Répondre à : Clee usb affiche des raccourcis 2016-09-08T13:37:23+00:00
ghassan
Participant
Post count: 5

Enfaite non par ce que a chaque fois que je l’a remets dans mon pc il y a le même problème .. peut tu m’aidez stp ?
j’ai fait un autre scan voila ce que ca donne
[spoiler:u9n7jdg7]############################## | UsbFix V 7.169 | [Suppression]

Utilisateur: ghassan (Administrateur) # GHASSAN-HP
Mis à jour le 31/03/2014 par El Desaparecido – Team SosVirus
Lancé à 13:28:50 | 28/04/2014

Site Web : http://www.usbfix.net/” onclick=”window.open(this.href);return false;
Changelog : http://www.usbfix.net/maj/” onclick=”window.open(this.href);return false;
Support : forum-virus-securite.html
Upload Malware : upload_malware.php
Contact : http://www.usbfix.net/contact/” onclick=”window.open(this.href);return false;

PC: Hewlett-Packard (1841)
CPU: Intel(R) Core(TM) i3-2350M CPU @ 2.30GHz
RAM -> [Total : 3992 Mo| Free : 1916 Mo]
Bios: Insyde
Boot: Normal boot

OS: Microsoft Windows 7 Édition Familiale Basique (6.1.7601 64-Bit) Service Pack 1
WB: Windows Internet Explorer : 11.0.9600.16659
WB: Google Chrome : 34.0.1847.116

SC: Security Center [Enabled]
WU: Windows Update [Enabled]
AV: Avira Desktop [(!) Disabled | Updated]
AS: Avira Desktop [(!) Disabled | Updated]
AS: Windows Defender [Enabled | Updated]
FW: Windows FireWall [Enabled]

C: (%systemdrive%) -> Disque fixe # 443 Go (359 Go libre(s) – 81%) [] # NTFS
D: -> Disque fixe # 23 Go (2 Go libre(s) – 11%) [Recovery] # NTFS
E: -> CD-ROM
F: -> CD-ROM
G: -> CD-ROM
J: -> Disque amovible # 4 Go (4 Go libre(s) – 99%) [XP-KOMKU] # FAT32

