Voici le rapport 2015-02-25T13:34:08+00:00
  • Auteur
    Messages
  • Photo du profil de RhauRhau
    Participant
    Nombre d'articles : 2

    ############################## | UsbFix V 7.900 | [Nettoyage]

    Utilisateur: Ma Fille (Administrateur) # MAFILLE-PC
    Mis à jour le 23/02/2015 par El Desaparecido – SosVirus
    Lancé à 13:15:44 | 25/02/2015

    Site Web : http://www.usbfix.net/
    Changelog : http://www.usbfix.net/maj/
    Assistance : https://www.sosvirus.net/aide-nettoyage-pc/
    Détection en Live : http://comment-supprimer.fr/
    Contact : http://www.usbfix.net/contact/

    ################## | System information |

    MB: TOSHIBA (Portable PC)
    CPU: Intel(R) Pentium(R) Dual CPU T3400 @ 2.16GHz
    GC: Famille de jeu de puces Express Mobile Intel(R) 45 (Microsoft Corporation – WDDM 1.1)
    RAM -> [Total : 2940 Mo | Free : 1441 Mo]
    Bios: INSYDE
    Boot: Normal boot

    OS: Microsoft™ Windows 7 Professional (6.1.7600 32-Bit)
    WB: Internet Explorer : 8.00.7600.16385
    WB: Google Chrome : 40.0.2214.115
    WB: Mozilla Firefox : 27.0.1

    ################## | Security Information |

    AS: Windows Defender [(!) Désactivé |(!) Non à jour]
    FW: Windows Firewall [Actif]
    SC: Security Center [Actif]
    WU: Windows Update [Actif]

    ################## | Disk Information |

    C: (%SystemDrive%) -> Disque fixe # 116 Go (5 Go libre(s) – 4%) [] # NTFS
    D: -> Disque fixe # 115 Go (108 Go libre(s) – 94%) [] # NTFS
    H: -> Disque amovible # 7 Go (7 Go libre(s) – 94%) [8GO] # FAT32

    ################## | Recherche générique |

    (!) Fichiers temporaires supprimés. (419.407752990723 MB)

