Répondre à : Noms des fichiers et dossiers transformé en raccourci 2016-09-12T13:42:52+00:00
gloctor
Participant
Nombre d'articles : 3

merci a vous
de votre aide
############################## | UsbFix V 7.167 | [Recherche]

Utilisateur: pc (Administrateur) # PCPORTABLE
Mis à jour le 13/03/2014 par El Desaparecido – Team SosVirus
Lancé à 21:26:16 | 21/04/2014

Site Web : http://www.usbfix.net/” onclick=”window.open(this.href);return false;
Changelog : http://www.usbfix.net/maj/” onclick=”window.open(this.href);return false;
Support : forum-virus-securite.html
Upload Malware : upload_malware.php
Contact : http://www.usbfix.net/contact/” onclick=”window.open(this.href);return false;

PC: Acer (BA50-MV )
CPU: Pentium(R) Dual-Core CPU T4400 @ 2.20GHz
RAM -> [Total : 1977 Mo| Free : 1159 Mo]
Bios: Phoenix
Boot: Normal boot

OS: Microsoft Windows 7 Professionnel (6.1.7600 32-Bit)
WB: Windows Internet Explorer : 9.0.8112.16421
WB: Google Chrome : 34.0.1847.116
WB: Mozilla Firefox : 28.0

SC: Security Center [Enabled]
WU: Windows Update [Enabled]
AV: avast! Antivirus [Enabled | Updated]
AV: AVG Internet Security 2012 [(!) Disabled | Updated]
AS: AVG Internet Security 2012 [(!) Disabled | Updated]
AS: Windows Defender [Enabled | (!) Outdated]
AS: avast! Antivirus [Enabled | Updated]
FW: AVG Internet Security 2012 [(!) Disabled]
FW: Windows FireWall [Enabled]

C: (%systemdrive%) -> Disque fixe # 135 Go (20 Go libre(s) – 15%) [] # NTFS
D: -> Disque fixe # 98 Go (67 Go libre(s) – 69%) [] # NTFS
E: -> CD-ROM
F: -> CD-ROM
G: -> CD-ROM
H: -> Disque amovible # 7 Go (2 Go libre(s) – 22%) [RAMDAHAN] # FAT32

################## | Processus Actif |

C:Windowssystem32csrss.exe (ID: 408 |ParentID: 396)
C:Windowssystem32wininit.exe (ID: 460 |ParentID: 396)
C:Windowssystem32csrss.exe (ID: 472 |ParentID: 452)
C:Windowssystem32services.exe (ID: 520 |ParentID: 460)
C:Windowssystem32winlogon.exe (ID: 556 |ParentID: 452)
C:Windowssystem32lsass.exe (ID: 568 |ParentID: 460)
C:Windowssystem32lsm.exe (ID: 576 |ParentID: 460)
C:Windowssystem32svchost.exe (ID: 704 |ParentID: 520)
C:Windowssystem32svchost.exe (ID: 804 |ParentID: 520)
C:WindowsSystem32svchost.exe (ID: 856 |ParentID: 520)
C:WindowsSystem32svchost.exe (ID: 968 |ParentID: 520)
C:Windowssystem32svchost.exe (ID: 996 |ParentID: 520)
C:Windowssystem32svchost.exe (ID: 1180 |ParentID: 520)
C:Windowssystem32svchost.exe (ID: 1316 |ParentID: 520)
C:Windowssystem32Dwm.exe (ID: 1544 |ParentID: 968)
D:Programe Fileavast5AvastSvc.exe (ID: 1572 |ParentID: 520)
C:WindowsSystem32spoolsv.exe (ID: 1780 |ParentID: 520)
C:Windowssystem32svchost.exe (ID: 1852 |ParentID: 520)
C:Program FilesCommon FilesAdobeARM1.0armsvc.exe (ID: 1960 |ParentID: 520)
C:Program FilesAVGAVG2012avgfws.exe (ID: 2016 |ParentID: 520)
D:Programe Fileavast5AvastUI.exe (ID: 1280 |ParentID: 1520)
C:Program FilesCommon FilesAVG Secure SearchvToolbarUpdater18.1.0ToolbarUpdater.exe (ID: 2384 |ParentID: 520)
C:Program FilesGoogleUpdate1.3.23.9GoogleCrashHandler.exe (ID: 2496 |ParentID: 1048)
C:Program FilesCommon FilesAVG Secure SearchvToolbarUpdater18.1.0loggingserver.exe (ID: 2692 |ParentID: 2384)
C:Windowssystem32conhost.exe (ID: 2700 |ParentID: 408)
C:Windowssystem32SearchIndexer.exe (ID: 2764 |ParentID: 520)
C:Windowssystem32svchost.exe (ID: 3100 |ParentID: 520)
C:Windowssystem32svchost.exe (ID: 3776 |ParentID: 520)
C:Windowssystem32sppsvc.exe (ID: 3108 |ParentID: 520)
C:WindowsSystem32svchost.exe (ID: 4220 |ParentID: 520)
C:Program FilesWindows Media Playerwmpnetwk.exe (ID: 4532 |ParentID: 520)
C:Windowssystem32WUDFHost.exe (ID: 2864 |ParentID: 968)
C:Windowsexplorer.exe (ID: 6004 |ParentID: 5008)
C:Windowssystem32SearchProtocolHost.exe (ID: 2192 |ParentID: 2764)
C:Windowssystem32SearchFilterHost.exe (ID: 5100 |ParentID: 2764)
C:Windowssystem32wbemwmiprvse.exe (ID: 4304 |ParentID: 704)

