Répondre à : mon pc est infecter par un virus creant des raccourcis dans les cles usb. 2016-09-08T13:53:10+00:00

SOSVirus : Dépannage PC Gratuit Support Aide à la désinfection – Forum Virus Sécurité mon pc est infecter par un virus creant des raccourcis dans les cles usb. Répondre à : mon pc est infecter par un virus creant des raccourcis dans les cles usb.

Photo du profil de isaieisaie
Participant
Nombre d'articles : 3

############################## | UsbFix V 7.175 | [Nettoyage]

Utilisateur: USER (Administrateur) # USER-HP
Mis à jour le 11/07/2014 par El Desaparecido – SosVirus
Lancé à 17:03:40 | 12/07/2014

Site Web : http://www.usbfix.net/
Changelog : http://www.usbfix.net/maj/
Assistance : https://www.sosvirus.net/aide-nettoyage-pc/
Upload Malware : https://www.sosvirus.net/upload_malware.php
Contact : http://www.usbfix.net/contact/

################## | System information |

MB: Hewlett-Packard (3672)
CPU: Intel(R) Celeron(R) CPU B800 @ 1.50GHz
RAM -> [Total : 3948 Mo | Free : 1698 Mo]
Bios: Hewlett-Packard
Boot: Normal boot

OS: Microsoft™ Windows 7 Home Premium (6.1.7601 64-Bit) Service Pack 1
WB: Internet Explorer : 11.00.9600.16428
WB: Mozilla Firefox : 30.0

################## | Security Information |

AV: avast! Antivirus [Actif |A jour]
AS: Windows Defender [Actif |A jour]
AS: avast! Antivirus [Actif |A jour]
AS: Malwarebytes Anti-Malware : 1.0.0.532
FW: Windows Firewall [(!) Désactivé]
SC: Security Center [Actif]
WU: Windows Update [Actif]

################## | Disk Information |

C: (%SystemDrive%) -> Disque fixe # 140 Go (62 Go libre(s) – 44%) [] # NTFS
D: -> Disque amovible # 4 Go (2 Go libre(s) – 56%) [] # FAT32
E: -> Disque fixe # 15 Go (2 Go libre(s) – 11%) [Recovery] # NTFS
F: -> Disque fixe # 4 Go (1 Go libre(s) – 27%) [HP_TOOLS] # FAT32
H: -> Disque fixe # 139 Go (131 Go libre(s) – 95%) [Nouveau nom] # NTFS

