Note Before Insatllation.doc
[21/04/2012 - 01:08:17 | SHD] - C:\$Recycle.Bin
[11/02/2014 - 02:15:08 | A | 1 Ko] - C:\PhysicalDisk0_MBR.bin
[14/07/2009 - 03:38:58 | RASH | 375 Ko] - C:\bootmgr
[14/07/2009 - 05:20:08 | D] - C:\PerfLogs
[14/07/2009 - 07:08:56 | SHD] - C:\Documents and Settings
[13/07/2010 - 09:35:23 | SHD] - C:\boot
[04/12/2010 - 02:09:45 | D] - C:\HP
[18/01/2011 - 19:08:35 | SHD] - C:\Recovery
[27/02/2011 - 07:55:46 | RHD] - C:\MSOCache
[11/11/2011 - 19:13:25 | D] - C:\7390bf6210a4c2136203a9a4
[20/03/2012 - 12:25:28 | D] - C:\Sun
[21/04/2012 - 08:15:32 | D] - C:\games
[21/04/2012 - 08:38:36 | D] - C:\Macromedia
[24/12/2012 - 14:24:56 | D] - C:\sn0wbreeze
[14/02/2013 - 11:24:31 | D] - C:\SwSetup
[01/02/2014 - 11:52:14 | D] - C:\PDF Pro 10
[11/02/2014 - 13:28:09 | D] - C:\AdwCleaner
[11/02/2014 - 14:02:34 | D] - C:\SymCache
[09/03/2014 - 19:28:43 | D] - C:\ACTIA
[13/03/2014 - 17:53:51 | D] - C:\ADSecurity
[17/03/2014 - 12:37:36 | D] - C:\ADCDTEMP
[22/03/2014 - 15:14:31 | D] - C:\TMP
[22/03/2014 - 16:11:45 | D] - C:\APPLIC
[22/03/2014 - 18:35:03 | D] - C:\APP
[26/03/2014 - 00:02:24 | A | 0 Ko] - C:\END
[04/04/2014 - 23:53:41 | D] - C:\AWRoot
[30/04/2014 - 09:20:35 | RD] - C:\Program Files
[23/07/2014 - 17:01:26 | D] - C:\temp
[25/07/2014 - 16:34:47 | RD] - C:\Users
[03/08/2014 - 02:29:50 | SHD] - C:\System Volume Information
[04/08/2014 - 12:47:00 | D] - C:\Program Files (x86)
[15/08/2014 - 04:45:34 | D] - C:\Windows
[15/08/2014 - 04:51:15 | HD] - C:\ProgramData
[15/08/2014 - 21:39:40 | D] - C:\UsbFix

################## | D:\ - Disque Fixe (NTFS) |

[18/01/2011 - 19:13:56 | D] - D:\system.sav
[04/12/2010 - 12:06:17 | N | 0 Ko] - D:\RPCONFIG.LOG
[04/12/2010 - 12:06:24 | N | 14 Ko] - D:\DeployRp.log
[15/08/2012 - 05:38:44 | A | 0 Ko] - D:\Microsoft Office Démarrer en un clic 2010 (Protégé) (Q) - Raccourci.lnk
[18/01/2011 - 19:13:56 | N | 0 Ko] - D:\language.ini
[18/01/2011 - 19:13:56 | N | 0 Ko] - D:\BT_COMPAQ.FLG
[04/12/2010 - 11:51:37 | N | 0 Ko] - D:\CSP.DAT
[18/01/2011 - 19:13:43 | N | 0 Ko] - D:\HP_WSD.dat
[15/06/2011 - 15:21:39 | SHD] - D:\$RECYCLE.BIN
[14/07/2009 - 20:39:00 | ASH | 375 Ko] - D:\bootmgr
[18/01/2011 - 19:13:56 | SHD] - D:\boot
[18/01/2011 - 19:13:56 | D] - D:\hp
[18/01/2011 - 19:13:56 | SHD] - D:\preload
[19/01/2011 - 03:03:27 | SHD] - D:\System Volume Information
[02/08/2012 - 02:05:20 | D] - D:\Billel
[20/05/2013 - 14:42:01 | SD] - D:\Recovery

################## | H:\ - Disque USB (FAT32) |

[06/05/2013 - 11:16:52 | N | 0 Ko] - H:\~$lahmar.xlsx
[07/06/2013 - 09:08:12 | N | 0 Ko] - H:\~$Année 2013 tnt nation.xlsx
[11/11/2013 - 11:04:10 | N | 0 Ko] - H:\~$VOITURE213.xlsx
[04/12/2013 - 20:28:36 | N | 0 Ko] - H:\~$2014 tnt.xlsx
[07/08/2014 - 00:42:28 | N | 0 Ko] - H:\~$2014.xlsx
[07/08/2014 - 01:30:18 | N | 180 Ko] - H:\2014.xlsx
[07/05/2013 - 10:31:36 | SH | 4 Ko] - H:\._.Trashes
[07/05/2013 - 10:31:36 | SHD] - H:\.Trashes
[07/05/2013 - 10:31:38 | SHD] - H:\.Spotlight-V100
[07/05/2013 - 10:31:36 | SHD] - H:\.fseventsd
[13/07/2014 - 13:45:02 | N | 716452 Ko] - H:\[www.Cpasbien.com] Act.of.Valor.2012.FRENCH.BRRiP.XviD-AUTOPSiE.avi
[28/04/2014 - 22:27:46 | D] - H:\Avast! Premier 8.0.1489.300-SpeedSoft
[02/01/2014 - 12:14:36 | D] - H:\BILAN 30092014
[02/01/2014 - 16:18:16 | D] - H:\DEMO FACTURE

################## | Vaccin |

C:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
D:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
H:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)

################## | E.O.F | http://www.sosvirus.net/ | http://www.usbfix.net/ |
Avatar du membre
par V-X
#196610
Bonjour et Bienvenue sur SOS-Virus,

J'ai diviser ton post car tu as créer le tien sur celui d'un autres users ayant le même problème. Un sujet = un problème différent au tien.

Donc :
  • Marque cette page, afin que tu puisses répondre et voir les réponses plus facilement.
@+

bonsoir oki pour la fermeture je m'en charge car[…]

how to clean junk files

Hello don't use this program , it's a bullshit :)

Bonjour https://www.aht.li/3213847/AdsFix.exe b[…]

De rien Bon WE :)