fichier transformé en racourci sur mes 2 clefs usb 2013-10-23T18:00:01+00:00

SOSVirus : Dépannage PC Gratuit Support Aide à la désinfection – Forum Virus Sécurité fichier transformé en racourci sur mes 2 clefs usb

  • Auteur
    Messages
  • Photo du profil de greattomgreattom
    Participant
    Post count: 2

    hello voici le diagnostique :triste:

    [spoiler:2xfefkio]############################## | UsbFix V 7.145 | [Recherche]

    Utilisateur: Tom (Administrateur) # TOM-HP
    Mis à jour le 17/10/2013 par El Desaparecido – Team SosVirus
    Lancé à 19:51:39 | 23/10/2013

    Site Web: http://www.usbfix.net/” onclick=”window.open(this.href);return false;
    Forum : https://www.sosvirus.net/” onclick=”window.open(this.href);return false;
    Upload Malware: upload_malware.php
    Contact: http://www.usbfix.net/contact/” onclick=”window.open(this.href);return false;

    PC: Hewlett-Packard (1659)
    CPU: Intel(R) Core(TM) i7-2630QM CPU @ 2.00GHz
    RAM -> [Total : 6092 | Free : 2576]
    Bios: Hewlett-Packard
    Boot: Normal boot

    OS: Microsoft Windows 7 Édition Familiale Premium (6.1.7601 64-Bit) # Service Pack 1
    WB: Windows Internet Explorer 10.0.9200.16721

    SC: Security Center Service [Enabled]
    WU: Windows Update Service [Enabled]
    AV: avast! Antivirus [Enabled | Updated]
    FW: Windows FireWall Service [Enabled]

    C: (%systemdrive%) -> Disque fixe # 449 Go (103 Go libre(s) – 23%) [] # NTFS
    D: -> Disque fixe # 17 Go (2 Go libre(s) – 10%) [RECOVERY] # NTFS
    E: -> CD-ROM
    F: -> Disque fixe # 99 Mo (89 Mo libre(s) – 90%) [HP_TOOLS] # FAT32
    G: -> CD-ROM
    H: -> Disque amovible # 30 Go (25 Go libre(s) – 84%) [MOMO] # FAT32
    I: -> Disque amovible # 2 Go (2 Go libre(s) – 96%) [] # FAT