    ################## | Registre |

    ################## | Regedit Run |

    F2 – HKLM..Winlogon : [Shell] explorer.exe
    F2 – HKLM..Winlogon : [Userinit] C:Windowssystem32userinit.exe,
    04 – HKCU..Run : [MediaDico9] C:Program FilesMicro Application9 DICOS IndispensablesLanceMediaDICO9.exe Lancement
    04 – HKCU..Run : [MediaDICO36] C:Program FilesMicro Application36 Dictionnaires et Recueils de CorrespondanceLanceMediaDICO36.exe Lancement
    04 – HKCU..Run : [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] “C:Program FilesCommon FilesNeroLibNMBgMonitor.exe”
    04 – HKCU..Run : [SuperCopier2.exe] C:Program FilesSuperCopier2SuperCopier2.exe
    04 – HKCU..Run : [Badoo Desktop] C:ProgramDataBadooBadoo Desktop1.6.58.1220Badoo.Desktop.exe
    04 – HKCU..Run : [Google Update] “C:UsersMa FilleAppDataLocalGoogleUpdateGoogleUpdate.exe” /c
    04 – HKCU..Run : [Google+ Auto Backup] “C:UsersMa FilleAppDataLocalProgramsGoogleGoogle+ Auto BackupGoogle+ Auto Backup.exe” /autostart
    04 – HKCU..Run : [Skype] “C:Program FilesSkypePhoneSkype.exe” /minimized /regrun
    04 – HKCU..Run : [axoleoyt] C:UsersMa Filleaxoleoyt.exe
    04 – HKCU..Run : [kiadu] C:UsersMa Filleudaikkiadu.exe /f
    04 – HKCU..Run : [Free Download Manager] C:Program FilesFree Download Managerfdm.exe -autorun
    04 – HKCU..Run : [Software Informer] “C:Program FilesSoftware Informersoftinfo.exe” -autorun
    04 – HKCU..Run : [Twoo] “C:UsersMa FilleAppDataRoamingMassive MediaTwoo.exe”
    04 – HKCU..Run : [Sidebar] C:Program FilesWindows Sidebarsidebar.exe /autoRun
    04 – HKCU..Run : [IDMan] C:Program FilesInternet Download ManagerIDMan.exe /onboot
    04 – HKCU..Run : [Eztion] regsvr32.exe “C:UsersMa FilleAppDataLocalEztionwxpmod.dll”
    04 – HKCU..Run : [Eltion] C:WindowsSystem32regsvr32.exe “C:UsersMa FilleAppDataLocalYZPackAsusSpi.dll”
    04 – HKCU..Run : [{2e6d463c-300e-e90d-f0c8-9741e75cc23c}] “C:UsersMa FilleAppDataLocal{2e6d463c-300e-e90d-f0c8-9741e75cc23c}{2e6d463c-300e-e90d-f0c8-9741e75cc23c}.exe”
    04 – HKCU..Run : [{E67F658C-7484-E34B-4B58-278E77F36967}] “C:UsersMa FilleAppDataRoamingYvygulaf.exe”
    04 – HKCU..Run : [CrashReportVerifyer] C:UsersMAFILL~1AppDataLocalTemptemp809292490.exe
    04 – HKCU..Run : [TimeNotifyer] C:UsersMa FilleAppDataLocalTemptemp809292490.exe
    04 – HKCU..Run : [integrated_temperature] C:Program FilesAdobeReader 10.0ReaderServicesbuck_controllercentral_processing_unit.exe
    04 – HKLM..Run : [NeroFilterCheck] C:Program FilesCommon FilesNeroLibNeroCheck.exe
    04 – HKLM..Run : [NBKeyScan] “C:Program FilesNeroNero8Nero BackItUpNBKeyScan.exe”
    04 – HKLM..Run : [autodetect] C:Windowssystem32SupportAppXLAutoDect.exe
    04 – HKLM..Run : [Adobe ARM] “C:Program FilesCommon FilesAdobeARM1.0AdobeARM.exe”
    04 – HKLM..Run : [APSDaemon] “C:Program FilesCommon FilesAppleApple Application SupportAPSDaemon.exe”
    04 – HKLM..Run : [BCSSync] “C:Program FilesMicrosoft OfficeOffice14BCSSync.exe” /DelayServices
    04 – HKLM..Run : [{e1b0a12d-d557-6eda-8ae7-0b56607bc49b}] “C:ProgramDataMicrosoft{e1b0a12d-d557-6eda-8ae7-0b56607bc49b}{e1b0a12d-d557-6eda-8ae7-0b56607bc49b}.exe”
    04 – HKLM..Run : [iTunesHelper] “C:Program FilesiTunesiTunesHelper.exe”
    04 – HKLM..Run : [{08f2d84b-fdce-59ad-2f25-8a5a0b1aa51d}] “C:ProgramDataMicrosoft{08f2d84b-fdce-59ad-2f25-8a5a0b1aa51d}{08f2d84b-fdce-59ad-2f25-8a5a0b1aa51d}.exe”
    04 – HKLM..PoliciesExplorerrun : [{e1b0a12d-d557-6eda-8ae7-0b56607bc49b}] “C:ProgramDataMicrosoft{e1b0a12d-d557-6eda-8ae7-0b56607bc49b}{e1b0a12d-d557-6eda-8ae7-0b56607bc49b}.exe”
    04 – HKLM..PoliciesExplorerrun : [{08f2d84b-fdce-59ad-2f25-8a5a0b1aa51d}] “C:ProgramDataMicrosoft{08f2d84b-fdce-59ad-2f25-8a5a0b1aa51d}{08f2d84b-fdce-59ad-2f25-8a5a0b1aa51d}.exe”
    04 – HKUS-1-5-19..Run : [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /autoRun
    04 – HKUS-1-5-20..Run : [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /autoRun
    04 – HKUS-1-5-21-3400711505-3739466834-3293508132-1000..Run : [MediaDico9] C:Program FilesMicro Application9 DICOS IndispensablesLanceMediaDICO9.exe Lancement
    04 – HKUS-1-5-21-3400711505-3739466834-3293508132-1000..Run : [MediaDICO36] C:Program FilesMicro Application36 Dictionnaires et Recueils de CorrespondanceLanceMediaDICO36.exe Lancement
    04 – HKUS-1-5-21-3400711505-3739466834-3293508132-1000..Run : [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] “C:Program FilesCommon FilesNeroLibNMBgMonitor.exe”
    04 – HKUS-1-5-21-3400711505-3739466834-3293508132-1000..Run : [SuperCopier2.exe] C:Program FilesSuperCopier2SuperCopier2.exe
    04 – HKUS-1-5-21-3400711505-3739466834-3293508132-1000..Run : [Badoo Desktop] C:ProgramDataBadooBadoo Desktop1.6.58.1220Badoo.Desktop.exe
    04 – HKUS-1-5-21-3400711505-3739466834-3293508132-1000..Run : [Google Update] “C:UsersMa FilleAppDataLocalGoogleUpdateGoogleUpdate.exe” /c
    04 – HKUS-1-5-21-3400711505-3739466834-3293508132-1000..Run : [Google+ Auto Backup] “C:UsersMa FilleAppDataLocalProgramsGoogleGoogle+ Auto BackupGoogle+ Auto Backup.exe” /autostart
    04 – HKUS-1-5-21-3400711505-3739466834-3293508132-1000..Run : [Skype] “C:Program FilesSkypePhoneSkype.exe” /minimized /regrun
    04 – HKUS-1-5-21-3400711505-3739466834-3293508132-1000..Run : [axoleoyt] C:UsersMa Filleaxoleoyt.exe
    04 – HKUS-1-5-21-3400711505-3739466834-3293508132-1000..Run : [kiadu] C:UsersMa Filleudaikkiadu.exe /f
    04 – HKUS-1-5-21-3400711505-3739466834-3293508132-1000..Run : [Free Download Manager] C:Program FilesFree Download Managerfdm.exe -autorun
    04 – HKUS-1-5-21-3400711505-3739466834-3293508132-1000..Run : [Software Informer] “C:Program FilesSoftware Informersoftinfo.exe” -autorun
    04 – HKUS-1-5-21-3400711505-3739466834-3293508132-1000..Run : [fsm]
    04 – HKUS-1-5-21-3400711505-3739466834-3293508132-1000..Run : [Twoo] “C:UsersMa FilleAppDataRoamingMassive MediaTwoo.exe”
    04 – HKUS-1-5-21-3400711505-3739466834-3293508132-1000..Run : [Sidebar] C:Program FilesWindows Sidebarsidebar.exe /autoRun
    04 – HKUS-1-5-21-3400711505-3739466834-3293508132-1000..Run : [IDMan] C:Program FilesInternet Download ManagerIDMan.exe /onboot
    04 – HKUS-1-5-21-3400711505-3739466834-3293508132-1000..Run : [Eztion] regsvr32.exe “C:UsersMa FilleAppDataLocalEztionwxpmod.dll”
    04 – HKUS-1-5-21-3400711505-3739466834-3293508132-1000..Run : [Eltion] C:WindowsSystem32regsvr32.exe “C:UsersMa FilleAppDataLocalYZPackAsusSpi.dll”
    04 – HKUS-1-5-21-3400711505-3739466834-3293508132-1000..Run : [{2e6d463c-300e-e90d-f0c8-9741e75cc23c}] “C:UsersMa FilleAppDataLocal{2e6d463c-300e-e90d-f0c8-9741e75cc23c}{2e6d463c-300e-e90d-f0c8-9741e75cc23c}.exe”
    04 – HKUS-1-5-21-3400711505-3739466834-3293508132-1000..Run : [{E67F658C-7484-E34B-4B58-278E77F36967}] “C:UsersMa FilleAppDataRoamingYvygulaf.exe”
    04 – HKUS-1-5-21-3400711505-3739466834-3293508132-1000..Run : [CrashReportVerifyer] C:UsersMAFILL~1AppDataLocalTemptemp809292490.exe
    04 – HKUS-1-5-21-3400711505-3739466834-3293508132-1000..Run : [TimeNotifyer] C:UsersMa FilleAppDataLocalTemptemp809292490.exe
    04 – HKUS-1-5-21-3400711505-3739466834-3293508132-1000..Run : [integrated_temperature] C:Program FilesAdobeReader 10.0ReaderServicesbuck_controllercentral_processing_unit.exe
    04 – HKUS-1-5-18..Run : [YZPack] C:Windowssystem32configsystemprofileAppDataLocalYZPack80527.exe
    04 – HKUS-1-5-18..Run : [Eztion] regsvr32.exe C:Windowssystem32configsystemprofileAppDataLocalEztionCNHL210.dll
    04 – HKUS-1-5-18..Run : [Eltion] C:WindowsSystem32regsvr32.exe C:Windowssystem32configsystemprofileAppDataLocalYZPackCNBJOP8m.DLL
    04 – HKUS-1-5-19..RunOnce : [mctadmin] C:WindowsSystem32mctadmin.exe
    04 – HKUS-1-5-20..RunOnce : [mctadmin] C:WindowsSystem32mctadmin.exe
    04GS – DipisoftUpdate.lnk : C:Program FilesDipisoftDUpdate.exe
    04GS – kiadu.lnk : C:UsersMa Filleudaikkiadu.exe
    04GS – OneNote 2010 – Capture d’écran et lancement.lnk : C:Program FilesMicrosoft OfficeOffice14ONENOTEM.EXE
    04GS – ImmersiveExplorer.lnk : C:SkinPackImmersiveExplorerImmersive Explorer.exe
    04GS – MetroSidebar.lnk : C:SkinPackMetroSidebarMetroSidebar.exe
    04GS – StartMenu.lnk : C:SkinPackStartMenuStartMenuReviver.exe