################## | Processus Stoppés |

C:WindowsSystem32spoolsv.exe (ID: 1468|ParentID: 616|Système)
C:Program FilesRealtekAudioHDAAERTSr64.exe (ID: 1632|ParentID: 616|Système)
C:Program Files (x86)AutodeskContent ServiceConnect.Service.ContentService.exe (ID: 1672|ParentID: 616|Système)
C:Program FilesHewlett-PackardHP Client ServicesHPClientServices.exe (ID: 1992|ParentID: 616|Système)
C:Program Files (x86)Hewlett-PackardSharedHPDrvMntSvc.exe (ID: 1136|ParentID: 616|Système)
C:Program Files (x86)Hewlett-PackardHP Quick LaunchHPWMISVC.exe (ID: 1316|ParentID: 616|Système)
C:Program Files (x86)RealtekRealtek PCIE Card ReaderRIconMan.exe (ID: 1788|ParentID: 616|Système)
C:WindowsSystem32taskhost.exe (ID: 2060|ParentID: 616|USER)
C:WindowsSystem32taskeng.exe (ID: 2084|ParentID: 480|USER)
C:Windowsexplorer.exe (ID: 2328|ParentID: 2136|USER)
C:Program Files (x86)InternetEverywhereInternetEverywhere_Service.exe (ID: 2356|ParentID: 616|Système)
C:Program Files (x86)RealNetworksRealDownloaderrndlresolversvc.exe (ID: 2404|ParentID: 616|Système)
C:Program Files (x86)MicrosoftBingBarSeaPort.EXE (ID: 2456|ParentID: 616|Système)
C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSVC.EXE (ID: 2628|ParentID: 616|Système)
C:WindowsSystem32WUDFHost.exe (ID: 2264|ParentID: 348|SERVICE LOCAL)
C:Program FilesRealtekAudioHDARtkNGUI64.exe (ID: 828|ParentID: 2328|USER)
C:Program FilesSynapticsSynTPSynTPEnh.exe (ID: 3068|ParentID: 2328|USER)
C:WindowsSystem32igfxtray.exe (ID: 2880|ParentID: 2328|USER)
C:WindowsSystem32hkcmd.exe (ID: 2544|ParentID: 2328|USER)
C:WindowsSystem32igfxpers.exe (ID: 1688|ParentID: 2328|USER)
C:Program FilesHewlett-PackardHP LaunchBoxHPTaskBar1.exe (ID: 3196|ParentID: 2176|USER)
C:Program FilesHewlett-PackardHP LaunchBoxHPTaskBar2.exe (ID: 3260|ParentID: 2176|USER)
C:Program FilesSynapticsSynTPSynTPHelper.exe (ID: 3316|ParentID: 3068|USER)
C:GoogleAutoIt3.exe (ID: 3464|ParentID: 2328|USER)
C:Program Files (x86)IntelIntel(R) Rapid Storage TechnologyIAStorIcon.exe (ID: 3640|ParentID: 3496|USER)
C:Program Files (x86)InternetEverywhereInternetEverywhere_Launcher.exe (ID: 3660|ParentID: 2328|USER)
C:Program Files (x86)Hewlett-PackardHP QuickWebhpqwutils.exe (ID: 3684|ParentID: 3496|USER)
C:Program FilesMcAfee Security Scan3.8.150SSScheduler.exe (ID: 3744|ParentID: 2328|USER)
C:Program Files (x86)WIBUKEYServerWkSvMgr.exe (ID: 3788|ParentID: 2328|USER)
C:Program Files (x86)Hewlett-PackardHP On Screen DisplayHPOSD.exe (ID: 3800|ParentID: 3496|USER)
C:Program Files (x86)Javajre1.6.0_03binjusched.exe (ID: 3872|ParentID: 3496|USER)
C:Program Files (x86)Hewlett-PackardHP Quick LaunchHPMSGSVC.exe (ID: 1016|ParentID: 3496|USER)
C:WindowsSystem32SearchIndexer.exe (ID: 3888|ParentID: 616|Système)
C:Program Files (x86)CyberLinkYouCamYCMMirage.exe (ID: 3564|ParentID: 2084|USER)
C:Program Files (x86)Hewlett-PackardSharedhpqWmiEx.exe (ID: 3308|ParentID: 616|Système)
C:UsersUSERAppDataLocalGoogleChromeApplicationchrome.exe (ID: 4364|ParentID: 2328|USER)
C:UsersUSERAppDataLocalGoogleChromeApplicationchrome.exe (ID: 4680|ParentID: 4364|USER)
C:Program Files (x86)Hewlett-PackardHP Support FrameworkHPSA_Service.exe (ID: 3968|ParentID: 616|Système)
C:Program Files (x86)IntelIntel(R) Rapid Storage TechnologyIAStorDataMgrSvc.exe (ID: 3764|ParentID: 616|Système)
C:Program Files (x86)IntelIntel(R) Management Engine ComponentsLMSLMS.exe (ID: 5072|ParentID: 616|Système)
C:Program Files (x86)IntelIntel(R) Management Engine ComponentsUNSUNS.exe (ID: 4748|ParentID: 616|Système)
C:WindowsSystem32wuauclt.exe (ID: 776|ParentID: 480|USER)
C:Program Files (x86)RealRealPlayerUpdaterealsched.exe (ID: 2640|ParentID: 2084|USER)
C:Program Files (x86)Mozilla Firefoxfirefox.exe (ID: 1748|ParentID: 2328|USER)