################## | Processus Actif |

C:Windowssystem32csrss.exe (ID: 532 |ParentID: 508)
C:Windowssystem32wininit.exe (ID: 592 |ParentID: 508)
C:Windowssystem32csrss.exe (ID: 616 |ParentID: 600)
C:Windowssystem32services.exe (ID: 656 |ParentID: 592)
C:Windowssystem32lsass.exe (ID: 676 |ParentID: 592)
C:Windowssystem32lsm.exe (ID: 684 |ParentID: 592)
C:Windowssystem32winlogon.exe (ID: 732 |ParentID: 600)
C:Windowssystem32svchost.exe (ID: 832 |ParentID: 656)
C:Windowssystem32svchost.exe (ID: 936 |ParentID: 656)
C:WindowsSystem32svchost.exe (ID: 156 |ParentID: 656)
C:WindowsSystem32svchost.exe (ID: 432 |ParentID: 656)
C:Windowssystem32svchost.exe (ID: 564 |ParentID: 656)
C:Windowssystem32svchost.exe (ID: 420 |ParentID: 656)
C:Program FilesIDTWDMSTacSV64.exe (ID: 920 |ParentID: 656)
C:Windowssystem32Hpservice.exe (ID: 1276 |ParentID: 656)
C:Windowssystem32svchost.exe (ID: 1464 |ParentID: 656)
C:Windowssystem32WLANExt.exe (ID: 1560 |ParentID: 432)
C:Windowssystem32conhost.exe (ID: 1568 |ParentID: 532)
C:WindowsSystem32spoolsv.exe (ID: 1652 |ParentID: 656)
C:Windowssystem32svchost.exe (ID: 1732 |ParentID: 656)
C:Program Files (x86)Common FilesAdobeARM1.0armsvc.exe (ID: 1884 |ParentID: 656)
C:Program FilesWIDCOMMBluetooth Softwarebtwdins.exe (ID: 2024 |ParentID: 656)
C:Windowssystem32taskeng.exe (ID: 1368 |ParentID: 420)
C:WindowsSysWOW64ezSharedSvcHost.exe (ID: 2160 |ParentID: 656)
C:Program Files (x86)Hewlett-PackardHP Quick LaunchHPWMISVC.exe (ID: 2208 |ParentID: 656)
C:Program FilesInteliCLS ClientHeciServer.exe (ID: 2268 |ParentID: 656)
C:Program Files (x86)IntelIntel(R) Management Engine ComponentsFWServiceIntelMeFWService.exe (ID: 2300 |ParentID: 656)
C:Program Files (x86)IntelIntel(R) Management Engine ComponentsDALjhi_service.exe (ID: 2324 |ParentID: 656)
C:Windowssystem32lxczcoms.exe (ID: 2388 |ParentID: 656)
C:Windowssystem32Dwm.exe (ID: 2604 |ParentID: 432)
C:Program FilesCommon FilesNitroReader3.0NitroPDFReaderDriverService3x64.exe (ID: 2668 |ParentID: 656)
C:Program Files (x86)RealNetworksRealDownloaderrndlresolversvc.exe (ID: 2792 |ParentID: 656)
C:Windowssystem32svchost.exe (ID: 2888 |ParentID: 656)
C:Program Files (x86)TeamViewerVersion9TeamViewer_Service.exe (ID: 2916 |ParentID: 656)
C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSVC.EXE (ID: 2968 |ParentID: 656)
C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSvcM.exe (ID: 2096 |ParentID: 2968)
C:Program FilesHewlett-PackardHP AutoHPAuto.exe (ID: 2452 |ParentID: 656)
C:WindowsservicingTrustedInstaller.exe (ID: 3316 |ParentID: 656)
C:Windowssystem32svchost.exe (ID: 3372 |ParentID: 656)
C:Windowssystem32svchost.exe (ID: 3576 |ParentID: 656)
C:Windowsexplorer.exe (ID: 4036 |ParentID: 1768)
C:Windowssystem32SearchIndexer.exe (ID: 3764 |ParentID: 656)
C:Program FilesWIDCOMMBluetooth SoftwareBTTray.exe (ID: 2988 |ParentID: 4036)
C:WINDOWSsystem32wscript.exe (ID: 1440 |ParentID: 3020)
C:Program FilesWindows Media Playerwmpnetwk.exe (ID: 2632 |ParentID: 656)
C:WindowsSysWOW64RunDll32.exe (ID: 3460 |ParentID: 2988)
C:Windowssystem32svchost.exe (ID: 976 |ParentID: 656)
C:Program FilesWIDCOMMBluetooth SoftwareBtStackServer.exe (ID: 896 |ParentID: 832)
C:Windowssystem32wbemwmiprvse.exe (ID: 2036 |ParentID: 832)
C:Program Files (x86)Hewlett-PackardHP Support Frameworkhpsa_service.exe (ID: 3212 |ParentID: 656)
C:Program Files (x86)IntelIntel(R) Rapid Storage TechnologyIAStorDataMgrSvc.exe (ID: 956 |ParentID: 656)
C:Program Files (x86)IntelIntel(R) Management Engine ComponentsLMSLMS.exe (ID: 4060 |ParentID: 656)
C:WindowsSystem32svchost.exe (ID: 1624 |ParentID: 656)
C:Program Files (x86)IntelIntel(R) Management Engine ComponentsUNSUNS.exe (ID: 4612 |ParentID: 656)
C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID: 4556 |ParentID: 4036)
C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID: 4692 |ParentID: 4556)
C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID: 4792 |ParentID: 4556)
C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID: 4940 |ParentID: 4556)
C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID: 392 |ParentID: 4556)
C:Windowssystem32DllHost.exe (ID: 4136 |ParentID: 832)
C:WindowsSystem32WUDFHost.exe (ID: 2140 |ParentID: 432)
C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID: 3520 |ParentID: 4556)
C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID: 4536 |ParentID: 4556)
C:Windowssystem32SearchProtocolHost.exe (ID: 4316 |ParentID: 3764)
C:Windowssystem32SearchFilterHost.exe (ID: 1664 |ParentID: 3764)
C:Windowssystem32wbemwmiprvse.exe (ID: 4024 |ParentID: 832)

