Répondre à : Fichiers .exe sur mes clés USB 2016-09-08T13:46:11+00:00
Photo du profil de VitoVito
Participant
Nombre d'articles : 5

Merci ! :bravo1:

J’ai récupéré mes dossiers sur mes disques externes!
Voici le rapport :
[spoiler:1jrah7o1]############################## | UsbFix V 7.171 | [Nettoyage]

Utilisateur: bureau (Administrateur) # NOM-325236CBEE9
Mis à jour le 09/06/2014 par El Desaparecido – SosVirus
Lancé à 21:51:42 | 17/06/2014

Site Web : http://www.usbfix.net/
Changelog : http://www.usbfix.net/maj/
Assistance : https://www.sosvirus.net/aide-nettoyage-pc/
Upload Malware : https://www.sosvirus.net/upload_malware.php
Contact : http://www.usbfix.net/contact/

PC: NEC COMPUTERS INTERNATIONAL (NEC Versa Premium )
CPU: Intel(R) Celeron(R) M processor 1.30GHz
RAM -> [Total : 959 Mo| Free : 254 Mo]
Bios: Insyde Software Corporation
Boot: Normal boot

OS: Microsoft Windows XP Édition familiale (5.1.2600 32-Bit) Service Pack 3
WB: Windows Internet Explorer : 8.0.6001.18702
WB: Mozilla Firefox : 29.0.1

SC: Security Center [Enabled]
WU: Windows Update [Enabled]

FW: Windows FireWall [Enabled]

C: (%SystemDrive%) -> Disque fixe # 149 Go (2 Go libre(s) – 1%) [] # NTFS
D: -> CD-ROM
E: -> Disque fixe # 931 Go (629 Go libre(s) – 68%) [My Passport] # NTFS
G: -> CD-ROM
H: -> Disque fixe # 297 Go (9 Go libre(s) – 3%) [My Passport] # NTFS

################## | Processus Stoppés |

C:WINDOWSexplorer.exe (ID: 1524|ParentID: 1480|bureau)
C:WINDOWSsystem32spoolsv.exe (ID: 1696|ParentID: 664|SYSTEM)
C:Program FilesJavajre6binjqs.exe (ID: 880|ParentID: 664|SYSTEM)
C:WINDOWSsystem32wdfmgr.exe (ID: 800|ParentID: 664|SERVICE LOCAL)
C:Program FilesWestern DigitalWD SmartWareWD Drive ManagerWDDMService.exe (ID: 1604|ParentID: 664|SYSTEM)
C:Program FilesWestern DigitalWD SmartWareFront ParlorWDSmartWareBackgroundService.exe (ID: 1716|ParentID: 664|SYSTEM)
C:WINDOWSsystem32alg.exe (ID: 2200|ParentID: 664|SERVICE LOCAL)
C:WINDOWSsystem32carpserv.exe (ID: 2316|ParentID: 1524|bureau)
C:Program FilesFichiers communsJavaJava Updatejusched.exe (ID: 2324|ParentID: 1524|bureau)
C:WINDOWSsystem32LVCOMSX.EXE (ID: 3060|ParentID: 1524|bureau)
C:Program FilesLogitechVideoLogiTray.exe (ID: 3212|ParentID: 1524|bureau)
C:WINDOWSSOUNDMAN.EXE (ID: 3280|ParentID: 1524|bureau)
C:WINDOWSsystem32ctfmon.exe (ID: 3296|ParentID: 1524|bureau)
C:Program FilesLogitechDesktop Messenger8876480ProgrambackWeb-8876480.exe (ID: 3328|ParentID: 1524|bureau)
C:Program FilesWestern DigitalWD SmartWareWD Drive ManagerWDDMStatus.exe (ID: 3596|ParentID: 1524|bureau)
C:Program FilesWestern DigitalWD SmartWareFront ParlorWDSmartWare.exe (ID: 3696|ParentID: 1524|bureau)
C:Program FilesLogitechVideoFxSvr2.exe (ID: 3768|ParentID: 840|bureau)
C:WINDOWSsystem32wuauclt.exe (ID: 2628|ParentID: 1032|bureau)
C:WINDOWSsystem32wbemunsecapp.exe (ID: 2888|ParentID: 840|bureau)
C:Program FilesMozilla Firefoxfirefox.exe (ID: 420|ParentID: 1524|bureau)
C:Program FilesMozilla Firefoxplugin-container.exe (ID: 3804|ParentID: 420|bureau)