################## | Autorun |

################## | Recherche générique |

Supprimé! C:Googlegoogleupdate.a3x
Supprimé! D:DOCS BATIMENTS.lnk
Supprimé! D:My Games.lnk
Supprimé! D:My Pictuers.lnk
Supprimé! D:My Videos.lnk
Supprimé! D:Hot.lnk
Supprimé! D:Downloads.lnk
Supprimé! D:Movies.lnk
Supprimé! E:My Videos.lnk
Supprimé! D:config.dat
Supprimé! D:Skypeegoogleupdate.a3x
Supprimé! E:Skypeegoogleupdate.a3x
Supprimé! F:Skypeegoogleupdate.a3x
Supprimé! H:Skypeegoogleupdate.a3x
Supprimé! C:SkypeeAutoIt3.exe
Supprimé! C:SkypeeGoogle.lnk
Supprimé! C:Skypeegoogleupdate.a3x
Supprimé! C:SkypeeSkypee.lnk
Supprimé! C:Skypee
Supprimé! D:SkypeeAutoIt3.exe
Supprimé! D:SkypeeGoogle.lnk
Supprimé! D:SkypeeSkypee.lnk
Supprimé! D:Skypee
Supprimé! E:SkypeeAutoIt3.exe
Supprimé! E:SkypeeGoogle.lnk
Supprimé! E:SkypeeSkypee.lnk
Supprimé! E:Skypee
Supprimé! F:SkypeeAutoIt3.exe
Supprimé! F:SkypeeGoogle.lnk
Supprimé! F:SkypeeSkypee.lnk
Supprimé! F:Skypee
Supprimé! H:SkypeeAutoIt3.exe
Supprimé! H:SkypeeGoogle.lnk
Supprimé! H:SkypeeSkypee.lnk
Supprimé! H:Skypee

(!) Fichiers temporaires supprimés.

################## | Registre |

Réparé ! HKLMSOFTWAREMicrosoftWindowsCurrentVersionPoliciesExplorer|EnableShellExecuteHooks -> 0
Supprimé! HKUS-1-5-21-1549604832-1506582385-3784756970-1000SoftwareMicrosoftWindowsCurrentVersionRun|AntiUsbWorm
Supprimé! HKLMSoftwareMicrosoftWindowsCurrentVersionRun|AntiUsbWorm
Supprimé! HKUS-1-5-21-1549604832-1506582385-3784756970-1000SoftwareMicrosoftWindowsCurrentVersionRun|AntiWormUpdate
Supprimé! HKLMSoftwareMicrosoftWindowsCurrentVersionRun|AntiWormUpdate
Supprimé! HKLMSoftwareMicrosoftWindowsCurrentVersionPoliciesExplorerRun|rescue
Supprimé! HKUS-1-5-21-1549604832-1506582385-3784756970-1000Software….Mountpoints2D
Supprimé! HKUS-1-5-21-1549604832-1506582385-3784756970-1000Software….Mountpoints2{19ae21a8-3961-11e3-9e40-ec9a74f11804}
Supprimé! HKUS-1-5-21-1549604832-1506582385-3784756970-1000Software….Mountpoints2{a6c8c595-c3f8-11e3-bdc2-ec9a74f11804}
Supprimé! HKUS-1-5-21-1549604832-1506582385-3784756970-1000Software….Mountpoints2{b2072b12-d9bc-11e3-9174-ec9a74f11804}
Supprimé! HKUS-1-5-21-1549604832-1506582385-3784756970-1000Software….Mountpoints2{b42cd2df-ea81-11e3-8bcf-74de2ba22692}