    ################## | Processus Actif |

    C:Windowssystem32csrss.exe (ID 576 |ParentID 564)
    C:Windowssystem32wininit.exe (ID 700 |ParentID 564)
    C:Windowssystem32csrss.exe (ID 724 |ParentID 708)
    C:Windowssystem32services.exe (ID 768 |ParentID 700)
    C:Windowssystem32lsass.exe (ID 784 |ParentID 700)
    C:Windowssystem32lsm.exe (ID 792 |ParentID 700)
    C:Windowssystem32svchost.exe (ID 896 |ParentID 768)
    C:Program Files (x86)HP SimplePass 2011TrueSuiteService.exe (ID 984 |ParentID 768)
    C:Windowssystem32svchost.exe (ID 148 |ParentID 768)
    C:Windowssystem32winlogon.exe (ID 536 |ParentID 708)
    C:Windowssystem32atiesrxx.exe (ID 656 |ParentID 768)
    C:WindowsSystem32svchost.exe (ID 788 |ParentID 768)
    C:WindowsSystem32svchost.exe (ID 1028 |ParentID 768)
    C:Windowssystem32svchost.exe (ID 1076 |ParentID 768)
    C:Windowssystem32svchost.exe (ID 1108 |ParentID 768)
    C:Program FilesIDTWDMSTacSV64.exe (ID 1132 |ParentID 768)
    C:Windowssystem32Hpservice.exe (ID 1404 |ParentID 768)
    C:Windowssystem32atieclxx.exe (ID 1480 |ParentID 656)
    C:WindowsSystem32WUDFHost.exe (ID 1528 |ParentID 1028)
    C:Windowssystem32svchost.exe (ID 1736 |ParentID 768)
    C:Program FilesAVAST SoftwareAvastAvastSvc.exe (ID 1816 |ParentID 768)
    C:Windowssystem32WLANExt.exe (ID 1824 |ParentID 1028)
    C:Windowssystem32conhost.exe (ID 1832 |ParentID 576)
    C:WindowsSystem32spoolsv.exe (ID 2028 |ParentID 768)
    C:Windowssystem32taskeng.exe (ID 2040 |ParentID 1108)
    C:Windowssystem32svchost.exe (ID 1304 |ParentID 768)
    C:Windowssystem32svchost.exe (ID 1444 |ParentID 768)
    C:Program Files (x86)Common FilesAdobeARM1.0armsvc.exe (ID 2116 |ParentID 768)
    C:Program FilesIDTWDMAESTSr64.exe (ID 2140 |ParentID 768)
    C:Program Files (x86)MicrosoftBingBar7.2.241.0BBSvc.exe (ID 2192 |ParentID 768)
    C:Program FilesEPSONEpsonCustomerResearchParticipationEPCP.exe (ID 2228 |ParentID 768)
    C:Program FilesCommon FilesEPSONEPW!3 SSRPE_S50RPB.EXE (ID 2280 |ParentID 768)
    C:WindowsSysWOW64ezSharedSvcHost.exe (ID 2312 |ParentID 768)
    C:Program FilesHewlett-PackardHP Client ServicesHPClientServices.exe (ID 2360 |ParentID 768)
    C:Program Files (x86)Hewlett-PackardHP Quick LaunchHPWMISVC.exe (ID 2416 |ParentID 768)
    C:Program Files (x86)RealtekRealtek PCIE Card ReaderRIconMan.exe (ID 2464 |ParentID 768)
    C:Program Files (x86)Norton Internet SecurityEngine18.7.2.3ccSvcHst.exe (ID 2528 |ParentID 768)
    C:Windowssystem32svchost.exe (ID 2668 |ParentID 768)
    C:Windowssystem32svchost.exe (ID 2692 |ParentID 768)
    C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSVC.EXE (ID 2756 |ParentID 768)
    C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSvcM.exe (ID 2940 |ParentID 2756)
    C:WindowsSystem32WUDFHost.exe (ID 2172 |ParentID 1028)
    C:Windowssystem32wbemwmiprvse.exe (ID 3112 |ParentID 896)
    C:WindowsservicingTrustedInstaller.exe (ID 3188 |ParentID 768)
    C:Windowssystem32taskeng.exe (ID 3440 |ParentID 1108)
    C:Windowssystem32Dwm.exe (ID 3448 |ParentID 1028)
    C:Program Files (x86)HP SimplePass 2011TouchControl.exe (ID 3464 |ParentID 984)
    C:WindowsExplorer.EXE (ID 3532 |ParentID 3424)
    C:WindowsSystem32rundll32.exe (ID 3568 |ParentID 896)
    C:Windowssystem32svchost.exe (ID 3964 |ParentID 768)
    C:Windowssystem32taskhost.exe (ID 3976 |ParentID 768)
    C:Program Files (x86)HP SimplePass 2011BioMonitor.exe (ID 3348 |ParentID 896)
    C:Windowssystem32wbemwmiprvse.exe (ID 3100 |ParentID 896)
    C:Windowssystem32wbemunsecapp.exe (ID 1576 |ParentID 896)
    C:WindowsSystem32igfxtray.exe (ID 4108 |ParentID 3532)
    C:WindowsSystem32hkcmd.exe (ID 4164 |ParentID 3532)
    C:WindowsSystem32igfxpers.exe (ID 4288 |ParentID 3532)
    C:Program FilesIDTWDMsttray64.exe (ID 4328 |ParentID 3532)
    C:Program FilesSynapticsSynTPSynTPEnh.exe (ID 4340 |ParentID 3532)
    C:Program Files (x86)Windows LiveMessengermsnmsgr.exe (ID 4348 |ParentID 3532)
    C:Program Files (x86)Free Download Managerfdm.exe (ID 4408 |ParentID 3532)
