2 sujets de 1 à 2 (sur un total de 2)
  • Auteur
    Messages
  • dboaustralie
    Participant
    Nombre d'articles : 1

    Merci davace pour votre aide. Je suis en australie et jai perdu toutes mes photos ;(

    ############################## | UsbFix V 7.169 | [Research]

    User: Jessica (Administrator) # JESSICA-HP
    Updated 31/03/2014 by El Desaparecido – Team SosVirus
    Started at 20:31:36 | 04/05/2014

    Website : http://www.en.usbfix.net/” onclick=”window.open(this.href);return false;
    Changelog : http://www.en.usbfix.net/changelog/” onclick=”window.open(this.href);return false;
    Support : http://en.kioskea.net/forum/viruses-security-7” onclick=”window.open(this.href);return false;
    Upload Malware : upload_malware.php
    Contact : http://www.en.usbfix.net/contact/” onclick=”window.open(this.href);return false;

    PC: Hewlett-Packard (3387)
    CPU: AMD E-300 APU with Radeon(tm) HD Graphics
    RAM -> [Total : 1641 Mo| Free : 40 Mo]
    Bios: Hewlett-Packard
    Boot: Normal boot

    OS: Microsoft Windows 7 Home Premium (6.1.7601 64-Bit) Service Pack 1
    WB: Windows Internet Explorer : 11.0.9600.17041

    SC: Security Center [Enabled]
    WU: Windows Update [Enabled]
    AV: AVG Internet Security 2013 [(!) Disabled | Updated]
    AV: avast! Antivirus [Enabled | Updated]
    AS: Windows Defender [(!) Disabled | Updated]
    AS: AVG Internet Security 2013 [(!) Disabled | Updated]
    AS: avast! Antivirus [Enabled | Updated]
    FW: AVG Internet Security 2013 [Enabled]
    FW: Windows FireWall [Enabled]

    C: (%systemdrive%) -> Fixed drive # 279 Gb (228 Mb free – 82%) [] # NTFS
    D: -> Fixed drive # 15 Gb (2 Mb free – 11%) [Recovery] # NTFS
    E: -> Fixed drive # 4 Gb (1 Mb free – 28%) [HP_TOOLS] # FAT32
    G: -> Removable drive # 7 Gb (6 Mb free – 80%) [] # FAT32