################## | Recherche générique |

Supprimé! J:SysBackUp.vbs
Supprimé! D:ghassan.lnk
Supprimé! D:Nouveau Dossier.lnk
Supprimé! J:epg.lnk
Supprimé! J:img.lnk
Supprimé! J:pict.lnk
Supprimé! J:bizo.lnk
Supprimé! J:bin.lnk
Supprimé! J:institutions politiques et administratives.lnk
Supprimé! J:Autorun.inf.lnk
Supprimé! J:usr.lnk
Supprimé! J:crossepg.lnk
Supprimé! J:reproduction.lnk
Supprimé! J:metamorphisme et granit'.lnk
Supprimé! J:svallaw.lnk
Supprimé! J:RECYCLER.lnk
Supprimé! J:geologie.lnk

(!) Fichiers temporaires supprimés.

################## | Registre |

################## | Regedit Run |

F2 – HKLM..Winlogon : [Shell] explorer.exe
F2 – [x64] HKLM..Winlogon : [Shell] explorer.exe
F2 – HKLM..Winlogon : [Userinit] userinit.exe,
F2 – [x64] HKLM..Winlogon : [Userinit] C:Windowssystem32userinit.exe,
04 – HKCU..Run : [BitTorrent] “C:Program Files (x86)BitTorrentBitTorrent.exe” /MINIMIZED
04 – HKCU..Run : [Facebook Update] “C:UsersghassanAppDataLocalFacebookUpdateFacebookUpdate.exe” /c /nocrashserver
04 – HKCU..Run : [RGSC] C:Program Files (x86)Rockstar GamesRockstar Games Social ClubRGSCLauncher.exe /silent
04 – HKCU..Run : [DAEMON Tools Lite] “C:Program Files (x86)DAEMON Tools LiteDTLite.exe” -autorun
04 – HKLM..Run : [USB3MON] “C:Program Files (x86)IntelIntel(R) USB 3.0 eXtensible Host Controller DriverApplicationiusb3mon.exe”
04 – HKLM..Run : [Easybits Recovery] C:Program Files (x86)EasyBits For KidsezRecover.exe
04 – HKLM..Run : [HPOSD] C:Program Files (x86)Hewlett-PackardHP On Screen DisplayHPOSD.exe
04 – HKLM..Run : [HP CoolSense] C:Program Files (x86)Hewlett-PackardHP CoolSenseCoolSense.exe -byrunkey
04 – HKLM..Run : [Adobe ARM] “C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe”
04 – HKLM..Run : [avgnt] “C:Program Files (x86)AviraAntiVir Desktopavgnt.exe” /min
04 – HKLM..Run : [HP Quick Launch] C:Program Files (x86)Hewlett-PackardHP Quick LaunchHPMSGSVC.exe
04 – HKLM..Run : [RemoteControl10] “C:Program Files (x86)CyberLinkPowerDVD10PDVD10Serv.exe”
04 – HKLM..Run : [BDRegion] C:Program Files (x86)CyberlinkShared filesbrs.exe
04 – HKLM..Run : [TkBellExe] “C:Program Files (x86)RealRealPlayerupdaterealsched.exe” -osboot
04 – HKLM..Run : [SunJavaUpdateSched] “C:Program Files (x86)Common FilesJavaJava Updatejusched.exe”
04 – HKLM..Run : [GrooveMonitor] “C:Program Files (x86)Microsoft OfficeOffice12GrooveMonitor.exe”
04 – [x64] HKLM..Run : [IgfxTray] C:Windowssystem32igfxtray.exe
04 – [x64] HKLM..Run : [HotKeysCmds] C:Windowssystem32hkcmd.exe
04 – [x64] HKLM..Run : [Persistence] C:Windowssystem32igfxpers.exe
04 – [x64] HKLM..Run : [SynTPEnh] %ProgramFiles%SynapticsSynTPSynTPEnh.exe
04 – [x64] HKLM..Run : [SetDefault] C:Program FilesHewlett-PackardHP LaunchBoxSetDefault.exe
04 – [x64] HKLM..Run : [SysTrayApp] C:Program FilesIDTWDMsttray64.exe
04 – [x64] HKLM..Run : [bintin] C:WINDOWSsystem32wscript.exe /e:VBScript.Encode D:bin.doc
04 – [x64] HKLM..RunOnce : [NCPluginUpdater] “C:Program Files (x86)Hewlett-PackardHP Health CheckActiveCheckproduct_lineNCPluginUpdater.exe” Update
04 – HKUS-1-5-19..Run : [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /autoRun
04 – HKUS-1-5-20..Run : [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /autoRun
04 – HKUS-1-5-21-3789407594-2502590900-2999774715-1000..Run : [BitTorrent] “C:Program Files (x86)BitTorrentBitTorrent.exe” /MINIMIZED
04 – HKUS-1-5-21-3789407594-2502590900-2999774715-1000..Run : [Facebook Update] “C:UsersghassanAppDataLocalFacebookUpdateFacebookUpdate.exe” /c /nocrashserver
04 – HKUS-1-5-21-3789407594-2502590900-2999774715-1000..Run : [RGSC] C:Program Files (x86)Rockstar GamesRockstar Games Social ClubRGSCLauncher.exe /silent
04 – HKUS-1-5-21-3789407594-2502590900-2999774715-1000..Run : [DAEMON Tools Lite] “C:Program Files (x86)DAEMON Tools LiteDTLite.exe” -autorun
04 – HKUS-1-5-18..Run : [Advanced SystemCare 7] “C:Program Files (x86)IObitAdvanced SystemCare 7ASCTray.exe” /Auto
04 – HKUS-1-5-19..RunOnce : [mctadmin] C:WindowsSystem32mctadmin.exe
04 – HKUS-1-5-20..RunOnce : [mctadmin] C:WindowsSystem32mctadmin.exe