    C:Program Files (x86)Software Informersoftinfo.exe (ID 4428 |ParentID 3532)
    C:Program FilesSynapticsSynTPSynTPHelper.exe (ID 4624 |ParentID 4340)
    C:Windowssystem32SearchIndexer.exe (ID 4644 |ParentID 768)
    C:Program Files (x86)SkypePhoneSkype.exe (ID 3424 |ParentID 3532)
    C:WindowsSystem32spooldriversx643E_IATIIOE.EXE (ID 4260 |ParentID 3532)
    C:WindowsSystem32wscript.exe (ID 4276 |ParentID 3532)
    C:UsersTomAppDataRoamingDropboxbinDropbox.exe (ID 4580 |ParentID 3532)
    C:Program Files (x86)IntelIntel(R) Rapid Storage TechnologyIAStorIcon.exe (ID 3396 |ParentID 3284)
    C:Windowssystem32taskeng.exe (ID 3932 |ParentID 1108)
    C:Program Files (x86)Renesas ElectronicsUSB 3.0 Host Controller DriverApplicationnusb3mon.exe (ID 4860 |ParentID 3284)
    C:Program Files (x86)Hewlett-PackardHP Quick LaunchHPMSGSVC.exe (ID 4716 |ParentID 3284)
    C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe (ID 4448 |ParentID 3284)
    C:Program FilesAVAST SoftwareAvastAvastUI.exe (ID 4836 |ParentID 3284)
    C:Program Files (x86)CyberLinkYouCamYCMMirage.exe (ID 5128 |ParentID 3932)
    C:Program Files (x86)DivXDivX UpdateDivXUpdate.exe (ID 5160 |ParentID 3284)
    C:Program Files (x86)Common FilesJavaJava Updatejusched.exe (ID 5176 |ParentID 3284)
    C:Program Files (x86)Hewlett-PackardHP On Screen DisplayHPOSD.exe (ID 5184 |ParentID 3284)
    C:Program Files (x86)Hewlett-PackardSharedhpqWmiEx.exe (ID 5280 |ParentID 768)
    C:Windowssystem32SearchProtocolHost.exe (ID 5692 |ParentID 4644)
    C:Program FilesWindows Media Playerwmpnetwk.exe (ID 572 |ParentID 768)
    C:WindowsSystem32svchost.exe (ID 6328 |ParentID 768)
    C:Windowssystem32svchost.exe (ID 6556 |ParentID 768)
    C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID 6768 |ParentID 3532)
    C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID 2400 |ParentID 6768)
    C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID 6316 |ParentID 6768)
    C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID 6500 |ParentID 6768)
    C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID 6652 |ParentID 6768)
    C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID 5416 |ParentID 6768)
    C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID 5940 |ParentID 6768)
    C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID 6996 |ParentID 6768)
    C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticMOM.exe (ID 1564 |ParentID 4656)
    C:Windowssystem32DllHost.exe (ID 7724 |ParentID 896)
    C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticCCC.exe (ID 8020 |ParentID 1564)
    C:Program Files (x86)Hewlett-PackardHP Support Frameworkhpsa_service.exe (ID 7504 |ParentID 768)
    C:Program Files (x86)IntelIntel(R) Rapid Storage TechnologyIAStorDataMgrSvc.exe (ID 7676 |ParentID 768)
    C:Program Files (x86)IntelIntel(R) Management Engine ComponentsLMSLMS.exe (ID 7832 |ParentID 768)
    C:Windowssystem32sppsvc.exe (ID 8040 |ParentID 768)
    C:WindowsSystem32svchost.exe (ID 7720 |ParentID 768)
    C:Program Files (x86)IntelIntel(R) Management Engine ComponentsUNSUNS.exe (ID 8032 |ParentID 768)
    C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID 5400 |ParentID 6768)
    C:Program Files (x86)Hewlett-PackardHP Connection ManagerhpConnectionManager.exe (ID 3372 |ParentID 4864)
    C:Program Files (x86)Hewlett-PackardHP Connection ManagerhpCMSrv.exe (ID 3172 |ParentID 768)
    C:WindowsMicrosoft.NetFramework64v3.0WPFPresentationFontCache.exe (ID 2812 |ParentID 768)
    C:UsersTomDownloadsmbam-setup-1.75.0.1300.exe (ID 7612 |ParentID 6768)
    C:UsersTomAppDataLocalTempis-CA7PV.tmpmbam-setup-1.75.0.1300.tmp (ID 4424 |ParentID 7612)
    C:UsersTomDownloadsmbam-setup-1.75.0.1300.exe (ID 1836 |ParentID 4424)
    C:UsersTomAppDataLocalTempis-0KUNL.tmpmbam-setup-1.75.0.1300.tmp (ID 3264 |ParentID 1836)
    C:Windowssystem32SearchFilterHost.exe (ID 6748 |ParentID 4644)
    C:UsbFixGo.exe (ID 1684 |ParentID 2556)
    C:Program Files (x86)Malwarebytes' Anti-Malwarembam.exe (ID 1764 |ParentID 3264)

