fichiers transformés en raccourcis sur clé usb 2013-10-29T19:28:43+00:00

SOSVirus : Dépannage PC Gratuit Support Aide à la désinfection – Forum Virus Sécurité fichiers transformés en raccourcis sur clé usb

  • Auteur
    Messages
  • BOURDOT
    Post count: 0

    Bsr
    suite problème de fichiers transformés en raccourcis voici ci dessous le rapport de usb fix :

    ############################## | UsbFix V 7.146 | [Recherche]

    Utilisateur: Bourdot (Administrateur) # BOURDOT-PC
    Mis à jour le 28/10/2013 par El Desaparecido – Team SosVirus
    Lancé à 20:15:01 | 29/10/2013

    Site Web: http://www.usbfix.net/” onclick=”window.open(this.href);return false;
    Forum : https://www.sosvirus.net/” onclick=”window.open(this.href);return false;
    Upload Malware: upload_malware.php
    Contact: http://www.usbfix.net/contact/” onclick=”window.open(this.href);return false;

    PC: Packard Bell (imedia S3840)
    CPU: Intel(R) Core(TM) i3-2120 CPU @ 3.30GHz
    RAM -> [Total : 6126 | Free : 4643]
    Bios: American Megatrends Inc.
    Boot: Normal boot

    OS: Microsoft Windows 7 Édition Familiale Premium (6.1.7601 64-Bit) Service Pack 1
    WB: Windows Internet Explorer : 10.0.9200.16721
    WB: Google Chrome : 30.0.1599.101
    WB: Mozilla Firefox : 24.0

    SC: Security Center Service [Enabled]
    WU: Windows Update Service [Enabled]
    AV: avast! Antivirus [(!) Disabled | Updated]
    AS: Windows Defender : 6.1.7600.16385 (win7_rtm.090713-1255)
    FW: Windows FireWall Service [Enabled]

    C: (%systemdrive%) -> Disque fixe # 687 Go (594 Go libre(s) – 86%) [Packard Bell] # NTFS
    D: -> Disque fixe # 687 Go (608 Go libre(s) – 88%) [DATA] # NTFS
    E: -> CD-ROM
    H: -> Disque amovible # 30 Go (13 Go libre(s) – 44%) [CORSAIR] # NTFS

