Répondre à : Noms de dossiers et fichiers transformés en raccourcis 2016-09-08T13:34:16+00:00
Greta_1
Participant
Post count: 8

Bonjour,
J ai encore un problème avec une clé usb (toujours les fichiers apparaissant en raccourci)
Ci dessous le rapport
Merci d’avance pour ton retour
Cordialement
Mohamed

############################## | UsbFix V 7.169 | [Recherche]

Utilisateur: PICASSO (Administrateur) # PICASSO13
Mis à jour le 31/03/2014 par El Desaparecido – Team SosVirus
Lancé à 12:34:50 | 15/04/2014

Site Web : http://www.usbfix.net/” onclick=”window.open(this.href);return false;
Changelog : http://www.usbfix.net/maj/” onclick=”window.open(this.href);return false;
Support : forum-virus-securite.html
Upload Malware : upload_malware.php
Contact : http://www.usbfix.net/contact/” onclick=”window.open(this.href);return false;

PC: FUJITSU (D3041-A1)
CPU: Pentium(R) Dual-Core CPU E5800 @ 3.20GHz
RAM -> [Total : 1920 Mo| Free : 1025 Mo]
Bios: FUJITSU // Phoenix Technologies Ltd.
Boot: Normal boot

OS: Microsoft Windows 7 Professionnel (6.1.7601 32-Bit) Service Pack 1
WB: Windows Internet Explorer : 11.0.9600.16659
WB: Mozilla Firefox : 28.0

SC: Security Center [Enabled]
WU: Windows Update [Enabled]
AV: Microsoft Security Essentials [Enabled | Updated]
AS: Windows Defender [(!) Disabled | (!) Outdated]
AS: Microsoft Security Essentials [Enabled | Updated]
FW: Windows FireWall [(!) Disabled]
AS: Malwarebytes’ Anti-Malware : 1.75.0001

C: -> Disque fixe # 50 Go (25 Go libre(s) – 49%) [System] # NTFS
D: -> CD-ROM
E: -> Disque fixe # 414 Go (398 Go libre(s) – 96%) [Data] # NTFS
F: -> Disque amovible # 2 Go (2 Go libre(s) – 94%) [NIKA’S USB] # FAT

################## | Processus Actif |

C:Windowssystem32csrss.exe (ID: 428 |ParentID: 412)
C:Windowssystem32wininit.exe (ID: 468 |ParentID: 412)
C:Windowssystem32csrss.exe (ID: 480 |ParentID: 460)
C:Windowssystem32services.exe (ID: 524 |ParentID: 468)
C:Windowssystem32winlogon.exe (ID: 556 |ParentID: 460)
C:Windowssystem32lsass.exe (ID: 584 |ParentID: 468)
C:Windowssystem32lsm.exe (ID: 592 |ParentID: 468)
C:Windowssystem32svchost.exe (ID: 696 |ParentID: 524)
C:Windowssystem32svchost.exe (ID: 760 |ParentID: 524)
C:Program FilesMicrosoft Security ClientMsMpEng.exe (ID: 824 |ParentID: 524)
C:WindowsSystem32svchost.exe (ID: 940 |ParentID: 524)
C:WindowsSystem32svchost.exe (ID: 988 |ParentID: 524)
C:Windowssystem32svchost.exe (ID: 1028 |ParentID: 524)
C:Windowssystem32svchost.exe (ID: 1060 |ParentID: 524)
C:Windowssystem32svchost.exe (ID: 1316 |ParentID: 524)
C:WindowsSystem32spoolsv.exe (ID: 1420 |ParentID: 524)
C:Windowssystem32svchost.exe (ID: 1460 |ParentID: 524)
C:Program FilesCommon FilesAdobeARM1.0armsvc.exe (ID: 1608 |ParentID: 524)
C:Windowssystem32svchost.exe (ID: 1640 |ParentID: 524)
C:Program FilesCommon FilesNeroNero BackItUp 4NBService.exe (ID: 1684 |ParentID: 524)
C:WindowsSystem32svchost.exe (ID: 1756 |ParentID: 524)
C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSVC.EXE (ID: 1828 |ParentID: 524)
C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSvcM.exe (ID: 2032 |ParentID: 1828)
C:Windowssystem32svchost.exe (ID: 2136 |ParentID: 524)
C:Windowssystem32SearchIndexer.exe (ID: 3000 |ParentID: 524)
C:Windowssystem32Dwm.exe (ID: 2196 |ParentID: 988)
C:Windowssystem32taskhost.exe (ID: 3224 |ParentID: 524)
C:WindowsExplorer.EXE (ID: 3928 |ParentID: 2128)
C:Program FilesRealtekAudioHDARtHDVCpl.exe (ID: 3764 |ParentID: 3928)
C:FujitsuProgramsDeskupdateDeskUpdateNotifier.exe (ID: 3980 |ParentID: 3928)
C:WindowsSystem32igfxtray.exe (ID: 160 |ParentID: 3928)
C:WindowsSystem32hkcmd.exe (ID: 1228 |ParentID: 3928)
C:WindowsSystem32igfxpers.exe (ID: 3244 |ParentID: 3928)
C:Program FilesMicrosoft Security ClientNisSrv.exe (ID: 2316 |ParentID: 524)
C:Program FilesMicrosoft Security Clientmsseces.exe (ID: 2380 |ParentID: 3928)
C:Usersgreta01AppDataLocalGoogleUpdateGoogleUpdate.exe (ID: 768 |ParentID: 3928)
C:Program FilesMcAfee Security Scan3.0.285SSScheduler.exe (ID: 2148 |ParentID: 3928)
C:Program FilesCommon FilesMicrosoft SharedOfficeSoftwareProtectionPlatformOSPPSVC.EXE (ID: 848 |ParentID: 524)
C:Usersgreta01AppDataLocalGoogleChromeApplicationchrome.exe (ID: 916 |ParentID: 3928)
C:Usersgreta01AppDataLocalGoogleChromeApplicationchrome.exe (ID: 2440 |ParentID: 916)
C:Usersgreta01AppDataLocalGoogleChromeApplicationchrome.exe (ID: 3232 |ParentID: 916)
C:Windowssystem32taskeng.exe (ID: 912 |ParentID: 1060)
C:Windowssystem32SearchProtocolHost.exe (ID: 2808 |ParentID: 3000)
C:Windowssystem32SearchFilterHost.exe (ID: 3536 |ParentID: 3000)
C:Windowssystem32DllHost.exe (ID: 3392 |ParentID: 696)
C:Windowssystem32rundll32.exe (ID: 2268 |ParentID: 696)
C:WindowsSystem32dinotify.exe (ID: 3116 |ParentID: 2268)
C:WindowsSystem32WUDFHost.exe (ID: 2976 |ParentID: 988)
C:Windowssystem32wbemwmiprvse.exe (ID: 2560 |ParentID: 696)