    ################## | Regedit Run |

    HKLMSOFTWARE | Run : [IAStorIcon] – C:Program Files (x86)IntelIntel(R) Rapid Storage TechnologyIAStorIcon.exe
    HKLMSOFTWARE | Run : [StartCCC] – “C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticCLIStart.exe” MSRun
    HKLMSOFTWARE | Run : [NUSB3MON] – “C:Program Files (x86)Renesas ElectronicsUSB 3.0 Host Controller DriverApplicationnusb3mon.exe”
    HKLMSOFTWARE | Run : [] –
    HKLMSOFTWARE | Run : [HPConnectionManager] – C:Program Files (x86)Hewlett-PackardHP Connection ManagerHPCMDelayStart.exe
    HKLMSOFTWARE | Run : [HP Quick Launch] – C:Program Files (x86)Hewlett-PackardHP Quick LaunchHPMSGSVC.exe
    HKLMSOFTWARE | Run : [Adobe Reader Speed Launcher] – “C:Program Files (x86)AdobeReader 10.0ReaderReader_sl.exe”
    HKLMSOFTWARE | Run : [Adobe ARM] – “C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe”
    HKLMSOFTWARE | Run : [Easybits Recovery] – C:Program Files (x86)EasyBits For KidsezRecover.exe
    HKLMSOFTWARE | Run : [avast] – “C:Program FilesAVAST SoftwareAvastavastUI.exe” /nogui
    HKLMSOFTWARE | Run : [DivXUpdate] – “C:Program Files (x86)DivXDivX UpdateDivXUpdate.exe” /CHECKNOW
    HKLMSOFTWARE | Run : [SunJavaUpdateSched] – “C:Program Files (x86)Common FilesJavaJava Updatejusched.exe”
    HKLMSOFTWARE | Run : [HPOSD] – C:Program Files (x86)Hewlett-PackardHP On Screen DisplayHPOSD.exe
    HKLMSOFTWAREwow6432Node | Run : [IAStorIcon] – C:Program Files (x86)IntelIntel(R) Rapid Storage TechnologyIAStorIcon.exe
    HKLMSOFTWAREwow6432Node | Run : [StartCCC] – “C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticCLIStart.exe” MSRun
    HKLMSOFTWAREwow6432Node | Run : [NUSB3MON] – “C:Program Files (x86)Renesas ElectronicsUSB 3.0 Host Controller DriverApplicationnusb3mon.exe”
    HKLMSOFTWAREwow6432Node | Run : [] –
    HKLMSOFTWAREwow6432Node | Run : [HPConnectionManager] – C:Program Files (x86)Hewlett-PackardHP Connection ManagerHPCMDelayStart.exe
    HKLMSOFTWAREwow6432Node | Run : [HP Quick Launch] – C:Program Files (x86)Hewlett-PackardHP Quick LaunchHPMSGSVC.exe
    HKLMSOFTWAREwow6432Node | Run : [Adobe Reader Speed Launcher] – “C:Program Files (x86)AdobeReader 10.0ReaderReader_sl.exe”
    HKLMSOFTWAREwow6432Node | Run : [Adobe ARM] – “C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe”
    HKLMSOFTWAREwow6432Node | Run : [Easybits Recovery] – C:Program Files (x86)EasyBits For KidsezRecover.exe
    HKLMSOFTWAREwow6432Node | Run : [avast] – “C:Program FilesAVAST SoftwareAvastavastUI.exe” /nogui
    HKLMSOFTWAREwow6432Node | Run : [DivXUpdate] – “C:Program Files (x86)DivXDivX UpdateDivXUpdate.exe” /CHECKNOW
    HKLMSOFTWAREwow6432Node | Run : [SunJavaUpdateSched] – “C:Program Files (x86)Common FilesJavaJava Updatejusched.exe”
    HKLMSOFTWAREwow6432Node | Run : [HPOSD] – C:Program Files (x86)Hewlett-PackardHP On Screen DisplayHPOSD.exe
    HKLMSOFTWARE | RunOnce : [Malwarebytes Anti-Malware] – C:Program Files (x86)Malwarebytes' Anti-Malwarembamgui.exe /install /silent
    HKLMSOFTWARE | RunOnce : [] –
    HKLMSOFTWAREwow6432Node | RunOnce : [Malwarebytes Anti-Malware] – C:Program Files (x86)Malwarebytes' Anti-Malwarembamgui.exe /install /silent
    HKLMSOFTWAREwow6432Node | RunOnce : [] –
    HKUS-1-5-19SOFTWARE | Run : [Sidebar] – %ProgramFiles%Windows SidebarSidebar.exe /autoRun
    HKUS-1-5-20SOFTWARE | Run : [Sidebar] – %ProgramFiles%Windows SidebarSidebar.exe /autoRun
    HKUS-1-5-21-4178896189-2504729496-1843057098-1000SOFTWARE | Run : [msnmsgr] – “C:Program Files (x86)Windows LiveMessengermsnmsgr.exe” /background
    HKUS-1-5-21-4178896189-2504729496-1843057098-1000SOFTWARE | Run : [Free Download Manager] – C:Program Files (x86)Free Download Managerfdm.exe -autorun
    HKUS-1-5-21-4178896189-2504729496-1843057098-1000SOFTWARE | Run : [Software Informer] – “C:Program Files (x86)Software Informersoftinfo.exe” -autorun
    HKUS-1-5-21-4178896189-2504729496-1843057098-1000SOFTWARE | Run : [fsm] –
    HKUS-1-5-21-4178896189-2504729496-1843057098-1000SOFTWARE | Run : [DAEMON Tools Lite] – “C:Program Files (x86)DAEMON Tools LiteDTLite.exe” -autorun
    HKUS-1-5-21-4178896189-2504729496-1843057098-1000SOFTWARE | Run : [RegistryBooster] – “C:Program Files (x86)UniblueRegistryBoosterlauncher.exe” delay 20000
    HKUS-1-5-21-4178896189-2504729496-1843057098-1000SOFTWARE | Run : [swg] – “C:Program Files (x86)GoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe”
    HKUS-1-5-21-4178896189-2504729496-1843057098-1000SOFTWARE | Run : [Steam] – “C:Program Files (x86)Steamsteam.exe” -silent
    HKUS-1-5-21-4178896189-2504729496-1843057098-1000SOFTWARE | Run : [Skype] – “C:Program Files (x86)SkypePhoneSkype.exe” /nosplash /minimized
    HKUS-1-5-21-4178896189-2504729496-1843057098-1000SOFTWARE | Run : [EPLTargetP0000000000000000] – C:Windowssystem32spoolDRIVERSx643E_IATIIOE.EXE /EPT “EPLTargetP0000000000000000” /M “XP-30 33 Series”
    HKUS-1-5-21-4178896189-2504729496-1843057098-1000SOFTWARE | Run : [iTunesHelper] – wscript.exe //B “C:UsersTomAppDataLocalTempiTunesHelper.vbe”
    HKUS-1-5-19SOFTWARE | RunOnce : [mctadmin] – C:WindowsSystem32mctadmin.exe
    HKUS-1-5-20SOFTWARE | RunOnce : [mctadmin] – C:WindowsSystem32mctadmin.exe