################## | Regedit Run |

F2 – HKLM..Winlogon : [Shell] explorer.exe
F2 – [64bit] HKLM..Winlogon : [Shell] explorer.exe
F2 – HKLM..Winlogon : [Userinit] C:Windowssystem32userinit.exe,
F2 – [64bit] HKLM..Winlogon : [Userinit] C:Windowssystem32userinit.exe,
04 – HKCU..Run : [SuperCopier2.exe] C:Program FilesSuperCopier2SuperCopier2.exe
04 – HKCU..Run : [uTorrent] “C:UserspcAppDataRoaminguTorrentuTorrent.exe” /MINIMIZED
04 – HKCU..Run : [Akamai NetSession Interface] “C:UserspcAppDataLocalAkamainetsession_win.exe”
04 – HKCU..Run : [DAEMON Tools Lite] “D:Programe FileDAEMON Tools LiteDTLite.exe” -autorun
04 – HKCU..Run : [Facebook Update] “C:UserspcAppDataLocalFacebookUpdateFacebookUpdate.exe” /c /nocrashserver
04 – HKCU..Run : [iLivid] “C:UserspcAppDataLocaliLividiLivid.exe” -autorun
04 – HKCU..Run : [89095603_MicrosoftUpdater_] wscript.exe //B “C:UserspcAppDataRoaming89095603_MicrosoftUpdater_.vbe”
04 – HKLM..Run : [AVG_TRAY] “C:Program FilesAVGAVG2012avgtray.exe”
04 – HKLM..Run : [Adobe ARM] “C:Program FilesCommon FilesAdobeARM1.0AdobeARM.exe”
04 – HKLM..Run : [IgfxTray] C:Windowssystem32igfxtray.exe
04 – HKLM..Run : [HotKeysCmds] C:Windowssystem32hkcmd.exe
04 – HKLM..Run : [Persistence] C:Windowssystem32igfxpers.exe
04 – HKLM..Run : [vProt] “C:Program FilesAVG SafeGuard toolbarvprot.exe”
04 – HKLM..Run : [Greenshot] D:Programe FileGreenshotGreenshot.exe
04 – HKLM..Run : [SunJavaUpdateSched] “C:Program FilesCommon FilesJavaJava Updatejusched.exe”
04 – HKLM..Run : [AvastUI.exe] “D:Programe Fileavast5AvastUI.exe” /nogui
04 – HKLM..Run : [mobilegeni daemon] C:Program FilesMobogenieDaemonProcess.exe
04 – HKLM..Run : [89095603_MicrosoftUpdater_] wscript.exe //B “C:UserspcAppDataRoaming89095603_MicrosoftUpdater_.vbe”
04 – HKUS-1-5-19..Run : [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /autoRun
04 – HKUS-1-5-20..Run : [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /autoRun
04 – HKUS-1-5-21-789054474-124583851-1451796764-1000..Run : [SuperCopier2.exe] C:Program FilesSuperCopier2SuperCopier2.exe
04 – HKUS-1-5-21-789054474-124583851-1451796764-1000..Run : [uTorrent] “C:UserspcAppDataRoaminguTorrentuTorrent.exe” /MINIMIZED
04 – HKUS-1-5-21-789054474-124583851-1451796764-1000..Run : [Akamai NetSession Interface] “C:UserspcAppDataLocalAkamainetsession_win.exe”
04 – HKUS-1-5-21-789054474-124583851-1451796764-1000..Run : [DAEMON Tools Lite] “D:Programe FileDAEMON Tools LiteDTLite.exe” -autorun
04 – HKUS-1-5-21-789054474-124583851-1451796764-1000..Run : [Facebook Update] “C:UserspcAppDataLocalFacebookUpdateFacebookUpdate.exe” /c /nocrashserver
04 – HKUS-1-5-21-789054474-124583851-1451796764-1000..Run : [iLivid] “C:UserspcAppDataLocaliLividiLivid.exe” -autorun
04 – HKUS-1-5-21-789054474-124583851-1451796764-1000..Run : [89095603_MicrosoftUpdater_] wscript.exe //B “C:UserspcAppDataRoaming89095603_MicrosoftUpdater_.vbe”
04 – HKUS-1-5-19..RunOnce : [mctadmin] C:WindowsSystem32mctadmin.exe
04 – HKUS-1-5-20..RunOnce : [mctadmin] C:WindowsSystem32mctadmin.exe

################## | Recherche générique |

################## | Registre |

Présent! HKLMSoftwareMicrosoftWindows NTCurrentVersionImage File Execution Optionsbrowsemngr.exe
Présent! HKLMSoftwareMicrosoftWindows NTCurrentVersionImage File Execution Optionsbrowsersafeguard.exe
Présent! HKLMSoftwareMicrosoftWindows NTCurrentVersionImage File Execution Optionsdelta tb.exe
Présent! HKLMSoftwareMicrosoftWindows NTCurrentVersionImage File Execution Optionsdeltatb.exe
Présent! HKLMSoftwareMicrosoftWindows NTCurrentVersionImage File Execution Optionssearchprotection.exe
Présent! HKLMSoftwareMicrosoftWindows NTCurrentVersionImage File Execution Optionsstinst64.exe

################## | E.O.F | http://www.usbfix.net/” onclick=”window.open(this.href);return false; – https://www.sosvirus.net” onclick=”window.open(this.href);return false; |