Répondre à : Pubs intempestives et onglets qui souvrent tous seuls 2016-09-12T13:42:48+00:00
Louise
Participant
Nombre d'articles : 11

Il se porte vraiment mieux, je crois que je n’ai pas revu de pub de l’après-midi 🙂
J’ai repassée la clef usb H :

############################## | UsbFix V 7.169 | [Suppression]

Utilisateur: Louise (Administrateur) # PC-LOUISE
Mis à jour le 31/03/2014 par El Desaparecido – Team SosVirus
Lancé à 23:08:21 | 19/04/2014

Site Web : http://www.usbfix.net/” onclick=”window.open(this.href);return false;
Changelog : http://www.usbfix.net/maj/” onclick=”window.open(this.href);return false;
Support : forum-virus-securite.html
Upload Malware : upload_malware.php
Contact : http://www.usbfix.net/contact/” onclick=”window.open(this.href);return false;

PC: ASUSTeK COMPUTER INC. (X75VC)
CPU: Intel(R) Core(TM) i5-3230M CPU @ 2.60GHz
RAM -> [Total : 8078 Mo| Free : 5282 Mo]
Bios: American Megatrends Inc.
Boot: Normal boot

OS: Microsoft Windows 8 (6.2.9200 64-Bit)
WB: Windows Internet Explorer : 10.0.9200.16863
WB: Mozilla Firefox : 27.0.1

SC: Security Center [Enabled]
WU: Windows Update [Enabled]
AV: AVG AntiVirus Free Edition 2014 [Enabled | Updated]
AV: Windows Defender [(!) Disabled | Updated]
AS: Windows Defender [(!) Disabled | Updated]
AS: AVG AntiVirus Free Edition 2014 [Enabled | Updated]
FW: Windows FireWall [(!) Disabled]

C: (%systemdrive%) -> Disque fixe # 279 Go (167 Go libre(s) – 60%) [OS] # NTFS
D: -> Disque fixe # 398 Go (398 Go libre(s) – 100%) [Data] # NTFS
E: -> CD-ROM
H: -> Disque amovible # 7 Go (6 Go libre(s) – 88%) [USB DISK] # FAT32

################## | Processus Actif |

C:PROGRA~2AVGAVG2014avgrsa.exe (ID: 444 |ParentID: 432)
C:Program Files (x86)AVGAVG2014avgcsrva.exe (ID: 484 |ParentID: 444)
C:Windowssystem32csrss.exe (ID: 768 |ParentID: 756)
C:Windowssystem32wininit.exe (ID: 844 |ParentID: 756)
C:Windowssystem32csrss.exe (ID: 860 |ParentID: 852)
C:Windowssystem32winlogon.exe (ID: 904 |ParentID: 852)
C:Windowssystem32services.exe (ID: 952 |ParentID: 844)
C:Windowssystem32lsass.exe (ID: 960 |ParentID: 844)
C:Windowssystem32svchost.exe (ID: 500 |ParentID: 952)
C:Windowssystem32svchost.exe (ID: 864 |ParentID: 952)
C:WindowsSystem32svchost.exe (ID: 436 |ParentID: 952)
C:Windowssystem32svchost.exe (ID: 1036 |ParentID: 952)
C:Windowssystem32dwm.exe (ID: 1088 |ParentID: 904)
C:Windowssystem32svchost.exe (ID: 1112 |ParentID: 952)
C:WindowsSystem32svchost.exe (ID: 1152 |ParentID: 952)
C:Windowssystem32svchost.exe (ID: 1348 |ParentID: 952)
C:Windowssystem32svchost.exe (ID: 1700 |ParentID: 952)
C:Windowssystem32svchost.exe (ID: 1768 |ParentID: 952)
C:Program Files (x86)AVGAVG2014avgidsagent.exe (ID: 2024 |ParentID: 952)
C:Program Files (x86)AVGAVG2014avgwdsvc.exe (ID: 1148 |ParentID: 952)
C:Windowssystem32svchost.exe (ID: 2396 |ParentID: 952)
C:Program Files (x86)AVGAVG2014avgnsa.exe (ID: 2664 |ParentID: 1148)
C:Program Files (x86)AVGAVG2014avgemca.exe (ID: 2672 |ParentID: 1148)
C:Windowssystem32svchost.exe (ID: 2892 |ParentID: 952)
C:WindowsSystem32hkcmd.exe (ID: 4400 |ParentID: 3592)
C:Program Files (x86)AVGAVG2014avgui.exe (ID: 4788 |ParentID: 4924)
C:Program FilesInteliCLS ClientHeciServer.exe (ID: 4940 |ParentID: 952)
C:Windowsexplorer.exe (ID: 4636 |ParentID: 11844)
C:Windowssystem32DllHost.exe (ID: 1892 |ParentID: 500)
C:Windowssystem32SearchIndexer.exe (ID: 2108 |ParentID: 952)
C:Program Files (x86)IntelIntel(R) Management Engine ComponentsLMSLMS.exe (ID: 5576 |ParentID: 952)
C:Program FilesInternet Exploreriexplore.exe (ID: 3880 |ParentID: 4636)
C:Program Files (x86)Internet ExplorerIEXPLORE.EXE (ID: 7920 |ParentID: 3880)
C:Program Files (x86)Internet ExplorerIEXPLORE.EXE (ID: 8412 |ParentID: 3880)
C:Program Files (x86)Internet ExplorerIEXPLORE.EXE (ID: 12460 |ParentID: 3880)
C:WindowsSystem32RuntimeBroker.exe (ID: 10380 |ParentID: 500)
C:Program Files (x86)Malwarebytes Anti-Malwarembam.exe (ID: 5172 |ParentID: 7036)
C:Windowssystem32dashost.exe (ID: 21716 |ParentID: 1152)
C:Program FilesMicrosoft Office 15ClientX64integratedoffice.exe (ID: 25192 |ParentID: 952)
C:Windowssystem32msiexec.exe (ID: 23672 |ParentID: 952)
C:WindowsSystem32WUDFHost.exe (ID: 25808 |ParentID: 1152)
C:Windowssystem32SearchProtocolHost.exe (ID: 26532 |ParentID: 2108)
C:Windowssystem32SearchFilterHost.exe (ID: 26552 |ParentID: 2108)
C:Windowssystem32wbemwmiprvse.exe (ID: 23936 |ParentID: 500)
C:Windowssystem32DllHost.exe (ID: 25548 |ParentID: 500)