################## | Listing |

[23/11/2012 – 19:15:27 | SHD] – C:$Recycle.Bin
[28/04/2014 – 02:37:04 | D] – C:AdwCleaner
[28/04/2014 – 03:39:56 | N | 1 Ko] – C:ASCInit.log
[11/02/2014 – 14:00:44 | N | 0 Ko] – C:AVScanner.ini
[12/02/2012 – 04:54:56 | SHD] – C:boot
[21/11/2010 – 05:23:51 | RASH | 375 Ko] – C:bootmgr
[14/07/2009 – 07:08:56 | SHD] – C:Documents and Settings
[28/04/2014 – 13:20:42 | ASH | 3066132 Ko] – C:hiberfil.sys
[28/11/2012 – 13:30:10 | D] – C:HP
[01/06/2012 – 02:42:42 | D] – C:Intel
[18/02/2013 – 22:13:25 | D] – C:lexmark
[03/01/2014 – 22:33:52 | N | 0 Ko] – C:lxcz.log
[17/12/2012 – 00:41:02 | RHD] – C:MSOCache
[28/04/2014 – 13:20:45 | ASH | 4088176 Ko] – C:pagefile.sys
[14/07/2009 – 05:20:08 | D] – C:PerfLogs
[16/03/2014 – 00:43:37 | D] – C:Program Files
[28/04/2014 – 13:26:51 | D] – C:Program Files (x86)
[18/02/2013 – 22:14:21 | D] – C:Program Files (x86) (x86)
[28/04/2014 – 03:11:49 | HD] – C:ProgramData
[23/11/2012 – 19:09:48 | SHD] – C:Recovery
[16/01/2014 – 02:42:40 | N | 594 Ko | ECFA4E7350DE3BB49AE671A9A3382A35] – C:SecurityScanner.dll
[04/12/2012 – 23:52:39 | D] – C:Sierra
[09/12/2013 – 15:46:18 | D] – C:SWSetup
[28/04/2014 – 11:38:17 | SHD] – C:System Volume Information
[23/11/2012 – 19:09:54 | D] – C:SYSTEM.SAV
[19/11/2013 – 22:55:22 | D] – C:temp
[28/04/2014 – 13:27:15 | D] – C:UsbFix
[28/04/2014 – 11:37:34 | N | 15 Ko | D5498D4E08447C52C70A406E912F4661] – C:UsbFix [Clean 10] GHASSAN-HP.txt
[28/04/2014 – 13:22:55 | N | 12 Ko | DB90F9E1265AF29B2C293E276089EE2F] – C:UsbFix [Clean 12] GHASSAN-HP.txt
[28/04/2014 – 13:31:26 | A | 12 Ko | 46247CF14D88B7554397AF3C1AF313AB] – C:UsbFix [Clean 14] GHASSAN-HP.txt
[28/04/2014 – 10:19:41 | N | 15 Ko | 311820E72798A4C5743F42FC148553FA] – C:UsbFix [Clean 2] GHASSAN-HP.txt
[28/04/2014 – 10:23:10 | N | 13 Ko | AEA4FAEF76418DDA53C6782AF46690F5] – C:UsbFix [Clean 4] GHASSAN-HP.txt
[28/04/2014 – 10:28:30 | N | 14 Ko | FD6D162BA9F0BD66D754470F04F25D6C] – C:UsbFix [Clean 6] GHASSAN-HP.txt
[28/04/2014 – 10:42:44 | N | 14 Ko | 8D358EE8142ADF1A40EBB9280FB2C097] – C:UsbFix [Clean 8] GHASSAN-HP.txt
