Raccourcis sur la cle USB
RBJLP
Messages postés
1
Statut
Membre
-
lilidurhone Messages postés 48926 Date d'inscription Statut Contributeur sécurité Dernière intervention -
lilidurhone Messages postés 48926 Date d'inscription Statut Contributeur sécurité Dernière intervention -
Bonjour,
j'ai le même problème de raccourcis sur ma cle USB, j'ai telechargé USB fix et voici le rapport, que dois je faire maintenant?
############################## | UsbFix V 7.150 | [Recherche]
Utilisateur: Rachel (Administrateur) # RACHEL-PC
Mis à jour le 08/11/2013 par El Desaparecido - Team SosVirus
Lancé à 08:06:37 | 16/11/2013
Site Web : https://www.usbfix.net/
Forum : https://www.sosvirus.net/
Upload Malware : http://www.sosvirus.net/upload_malware.php
Contact : https://www.usb-antivirus.com/fr/contact/
PC: SAMSUNG ELECTRONICS CO., LTD. (X320/X420/X520 )
CPU: Genuine Intel(R) CPU U4100 @ 1.30GHz
RAM -> [Total : 3005 | Free : 1462]
Bios: Phoenix Technologies Ltd.
Boot: Normal boot
OS: Microsoft Windows 7 Édition Familiale Premium (6.1.7601 32-Bit) Service Pack 1
WB: Windows Internet Explorer : 10.0.9200.16736
WB: Google Chrome : 30.0.1599.101
SC: Security Center Service [Enabled]
WU: Windows Update Service [Enabled]
AV: Norton 360 [Enabled | Updated]
AS: Windows Defender : 6.1.7600.16385 (win7_rtm.090713-1255)
FW: Windows FireWall Service [Enabled]
C:\ (%systemdrive%) -> Disque fixe # 141 Go (10 Go libre(s) - 7%) [] # NTFS
D:\ -> Disque fixe # 141 Go (140 Go libre(s) - 99%) [] # NTFS
E:\ -> Disque amovible # 2 Go (2 Go libre(s) - 98%) [] # FAT
################## | Processus Actif |
C:\windows\system32\csrss.exe (ID: 460 |ParentID: 408)
C:\windows\system32\wininit.exe (ID: 504 |ParentID: 408)
C:\windows\system32\csrss.exe (ID: 512 |ParentID: 496)
C:\windows\system32\winlogon.exe (ID: 568 |ParentID: 496)
C:\windows\system32\services.exe (ID: 592 |ParentID: 504)
C:\windows\system32\lsass.exe (ID: 600 |ParentID: 504)
C:\windows\system32\lsm.exe (ID: 612 |ParentID: 504)
C:\windows\system32\svchost.exe (ID: 728 |ParentID: 592)
C:\windows\system32\svchost.exe (ID: 796 |ParentID: 592)
C:\windows\System32\svchost.exe (ID: 872 |ParentID: 592)
C:\windows\System32\svchost.exe (ID: 944 |ParentID: 592)
C:\windows\system32\svchost.exe (ID: 980 |ParentID: 592)
C:\windows\system32\svchost.exe (ID: 1024 |ParentID: 592)
C:\windows\system32\svchost.exe (ID: 1236 |ParentID: 592)
C:\windows\System32\spoolsv.exe (ID: 1352 |ParentID: 592)
C:\windows\system32\svchost.exe (ID: 1396 |ParentID: 592)
C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe (ID: 1496 |ParentID: 592)
C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe (ID: 1680 |ParentID: 592)
C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe (ID: 1724 |ParentID: 592)
C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50ST7.EXE (ID: 1764 |ParentID: 592)
C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RP7.EXE (ID: 1844 |ParentID: 592)
C:\windows\system32\svchost.exe (ID: 1872 |ParentID: 592)