    ################## | UsbFix – Information |

    Info : Comment supprimer l’infection des raccourcis sur USB ? (Video)
    Info : L’infection des raccourcis USB, c’est quoi ?
    Détection en Live : http://comment-supprimer.fr/

    ################## | Hijack |

    ################## | C: %SystemDrive% – Disque Fixe (NTFS) |

    [23/01/2015 – 15:50:41 | D] – C:DVD Ram.temp
    [10/06/2009 – 22:42:20 | A | 0 Ko] – C:config.sys
    [22/05/2014 – 21:38:52 | RASH | 0 Ko] – C:IO.SYS
    [22/05/2014 – 21:38:52 | RASH | 0 Ko] – C:MSDOS.SYS
    [25/02/2015 – 13:04:41 | ASH | 2257916 Ko] – C:hiberfil.sys
    [25/02/2015 – 13:04:44 | ASH | 3010556 Ko] – C:pagefile.sys
    [20/05/2014 – 23:07:07 | SHD] – C:$Recycle.Bin
    [10/06/2009 – 22:42:20 | A | 0 Ko] – C:autoexec.bat
    [21/05/2014 – 01:00:05 | RASH | 8 Ko] – C:BOOTSECT.BAK
    [14/07/2009 – 02:38:58 | RASH | 375 Ko] – C:bootmgr
    [14/07/2009 – 03:37:05 | D] – C:PerfLogs
    [14/07/2009 – 05:53:55 | SHD] – C:Documents and Settings
    [20/05/2014 – 23:06:42 | SHD] – C:Recovery
    [20/05/2014 – 23:06:51 | RD] – C:Users
    [20/05/2014 – 23:17:41 | RHD] – C:MSOCache
    [20/05/2014 – 23:23:36 | N | 200 Ko] – C:grldr
    [21/05/2014 – 01:00:03 | SHD] – C:Boot
    [19/11/2014 – 16:04:45 | D] – C:Downloads
    [17/12/2014 – 10:53:21 | D] – C:W7P_Backups
    [30/12/2014 – 12:25:09 | D] – C:SkinPack
    [10/02/2015 – 11:45:13 | D] – C:smartcaisse
    [16/02/2015 – 11:07:36 | RD] – C:Program Files
    [16/02/2015 – 11:11:07 | D] – C:Windows
    [25/02/2015 – 13:06:49 | HD] – C:ProgramData
    [25/02/2015 – 13:09:03 | D] – C:UsbFix
    [25/02/2015 – 13:11:01 | D] – C:[Smad-Cage]

    ################## | D: – Disque Fixe (NTFS) |

    [22/05/2014 – 11:37:54 | N | 3 Ko] – D:AlbumArtSmall.jpg
    [22/05/2014 – 11:37:54 | N | 3 Ko] – D:AlbumArt_{C26BF83A-EC9B-441E-9DEF-5107C551C4C9}_Small.jpg
    [22/05/2014 – 11:38:06 | N | 13 Ko] – D:AlbumArt_{C26BF83A-EC9B-441E-9DEF-5107C551C4C9}_Large.jpg
    [22/05/2014 – 11:38:06 | N | 13 Ko] – D:Folder.jpg
    [22/05/2014 – 11:38:06 | SH | 0 Ko] – D:desktop.ini
    [23/12/2013 – 09:53:06 | A | 21475 Ko] – D:twiga.exe
    [26/02/2014 – 11:05:22 | A | 20546 Ko] – D:WARNING.exe
    [26/02/2014 – 12:05:22 | A | 20546 Ko] – D:twiga (2).exe
    [20/05/2014 – 23:07:07 | SHD] – D:$RECYCLE.BIN
    [30/12/2014 – 16:17:57 | SHD] – D:Recycler
    [02/01/2015 – 19:41:01 | D] – D:Nouveau dossier
    [23/01/2015 – 15:52:39 | D] – D:Disc externe
    [13/02/2015 – 13:41:39 | D] – D:OFFICE 2010

    ################## | H: – Disque USB (FAT32) |

    [20/02/2015 – 12:16:32 | D] – H:.Trashes
    [20/02/2015 – 12:16:32 | N | 4 Ko] – H:._.Trashes
    [20/02/2015 – 12:17:12 | D] – H:.TemporaryItems
    [20/02/2015 – 12:17:12 | N | 4 Ko] – H:._.TemporaryItems
    [20/02/2015 – 12:16:34 | D] – H:.Spotlight-V100
    [20/02/2015 – 12:16:32 | D] – H:.fseventsd
    [23/08/2014 – 12:04:58 | A | 96 Ko] – [VirusTotal – (49/56)] – H:Money.exe
    [23/08/2014 – 12:04:58 | A | 96 Ko] – [VirusTotal – (49/56)] – H:Sex.exe
    [23/08/2014 – 12:04:58 | A | 96 Ko] – [VirusTotal – (49/56)] – H:Love You.exe
    [23/08/2014 – 12:04:58 | A | 96 Ko] – [VirusTotal – (49/56)] – H:Nude.exe
    [29/05/2014 – 22:39:20 | D] – H:Office 2007

    ################## | Vaccin |

    C:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
    D:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
    H:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)

    ################## | E.O.F | https://www.sosvirus.net/ | http://www.usbfix.net/ |

  • Photo du profil de jacques.gachejacques.gache
    Participant
    Nombre d'articles : 676

    bonjour, pourrais tu poster le rapport de usbfix !! merci

  • Photo du profil de RhauRhau
    Participant
    Nombre d'articles : 2

    @jacques.gache wrote:

    bonjour, pourrais tu poster le rapport de usbfix !! merci

    ############################## | UsbFix V 7.900 | [Nettoyage]

    Utilisateur: Ma Fille (Administrateur) # MAFILLE-PC
    Mis à jour le 23/02/2015 par El Desaparecido – SosVirus
    Lancé à 13:15:44 | 25/02/2015

    Site Web : http://www.usbfix.net/
    Changelog : http://www.usbfix.net/maj/
    Assistance : https://www.sosvirus.net/aide-nettoyage-pc/
    Détection en Live : http://comment-supprimer.fr/
    Contact : http://www.usbfix.net/contact/