################## | Autorun |

################## | Recherche générique |

Non supprimé ! E:$RECYCLE.BIN.exe
Supprimé! E:Photos [Sauvegarde 2].PIF
Non supprimé ! E:Recyclerwmimgmt.com
Non supprimé ! H:Recyclerwmimgmt.com
Non supprimé ! E:f6e20da6e35374abf335373915ebed4.exe
Non supprimé ! E:9c8edb663e78a56c87e52148d2.exe
Non supprimé ! E:My Passport.exe
Non supprimé ! E:Photos [Sauvegarde 2].exe
Non supprimé ! E:SOPHIE.exe
Non supprimé ! E:USA_2013.exe

(!) Fichiers temporaires supprimés.

################## | Registre |

################## | Regedit Run |

F2 – HKLM..Winlogon : [Shell] Explorer.exe
F2 – HKLM..Winlogon : [Userinit] C:WINDOWSsystem32userinit.exe,
04 – HKCU..Run : [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe
04 – HKCU..Run : [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] “C:Program FilesFichiers communsAheadLibNMBgMonitor.exe”
04 – HKCU..Run : [msnmsgr] “C:Program FilesWindows LiveMessengermsnmsgr.exe” /background
04 – HKCU..Run : [LDM] C:Program FilesLogitechDesktop Messenger8876480ProgramBackWeb-8876480.exe
04 – HKCU..Run : [LogitechSoftwareUpdate] “C:Program FilesLogitechVideoManifestEngine.exe” boot
04 – HKCU..Run : [wmi32] “C:Documents and SettingsAll UsersApplication Datawmimgmt.exe”
04 – HKCU..RunOnce : [FlashPlayerUpdate] C:WINDOWSsystem32MacromedFlashFlashUtil32_13_0_0_214_Plugin.exe -update plugin
04 – HKLM..Run : [CARPService] carpserv.exe
04 – HKLM..Run : [SunJavaUpdateSched] “C:Program FilesFichiers communsJavaJava Updatejusched.exe”
04 – HKLM..Run : [Adobe Reader Speed Launcher] “C:Program FilesAdobeReader 9.0ReaderReader_sl.exe”
04 – HKLM..Run : [Adobe ARM] “C:Program FilesFichiers communsAdobeARM1.0AdobeARM.exe”
04 – HKLM..Run : [LVCOMSX] C:WINDOWSsystem32LVCOMSX.EXE
04 – HKLM..Run : [LogitechVideoRepair] C:Program FilesLogitechVideoISStart.exe
04 – HKLM..Run : [LogitechVideoTray] C:Program FilesLogitechVideoLogiTray.exe
04 – HKLM..Run : [SoundMan] SOUNDMAN.EXE
04 – HKLM..Run : [AvastUI.exe] “C:Program FilesAVAST SoftwareAvastAvastUI.exe” /nogui
04 – HKLM..RunOnce : [AvgUninstallURL] cmd.exe /c start http://www.avg.com/ww.special-uninstallation-feedback-app?lic=OQBBAFYARgBSAEUARQAtAFYAMgBHADMASwAtADgANwBXAFUAVQAtADIAVABWAEgAQQAtAFgANgBEAEYAOAAtAEwANgBQAEEATgA” onclick=”window.open(this.href);return false;”&”inst=NwA3AC0ANAAyADgAOQA4ADAAMAAxADkALQBCAEEAUgA5AEcAKwAxAC0ARgBMACsAOQAtAEYAOQBNADYAKwAxAC0AWABPADMANgArADEALQBGADkATQA3AEMAKwA1AC0AWABPADkAKwAxAC0ARgA5AE0AMwArADEALQBEAEQAVAArADUANwA0ADEANAAtAEQARAA5ADAARgArADEALQBTAFQAOQAwAEYAQQBQAFAAKwAxAC0ARgA5ADAATQAxADIARQBOACsAMQAtAFQAQgBOACsAMQAtAFUAOQA1ACsAMQAtAEwAOQAwAE0ASgArADIALQBGADkAMABNADEAMgBKAFQAKwAxAC0ARgA5ADAATQAxADIAUgArADEALQBWAEkAUAAxADIAKwAxAA”&”prod=90″&”ver=9.0.894
04 – HKUS-1-5-19..Run : [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE
04 – HKUS-1-5-20..Run : [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE
04 – HKUS-1-5-21-1220945662-527237240-1606980848-1004..Run : [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe
04 – HKUS-1-5-21-1220945662-527237240-1606980848-1004..Run : [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] “C:Program FilesFichiers communsAheadLibNMBgMonitor.exe”
04 – HKUS-1-5-21-1220945662-527237240-1606980848-1004..Run : [msnmsgr] “C:Program FilesWindows LiveMessengermsnmsgr.exe” /background
04 – HKUS-1-5-21-1220945662-527237240-1606980848-1004..Run : [LDM] C:Program FilesLogitechDesktop Messenger8876480ProgramBackWeb-8876480.exe
04 – HKUS-1-5-21-1220945662-527237240-1606980848-1004..Run : [LogitechSoftwareUpdate] “C:Program FilesLogitechVideoManifestEngine.exe” boot
04 – HKUS-1-5-21-1220945662-527237240-1606980848-1004..Run : [wmi32] “C:Documents and SettingsAll UsersApplication Datawmimgmt.exe”
04 – HKUS-1-5-18..Run : [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE
04 – HKUS-1-5-21-1220945662-527237240-1606980848-1004..RunOnce : [FlashPlayerUpdate] C:WINDOWSsystem32MacromedFlashFlashUtil32_13_0_0_214_Plugin.exe -update plugin

