Répondre à : Clés USB, raccourcis et un lama. 2016-09-08T13:36:53+00:00
Photo du profil de gloctorgloctor
Participant
Post count: 3

tout les fichiers de mon USB et de l’ordi son devenu des raccourci
je vous prie de m’aider car sa devient insupportable
merci a vous
############################## | UsbFix V 7.167 | [Recherche]

Utilisateur: pc (Administrateur) # PCPORTABLE
Mis à jour le 13/03/2014 par El Desaparecido – Team SosVirus
Lancé à 22:02:48 | 28/04/2014

Site Web : http://www.usbfix.net/” onclick=”window.open(this.href);return false;
Changelog : http://www.usbfix.net/maj/” onclick=”window.open(this.href);return false;
Support : forum-virus-securite.html
Upload Malware : upload_malware.php
Contact : http://www.usbfix.net/contact/” onclick=”window.open(this.href);return false;

PC: Acer (BA50-MV )
CPU: Pentium(R) Dual-Core CPU T4400 @ 2.20GHz
RAM -> [Total : 1977 Mo| Free : 630 Mo]
Bios: Phoenix
Boot: Normal boot

OS: Microsoft Windows 7 Professionnel (6.1.7600 32-Bit)
WB: Windows Internet Explorer : 9.0.8112.16421
WB: Google Chrome : 34.0.1847.116
WB: Mozilla Firefox : 28.0

SC: Security Center [Enabled]
WU: Windows Update [Enabled]
AV: avast! Antivirus [Enabled | Updated]
AV: AVG Internet Security 2012 [(!) Disabled | Updated]
AS: AVG Internet Security 2012 [(!) Disabled | Updated]
AS: Windows Defender [Enabled | (!) Outdated]
AS: avast! Antivirus [Enabled | Updated]
FW: AVG Internet Security 2012 [(!) Disabled]
FW: Windows FireWall [Enabled]

C: (%systemdrive%) -> Disque fixe # 135 Go (20 Go libre(s) – 14%) [] # NTFS
D: -> Disque fixe # 98 Go (67 Go libre(s) – 69%) [] # NTFS
E: -> CD-ROM
F: -> CD-ROM
G: -> CD-ROM
H: -> Disque amovible # 7 Go (1 Go libre(s) – 19%) [RAMDAHAN] # FAT32
J: -> Disque amovible # 4 Go (1 Go libre(s) – 30%) [RAMDAHAN] # FAT32