    ################## | Processus Actif |

    C:Windowssystem32csrss.exe (ID: 540 |ParentID: 472)
    C:Windowssystem32wininit.exe (ID: 588 |ParentID: 472)
    C:Windowssystem32csrss.exe (ID: 612 |ParentID: 600)
    C:Windowssystem32services.exe (ID: 656 |ParentID: 588)
    C:Windowssystem32winlogon.exe (ID: 688 |ParentID: 600)
    C:Windowssystem32lsass.exe (ID: 708 |ParentID: 588)
    C:Windowssystem32lsm.exe (ID: 728 |ParentID: 588)
    C:Windowssystem32svchost.exe (ID: 828 |ParentID: 656)
    C:Windowssystem32nvvsvc.exe (ID: 908 |ParentID: 656)
    C:Windowssystem32svchost.exe (ID: 948 |ParentID: 656)
    C:WindowsSystem32svchost.exe (ID: 292 |ParentID: 656)
    C:WindowsSystem32svchost.exe (ID: 424 |ParentID: 656)
    C:Windowssystem32svchost.exe (ID: 472 |ParentID: 656)
    C:Windowssystem32svchost.exe (ID: 780 |ParentID: 656)
    C:Windowssystem32svchost.exe (ID: 1168 |ParentID: 656)
    C:Program FilesAVAST SoftwareAvastAvastSvc.exe (ID: 1224 |ParentID: 656)
    C:Program FilesNVIDIA CorporationDisplayNvXDSync.exe (ID: 1408 |ParentID: 908)
    C:Windowssystem32nvvsvc.exe (ID: 1420 |ParentID: 908)
    C:WindowsSystem32spoolsv.exe (ID: 1608 |ParentID: 656)
    C:Windowssystem32svchost.exe (ID: 1636 |ParentID: 656)
    C:Program Files (x86)Common FilesAdobeARM1.0armsvc.exe (ID: 1712 |ParentID: 656)
    C:Program Files (x86)Common FilesAppleMobile Device SupportAppleMobileDeviceService.exe (ID: 1752 |ParentID: 656)
    C:Program FilesBonjourmDNSResponder.exe (ID: 1896 |ParentID: 656)
    C:Program FilesOrangemes contenus – mon disquemounter.exe (ID: 1924 |ParentID: 656)
    C:Program Files (x86)Packard BellRegistrationGREGsvc.exe (ID: 1968 |ParentID: 656)
    C:Program FilesPackard BellPackard Bell UpdaterUpdaterService.exe (ID: 1996 |ParentID: 656)
    C:Program FilesCommon FilesLogiShrdLVMVFMLVPrcSrv.exe (ID: 2032 |ParentID: 656)
    C:Windowssystem32lxcgcoms.exe (ID: 1336 |ParentID: 656)
    C:Program Files (x86)Common FilesMediafouriPodM4iPodWPDService.exe (ID: 1344 |ParentID: 656)
    C:Program Files (x86)Common FilesLogiShrdLVMVFMLVPrS64H.exe (ID: 1332 |ParentID: 828)
    C:Program Files (x86)Common FilesMediafourM4LIC.EXE (ID: 1688 |ParentID: 656)
    C:Program Files (x86)HTCInternet Pass-ThroughPassThruSvr.exe (ID: 1260 |ParentID: 656)
    C:Program Files (x86)NVIDIA Corporation3D VisionnvSCPAPISvr.exe (ID: 1288 |ParentID: 656)
    C:Windowssystem32svchost.exe (ID: 2056 |ParentID: 656)
    C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSVC.EXE (ID: 2112 |ParentID: 656)
    C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSvcM.exe (ID: 2204 |ParentID: 2112)
    C:Windowssystem32wbemwmiprvse.exe (ID: 2620 |ParentID: 828)
    C:Windowssystem32taskhost.exe (ID: 2888 |ParentID: 656)
    C:Windowssystem32Dwm.exe (ID: 2984 |ParentID: 424)
    C:WindowsExplorer.EXE (ID: 2852 |ParentID: 2952)
    C:Windowssystem32svchost.exe (ID: 3232 |ParentID: 656)
    C:Windowssystem32svchost.exe (ID: 3348 |ParentID: 656)
    C:WindowsSystem32WUDFHost.exe (ID: 3476 |ParentID: 424)
    C:Program FilesRealtekAudioHDARAVCpl64.exe (ID: 3724 |ParentID: 2852)
    C:Program Files (x86)Lexmark 2300 Serieslxcgmon.exe (ID: 3740 |ParentID: 2852)
    C:Program Files (x86)Lexmark 2300 Seriesezprint.exe (ID: 3756 |ParentID: 2852)
    C:Program FilesMediafourXPlay 3XPlay.exe (ID: 3912 |ParentID: 2852)
    C:Program Files (x86)OLYMPUSOLYMPUS Master 2MMonitor.exe (ID: 3952 |ParentID: 2852)
    D:MorganedocsNokia PC Suite 7PCSuite.exe (ID: 3528 |ParentID: 2852)
    C:Program Files (x86)PC Connectivity SolutionServiceLayer.exe (ID: 3848 |ParentID: 656)
    C:Windowssystem32SearchIndexer.exe (ID: 1308 |ParentID: 656)
    C:Program Files (x86)SkypePhoneSkype.exe (ID: 3896 |ParentID: 2852)
    C:WindowsSystem32wscript.exe (ID: 4208 |ParentID: 2852)
    C:Program Files (x86)Packard BellHotkey UtilityHotkeyUtility.exe (ID: 4392 |ParentID: 4220)
    C:Program FilesLogitechLogitech WebCam SoftwareLWS.exe (ID: 4408 |ParentID: 4220)
    C:Program Files (x86)HTCHTC Sync 3.0htcUPCTLoader.exe (ID: 4476 |ParentID: 4220)
    C:Program Files (x86)Common FilesNikonMonitorNkMonitor.exe (ID: 4548 |ParentID: 4220)
    C:Program FilesAVAST SoftwareAvastAvastUI.exe (ID: 4652 |ParentID: 4220)
    C:Program Files (x86)Common FilesLogishrdLQCVFXCOCIManager.exe (ID: 4916 |ParentID: 828)
    C:Windowssystem32taskeng.exe (ID: 5096 |ParentID: 780)
    C:Program Files (x86)CyberLinkMediaEspressoDeviceDetectorDeviceDetector.exe (ID: 4868 |ParentID: 5096)
    C:Program FilesWindows Media Playerwmpnetwk.exe (ID: 3520 |ParentID: 656)
    C:WindowsSystem32svchost.exe (ID: 5132 |ParentID: 656)
    C:Program Files (x86)IntelIntel(R) Rapid Storage TechnologyIAStorDataMgrSvc.exe (ID: 6128 |ParentID: 656)
    C:Program Files (x86)IntelIntel(R) Management Engine ComponentsLMSLMS.exe (ID: 1768 |ParentID: 656)
    C:Program Files (x86)NeroUpdateNASvc.exe (ID: 644 |ParentID: 656)
    C:WindowsSystem32svchost.exe (ID: 5516 |ParentID: 656)
    C:Windowssystem32DllHost.exe (ID: 5884 |ParentID: 828)
    C:Program Files (x86)IntelIntel(R) Management Engine ComponentsUNSUNS.exe (ID: 5176 |ParentID: 656)
    C:Program FilesCommon FilesMicrosoft SharedOfficeSoftwareProtectionPlatformOSPPSVC.EXE (ID: 8452 |ParentID: 656)
    C:Program Files (x86)PC Connectivity SolutionTransportsNclUSBSrv64.exe (ID: 7568 |ParentID: 3848)
    C:Program Files (x86)PC Connectivity SolutionTransportsNclRSSrv.exe (ID: 1436 |ParentID: 3848)
    C:Program FilesInternet Exploreriexplore.exe (ID: 3700 |ParentID: 2852)
    C:Program Files (x86)MicrosoftBingBar7.2.241.0BingApp.exe (ID: 5964 |ParentID: 828)
    C:Program Files (x86)MicrosoftBingBar7.2.241.0BingBar.exe (ID: 5924 |ParentID: 828)
    C:Program Files (x86)MicrosoftBingBar7.2.241.0BingSurrogate.exe (ID: 1868 |ParentID: 828)
    C:Program Files (x86)MicrosoftBingBar7.2.241.0BingSurrogate.exe (ID: 7080 |ParentID: 828)
    C:Program Files (x86)MicrosoftBingBar7.2.241.0BingSurrogate.exe (ID: 7256 |ParentID: 828)
    C:Program Files (x86)MicrosoftBingBar7.2.241.0BingSurrogate.exe (ID: 5996 |ParentID: 828)
    C:Windowssystem32MacromedFlashFlashUtil64_11_9_900_117_ActiveX.exe (ID: 7212 |ParentID: 828)
    C:Program Files (x86)MicrosoftBingBar7.2.241.0BBSvc.exe (ID: 2240 |ParentID: 656)
    C:Windowssystem32DllHost.exe (ID: 5456 |ParentID: 828)
    C:Program Files (x86)Internet ExplorerIEXPLORE.EXE (ID: 5444 |ParentID: 3700)
    C:UsbFixGo.exe (ID: 9456 |ParentID: 5484)
    C:Program Files (x86)Internet ExplorerIEXPLORE.EXE (ID: 1536 |ParentID: 3700)