    ################## | Active Processes |

    C:Windowssystem32csrss.exe (ID: 684 |ParentID: 672)
    C:Windowssystem32csrss.exe (ID: 748 |ParentID: 740)
    C:Windowssystem32wininit.exe (ID: 756 |ParentID: 672)
    C:Windowssystem32services.exe (ID: 804 |ParentID: 756)
    C:Windowssystem32winlogon.exe (ID: 840 |ParentID: 740)
    C:Windowssystem32lsass.exe (ID: 876 |ParentID: 756)
    C:Windowssystem32lsm.exe (ID: 884 |ParentID: 756)
    C:Windowssystem32svchost.exe (ID: 992 |ParentID: 804)
    C:Windowssystem32svchost.exe (ID: 420 |ParentID: 804)
    C:Windowssystem32atiesrxx.exe (ID: 1028 |ParentID: 804)
    C:WindowsSystem32svchost.exe (ID: 1064 |ParentID: 804)
    C:WindowsSystem32svchost.exe (ID: 1096 |ParentID: 804)
    C:Windowssystem32svchost.exe (ID: 1132 |ParentID: 804)
    C:Windowssystem32svchost.exe (ID: 1164 |ParentID: 804)
    C:Program FilesIDTWDMSTacSV64.exe (ID: 1228 |ParentID: 804)
    C:Windowssystem32Hpservice.exe (ID: 1576 |ParentID: 804)
    C:Windowssystem32svchost.exe (ID: 1628 |ParentID: 804)
    C:Windowssystem32WLANExt.exe (ID: 1720 |ParentID: 1096)
    C:Windowssystem32conhost.exe (ID: 1728 |ParentID: 684)
    C:WindowsSystem32spoolsv.exe (ID: 1804 |ParentID: 804)
    C:Windowssystem32svchost.exe (ID: 1836 |ParentID: 804)
    C:Program Files (x86)Common FilesAdobeARM1.0armsvc.exe (ID: 1928 |ParentID: 804)
    C:Program FilesIDTWDMAESTSr64.exe (ID: 1956 |ParentID: 804)
    C:Program Files (x86)Common FilesAppleMobile Device SupportAppleMobileDeviceService.exe (ID: 1988 |ParentID: 804)
    C:Program Files (x86)Bluetooth SuiteAth_CoexAgent.exe (ID: 1512 |ParentID: 804)
    C:Program Files (x86)Bluetooth Suiteadminservice.exe (ID: 1568 |ParentID: 804)
    C:Program Files (x86)AVGAVG2013avgfws.exe (ID: 1700 |ParentID: 804)
    C:Program Files (x86)AVGAVG2013avgwdsvc.exe (ID: 1548 |ParentID: 804)
    C:Program FilesBonjourmDNSResponder.exe (ID: 2108 |ParentID: 804)
    C:Program Files (x86)SkypeToolbarsAutoUpdateSkypeC2CAutoUpdateSvc.exe (ID: 2172 |ParentID: 804)
    C:Program FilesHewlett-PackardHP Client ServicesHPClientServices.exe (ID: 2244 |ParentID: 804)
    C:Program Files (x86)Hewlett-PackardSharedHPDrvMntSvc.exe (ID: 2376 |ParentID: 804)
    C:Program Files (x86)Hewlett-PackardHP Quick LaunchHPWMISVC.exe (ID: 2444 |ParentID: 804)
    C:Program Files (x86)Microsoft Application Virtualization Clientsftvsa.exe (ID: 2844 |ParentID: 804)
    C:Windowssystem32svchost.exe (ID: 2992 |ParentID: 804)
    C:Program Files (x86)Common FilesAVG Secure SearchvToolbarUpdater18.1.0ToolbarUpdater.exe (ID: 3068 |ParentID: 804)
    C:Program FilesWestern DigitalWD SmartWareWDDMService.exe (ID: 2332 |ParentID: 804)
    C:Program FilesWestern DigitalWD SmartWareWDRulesEngine.exe (ID: 2840 |ParentID: 804)