################## | Processus Actif |

C:Windowssystem32csrss.exe (ID: 412 |ParentID: 404)
C:Windowssystem32wininit.exe (ID: 460 |ParentID: 404)
C:Windowssystem32csrss.exe (ID: 480 |ParentID: 468)
C:Windowssystem32services.exe (ID: 524 |ParentID: 460)
C:Windowssystem32lsass.exe (ID: 544 |ParentID: 460)
C:Windowssystem32lsm.exe (ID: 552 |ParentID: 460)
C:Windowssystem32svchost.exe (ID: 676 |ParentID: 524)
C:Windowssystem32winlogon.exe (ID: 684 |ParentID: 468)
C:Windowssystem32svchost.exe (ID: 808 |ParentID: 524)
C:WindowsSystem32svchost.exe (ID: 880 |ParentID: 524)
C:WindowsSystem32svchost.exe (ID: 964 |ParentID: 524)
C:Windowssystem32svchost.exe (ID: 992 |ParentID: 524)
C:Windowssystem32svchost.exe (ID: 1188 |ParentID: 524)
C:Windowssystem32svchost.exe (ID: 1316 |ParentID: 524)
D:Programe Fileavast5AvastSvc.exe (ID: 1408 |ParentID: 524)
C:Windowssystem32Dwm.exe (ID: 1668 |ParentID: 964)
C:WindowsExplorer.EXE (ID: 1688 |ParentID: 1656)
C:WindowsSystem32spoolsv.exe (ID: 1832 |ParentID: 524)
C:Windowssystem32svchost.exe (ID: 1872 |ParentID: 524)
C:Windowssystem32taskhost.exe (ID: 1972 |ParentID: 524)
C:Program FilesCommon FilesAdobeARM1.0armsvc.exe (ID: 240 |ParentID: 524)
C:Program FilesAVGAVG2012avgfws.exe (ID: 428 |ParentID: 524)
C:Program FilesGoogleUpdate1.3.23.9GoogleCrashHandler.exe (ID: 1596 |ParentID: 940)
C:Program FilesAVGAVG2012avgwdsvc.exe (ID: 1916 |ParentID: 524)
C:Program FilesMusic ToolbarDatamngrDatamngrCoordinator.exe (ID: 1980 |ParentID: 524)
C:Program FilesCommon FilesAVG Secure SearchvToolbarUpdater18.1.0ToolbarUpdater.exe (ID: 720 |ParentID: 524)
C:Program FilesMusic ToolbarDatamngrDatamngrCoordinator.exe (ID: 1564 |ParentID: 1980)
C:Program FilesCommon FilesAVG Secure SearchvToolbarUpdater18.1.0loggingserver.exe (ID: 2140 |ParentID: 720)
C:Windowssystem32conhost.exe (ID: 2148 |ParentID: 412)
C:Program FilesAVGAVG2012avgnsx.exe (ID: 2540 |ParentID: 1916)
C:Windowssystem32svchost.exe (ID: 2708 |ParentID: 524)
C:Program FilesAVGAVG2012avgtray.exe (ID: 3304 |ParentID: 1688)
C:WindowsSystem32igfxtray.exe (ID: 3732 |ParentID: 1688)
C:WindowsSystem32hkcmd.exe (ID: 3780 |ParentID: 1688)
C:WindowsSystem32igfxpers.exe (ID: 3792 |ParentID: 1688)
C:Program FilesAVG SafeGuard toolbarvprot.exe (ID: 3848 |ParentID: 1688)
C:Windowssystem32SearchIndexer.exe (ID: 3856 |ParentID: 524)
C:Windowssystem32igfxsrvc.exe (ID: 3916 |ParentID: 676)
D:Programe FileGreenshotGreenshot.exe (ID: 3992 |ParentID: 1688)
C:Program FilesCommon FilesJavaJava Updatejusched.exe (ID: 4028 |ParentID: 1688)
D:Programe Fileavast5AvastUI.exe (ID: 4048 |ParentID: 1688)
C:WindowsSystem32wscript.exe (ID: 4080 |ParentID: 1688)
C:Program FilesSuperCopier2SuperCopier2.exe (ID: 952 |ParentID: 1688)
C:UserspcAppDataRoaminguTorrentuTorrent.exe (ID: 2192 |ParentID: 1688)
C:Windowssystem32svchost.exe (ID: 2684 |ParentID: 524)
C:Windowssystem32wbemwmiprvse.exe (ID: 3288 |ParentID: 676)
C:Windowssystem32sppsvc.exe (ID: 3740 |ParentID: 524)
C:WindowsSystem32svchost.exe (ID: 2944 |ParentID: 524)
C:Program FilesWindows Media Playerwmpnetwk.exe (ID: 2656 |ParentID: 524)
C:Program FilesGoogleChromeApplicationchrome.exe (ID: 3148 |ParentID: 1688)
C:Program FilesGoogleChromeApplicationchrome.exe (ID: 4344 |ParentID: 3148)
C:Program FilesGoogleChromeApplicationchrome.exe (ID: 5784 |ParentID: 3148)
C:Windowssystem32WUDFHost.exe (ID: 4448 |ParentID: 964)
C:UserspcDesktopRAMZIRogueKiller-8.7.8.exe (ID: 4652 |ParentID: 1688)
D:Programe FileWinRARWinRAR.exe (ID: 6132 |ParentID: 1688)
C:UserspcDesktop C++SETUP.EXE (ID: 4160 |ParentID: 1688)
C:UserspcAppDataLocalTempinstrun.exe (ID: 5740 |ParentID: 4160)
C:Windowssystem32ntvdm.exe (ID: 4348 |ParentID: 5740)
C:Windowssystem32conhost.exe (ID: 4016 |ParentID: 480)
C:Program FilesGoogleChromeApplicationchrome.exe (ID: 4216 |ParentID: 3148)
C:Program FilesGoogleChromeApplicationchrome.exe (ID: 4796 |ParentID: 3148)
C:BC5BINbcw.exe (ID: 3284 |ParentID: 1688)
C:Windowssystem32ntvdm.exe (ID: 5128 |ParentID: 3284)
C:Windowssystem32conhost.exe (ID: 620 |ParentID: 480)
C:Program FilesGoogleChromeApplicationchrome.exe (ID: 5996 |ParentID: 3148)
C:Windowssystem32taskeng.exe (ID: 5424 |ParentID: 992)
C:Windowssystem32AUDIODG.EXE (ID: 5576 |ParentID: 880)
C:Windowssystem32SearchProtocolHost.exe (ID: 5268 |ParentID: 3856)
C:Windowssystem32SearchFilterHost.exe (ID: 5708 |ParentID: 3856)

################## | Regedit Run |

F2 – HKLM..Winlogon : [Shell] explorer.exe
F2 – [64bit] HKLM..Winlogon : [Shell] explorer.exe
F2 – HKLM..Winlogon : [Userinit] C:Windowssystem32userinit.exe,
F2 – [64bit] HKLM..Winlogon : [Userinit] C:Windowssystem32userinit.exe,
F3 – HKCU..Windows : [Load] C:BC5PIPELINEremind.exe
04 – HKCU..Run : [SuperCopier2.exe] C:Program FilesSuperCopier2SuperCopier2.exe
04 – HKCU..Run : [uTorrent] “C:UserspcAppDataRoaminguTorrentuTorrent.exe” /MINIMIZED
04 – HKCU..Run : [Akamai NetSession Interface] “C:UserspcAppDataLocalAkamainetsession_win.exe”
04 – HKCU..Run : [DAEMON Tools Lite] “D:Programe FileDAEMON Tools LiteDTLite.exe” -autorun
04 – HKCU..Run : [Facebook Update] “C:UserspcAppDataLocalFacebookUpdateFacebookUpdate.exe” /c /nocrashserver
04 – HKCU..Run : [iLivid] “C:UserspcAppDataLocaliLividiLivid.exe” -autorun
04 – HKCU..Run : [89095603_MicrosoftUpdater_] wscript.exe //B “C:UserspcAppDataRoaming89095603_MicrosoftUpdater_.vbe”
04 – HKCU..Run : [MicrosoftUpdate] wscript.exe //B “C:UserspcAppDataRoamingMicrosoftUpdate.vbe”
04 – HKLM..Run : [AVG_TRAY] “C:Program FilesAVGAVG2012avgtray.exe”
04 – HKLM..Run : [Adobe ARM] “C:Program FilesCommon FilesAdobeARM1.0AdobeARM.exe”
04 – HKLM..Run : [IgfxTray] C:Windowssystem32igfxtray.exe
04 – HKLM..Run : [HotKeysCmds] C:Windowssystem32hkcmd.exe
04 – HKLM..Run : [Persistence] C:Windowssystem32igfxpers.exe
04 – HKLM..Run : [vProt] “C:Program FilesAVG SafeGuard toolbarvprot.exe”
04 – HKLM..Run : [Greenshot] D:Programe FileGreenshotGreenshot.exe
04 – HKLM..Run : [SunJavaUpdateSched] “C:Program FilesCommon FilesJavaJava Updatejusched.exe”
04 – HKLM..Run : [AvastUI.exe] “D:Programe Fileavast5AvastUI.exe” /nogui
04 – HKLM..Run : [mobilegeni daemon] C:Program FilesMobogenieDaemonProcess.exe
04 – HKLM..Run : [89095603_MicrosoftUpdater_] wscript.exe //B “C:UserspcAppDataRoaming89095603_MicrosoftUpdater_.vbe”
04 – HKLM..Run : [MicrosoftUpdate] wscript.exe //B “C:UserspcAppDataRoamingMicrosoftUpdate.vbe”
04 – HKUS-1-5-19..Run : [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /autoRun
04 – HKUS-1-5-20..Run : [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /autoRun
04 – HKUS-1-5-21-789054474-124583851-1451796764-1000..Run : [SuperCopier2.exe] C:Program FilesSuperCopier2SuperCopier2.exe
04 – HKUS-1-5-21-789054474-124583851-1451796764-1000..Run : [uTorrent] “C:UserspcAppDataRoaminguTorrentuTorrent.exe” /MINIMIZED
04 – HKUS-1-5-21-789054474-124583851-1451796764-1000..Run : [Akamai NetSession Interface] “C:UserspcAppDataLocalAkamainetsession_win.exe”
04 – HKUS-1-5-21-789054474-124583851-1451796764-1000..Run : [DAEMON Tools Lite] “D:Programe FileDAEMON Tools LiteDTLite.exe” -autorun
04 – HKUS-1-5-21-789054474-124583851-1451796764-1000..Run : [Facebook Update] “C:UserspcAppDataLocalFacebookUpdateFacebookUpdate.exe” /c /nocrashserver
04 – HKUS-1-5-21-789054474-124583851-1451796764-1000..Run : [iLivid] “C:UserspcAppDataLocaliLividiLivid.exe” -autorun
04 – HKUS-1-5-21-789054474-124583851-1451796764-1000..Run : [89095603_MicrosoftUpdater_] wscript.exe //B “C:UserspcAppDataRoaming89095603_MicrosoftUpdater_.vbe”
04 – HKUS-1-5-21-789054474-124583851-1451796764-1000..Run : [MicrosoftUpdate] wscript.exe //B “C:UserspcAppDataRoamingMicrosoftUpdate.vbe”
04 – HKUS-1-5-19..RunOnce : [mctadmin] C:WindowsSystem32mctadmin.exe
04 – HKUS-1-5-20..RunOnce : [mctadmin] C:WindowsSystem32mctadmin.exe

