Sujet Précédent Sujet Suivant

Rapport usbfix

Résolu/Fermé
filaa Messages postés 2 Date d'inscription vendredi 23 mai 2014 Statut Membre Dernière intervention 23 mai 2014 - 23 mai 2014 à 18:41
filaa Messages postés 2 Date d'inscription vendredi 23 mai 2014 Statut Membre Dernière intervention 23 mai 2014 - 23 mai 2014 à 18:46
Bonjour,

[b]############################## | UsbFix V 7.171 | [Nettoyage][/b]

Utilisateur: filassira (Administrateur) # FILAA
Mis à jour le 18/05/2014 par El Desaparecido - SosVirus
Lancé à 16:18:09 | 23/05/2014

Site Web : [url=http://www.usbfix.net/]https://www.usbfix.net/[/url]
Changelog : [url=http://www.usbfix.net/maj/]https://www.usb-antivirus.com/fr/maj/[/url]
Assistance : [url=http://www.sosvirus.net/forum-virus-securite.html]https://depannageinformatique.org/acheter/reservation/?f=6[/url]
Upload Malware : [url=http://www.sosvirus.net/upload_malware.php]http://www.sosvirus.net/upload_malware.php[/url]
Contact : [url=http://www.usbfix.net/contact/]https://www.usb-antivirus.com/fr/contact/[/url]

PC: FUJITSU (FJNBB06)
CPU: Intel(R) Pentium(R) CPU P6200 @ 2.13GHz
RAM -> [Total : 2933 Mo| Free : 1262 Mo]
Bios: FUJITSU // Phoenix Technologies Ltd.
Boot: Normal boot

OS: Microsoft Windows 7 Édition Intégrale (6.1.7601 32-Bit) Service Pack 1
WB: Windows Internet Explorer : 11.0.9600.17107
WB: Google Chrome : 34.0.1847.137
WB: Mozilla Firefox : 27.0.1
WB: Safari : 534.57.2

SC: Security Center [Enabled]
WU: Windows Update [Enabled]
AV: Norton Internet Security [(!) Disabled | (!) Outdated]
AV: avast! Antivirus [Enabled | Updated]
AS: Windows Defender [Enabled | Updated]
AS: Spybot - Search and Destroy [Enabled | Updated]
AS: avast! Antivirus [Enabled | Updated]
AS: Norton Internet Security [(!) Disabled | (!) Outdated]
FW: Norton Internet Security [(!) Disabled]
FW: Windows FireWall [Enabled]

C:\ (%SystemDrive%) -> Disque fixe # 122 Go (41 Go libre(s) - 33%) [] # NTFS
D:\ -> CD-ROM
E:\ -> Disque fixe # 127 Go (89 Go libre(s) - 70%) [Données] # NTFS
F:\ -> Disque amovible # 7 Go (2 Go libre(s) - 22%) [FILAA] # FAT32
G:\ -> CD-ROM
H:\ -> CD-ROM

[b]################## | Processus Stoppés |[/b]