C:\Program Files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe (ID: 1988 |ParentID: 592)
C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe (ID: 744 |ParentID: 592)
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (ID: 1072 |ParentID: 592)
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.1.2\ToolbarUpdater.exe (ID: 376 |ParentID: 592)
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.1.2\loggingserver.exe (ID: 2200 |ParentID: 376)
C:\windows\system32\conhost.exe (ID: 2208 |ParentID: 460)
C:\windows\system32\svchost.exe (ID: 2436 |ParentID: 592)
C:\windows\system32\SearchIndexer.exe (ID: 2776 |ParentID: 592)
C:\Program Files\Norton 360\Engine\21.1.0.18\N360.exe (ID: 2812 |ParentID: 592)
C:\Program Files\Windows Media Player\wmpnetwk.exe (ID: 2616 |ParentID: 592)
C:\windows\system32\taskeng.exe (ID: 3088 |ParentID: 1024)
C:\windows\system32\taskhost.exe (ID: 3384 |ParentID: 592)
C:\Program Files\Norton 360\Engine\21.1.0.18\N360.exe (ID: 1696 |ParentID: 2812)
C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe (ID: 3052 |ParentID: 3088)
C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe (ID: 108 |ParentID: 3088)
C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe (ID: 1708 |ParentID: 3088)
C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe (ID: 2840 |ParentID: 3088)
C:\windows\system32\Dwm.exe (ID: 1888 |ParentID: 944)
C:\windows\Explorer.EXE (ID: 2860 |ParentID: 3044)
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (ID: 3108 |ParentID: 2860)
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (ID: 1940 |ParentID: 2860)
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (ID: 2000 |ParentID: 2860)
C:\Program Files\QuickTime\qttask.exe (ID: 3552 |ParentID: 2860)
C:\Windows\System32\igfxtray.exe (ID: 664 |ParentID: 2860)
C:\Windows\System32\hkcmd.exe (ID: 2992 |ParentID: 2860)
C:\Windows\System32\igfxpers.exe (ID: 2568 |ParentID: 2860)
C:\Program Files\SSC Service Utility\ssc_serv.exe (ID: 1156 |ParentID: 2860)
C:\Program Files\Epson Software\Event Manager\EEventManager.exe (ID: 2980 |ParentID: 2860)
C:\Program Files\Common Files\Java\Java Update\jusched.exe (ID: 2276 |ParentID: 2860)
C:\Program Files\AVG Secure Search\vprot.exe (ID: 3428 |ParentID: 2860)
C:\Program Files\Microsoft Money\System\mnyexpr.exe (ID: 1016 |ParentID: 2860)
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (ID: 3328 |ParentID: 1940)
C:\Program Files\Skype\Phone\Skype.exe (ID: 4180 |ParentID: 2860)
C:\Program Files\Palm\Hotsync.exe (ID: 4268 |ParentID: 2860)
C:\Program Files\3M\PSNLite\PsnLite.exe (ID: 4464 |ParentID: 2860)
C:\Users\Rachel\AppData\Roaming\Dropbox\bin\Dropbox.exe (ID: 4612 |ParentID: 2860)
C:\windows\System32\svchost.exe (ID: 4716 |ParentID: 592)
C:\PROGRA~1\3M\PSNLite\PSNGive.exe (ID: 4768 |ParentID: 4464)
C:\windows\system32\svchost.exe (ID: 5004 |ParentID: 592)
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (ID: 5768 |ParentID: 592)
C:\windows\system32\igfxext.exe (ID: 5916 |ParentID: 728)