################## | Recherche générique |

Non supprimé ! H:flashmemory.vbe

(!) Fichiers temporaires supprimés.

################## | Registre |

################## | Regedit Run |

F2 – HKLM..Winlogon : [Shell] explorer.exe
F2 – [x64] HKLM..Winlogon : [Shell] explorer.exe
F2 – HKLM..Winlogon : [Userinit] userinit.exe,
F2 – [x64] HKLM..Winlogon : [Userinit] C:Windowssystem32userinit.exe,
04 – HKCU..Run : [Sony PC Companion] “C:Program Files (x86)SonySony PC CompanionPCCompanion.exe” /Background
04 – HKCU..Run : [HP Deskjet 3050A J611 series (NET)] “C:Program FilesHPHP Deskjet 3050A J611 seriesBinScanToPCActivationApp.exe” -deviceID “CN3791CMF205WK:NW” -scfn “HP Deskjet 3050A J611 series (NET)” -AutoStart 1
04 – HKCU..Run : [Spotify] “C:UsersLouiseAppDataRoamingSpotifySpotify.exe” /uri spotify:autostart
04 – HKCU..Run : [Spotify Web Helper] “C:UsersLouiseAppDataRoamingSpotifyDataSpotifyWebHelper.exe”
04 – HKLM..Run : [Adobe Reader Speed Launcher] “C:Program Files (x86)AdobeReader 10.0ReaderReader_sl.exe”
04 – HKLM..Run : [Adobe ARM] “C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe”
04 – HKLM..Run : [ASUSPRP] “C:Program Files (x86)ASUSAPRPAPRP.EXE”
04 – HKLM..Run : [ASUSWebStorage] C:Program Files (x86)ASUSWebStorage Sync Agent1.1.10.123AsusWSPanel.exe /S
04 – HKLM..Run : [RemoteControl10] “C:Program Files (x86)CyberLinkPowerDVD10PDVD10Serv.exe”
04 – HKLM..Run : [BDRegion] C:Program Files (x86)CyberlinkShared filesbrs.exe
04 – HKLM..Run : [AVG_UI] “C:Program Files (x86)AVGAVG2014avgui.exe” /TRAYONLY
04 – HKLM..Run : [BCSSync] “C:Program Files (x86)Microsoft OfficeOffice14BCSSync.exe” /DelayServices
04 – HKLM..Run : [SwitchBoard] C:Program Files (x86)Common FilesAdobeSwitchBoardSwitchBoard.exe
04 – HKLM..Run : [AdobeCS6ServiceManager] “C:Program Files (x86)Common FilesAdobeCS6ServiceManagerCS6ServiceManager.exe” -launchedbylogin
04 – HKLM..Run : [HP Software Update] C:Program Files (x86)HpHP Software UpdateHPWuSchd2.exe
04 – HKLM..RunOnce : []
04 – [x64] HKLM..Run : [IgfxTray] C:Windowssystem32igfxtray.exe
04 – [x64] HKLM..Run : [HotKeysCmds] C:Windowssystem32hkcmd.exe
04 – [x64] HKLM..Run : [RTHDVCPL] C:Program FilesRealtekAudioHDARAVCpl64.exe -s
04 – [x64] HKLM..Run : [AdobeAAMUpdater-1.0] “C:Program Files (x86)Common FilesAdobeOOBEPDAppUWAUpdaterStartupUtility.exe”
04 – HKUS-1-5-21-3436731335-4286099936-529172577-1002..Run : [Sony PC Companion] “C:Program Files (x86)SonySony PC CompanionPCCompanion.exe” /Background
04 – HKUS-1-5-21-3436731335-4286099936-529172577-1002..Run : [HP Deskjet 3050A J611 series (NET)] “C:Program FilesHPHP Deskjet 3050A J611 seriesBinScanToPCActivationApp.exe” -deviceID “CN3791CMF205WK:NW” -scfn “HP Deskjet 3050A J611 series (NET)” -AutoStart 1
04 – HKUS-1-5-21-3436731335-4286099936-529172577-1002..Run : [Spotify] “C:UsersLouiseAppDataRoamingSpotifySpotify.exe” /uri spotify:autostart
04 – HKUS-1-5-21-3436731335-4286099936-529172577-1002..Run : [Spotify Web Helper] “C:UsersLouiseAppDataRoamingSpotifyDataSpotifyWebHelper.exe”