[28/04/2014 – 03:08:01 | N | 14 Ko | B5820A0E3955F6F04EDF92A015FCBBCE] – C:UsbFix [Scan 1] GHASSAN-HP.txt
[23/11/2012 – 19:08:34 | D] – C:Users
[02/03/2014 – 04:03:02 | D] – C:Windows
[23/11/2012 – 19:15:27 | SHD] – D:$RECYCLE.BIN
[22/09/2013 – 22:39:48 | N | 14 Ko] – D:AUTOEXE
[22/09/2013 – 22:39:16 | N | 1 Ko] – D:bin.doc
[08/09/2013 – 15:47:30 | N | 0 Ko] – D:bizo.doc
[23/11/2012 – 19:15:24 | RASHD] – D:boot
[14/07/2009 – 20:39:00 | RASH | 375 Ko] – D:bootmgr
[23/05/2010 – 14:55:46 | RASH | 0 Ko] – D:Desktop.ini
[23/11/2012 – 19:15:24 | D] – D:FactoryUpdate
[23/11/2012 – 19:15:24 | D] – D:hp
[28/11/2012 – 13:17:45 | N | 0 Ko | CF6EAB927CA89007B4095C38E6E6C398] – D:HPSF_Rep.txt
[23/11/2012 – 19:11:31 | N | 0 Ko] – D:HP_WSD.dat
[22/09/2013 – 22:39:48 | N | 14 Ko] – D:img.jpg
[23/11/2012 – 19:15:24 | RSHD] – D:preload
[23/11/2012 – 19:15:24 | RSD] – D:recovery
[23/11/2012 – 19:15:24 | D] – D:RM_Reserve
[08/09/2013 – 15:47:30 | N | 0 Ko] – D:system
[26/01/2013 – 15:56:35 | SHD] – D:System Volume Information
[16/08/2013 – 17:19:32 | N | 1 Ko] – D:Zain
[01/01/1980 – 00:00:00 | D] – J:usr
[17/01/2014 – 08:01:10 | D] – J:crossepg
[12/01/2014 – 17:39:56 | N | 5588 Ko] – J:epg.dat.bak
[24/04/2014 – 13:33:44 | D] – J:metamorphisme et granit'
[24/04/2014 – 01:01:16 | D] – J:reproduction
[28/04/2014 – 10:16:58 | N | 15 Ko] – J:??? ??? 1 ?????? 2.docx
[22/09/2013 – 22:39:48 | N | 14 Ko] – J:img.jpg
[22/09/2013 – 22:39:22 | N | 1 Ko] – J:pict.jpg
[08/09/2013 – 15:47:30 | N | 0 Ko] – J:bizo.doc
[22/09/2013 – 22:39:16 | N | 1 Ko] – J:bin.doc
[16/08/2013 – 17:19:32 | N | 1 Ko] – J:Zain
[07/04/2014 – 23:34:38 | N | 49 Ko] – J:institutions politiques et administratives.docx
[24/04/2014 – 14:14:50 | D] – J:svallaw
[29/04/2014 – 10:28:16 | SHD] – J:RECYCLER
[09/04/2014 – 12:27:10 | D] – J:geologie

################## | Vaccin |

D:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
J:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)

################## | E.O.F | http://www.usbfix.net/” onclick=”window.open(this.href);return false; – https://www.sosvirus.net” onclick=”window.open(this.href);return false; |[/spoiler:u9n7jdg7]