################## | C: %SystemDrive% – Disque Fixe (NTFS) |

[17/06/2014 – 03:16:38 | N | 26 Ko] – C:Shortcut_Module_17-06-14_03-16.txt
[28/10/2009 – 18:14:03 | RASH | 0 Ko] – C:IO.SYS
[28/10/2009 – 18:14:03 | N | 0 Ko] – C:CONFIG.SYS
[28/10/2009 – 18:14:03 | RASH | 0 Ko] – C:MSDOS.SYS
[17/06/2014 – 09:42:30 | ASH | 1474560 Ko] – C:pagefile.sys
[28/10/2009 – 17:57:15 | SH | 0 Ko] – C:boot.ini
[14/04/2008 – 14:00:00 | N | 46 Ko | SHA1: 6CAAFF4D8A162BB1080036CE1A6D023AECDA36C3] – C:NTDETECT.COM
[14/04/2008 – 14:00:00 | N | 5 Ko] – C:Bootfont.bin
[17/06/2014 – 07:17:46 | N | 1 Ko] – C:PhysicalDisk0_MBR.bin
[28/10/2009 – 18:14:03 | A | 0 Ko] – C:AUTOEXEC.BAT
[14/04/2008 – 14:00:00 | RASH | 246 Ko] – C:ntldr
[28/10/2009 – 18:20:07 | SHD] – C:System Volume Information
[28/10/2009 – 18:36:51 | D] – C:Documents and Settings
[29/10/2009 – 11:45:52 | D] – C:pnp
[29/10/2009 – 14:11:42 | D] – C:$AVG
[19/12/2009 – 14:25:03 | D] – C:658ea913e76d0f82aac8876b5033
[27/10/2010 – 21:31:49 | RHD] – C:MSOCache
[06/12/2010 – 09:38:41 | D] – C:PILOTES
[16/12/2012 – 15:30:07 | SHD] – C:RECYCLER
[04/03/2013 – 22:53:38 | D] – C:Photos
[16/06/2014 – 18:58:40 | D] – C:UsbFix
[16/06/2014 – 19:37:36 | D] – C:Program Files
[16/06/2014 – 22:45:02 | D] – C:Shortcut_Module
[17/06/2014 – 07:11:46 | N | 0 Ko] – C:Documents
[17/06/2014 – 09:42:56 | D] – C:WINDOWS