    ################## | Regedit Run |

    HKLMSOFTWARE | Run : [Hotkey Utility] – C:Program Files (x86)Packard BellHotkey UtilityHotkeyUtility.exe
    HKLMSOFTWARE | Run : [LogitechQuickCamRibbon] – “C:Program FilesLogitechLogitech WebCam SoftwareLWS.exe” /hide
    HKLMSOFTWARE | Run : [HTC Sync Loader] – “C:Program Files (x86)HTCHTC Sync 3.0htcUPCTLoader.exe” -startup
    HKLMSOFTWARE | Run : [APSDaemon] – “C:Program Files (x86)Common FilesAppleApple Application SupportAPSDaemon.exe”
    HKLMSOFTWARE | Run : [Nikon Transfer Monitor] – C:Program Files (x86)Common FilesNikonMonitorNkMonitor.exe
    HKLMSOFTWARE | Run : [NSU_agent] – “C:Program Files (x86)NokiaNokia Software Updaternsu3ui_agent.exe”
    HKLMSOFTWARE | Run : [lxdpmon.exe] – “C:Program Files (x86) (x86)Lexmark Z2300 Serieslxdpmon.exe”
    HKLMSOFTWARE | Run : [EzPrint] – “C:Program Files (x86) (x86)Lexmark Z2300 Seriesezprint.exe”
    HKLMSOFTWARE | Run : [avast] – “C:Program FilesAVAST SoftwareAvastavastUI.exe” /nogui
    HKLMSOFTWARE | Run : [Adobe ARM] – “C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe”
    HKLMSOFTWARE | Run : [QuickTime Task] – “C:Program Files (x86)QuickTimeQTTask.exe” -atboottime
    HKLMSOFTWAREwow6432Node | Run : [Hotkey Utility] – C:Program Files (x86)Packard BellHotkey UtilityHotkeyUtility.exe
    HKLMSOFTWAREwow6432Node | Run : [LogitechQuickCamRibbon] – “C:Program FilesLogitechLogitech WebCam SoftwareLWS.exe” /hide
    HKLMSOFTWAREwow6432Node | Run : [HTC Sync Loader] – “C:Program Files (x86)HTCHTC Sync 3.0htcUPCTLoader.exe” -startup
    HKLMSOFTWAREwow6432Node | Run : [APSDaemon] – “C:Program Files (x86)Common FilesAppleApple Application SupportAPSDaemon.exe”
    HKLMSOFTWAREwow6432Node | Run : [Nikon Transfer Monitor] – C:Program Files (x86)Common FilesNikonMonitorNkMonitor.exe
    HKLMSOFTWAREwow6432Node | Run : [NSU_agent] – “C:Program Files (x86)NokiaNokia Software Updaternsu3ui_agent.exe”
    HKLMSOFTWAREwow6432Node | Run : [lxdpmon.exe] – “C:Program Files (x86) (x86)Lexmark Z2300 Serieslxdpmon.exe”
    HKLMSOFTWAREwow6432Node | Run : [EzPrint] – “C:Program Files (x86) (x86)Lexmark Z2300 Seriesezprint.exe”
    HKLMSOFTWAREwow6432Node | Run : [avast] – “C:Program FilesAVAST SoftwareAvastavastUI.exe” /nogui
    HKLMSOFTWAREwow6432Node | Run : [Adobe ARM] – “C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe”
    HKLMSOFTWAREwow6432Node | Run : [QuickTime Task] – “C:Program Files (x86)QuickTimeQTTask.exe” -atboottime
    HKLMSOFTWARE | RunOnce : [] –
    HKLMSOFTWAREwow6432Node | RunOnce : [] –
    HKUS-1-5-19SOFTWARE | Run : [Sidebar] – %ProgramFiles%Windows SidebarSidebar.exe /autoRun
    HKUS-1-5-20SOFTWARE | Run : [Sidebar] – %ProgramFiles%Windows SidebarSidebar.exe /autoRun
    HKUS-1-5-21-1826166390-1230204099-697159472-1001SOFTWARE | Run : [OM2_Monitor] – “C:Program Files (x86)OLYMPUSOLYMPUS Master 2MMonitor.exe”
    HKUS-1-5-21-1826166390-1230204099-697159472-1001SOFTWARE | Run : [PC Suite Tray] – “D:MorganedocsNokia PC Suite 7PCSuite.exe” -onlytray
    HKUS-1-5-21-1826166390-1230204099-697159472-1001SOFTWARE | Run : [Facebook Update] – “C:UsersBourdotAppDataLocalFacebookUpdateFacebookUpdate.exe” /c /nocrashserver
    HKUS-1-5-21-1826166390-1230204099-697159472-1001SOFTWARE | Run : [Orange mes contenus] – “C:Program FilesOrangeOrange mes contenusOrangeSC.exe” /delayed
    HKUS-1-5-21-1826166390-1230204099-697159472-1001SOFTWARE | Run : [Skype] – “C:Program Files (x86)SkypePhoneSkype.exe” /minimized /regrun
    HKUS-1-5-21-1826166390-1230204099-697159472-1001SOFTWARE | Run : [Intel(R)Service] – wscript.exe //B “C:UsersBourdotAppDataLocalTempIntel(R)Service.vbs”
    HKUS-1-5-19SOFTWARE | RunOnce : [mctadmin] – C:WindowsSystem32mctadmin.exe
    HKUS-1-5-20SOFTWARE | RunOnce : [mctadmin] – C:WindowsSystem32mctadmin.exe

    ################## | Recherche générique |

    Présent! H:Intel(R)Service.vbs
    Présent! C:UsersBourdotAppDataLocalTempIntel(R)Service.vbs
    Présent! C:UsersBourdotAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupIntel(R)Service.vbs
    Présent! H:108H 2013-2014.lnk
    Présent! H:5.lnk
    Présent! H:Autorisations APC.lnk
    Présent! H:bricolage de paques.lnk
    Présent! H:CM2 jacquemin.lnk
    Présent! H:Ecologiedesorganismesetdespopulationssandrinechauchard.lnk
    Présent! H:FICHE DE PREP ENTETE.lnk
    Présent! H:JackReacher.lnk
    Présent! H:JEUX MAT.lnk
    Présent! H:Le code de la classe.lnk
    Présent! H:Test_de_maternelle11.lnk
    Présent! H:The.lnk
    Présent! H:_disk_id.lnk
    Présent! C:UsersBourdotAppDataLocalTemp20120702IminentSetup.exe
    Présent! C:UsersBourdotAppDataLocalTemp39606-91389-the-age-of-empires-ii-the-conquerors-update.exe
    Présent! C:UsersBourdotAppDataLocalTemp49416uninstall.exe
    Présent! C:UsersBourdotAppDataLocalTemp54425-667390-photoscape.exe
    Présent! C:UsersBourdotAppDataLocalTemp7za.exe
    Présent! C:UsersBourdotAppDataLocalTempOB.exe
    Présent! E:AUTORUN.INF
    ################## | Registre |