################## | Listing |

[27/11/2013 – 20:04:59 | D] – C:$AVG
[10/03/2014 – 11:34:37 | SHD] – C:$Recycle.Bin
[19/04/2014 – 10:34:59 | D] – C:AdwCleaner
[27/11/2012 – 15:00:09 | SHD] – C:Boot
[26/07/2012 – 05:44:30 | RASH | 389 Ko] – C:bootmgr
[02/06/2012 – 16:30:55 | N | 0 Ko] – C:BOOTNXT
[26/07/2012 – 09:22:08 | SHD] – C:Documents and Settings
[18/06/2013 – 17:20:50 | D] – C:eSupport
[19/04/2014 – 12:06:37 | D] – C:FRST
[19/04/2014 – 10:36:02 | ASH | 6617148 Ko] – C:hiberfil.sys
[18/06/2013 – 17:01:05 | D] – C:Intel
[28/09/2013 – 19:02:40 | RHD] – C:MSOCache
[19/04/2014 – 10:36:02 | ASH | 1245184 Ko] – C:pagefile.sys
[26/07/2012 – 09:33:46 | D] – C:PerfLogs
[19/04/2014 – 12:24:03 | N | 1 Ko] – C:PhysicalDisk0_MBR.bin
[19/04/2014 – 10:34:59 | D] – C:Program Files
[19/04/2014 – 12:57:38 | D] – C:Program Files (x86)
[19/04/2014 – 12:57:38 | HD] – C:ProgramData
[18/04/2014 – 23:36:19 | D] – C:Shortcut_Module
[07/09/2013 – 23:39:17 | D] – C:sources
[19/04/2014 – 10:36:03 | ASH | 262144 Ko] – C:swapfile.sys
[19/04/2014 – 12:52:31 | SHD] – C:System Volume Information
[19/04/2014 – 23:08:04 | D] – C:UsbFix
[19/04/2014 – 11:39:43 | N | 17 Ko | 8D5DD97B42A1624B679CE10D4EC54FC3] – C:UsbFix [Clean 2] PC-LOUISE.txt
[19/04/2014 – 11:55:14 | N | 9 Ko | 6CFFCB90DA2E33D83F7401706F2A7034] – C:UsbFix [Clean 4] PC-LOUISE.txt
[19/04/2014 – 12:33:40 | N | 12 Ko | 0160FB1D03CBFD752A0DACA7A48E0399] – C:UsbFix [Clean 6] PC-LOUISE.txt
[19/04/2014 – 23:09:18 | A | 9 Ko | 12DF6F66EA6285F10454EA0C8D93EA5E] – C:UsbFix [Clean 8] PC-LOUISE.txt
[15/11/2013 – 20:33:47 | D] – C:Users
[19/04/2014 – 12:52:47 | D] – C:Windows
[22/05/2013 – 04:07:22 | N | 6146 Ko] – C:X75VB.BIN
[22/05/2013 – 03:13:28 | N | 6146 Ko] – C:X75VBP.BIN
[26/02/2013 – 05:19:54 | N | 6146 Ko] – C:X75VC.BIN
[26/02/2013 – 05:26:50 | N | 6146 Ko] – C:X75VCP.BIN
[07/09/2013 – 21:30:49 | SHD] – D:$RECYCLE.BIN
[28/09/2013 – 19:03:57 | D] – D:IDE
[18/06/2013 – 16:56:47 | SHD] – D:System Volume Information
[01/01/2014 – 14:25:46 | N | 1487 Ko] – H:Doc1.docx
[29/11/2013 – 15:31:10 | N | 84316 Ko | D41D8CD98F00B204E9800998ECF8427E] – H:flashmemory.vbe
[10/01/2014 – 08:02:28 | SH | 4 Ko] – H:._.Trashes
[23/01/2014 – 10:24:52 | D] – H:FOUND.000
[10/01/2014 – 08:02:28 | SHD] – H:.Trashes
[21/03/2014 – 09:56:40 | N | 288 Ko] – H:banane.ai