    ################## | Éléments infectieux |

    Présent! H:iTunesHelper.vbe
    Présent! I:iTunesHelper.vbe
    Présent! C:UsersTomAppDataLocalTempiTunesHelper.vbe
    Présent! C:UsersTomAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupiTunesHelper.vbe
    Présent! H:[www.lnk
    Présent! H:Pestel bar gaming.lnk
    Présent! H:Pestel bar gaming (2).lnk
    Présent! H:Autorun.inf.lnk
    Présent! I:yhomas.lnk
    Présent! I:Autorun.inf.lnk
    Présent! E:Launcher.exe
    Présent! D:desktop.ini
    Présent! E:Autorun.inf

    ################## | Registre |

    Présent! HKUS-1-5-21-4178896189-2504729496-1843057098-1000SoftwareMicrosoftWindowsCurrentVersionRun|iTunesHelper
    Présent! HKCUSoftwareMicrosoftWindowsCurrentVersionRun|iTunesHelper
    Présent! HKUS-1-5-21-4178896189-2504729496-1843057098-1000SoftwareMicrosoftWindowsCurrentVersionRun|iTunesHelper
    Présent! HKCUSoftwareMicrosoftWindowsCurrentVersionRun|iTunesHelper
    Présent! HKUS-1-5-21-4178896189-2504729496-1843057098-1000SoftwareMicrosoftWindowsCurrentVersionRun|iTunesHelper
    Présent! HKCUSoftwareMicrosoftWindowsCurrentVersionRun|iTunesHelper
    Présent! HKUS-1-5-21-4178896189-2504729496-1843057098-1000SoftwareMicrosoftWindowsCurrentVersionRun|iTunesHelper
    Présent! HKCUSoftwareMicrosoftWindowsCurrentVersionRun|iTunesHelper
    HKCU….ExplorerMountPoints2{fe1ba0d2-dbb2-11e0-8133-806e6f6e6963}
    ShellAutoRunCommand = E:Launcher.exe

    ################## | Vaccin |

    C:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
    D:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
    F:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
    H:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
    I:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)

    ################## | E.O.F | http://www.usbfix.net” onclick=”window.open(this.href);return false; – https://www.sosvirus.net” onclick=”window.open(this.href);return false; |[/spoiler:2xfefkio]

  • Anonyme
    Post count: 0

    Hello :hello: ,

    Bienvenue sur SosVirus :welcome:

    • Exécute UsbFix
    • Choisi l’option Suppression

      Note : Si UsbFix bloque à 14%, éxécute UsbFix en mode sans échec. (Voir >> ICI <<)

    • Copie et Colle le contenu du rapport qui apparaît à la fin du scan dans ta réponse
  • Photo du profil de greattomgreattom
    Participant
    Post count: 2

    voila ça a l’air ok

    [spoiler:j7z3hk34]############################## | UsbFix V 7.145 | [Suppression]