################## | E: – Disque Fixe (NTFS) |

[19/10/2013 – 14:31:17 | A | 252 Ko | SHA1: DA39A3EE5E6B4B0D3255BFEF95601890AFD80709] – E:Photos [Sauvegarde 2].exe
[19/10/2013 – 14:31:17 | A | 252 Ko | SHA1: DA39A3EE5E6B4B0D3255BFEF95601890AFD80709] – E:$RECYCLE.BIN.exe
[19/10/2013 – 14:31:17 | A | 252 Ko | SHA1: DA39A3EE5E6B4B0D3255BFEF95601890AFD80709] – E:f6e20da6e35374abf335373915ebed4.exe
[19/10/2013 – 14:31:17 | A | 252 Ko | SHA1: DA39A3EE5E6B4B0D3255BFEF95601890AFD80709] – E:9c8edb663e78a56c87e52148d2.exe
[19/10/2013 – 14:31:17 | A | 252 Ko | SHA1: DA39A3EE5E6B4B0D3255BFEF95601890AFD80709] – E:SOPHIE.exe
[19/10/2013 – 14:31:17 | A | 252 Ko | SHA1: DA39A3EE5E6B4B0D3255BFEF95601890AFD80709] – E:My Passport.exe
[19/10/2013 – 14:31:17 | A | 252 Ko | SHA1: DA39A3EE5E6B4B0D3255BFEF95601890AFD80709] – E:USA_2013.exe
[11/12/2013 – 17:36:26 | SHD] – E:$RECYCLE.BIN
[01/10/2012 – 01:03:01 | D] – E:My Passport
[16/12/2012 – 18:12:38 | D] – E:Photos [Sauvegarde 2]
[30/11/2013 – 15:33:32 | SHD] – E:System Volume Information
[30/11/2013 – 15:38:48 | D] – E:USA_2013
[12/12/2013 – 10:49:13 | SHD] – E:RECYCLER
[25/01/2014 – 12:04:27 | D] – E:SOPHIE

################## | H: – Disque Fixe (NTFS) |

[14/09/2013 – 05:49:27 | N | 3947 Ko] – H:WORLD TOUR 2013.xls
[05/02/2014 – 19:06:00 | SHD] – H:$RECYCLE.BIN
[25/09/2010 – 19:28:43 | D] – H:Archives Vito
[30/05/2012 – 21:25:52 | SHD] – H:System Volume Information
[15/10/2012 – 18:44:58 | D] – H:SOPHIE TAF
[10/06/2013 – 21:08:20 | D] – H:Mariage Juju
[10/06/2013 – 21:10:06 | D] – H:Sophie
[05/01/2014 – 16:45:17 | D] – H:Photos [Sauvegarde 1]
[10/02/2014 – 01:29:37 | D] – H:Recycled
[10/02/2014 – 02:15:43 | SHD] – H:RECYCLER
[07/05/2014 – 20:05:44 | D] – H:VINCENT TAF

################## | Vaccin |

E:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
H:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)

################## | E.O.F | https://www.sosvirus.net/ | http://www.usbfix.net/ |[/spoiler:1jrah7o1]

Pour mon pc, voici le rapport : https://antimalware.top/www/?a=d&i=jhDR1v2qlm” onclick=”window.open(this.href);return false;

Pour moi c’est bon. Dis moi si c’est terminé ?

:hello: