Répondre à : Dossier disque dur transformés en raccourcis SCR 2016-09-08T13:02:20+00:00
Photo du profil de vicowvicow
Participant
Post count: 2

Je viens de faire la suppression.

Voici le rapport généré :
[spoiler:18g5yws2]############################## | UsbFix V 7.129 | [Suppression]

Utilisateur: Sophie (Administrateur) # SOPHIE-PC
Mis à jour le 24/06/2013 par El Desaparecido
Lancé à 22:30:31 | 28/07/2013

Site Web: https://www.sosvirus.net/” onclick=”window.open(this.href);return false;
Upload Malware: https://www.sosvirus.net/upload-malware-pour-analyse-t489.html” onclick=”window.open(this.href);return false;
Contact: contact@sosvirus.net

PC: Acer (Aspire 4820TZG) (x64-based PC)
CPU: Intel(R) Pentium(R) CPU P6100 @ 2.00GHz (1999)
RAM -> [Total : 3767 | Free : 1790]
BIOS: InsydeH2O Version V1.17
BOOT: Normal boot

OS: Microsoft Windows 7 Édition Familiale Premium (6.1.7600 64-Bit) #
WB: Windows Internet Explorer 8.0.7600.16385

SC: Security Center Service [Enabled]
WU: Windows Update Service [Enabled]
AV: AVG Anti-Virus 2013 [(!) Disabled | Updated]
FW: Windows FireWall Service [Enabled]

C: (%systemdrive%) -> Disque fixe # 453 Go (223 Go libre(s) – 49%) [Acer] # NTFS
E: -> Disque fixe # 466 Go (164 Go libre(s) – 35%) [o] # NTFS