    Utilisateur: Tom (Administrateur) # TOM-HP
    Mis à jour le 17/10/2013 par El Desaparecido – Team SosVirus
    Lancé à 20:48:10 | 23/10/2013

    Site Web: http://www.usbfix.net/” onclick=”window.open(this.href);return false;
    Forum : https://www.sosvirus.net/” onclick=”window.open(this.href);return false;
    Upload Malware: upload_malware.php
    Contact: http://www.usbfix.net/contact/” onclick=”window.open(this.href);return false;

    PC: Hewlett-Packard (1659)
    CPU: Intel(R) Core(TM) i7-2630QM CPU @ 2.00GHz
    RAM -> [Total : 6092 | Free : 3625]
    Bios: Hewlett-Packard
    Boot: Normal boot

    OS: Microsoft Windows 7 Édition Familiale Premium (6.1.7601 64-Bit) # Service Pack 1
    WB: Windows Internet Explorer 10.0.9200.16721

    SC: Security Center Service [Enabled]
    WU: Windows Update Service [Enabled]
    AV: avast! Antivirus [Enabled | Updated]
    FW: Windows FireWall Service [Enabled]

    C: (%systemdrive%) -> Disque fixe # 449 Go (104 Go libre(s) – 23%) [] # NTFS
    D: -> Disque fixe # 17 Go (2 Go libre(s) – 10%) [RECOVERY] # NTFS
    E: -> CD-ROM
    F: -> Disque fixe # 99 Mo (89 Mo libre(s) – 90%) [HP_TOOLS] # FAT32
    G: -> CD-ROM
    H: -> Disque amovible # 30 Go (25 Go libre(s) – 84%) [MOMO] # FAT32
    I: -> Disque amovible # 2 Go (2 Go libre(s) – 100%) [] # FAT

    ################## | Regedit Run |

    HKLMSOFTWARE | Run : [IAStorIcon] – C:Program Files (x86)IntelIntel(R) Rapid Storage TechnologyIAStorIcon.exe
    HKLMSOFTWARE | Run : [StartCCC] – “C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticCLIStart.exe” MSRun
    HKLMSOFTWARE | Run : [NUSB3MON] – “C:Program Files (x86)Renesas ElectronicsUSB 3.0 Host Controller DriverApplicationnusb3mon.exe”
    HKLMSOFTWARE | Run : [] –
    HKLMSOFTWARE | Run : [HPConnectionManager] – C:Program Files (x86)Hewlett-PackardHP Connection ManagerHPCMDelayStart.exe
    HKLMSOFTWARE | Run : [HP Quick Launch] – C:Program Files (x86)Hewlett-PackardHP Quick LaunchHPMSGSVC.exe
    HKLMSOFTWARE | Run : [Adobe Reader Speed Launcher] – “C:Program Files (x86)AdobeReader 10.0ReaderReader_sl.exe”
    HKLMSOFTWARE | Run : [Adobe ARM] – “C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe”
    HKLMSOFTWARE | Run : [Easybits Recovery] – C:Program Files (x86)EasyBits For KidsezRecover.exe
    HKLMSOFTWARE | Run : [avast] – “C:Program FilesAVAST SoftwareAvastavastUI.exe” /nogui
    HKLMSOFTWARE | Run : [DivXUpdate] – “C:Program Files (x86)DivXDivX UpdateDivXUpdate.exe” /CHECKNOW
    HKLMSOFTWARE | Run : [SunJavaUpdateSched] – “C:Program Files (x86)Common FilesJavaJava Updatejusched.exe”
    HKLMSOFTWARE | Run : [HPOSD] – C:Program Files (x86)Hewlett-PackardHP On Screen DisplayHPOSD.exe
    HKLMSOFTWAREwow6432Node | Run : [IAStorIcon] – C:Program Files (x86)IntelIntel(R) Rapid Storage TechnologyIAStorIcon.exe
    HKLMSOFTWAREwow6432Node | Run : [StartCCC] – “C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticCLIStart.exe” MSRun
    HKLMSOFTWAREwow6432Node | Run : [NUSB3MON] – “C:Program Files (x86)Renesas ElectronicsUSB 3.0 Host Controller DriverApplicationnusb3mon.exe”
    HKLMSOFTWAREwow6432Node | Run : [] –
    HKLMSOFTWAREwow6432Node | Run : [HPConnectionManager] – C:Program Files (x86)Hewlett-PackardHP Connection ManagerHPCMDelayStart.exe
    HKLMSOFTWAREwow6432Node | Run : [HP Quick Launch] – C:Program Files (x86)Hewlett-PackardHP Quick LaunchHPMSGSVC.exe
    HKLMSOFTWAREwow6432Node | Run : [Adobe Reader Speed Launcher] – “C:Program Files (x86)AdobeReader 10.0ReaderReader_sl.exe”
    HKLMSOFTWAREwow6432Node | Run : [Adobe ARM] – “C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe”
    HKLMSOFTWAREwow6432Node | Run : [Easybits Recovery] – C:Program Files (x86)EasyBits For KidsezRecover.exe
    HKLMSOFTWAREwow6432Node | Run : [avast] – “C:Program FilesAVAST SoftwareAvastavastUI.exe” /nogui
    HKLMSOFTWAREwow6432Node | Run : [DivXUpdate] – “C:Program Files (x86)DivXDivX UpdateDivXUpdate.exe” /CHECKNOW
    HKLMSOFTWAREwow6432Node | Run : [SunJavaUpdateSched] – “C:Program Files (x86)Common FilesJavaJava Updatejusched.exe”
    HKLMSOFTWAREwow6432Node | Run : [HPOSD] – C:Program Files (x86)Hewlett-PackardHP On Screen DisplayHPOSD.exe
    HKLMSOFTWARE | RunOnce : [Malwarebytes Anti-Malware] – C:Program Files (x86)Malwarebytes' Anti-Malwarembamgui.exe /install /silent
    HKLMSOFTWARE | RunOnce : [] –
    HKLMSOFTWAREwow6432Node | RunOnce : [Malwarebytes Anti-Malware] – C:Program Files (x86)Malwarebytes' Anti-Malwarembamgui.exe /install /silent
    HKLMSOFTWAREwow6432Node | RunOnce : [] –
    HKUS-1-5-19SOFTWARE | Run : [Sidebar] – %ProgramFiles%Windows SidebarSidebar.exe /autoRun
    HKUS-1-5-20SOFTWARE | Run : [Sidebar] – %ProgramFiles%Windows SidebarSidebar.exe /autoRun
    HKUS-1-5-21-4178896189-2504729496-1843057098-1000SOFTWARE | Run : [msnmsgr] – “C:Program Files (x86)Windows LiveMessengermsnmsgr.exe” /background
    HKUS-1-5-21-4178896189-2504729496-1843057098-1000SOFTWARE | Run : [Free Download Manager] – C:Program Files (x86)Free Download Managerfdm.exe -autorun
    HKUS-1-5-21-4178896189-2504729496-1843057098-1000SOFTWARE | Run : [Software Informer] – “C:Program Files (x86)Software Informersoftinfo.exe” -autorun
    HKUS-1-5-21-4178896189-2504729496-1843057098-1000SOFTWARE | Run : [fsm] –
    HKUS-1-5-21-4178896189-2504729496-1843057098-1000SOFTWARE | Run : [DAEMON Tools Lite] – “C:Program Files (x86)DAEMON Tools LiteDTLite.exe” -autorun
    HKUS-1-5-21-4178896189-2504729496-1843057098-1000SOFTWARE | Run : [RegistryBooster] – “C:Program Files (x86)UniblueRegistryBoosterlauncher.exe” delay 20000
    HKUS-1-5-21-4178896189-2504729496-1843057098-1000SOFTWARE | Run : [swg] – “C:Program Files (x86)GoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe”
    HKUS-1-5-21-4178896189-2504729496-1843057098-1000SOFTWARE | Run : [Steam] – “C:Program Files (x86)Steamsteam.exe” -silent
    HKUS-1-5-21-4178896189-2504729496-1843057098-1000SOFTWARE | Run : [Skype] – “C:Program Files (x86)SkypePhoneSkype.exe” /nosplash /minimized
    HKUS-1-5-21-4178896189-2504729496-1843057098-1000SOFTWARE | Run : [EPLTargetP0000000000000000] – C:Windowssystem32spoolDRIVERSx643E_IATIIOE.EXE /EPT “EPLTargetP0000000000000000” /M “XP-30 33 Series”
    HKUS-1-5-19SOFTWARE | RunOnce : [mctadmin] – C:WindowsSystem32mctadmin.exe
    HKUS-1-5-20SOFTWARE | RunOnce : [mctadmin] – C:WindowsSystem32mctadmin.exe