    ################## | System information |

    MB: TOSHIBA (Portable PC)
    CPU: Intel(R) Pentium(R) Dual CPU T3400 @ 2.16GHz
    GC: Famille de jeu de puces Express Mobile Intel(R) 45 (Microsoft Corporation – WDDM 1.1)
    RAM -> [Total : 2940 Mo | Free : 1441 Mo]
    Bios: INSYDE
    Boot: Normal boot

    OS: Microsoft™ Windows 7 Professional (6.1.7600 32-Bit)
    WB: Internet Explorer : 8.00.7600.16385
    WB: Google Chrome : 40.0.2214.115
    WB: Mozilla Firefox : 27.0.1

    ################## | Security Information |

    AS: Windows Defender [(!) Désactivé |(!) Non à jour]
    FW: Windows Firewall [Actif]
    SC: Security Center [Actif]
    WU: Windows Update [Actif]

    ################## | Disk Information |

    C: (%SystemDrive%) -> Disque fixe # 116 Go (5 Go libre(s) – 4%) [] # NTFS
    D: -> Disque fixe # 115 Go (108 Go libre(s) – 94%) [] # NTFS
    H: -> Disque amovible # 7 Go (7 Go libre(s) – 94%) [8GO] # FAT32

    ################## | Recherche générique |

    (!) Fichiers temporaires supprimés. (419.407752990723 MB)