################## | El Desaparecido Section |

HKLMSOFTWARE | Run : [IAStorIcon] – C:Program Files (x86)IntelIntel(R) Rapid Storage TechnologyIAStorIcon.exe
HKLMSOFTWARE | Run : [LManager] – C:Program Files (x86)Launch ManagerLManager.exe
HKLMSOFTWARE | Run : [SuiteTray] – “C:Program Files (x86)EgisTec MyWinLockerSuitex86SuiteTray.exe”
HKLMSOFTWARE | Run : [EgisUpdate] – “C:Program Files (x86)EgisTec IPSEgisUpdate.exe” -d
HKLMSOFTWARE | Run : [EgisTecPMMUpdate] – “C:Program Files (x86)EgisTec IPSPmmUpdate.exe”
HKLMSOFTWARE | Run : [Adobe Reader Speed Launcher] – “C:Program Files (x86)AdobeReader 9.0ReaderReader_sl.exe”
HKLMSOFTWARE | Run : [BackupManagerTray] – “C:Program Files (x86)NewTech InfosystemsAcer Backup ManagerBackupManagerTray.exe” -h -k
HKLMSOFTWARE | Run : [StartCCC] – “C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticCLIStart.exe” MSRun
HKLMSOFTWARE | Run : [MDS_Menu] – “C:Program Files (x86)Acer Arcade DeluxeMediaShow EspressoMUITransferMUIStartMenu.exe” “C:Program Files (x86)Acer Arcade DeluxeMediaShow Espresso” UpdateWithCreateOnce “SoftwareCyberLinkMediaShow Espresso5.6”
HKLMSOFTWARE | Run : [ArcadeMovieService] – “C:Program Files (x86)Acer Arcade DeluxeArcade MovieArcadeMovieService.exe”
HKLMSOFTWARE | Run : [HP Software Update] – C:Program Files (x86)HpHP Software UpdateHPWuSchd2.exe
HKLMSOFTWARE | Run : [] –
HKLMSOFTWARE | Run : [AVG_UI] – “C:Program Files (x86)AVGAVG2013avgui.exe” /TRAYONLY
HKLMSOFTWARE | Run : [SunJavaUpdateSched] – “C:Program Files (x86)Common FilesJavaJava Updatejusched.exe”
HKLMSOFTWAREwow6432Node | Run : [IAStorIcon] – C:Program Files (x86)IntelIntel(R) Rapid Storage TechnologyIAStorIcon.exe
HKLMSOFTWAREwow6432Node | Run : [LManager] – C:Program Files (x86)Launch ManagerLManager.exe
HKLMSOFTWAREwow6432Node | Run : [SuiteTray] – “C:Program Files (x86)EgisTec MyWinLockerSuitex86SuiteTray.exe”
HKLMSOFTWAREwow6432Node | Run : [EgisUpdate] – “C:Program Files (x86)EgisTec IPSEgisUpdate.exe” -d
HKLMSOFTWAREwow6432Node | Run : [EgisTecPMMUpdate] – “C:Program Files (x86)EgisTec IPSPmmUpdate.exe”
HKLMSOFTWAREwow6432Node | Run : [Adobe Reader Speed Launcher] – “C:Program Files (x86)AdobeReader 9.0ReaderReader_sl.exe”
HKLMSOFTWAREwow6432Node | Run : [BackupManagerTray] – “C:Program Files (x86)NewTech InfosystemsAcer Backup ManagerBackupManagerTray.exe” -h -k
HKLMSOFTWAREwow6432Node | Run : [StartCCC] – “C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticCLIStart.exe” MSRun
HKLMSOFTWAREwow6432Node | Run : [MDS_Menu] – “C:Program Files (x86)Acer Arcade DeluxeMediaShow EspressoMUITransferMUIStartMenu.exe” “C:Program Files (x86)Acer Arcade DeluxeMediaShow Espresso” UpdateWithCreateOnce “SoftwareCyberLinkMediaShow Espresso5.6”
HKLMSOFTWAREwow6432Node | Run : [ArcadeMovieService] – “C:Program Files (x86)Acer Arcade DeluxeArcade MovieArcadeMovieService.exe”
HKLMSOFTWAREwow6432Node | Run : [HP Software Update] – C:Program Files (x86)HpHP Software UpdateHPWuSchd2.exe
HKLMSOFTWAREwow6432Node | Run : [] –
HKLMSOFTWAREwow6432Node | Run : [AVG_UI] – “C:Program Files (x86)AVGAVG2013avgui.exe” /TRAYONLY
HKLMSOFTWAREwow6432Node | Run : [SunJavaUpdateSched] – “C:Program Files (x86)Common FilesJavaJava Updatejusched.exe”
HKLMSOFTWARE | RunOnce : [] –
HKLMSOFTWAREwow6432Node | RunOnce : [] –
HKUS-1-5-19SOFTWARE | Run : [Sidebar] – %ProgramFiles%Windows SidebarSidebar.exe /autoRun
HKUS-1-5-20SOFTWARE | Run : [Sidebar] – %ProgramFiles%Windows SidebarSidebar.exe /autoRun
HKUS-1-5-21-527308406-869047508-3707649672-1000SOFTWARE | Run : [swg] – “C:Program Files (x86)GoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe”
HKUS-1-5-21-527308406-869047508-3707649672-1000SOFTWARE | Run : [Spotify Web Helper] – “C:UsersSophieAppDataRoamingSpotifyDataSpotifyWebHelper.exe”
HKUS-1-5-21-527308406-869047508-3707649672-1000SOFTWARE | Run : [Spotify] – “C:UsersSophieAppDataRoamingSpotifyspotify.exe” /uri spotify:autostart
HKUS-1-5-21-527308406-869047508-3707649672-1000SOFTWARE | Run : [Bubble Dock] – “C:UsersSophieAppDataRoamingNosibayBubble DockLBubble Dock.exe” /winstartup
HKUS-1-5-19SOFTWARE | RunOnce : [mctadmin] – C:WindowsSystem32mctadmin.exe
HKUS-1-5-20SOFTWARE | RunOnce : [mctadmin] – C:WindowsSystem32mctadmin.exe