    Présent! HKLMSoftwareMicrosoftWindowsCurrentVersionPoliciesExplorer|NoActiveDesktop -> 1
    Présent! HKLMSoftwareMicrosoftWindowsCurrentVersionPoliciesExplorer|NoActiveDesktopChanges -> 1
    Présent! HKUS-1-5-21-1826166390-1230204099-697159472-1001SoftwareMicrosoftWindowsCurrentVersionRun|Intel(R)Service
    Présent! HKCUSoftwareMicrosoftWindowsCurrentVersionRun|Intel(R)Service
    Présent! HKUS-1-5-21-1826166390-1230204099-697159472-1001SoftwareMicrosoftWindowsCurrentVersionRun|Intel(R)Service
    Présent! HKCUSoftwareMicrosoftWindowsCurrentVersionRun|Intel(R)Service
    Présent! HKUS-1-5-21-1826166390-1230204099-697159472-1001SoftwareMicrosoftWindowsCurrentVersionRun|Intel(R)Service
    Présent! HKCUSoftwareMicrosoftWindowsCurrentVersionRun|Intel(R)Service

    ################## | Vaccin |

    (!) Cet ordinateur n’est pas vacciné!

    ################## | E.O.F | http://www.usbfix.net” onclick=”window.open(this.href);return false; – https://www.sosvirus.net” onclick=”window.open(this.href);return false; |

    merci de me dire comment faire pour interpréter ce rapport et résoudre mon problème

    cdlt

  • Photo du profil de g3n-h@ckm@ng3n-h@ckm@n
    Admin bbPress
    Post count: 8314

    salut relance usbfix , clique sur suppression et une fois terminé poste C:USBFix [Clean 1].txt

  • BOURDOT
    Post count: 0

    re-bsr voici le rapport :

    ############################## | UsbFix V 7.146 | [Suppression]

    Utilisateur: Bourdot (Administrateur) # BOURDOT-PC
    Mis à jour le 28/10/2013 par El Desaparecido – Team SosVirus
    Lancé à 21:01:58 | 29/10/2013

    Site Web: http://www.usbfix.net/” onclick=”window.open(this.href);return false;
    Forum : https://www.sosvirus.net/” onclick=”window.open(this.href);return false;
    Upload Malware: upload_malware.php
    Contact: http://www.usbfix.net/contact/” onclick=”window.open(this.href);return false;

    PC: Packard Bell (imedia S3840)
    CPU: Intel(R) Core(TM) i3-2120 CPU @ 3.30GHz
    RAM -> [Total : 6126 | Free : 3901]
    Bios: American Megatrends Inc.
    Boot: Normal boot

    OS: Microsoft Windows 7 Édition Familiale Premium (6.1.7601 64-Bit) Service Pack 1
    WB: Windows Internet Explorer : 10.0.9200.16721
    WB: Google Chrome : 30.0.1599.101
    WB: Mozilla Firefox : 24.0

    SC: Security Center Service [Enabled]
    WU: Windows Update Service [Enabled]
    AV: avast! Antivirus [(!) Disabled | Updated]
    AS: Windows Defender : 6.1.7600.16385 (win7_rtm.090713-1255)
    FW: Windows FireWall Service [Enabled]

    C: (%systemdrive%) -> Disque fixe # 687 Go (594 Go libre(s) – 86%) [Packard Bell] # NTFS
    D: -> Disque fixe # 687 Go (608 Go libre(s) – 88%) [DATA] # NTFS
    E: -> CD-ROM
    H: -> Disque amovible # 30 Go (13 Go libre(s) – 44%) [CORSAIR] # NTFS