    ################## | Registre |

    ################## | Regedit Run |

    F2 – HKLM..Winlogon : [Shell] explorer.exe
    F2 – HKLM..Winlogon : [Userinit] C:Windowssystem32userinit.exe,
    04 – HKCU..Run : [MediaDico9] C:Program FilesMicro Application9 DICOS IndispensablesLanceMediaDICO9.exe Lancement
    04 – HKCU..Run : [MediaDICO36] C:Program FilesMicro Application36 Dictionnaires et Recueils de CorrespondanceLanceMediaDICO36.exe Lancement
    04 – HKCU..Run : [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] “C:Program FilesCommon FilesNeroLibNMBgMonitor.exe”
    04 – HKCU..Run : [SuperCopier2.exe] C:Program FilesSuperCopier2SuperCopier2.exe
    04 – HKCU..Run : [Badoo Desktop] C:ProgramDataBadooBadoo Desktop1.6.58.1220Badoo.Desktop.exe
    04 – HKCU..Run : [Google Update] “C:UsersMa FilleAppDataLocalGoogleUpdateGoogleUpdate.exe” /c
    04 – HKCU..Run : [Google+ Auto Backup] “C:UsersMa FilleAppDataLocalProgramsGoogleGoogle+ Auto BackupGoogle+ Auto Backup.exe” /autostart
    04 – HKCU..Run : [Skype] “C:Program FilesSkypePhoneSkype.exe” /minimized /regrun
    04 – HKCU..Run : [axoleoyt] C:UsersMa Filleaxoleoyt.exe
    04 – HKCU..Run : [kiadu] C:UsersMa Filleudaikkiadu.exe /f
    04 – HKCU..Run : [Free Download Manager] C:Program FilesFree Download Managerfdm.exe -autorun
    04 – HKCU..Run : [Software Informer] “C:Program FilesSoftware Informersoftinfo.exe” -autorun
    04 – HKCU..Run : [Twoo] “C:UsersMa FilleAppDataRoamingMassive MediaTwoo.exe”
    04 – HKCU..Run : [Sidebar] C:Program FilesWindows Sidebarsidebar.exe /autoRun
    04 – HKCU..Run : [IDMan] C:Program FilesInternet Download ManagerIDMan.exe /onboot
    04 – HKCU..Run : [Eztion] regsvr32.exe “C:UsersMa FilleAppDataLocalEztionwxpmod.dll”
    04 – HKCU..Run : [Eltion] C:WindowsSystem32regsvr32.exe “C:UsersMa FilleAppDataLocalYZPackAsusSpi.dll”
    04 – HKCU..Run : [{2e6d463c-300e-e90d-f0c8-9741e75cc23c}] “C:UsersMa FilleAppDataLocal{2e6d463c-300e-e90d-f0c8-9741e75cc23c}{2e6d463c-300e-e90d-f0c8-9741e75cc23c}.exe”
    04 – HKCU..Run : [{E67F658C-7484-E34B-4B58-278E77F36967}] “C:UsersMa FilleAppDataRoamingYvygulaf.exe”
    04 – HKCU..Run : [CrashReportVerifyer] C:UsersMAFILL~1AppDataLocalTemptemp809292490.exe
    04 – HKCU..Run : [TimeNotifyer] C:UsersMa FilleAppDataLocalTemptemp809292490.exe
    04 – HKCU..Run : [integrated_temperature] C:Program FilesAdobeReader 10.0ReaderServicesbuck_controllercentral_processing_unit.exe
    04 – HKLM..Run : [NeroFilterCheck] C:Program FilesCommon FilesNeroLibNeroCheck.exe
    04 – HKLM..Run : [NBKeyScan] “C:Program FilesNeroNero8Nero BackItUpNBKeyScan.exe”
    04 – HKLM..Run : [autodetect] C:Windowssystem32SupportAppXLAutoDect.exe
    04 – HKLM..Run : [Adobe ARM] “C:Program FilesCommon FilesAdobeARM1.0AdobeARM.exe”
    04 – HKLM..Run : [APSDaemon] “C:Program FilesCommon FilesAppleApple Application SupportAPSDaemon.exe”
    04 – HKLM..Run : [BCSSync] “C:Program FilesMicrosoft OfficeOffice14BCSSync.exe” /DelayServices
    04 – HKLM..Run : [{e1b0a12d-d557-6eda-8ae7-0b56607bc49b}] “C:ProgramDataMicrosoft{e1b0a12d-d557-6eda-8ae7-0b56607bc49b}{e1b0a12d-d557-6eda-8ae7-0b56607bc49b}.exe”
    04 – HKLM..Run : [iTunesHelper] “C:Program FilesiTunesiTunesHelper.exe”
    04 – HKLM..Run : [{08f2d84b-fdce-59ad-2f25-8a5a0b1aa51d}] “C:ProgramDataMicrosoft{08f2d84b-fdce-59ad-2f25-8a5a0b1aa51d}{08f2d84b-fdce-59ad-2f25-8a5a0b1aa51d}.exe”
    04 – HKLM..PoliciesExplorerrun : [{e1b0a12d-d557-6eda-8ae7-0b56607bc49b}] “C:ProgramDataMicrosoft{e1b0a12d-d557-6eda-8ae7-0b56607bc49b}{e1b0a12d-d557-6eda-8ae7-0b56607bc49b}.exe”
    04 – HKLM..PoliciesExplorerrun : [{08f2d84b-fdce-59ad-2f25-8a5a0b1aa51d}] “C:ProgramDataMicrosoft{08f2d84b-fdce-59ad-2f25-8a5a0b1aa51d}{08f2d84b-fdce-59ad-2f25-8a5a0b1aa51d}.exe”
    04 – HKUS-1-5-19..Run : [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /autoRun
    04 – HKUS-1-5-20..Run : [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /autoRun
    04 – HKUS-1-5-21-3400711505-3739466834-3293508132-1000..Run : [MediaDico9] C:Program FilesMicro Application9 DICOS IndispensablesLanceMediaDICO9.exe Lancement