C:\windows\system32\igfxsrvc.exe (ID: 5588 |ParentID: 728)
C:\PROGRA~1\samsung\SAMSUN~2\SUPNOT~1.EXE (ID: 5604 |ParentID: 688)
C:\Windows\System32\wscript.exe (ID: 1440 |ParentID: 2408)
C:\windows\system32\wbem\wmiprvse.exe (ID: 1132 |ParentID: 728)
C:\Program Files\Real\RealPlayer\update\realsched.exe (ID: 3016 |ParentID: 660)
C:\Program Files\Real\RealPlayer\RealPlay.exe (ID: 3836 |ParentID: 3016)
C:\windows\System32\WUDFHost.exe (ID: 7200 |ParentID: 944)
C:\Program Files\Google\Chrome\Application\chrome.exe (ID: 7192 |ParentID: 2860)
C:\Program Files\Google\Chrome\Application\chrome.exe (ID: 6376 |ParentID: 7192)
C:\Program Files\Google\Chrome\Application\chrome.exe (ID: 4872 |ParentID: 7192)
C:\Program Files\Google\Chrome\Application\chrome.exe (ID: 7012 |ParentID: 7192)
C:\Program Files\Google\Chrome\Application\chrome.exe (ID: 6272 |ParentID: 7192)
C:\Program Files\Google\Chrome\Application\chrome.exe (ID: 6952 |ParentID: 7192)
C:\Program Files\Google\Chrome\Application\chrome.exe (ID: 6132 |ParentID: 7192)
C:\Program Files\Google\Chrome\Application\chrome.exe (ID: 5252 |ParentID: 7192)
C:\Program Files\Internet Explorer\IELowutil.exe (ID: 5748 |ParentID: 4180)
C:\UsbFix\Go.exe (ID: 8108 |ParentID: 1504)
################## | Regedit Run |
04 - HKLM\SOFTWARE | Run : [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
04 - HKLM\SOFTWARE | Run : [SynTPEnh] - %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
04 - HKLM\SOFTWARE | Run : [fsi] - C:\Program Files\Phoenix Technologies Ltd\FailSafe\FailSafeLauncher.exe
04 - HKLM\SOFTWARE | Run : [UCam_Menu] - "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0"
04 - HKLM\SOFTWARE | Run : [Adobe Reader Speed Launcher] - "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
04 - HKLM\SOFTWARE | Run : [Adobe ARM] - "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
04 - HKLM\SOFTWARE | Run : [QuickTime Task] - "C:\Program Files\QuickTime\qttask.exe" -atboottime
04 - HKLM\SOFTWARE | Run : [IgfxTray] - C:\windows\system32\igfxtray.exe
04 - HKLM\SOFTWARE | Run : [HotKeysCmds] - C:\windows\system32\hkcmd.exe
04 - HKLM\SOFTWARE | Run : [Persistence] - C:\windows\system32\igfxpers.exe
04 - HKLM\SOFTWARE | Run : [TkBellExe] - "C:\Program Files\Real\RealPlayer\Update\realsched.exe" -osboot
04 - HKLM\SOFTWARE | Run : [SSC Service Utility] - C:\Program Files\SSC Service Utility\ssc_serv.exe /s
04 - HKLM\SOFTWARE | Run : [EEventManager] - "C:\Program Files\Epson Software\Event Manager\EEventManager.exe"
04 - HKLM\SOFTWARE | Run : [SunJavaUpdateSched] - "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
04 - HKLM\SOFTWARE | Run : [HotSync] - "C:\Program Files\PalmSource\Desktop\HotSync.exe" -AllUsers
04 - HKLM\SOFTWARE | Run : [vProt] - "C:\Program Files\AVG Secure Search\vprot.exe"
04 - HKLM\SOFTWARE | RunOnce : [] -
04 - HKU\S-1-5-19\SOFTWARE | Run : [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-20\SOFTWARE | Run : [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-21-623185827-486602848-2816749420-1001\SOFTWARE | Run : [MoneyAgent] - "C:\Program Files\Microsoft Money\System\mnyexpr.exe"
