Aider moi a analyser mon rapport svp 2014-04-16T10:56:53+00:00

Dépannage Informatique : Aider moi a analyser mon rapport svp

  • Auteur
    Messages
  • dodiawara
    Participant
    Nombre d'articles : 1

    Bonjour! Certains dossiers et fichiers de ma clé usb se sont transformés en raccourcis. Je pense que j’ai affaire à un cheval de troie. Veuillez m’aider svp.

    ############################## | UsbFix V 7.169 | [Recherche]

    Utilisateur: MAMADOU (Administrateur) # PORTABLE
    Mis à jour le 31/03/2014 par El Desaparecido – Team SosVirus
    Lancé à 09:23:15 | 16/04/2014

    Site Web : http://www.usbfix.net/” onclick=”window.open(this.href);return false;
    Changelog : http://www.usbfix.net/maj/” onclick=”window.open(this.href);return false;
    Support : forum-virus-securite.html
    Upload Malware : upload_malware.php
    Contact : http://www.usbfix.net/contact/” onclick=”window.open(this.href);return false;

    PC: Hewlett-Packard (1858)
    CPU: Intel(R) Celeron(R) CPU B830 @ 1.80GHz
    RAM -> [Total : 2726 Mo| Free : 1211 Mo]
    Bios: Insyde
    Boot: Normal boot

    OS: Microsoft Windows 8 Professionnel avec Media Center (6.2.9200 32-Bit)
    WB: Windows Internet Explorer : 10.0.9200.16863
    WB: Google Chrome : 34.0.1847.116

    SC: Security Center [Enabled]
    WU: Windows Update [Enabled]
    AV: AVG AntiVirus Free Edition 2014 [(!) Disabled | Updated]
    AV: Windows Defender [(!) Disabled | Updated]
    AS: Windows Defender [(!) Disabled | Updated]
    AS: AVG AntiVirus Free Edition 2014 [(!) Disabled | Updated]
    FW: Windows FireWall [(!) Disabled]

    C: (%systemdrive%) -> Disque fixe # 456 Go (165 Go libre(s) – 36%) [] # NTFS
    D: -> Disque fixe # 10 Go (5 Go libre(s) – 54%) [] # NTFS
    E: -> CD-ROM
    F: -> CD-ROM
    G: -> Disque amovible # 2 Go (2 Go libre(s) – 98%) [PENDRIVE] # FAT32