    04 – HKUS-1-5-21-3400711505-3739466834-3293508132-1000..Run : [MediaDICO36] C:Program FilesMicro Application36 Dictionnaires et Recueils de CorrespondanceLanceMediaDICO36.exe Lancement
    04 – HKUS-1-5-21-3400711505-3739466834-3293508132-1000..Run : [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] “C:Program FilesCommon FilesNeroLibNMBgMonitor.exe”
    04 – HKUS-1-5-21-3400711505-3739466834-3293508132-1000..Run : [SuperCopier2.exe] C:Program FilesSuperCopier2SuperCopier2.exe
    04 – HKUS-1-5-21-3400711505-3739466834-3293508132-1000..Run : [Badoo Desktop] C:ProgramDataBadooBadoo Desktop1.6.58.1220Badoo.Desktop.exe
    04 – HKUS-1-5-21-3400711505-3739466834-3293508132-1000..Run : [Google Update] “C:UsersMa FilleAppDataLocalGoogleUpdateGoogleUpdate.exe” /c
    04 – HKUS-1-5-21-3400711505-3739466834-3293508132-1000..Run : [Google+ Auto Backup] “C:UsersMa FilleAppDataLocalProgramsGoogleGoogle+ Auto BackupGoogle+ Auto Backup.exe” /autostart
    04 – HKUS-1-5-21-3400711505-3739466834-3293508132-1000..Run : [Skype] “C:Program FilesSkypePhoneSkype.exe” /minimized /regrun
    04 – HKUS-1-5-21-3400711505-3739466834-3293508132-1000..Run : [axoleoyt] C:UsersMa Filleaxoleoyt.exe
    04 – HKUS-1-5-21-3400711505-3739466834-3293508132-1000..Run : [kiadu] C:UsersMa Filleudaikkiadu.exe /f
    04 – HKUS-1-5-21-3400711505-3739466834-3293508132-1000..Run : [Free Download Manager] C:Program FilesFree Download Managerfdm.exe -autorun
    04 – HKUS-1-5-21-3400711505-3739466834-3293508132-1000..Run : [Software Informer] “C:Program FilesSoftware Informersoftinfo.exe” -autorun
    04 – HKUS-1-5-21-3400711505-3739466834-3293508132-1000..Run : [fsm]
    04 – HKUS-1-5-21-3400711505-3739466834-3293508132-1000..Run : [Twoo] “C:UsersMa FilleAppDataRoamingMassive MediaTwoo.exe”
    04 – HKUS-1-5-21-3400711505-3739466834-3293508132-1000..Run : [Sidebar] C:Program FilesWindows Sidebarsidebar.exe /autoRun
    04 – HKUS-1-5-21-3400711505-3739466834-3293508132-1000..Run : [IDMan] C:Program FilesInternet Download ManagerIDMan.exe /onboot
    04 – HKUS-1-5-21-3400711505-3739466834-3293508132-1000..Run : [Eztion] regsvr32.exe “C:UsersMa FilleAppDataLocalEztionwxpmod.dll”
    04 – HKUS-1-5-21-3400711505-3739466834-3293508132-1000..Run : [Eltion] C:WindowsSystem32regsvr32.exe “C:UsersMa FilleAppDataLocalYZPackAsusSpi.dll”
    04 – HKUS-1-5-21-3400711505-3739466834-3293508132-1000..Run : [{2e6d463c-300e-e90d-f0c8-9741e75cc23c}] “C:UsersMa FilleAppDataLocal{2e6d463c-300e-e90d-f0c8-9741e75cc23c}{2e6d463c-300e-e90d-f0c8-9741e75cc23c}.exe”
    04 – HKUS-1-5-21-3400711505-3739466834-3293508132-1000..Run : [{E67F658C-7484-E34B-4B58-278E77F36967}] “C:UsersMa FilleAppDataRoamingYvygulaf.exe”
    04 – HKUS-1-5-21-3400711505-3739466834-3293508132-1000..Run : [CrashReportVerifyer] C:UsersMAFILL~1AppDataLocalTemptemp809292490.exe
    04 – HKUS-1-5-21-3400711505-3739466834-3293508132-1000..Run : [TimeNotifyer] C:UsersMa FilleAppDataLocalTemptemp809292490.exe
    04 – HKUS-1-5-21-3400711505-3739466834-3293508132-1000..Run : [integrated_temperature] C:Program FilesAdobeReader 10.0ReaderServicesbuck_controllercentral_processing_unit.exe
    04 – HKUS-1-5-18..Run : [YZPack] C:Windowssystem32configsystemprofileAppDataLocalYZPack80527.exe
    04 – HKUS-1-5-18..Run : [Eztion] regsvr32.exe C:Windowssystem32configsystemprofileAppDataLocalEztionCNHL210.dll
    04 – HKUS-1-5-18..Run : [Eltion] C:WindowsSystem32regsvr32.exe C:Windowssystem32configsystemprofileAppDataLocalYZPackCNBJOP8m.DLL
    04 – HKUS-1-5-19..RunOnce : [mctadmin] C:WindowsSystem32mctadmin.exe
    04 – HKUS-1-5-20..RunOnce : [mctadmin] C:WindowsSystem32mctadmin.exe
    04GS – DipisoftUpdate.lnk : C:Program FilesDipisoftDUpdate.exe
    04GS – kiadu.lnk : C:UsersMa Filleudaikkiadu.exe
    04GS – OneNote 2010 – Capture d’écran et lancement.lnk : C:Program FilesMicrosoft OfficeOffice14ONENOTEM.EXE
    04GS – ImmersiveExplorer.lnk : C:SkinPackImmersiveExplorerImmersive Explorer.exe
    04GS – MetroSidebar.lnk : C:SkinPackMetroSidebarMetroSidebar.exe
    04GS – StartMenu.lnk : C:SkinPackStartMenuStartMenuReviver.exe