    ################## | Processus Stoppés |

    Stoppé! C:Windowssystem32nvvsvc.exe (ID: 908 |ParentID: 656)
    Stoppé! C:Program FilesAVAST SoftwareAvastAvastSvc.exe (ID: 1224 |ParentID: 656)
    Stoppé! C:Program FilesNVIDIA CorporationDisplayNvXDSync.exe (ID: 1408 |ParentID: 908)
    Stoppé! C:Windowssystem32nvvsvc.exe (ID: 1420 |ParentID: 908)
    Stoppé! C:WindowsSystem32spoolsv.exe (ID: 1608 |ParentID: 656)
    Stoppé! C:Program Files (x86)Common FilesAdobeARM1.0armsvc.exe (ID: 1712 |ParentID: 656)
    Stoppé! C:Program Files (x86)Common FilesAppleMobile Device SupportAppleMobileDeviceService.exe (ID: 1752 |ParentID: 656)
    Stoppé! C:Program FilesBonjourmDNSResponder.exe (ID: 1896 |ParentID: 656)
    Stoppé! C:Program FilesOrangemes contenus – mon disquemounter.exe (ID: 1924 |ParentID: 656)
    Stoppé! C:Program Files (x86)Packard BellRegistrationGREGsvc.exe (ID: 1968 |ParentID: 656)
    Stoppé! C:Program FilesPackard BellPackard Bell UpdaterUpdaterService.exe (ID: 1996 |ParentID: 656)
    Stoppé! C:Program FilesCommon FilesLogiShrdLVMVFMLVPrcSrv.exe (ID: 2032 |ParentID: 656)
    Stoppé! C:Windowssystem32lxcgcoms.exe (ID: 1336 |ParentID: 656)
    Stoppé! C:Program Files (x86)Common FilesMediafouriPodM4iPodWPDService.exe (ID: 1344 |ParentID: 656)
    Stoppé! C:Program Files (x86)Common FilesLogiShrdLVMVFMLVPrS64H.exe (ID: 1332 |ParentID: 828)
    Stoppé! C:Program Files (x86)Common FilesMediafourM4LIC.EXE (ID: 1688 |ParentID: 656)
    Stoppé! C:Program Files (x86)HTCInternet Pass-ThroughPassThruSvr.exe (ID: 1260 |ParentID: 656)
    Stoppé! C:Program Files (x86)NVIDIA Corporation3D VisionnvSCPAPISvr.exe (ID: 1288 |ParentID: 656)
    Stoppé! C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSVC.EXE (ID: 2112 |ParentID: 656)
    Stoppé! C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSvcM.exe (ID: 2204 |ParentID: 2112)
    Stoppé! C:Windowssystem32taskhost.exe (ID: 2888 |ParentID: 656)
    Stoppé! C:WindowsExplorer.EXE (ID: 2852 |ParentID: 2952)
    Stoppé! C:WindowsSystem32WUDFHost.exe (ID: 3476 |ParentID: 424)
    Stoppé! C:Program FilesRealtekAudioHDARAVCpl64.exe (ID: 3724 |ParentID: 2852)
    Stoppé! C:Program Files (x86)Lexmark 2300 Serieslxcgmon.exe (ID: 3740 |ParentID: 2852)
    Stoppé! C:Program Files (x86)Lexmark 2300 Seriesezprint.exe (ID: 3756 |ParentID: 2852)
    Stoppé! C:Program FilesMediafourXPlay 3XPlay.exe (ID: 3912 |ParentID: 2852)
    Stoppé! C:Program Files (x86)OLYMPUSOLYMPUS Master 2MMonitor.exe (ID: 3952 |ParentID: 2852)
    Stoppé! D:MorganedocsNokia PC Suite 7PCSuite.exe (ID: 3528 |ParentID: 2852)
    Stoppé! C:Program Files (x86)PC Connectivity SolutionServiceLayer.exe (ID: 3848 |ParentID: 656)
    Stoppé! C:Windowssystem32SearchIndexer.exe (ID: 1308 |ParentID: 656)
    Stoppé! C:Program Files (x86)SkypePhoneSkype.exe (ID: 3896 |ParentID: 2852)
    Stoppé! C:WindowsSystem32wscript.exe (ID: 4208 |ParentID: 2852)
    Stoppé! C:Program Files (x86)Packard BellHotkey UtilityHotkeyUtility.exe (ID: 4392 |ParentID: 4220)
    Stoppé! C:Program FilesLogitechLogitech WebCam SoftwareLWS.exe (ID: 4408 |ParentID: 4220)
    Stoppé! C:Program Files (x86)HTCHTC Sync 3.0htcUPCTLoader.exe (ID: 4476 |ParentID: 4220)
    Stoppé! C:Program Files (x86)Common FilesNikonMonitorNkMonitor.exe (ID: 4548 |ParentID: 4220)
    Stoppé! C:Program FilesAVAST SoftwareAvastAvastUI.exe (ID: 4652 |ParentID: 4220)
    Stoppé! C:Program Files (x86)Common FilesLogishrdLQCVFXCOCIManager.exe (ID: 4916 |ParentID: 828)
    Stoppé! C:Windowssystem32taskeng.exe (ID: 5096 |ParentID: 780)
    Stoppé! C:Program Files (x86)CyberLinkMediaEspressoDeviceDetectorDeviceDetector.exe (ID: 4868 |ParentID: 5096)
    Stoppé! C:Program FilesWindows Media Playerwmpnetwk.exe (ID: 3520 |ParentID: 656)
    Stoppé! C:Program Files (x86)IntelIntel(R) Rapid Storage TechnologyIAStorDataMgrSvc.exe (ID: 6128 |ParentID: 656)
    Stoppé! C:Program Files (x86)IntelIntel(R) Management Engine ComponentsLMSLMS.exe (ID: 1768 |ParentID: 656)
    Stoppé! C:Program Files (x86)NeroUpdateNASvc.exe (ID: 644 |ParentID: 656)
    Stoppé! C:Windowssystem32DllHost.exe (ID: 5884 |ParentID: 828)
    Stoppé! C:Program Files (x86)IntelIntel(R) Management Engine ComponentsUNSUNS.exe (ID: 5176 |ParentID: 656)
    Stoppé! C:Program FilesCommon FilesMicrosoft SharedOfficeSoftwareProtectionPlatformOSPPSVC.EXE (ID: 8452 |ParentID: 656)
    Stoppé! C:Program FilesInternet Exploreriexplore.exe (ID: 3700 |ParentID: 2852)
    Stoppé! C:Program Files (x86)MicrosoftBingBar7.2.241.0BingApp.exe (ID: 5964 |ParentID: 828)
    Stoppé! C:Program Files (x86)MicrosoftBingBar7.2.241.0BingBar.exe (ID: 5924 |ParentID: 828)
    Stoppé! C:Program Files (x86)MicrosoftBingBar7.2.241.0BingSurrogate.exe (ID: 1868 |ParentID: 828)
    Stoppé! C:Program Files (x86)MicrosoftBingBar7.2.241.0BingSurrogate.exe (ID: 7080 |ParentID: 828)
    Stoppé! C:Program Files (x86)MicrosoftBingBar7.2.241.0BingSurrogate.exe (ID: 7256 |ParentID: 828)
    Stoppé! C:Program Files (x86)MicrosoftBingBar7.2.241.0BingSurrogate.exe (ID: 5996 |ParentID: 828)
    Stoppé! C:Windowssystem32MacromedFlashFlashUtil64_11_9_900_117_ActiveX.exe (ID: 7212 |ParentID: 828)
    Stoppé! C:Windowssystem32DllHost.exe (ID: 5456 |ParentID: 828)
    Stoppé! C:Program Files (x86)Internet ExplorerIEXPLORE.EXE (ID: 5444 |ParentID: 3700)
    Stoppé! C:Program Files (x86)MicrosoftBingBar7.2.241.0SeaPort.exe (ID: 5484 |ParentID: 656)
    Stoppé! C:Program Files (x86)Internet ExplorerIEXPLORE.EXE (ID: 9324 |ParentID: 3700)

