Clé usb infectée, fichiers transformés en raccourcis impossibles à ouvrir 2014-07-11T22:06:24+00:00

SOSVirus : Dépannage PC Gratuit Support Aide à la désinfection – Forum Virus Sécurité Clé usb infectée, fichiers transformés en raccourcis impossibles à ouvrir

  • Auteur
    Messages
  • g3n-h@ckm@ng3n-h@ckm@n
    Admin bbPress
    Post count: 8287

    bonjour relance usbfix , clique sur nettoyage et poste le nouveau rapport ( noublie pas de laissé branché tous tes supports usb ) :)

  • Ameyali
    Participant
    Post count: 0

    Bonjour , tous les fichiers et dossiers sur mon smartphone sont des raccourci. pouvez vous s’il vous plait m’aider à les rétablir dans l’état normal?. J’ai un portable Archos titanium 40 avec Android 4.2.2 Merci ci-dessous le rapport avec Usbfix.

    ############################## | UsbFix V 7.175 | [Recherche]

    Utilisateur: Ameyali (Administrateur) # AMEYALI-PC
    Mis à jour le 11/07/2014 par El Desaparecido – SosVirus
    Lancé à 23:35:46 | 11/07/2014

    Site Web : http://www.usbfix.net/
    Changelog : http://www.usbfix.net/maj/
    Assistance : https://www.sosvirus.net/aide-nettoyage-pc/
    Upload Malware : https://www.sosvirus.net/upload_malware.php
    Contact : http://www.usbfix.net/contact/

    ################## | System information |

    MB: Hewlett-Packard (1425)
    CPU: Intel(R) Core(TM) i3 CPU M 330 @ 2.13GHz
    RAM -> [Total : 3894 Mo | Free : 1129 Mo]
    Bios: Hewlett-Packard
    Boot: Normal boot

    OS: Microsoft™ Windows 7 Home Premium (6.1.7601 64-Bit) Service Pack 1
    WB: Google Chrome : 35.0.1916.153
    WB: Mozilla Firefox : 24.0

    ################## | Security Information |

    AV: AVG AntiVirus Free Edition 2014 [Actif |A jour]
    AS: Windows Defender [(!) Désactivé |A jour]
    AS: AVG AntiVirus Free Edition 2014 [Actif |A jour]
    FW: AVG Internet Security 2014 [(!) Désactivé]
    AS: Malwarebytes Anti-Malware : 1.0.0.532
    FW: Windows Firewall [Actif]
    SC: Security Center [Actif]
    WU: Windows Update [Actif]

    ################## | Disk Information |

    C: (%SystemDrive%) -> Disque fixe # 453 Go (236 Go libre(s) – 52%) [] # NTFS
    D: -> Disque fixe # 13 Go (2 Go libre(s) – 17%) [RECOVERY] # NTFS
    E: -> Disque fixe # 99 Mo (95 Mo libre(s) – 96%) [HP_TOOLS] # FAT32
    G: -> Disque amovible # 2 Go (318 Mo libre(s) – 17%) [AMEYALI CEL] # FAT
    H: -> Disque amovible # 1 Go (1 Go libre(s) – 97%) [] # FAT32

    ################## | Processus Actif |

    C:WindowsSystem32smss.exe (ID: 332|ParentID: 4|Système)
    C:WindowsSystem32wininit.exe (ID: 516|ParentID: 476)
    C:WindowsSystem32services.exe (ID: 584|ParentID: 516)
    C:WindowsSystem32lsass.exe (ID: 600|ParentID: 516)
    C:WindowsSystem32lsm.exe (ID: 608|ParentID: 516)
    C:WindowsSystem32svchost.exe (ID: 708|ParentID: 584)
    C:WindowsSystem32winlogon.exe (ID: 744|ParentID: 528)
    C:WindowsSystem32svchost.exe (ID: 832|ParentID: 584)
    C:WindowsSystem32svchost.exe (ID: 924|ParentID: 584)
    C:WindowsSystem32svchost.exe (ID: 960|ParentID: 584)
    C:WindowsSystem32svchost.exe (ID: 1012|ParentID: 584)
    C:WindowsSystem32svchost.exe (ID: 116|ParentID: 584)
    C:Program FilesHitmanProhmpsched.exe (ID: 848|ParentID: 584)
    C:WindowsSystem32svchost.exe (ID: 1064|ParentID: 584)
    C:WindowsSystem32spoolsv.exe (ID: 1312|ParentID: 584)
    C:WindowsSystem32svchost.exe (ID: 1340|ParentID: 584)
    C:Program FilesSUPERAntiSpywareSASCore64.exe (ID: 1416|ParentID: 584)
    C:Program Files (x86)Common FilesAdobeARM1.0armsvc.exe (ID: 1448|ParentID: 584)
    C:WindowsSystem32taskhost.exe (ID: 1512|ParentID: 584|Ameyali)
    C:WindowsSystem32dwm.exe (ID: 1636|ParentID: 960|Ameyali)
    C:Windowsexplorer.exe (ID: 1740|ParentID: 1604|Ameyali)
    C:Program FilesRealtekAudioHDAAERTSr64.exe (ID: 1772|ParentID: 584)
    C:Program Files (x86)Common FilesAppleMobile Device SupportAppleMobileDeviceService.exe (ID: 1796|ParentID: 584)
    C:Program Files (x86)AVGAVG2014avgidsagent.exe (ID: 1932|ParentID: 584)
    C:Program Files (x86)AVGAVG2014avgwdsvc.exe (ID: 2032|ParentID: 584)
    C:Program FilesBonjourmDNSResponder.exe (ID: 1092|ParentID: 584)
    C:WindowsSysWOW64svchost.exe (ID: 980|ParentID: 584)
    C:Program Files (x86)Common FilesLightScribeLSSrvc.exe (ID: 1908|ParentID: 584)
    C:Program Files (x86)IntelIntel(R) Management Engine ComponentsLMSLMS.exe (ID: 1992|ParentID: 584)
    C:Program Files (x86)CyberLinkShared filesRichVideo.exe (ID: 1276|ParentID: 584)
    C:WindowsSystem32svchost.exe (ID: 2072|ParentID: 584)
    C:WindowsSystem32svchost.exe (ID: 2092|ParentID: 584)
    C:Program Files (x86)AVGAVG2014avgnsa.exe (ID: 2456|ParentID: 2032)
    C:Program Files (x86)AVGAVG2014avgemca.exe (ID: 2464|ParentID: 2032)
    C:WindowsSystem32svchost.exe (ID: 2844|ParentID: 584)
    C:WindowsSystem32rundll32.exe (ID: 2932|ParentID: 708|Ameyali)
    C:Program Files (x86)AVGAVG2014avgrsa.exe (ID: 3000|ParentID: 2032)
    C:WindowsSystem32igfxtray.exe (ID: 2688|ParentID: 1740|Ameyali)
    C:WindowsSystem32hkcmd.exe (ID: 2756|ParentID: 1740|Ameyali)
    C:WindowsSystem32igfxpers.exe (ID: 3008|ParentID: 1740|Ameyali)
    C:WindowsSystem32igfxsrvc.exe (ID: 3016|ParentID: 708|Ameyali)
    C:Program FilesSynapticsSynTPSynTPEnh.exe (ID: 2996|ParentID: 1740|Ameyali)
    C:Program FilesRealtekAudioHDARtkNGUI64.exe (ID: 3148|ParentID: 1740|Ameyali)
    C:Program Files (x86)RealtekAudioOSDRtVOsd64.exe (ID: 3164|ParentID: 1740|Ameyali)
    C:Program Files (x86)Common FilesLightScribeLightScribeControlPanel.exe (ID: 3184|ParentID: 1740|Ameyali)
    C:Program FilesWindows Sidebarsidebar.exe (ID: 3196|ParentID: 1740|Ameyali)
    C:Program FilesSynapticsSynTPSynTPHelper.exe (ID: 3312|ParentID: 2996|Ameyali)
    C:UsersAmeyaliAppDataRoamingSpotifyDataSpotifyWebHelper.exe (ID: 3348|ParentID: 1740|Ameyali)
    C:Program FilesHPHP Deskjet 3050A J611 seriesBinScanToPCActivationApp.exe (ID: 3356|ParentID: 1740|Ameyali)
    C:Program FilesSUPERAntiSpywareSUPERAntiSpyware.exe (ID: 3372|ParentID: 1740|Ameyali)
    C:WindowsSystem32regsvr32.exe (ID: 3380|ParentID: 1740|Ameyali)
    C:WindowsSysWOW64regsvr32.exe (ID: 3392|ParentID: 3380|Ameyali)
    C:WindowsSystem32taskeng.exe (ID: 3576|ParentID: 116|Ameyali)
    C:Program Files (x86)CyberLinkYouCamYCMMirage.exe (ID: 3640|ParentID: 3576|Ameyali)
    C:WindowsSystem32SearchIndexer.exe (ID: 3944|ParentID: 584)
    C:Program FilesMcAfee Security Scan3.8.150SSScheduler.exe (ID: 700|ParentID: 1740|Ameyali)
    C:WindowsSystem32rundll32.exe (ID: 4184|ParentID: 1740|Ameyali)
    C:UsersAmeyaliAppDataRoamingDropboxbinDropbox.exe (ID: 4192|ParentID: 1740|Ameyali)
    C:Program FilesWindows Media Playerwmpnetwk.exe (ID: 4448|ParentID: 584)
    C:WindowsSystem32svchost.exe (ID: 4656|ParentID: 584)
    C:Program Files (x86)Hewlett-PackardHP Quick Launch ButtonsQLBCtrl.exe (ID: 4748|ParentID: 3696|Ameyali)
    C:Program Files (x86)Hewlett-PackardHP Wireless AssistantHPWAMain.exe (ID: 4756|ParentID: 3696|Ameyali)
    C:Program Files (x86)AVGAVG2014avgui.exe (ID: 4792|ParentID: 3696|Ameyali)
    C:Program Files (x86)Hewlett-PackardSharedhpqwmiex.exe (ID: 4920|ParentID: 584)
    C:ProgramDataEasybits Magic Desktop for HPmdhpSUN.exe (ID: 4144|ParentID: 3696|Ameyali)
    C:Program Files (x86)Common FilesResearch In MotionUSB DriversRIMBBLaunchAgent.exe (ID: 2764|ParentID: 3696|Ameyali)
    C:Program Files (x86)Common FilesJavaJava Updatejusched.exe (ID: 4320|ParentID: 3696|Ameyali)
    C:Program Files (x86)iTunesiTunesHelper.exe (ID: 4128|ParentID: 3696|Ameyali)
    C:Program Files (x86)Common FilesResearch In MotionUSB DriversBbDevMgr.exe (ID: 4348|ParentID: 584)
    C:Program Files (x86)Hewlett-PackardHP Quick Launch ButtonsCom4QLBEx.exe (ID: 4932|ParentID: 584)
    C:Program FilesiPodbiniPodService.exe (ID: 4344|ParentID: 584)
    C:WindowsSystem32svchost.exe (ID: 5168|ParentID: 584)
    C:Program Files (x86)Hewlett-PackardSharedHpqToaster.exe (ID: 6136|ParentID: 708|Ameyali)
    C:WindowsSysWOW64ctfmon.exe (ID: 5792|ParentID: 4792|Ameyali)
    C:Program Files (x86)Hewlett-PackardHP Support FrameworkHPSA_Service.exe (ID: 4720|ParentID: 584)
    C:Program FilesRealtekRtVOsdRtVOsdService.exe (ID: 6056|ParentID: 584)
    C:Program Files (x86)IntelIntel(R) Management Engine ComponentsUNSUNS.exe (ID: 3676|ParentID: 584)
    C:WindowsMicrosoft.NETFramework64v3.0WPFPresentationFontCache.exe (ID: 6356|ParentID: 584)
    C:WindowsSystem32audiodg.exe (ID: 10480|ParentID: 924)
    C:Program Files (x86)iTunesiTunes.exe (ID: 488|ParentID: 1740|Ameyali)
    C:Program Files (x86)Common FilesAppleMobile Device SupportAppleMobileDeviceHelper.exe (ID: 10776|ParentID: 488|Ameyali)
    C:WindowsSystem32conhost.exe (ID: 10860|ParentID: 540|Ameyali)
    C:Program Files (x86)Common FilesAppleApple Application Supportdistnoted.exe (ID: 9168|ParentID: 10776|Ameyali)
    C:WindowsSystem32conhost.exe (ID: 10884|ParentID: 540|Ameyali)
    C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID: 8328|ParentID: 1740|Ameyali)
    C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID: 11280|ParentID: 8328|Ameyali)
    C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID: 11864|ParentID: 8328|Ameyali)
    C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID: 11160|ParentID: 8328|Ameyali)
    C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID: 11220|ParentID: 8328|Ameyali)
    C:WindowsSystem32taskeng.exe (ID: 7832|ParentID: 116)
    C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID: 12448|ParentID: 8328|Ameyali)
    C:WindowsSystem32SearchProtocolHost.exe (ID: 12800|ParentID: 3944)
    C:WindowsSystem32SearchFilterHost.exe (ID: 11988|ParentID: 3944|Système)
    C:UsbFixUsbFix.exe (ID: 12896|ParentID: 11448|Ameyali)

    ################## | Autorun |

    ################## | Regedit Run |

    F2 – HKLM..Winlogon : [Shell] explorer.exe
    F2 – [x64] HKLM..Winlogon : [Shell] explorer.exe
    F2 – HKLM..Winlogon : [Userinit] userinit.exe,
    F2 – [x64] HKLM..Winlogon : [Userinit] C:Windowssystem32userinit.exe,
    04 – HKCU..Run : [LightScribe Control Panel] C:Program Files (x86)Common FilesLightScribeLightScribeControlPanel.exe -hidden
    04 – HKCU..Run : [Sidebar] C:Program FilesWindows Sidebarsidebar.exe /autoRun
    04 – HKCU..Run : [Spotify Web Helper] “C:UsersAmeyaliAppDataRoamingSpotifyDataSpotifyWebHelper.exe”
    04 – HKCU..Run : [HP Deskjet 3050A J611 series (NET)] “C:Program FilesHPHP Deskjet 3050A J611 seriesBinScanToPCActivationApp.exe” -deviceID “CN23U516Q205PJ:NW” -scfn “HP Deskjet 3050A J611 series (NET)” -AutoStart 1
    04 – HKCU..Run : [AVG-Secure-Search-Update_1213b] C:UsersAmeyaliAppDataRoamingAVG 1213b CampaignAVG-Secure-Search-Update-1213b.exe /PROMPT /mid=4fe155852b5147d3bcf01943efea81d5-d36866aefb1a9b3a5c46e2282f78734dec816353 /CMPID=1213b
    04 – HKCU..Run : [AVG-Secure-Search-Update_0214c] C:UsersAmeyaliAppDataRoamingAVG 0214c CampaignAVG-Secure-Search-Update-0214c.exe /PROMPT /mid=4fe155852b5147d3bcf01943efea81d5-d36866aefb1a9b3a5c46e2282f78734dec816353 /CMPID=0214c
    04 – HKCU..Run : [Spotify] “C:UsersAmeyaliAppDataRoamingSpotifyspotify.exe” /uri spotify:autostart
    04 – HKCU..Run : [SUPERAntiSpyware] C:Program FilesSUPERAntiSpywareSUPERAntiSpyware.exe
    04 – HKCU..Run : [winter] c:usersameyaliappdataroamingwinter.exe
    04 – HKCU..Run : [Odics] regsvr32.exe C:UsersAmeyaliAppDataLocalOdicscfMousemon2.dll
    04 – HKLM..Run : [Easybits Recovery] C:Program Files (x86)EasyBits For KidsezRecover.exe
    04 – HKLM..Run : [QlbCtrl.exe] C:Program Files (x86)Hewlett-PackardHP Quick Launch ButtonsQlbCtrl.exe /Start
    04 – HKLM..Run : [WirelessAssistant] C:Program Files (x86)Hewlett-PackardHP Wireless AssistantHPWAMain.exe
    04 – HKLM..Run : [AVG_UI] “C:Program Files (x86)AVGAVG2014avgui.exe” /TRAYONLY
    04 – HKLM..Run : [APSDaemon] “C:Program Files (x86)Common FilesAppleApple Application SupportAPSDaemon.exe”
    04 – HKLM..Run : [Magic Desktop for HP notification] “C:ProgramDataEasybits Magic Desktop for HPmdhpSUN.exe”
    04 – HKLM..Run : [RIMBBLaunchAgent.exe] C:Program Files (x86)Common FilesResearch In MotionUSB DriversRIMBBLaunchAgent.exe
    04 – HKLM..Run : [Adobe ARM] “C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe”
    04 – HKLM..Run : [SunJavaUpdateSched] “C:Program Files (x86)Common FilesJavaJava Updatejusched.exe”
    04 – HKLM..Run : [QuickTime Task] “C:Program Files (x86)QuickTimeQTTask.exe” -atboottime
    04 – HKLM..Run : [iTunesHelper] “C:Program Files (x86)iTunesiTunesHelper.exe”
    04 – [x64] HKLM..Run : [IgfxTray] C:Windowssystem32igfxtray.exe
    04 – [x64] HKLM..Run : [HotKeysCmds] C:Windowssystem32hkcmd.exe