    C:Program Files (x86)Common FilesAVG Secure SearchvToolbarUpdater18.1.0loggingserver.exe (ID: 2884 |ParentID: 3068)
    C:Windowssystem32conhost.exe (ID: 3020 |ParentID: 684)
    C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSVC.EXE (ID: 3116 |ParentID: 804)
    C:Program Files (x86)Microsoft Application Virtualization Clientsftlist.exe (ID: 3164 |ParentID: 804)
    C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSvcM.exe (ID: 3264 |ParentID: 3116)
    C:Program FilesWestern DigitalWD SmartWareWDFME.exe (ID: 3464 |ParentID: 804)
    C:Program Files (x86)Common FilesMicrosoft SharedVirtualization HandlerCVHSVC.EXE (ID: 3508 |ParentID: 804)
    C:Windowssystem32svchost.exe (ID: 3716 |ParentID: 804)
    C:Windowssystem32svchost.exe (ID: 3776 |ParentID: 804)
    C:WindowsSystem32alg.exe (ID: 3820 |ParentID: 804)
    C:Windowssystem32svchost.exe (ID: 3996 |ParentID: 804)
    C:Windowssystem32atieclxx.exe (ID: 4360 |ParentID: 1028)
    C:Windowssystem32taskhost.exe (ID: 4636 |ParentID: 804)
    C:Windowssystem32Dwm.exe (ID: 4720 |ParentID: 1096)
    C:WindowsExplorer.EXE (ID: 4744 |ParentID: 4712)
    C:Windowssystem32taskeng.exe (ID: 3640 |ParentID: 1164)
    C:Program Files (x86)CyberLinkYouCamYCMMirage.exe (ID: 4840 |ParentID: 3640)
    C:Program FilesSynapticsSynTPSynTPEnh.exe (ID: 4820 |ParentID: 4744)
    C:Program FilesIDTWDMsttray64.exe (ID: 4800 |ParentID: 4744)
    C:Program Files (x86)Bluetooth SuiteBtvStack.exe (ID: 4808 |ParentID: 4744)
    C:Program Files (x86)Bluetooth SuiteAthBtTray.exe (ID: 4784 |ParentID: 4744)
    C:Program FilesWestern DigitalWD SmartWareWDDMStatus.exe (ID: 4996 |ParentID: 4744)
    C:Program Files (x86)Hewlett-PackardHP QuickWebhpqwutils.exe (ID: 5128 |ParentID: 5040)
    C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe (ID: 5184 |ParentID: 5040)
    C:Program Files (x86)Hewlett-PackardHP CoolSenseCoolSense.exe (ID: 5216 |ParentID: 5040)
    C:Windowssystem32SearchIndexer.exe (ID: 5264 |ParentID: 804)
    C:PROGRAM FILESSYNAPTICSSYNTPSYNTPHELPER.EXE (ID: 5304 |ParentID: 1600)
    C:Program Files (x86)AVG Secure Searchvprot.exe (ID: 5312 |ParentID: 5040)
    C:Program Files (x86)Hewlett-PackardHP On Screen DisplayHPOSD.exe (ID: 5348 |ParentID: 5040)
    C:Program Files (x86)Hewlett-PackardHP Quick LaunchHPMSGSVC.exe (ID: 5428 |ParentID: 5040)
    C:Program Files (x86)iTunesiTunesHelper.exe (ID: 5456 |ParentID: 5040)
    C:Program Files (x86)Hewlett-PackardSharedhpqWmiEx.exe (ID: 5472 |ParentID: 804)
    C:Program Files (x86)AVGAVG2013avgui.exe (ID: 5488 |ParentID: 5040)
    C:Windowssystem32wbemwmiprvse.exe (ID: 5560 |ParentID: 992)
    C:Program FilesiPodbiniPodService.exe (ID: 6004 |ParentID: 804)