04 - HKU\S-1-5-21-623185827-486602848-2816749420-1001\SOFTWARE | Run : [Epson Stylus SX235(Réseau)] - C:\windows\system32\spool\DRIVERS\W32X86\3\E_FATIHLE.EXE /FU "C:\Users\Rachel\AppData\Local\Temp\E_S2A62.tmp" /EF "HKCU"
04 - HKU\S-1-5-21-623185827-486602848-2816749420-1001\SOFTWARE | Run : [EPSON334020 (Epson Stylus SX235)] - C:\windows\system32\spool\DRIVERS\W32X86\3\E_FATIHLE.EXE /FU "C:\Users\Rachel\AppData\Local\Temp\E_S28EC.tmp" /EF "HKCU"
04 - HKU\S-1-5-21-623185827-486602848-2816749420-1001\SOFTWARE | Run : [Skype] - "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
04 - HKU\S-1-5-21-623185827-486602848-2816749420-1001\SOFTWARE | Run : [WinUsbDriver] - wscript.exe //B "C:\Users\Rachel\AppData\Local\Temp\WinUsbDriver.vbs"
04 - HKU\S-1-5-21-623185827-486602848-2816749420-1001\SOFTWARE | Run : [swg] - "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
04 - HKU\S-1-5-19\SOFTWARE | RunOnce : [mctadmin] - C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-20\SOFTWARE | RunOnce : [mctadmin] - C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-21-623185827-486602848-2816749420-1001\SOFTWARE | RunOnce : [FlashPlayerUpdate] - C:\windows\system32\Macromed\Flash\FlashUtil32_11_9_900_117_ActiveX.exe -update activex
################## | Recherche générique |
Présent! C:\Users\Rachel\AppData\Local\Temp\WinUsbDriver.vbs
Présent! E:\WinUsbDriver.vbs
Présent! E:\dossier mémoire.lnk
################## | Référence de comparaison MD5 |
Md5 : 80E49685D1AC8A3623DD78779820AE5A -> C:\Users\Rachel\AppData\Local\Temp\WinUsbDriver.vbs
Md5 : 80E49685D1AC8A3623DD78779820AE5A -> E:\WinUsbDriver.vbs
################## | Comparaison MD5 |
Présent! Md5 : 80E49685D1AC8A3623DD78779820AE5A -> C:\Users\Rachel\AppData\Local\Temp\WinUsbDriver.vbs
Présent! Md5 : 80E49685D1AC8A3623DD78779820AE5A -> E:\WinUsbDriver.vbs
################## | Registre |
Présent! HKU\S-1-5-21-623185827-486602848-2816749420-1001\Software\Microsoft\Windows\CurrentVersion\Run|WinUsbDriver
Présent! HKCU\Software\Microsoft\Windows\CurrentVersion\Run|WinUsbDriver
################## | Vaccin |
(!) Cet ordinateur n'est pas vacciné!
################## | E.O.F | https://www.usbfix.net/ - https://www.sosvirus.net/ |
j'ai le même problème de raccourcis sur ma cle USB, j'ai telechargé USB fix et voici le rapport, que dois je faire maintenant?
############################## | UsbFix V 7.150 | [Recherche]
Utilisateur: Rachel (Administrateur) # RACHEL-PC
Mis à jour le 08/11/2013 par El Desaparecido - Team SosVirus
Lancé à 08:06:37 | 16/11/2013
Site Web : https://www.usbfix.net/
Forum : https://www.sosvirus.net/
Upload Malware : http://www.sosvirus.net/upload_malware.php
Contact : https://www.usb-antivirus.com/fr/contact/
PC: SAMSUNG ELECTRONICS CO., LTD. (X320/X420/X520 )
CPU: Genuine Intel(R) CPU U4100 @ 1.30GHz
RAM -> [Total : 3005 | Free : 1462]
Bios: Phoenix Technologies Ltd.