    04 – [x64] HKLM..Run : [Persistence] C:Windowssystem32igfxpers.exe
    04 – [x64] HKLM..Run : [SynTPEnh] %ProgramFiles%SynapticsSynTPSynTPEnh.exe
    04 – [x64] HKLM..Run : [RTHDVCPL] C:Program FilesRealtekAudioHDARtkNGUI64.exe -s
    04 – [x64] HKLM..Run : [RtkOSD] C:Program Files (x86)RealtekAudioOSDRtVOsd64.exe
    04 – [x64] HKLM..Run : [BCSSync] “C:Program FilesMicrosoft OfficeOffice14BCSSync.exe” /DelayServices
    04 – [x64] HKLM..RunOnce : [NCPluginUpdater] “c:program files (x86)hewlett-packardhp health checkactivecheckproduct_lineNCPluginUpdater.exe” Update
    04 – HKUS-1-5-19..Run : [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /autoRun
    04 – HKUS-1-5-20..Run : [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /autoRun
    04 – HKUS-1-5-21-3499729451-1780072545-772430368-1000..Run : [LightScribe Control Panel] C:Program Files (x86)Common FilesLightScribeLightScribeControlPanel.exe -hidden
    04 – HKUS-1-5-21-3499729451-1780072545-772430368-1000..Run : [Sidebar] C:Program FilesWindows Sidebarsidebar.exe /autoRun
    04 – HKUS-1-5-21-3499729451-1780072545-772430368-1000..Run : [Spotify Web Helper] “C:UsersAmeyaliAppDataRoamingSpotifyDataSpotifyWebHelper.exe”
    04 – HKUS-1-5-21-3499729451-1780072545-772430368-1000..Run : [HP Deskjet 3050A J611 series (NET)] “C:Program FilesHPHP Deskjet 3050A J611 seriesBinScanToPCActivationApp.exe” -deviceID “CN23U516Q205PJ:NW” -scfn “HP Deskjet 3050A J611 series (NET)” -AutoStart 1
    04 – HKUS-1-5-21-3499729451-1780072545-772430368-1000..Run : [AVG-Secure-Search-Update_1213b] C:UsersAmeyaliAppDataRoamingAVG 1213b CampaignAVG-Secure-Search-Update-1213b.exe /PROMPT /mid=4fe155852b5147d3bcf01943efea81d5-d36866aefb1a9b3a5c46e2282f78734dec816353 /CMPID=1213b
    04 – HKUS-1-5-21-3499729451-1780072545-772430368-1000..Run : [AVG-Secure-Search-Update_0214c] C:UsersAmeyaliAppDataRoamingAVG 0214c CampaignAVG-Secure-Search-Update-0214c.exe /PROMPT /mid=4fe155852b5147d3bcf01943efea81d5-d36866aefb1a9b3a5c46e2282f78734dec816353 /CMPID=0214c
    04 – HKUS-1-5-21-3499729451-1780072545-772430368-1000..Run : [Spotify] “C:UsersAmeyaliAppDataRoamingSpotifyspotify.exe” /uri spotify:autostart
    04 – HKUS-1-5-21-3499729451-1780072545-772430368-1000..Run : [SUPERAntiSpyware] C:Program FilesSUPERAntiSpywareSUPERAntiSpyware.exe
    04 – HKUS-1-5-21-3499729451-1780072545-772430368-1000..Run : [winter] c:usersameyaliappdataroamingwinter.exe
    04 – HKUS-1-5-21-3499729451-1780072545-772430368-1000..Run : [Odics] regsvr32.exe C:UsersAmeyaliAppDataLocalOdicscfMousemon2.dll
    04 – HKUS-1-5-19..RunOnce : [mctadmin] C:WindowsSystem32mctadmin.exe
    04 – HKUS-1-5-20..RunOnce : [mctadmin] C:WindowsSystem32mctadmin.exe
    04 – HKUS-1-5-18..RunOnce : [SPReview] “C:WindowsSystem32SPReviewSPReview.exe” /sp:1 /errorfwlink:”http://go.microsoft.com/fwlink/?LinkID=122915″ /build:7601