    C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticMOM.exe (ID: 6164 |ParentID: 3096)
    C:Program Files (x86)Hewlett-PackardHP Support Frameworkhpsa_service.exe (ID: 6284 |ParentID: 804)
    C:Program FilesWindows Media Playerwmpnetwk.exe (ID: 6748 |ParentID: 804)
    C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticCCC.exe (ID: 6836 |ParentID: 6164)
    C:WindowsMicrosoft.NetFramework64v3.0WPFPresentationFontCache.exe (ID: 4644 |ParentID: 804)
    C:Program FilesAVAST SoftwareAvastAvastSvc.exe (ID: 4396 |ParentID: 804)
    C:Program Files (x86)MicrosoftBingBar7.3.132.0SeaPort.exe (ID: 6576 |ParentID: 804)
    C:Program FilesAVAST SoftwareAvastavastUi.exe (ID: 3936 |ParentID: 4744)
    C:Windowssystem32svchost.exe (ID: 5772 |ParentID: 804)
    C:Program FilesInternet Exploreriexplore.exe (ID: 4824 |ParentID: 4744)
    C:Windowssystem32MacromedFlashFlashUtil64_13_0_0_206_ActiveX.exe (ID: 980 |ParentID: 992)
    C:Program Files (x86)Internet ExplorerIEXPLORE.EXE (ID: 7636 |ParentID: 4824)
    C:Program Files (x86)Internet ExplorerIEXPLORE.EXE (ID: 4112 |ParentID: 4824)
    C:Program Files (x86)Stellar Phoenix Photo RecoveryStellarPhoenixPhotoRecovery.exe (ID: 8424 |ParentID: 9136)
    C:Windowssystem32taskhost.exe (ID: 8824 |ParentID: 804)
    C:Program Files (x86)Internet ExplorerIEXPLORE.EXE (ID: 13272 |ParentID: 4824)
    C:Windowssystem32wbemwmiprvse.exe (ID: 444 |ParentID: 992)
    C:Windowssystem32rundll32.exe (ID: 7780 |ParentID: 804)
    C:WindowsSysWOW64rundll32.exe (ID: 13344 |ParentID: 7780)
    C:Program FilesRecuvarecuva64.exe (ID: 12880 |ParentID: 8744)
    C:Program Files (x86)Internet ExplorerIEXPLORE.EXE (ID: 2284 |ParentID: 4824)
    C:WindowsSystem32svchost.exe (ID: 4908 |ParentID: 804)
    C:PROGRA~2SearchProtectMainbinCltMngSvc.exe (ID: 7764 |ParentID: 804)
    C:PROGRA~2SearchProtectSearchProtectbincltmng.exe (ID: 4172 |ParentID: 7764)
    C:PROGRA~2SearchProtectUIbincltmngui.exe (ID: 2892 |ParentID: 7764)
    C:Program Files (x86)Internet ExplorerIEXPLORE.EXE (ID: 1264 |ParentID: 4824)
    C:Program Files (x86)Internet ExplorerIEXPLORE.EXE (ID: 12032 |ParentID: 4824)
    C:Windowssystem32vssvc.exe (ID: 11972 |ParentID: 804)
    C:WindowsSystem32WUDFHost.exe (ID: 13100 |ParentID: 1096)
    C:Windowssystem32SearchProtocolHost.exe (ID: 9196 |ParentID: 5264)
    C:WindowsSystem32svchost.exe (ID: 3152 |ParentID: 804)
    C:Windowssystem32taskeng.exe (ID: 9400 |ParentID: 1164)
    C:Program Files (x86)GoogleUpdateGoogleUpdate.exe (ID: 12228 |ParentID: 9400)
    C:Windowssystem32SearchFilterHost.exe (ID: 9224 |ParentID: 5264)
    C:Program Files (x86)Common FilesAVG Secure SearchScriptHelperInstaller18.1.0ScriptHelper.exe (ID: 15068 |ParentID: 992)