################## | Processus Stoppés |

Stoppé! C:Windowssystem32atiesrxx.exe (400)
Stoppé! C:Windowssystem32atieclxx.exe (1272)
Stoppé! C:WindowsSystem32spoolsv.exe (1568)
Stoppé! C:Program Files (x86)Bluetooth Suiteadminservice.exe (1692)
Stoppé! C:Program Files (x86)AVGAVG2013avgwdsvc.exe (1804)
Stoppé! C:ProgramDataBrowserProtect2.6.1339.144{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}BrowserProtect.exe (1860)
Stoppé! C:Program Files (x86)Launch Managerdsiwmis.exe (1904)
Stoppé! C:WindowsSysWOW64schtasks.exe (1920)
Stoppé! C:Program FilesAcerAcer PowerSmart ManagerePowerSvc.exe (1988)
Stoppé! C:Program Files (x86)AcerRegistrationGREGsvc.exe (2008)
Stoppé! C:Program Files (x86)IntelIntel(R) Management Engine ComponentsLMSLMS.exe (1048)
Stoppé! C:Program Files (x86)NewTech InfosystemsAcer Backup ManagerIScheduleSvc.exe (1292)
Stoppé! C:Program Files (x86)NewTech InfosystemsNTI Backup Now 5SchedulerSvc.exe (1480)
Stoppé! C:Program FilesAcerOptical Drive Power ManagementODDPWRSvc.exe (1532)
Stoppé! C:Program Files (x86)CyberlinkShared filesRichVideo.exe (1820)
Stoppé! C:Program Files (x86)AcerAcer VCMRS_Service.exe (1728)
Stoppé! C:Program FilesAcerAcer UpdaterUpdaterService.exe (2160)
Stoppé! C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSVC.EXE (2248)
Stoppé! C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSvcM.exe (2396)
Stoppé! C:Windowssystem32taskhost.exe (2256)
Stoppé! C:Program FilesRealtekAudioHDARAVCpl64.exe (2768)
Stoppé! C:Program FilesRealtekAudioHDARAVBg64.exe (2756)
Stoppé! C:Program Files (x86)AmIcoSingLunAmIcoSinglun64.exe (2752)
Stoppé! C:Program FilesAcerOptical Drive Power ManagementODDPWR.exe (1512)
Stoppé! C:Program Files (x86)EgisTec MyWinLockerx86mwlDaemon.exe (2860)
Stoppé! C:WindowsSystem32igfxpers.exe (2872)
Stoppé! C:Program FilesSynapticsSynTPSynTPEnh.exe (2912)
Stoppé! C:Program Files (x86)Bluetooth SuiteBtvStack.exe (2952)
Stoppé! C:Program Files (x86)Bluetooth SuiteAthBtTray.exe (2972)
Stoppé! C:Program Files (x86)GoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe (1440)
Stoppé! C:UsersSophieAppDataRoamingSpotifyDataSpotifyWebHelper.exe (3280)
Stoppé! C:Windowssystem32SearchIndexer.exe (3352)
Stoppé! C:Program Files (x86)AcerAcer VCMAcerVCM.exe (3464)
Stoppé! C:UsersSophieAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupAdobe Online.com (3504)
Stoppé! C:Program Files (x86)IntelIntel(R) Rapid Storage TechnologyIAStorIcon.exe (3824)
Stoppé! C:Program Files (x86)Launch ManagerLManager.exe (3860)
Stoppé! C:Program Files (x86)EgisTec IPSPmmUpdate.exe (3892)
Stoppé! C:ProgramDataBrowserProtect2.6.1339.144{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}BrowserProtect.exe (3912)
Stoppé! C:Program Files (x86)NewTech InfosystemsAcer Backup ManagerBackupManagerTray.exe (3976)
Stoppé! C:Program Files (x86)Launch ManagerMMDx64Fx.exe (3988)
Stoppé! C:Program Files (x86)Acer Arcade DeluxeArcade MovieArcadeMovieService.exe (4088)
Stoppé! C:Program Files (x86)HPHP Software Updatehpwuschd2.exe (3120)
Stoppé! C:Program Files (x86)AVGAVG2013avgui.exe (3612)
Stoppé! C:Program Files (x86)Launch ManagerLMworker.exe (2732)
Stoppé! C:Program Files (x86)Common FilesJavaJava Updatejusched.exe (3656)
Stoppé! C:Program FilesSynapticsSynTPSynTPHelper.exe (1124)
Stoppé! C:Program Files (x86)EgisTec IPSEgisUpdate.exe (4460)
Stoppé! C:Program FilesWindows Media Playerwmpnetwk.exe (4612)
Stoppé! C:Program FilesAcerAcer PowerSmart ManagerePowerTray.exe (4376)
Stoppé! C:Program FilesAcerAcer PowerSmart ManagerePowerEvent.exe (3384)
Stoppé! C:Program Files (x86)IntelIntel(R) Rapid Storage TechnologyIAStorDataMgrSvc.exe (4768)
Stoppé! C:Program Files (x86)IntelIntel(R) Management Engine ComponentsUNSUNS.exe (3064)
Stoppé! C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticMOM.exe (1664)
Stoppé! C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticCCC.exe (2936)
Stoppé! C:Windowssystem32igfxext.exe (3636)
Stoppé! C:Windowssystem32igfxsrvc.exe (5924)
Stoppé! C:Windowssystem32igfxtray.exe (4476)
Stoppé! C:Windowssystem32hkcmd.exe (5240)
Stoppé! C:USERSSOPHIEAPPDATAROAMINGMICROSOFTWINDOWSSTART MENUPROGRAMSSTARTUPAdobe update.com (1168)
Stoppé! C:Program Files (x86)Mozilla Firefoxfirefox.exe (5716)
Stoppé! C:WindowsSysWOW64NOTEPAD.EXE (4260)
Stoppé! C:Program Files (x86)Mozilla Firefoxplugin-container.exe (4252)
Stoppé! C:WindowsSysWOW64MacromedFlashFlashPlayerPlugin_11_7_700_224.exe (5048)
Stoppé! C:WindowsSysWOW64MacromedFlashFlashPlayerPlugin_11_7_700_224.exe (6128)
Stoppé! C:Windowssystem32taskeng.exe (4560)