################## | Regedit Run |

F2 – HKLM..Winlogon : [Shell] explorer.exe
F2 – [x64] HKLM..Winlogon : [Shell] explorer.exe
F2 – HKLM..Winlogon : [Userinit] userinit.exe,
F2 – [x64] HKLM..Winlogon : [Userinit] C:Windowssystem32userinit.exe,
04 – HKCU..Run : [Google Update] “C:UsersUSERAppDataLocalGoogleUpdateGoogleUpdate.exe” /c
04 – HKCU..Run : [SuperCopier2.exe] I:SuperCopier2SuperCopier2.exe
04 – HKCU..Run : [Facebook Update] “C:UsersUSERAppDataLocalFacebookUpdateFacebookUpdate.exe” /c /nocrashserver
04 – HKCU..Run : [BrowserUid] “C:UsersUSERAppDataLocalPlayFree BrowserApplicationPlayFreeBrowser.exe” –gm-silent-start
04 – HKLM..Run : [IAStorIcon] C:Program Files (x86)IntelIntel(R) Rapid Storage TechnologyIAStorIcon.exe
04 – HKLM..Run : [HPQuickWebProxy] “C:Program Files (x86)Hewlett-PackardHP QuickWebhpqwutils.exe”
04 – HKLM..Run : [Adobe Reader Speed Launcher] “C:Program Files (x86)AdobeReader 10.0ReaderReader_sl.exe”
04 – HKLM..Run : [Adobe ARM] “C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe”
04 – HKLM..Run : [HPOSD] C:Program Files (x86)Hewlett-PackardHP On Screen DisplayHPOSD.exe
04 – HKLM..Run : [Easybits Recovery] C:Program Files (x86)EasyBits For KidsezRecover.exe
04 – HKLM..Run : [SunJavaUpdateSched] “C:Program Files (x86)Javajre1.6.0_03binjusched.exe”
04 – HKLM..Run : [QuickTime Task] “C:Program Files (x86)QuickTimeQTTask.exe” -atboottime
04 – HKLM..Run : [TkBellExe] “c:program files (x86)realrealplayerupdaterealsched.exe” -osboot
04 – HKLM..Run : [adiras] C:Windowsadirasx64.exe
04 – HKLM..Run : [AvastUI.exe] “C:Program FilesAVAST SoftwareAvastAvastUI.exe” /nogui
04 – HKLM..Run : [HP Quick Launch] C:Program Files (x86)Hewlett-PackardHP Quick LaunchHPMSGSVC.exe
04 – [x64] HKLM..Run : [RTHDVCPL] C:Program FilesRealtekAudioHDARtkNGUI64.exe -s
04 – [x64] HKLM..Run : [SynTPEnh] %ProgramFiles%SynapticsSynTPSynTPEnh.exe
04 – [x64] HKLM..Run : [IgfxTray] C:Windowssystem32igfxtray.exe
04 – [x64] HKLM..Run : [HotKeysCmds] C:Windowssystem32hkcmd.exe
04 – [x64] HKLM..Run : [Persistence] C:Windowssystem32igfxpers.exe
04 – [x64] HKLM..Run : [SetDefault] C:Program FilesHewlett-PackardHP LaunchBoxSetDefault.exe
04 – [x64] HKLM..Run : [Autodesk Sync] C:Program FilesAutodeskAutodesk SyncAdSync.exe
04 – [x64] HKLM..RunOnce : [NCPluginUpdater] “C:Program Files (x86)Hewlett-PackardHP Health CheckActiveCheckproduct_lineNCPluginUpdater.exe” Update
04 – HKUS-1-5-19..Run : [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /autoRun
04 – HKUS-1-5-20..Run : [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /autoRun
04 – HKUS-1-5-21-1549604832-1506582385-3784756970-1000..Run : [Google Update] “C:UsersUSERAppDataLocalGoogleUpdateGoogleUpdate.exe” /c
04 – HKUS-1-5-21-1549604832-1506582385-3784756970-1000..Run : [SuperCopier2.exe] I:SuperCopier2SuperCopier2.exe
04 – HKUS-1-5-21-1549604832-1506582385-3784756970-1000..Run : [Facebook Update] “C:UsersUSERAppDataLocalFacebookUpdateFacebookUpdate.exe” /c /nocrashserver
04 – HKUS-1-5-21-1549604832-1506582385-3784756970-1000..Run : [BrowserUid] “C:UsersUSERAppDataLocalPlayFree BrowserApplicationPlayFreeBrowser.exe” –gm-silent-start
04 – HKUS-1-5-19..RunOnce : [mctadmin] C:WindowsSystem32mctadmin.exe
04 – HKUS-1-5-20..RunOnce : [mctadmin] C:WindowsSystem32mctadmin.exe