[10/01/2014 – 08:02:28 | SHD] – H:.Spotlight-V100
[21/03/2014 – 09:26:20 | SHD] – H:.fseventsd
[24/01/2014 – 09:57:14 | N | 669 Ko] – H:JACQUEMOUD_LOUISE_MANAAG_24-01-2014.ai
[24/01/2014 – 09:57:58 | N | 4 Ko] – H:._JACQUEMOUD_LOUISE_MANAAG_24-01-2014.ai
[21/03/2014 – 09:57:26 | N | 288 Ko] – H:banana- 2.ai
[21/03/2014 – 08:50:30 | N | 8118 Ko] – H:CITURA_Abri_Bus_Standard.JPG
[21/03/2014 – 08:49:42 | N | 2448 Ko] – H:abris-bus.jpg
[09/01/2014 – 23:02:24 | N | 370 Ko] – H:Scan0001.jpg
[21/03/2014 – 09:55:58 | N | 4 Ko] – H:._CITURA_Abri_Bus_Standard.JPG
[21/03/2014 – 09:56:40 | N | 4 Ko] – H:._banane.ai
[17/01/2014 – 09:54:24 | N | 4904 Ko] – H:JACQUEMOUD_LOUISE_MANAAG_17-01-2014.jpg
[17/01/2014 – 09:53:30 | N | 271785 Ko] – H:JACQUEMOUD_LOUISE_MANAAG_17-01-2014.psd
[23/01/2014 – 10:24:32 | D] – H:MEDIAGO
[23/01/2014 – 09:17:50 | N | 4409 Ko] – H:motif 1.jpg
[23/01/2014 – 10:26:30 | N | 13533 Ko] – H:motif 1.png
[23/01/2014 – 10:32:46 | N | 741 Ko] – H:motif 1.docx
[23/01/2014 – 23:47:10 | N | 11541 Ko] – H:motif 2 2.jpg
[23/01/2014 – 23:52:30 | N | 3244 Ko] – H:motif-2.jpg
[23/01/2014 – 23:52:26 | N | 2165 Ko] – H:motif-1.jpg
[19/02/2014 – 05:59:28 | N | 6518 Ko] – H:matériaux espace.docx
[16/03/2014 – 20:18:50 | N | 5162 Ko] – H:archi modulaire.docx
[16/03/2014 – 23:04:06 | N | 2246 Ko] – H:plateau bio.docx
[18/03/2014 – 12:12:38 | N | 1876 Ko] – H:Dossier espace groupe finalisé.docx
[18/03/2014 – 12:16:46 | N | 2652 Ko] – H:reste espace a imprimer.docx
[20/03/2014 – 01:11:36 | N | 8607 Ko] – H:EP à imprimer.docx
[21/03/2014 – 07:04:56 | N | 14447 Ko] – H:hokusai truc.ai
[21/03/2014 – 09:56:02 | N | 4 Ko] – H:._abris-bus.jpg
[21/03/2014 – 09:57:26 | N | 4 Ko] – H:._banana- 2.ai
[21/03/2014 – 11:20:48 | N | 10012 Ko] – H:Document.docx
[21/03/2014 – 11:27:40 | N | 3019 Ko] – H:Document marion.docx

################## | Vaccin |

D:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
H:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)

################## | E.O.F | http://www.usbfix.net/” onclick=”window.open(this.href);return false; – https://www.sosvirus.net” onclick=”window.open(this.href);return false; |

Spotify s’ouvre automatiquement lorsque je vais sur le bureau mais je ne l’utilise pas systématiquement pourquoi ?