    ################## | Regedit Run |

    HKLMSOFTWARE | Run : [Hotkey Utility] – C:Program Files (x86)Packard BellHotkey UtilityHotkeyUtility.exe
    HKLMSOFTWARE | Run : [LogitechQuickCamRibbon] – “C:Program FilesLogitechLogitech WebCam SoftwareLWS.exe” /hide
    HKLMSOFTWARE | Run : [HTC Sync Loader] – “C:Program Files (x86)HTCHTC Sync 3.0htcUPCTLoader.exe” -startup
    HKLMSOFTWARE | Run : [APSDaemon] – “C:Program Files (x86)Common FilesAppleApple Application SupportAPSDaemon.exe”
    HKLMSOFTWARE | Run : [Nikon Transfer Monitor] – C:Program Files (x86)Common FilesNikonMonitorNkMonitor.exe
    HKLMSOFTWARE | Run : [NSU_agent] – “C:Program Files (x86)NokiaNokia Software Updaternsu3ui_agent.exe”
    HKLMSOFTWARE | Run : [lxdpmon.exe] – “C:Program Files (x86) (x86)Lexmark Z2300 Serieslxdpmon.exe”
    HKLMSOFTWARE | Run : [EzPrint] – “C:Program Files (x86) (x86)Lexmark Z2300 Seriesezprint.exe”
    HKLMSOFTWARE | Run : [avast] – “C:Program FilesAVAST SoftwareAvastavastUI.exe” /nogui
    HKLMSOFTWARE | Run : [Adobe ARM] – “C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe”
    HKLMSOFTWARE | Run : [QuickTime Task] – “C:Program Files (x86)QuickTimeQTTask.exe” -atboottime
    HKLMSOFTWAREwow6432Node | Run : [Hotkey Utility] – C:Program Files (x86)Packard BellHotkey UtilityHotkeyUtility.exe
    HKLMSOFTWAREwow6432Node | Run : [LogitechQuickCamRibbon] – “C:Program FilesLogitechLogitech WebCam SoftwareLWS.exe” /hide
    HKLMSOFTWAREwow6432Node | Run : [HTC Sync Loader] – “C:Program Files (x86)HTCHTC Sync 3.0htcUPCTLoader.exe” -startup
    HKLMSOFTWAREwow6432Node | Run : [APSDaemon] – “C:Program Files (x86)Common FilesAppleApple Application SupportAPSDaemon.exe”
    HKLMSOFTWAREwow6432Node | Run : [Nikon Transfer Monitor] – C:Program Files (x86)Common FilesNikonMonitorNkMonitor.exe
    HKLMSOFTWAREwow6432Node | Run : [NSU_agent] – “C:Program Files (x86)NokiaNokia Software Updaternsu3ui_agent.exe”
    HKLMSOFTWAREwow6432Node | Run : [lxdpmon.exe] – “C:Program Files (x86) (x86)Lexmark Z2300 Serieslxdpmon.exe”
    HKLMSOFTWAREwow6432Node | Run : [EzPrint] – “C:Program Files (x86) (x86)Lexmark Z2300 Seriesezprint.exe”
    HKLMSOFTWAREwow6432Node | Run : [avast] – “C:Program FilesAVAST SoftwareAvastavastUI.exe” /nogui
    HKLMSOFTWAREwow6432Node | Run : [Adobe ARM] – “C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe”
    HKLMSOFTWAREwow6432Node | Run : [QuickTime Task] – “C:Program Files (x86)QuickTimeQTTask.exe” -atboottime
    HKLMSOFTWARE | RunOnce : [] –
    HKLMSOFTWAREwow6432Node | RunOnce : [] –
    HKUS-1-5-19SOFTWARE | Run : [Sidebar] – %ProgramFiles%Windows SidebarSidebar.exe /autoRun
    HKUS-1-5-20SOFTWARE | Run : [Sidebar] – %ProgramFiles%Windows SidebarSidebar.exe /autoRun
    HKUS-1-5-21-1826166390-1230204099-697159472-1001SOFTWARE | Run : [OM2_Monitor] – “C:Program Files (x86)OLYMPUSOLYMPUS Master 2MMonitor.exe”
    HKUS-1-5-21-1826166390-1230204099-697159472-1001SOFTWARE | Run : [PC Suite Tray] – “D:MorganedocsNokia PC Suite 7PCSuite.exe” -onlytray
    HKUS-1-5-21-1826166390-1230204099-697159472-1001SOFTWARE | Run : [Facebook Update] – “C:UsersBourdotAppDataLocalFacebookUpdateFacebookUpdate.exe” /c /nocrashserver
    HKUS-1-5-21-1826166390-1230204099-697159472-1001SOFTWARE | Run : [Orange mes contenus] – “C:Program FilesOrangeOrange mes contenusOrangeSC.exe” /delayed
    HKUS-1-5-21-1826166390-1230204099-697159472-1001SOFTWARE | Run : [Skype] – “C:Program Files (x86)SkypePhoneSkype.exe” /minimized /regrun
    HKUS-1-5-21-1826166390-1230204099-697159472-1001SOFTWARE | Run : [Intel(R)Service] – wscript.exe //B “C:UsersBourdotAppDataLocalTempIntel(R)Service.vbs”
    HKUS-1-5-19SOFTWARE | RunOnce : [mctadmin] – C:WindowsSystem32mctadmin.exe
    HKUS-1-5-20SOFTWARE | RunOnce : [mctadmin] – C:WindowsSystem32mctadmin.exe