    ################## | Processus Actif |

    C:Windowssystem32csrss.exe (ID: 732 |ParentID: 724)
    C:Windowssystem32wininit.exe (ID: 796 |ParentID: 724)
    C:Windowssystem32csrss.exe (ID: 804 |ParentID: 788)
    C:Windowssystem32winlogon.exe (ID: 856 |ParentID: 788)
    C:Windowssystem32services.exe (ID: 872 |ParentID: 796)
    C:Windowssystem32lsass.exe (ID: 888 |ParentID: 796)
    C:Windowssystem32svchost.exe (ID: 988 |ParentID: 872)
    C:Windowssystem32svchost.exe (ID: 1040 |ParentID: 872)
    C:WindowsSystem32svchost.exe (ID: 1100 |ParentID: 872)
    C:Windowssystem32svchost.exe (ID: 1132 |ParentID: 872)
    C:Windowssystem32dwm.exe (ID: 1208 |ParentID: 856)
    C:Windowssystem32svchost.exe (ID: 1240 |ParentID: 872)
    C:WindowsSystem32svchost.exe (ID: 1328 |ParentID: 872)
    C:Program FilesWTouchWTouchService.exe (ID: 1428 |ParentID: 872)
    C:Windowssystem32svchost.exe (ID: 1612 |ParentID: 872)
    C:WindowsSystem32spoolsv.exe (ID: 1728 |ParentID: 872)
    C:Windowssystem32svchost.exe (ID: 1760 |ParentID: 872)
    C:Program FilesCommon FilesAppleMobile Device SupportAppleMobileDeviceService.exe (ID: 2012 |ParentID: 872)
    C:Windowssystem32AdminService.exe (ID: 120 |ParentID: 872)
    C:Program FilesAVGAVG2014avgwdsvc.exe (ID: 440 |ParentID: 872)
    C:Program FilesBonjourmDNSResponder.exe (ID: 808 |ParentID: 872)
    C:Program FilesInteliCLS ClientHeciServer.exe (ID: 948 |ParentID: 872)
    C:Program FilesInternetEverywhereInternetEverywhere_Service.exe (ID: 1344 |ParentID: 872)
    C:Program FilesRealNetworksRealDownloaderrndlresolversvc.exe (ID: 1868 |ParentID: 872)
    C:Windowssystem32svchost.exe (ID: 2096 |ParentID: 872)
    C:Windowssystem32Pen_Tablet.exe (ID: 2120 |ParentID: 872)
    C:Windowssystem32svchost.exe (ID: 3236 |ParentID: 872)
    C:Windowssystem32taskhostex.exe (ID: 3460 |ParentID: 872)
    C:Program FilesGoogleUpdate1.3.23.9GoogleCrashHandler.exe (ID: 3872 |ParentID: 3720)
    C:WindowsExplorer.EXE (ID: 3880 |ParentID: 3504)
    C:Program FilesCommon Filesmicrosoft sharedinkTabTip.exe (ID: 3960 |ParentID: 1328)
    C:Windowssystem32svchost.exe (ID: 2400 |ParentID: 872)
    C:Program FilesWindowsAppsmicrosoft.windowscommunicationsapps_17.0.1119.516_x86__8wekyb3d8bbweLiveComm.exe (ID: 1604 |ParentID: 988)
    C:Windowssystem32SearchIndexer.exe (ID: 3320 |ParentID: 872)
    C:Program FilesAVGAVG2014avgui.exe (ID: 3100 |ParentID: 3880)
    C:WindowsSystem32igfxtray.exe (ID: 3764 |ParentID: 3880)
    C:WindowsSystem32hkcmd.exe (ID: 3836 |ParentID: 3880)
    C:WindowsSystem32igfxpers.exe (ID: 2904 |ParentID: 3880)
    C:Program FilesSynapticsSynTPSynTPEnh.exe (ID: 1440 |ParentID: 3880)
    C:Program FilesCommon FilesJavaJava Updatejusched.exe (ID: 1576 |ParentID: 3880)
    C:Program FilesPowerISOPWRISOVM.EXE (ID: 3180 |ParentID: 3880)
    C:Program FilesiTunesiTunesHelper.exe (ID: 3412 |ParentID: 3880)
    C:PROGRAM FILESSYNAPTICSSYNTPSYNTPHELPER.EXE (ID: 3892 |ParentID: 2924)
    C:Program FilesYahoo!MessengerYahooMessenger.exe (ID: 3172 |ParentID: 3880)
    C:Program FilesCommon FilesAppleInternet ServicesiCloudServices.exe (ID: 152 |ParentID: 3880)
    C:Program FilesCommon FilesAppleInternet ServicesApplePhotoStreams.exe (ID: 1788 |ParentID: 3880)
    C:Program FilesiPodbiniPodService.exe (ID: 4132 |ParentID: 872)
    C:Program Filessunugrafsunuradiotviconebarre.exe (ID: 4248 |ParentID: 3880)
    C:Program FilesSkypePhoneSkype.exe (ID: 4264 |ParentID: 3880)
    C:UsersMAMADOUAppDataLocalViberViber.exe (ID: 4284 |ParentID: 3880)
    C:Program FilesInternetEverywhereInternetEverywhere_Launcher.exe (ID: 4388 |ParentID: 3880)
    C:Windowssystem32RunDll32.exe (ID: 4444 |ParentID: 3880)
    C:UsersMAMADOUAppDataRoamingDropboxbinDropbox.exe (ID: 4484 |ParentID: 3880)
    C:WindowsSystem32RuntimeBroker.exe (ID: 4944 |ParentID: 988)
    C:Program FilesCommon FilesAppleInternet ServicesAPSDaemon.exe (ID: 5252 |ParentID: 988)
    C:Windowssystem32wbemwmiprvse.exe (ID: 5340 |ParentID: 988)
    C:Program FilesIntelIntel(R) Management Engine ComponentsDALjhi_service.exe (ID: 1564 |ParentID: 872)
    C:Program FilesIntelIntel(R) Management Engine ComponentsLMSLMS.exe (ID: 5000 |ParentID: 872)
    C:Windowssystem32csrss.exe (ID: 8028 |ParentID: 2108)
    C:Windowssystem32winlogon.exe (ID: 6696 |ParentID: 2108)
    C:Windowssystem32dwm.exe (ID: 6724 |ParentID: 6696)
    C:Windowssystem32taskhostex.exe (ID: 3252 |ParentID: 872)
    C:Windowssystem32WTabletPen_TabletUser.exe (ID: 2156 |ParentID: 2120)
    C:Windowssystem32Pen_Tablet.exe (ID: 6892 |ParentID: 2120)
    C:WindowsExplorer.EXE (ID: 5768 |ParentID: 2716)
    C:Program FilesCommon Filesmicrosoft sharedinkTabTip.exe (ID: 5536 |ParentID: 1328)
    C:Program FilesAVGAVG2014avgui.exe (ID: 1052 |ParentID: 5768)
    C:WindowsSystem32hkcmd.exe (ID: 7400 |ParentID: 5768)
    C:WindowsSystem32igfxpers.exe (ID: 8092 |ParentID: 5768)
    C:Program FilesSynapticsSynTPSynTPEnh.exe (ID: 6884 |ParentID: 5768)
    C:PROGRAM FILESSYNAPTICSSYNTPSYNTPHELPER.EXE (ID: 76 |ParentID: 7552)
    C:Program FilesCommon FilesJavaJava Updatejusched.exe (ID: 6568 |ParentID: 5768)
    C:Program FilesPowerISOPWRISOVM.EXE (ID: 6180 |ParentID: 5768)
    C:Program FilesiTunesiTunesHelper.exe (ID: 6712 |ParentID: 5768)
    C:Program FilesInternetEverywhereInternetEverywhere_Launcher.exe (ID: 3476 |ParentID: 5768)
    C:Program FilesInternet Exploreriexplore.exe (ID: 1284 |ParentID: 3880)
    C:Program FilesInternet Exploreriexplore.exe (ID: 2056 |ParentID: 1284)
    C:Program FilesRealNetworksRealDownloaderrecordingmanager.exe (ID: 5528 |ParentID: 1284)
    C:WindowsSystem32MacromedFlashFlashUtil_ActiveX.exe (ID: 6888 |ParentID: 988)
    C:Program FilesCommon FilesAppleInternet ServicesAppleIEDAV.exe (ID: 5072 |ParentID: 7176)
    C:Program FilesRealRealPlayerupdaterealsched.exe (ID: 3176 |ParentID: 4920)
    C:Windowssystem32DllHost.exe (ID: 10160 |ParentID: 988)
    C:Program FilesWindowsAppsMicrosoft.Reader_6.2.9200.20780_x86__8wekyb3d8bbweglcnd.exe (ID: 10220 |ParentID: 988)
    C:WindowsSystem32WUDFHost.exe (ID: 6492 |ParentID: 1328)
    C:Program FilesWTouchWTouchUser.exe (ID: 8256 |ParentID: 1428)
    C:Program FilesInternet Exploreriexplore.exe (ID: 6440 |ParentID: 1284)
    C:Program FilesInternet Exploreriexplore.exe (ID: 3928 |ParentID: 1284)
    C:Windowssystem32msiexec.exe (ID: 532 |ParentID: 872)
    C:Windowssystem32SearchProtocolHost.exe (ID: 4432 |ParentID: 3320)
    C:Windowssystem32SearchFilterHost.exe (ID: 4044 |ParentID: 3320)

    ################## | Regedit Run |

    F2 – HKLM..Winlogon : [Shell] explorer.exe
    F2 – [x64] HKLM..Winlogon : [Shell] explorer.exe
    F2 – HKLM..Winlogon : [Userinit] C:Windowssystem32userinit.exe,
    F2 – [x64] HKLM..Winlogon : [Userinit] C:Windowssystem32userinit.exe,
    04 – HKCU..Run : [Messenger (Yahoo!)] “C:PROGRA~1Yahoo!MessengerYahooMessenger.exe” -quiet
    04 – HKCU..Run : [iCloudServices] C:Program FilesCommon FilesAppleInternet ServicesiCloudServices.exe
    04 – HKCU..Run : [ApplePhotoStreams] C:Program FilesCommon FilesAppleInternet ServicesApplePhotoStreams.exe
    04 – HKCU..Run : [AppleIEDAV] C:Program FilesCommon FilesAppleInternet ServicesAppleIEDAV.exe
    04 – HKCU..Run : [AVG-Secure-Search-Update_1213b] C:UsersMAMADOUAppDataRoamingAVG 1213b CampaignAVG-Secure-Search-Update-1213b.exe /PROMPT /mid=14949453640c47d38c24f121dbb71187-e520923374f2255aaad27b8d59c1c4916995b690 /CMPID=1213b
    04 – HKCU..Run : [Google Update] “C:UsersMAMADOUAppDataLocalGoogleUpdateGoogleUpdate.exe” /c
    04 – HKCU..Run : [sunuradiotv] C:Program Filessunugrafsunuradiotviconebarre.exe
    04 – HKCU..Run : [Skype] “C:Program FilesSkypePhoneSkype.exe” /minimized /regrun
    04 – HKCU..Run : [Viber] “C:UsersMAMADOUAppDataLocalViberViber.exe” StartMinimized
    04 – HKLM..Run : [AVG_UI] “C:Program FilesAVGAVG2014avgui.exe” /TRAYONLY
    04 – HKLM..Run : [APSDaemon] “C:Program FilesCommon FilesAppleApple Application SupportAPSDaemon.exe”
    04 – HKLM..Run : [TkBellExe] “C:Program FilesRealRealPlayerUpdaterealsched.exe” -osboot
    04 – HKLM..Run : [IgfxTray] C:Windowssystem32igfxtray.exe
    04 – HKLM..Run : [HotKeysCmds] C:Windowssystem32hkcmd.exe
    04 – HKLM..Run : [Persistence] C:Windowssystem32igfxpers.exe
    04 – HKLM..Run : [SynTPEnh] %ProgramFiles%SynapticsSynTPSynTPEnh.exe
    04 – HKLM..Run : [SunJavaUpdateSched] “C:Program FilesCommon FilesJavaJava Updatejusched.exe”
    04 – HKLM..Run : [PWRISOVM.EXE] C:Program FilesPowerISOPWRISOVM.EXE -startup
    04 – HKLM..Run : [QuickTime Task] “C:Program FilesQuickTimeQTTask.exe” -atboottime
    04 – HKLM..Run : [iTunesHelper] “C:Program FilesiTunesiTunesHelper.exe”
    04 – HKLM..RunOnce : []
    04 – HKUS-1-5-21-3193705447-2187729482-271068122-1001..Run : [Messenger (Yahoo!)] “C:PROGRA~1Yahoo!MessengerYahooMessenger.exe” -quiet
    04 – HKUS-1-5-21-3193705447-2187729482-271068122-1001..Run : [iCloudServices] C:Program FilesCommon FilesAppleInternet ServicesiCloudServices.exe
    04 – HKUS-1-5-21-3193705447-2187729482-271068122-1001..Run : [ApplePhotoStreams] C:Program FilesCommon FilesAppleInternet ServicesApplePhotoStreams.exe
    04 – HKUS-1-5-21-3193705447-2187729482-271068122-1001..Run : [AppleIEDAV] C:Program FilesCommon FilesAppleInternet ServicesAppleIEDAV.exe
    04 – HKUS-1-5-21-3193705447-2187729482-271068122-1001..Run : [AVG-Secure-Search-Update_1213b] C:UsersMAMADOUAppDataRoamingAVG 1213b CampaignAVG-Secure-Search-Update-1213b.exe /PROMPT /mid=14949453640c47d38c24f121dbb71187-e520923374f2255aaad27b8d59c1c4916995b690 /CMPID=1213b
    04 – HKUS-1-5-21-3193705447-2187729482-271068122-1001..Run : [Google Update] “C:UsersMAMADOUAppDataLocalGoogleUpdateGoogleUpdate.exe” /c
    04 – HKUS-1-5-21-3193705447-2187729482-271068122-1001..Run : [sunuradiotv] C:Program Filessunugrafsunuradiotviconebarre.exe
    04 – HKUS-1-5-21-3193705447-2187729482-271068122-1001..Run : [Skype] “C:Program FilesSkypePhoneSkype.exe” /minimized /regrun
    04 – HKUS-1-5-21-3193705447-2187729482-271068122-1001..Run : [Viber] “C:UsersMAMADOUAppDataLocalViberViber.exe” StartMinimized
    04 – HKUS-1-5-21-3193705447-2187729482-271068122-501..Run : [ooVoo] CooVoo.exe /minimized