Boot: Normal boot
OS: Microsoft Windows 7 Édition Familiale Premium (6.1.7601 32-Bit) Service Pack 1
WB: Windows Internet Explorer : 10.0.9200.16736
WB: Google Chrome : 30.0.1599.101
SC: Security Center Service [Enabled]
WU: Windows Update Service [Enabled]
AV: Norton 360 [Enabled | Updated]
AS: Windows Defender : 6.1.7600.16385 (win7_rtm.090713-1255)
FW: Windows FireWall Service [Enabled]
C:\ (%systemdrive%) -> Disque fixe # 141 Go (10 Go libre(s) - 7%) [] # NTFS
D:\ -> Disque fixe # 141 Go (140 Go libre(s) - 99%) [] # NTFS
E:\ -> Disque amovible # 2 Go (2 Go libre(s) - 98%) [] # FAT
################## | Processus Actif |
C:\windows\system32\csrss.exe (ID: 460 |ParentID: 408)
C:\windows\system32\wininit.exe (ID: 504 |ParentID: 408)
C:\windows\system32\csrss.exe (ID: 512 |ParentID: 496)
C:\windows\system32\winlogon.exe (ID: 568 |ParentID: 496)
C:\windows\system32\services.exe (ID: 592 |ParentID: 504)
C:\windows\system32\lsass.exe (ID: 600 |ParentID: 504)
C:\windows\system32\lsm.exe (ID: 612 |ParentID: 504)
C:\windows\system32\svchost.exe (ID: 728 |ParentID: 592)
C:\windows\system32\svchost.exe (ID: 796 |ParentID: 592)
C:\windows\System32\svchost.exe (ID: 872 |ParentID: 592)
C:\windows\System32\svchost.exe (ID: 944 |ParentID: 592)
C:\windows\system32\svchost.exe (ID: 980 |ParentID: 592)
C:\windows\system32\svchost.exe (ID: 1024 |ParentID: 592)
C:\windows\system32\svchost.exe (ID: 1236 |ParentID: 592)
C:\windows\System32\spoolsv.exe (ID: 1352 |ParentID: 592)
C:\windows\system32\svchost.exe (ID: 1396 |ParentID: 592)
C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe (ID: 1496 |ParentID: 592)
C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe (ID: 1680 |ParentID: 592)
C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe (ID: 1724 |ParentID: 592)
C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50ST7.EXE (ID: 1764 |ParentID: 592)
C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RP7.EXE (ID: 1844 |ParentID: 592)
C:\windows\system32\svchost.exe (ID: 1872 |ParentID: 592)
C:\Program Files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe (ID: 1988 |ParentID: 592)
C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe (ID: 744 |ParentID: 592)
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (ID: 1072 |ParentID: 592)
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.1.2\ToolbarUpdater.exe (ID: 376 |ParentID: 592)
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.1.2\loggingserver.exe (ID: 2200 |ParentID: 376)
C:\windows\system32\conhost.exe (ID: 2208 |ParentID: 460)
C:\windows\system32\svchost.exe (ID: 2436 |ParentID: 592)
C:\windows\system32\SearchIndexer.exe (ID: 2776 |ParentID: 592)
C:\Program Files\Norton 360\Engine\21.1.0.18\N360.exe (ID: 2812 |ParentID: 592)
C:\Program Files\Windows Media Player\wmpnetwk.exe (ID: 2616 |ParentID: 592)
C:\windows\system32\taskeng.exe (ID: 3088 |ParentID: 1024)
C:\windows\system32\taskhost.exe (ID: 3384 |ParentID: 592)
C:\Program Files\Norton 360\Engine\21.1.0.18\N360.exe (ID: 1696 |ParentID: 2812)
C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe (ID: 3052 |ParentID: 3088)
C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe (ID: 108 |ParentID: 3088)
C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe (ID: 1708 |ParentID: 3088)
C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe (ID: 2840 |ParentID: 3088)
C:\windows\system32\Dwm.exe (ID: 1888 |ParentID: 944)
C:\windows\Explorer.EXE (ID: 2860 |ParentID: 3044)
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (ID: 3108 |ParentID: 2860)