    ################## | Processus Stoppés |

    Stoppé! C:Program FilesAVAST SoftwareAvastAvastSvc.exe (ID 1816 |ParentID 768)
    Stoppé! C:Program FilesAVAST SoftwareAvastAvastUI.exe (ID 4836 |ParentID 3284)
    Stoppé! C:Windowsexplorer.exe (ID 6048 |ParentID 536)
    Stoppé! C:WindowsSystem32rundll32.exe (ID 1980 |ParentID 896)
    Stoppé! C:WindowsSystem32WUDFHost.exe (ID 7792 |ParentID 1028)
    Stoppé! C:Windowssystem32SearchIndexer.exe (ID 7616 |ParentID 768)
    Stoppé! C:Program FilesWindows Media Playerwmpnetwk.exe (ID 3596 |ParentID 768)
    Stoppé! C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSVC.EXE (ID 6284 |ParentID 768)
    Stoppé! C:Program Files (x86)IntelIntel(R) Management Engine ComponentsLMSLMS.exe (ID 1592 |ParentID 768)
    Stoppé! C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSvcM.exe (ID 6948 |ParentID 6284)
    Stoppé! C:Windowssystem32taskeng.exe (ID 7092 |ParentID 1108)
    Stoppé! C:WindowsSystem32spoolsv.exe (ID 844 |ParentID 768)
    Stoppé! C:Program Files (x86)Hewlett-PackardHP Support Frameworkhpsa_service.exe (ID 1624 |ParentID 768)
    Stoppé! C:Program Files (x86)Norton Internet SecurityEngine18.7.2.3ccSvcHst.exe (ID 2564 |ParentID 768)
    Stoppé! C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID 7860 |ParentID 6048)
    Stoppé! C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID 2172 |ParentID 7860)
    Stoppé! C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID 7596 |ParentID 7860)
    Stoppé! C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID 6856 |ParentID 7860)
    Stoppé! C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID 4032 |ParentID 7860)
    Stoppé! C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID 5856 |ParentID 7860)
    Stoppé! C:Program FilesInternet ExplorerIEXPLORE.EXE (ID 3344 |ParentID 3792)
    Stoppé! C:Program Files (x86)Internet ExplorerIEXPLORE.EXE (ID 1664 |ParentID 3344)
    Stoppé! C:Windowssystem32DllHost.exe (ID 5756 |ParentID 896)
    Stoppé! C:Program Files (x86)MicrosoftBingBar7.2.241.0BingApp.exe (ID 6080 |ParentID 896)
    Stoppé! C:Program Files (x86)GoogleGoogle ToolbarGoogleToolbarUser_32.exe (ID 3912 |ParentID 3344)
    Stoppé! C:Program Files (x86)MicrosoftBingBar7.2.241.0SeaPort.exe (ID 1572 |ParentID 768)
    Stoppé! C:Program Files (x86)MicrosoftBingBar7.2.241.0BingBar.exe (ID 6232 |ParentID 896)
    Stoppé! C:Program Files (x86)MicrosoftBingBar7.2.241.0BingSurrogate.exe (ID 4524 |ParentID 896)
    Stoppé! C:Program Files (x86)MicrosoftBingBar7.2.241.0BingSurrogate.exe (ID 4848 |ParentID 896)
    Stoppé! C:Program Files (x86)MicrosoftBingBar7.2.241.0BingSurrogate.exe (ID 2156 |ParentID 896)
    Stoppé! C:WindowsSystem32WUDFHost.exe (ID 1864 |ParentID 1028)