    ################## | Recherche générique |

    Présent! G:168816984_MicrosoftUpdate.vbe
    Présent! G:RECYCLER.lnk
    Présent! G:Nouveau dossier.lnk
    Présent! G:System Volume Information.lnk
    Présent! G:Daouda Diallo Assane Ndiaye Mamadou Diawara.lnk

    ################## | Registre |

    ################## | E.O.F | http://www.usbfix.net/” onclick=”window.open(this.href);return false; – https://www.sosvirus.net” onclick=”window.open(this.href);return false; |

  • Anonyme
    Nombre d'articles : 0

    Hello :hello: ,

    Bienvenue sur SosVirus :welcome:

    • Lance UsbFix.
    • Connecte les supports USB Susceptibles d’être infectés.
    • Choisis l’option Suppression

      Note : L’ordinateur va redémarrer automatiquement, au redémarrage, clique sur le message transmis par UsbFix et laisse le programme travailler.

    • Copie et Colle le contenu du rapport qui apparaît à la fin du scan dans ta prochaine réponse.
    • Tutoriel : http://www.usbfix.net/tutoriels/” onclick=”window.open(this.href);return false;
  • dodiawara
    Participant
    Nombre d'articles : 1

    merci pour la promptitude

    ############################## | UsbFix V 7.169 | [Suppression]

    Utilisateur: MAMADOU (Administrateur) # PORTABLE
    Mis à jour le 31/03/2014 par El Desaparecido – Team SosVirus
    Lancé à 12:24:15 | 16/04/2014

    Site Web : http://www.usbfix.net/” onclick=”window.open(this.href);return false;
    Changelog : http://www.usbfix.net/maj/” onclick=”window.open(this.href);return false;
    Support : forum-virus-securite.html
    Upload Malware : upload_malware.php
    Contact : http://www.usbfix.net/contact/” onclick=”window.open(this.href);return false;

    PC: Hewlett-Packard (1858)
    CPU: Intel(R) Celeron(R) CPU B830 @ 1.80GHz
    RAM -> [Total : 2726 Mo| Free : 1614 Mo]
    Bios: Insyde
    Boot: Normal boot

    OS: Microsoft Windows 8 Professionnel avec Media Center (6.2.9200 32-Bit)
    WB: Windows Internet Explorer : 10.0.9200.16863
    WB: Google Chrome : 34.0.1847.116

    SC: Security Center [Enabled]
    WU: Windows Update [Enabled]
    AV: AVG AntiVirus Free Edition 2014 [Enabled | Updated]
    AV: Windows Defender [(!) Disabled | Updated]
    AS: Windows Defender [(!) Disabled | Updated]
    AS: AVG AntiVirus Free Edition 2014 [Enabled | Updated]
    FW: Windows FireWall [(!) Disabled]

    C: (%systemdrive%) -> Disque fixe # 456 Go (165 Go libre(s) – 36%) [] # NTFS
    D: -> Disque fixe # 10 Go (5 Go libre(s) – 54%) [] # NTFS
    E: -> CD-ROM
    F: -> Disque amovible # 2 Go (2 Go libre(s) – 98%) [PENDRIVE] # FAT32
    G: -> CD-ROM