    ################## | Recherche générique |

    Supprimé! H:Intel(R)Service.vbs
    Supprimé! C:UsersBourdotAppDataLocalTempIntel(R)Service.vbs
    Supprimé! C:UsersBourdotAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupIntel(R)Service.vbs
    Supprimé! H:108H 2013-2014.lnk
    Supprimé! H:5.lnk
    Supprimé! H:Autorisations APC.lnk
    Supprimé! H:bricolage de paques.lnk
    Supprimé! H:CM2 jacquemin.lnk
    Supprimé! H:Ecologiedesorganismesetdespopulationssandrinechauchard.lnk
    Supprimé! H:FICHE DE PREP ENTETE.lnk
    Supprimé! H:JackReacher.lnk
    Supprimé! H:JEUX MAT.lnk
    Supprimé! H:Le code de la classe.lnk
    Supprimé! H:Test_de_maternelle11.lnk
    Supprimé! H:The.lnk
    Supprimé! H:_disk_id.lnk
    Supprimé! C:UsersBourdotAppDataLocalTemp20120702IminentSetup.exe
    Supprimé! C:UsersBourdotAppDataLocalTemp39606-91389-the-age-of-empires-ii-the-conquerors-update.exe
    Supprimé! C:UsersBourdotAppDataLocalTemp49416uninstall.exe
    Supprimé! C:UsersBourdotAppDataLocalTemp54425-667390-photoscape.exe
    Supprimé! C:UsersBourdotAppDataLocalTemp7za.exe
    Supprimé! C:UsersBourdotAppDataLocalTempOB.exe

    (!) Fichiers temporaires supprimés.

    ################## | Registre |

    Réparé ! HKLMSoftwareMicrosoftWindowsCurrentVersionPoliciesExplorer|NoActiveDesktop -> 0
    Réparé ! HKLMSoftwareMicrosoftWindowsCurrentVersionPoliciesExplorer|NoActiveDesktopChanges -> 0
    Supprimé! HKUS-1-5-21-1826166390-1230204099-697159472-1001SoftwareMicrosoftWindowsCurrentVersionRun|Intel(R)Service