################## | C: %SystemDrive% – Disque Fixe (NTFS) |

[28/06/2014 – 15:20:34 | N | 339 Ko] – C:log.txt
[12/07/2014 – 15:51:14 | ASH | 3031956 Ko] – C:hiberfil.sys
[12/07/2014 – 15:51:15 | ASH | 4042608 Ko] – C:pagefile.sys
[17/06/2014 – 19:51:40 | D] – C:SYSTEM.SAV
[12/07/2014 – 01:17:10 | SHD] – C:$Recycle.Bin
[14/07/2009 – 06:08:56 | SHD] – C:Documents and Settings
[21/11/2010 – 04:23:51 | RASH | 375 Ko] – C:bootmgr
[17/06/2014 – 19:51:39 | D] – C:HP
[17/06/2014 – 19:51:39 | D] – C:Intel
[27/06/2014 – 09:22:07 | D] – C:SWSetup
[12/07/2014 – 00:50:19 | HD] – C:ProgramData
[12/07/2014 – 01:17:10 | SHD] – C:boot
[12/07/2014 – 01:17:11 | RHD] – C:MSOCache
[12/07/2014 – 01:17:11 | D] – C:PerfLogs
[12/07/2014 – 01:17:11 | D] – C:Program Files
[12/07/2014 – 01:17:11 | SHD] – C:Recovery
[12/07/2014 – 01:17:11 | D] – C:Users
[12/07/2014 – 02:11:26 | D] – C:Program Files (x86)
[12/07/2014 – 10:51:55 | D] – C:UsbFix
[12/07/2014 – 14:56:24 | D] – C:Windows
[12/07/2014 – 16:48:03 | SHD] – C:System Volume Information
[12/07/2014 – 17:07:59 | D] – C:Google

################## | D: – Disque USB (FAT32) |

[04/06/2014 – 12:49:04 | N | 99 Ko] – D:diffe1.pdf
[04/06/2014 – 12:49:56 | N | 90 Ko] – D:intergra.pdf
[04/06/2014 – 12:50:10 | N | 275 Ko] – D:diff correc.pdf
[04/06/2014 – 12:50:36 | N | 22 Ko] – D:eq.pdf
[04/06/2014 – 12:52:52 | N | 429 Ko] – D:tableau primitive.pdf
[04/06/2014 – 13:09:52 | N | 112 Ko] – D:diffffffffffffff.pdf
[04/06/2014 – 13:21:52 | N | 237 Ko] – D:Exercices-corriges-sur-les-equations-differentielles.pdf
[04/06/2014 – 13:25:26 | N | 144 Ko] – D:Tableau_primitives.pdf
[04/06/2014 – 13:26:00 | N | 78 Ko] – D:tableaux-primitives.pdf
[26/06/2014 – 16:28:56 | N | 416 Ko] – D:ETS OLA 1 001.jpg
[04/06/2014 – 13:04:46 | N | 164 Ko] – D:Exercices corrigés d’intégrales et de primitives.htm
[26/06/2014 – 15:55:52 | N | 12 Ko] – D:ETS OLA.docx
[21/11/2013 – 05:57:30 | D] – D:KKCS B.A
[25/12/2012 – 19:00:36 | D] – D:MATERIAUX
[25/12/2012 – 19:00:40 | D] – D:PROJET DE ENVIRONNEMENT
[21/03/2013 – 13:38:02 | D] – D:organisation du chantier
[24/03/2013 – 00:21:10 | D] – D:Route et Ponts
[22/07/2013 – 07:52:24 | D] – D:COuRS GENIE CIVIL 3
[22/07/2013 – 07:52:26 | D] – D:COURS METRE
[21/10/2013 – 21:43:30 | D] – D:TextExpress
[27/10/2013 – 15:16:52 | D] – D:FICHIER PDF
[28/10/2013 – 00:04:04 | D] – D:ASSAINISSEMENT
[28/10/2013 – 00:04:10 | D] – D:COURS DE OUATTARA ESBTP tp
[28/10/2013 – 00:04:16 | D] – D:GEOTECHNIQUE
[28/10/2013 – 00:04:18 | D] – D:HYDRAULIQUE
[21/11/2013 – 05:55:10 | D] – D:DOC KKCS PAR LES PROF 2013
[21/11/2013 – 05:56:32 | D] – D:DOCS BATIMENTS
[04/05/2014 – 20:42:52 | D] – D:cours1
[04/05/2014 – 20:55:48 | D] – D:doc projet
[19/05/2014 – 01:37:30 | D] – D:Nouveau dossier
[04/06/2014 – 13:08:06 | D] – D:Exercices corrigés d’intégrales et de primitives_files