    ################## | Processus Actif |

    C:PROGRA~1AVGAVG2014avgrsx.exe (ID: 480 |ParentID: 468)
    C:Program FilesAVGAVG2014avgcsrvx.exe (ID: 524 |ParentID: 480)
    C:Windowssystem32csrss.exe (ID: 736 |ParentID: 728)
    C:Windowssystem32wininit.exe (ID: 804 |ParentID: 728)
    C:Windowssystem32csrss.exe (ID: 812 |ParentID: 792)
    C:Windowssystem32services.exe (ID: 872 |ParentID: 804)
    C:Windowssystem32winlogon.exe (ID: 880 |ParentID: 792)
    C:Windowssystem32lsass.exe (ID: 888 |ParentID: 804)
    C:Windowssystem32svchost.exe (ID: 996 |ParentID: 872)
    C:Windowssystem32svchost.exe (ID: 1048 |ParentID: 872)
    C:WindowsSystem32svchost.exe (ID: 1104 |ParentID: 872)
    C:Windowssystem32dwm.exe (ID: 1136 |ParentID: 880)
    C:Windowssystem32svchost.exe (ID: 1264 |ParentID: 872)
    C:Windowssystem32svchost.exe (ID: 1296 |ParentID: 872)
    C:WindowsSystem32svchost.exe (ID: 1364 |ParentID: 872)
    C:Program FilesWTouchWTouchService.exe (ID: 1460 |ParentID: 872)
    C:Windowssystem32svchost.exe (ID: 1564 |ParentID: 872)
    C:WindowsSystem32spoolsv.exe (ID: 1728 |ParentID: 872)
    C:Windowssystem32svchost.exe (ID: 1760 |ParentID: 872)
    C:Program FilesCommon FilesAppleMobile Device SupportAppleMobileDeviceService.exe (ID: 1996 |ParentID: 872)
    C:Windowssystem32AdminService.exe (ID: 2024 |ParentID: 872)
    C:Program FilesAVGAVG2014avgidsagent.exe (ID: 440 |ParentID: 872)
    C:Program FilesAVGAVG2014avgwdsvc.exe (ID: 540 |ParentID: 872)
    C:Program FilesBonjourmDNSResponder.exe (ID: 468 |ParentID: 872)
    C:Program FilesInteliCLS ClientHeciServer.exe (ID: 752 |ParentID: 872)
    C:Program FilesInternetEverywhereInternetEverywhere_Service.exe (ID: 1032 |ParentID: 872)
    C:WindowsSystem32svchost.exe (ID: 1116 |ParentID: 872)
    C:WindowsSystem32svchost.exe (ID: 1480 |ParentID: 872)
    C:Program FilesRealNetworksRealDownloaderrndlresolversvc.exe (ID: 1588 |ParentID: 872)
    C:Windowssystem32svchost.exe (ID: 1416 |ParentID: 872)
    C:Windowssystem32Pen_Tablet.exe (ID: 2004 |ParentID: 872)
    C:Windowssystem32svchost.exe (ID: 2716 |ParentID: 872)
    C:Program FilesAVGAVG2014avgnsx.exe (ID: 2960 |ParentID: 540)
    C:Program FilesAVGAVG2014avgemcx.exe (ID: 2972 |ParentID: 540)
    C:Windowssystem32taskhostex.exe (ID: 3644 |ParentID: 872)
    C:WindowsExplorer.EXE (ID: 3736 |ParentID: 3728)
    C:Program FilesWTouchWTouchUser.exe (ID: 3948 |ParentID: 1460)
    C:Windowssystem32svchost.exe (ID: 2080 |ParentID: 872)
    C:Program FilesWindowsAppsmicrosoft.windowscommunicationsapps_17.0.1119.516_x86__8wekyb3d8bbweLiveComm.exe (ID: 1788 |ParentID: 996)
    C:Program FilesGoogleUpdate1.3.23.9GoogleCrashHandler.exe (ID: 2684 |ParentID: 4000)
    C:Program FilesCommon Filesmicrosoft sharedinkTabTip.exe (ID: 2416 |ParentID: 1364)
    C:Windowssystem32SearchIndexer.exe (ID: 3912 |ParentID: 872)
    C:Program FilesAVGAVG2014avgui.exe (ID: 2368 |ParentID: 3736)
    C:Program FilesRealRealPlayerUpdaterealsched.exe (ID: 3016 |ParentID: 3736)
    C:WindowsSystem32igfxtray.exe (ID: 3612 |ParentID: 3736)
    C:WindowsSystem32hkcmd.exe (ID: 4132 |ParentID: 3736)
    C:WindowsSystem32igfxpers.exe (ID: 4176 |ParentID: 3736)
    C:Program FilesSynapticsSynTPSynTPEnh.exe (ID: 4204 |ParentID: 3736)
    C:Program FilesCommon FilesJavaJava Updatejusched.exe (ID: 4388 |ParentID: 3736)
    C:Program FilesPowerISOPWRISOVM.EXE (ID: 4456 |ParentID: 3736)
    C:Program FilesiTunesiTunesHelper.exe (ID: 4552 |ParentID: 3736)
    C:PROGRAM FILESSYNAPTICSSYNTPSYNTPHELPER.EXE (ID: 4616 |ParentID: 4284)
    C:Program FilesCommon FilesAppleInternet ServicesiCloudServices.exe (ID: 4660 |ParentID: 3736)
    C:Program FilesCommon FilesAppleInternet ServicesApplePhotoStreams.exe (ID: 4680 |ParentID: 3736)
    C:Program FilesCommon FilesAppleInternet ServicesAppleIEDAV.exe (ID: 4728 |ParentID: 3736)
    C:Program FilesiPodbiniPodService.exe (ID: 4736 |ParentID: 872)
    C:Program FilesSkypePhoneSkype.exe (ID: 4968 |ParentID: 3736)
    C:UsersMAMADOUAppDataLocalViberViber.exe (ID: 4988 |ParentID: 3736)
    C:Windowssystem32wbemwmiprvse.exe (ID: 5016 |ParentID: 996)
    C:Program FilesInternetEverywhereInternetEverywhere_Launcher.exe (ID: 5028 |ParentID: 3736)
    C:Windowssystem32RunDll32.exe (ID: 5048 |ParentID: 3736)
    C:UsersMAMADOUAppDataRoamingDropboxbinDropbox.exe (ID: 5076 |ParentID: 3736)
    C:WindowsSystem32RuntimeBroker.exe (ID: 5368 |ParentID: 996)
    C:Program FilesCommon FilesAppleInternet ServicesAPSDaemon.exe (ID: 5396 |ParentID: 996)
    C:Program FilesIntelIntel(R) Management Engine ComponentsDALjhi_service.exe (ID: 1124 |ParentID: 872)
    C:Program FilesIntelIntel(R) Management Engine ComponentsLMSLMS.exe (ID: 2384 |ParentID: 872)
    C:Windowssystem32wbemwmiprvse.exe (ID: 1336 |ParentID: 996)
    C:Program FilesYahoo!Messengerymsgr_tray.exe (ID: 3816 |ParentID: 4636)
    C:Windowssystem32SearchProtocolHost.exe (ID: 988 |ParentID: 3912)
    C:Windowssystem32SearchFilterHost.exe (ID: 2868 |ParentID: 3912)
    C:Windowssystem32SearchProtocolHost.exe (ID: 3436 |ParentID: 3912)
    C:Windowssystem32RunDll32.exe (ID: 5692 |ParentID: 4300)
    C:WindowsSystem32WUDFHost.exe (ID: 1872 |ParentID: 1364)