################## | Regedit Run |

F2 – HKLM..Winlogon : [Shell] explorer.exe
F2 – [x64] HKLM..Winlogon : [Shell] explorer.exe
F2 – HKLM..Winlogon : [Userinit] C:Windowssystem32userinit.exe,
F2 – [x64] HKLM..Winlogon : [Userinit] C:Windowssystem32userinit.exe,
04 – HKCU..Run : [Google Update] “C:UsersPICASSOAppDataLocalGoogleUpdateGoogleUpdate.exe” /c
04 – HKLM..Run : [RtHDVCpl] C:Program FilesRealtekAudioHDARtHDVCpl.exe -s
04 – HKLM..Run : [DeskUpdateNotifier] “c:FujitsuProgramsDeskUpdateDeskUpdateNotifier.exe”
04 – HKLM..Run : [IgfxTray] C:Windowssystem32igfxtray.exe
04 – HKLM..Run : [HotKeysCmds] C:Windowssystem32hkcmd.exe
04 – HKLM..Run : [Persistence] C:Windowssystem32igfxpers.exe
04 – HKLM..Run : [BCSSync] “C:Program FilesMicrosoft OfficeOffice14BCSSync.exe” /DelayServices
04 – HKLM..Run : [MSC] “C:Program FilesMicrosoft Security Clientmsseces.exe” -hide -runkey
04 – HKLM..Run : [Adobe ARM] “C:Program FilesCommon FilesAdobeARM1.0AdobeARM.exe”
04 – HKLM..RunOnce : [Malwarebytes Anti-Malware] C:Program FilesMalwarebytes’ Anti-Malwarembamgui.exe /install /silent
04 – HKLM..RunOnce : []
04 – HKUS-1-5-19..Run : [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /autoRun
04 – HKUS-1-5-20..Run : [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /autoRun
04 – HKUS-1-5-21-3794041088-267600481-4042947410-1000..Run : [Google Update] “C:UsersPICASSOAppDataLocalGoogleUpdateGoogleUpdate.exe” /c
04 – HKUS-1-5-21-3794041088-267600481-4042947410-1001..Run : [Google Update] “C:Usersgreta01AppDataLocalGoogleUpdateGoogleUpdate.exe” /c
04 – HKUS-1-5-21-3794041088-267600481-4042947410-1001..Run : [flashmemory] wscript.exe //B “C:Usersgreta01AppDataLocalTempflashmemory.vbe”
04 – HKUS-1-5-19..RunOnce : [mctadmin] C:WindowsSystem32mctadmin.exe
04 – HKUS-1-5-20..RunOnce : [mctadmin] C:WindowsSystem32mctadmin.exe

################## | Recherche générique |

Présent! F:flashmemory.vbe

################## | Registre |

################## | E.O.F | http://www.usbfix.net/” onclick=”window.open(this.href);return false; – https://www.sosvirus.net” onclick=”window.open(this.href);return false; |