################## | Éléments infectieux |

Supprimé! C:UsersSophieAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupAdobe Online.com
Supprimé! C:UsersSophieAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupAdobe update.com
Supprimé! C:Thumbs.com
Non supprimé ! E:RECYCLERS-5-3-42-2819952290-8240758988-879315005-3665jwgkvsq.vmx
Supprimé! C:Autorun.inf
Supprimé! C:Thumbs .db
Non supprimé ! E:autorun.inf
Supprimé! E:PHOTOS .scr
Supprimé! E:Photos et videos Roumanie Juin 2013 .scr
Supprimé! E:Thumbs .db
Supprimé! E:Thumbs.com
Non supprimé ! E:RecyclerS-5-3-42-2819952290-8240758988-879315005-3665
Supprimé! C:$AVG .scr
Supprimé! C:$Recycle.Bin .scr
Supprimé! C:book .scr
Supprimé! C:Config.Msi .scr
Supprimé! C:Documents and Settings .scr
Supprimé! C:Intel .scr
Supprimé! C:MSOCache .scr
Supprimé! C:OEM .scr
Supprimé! C:PerfLogs .scr
Supprimé! C:Program Files (x86) .scr
Supprimé! C:Program Files .scr
Supprimé! C:ProgramData .scr
Supprimé! C:Recovery .scr
Supprimé! C:UsbFix .scr
Supprimé! C:Windows .scr
Supprimé! E:$RECYCLE.BIN .scr
Supprimé! E:CENTRE AERE .scr
Supprimé! E:DOCUMENTS .scr
Supprimé! E:Fac .scr
Supprimé! E:Films et séries .scr
Supprimé! E:Louise .scr
Supprimé! E:MUSIQUE .scr
Supprimé! E:Musique Roumanie .scr
Supprimé! E:Mémoire Master 1 .scr
Supprimé! E:PHOTOSPhotos PAULINE .scr
Supprimé! E:PHOTOSPhotos SOPHIE2006 .scr
Supprimé! E:PHOTOSPhotos SOPHIE2007 .scr
Supprimé! E:PHOTOSPhotos SOPHIE2008 .scr
Supprimé! E:PHOTOSPhotos SOPHIE2009 .scr
Supprimé! E:PHOTOSPhotos SOPHIE2010 .scr
Supprimé! E:PHOTOSPhotos SOPHIE2011 .scr
Supprimé! E:PHOTOSPhotos SOPHIE2012 .scr
Supprimé! E:PHOTOSPhotos SOPHIE2013Brest 2013 .scr
Supprimé! E:PHOTOSPhotos SOPHIE2013Photofiltre 2013 .scr
Supprimé! E:PHOTOSPhotos SOPHIE2013Photos + video sony .scr
Supprimé! E:PHOTOSPhotos SOPHIE2013SKI Morillon 27 décembre 2012 _ 3 février 2013 .scr
Supprimé! E:PHOTOSPhotos SOPHIE2013 .scr
Supprimé! E:PHOTOSPhotos SOPHIECHEVAUX D'AGNETZ .scr
Supprimé! E:PHOTOSPhotos SOPHIEDivers photos .scr
Supprimé! E:PHOTOSPhotos SOPHIEdossier eva .scr
Supprimé! E:PHOTOSPhotos SOPHIEFamille .scr
Supprimé! E:PHOTOSPhotos SOPHIEFofy .scr
Supprimé! E:PHOTOSPhotos SOPHIEPeinture .scr
Supprimé! E:PHOTOSPhotos SOPHIEPhotos Pepe .scr
Supprimé! E:PHOTOSPhotos SOPHIEphotos portable .scr
Supprimé! E:PHOTOSPhotos SOPHIEPHOTOS RETOUCHEES .scr
Supprimé! E:PHOTOSPhotos SOPHIEScanner .scr
Supprimé! E:PHOTOSPhotos SOPHIEsouvenirs .scr
Supprimé! E:PHOTOSPhotos SOPHIESouvenirs Enfance .scr
Supprimé! E:PHOTOSPhotos SOPHIE .scr
Supprimé! E:PHOTOSTatouage Cici et Max .scr
Supprimé! E:Projet Film Corse .scr
Supprimé! E:RECYCLER .scr
Supprimé! E:VidéosPhotos et vidéos BB Maxcamera .scr
Supprimé! E:VidéosPhotos et vidéos BB Maxvideos .scr
Supprimé! E:VidéosPhotos et vidéos BB Max .scr
Supprimé! E:Vidéos .scr

(!) Fichiers temporaires supprimés.