    ################## | Recherche générique |

    Non supprimé ! F:168816984_MicrosoftUpdate.vbe
    Supprimé! F:RECYCLER.lnk
    Supprimé! F:Nouveau dossier.lnk
    Supprimé! F:System Volume Information.lnk
    Supprimé! F:Daouda Diallo Assane Ndiaye Mamadou Diawara.lnk

    (!) Fichiers temporaires supprimés.

    ################## | Registre |

    Supprimé! HKUS-1-5-21-3193705447-2187729482-271068122-1001Software….Mountpoints2{ca606d60-9749-11e3-afbb-28924a2580df}

    ################## | Regedit Run |

    F2 – HKLM..Winlogon : [Shell] explorer.exe
    F2 – [x64] HKLM..Winlogon : [Shell] explorer.exe
    F2 – HKLM..Winlogon : [Userinit] C:Windowssystem32userinit.exe,
    F2 – [x64] HKLM..Winlogon : [Userinit] C:Windowssystem32userinit.exe,
    04 – HKCU..Run : [Messenger (Yahoo!)] “C:PROGRA~1Yahoo!MessengerYahooMessenger.exe” -quiet
    04 – HKCU..Run : [iCloudServices] C:Program FilesCommon FilesAppleInternet ServicesiCloudServices.exe
    04 – HKCU..Run : [ApplePhotoStreams] C:Program FilesCommon FilesAppleInternet ServicesApplePhotoStreams.exe
    04 – HKCU..Run : [AppleIEDAV] C:Program FilesCommon FilesAppleInternet ServicesAppleIEDAV.exe
    04 – HKCU..Run : [AVG-Secure-Search-Update_1213b] C:UsersMAMADOUAppDataRoamingAVG 1213b CampaignAVG-Secure-Search-Update-1213b.exe /PROMPT /mid=14949453640c47d38c24f121dbb71187-e520923374f2255aaad27b8d59c1c4916995b690 /CMPID=1213b
    04 – HKCU..Run : [Google Update] “C:UsersMAMADOUAppDataLocalGoogleUpdateGoogleUpdate.exe” /c
    04 – HKCU..Run : [sunuradiotv] C:Program Filessunugrafsunuradiotviconebarre.exe
    04 – HKCU..Run : [Skype] “C:Program FilesSkypePhoneSkype.exe” /minimized /regrun
    04 – HKCU..Run : [Viber] “C:UsersMAMADOUAppDataLocalViberViber.exe” StartMinimized
    04 – HKLM..Run : [AVG_UI] “C:Program FilesAVGAVG2014avgui.exe” /TRAYONLY
    04 – HKLM..Run : [APSDaemon] “C:Program FilesCommon FilesAppleApple Application SupportAPSDaemon.exe”
    04 – HKLM..Run : [TkBellExe] “C:Program FilesRealRealPlayerUpdaterealsched.exe” -osboot
    04 – HKLM..Run : [IgfxTray] C:Windowssystem32igfxtray.exe
    04 – HKLM..Run : [HotKeysCmds] C:Windowssystem32hkcmd.exe
    04 – HKLM..Run : [Persistence] C:Windowssystem32igfxpers.exe
    04 – HKLM..Run : [SynTPEnh] %ProgramFiles%SynapticsSynTPSynTPEnh.exe
    04 – HKLM..Run : [SunJavaUpdateSched] “C:Program FilesCommon FilesJavaJava Updatejusched.exe”
    04 – HKLM..Run : [PWRISOVM.EXE] C:Program FilesPowerISOPWRISOVM.EXE -startup
    04 – HKLM..Run : [QuickTime Task] “C:Program FilesQuickTimeQTTask.exe” -atboottime
    04 – HKLM..Run : [iTunesHelper] “C:Program FilesiTunesiTunesHelper.exe”
    04 – HKUS-1-5-21-3193705447-2187729482-271068122-1001..Run : [Messenger (Yahoo!)] “C:PROGRA~1Yahoo!MessengerYahooMessenger.exe” -quiet
    04 – HKUS-1-5-21-3193705447-2187729482-271068122-1001..Run : [iCloudServices] C:Program FilesCommon FilesAppleInternet ServicesiCloudServices.exe
    04 – HKUS-1-5-21-3193705447-2187729482-271068122-1001..Run : [ApplePhotoStreams] C:Program FilesCommon FilesAppleInternet ServicesApplePhotoStreams.exe
    04 – HKUS-1-5-21-3193705447-2187729482-271068122-1001..Run : [AppleIEDAV] C:Program FilesCommon FilesAppleInternet ServicesAppleIEDAV.exe
    04 – HKUS-1-5-21-3193705447-2187729482-271068122-1001..Run : [AVG-Secure-Search-Update_1213b] C:UsersMAMADOUAppDataRoamingAVG 1213b CampaignAVG-Secure-Search-Update-1213b.exe /PROMPT /mid=14949453640c47d38c24f121dbb71187-e520923374f2255aaad27b8d59c1c4916995b690 /CMPID=1213b
    04 – HKUS-1-5-21-3193705447-2187729482-271068122-1001..Run : [Google Update] “C:UsersMAMADOUAppDataLocalGoogleUpdateGoogleUpdate.exe” /c
    04 – HKUS-1-5-21-3193705447-2187729482-271068122-1001..Run : [sunuradiotv] C:Program Filessunugrafsunuradiotviconebarre.exe
    04 – HKUS-1-5-21-3193705447-2187729482-271068122-1001..Run : [Skype] “C:Program FilesSkypePhoneSkype.exe” /minimized /regrun
    04 – HKUS-1-5-21-3193705447-2187729482-271068122-1001..Run : [Viber] “C:UsersMAMADOUAppDataLocalViberViber.exe” StartMinimized