    ################## | Recherche générique |

    Présent! G:.lnk
    Présent! G:BlackBerry.lnk
    Présent! G:databases.lnk
    Présent! G:db_temporary.lnk
    Présent! G:LOST.DIR.lnk
    Présent! G:DCIM.lnk
    Présent! G:tmp.lnk
    Présent! G:.android_secure.lnk
    Présent! G:Android.lnk
    Présent! G:SlideIT.lnk
    Présent! G:OGQ.lnk
    Présent! G:TouchPalv5.lnk
    Présent! G:WhatsApp.lnk
    Présent! G:TransparentClockWeather.lnk
    Présent! G:Download.lnk
    Présent! G:bluetooth.lnk
    Présent! G:Pictures.lnk
    Présent! G:pers.lnk
    Présent! G:.mmsyscache.lnk
    Présent! G:Ameyali’s music.lnk
    Présent! G:ppy_cross.lnk
    Présent! G:media.lnk
    Présent! G:Recording.lnk
    Présent! G:Voyages-SNCF.lnk
    Présent! H:0001.lnk
    Présent! H:LOST.DIR.lnk
    Présent! H:.android_secure.lnk
    Présent! H:Android.lnk
    Présent! H:Music.lnk
    Présent! H:Podcasts.lnk
    Présent! H:Ringtones.lnk
    Présent! H:Alarms.lnk
    Présent! H:Notifications.lnk
    Présent! H:Pictures.lnk
    Présent! H:Movies.lnk
    Présent! H:Download.lnk
    Présent! H:DCIM.lnk
    Présent! H:media.lnk
    Présent! H:data.lnk

    ################## | Registre |

Le sujet ‘Clé usb infectée, fichiers transformés en raccourcis impossibles à ouvrir’ est fermé à de nouvelles réponses.