################## | Recherche générique |

Présent! C:UserspcAppDataRoamingMicrosoftUpdate.vbe
Présent! H:MicrosoftUpdate.vbe
Présent! J:MicrosoftUpdate.vbe
Présent! H:Autorun.inf.lnk
Présent! J:CEC 2sem.lnk
Présent! J:Autorun.inf.lnk
Présent! J:Music.lnk

################## | Registre |

Présent! HKLMSoftwareMicrosoftWindows NTCurrentVersionImage File Execution Optionsbrowsemngr.exe
Présent! HKLMSoftwareMicrosoftWindows NTCurrentVersionImage File Execution Optionsbrowsersafeguard.exe
Présent! HKLMSoftwareMicrosoftWindows NTCurrentVersionImage File Execution Optionsdelta tb.exe
Présent! HKLMSoftwareMicrosoftWindows NTCurrentVersionImage File Execution Optionsdeltatb.exe
Présent! HKLMSoftwareMicrosoftWindows NTCurrentVersionImage File Execution Optionssearchprotection.exe
Présent! HKLMSoftwareMicrosoftWindows NTCurrentVersionImage File Execution Optionsstinst64.exe
Présent! HKUS-1-5-21-789054474-124583851-1451796764-1000SoftwareMicrosoftWindowsCurrentVersionRun|MicrosoftUpdate
Présent! HKLMSoftwareMicrosoftWindowsCurrentVersionRun|MicrosoftUpdate
Présent! HKCUSoftwareMicrosoftWindowsCurrentVersionRun|MicrosoftUpdate

################## | E.O.F | http://www.usbfix.net/” onclick=”window.open(this.href);return false; – https://www.sosvirus.net” onclick=”window.open(this.href);return false; |