    ################## | Éléments infectieux |

    Non supprimé ! E:Launcher.exe
    Non supprimé ! E:Autorun.inf

    (!) Fichiers temporaires supprimés.

    ################## | Registre |

    ################## | Listing |

    [10/09/2011 – 15:58:50 | SHD ] C:$Recycle.Bin
    [23/10/2013 – 19:45:27 | D ] C:AdwCleaner
    [20/08/2013 – 15:56:53 | D ] C:ArcTemp
    [23/10/2013 – 20:21:54 | RASHD ] C:Autorun.inf
    [25/04/2011 – 01:27:09 | SD ] C:boot
    [21/11/2010 – 05:23:51 | RAS | 383786] C:bootmgr
    [16/10/2013 – 10:40:02 | SHD ] C:Config.Msi
    [14/07/2009 – 07:08:56 | SHD ] C:Documents and Settings
    [16/08/2013 – 23:38:28 | D ] C:Downloads
    [07/11/2007 – 09:00:40 | N | 17734] C:eula.1028.txt
    [07/11/2007 – 09:00:40 | N | 17734] C:eula.1031.txt
    [07/11/2007 – 09:00:40 | N | 10134] C:eula.1033.txt
    [07/11/2007 – 09:00:40 | N | 17734] C:eula.1036.txt
    [07/11/2007 – 09:00:40 | N | 17734] C:eula.1040.txt
    [07/11/2007 – 09:00:40 | N | 118] C:eula.1041.txt
    [07/11/2007 – 09:00:40 | N | 17734] C:eula.1042.txt
    [11/04/2008 – 10:07:18 | N | 10134] C:eula.1049.txt
    [07/11/2007 – 09:00:40 | N | 17734] C:eula.2052.txt
    [07/11/2007 – 09:00:40 | N | 17734] C:eula.3082.txt
    [11/04/2008 – 10:07:18 | N | 1110] C:globdata.ini
    [23/10/2013 – 19:46:45 | ASH | 4790833152] C:hiberfil.sys
    [15/07/2011 – 17:10:40 | D ] C:HP
    [11/04/2008 – 08:03:48 | N | 562688] C:install.exe
    [11/04/2008 – 10:07:18 | N | 843] C:install.ini
    [11/04/2008 – 08:03:48 | N | 76304] C:install.res.1028.dll
    [11/04/2008 – 08:03:48 | N | 96272] C:install.res.1031.dll
    [11/04/2008 – 08:03:48 | N | 91152] C:install.res.1033.dll
    [11/04/2008 – 08:03:48 | N | 97296] C:install.res.1036.dll
    [11/04/2008 – 08:03:48 | N | 95248] C:install.res.1040.dll
    [11/04/2008 – 08:03:48 | N | 81424] C:install.res.1041.dll
    [11/04/2008 – 08:03:48 | N | 79888] C:install.res.1042.dll
    [11/04/2008 – 10:09:24 | N | 93200] C:install.res.1049.dll
    [11/04/2008 – 08:03:48 | N | 75792] C:install.res.2052.dll
    [11/04/2008 – 08:03:48 | N | 96272] C:install.res.3082.dll
    [15/07/2011 – 16:54:25 | D ] C:Intel
    [23/10/2013 – 19:46:45 | ASH | 6387777536] C:pagefile.sys
    [14/07/2009 – 05:20:08 | D ] C:PerfLogs
    [15/09/2013 – 12:47:01 | D ] C:Program Files
    [23/10/2013 – 19:50:08 | D ] C:Program Files (x86)
    [23/10/2013 – 19:50:09 | D ] C:ProgramData
    [10/09/2011 – 15:52:43 | SHD ] C:Recovery
    [02/06/2013 – 21:21:38 | D ] C:SWSetup
    [22/10/2013 – 08:24:34 | SHD ] C:System Volume Information
    [10/09/2011 – 15:52:49 | D ] C:SYSTEM.SAV
    [14/09/2013 – 11:53:02 | D ] C:temp
    [23/10/2013 – 20:50:36 | D ] C:UsbFix
    [23/10/2013 – 20:17:11 | N | 19726] C:UsbFix [Clean 4] TOM-HP.txt
    [23/10/2013 – 20:21:59 | N | 15226] C:UsbFix [Clean 5] TOM-HP.txt
    [23/10/2013 – 20:51:35 | A | 11944] C:UsbFix [Clean 7] TOM-HP.txt
    [23/10/2013 – 19:02:44 | N | 14086] C:UsbFix [Scan 1] TOM-HP.txt
    [23/10/2013 – 19:40:27 | N | 13672] C:UsbFix [Scan 4] TOM-HP.txt
    [23/10/2013 – 19:58:50 | N | 16623] C:UsbFix [Scan 5] TOM-HP.txt
    [28/05/2012 – 11:34:00 | N | 1579] C:user.js
    [20/08/2013 – 16:11:24 | RD ] C:Users
    [11/04/2008 – 10:07:18 | N | 5686] C:vcredist.bmp
    [07/11/2007 – 08:09:22 | N | 1442522] C:VC_RED.cab
    [07/11/2007 – 08:12:28 | N | 232960] C:VC_RED.MSI
    [23/10/2013 – 19:27:43 | D ] C:Windows
    [10/09/2011 – 15:58:50 | SHD ] D:$RECYCLE.BIN
    [23/10/2013 – 20:21:54 | RASHD ] D:Autorun.inf
    [10/09/2011 – 15:58:48 | RASD ] D:boot
    [14/07/2009 – 20:39:00 | RAS | 383562] D:bootmgr
    [10/09/2011 – 15:58:48 | D ] D:FactoryUpdate
    [10/09/2011 – 15:58:48 | D ] D:hp
    [14/02/2012 – 10:48:00 | N | 20] D:HPSF_Rep.txt
    [17/04/2012 – 12:04:01 | N | 8] D:HP_WSD.dat
    [10/09/2011 – 15:58:48 | RSD ] D:preload
    [10/09/2011 – 15:58:48 | RSD ] D:recovery
    [10/09/2011 – 15:58:48 | D ] D:RM_Reserve
    [28/01/2013 – 23:46:49 | SHD ] D:System Volume Information
    [03/06/2011 – 15:01:07 | RA | 59] E:Autorun.inf
    [03/06/2011 – 15:03:26 | RAD ] E:DirectX 9.0c
    [03/06/2011 – 15:03:27 | RAD ] E:dotNET Framework
    [03/06/2011 – 15:01:08 | RA | 305056] E:Launcher.exe
    [03/06/2011 – 16:41:30 | RAD ] E:LauncherData
    [03/06/2011 – 15:01:18 | RA | 2249632] E:Setup.exe
    [03/06/2011 – 16:33:34 | RA | 2097756416] E:Setup-1.bin
    [03/06/2011 – 16:33:41 | RA | 2100000000] E:Setup-2.bin
    [03/06/2011 – 15:11:44 | RA | 108223947] E:Setup-3.bin
    [03/06/2011 – 15:01:10 | RAD ] E:Visual Studio Redistribuable
    [15/07/2011 – 17:16:18 | SHD ] F:$RECYCLE.BIN
    [17/04/2012 – 12:04:02 | N | 8] F:HP_WSD.dat
    [15/07/2011 – 17:00:50 | D ] F:Hewlett-Packard
    [14/02/2012 – 09:48:02 | N | 20] F:HPSF_Rep.txt
    [23/10/2013 – 20:21:56 | RASHD ] F:Autorun.inf
    [19/08/2013 – 10:57:14 | N | 576148674] H:[www.Cpasbien.me] Game.of.Thrones.S03E08.FRENCH.LD.HDTV.XviD-MiND.avi
    [19/08/2013 – 11:06:22 | N | 578455392] H:[www.Cpasbien.me] Game.of.Thrones.S03E01.FRENCH.LD.HDTV.XviD-MiND.avi
    [19/08/2013 – 10:51:26 | N | 578627968] H:[www.Cpasbien.me] Game.of.Thrones.S03E09.FRENCH.LD.HDTV.XviD-MiND.avi
    [19/08/2013 – 10:57:20 | N | 578323306] H:[www.Cpasbien.me] Game.of.Thrones.S03E07.FRENCH.LD.HDTV.XviD-MiND.avi
    [19/08/2013 – 00:19:18 | N | 579819714] H:[www.Cpasbien.me] Game.of.Thrones.S03E05.FRENCH.LD.HDTV.XviD-MiND.avi
    [19/08/2013 – 11:13:34 | N | 572581888] H:[www.Cpasbien.me] Game.of.Thrones.S03E02.FRENCH.HDTV.XviD-ATN.avi
    [18/08/2013 – 21:57:28 | N | 578250406] H:[www.Cpasbien.me] Game.of.Thrones.S03E04.FRENCH.LD.HDTV.XviD-MiND.avi
    [18/08/2013 – 21:44:38 | N | 578157834] H:[www.Cpasbien.me] Game.of.Thrones.S03E03.FRENCH.LD.HDTV.XviD-MiND.avi
    [18/08/2013 – 23:47:46 | N | 576506234] H:[www.Cpasbien.me] Game.of.Thrones.S03E06.FRENCH.LD.HDTV.XviD-MiND.avi
    [12/10/2013 – 14:45:18 | N | 11264] H:Pestel bar gaming.doc
    [12/10/2013 – 14:45:18 | N | 11264] H:Pestel bar gaming (2).doc
    [23/10/2013 – 20:21:56 | RASHD ] H:Autorun.inf
    [23/10/2013 – 20:21:56 | RASHD ] I:Autorun.inf
    [29/05/2013 – 15:24:34 | N | 9646592] I:Solutions ecommerce et positionnement commercial.ppt

    ################## | Vaccin |

    C:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
    D:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
    F:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
    H:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
    I:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)

    ################## | E.O.F | http://www.usbfix.net” onclick=”window.open(this.href);return false; – https://www.sosvirus.net” onclick=”window.open(this.href);return false; |[/spoiler:j7z3hk34]

  • Anonyme
    Post count: 0

    C’est OK effectivement ;)

    Souhaites tu que nous fassions un diagnostique plus complet ? pas de soucis de pub ou autre ?

  • Photo du profil de greattomgreattom
    Participant
    Post count: 2

    nan ecoute malheureusement j’ai perdu mais fichier qui se sont effacé mais se n’est pas grave je suis debarasse de ça je ferais votre pub merci bcp

  • Anonyme
    Post count: 0

    Ok ,

    Je te souhaites une bonne soirée ;)

Le sujet ‘fichier transformé en racourci sur mes 2 clefs usb’ est fermé à de nouvelles réponses.