################## | E: – Disque Fixe (NTFS) |

[09/03/2012 – 19:19:32 | N | 0 Ko] – E:HPSF_Rep.txt
[23/05/2010 – 13:55:46 | RASH | 0 Ko] – E:Desktop.ini
[31/01/2012 – 20:21:25 | N | 0 Ko] – E:HP_WSD.dat
[12/07/2014 – 01:17:13 | SHD] – E:$RECYCLE.BIN
[14/07/2009 – 19:39:00 | RASH | 375 Ko] – E:bootmgr
[12/09/2013 – 21:12:05 | SHD] – E:System Volume Information
[17/06/2014 – 19:51:43 | RASHD] – E:boot
[17/06/2014 – 19:51:44 | D] – E:FactoryUpdate
[17/06/2014 – 19:51:44 | D] – E:hp
[17/06/2014 – 19:51:44 | RSHD] – E:preload
[17/06/2014 – 19:51:44 | RSD] – E:recovery
[17/06/2014 – 19:51:44 | D] – E:RM_Reserve

################## | F: – Disque Fixe (FAT32) |

[09/03/2012 – 19:19:34 | N | 0 Ko] – F:HPSF_Rep.txt
[26/06/2014 – 14:32:26 | N | 144 Ko] – F:ETS OLA.jpg
[26/06/2014 – 14:31:24 | N | 12 Ko] – F:ETS OLA.docx
[12/09/2013 – 17:03:30 | N | 0 Ko] – F:HP_WSD.dat
[18/12/2011 – 04:15:52 | SHD] – F:$RECYCLE.BIN
[18/12/2011 – 03:54:56 | D] – F:Hewlett-Packard

################## | H: – Disque Fixe (NTFS) |

[28/06/2014 – 16:25:56 | N | 82582 Ko] – H:VIDEO0012.mp4
[29/06/2014 – 15:48:26 | N | 495339 Ko] – H:sortie de bb nathan.mp4
[30/06/2014 – 12:44:29 | N | 125 Ko] – H:photo01.jpg
[12/07/2014 – 01:17:14 | SHD] – H:$RECYCLE.BIN
[10/11/2013 – 22:41:52 | SHD] – H:System Volume Information
[17/06/2014 – 19:51:45 | D] – H:6cae51d6295612f355afcabbb3
[17/06/2014 – 19:51:45 | D] – H:bureau
[17/06/2014 – 19:51:45 | D] – H:contacts
[17/06/2014 – 19:51:45 | D] – H:f7629f6cae04b8153b9a2064ff9ea297
[17/06/2014 – 19:51:45 | D] – H:ma music
[17/06/2014 – 19:51:45 | D] – H:Nouveau dossier
[12/07/2014 – 01:17:15 | D] – H:c5298933bd2bc9c8a4bb1376545c
[12/07/2014 – 01:17:15 | D] – H:VIDEO THOMA

################## | Vaccin |

D:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
E:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
F:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
H:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)

################## | E.O.F | https://www.sosvirus.net/ | http://www.usbfix.net/ |