    ################## | Listing |

    [10/10/2013 – 21:59:57 | D] – C:$AVG
    [07/12/2013 – 06:04:41 | SHD] – C:$Recycle.Bin
    [26/07/2012 – 06:52:25 | A | 0 Ko] – C:autoexec.bat
    [26/07/2012 – 03:44:30 | RASH | 389 Ko] – C:bootmgr
    [02/06/2012 – 14:30:55 | N | 0 Ko] – C:BOOTNXT
    [10/04/2014 – 09:31:02 | D] – C:Config.Msi
    [26/07/2012 – 06:52:25 | N | 0 Ko] – C:config.sys
    [30/01/2014 – 13:58:30 | D] – C:Desktop
    [26/07/2012 – 06:04:44 | SHD] – C:Documents and Settings
    [01/03/2014 – 21:24:52 | D] – C:favori_sunuradio
    [16/04/2014 – 12:10:29 | ASH | 2233428 Ko] – C:hiberfil.sys
    [11/10/2013 – 00:29:13 | D] – C:Intel
    [06/01/2014 – 13:16:32 | D] – C:isoavdpcopy
    [20/10/2013 – 13:34:08 | RHD] – C:MSOCache
    [16/04/2014 – 12:10:30 | ASH | 1638400 Ko] – C:pagefile.sys
    [26/07/2012 – 06:29:57 | D] – C:PerfLogs
    [28/03/2014 – 07:35:19 | D] – C:Program Files
    [15/03/2014 – 23:31:13 | HD] – C:ProgramData
    [25/11/2012 – 21:49:18 | D] – C:sources
    [01/03/2014 – 20:02:28 | D] – C:sunuradio
    [16/04/2014 – 12:10:31 | ASH | 262144 Ko] – C:swapfile.sys
    [13/04/2014 – 20:36:02 | SHD] – C:System Volume Information
    [16/04/2014 – 09:22:48 | D] – C:UsbFix
    [16/04/2014 – 12:29:30 | A | 12 Ko | 53B8FB7CF957FA3A3036A29554B4C3D7] – C:UsbFix [Clean 2] PORTABLE.txt
    [16/04/2014 – 09:29:31 | N | 12 Ko | 9D33BA0FFAE1B1E4176B758FEF1E3785] – C:UsbFix [Scan 1] PORTABLE.txt
    [16/04/2014 – 11:37:26 | N | 12 Ko | 18ED536F84905A1247109B4DB3F424C0] – C:UsbFix [Scan 2] PORTABLE.txt
    [16/04/2014 – 11:58:12 | N | 12 Ko | F1E04A16BFD456A90813BCF5169B7BCD] – C:UsbFix [Scan 3] PORTABLE.txt
    [30/12/2013 – 20:20:08 | D] – C:Users
    [22/03/2014 – 04:20:13 | D] – C:Windows
    [10/10/2013 – 21:41:30 | D] – C:Windows Activation Technologies
    [10/10/2013 – 22:48:59 | D] – D:$AVG
    [26/02/2014 – 07:58:25 | SHD] – D:$RECYCLE.BIN
    [07/04/2014 – 12:55:34 | N | 15494 Ko] – D:CERTIFICAT DE PRISE DE SERVICE 2014.doc
    [21/11/2013 – 01:55:00 | D] – D:cheikh
    [13/10/2013 – 09:55:27 | N | 796 Ko] – D:Masalik_en_A5_aminta.pdf
    [11/10/2013 – 00:27:55 | N | 73532 Ko | F8C4E959504F103CD736C288CA459C22] – D:MEI_9.5_1.5M_9.5.14.1724.exe
    [20/10/2013 – 13:31:46 | D] – D:office 2007
    [10/10/2013 – 22:14:32 | D] – D:OFFICE 2013
    [18/11/2013 – 14:36:29 | N | 308779 Ko | EF05B921F803F5DDF588D88727C1BA22] – D:OJ_AIO_4500_G510g-m_Full_Win_WW_140_408.exe
    [20/10/2013 – 13:32:40 | D] – D:OpenOffice 4.0.1 (fr) Installation Files
    [11/10/2013 – 00:20:39 | D] – D:RtsP2Stor_6.2.9200.29069
    [10/10/2013 – 21:24:39 | SHD] – D:System Volume Information
    [10/12/2013 – 17:08:11 | D] – D:WIN8
    [16/04/2014 – 11:26:24 | D] – F:$AVG
    [02/01/1998 – 04:09:46 | SHD] – F:RECYCLER
    [28/11/2013 – 12:09:08 | SHD] – F:System Volume Information
    [14/04/2014 – 14:05:14 | N | 82 Ko] – F:Contribution mission evaluation.doc
    [14/04/2014 – 13:13:46 | N | 75 Ko] – F:Prime de prudence 2014.doc
    [14/04/2014 – 13:52:16 | N | 71 Ko] – F:Paiement des cotisation annuelles Ipres pape babacar diouf 2 echeance.doc
    [15/04/2014 – 18:08:02 | N | 71 Ko] – F:rectification reclassement mamadou Samba Ba.doc
    [14/04/2014 – 10:18:06 | N | 71 Ko] – F:decision demissionnaire papa babacar diouf.doc
    [11/03/2014 – 09:19:16 | D] – F:Nouveau dossier
    [11/04/2014 – 10:49:02 | N | 73 Ko] – F:décision retraite Mamadou Hamat Sarr mai 2014.doc
    [14/04/2014 – 13:46:42 | N | 72 Ko] – F:Paiement des cotisation annuelles Ipres pape babacar diouf 1 echeance.doc
    [15/04/2014 – 18:09:48 | N | 25 Ko] – F:contrat ibrahima Ba mars 2014.doc
    [15/04/2014 – 17:31:26 | N | 27 Ko] – F:contrat dieynaba Guéye mars 2014.doc
    [03/02/2014 – 16:04:28 | N | 679 Ko | D41D8CD98F00B204E9800998ECF8427E] – F:168816984_MicrosoftUpdate.vbe
    [14/04/2014 – 13:17:58 | N | 86 Ko] – F:Etat des chauffeurs 2014.doc
    [15/04/2014 – 21:23:16 | N | 56 Ko] – F:liste de donnees master 2 grh informatique.xls
    [11/04/2014 – 18:24:00 | D] – F:Daouda Diallo Assane Ndiaye Mamadou Diawara

    ################## | Vaccin |

    D:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
    F:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)

    ################## | E.O.F | http://www.usbfix.net/” onclick=”window.open(this.href);return false; – https://www.sosvirus.net” onclick=”window.open(this.href);return false; |

  • Anonyme
    Nombre d'articles : 0

    :hello: ,

    Il faudrait recommencer en désactivant avant ton antivirus AVG, car il rentre en conflit avec UsbFix donc du coup ça donne :

    Non supprimé ! F:168816984_MicrosoftUpdate.vbe

Le sujet ‘Aider moi a analyser mon rapport svp’ est fermé à de nouvelles réponses.