    ################## | Regedit Run |

    F2 – HKLM..Winlogon : [Shell] explorer.exe
    F2 – [x64] HKLM..Winlogon : [Shell] explorer.exe
    F2 – HKLM..Winlogon : [Userinit] userinit.exe
    F2 – [x64] HKLM..Winlogon : [Userinit] C:Windowssystem32userinit.exe,
    04 – HKCU..Run : [Google Update] “C:UsersJessicaAppDataLocalGoogleUpdateGoogleUpdate.exe” /c
    04 – HKCU..Run : [GoogleDriveSync] “C:Program Files (x86)GoogleDrivegoogledrivesync.exe” /autostart
    04 – HKCU..Run : [Optimizer Pro] C:Program Files (x86)Optimizer ProOptProLauncher.exe
    04 – HKCU..RunOnce : [Uninstall C:UsersJessicaAppDataLocalMicrosoftSkyDrive16.4.6010.0727amd64] C:Windowssystem32cmd.exe /q /c rmdir /s /q “C:UsersJessicaAppDataLocalMicrosoftSkyDrive16.4.6010.0727amd64”
    04 – HKCU..RunOnce : [Uninstall C:UsersJessicaAppDataLocalMicrosoftSkyDrive16.4.6013.0910amd64] C:Windowssystem32cmd.exe /q /c rmdir /s /q “C:UsersJessicaAppDataLocalMicrosoftSkyDrive16.4.6013.0910amd64”
    04 – HKCU..RunOnce : [Uninstall C:UsersJessicaAppDataLocalMicrosoftSkyDrive17.0.2003.1112amd64] C:Windowssystem32cmd.exe /q /c rmdir /s /q “C:UsersJessicaAppDataLocalMicrosoftSkyDrive17.0.2003.1112amd64”
    04 – HKCU..RunOnce : [Uninstall C:UsersJessicaAppDataLocalMicrosoftSkyDrive17.0.2006.0314amd64] C:Windowssystem32cmd.exe /q /c rmdir /s /q “C:UsersJessicaAppDataLocalMicrosoftSkyDrive17.0.2006.0314amd64”
    04 – HKCU..RunOnce : [Uninstall C:UsersJessicaAppDataLocalMicrosoftSkyDrive17.0.2010.0530amd64] C:Windowssystem32cmd.exe /q /c rmdir /s /q “C:UsersJessicaAppDataLocalMicrosoftSkyDrive17.0.2010.0530amd64”
    04 – HKCU..RunOnce : [Uninstall C:UsersJessicaAppDataLocalMicrosoftSkyDrive17.0.2011.0627amd64] C:Windowssystem32cmd.exe /q /c rmdir /s /q “C:UsersJessicaAppDataLocalMicrosoftSkyDrive17.0.2011.0627amd64”
    04 – HKCU..RunOnce : [Uninstall C:UsersJessicaAppDataLocalMicrosoftSkyDrive17.0.2015.0811amd64] C:Windowssystem32cmd.exe /q /c rmdir /s /q “C:UsersJessicaAppDataLocalMicrosoftSkyDrive17.0.2015.0811amd64”
    04 – HKLM..Run : [StartCCC] “C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticCLIStart.exe” MSRun
    04 – HKLM..Run : [HPQuickWebProxy] “C:Program Files (x86)Hewlett-PackardHP QuickWebhpqwutils.exe”
    04 – HKLM..Run : [Adobe Reader Speed Launcher] “C:Program Files (x86)AdobeReader 10.0ReaderReader_sl.exe”
    04 – HKLM..Run : [Adobe ARM] “C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe”
    04 – HKLM..Run : [HP CoolSense] C:Program Files (x86)Hewlett-PackardHP CoolSenseCoolSense.exe -byrunkey
    04 – HKLM..Run : [vProt] “C:Program Files (x86)AVG Secure Searchvprot.exe”
    04 – HKLM..Run : [HPOSD] C:Program Files (x86)Hewlett-PackardHP On Screen DisplayHPOSD.exe
    04 – HKLM..Run : [HP Quick Launch] C:Program Files (x86)Hewlett-PackardHP Quick LaunchHPMSGSVC.exe
    04 – HKLM..Run : [APSDaemon] “C:Program Files (x86)Common FilesAppleApple Application SupportAPSDaemon.exe”
    04 – HKLM..Run : [iTunesHelper] “C:Program Files (x86)iTunesiTunesHelper.exe”
    04 – HKLM..Run : [AVG_UI] “C:Program Files (x86)AVGAVG2013avgui.exe” /TRAYONLY
    04 – HKLM..Run : [AvastUI.exe] “C:Program FilesAVAST SoftwareAvastAvastUI.exe” /nogui
    04 – HKLM..RunOnce : []
    04 – [x64] HKLM..Run : [SynTPEnh] %ProgramFiles%SynapticsSynTPSynTPEnh.exe
    04 – [x64] HKLM..Run : [SysTrayApp] C:Program FilesIDTWDMsttray64.exe
    04 – [x64] HKLM..Run : [AtherosBtStack] “C:Program Files (x86)Bluetooth SuiteBtvStack.exe”
    04 – [x64] HKLM..Run : [AthBtTray] “C:Program Files (x86)Bluetooth SuiteAthBtTray.exe”