    ################## | UsbFix – Information |

    Info : Comment supprimer l’infection des raccourcis sur USB ? (Video)
    Info : L’infection des raccourcis USB, c’est quoi ?
    Détection en Live : http://comment-supprimer.fr/

    ################## | Hijack |

    ################## | C: %SystemDrive% – Disque Fixe (NTFS) |

    [23/01/2015 – 15:50:41 | D] – C:DVD Ram.temp
    [10/06/2009 – 22:42:20 | A | 0 Ko] – C:config.sys
    [22/05/2014 – 21:38:52 | RASH | 0 Ko] – C:IO.SYS
    [22/05/2014 – 21:38:52 | RASH | 0 Ko] – C:MSDOS.SYS
    [25/02/2015 – 13:04:41 | ASH | 2257916 Ko] – C:hiberfil.sys
    [25/02/2015 – 13:04:44 | ASH | 3010556 Ko] – C:pagefile.sys
    [20/05/2014 – 23:07:07 | SHD] – C:$Recycle.Bin
    [10/06/2009 – 22:42:20 | A | 0 Ko] – C:autoexec.bat
    [21/05/2014 – 01:00:05 | RASH | 8 Ko] – C:BOOTSECT.BAK
    [14/07/2009 – 02:38:58 | RASH | 375 Ko] – C:bootmgr
    [14/07/2009 – 03:37:05 | D] – C:PerfLogs
    [14/07/2009 – 05:53:55 | SHD] – C:Documents and Settings
    [20/05/2014 – 23:06:42 | SHD] – C:Recovery
    [20/05/2014 – 23:06:51 | RD] – C:Users
    [20/05/2014 – 23:17:41 | RHD] – C:MSOCache
    [20/05/2014 – 23:23:36 | N | 200 Ko] – C:grldr
    [21/05/2014 – 01:00:03 | SHD] – C:Boot
    [19/11/2014 – 16:04:45 | D] – C:Downloads
    [17/12/2014 – 10:53:21 | D] – C:W7P_Backups
    [30/12/2014 – 12:25:09 | D] – C:SkinPack
    [10/02/2015 – 11:45:13 | D] – C:smartcaisse
    [16/02/2015 – 11:07:36 | RD] – C:Program Files
    [16/02/2015 – 11:11:07 | D] – C:Windows
    [25/02/2015 – 13:06:49 | HD] – C:ProgramData
    [25/02/2015 – 13:09:03 | D] – C:UsbFix
    [25/02/2015 – 13:11:01 | D] – C:[Smad-Cage]