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (ID: 1940 |ParentID: 2860)
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (ID: 2000 |ParentID: 2860)
C:\Program Files\QuickTime\qttask.exe (ID: 3552 |ParentID: 2860)
C:\Windows\System32\igfxtray.exe (ID: 664 |ParentID: 2860)
C:\Windows\System32\hkcmd.exe (ID: 2992 |ParentID: 2860)
C:\Windows\System32\igfxpers.exe (ID: 2568 |ParentID: 2860)
C:\Program Files\SSC Service Utility\ssc_serv.exe (ID: 1156 |ParentID: 2860)
C:\Program Files\Epson Software\Event Manager\EEventManager.exe (ID: 2980 |ParentID: 2860)
C:\Program Files\Common Files\Java\Java Update\jusched.exe (ID: 2276 |ParentID: 2860)
C:\Program Files\AVG Secure Search\vprot.exe (ID: 3428 |ParentID: 2860)
C:\Program Files\Microsoft Money\System\mnyexpr.exe (ID: 1016 |ParentID: 2860)
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (ID: 3328 |ParentID: 1940)
C:\Program Files\Skype\Phone\Skype.exe (ID: 4180 |ParentID: 2860)
C:\Program Files\Palm\Hotsync.exe (ID: 4268 |ParentID: 2860)
C:\Program Files\3M\PSNLite\PsnLite.exe (ID: 4464 |ParentID: 2860)
C:\Users\Rachel\AppData\Roaming\Dropbox\bin\Dropbox.exe (ID: 4612 |ParentID: 2860)
C:\windows\System32\svchost.exe (ID: 4716 |ParentID: 592)
C:\PROGRA~1\3M\PSNLite\PSNGive.exe (ID: 4768 |ParentID: 4464)
C:\windows\system32\svchost.exe (ID: 5004 |ParentID: 592)
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (ID: 5768 |ParentID: 592)
C:\windows\system32\igfxext.exe (ID: 5916 |ParentID: 728)
C:\windows\system32\igfxsrvc.exe (ID: 5588 |ParentID: 728)
C:\PROGRA~1\samsung\SAMSUN~2\SUPNOT~1.EXE (ID: 5604 |ParentID: 688)
C:\Windows\System32\wscript.exe (ID: 1440 |ParentID: 2408)
C:\windows\system32\wbem\wmiprvse.exe (ID: 1132 |ParentID: 728)
C:\Program Files\Real\RealPlayer\update\realsched.exe (ID: 3016 |ParentID: 660)
C:\Program Files\Real\RealPlayer\RealPlay.exe (ID: 3836 |ParentID: 3016)
C:\windows\System32\WUDFHost.exe (ID: 7200 |ParentID: 944)
C:\Program Files\Google\Chrome\Application\chrome.exe (ID: 7192 |ParentID: 2860)
C:\Program Files\Google\Chrome\Application\chrome.exe (ID: 6376 |ParentID: 7192)
C:\Program Files\Google\Chrome\Application\chrome.exe (ID: 4872 |ParentID: 7192)
C:\Program Files\Google\Chrome\Application\chrome.exe (ID: 7012 |ParentID: 7192)
C:\Program Files\Google\Chrome\Application\chrome.exe (ID: 6272 |ParentID: 7192)
C:\Program Files\Google\Chrome\Application\chrome.exe (ID: 6952 |ParentID: 7192)
C:\Program Files\Google\Chrome\Application\chrome.exe (ID: 6132 |ParentID: 7192)
C:\Program Files\Google\Chrome\Application\chrome.exe (ID: 5252 |ParentID: 7192)
C:\Program Files\Internet Explorer\IELowutil.exe (ID: 5748 |ParentID: 4180)
C:\UsbFix\Go.exe (ID: 8108 |ParentID: 1504)
################## | Regedit Run |
04 - HKLM\SOFTWARE | Run : [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
04 - HKLM\SOFTWARE | Run : [SynTPEnh] - %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
04 - HKLM\SOFTWARE | Run : [fsi] - C:\Program Files\Phoenix Technologies Ltd\FailSafe\FailSafeLauncher.exe
04 - HKLM\SOFTWARE | Run : [UCam_Menu] - "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0"
04 - HKLM\SOFTWARE | Run : [Adobe Reader Speed Launcher] - "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
04 - HKLM\SOFTWARE | Run : [Adobe ARM] - "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
04 - HKLM\SOFTWARE | Run : [QuickTime Task] - "C:\Program Files\QuickTime\qttask.exe" -atboottime
04 - HKLM\SOFTWARE | Run : [IgfxTray] - C:\windows\system32\igfxtray.exe