    04 – [x64] HKLM..Run : [WD Quick View] C:Program FilesWestern DigitalWD SmartWareWDDMStatus.exe
    04 – [x64] HKLM..Run : [SetDefault] C:Program FilesHewlett-PackardHP LaunchBoxSetDefault.exe
    04 – HKUS-1-5-19..Run : [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /autoRun
    04 – HKUS-1-5-20..Run : [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /autoRun
    04 – HKUS-1-5-21-649728891-3363985204-2905521757-1000..Run : [Google Update] “C:UsersJessicaAppDataLocalGoogleUpdateGoogleUpdate.exe” /c
    04 – HKUS-1-5-21-649728891-3363985204-2905521757-1000..Run : [GoogleDriveSync] “C:Program Files (x86)GoogleDrivegoogledrivesync.exe” /autostart
    04 – HKUS-1-5-21-649728891-3363985204-2905521757-1000..Run : [Optimizer Pro] C:Program Files (x86)Optimizer ProOptProLauncher.exe
    04 – HKUS-1-5-19..RunOnce : [mctadmin] C:WindowsSystem32mctadmin.exe
    04 – HKUS-1-5-20..RunOnce : [mctadmin] C:WindowsSystem32mctadmin.exe
    04 – HKUS-1-5-21-649728891-3363985204-2905521757-1000..RunOnce : [Uninstall C:UsersJessicaAppDataLocalMicrosoftSkyDrive16.4.6010.0727amd64] C:Windowssystem32cmd.exe /q /c rmdir /s /q “C:UsersJessicaAppDataLocalMicrosoftSkyDrive16.4.6010.0727amd64”
    04 – HKUS-1-5-21-649728891-3363985204-2905521757-1000..RunOnce : [Uninstall C:UsersJessicaAppDataLocalMicrosoftSkyDrive16.4.6013.0910amd64] C:Windowssystem32cmd.exe /q /c rmdir /s /q “C:UsersJessicaAppDataLocalMicrosoftSkyDrive16.4.6013.0910amd64”
    04 – HKUS-1-5-21-649728891-3363985204-2905521757-1000..RunOnce : [Uninstall C:UsersJessicaAppDataLocalMicrosoftSkyDrive17.0.2003.1112amd64] C:Windowssystem32cmd.exe /q /c rmdir /s /q “C:UsersJessicaAppDataLocalMicrosoftSkyDrive17.0.2003.1112amd64”
    04 – HKUS-1-5-21-649728891-3363985204-2905521757-1000..RunOnce : [Uninstall C:UsersJessicaAppDataLocalMicrosoftSkyDrive17.0.2006.0314amd64] C:Windowssystem32cmd.exe /q /c rmdir /s /q “C:UsersJessicaAppDataLocalMicrosoftSkyDrive17.0.2006.0314amd64”
    04 – HKUS-1-5-21-649728891-3363985204-2905521757-1000..RunOnce : [Uninstall C:UsersJessicaAppDataLocalMicrosoftSkyDrive17.0.2010.0530amd64] C:Windowssystem32cmd.exe /q /c rmdir /s /q “C:UsersJessicaAppDataLocalMicrosoftSkyDrive17.0.2010.0530amd64”
    04 – HKUS-1-5-21-649728891-3363985204-2905521757-1000..RunOnce : [Uninstall C:UsersJessicaAppDataLocalMicrosoftSkyDrive17.0.2011.0627amd64] C:Windowssystem32cmd.exe /q /c rmdir /s /q “C:UsersJessicaAppDataLocalMicrosoftSkyDrive17.0.2011.0627amd64”
    04 – HKUS-1-5-21-649728891-3363985204-2905521757-1000..RunOnce : [Uninstall C:UsersJessicaAppDataLocalMicrosoftSkyDrive17.0.2015.0811amd64] C:Windowssystem32cmd.exe /q /c rmdir /s /q “C:UsersJessicaAppDataLocalMicrosoftSkyDrive17.0.2015.0811amd64”

    ################## | Generic Research |

    ################## | Registry |

    ################## | E.O.F | http://www.en.usbfix.net/” onclick=”window.open(this.href);return false; – https://www.sosvirus.net” onclick=”window.open(this.href);return false; |

    Anonyme
    Nombre d'articles : 0

    Hello :hello: ,

    Bienvenue sur SosVirus :welcome:

    • Lance UsbFix.
    • Connecte les supports USB Susceptibles d’être infectés.
    • Choisis l’option Suppression

      Note : L’ordinateur va redémarrer automatiquement, au redémarrage, clique sur le message transmis par UsbFix et laisse le programme travailler.

    • Copie et Colle le contenu du rapport qui apparaît à la fin du scan dans ta prochaine réponse.
    • Tutoriel : http://www.usbfix.net/tutoriels/” onclick=”window.open(this.href);return false;
2 sujets de 1 à 2 (sur un total de 2)
  • Vous devez être connecté pour répondre à ce sujet.