################## | Registre |

Supprimé! HKLMSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem|DisableRegistryTools
Supprimé! HKLMSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem|DisableTaskMgr

################## | Mountpoints2 |

Supprimé! HKCU….ExplorerMountPoints2{8787bc2f-b1a5-11e2-8910-60eb6919abed}

################## | Listing |

[19/05/2013 – 23:49:35 | D ] C:$AVG
[04/03/2013 – 22:29:32 | HD ] C:$Recycle.Bin
[21/07/2013 – 20:20:10 | N | 426] C:Autoexec.bat
[04/03/2013 – 21:54:28 | D ] C:book
[02/07/2010 – 14:01:47 | N | 8192] C:BOOTSECT.BAK
[17/07/2013 – 20:44:41 | D ] C:Config.Msi
[14/07/2009 – 07:08:56 | HD ] C:Documents and Settings
[28/07/2013 – 13:34:02 | ASH | 2962243584] C:hiberfil.sys
[04/03/2013 – 21:54:12 | D ] C:Intel
[04/03/2013 – 22:43:49 | HD ] C:MSOCache
[04/03/2013 – 22:29:22 | D ] C:OEM
[28/07/2013 – 13:34:03 | ASH | 3949658112] C:pagefile.sys
[14/07/2009 – 05:20:08 | D ] C:PerfLogs
[19/05/2013 – 22:49:00 | D ] C:Program Files
[17/07/2013 – 20:44:22 | D ] C:Program Files (x86)
[19/05/2013 – 23:49:35 | HD ] C:ProgramData
[04/03/2013 – 22:27:31 | HD ] C:Recovery
[02/07/2010 – 13:26:50 | N | 2282] C:RHDSetup.log
[17/07/2013 – 20:43:53 | SHD ] C:System Volume Information
[28/07/2013 – 22:33:11 | D ] C:UsbFix
[28/07/2013 – 22:33:28 | A | 14685] C:UsbFix [Clean 1] SOPHIE-PC.txt
[28/07/2013 – 19:25:44 | N | 5175] C:UsbFix [Listing 1 ] SOPHIE-PC.txt
[28/07/2013 – 19:23:58 | N | 14121] C:UsbFix [Scan 1] SOPHIE-PC.txt
[04/03/2013 – 22:27:47 | D ] C:Users
[21/07/2013 – 12:35:59 | D ] C:Windows
[25/03/2013 – 01:12:32 | HD ] E:$RECYCLE.BIN
[28/07/2013 – 19:00:39 | N | 6148] E:.DS_Store
[28/07/2013 – 19:01:35 | D ] E:.fseventsd
[28/07/2013 – 19:00:36 | AD ] E:.Trashes
[21/03/2009 – 16:07:58 | RASH | 95034] E:autorun.inf
[13/03/2013 – 15:27:57 | D ] E:CENTRE AERE
[02/03/2013 – 01:35:41 | N | 30235] E:CV_Sophie_Lovo.docx
[13/03/2013 – 15:29:41 | D ] E:DOCUMENTS
[03/05/2013 – 21:08:46 | D ] E:Fac
[01/07/2013 – 22:11:04 | D ] E:Films et séries
[01/07/2013 – 21:52:36 | D ] E:Louise
[13/03/2013 – 15:22:46 | D ] E:MUSIQUE
[01/07/2013 – 21:49:38 | D ] E:Musique Roumanie
[13/03/2013 – 15:28:38 | D ] E:Mémoire Master 1
[28/07/2013 – 22:33:02 | D ] E:PHOTOS
[01/07/2013 – 22:15:16 | D ] E:Photos et videos Roumanie Juin 2013
[27/12/2011 – 17:15:02 | D ] E:Projet Film Corse
[01/07/2013 – 21:41:43 | HD ] E:RECYCLER
[08/06/2012 – 11:53:32 | SHD ] E:System Volume Information
[28/07/2013 – 22:33:02 | D ] E:Vidéos

################## | Vaccin |

C:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)

################## | E.O.F | https://www.sosvirus.net” onclick=”window.open(this.href);return false; |[/spoiler:18g5yws2]

Merci de tes réponses rapides. (Tu peux prendre ton temps, je n’aurais pas l’ordinateur infecté dans les mains avant demain)