    ################## | Listing |

    [30/12/2011 – 22:39:15 | SHD ] C:$Recycle.Bin
    [21/06/2013 – 23:26:41 | N | 27219] C:AdwCleaner[R1].txt
    [21/06/2013 – 23:27:50 | N | 25603] C:AdwCleaner[S1].txt
    [28/04/2013 – 14:36:23 | D ] C:AOE2
    [26/09/2011 – 09:23:51 | D ] C:book
    [11/07/2011 – 11:57:37 | RASH | 8192] C:BOOTSECT.BAK
    [14/07/2009 – 06:08:56 | SHD ] C:Documents and Settings
    [14/12/2011 – 18:21:01 | D ] C:drivers
    [29/10/2013 – 13:08:54 | ASH | 4817686528] C:hiberfil.sys
    [11/07/2011 – 11:17:20 | D ] C:Intel
    [21/06/2013 – 17:36:25 | D ] C:Kreapixel
    [03/11/2012 – 19:22:36 | N | 25823] C:lxcg.log
    [02/11/2012 – 19:49:57 | N | 100] C:lxdp.log
    [02/12/2006 – 07:37:14 | N | 904704] C:msdia80.dll
    [08/12/2011 – 21:19:10 | RHD ] C:MSOCache
    [29/09/2013 – 15:06:25 | D ] C:My Music
    [08/12/2011 – 21:12:53 | D ] C:OEM
    [29/10/2013 – 13:08:57 | ASH | 6423584768] C:pagefile.sys
    [14/07/2009 – 04:20:08 | HD ] C:PerfLogs
    [20/08/2013 – 17:53:40 | D ] C:Program Files
    [12/10/2013 – 17:16:40 | D ] C:Program Files (x86)
    [24/10/2012 – 17:55:23 | D ] C:Program Files (x86) (x86)
    [23/10/2013 – 17:56:18 | HD ] C:ProgramData
    [21/06/2013 – 23:34:26 | N | 83] C:rapport.txt
    [08/12/2011 – 21:11:15 | SHD ] C:Recovery
    [29/10/2013 – 18:23:29 | SHD ] C:System Volume Information
    [29/10/2013 – 21:04:10 | D ] C:UsbFix
    [29/10/2013 – 21:05:05 | A | 13597] C:UsbFix [Clean 1] BOURDOT-PC.txt
    [29/10/2013 – 20:18:36 | N | 13855] C:UsbFix [Scan 1] BOURDOT-PC.txt
    [30/12/2011 – 22:39:12 | RD ] C:Users
    [29/09/2013 – 15:08:16 | D ] C:Windows
    [03/04/2013 – 18:11:09 | SHD ] D:$RECYCLE.BIN
    [26/02/2013 – 16:24:17 | D ] D:2008 Municipales
    [03/11/2012 – 17:14:34 | N | 23040] D:20121103_pilote_lexmark.doc
    [14/11/2012 – 22:46:51 | N | 563009] D:20121114_affiche_parc_bourdot.pdf
    [28/11/2012 – 20:38:03 | N | 26112] D:20121128_arret_alcool.doc
    [02/12/2012 – 00:17:25 | N | 22776688] D:20121201_album_véro-Export-02_12_2012_00_17_17.MAPExpoAlbums
    [30/08/2012 – 15:35:25 | N | 11349] D:2012_fiche_Cluedo.xlsx
    [05/01/2013 – 22:24:39 | N | 525078] D:20130105_carte_voeux.pdf
    [21/01/2013 – 23:25:05 | N | 47616] D:20130121_facture_vol_luxair.doc
    [21/01/2013 – 23:14:43 | N | 62642] D:20130121_hotel_BonHôtel_18040608.pdf
    [21/01/2013 – 23:09:30 | N | 1643677] D:20130121_Vol_www_ebookers_fr – Demande de réservation.mht
    [10/04/2013 – 10:46:52 | N | 158559] D:20130410_note_penibilite_n°7.pdf
    [10/04/2013 – 10:48:33 | N | 248086] D:20130410_Pétition Pénibilité au 12 AVSCGE EPINAL.pdf
    [22/08/2013 – 18:03:14 | N | 253216] D:20130822_Appel-de-socialistes-pour-les-retraites.pdf
    [22/10/2013 – 21:02:31 | N | 1034924] D:20131023_parcours_gite_lavoye.pdf
    [25/02/2013 – 16:19:33 | D ] D:ageofempire
    [21/09/2013 – 11:38:38 | D ] D:Alexandre
    [09/10/2013 – 18:10:24 | N | 56320] D:CGT CHIFFRES.doc
    [10/03/2013 – 14:22:12 | D ] D:Chansons
    [02/11/2012 – 21:34:25 | N | 30208] D:cible fléchettes.doc
    [27/09/2013 – 17:45:47 | D ] D:DOC_PARENTS
    [25/12/2011 – 20:23:31 | D ] D:FichiersSonic
    [08/10/2013 – 22:02:29 | D ] D:FILMS ET DESSINS ANIMES
    [06/06/2013 – 17:59:55 | N | 7688192] D:Le Bon Coin.pps
    [25/02/2013 – 16:16:13 | N | 413] D:Lecteur de CD – Raccourci.lnk
    [07/10/2012 – 21:26:04 | N | 778342] D:LOTO.jpg
    [25/12/2011 – 20:23:31 | D ] D:Ma musique
    [21/09/2013 – 11:37:59 | D ] D:Marcellin
    [25/12/2011 – 20:23:32 | D ] D:Mes images
    [25/12/2011 – 20:23:32 | D ] D:Mes vidéos
    [25/12/2011 – 20:23:32 | D ] D:microsoft
    [23/09/2013 – 06:27:38 | D ] D:Morgane
    [09/10/2013 – 20:47:35 | N | 13881] D:Nbre de syndiqués CGT.xlsx
    [17/06/2012 – 10:04:50 | N | 478] D:Packard Bell (C) – Raccourci.lnk
    [03/01/2013 – 19:13:49 | D ] D:PHOTOS
    [26/12/2012 – 18:18:06 | N | 5096] D:redir.htm
    [21/11/2012 – 17:44:36 | N | 22707] D:sudoku.pdf
    [08/12/2011 – 22:21:29 | SHD ] D:System Volume Information
    [23/10/2013 – 17:54:43 | N | 152916] D:verdun_plan.pdf
    [04/11/2012 – 16:42:08 | D ] D:VERONIQUE
    [03/06/2013 – 18:00:38 | D ] D:Virginie
    [25/12/2011 – 20:23:52 | D ] D:windows
    [25/12/2011 – 20:23:52 | D ] D:word
    [25/12/2011 – 20:23:53 | D ] D:Yonne
    [25/09/2013 – 07:39:49 | C | 17147] H:108H 2013-2014.ods
    [28/10/2013 – 18:42:56 | C | 1714299] H:5.04 – Philippe BECUWE.pdf
    [28/10/2013 – 18:44:35 | C | 1134663] H:5.06-DominiqueGERANT.pdf
    [28/08/2013 – 20:34:19 | DC ] H:50 ANS VERO
    [08/10/2013 – 21:54:57 | DC ] H:A IMPRIMER
    [04/06/2013 – 11:11:08 | DC ] H:ARTS PLASTIQUES
    [13/09/2013 – 07:38:32 | C | 89600] H:Autorisations APC.doc
    [25/03/2013 – 22:34:46 | C | 224768] H:bricolage de paques.doc
    [28/10/2013 – 18:45:39 | C | 28669] H:CM2 jacquemin.docx
    [28/10/2013 – 18:46:30 | C | 117496] H:Ecologiedesorganismesetdespopulationssandrinechauchard.docx.pdf
    [02/04/2013 – 12:06:56 | C | 27136] H:FICHE DE PREP ENTETE.doc
    [19/10/2013 – 21:37:35 | DC ] H:IMAGIER MOBILE
    [11/05/2013 – 04:05:42 | C | 678492448] H:JackReacher.avi
    [08/10/2013 – 20:32:09 | C | 74565] H:JEUX MAT.rtf
    [01/02/2013 – 12:06:59 | C | 4007424] H:Le code de la classe.doc
    [19/04/2013 – 21:00:01 | DC ] H:MOTS DIVERS PARENTS
    [28/10/2013 – 15:54:51 | DC ] H:MOVIES
    [31/05/2013 – 12:09:50 | DC ] H:ORGANISATION CLASSE
    [21/06/2013 – 07:37:49 | DC ] H:PROJETS 2013
    [28/10/2013 – 15:55:05 | DC ] H:SCIENCES
    [13/12/2012 – 18:04:08 | SHDC ] H:System Volume Information
    [16/04/2013 – 22:15:55 | C | 27410] H:Test_de_maternelle11.pdf
    [27/05/2013 – 20:40:58 | C | 786256270] H:The.Bourne.Legacy.2012.TRUEFRENCH.BDRip.XviD.Repack.avi
    [04/11/2012 – 16:39:33 | C | 4] H:_disk_id.pod

    ################## | Vaccin |

    H:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)

    ################## | E.O.F | http://www.usbfix.net” onclick=”window.open(this.href);return false; – https://www.sosvirus.net” onclick=”window.open(this.href);return false; |

    après ce scan mes fichiers sont redevenus des fichiers.

  • Photo du profil de g3n-h@ckm@ng3n-h@ckm@n
    Admin bbPress
    Post count: 8314

    bien

    • Télécharge MalwareBytes
    • Procède à l’installation de celui çi Décocher “Activer l’essai gratuit de Malwarebytes Anti-Malware PRO”
    • Sélectionne Examen complet
    • Clic sur Rechercher
    • Supprime tout les éléments trouvés !
    • Poste le rapport sur le forum

  • Photo du profil de g3n-h@ckm@ng3n-h@ckm@n
    Admin bbPress
    Post count: 8314

    hello où en es-tu ? :D

Le sujet ‘fichiers transformés en raccourcis sur clé usb’ est fermé à de nouvelles réponses.