04 - HKLM\SOFTWARE | Run : [HotKeysCmds] - C:\windows\system32\hkcmd.exe
04 - HKLM\SOFTWARE | Run : [Persistence] - C:\windows\system32\igfxpers.exe
04 - HKLM\SOFTWARE | Run : [TkBellExe] - "C:\Program Files\Real\RealPlayer\Update\realsched.exe" -osboot
04 - HKLM\SOFTWARE | Run : [SSC Service Utility] - C:\Program Files\SSC Service Utility\ssc_serv.exe /s
04 - HKLM\SOFTWARE | Run : [EEventManager] - "C:\Program Files\Epson Software\Event Manager\EEventManager.exe"
04 - HKLM\SOFTWARE | Run : [SunJavaUpdateSched] - "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
04 - HKLM\SOFTWARE | Run : [HotSync] - "C:\Program Files\PalmSource\Desktop\HotSync.exe" -AllUsers
04 - HKLM\SOFTWARE | Run : [vProt] - "C:\Program Files\AVG Secure Search\vprot.exe"
04 - HKLM\SOFTWARE | RunOnce : [] -
04 - HKU\S-1-5-19\SOFTWARE | Run : [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-20\SOFTWARE | Run : [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-21-623185827-486602848-2816749420-1001\SOFTWARE | Run : [MoneyAgent] - "C:\Program Files\Microsoft Money\System\mnyexpr.exe"
04 - HKU\S-1-5-21-623185827-486602848-2816749420-1001\SOFTWARE | Run : [Epson Stylus SX235(Réseau)] - C:\windows\system32\spool\DRIVERS\W32X86\3\E_FATIHLE.EXE /FU "C:\Users\Rachel\AppData\Local\Temp\E_S2A62.tmp" /EF "HKCU"
04 - HKU\S-1-5-21-623185827-486602848-2816749420-1001\SOFTWARE | Run : [EPSON334020 (Epson Stylus SX235)] - C:\windows\system32\spool\DRIVERS\W32X86\3\E_FATIHLE.EXE /FU "C:\Users\Rachel\AppData\Local\Temp\E_S28EC.tmp" /EF "HKCU"
04 - HKU\S-1-5-21-623185827-486602848-2816749420-1001\SOFTWARE | Run : [Skype] - "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
04 - HKU\S-1-5-21-623185827-486602848-2816749420-1001\SOFTWARE | Run : [WinUsbDriver] - wscript.exe //B "C:\Users\Rachel\AppData\Local\Temp\WinUsbDriver.vbs"
04 - HKU\S-1-5-21-623185827-486602848-2816749420-1001\SOFTWARE | Run : [swg] - "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
04 - HKU\S-1-5-19\SOFTWARE | RunOnce : [mctadmin] - C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-20\SOFTWARE | RunOnce : [mctadmin] - C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-21-623185827-486602848-2816749420-1001\SOFTWARE | RunOnce : [FlashPlayerUpdate] - C:\windows\system32\Macromed\Flash\FlashUtil32_11_9_900_117_ActiveX.exe -update activex
################## | Recherche générique |
Présent! C:\Users\Rachel\AppData\Local\Temp\WinUsbDriver.vbs
Présent! E:\WinUsbDriver.vbs
Présent! E:\dossier mémoire.lnk
################## | Référence de comparaison MD5 |
Md5 : 80E49685D1AC8A3623DD78779820AE5A -> C:\Users\Rachel\AppData\Local\Temp\WinUsbDriver.vbs
Md5 : 80E49685D1AC8A3623DD78779820AE5A -> E:\WinUsbDriver.vbs
################## | Comparaison MD5 |
Présent! Md5 : 80E49685D1AC8A3623DD78779820AE5A -> C:\Users\Rachel\AppData\Local\Temp\WinUsbDriver.vbs
Présent! Md5 : 80E49685D1AC8A3623DD78779820AE5A -> E:\WinUsbDriver.vbs
################## | Registre |
Présent! HKU\S-1-5-21-623185827-486602848-2816749420-1001\Software\Microsoft\Windows\CurrentVersion\Run|WinUsbDriver
Présent! HKCU\Software\Microsoft\Windows\CurrentVersion\Run|WinUsbDriver
################## | Vaccin |
(!) Cet ordinateur n'est pas vacciné!
################## | E.O.F | https://www.usbfix.net/ - https://www.sosvirus.net/ |
A voir également:
- Raccourcis sur la cle USB
- Clé usb non détectée - Guide
- Clé usb - Accueil - Stockage
- Formater clé usb - Guide
- Clé windows 8 - Guide
- Télécharger windows 7 sur clé usb gratuit - Télécharger - Systèmes d'exploitation