    ################## | D: – Disque Fixe (NTFS) |

    [22/05/2014 – 11:37:54 | N | 3 Ko] – D:AlbumArtSmall.jpg
    [22/05/2014 – 11:37:54 | N | 3 Ko] – D:AlbumArt_{C26BF83A-EC9B-441E-9DEF-5107C551C4C9}_Small.jpg
    [22/05/2014 – 11:38:06 | N | 13 Ko] – D:AlbumArt_{C26BF83A-EC9B-441E-9DEF-5107C551C4C9}_Large.jpg
    [22/05/2014 – 11:38:06 | N | 13 Ko] – D:Folder.jpg
    [22/05/2014 – 11:38:06 | SH | 0 Ko] – D:desktop.ini
    [23/12/2013 – 09:53:06 | A | 21475 Ko] – D:twiga.exe
    [26/02/2014 – 11:05:22 | A | 20546 Ko] – D:WARNING.exe
    [26/02/2014 – 12:05:22 | A | 20546 Ko] – D:twiga (2).exe
    [20/05/2014 – 23:07:07 | SHD] – D:$RECYCLE.BIN
    [30/12/2014 – 16:17:57 | SHD] – D:Recycler
    [02/01/2015 – 19:41:01 | D] – D:Nouveau dossier
    [23/01/2015 – 15:52:39 | D] – D:Disc externe
    [13/02/2015 – 13:41:39 | D] – D:OFFICE 2010

    ################## | H: – Disque USB (FAT32) |

    [20/02/2015 – 12:16:32 | D] – H:.Trashes
    [20/02/2015 – 12:16:32 | N | 4 Ko] – H:._.Trashes
    [20/02/2015 – 12:17:12 | D] – H:.TemporaryItems
    [20/02/2015 – 12:17:12 | N | 4 Ko] – H:._.TemporaryItems
    [20/02/2015 – 12:16:34 | D] – H:.Spotlight-V100
    [20/02/2015 – 12:16:32 | D] – H:.fseventsd
    [23/08/2014 – 12:04:58 | A | 96 Ko] – [VirusTotal – (49/56)] – H:Money.exe
    [23/08/2014 – 12:04:58 | A | 96 Ko] – [VirusTotal – (49/56)] – H:Sex.exe
    [23/08/2014 – 12:04:58 | A | 96 Ko] – [VirusTotal – (49/56)] – H:Love You.exe
    [23/08/2014 – 12:04:58 | A | 96 Ko] – [VirusTotal – (49/56)] – H:Nude.exe
    [29/05/2014 – 22:39:20 | D] – H:Office 2007

    ################## | Vaccin |

    C:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
    D:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
    H:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)

    ################## | E.O.F | https://www.sosvirus.net/ | http://www.usbfix.net/ |

  • Photo du profil de jacques.gachejacques.gache
    Participant
    Nombre d'articles : 676

    pourquoi as tu modifier ton premier message???

    bon effectivement il a rien trouvé mais il a vacciner tes disques et ta clé usb !! il serait bien de passer usbfix sur tous les pc ou la clé usb a été connecté afin d’être sur qu’il y est pas d’infection dessus !!

    as tu toujours des problèmes depuis le passage de usbfix ??

  • Photo du profil de RhauRhau
    Participant
    Nombre d'articles : 2

    Je viens juste de l’utiliser sur un autre poste et sa marche sans quoi!
    Merci :merci2: :bravo1:

  • Photo du profil de jacques.gachejacques.gache
    Participant
    Nombre d'articles : 676

    bonjour, ok mais passes usbfix ppar sécurité sur l’autre pc !!

    si tu veux on peux contrôler ton pc pour voire si il y a pas de saloperies dessus !!

    • Télécharge ZHPDiag (de Nicolas Coolman) sur ton bureau.
    • Installe le logiciel.
    • Lance ZHPDiag, exécuter en tant qu’administrateur sous Windows : 7/8 et Vista
    • Clic sur Complet

      Note : Ne pas fermer le programme même si il est indiqué qu’il ne répond plus.

    • Une fois le scan terminé rends toi sur le bureau, le fichier ZHPDiag.txt à été créé.
    • Héberge le rapport ZHPDiag.txt sur SosUpload, puis copie/colle le lien fourni dans ta prochaine réponse sur le forum

Le sujet ‘Voici le rapport’ est fermé à de nouvelles réponses.