C:\Windows\UnsignedThemesSvc.exe (ID: 1096|ParentID: 636)
C:\Windows\System32\spoolsv.exe (ID: 1880|ParentID: 636|Système)
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (ID: 1984|ParentID: 636|Système)
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (ID: 2008|ParentID: 636|Système)
C:\Program Files\Bonjour\mDNSResponder.exe (ID: 108|ParentID: 636|Système)
C:\Program Files\iTALC\ica.exe (ID: 736|ParentID: 636|Système)
C:\Program Files\InternetEverywhere\InternetEverywhere_Service.exe (ID: 1628|ParentID: 636|Système)
C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (ID: 1752|ParentID: 636|Système)
C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe (ID: 1720|ParentID: 636|SERVICE RÉSEAU)
C:\Program Files\Norton Internet Security\Engine\17.9.0.12\ccsvchst.exe (ID: 1976|ParentID: 636|Système)
C:\Windows\System32\taskeng.exe (ID: 2152|ParentID: 1072|Système)
C:\oraclexe\app\oracle\product\10.2.0\server\BIN\oracle.exe (ID: 2564|ParentID: 636|Système)
C:\Windows\explorer.exe (ID: 2580|ParentID: 2436|filassira)
C:\oraclexe\app\oracle\product\10.2.0\server\BIN\TNSLSNR.EXE (ID: 2816|ParentID: 636|Système)
C:\Program Files\PostgreSQL\9.1\bin\pg_ctl.exe (ID: 3000|ParentID: 636|postgres)
C:\Program Files\Fujitsu\PSUtility\PSUService.exe (ID: 3056|ParentID: 636|Système)
C:\Windows\System32\hkcmd.exe (ID: 3144|ParentID: 2580|filassira)
C:\Windows\System32\igfxpers.exe (ID: 3152|ParentID: 2580|filassira)
C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe (ID: 3160|ParentID: 636|Système)
C:\Windows\System32\igfxsrvc.exe (ID: 3272|ParentID: 760|filassira)
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (ID: 3344|ParentID: 2580|filassira)
C:\Program Files\PostgreSQL\9.1\bin\postgres.exe (ID: 3364|ParentID: 3000|postgres)
C:\Windows\System32\conhost.exe (ID: 3372|ParentID: 536|postgres)
C:\Program Files\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe (ID: 3428|ParentID: 2580|filassira)
C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe (ID: 3440|ParentID: 2580|filassira)
C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe (ID: 3448|ParentID: 2580|filassira)
C:\Program Files\PostgreSQL\9.1\bin\postgres.exe (ID: 3464|ParentID: 3364|postgres)
C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe (ID: 3504|ParentID: 2580|filassira)
C:\Program Files\Fujitsu\PSUtility\TrayManager.exe (ID: 3512|ParentID: 2580|filassira)
C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe (ID: 3520|ParentID: 2580|filassira)
C:\Program Files\CSR\Bluetooth Feature Pack 5.0\CSRSkype.exe (ID: 3528|ParentID: 2580|filassira)
C:\Program Files\CSR\Bluetooth Feature Pack 5.0\ConMgr.exe (ID: 3544|ParentID: 2580|filassira)
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (ID: 3596|ParentID: 2580|filassira)
C:\Program Files\Fujitsu\DeskUpdate\DeskUpdateNotifier.exe (ID: 3612|ParentID: 2580|filassira)
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (ID: 3628|ParentID: 2580|filassira)
C:\Program Files\iTunes\iTunesHelper.exe (ID: 3636|ParentID: 2580|filassira)
C:\Program Files\Fujitsu\Application Panel\BtnHndHkb.exe (ID: 3816|ParentID: 3504|filassira)
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (ID: 3876|ParentID: 3596|filassira)
C:\Program Files\PostgreSQL\9.1\bin\postgres.exe (ID: 3892|ParentID: 3364|postgres)
C:\Program Files\PostgreSQL\9.1\bin\postgres.exe (ID: 3900|ParentID: 3364|postgres)
C:\Program Files\PostgreSQL\9.1\bin\postgres.exe (ID: 3908|ParentID: 3364|postgres)
C:\Program Files\PostgreSQL\9.1\bin\postgres.exe (ID: 3916|ParentID: 3364|postgres)
C:\Program Files\CSR\Bluetooth Feature Pack 5.0\CSRBipPushResponder.exe (ID: 2620|ParentID: 2580|filassira)
C:\Program Files\Common Files\Java\Java Update\jusched.exe (ID: 2848|ParentID: 2580|filassira)
C:\Program Files\Real\RealPlayer\Update\realsched.exe (ID: 2880|ParentID: 2580|filassira)
C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe (ID: 3996|ParentID: 2580|filassira)
C:\Program Files\DAEMON Tools Lite\DTLite.exe (ID: 2092|ParentID: 2580|filassira)
C:\Program Files\Software Informer\softinfo.exe (ID: 1776|ParentID: 2580|filassira)
C:\Program Files\Micro Application\36 Dictionnaires et Recueils de Correspondance\MediaDico36.exe (ID: 2024|ParentID: 3560|filassira)
C:\Users\filassira\AppData\Roaming\cacaoweb\cacaoweb.exe (ID: 4216|ParentID: 2580|filassira)
C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE (ID: 4228|ParentID: 2580|filassira)
C:\Program Files\Micro Application\36 Dictionnaires et Recueils de Correspondance\RAC36.exe (ID: 4284|ParentID: 3560|filassira)
C:\Windows\System32\wscript.exe (ID: 4408|ParentID: 2580|filassira)
C:\Program Files\InternetEverywhere\InternetEverywhere_Launcher.exe (ID: 4512|ParentID: 2580|filassira)
C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe (ID: 4580|ParentID: 636|Système)
C:\Program Files\CSR\Bluetooth Feature Pack 5.0\VFPRadioSupportService.exe (ID: 5500|ParentID: 636|Système)
C:\Program Files\Fujitsu\WirelessSelector\WSUService.exe (ID: 5596|ParentID: 636|Système)
C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe (ID: 5788|ParentID: 636|Système)
C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe (ID: 5872|ParentID: 636|Système)
C:\Program Files\iPod\bin\iPodService.exe (ID: 828|ParentID: 636|Système)
C:\Windows\System32\SearchIndexer.exe (ID: 4280|ParentID: 636|Système)
C:\Windows\System32\WUDFHost.exe (ID: 4816|ParentID: 1020|SERVICE LOCAL)
C:\Program Files\EasyPHP1-8\EasyPHP.exe (ID: 6020|ParentID: 2580|filassira)
C:\PROGRA~1\EASYPH~1\apache\Apache.exe (ID: 5436|ParentID: 6020|filassira)
C:\PROGRA~1\EASYPH~1\apache\Apache.exe (ID: 2312|ParentID: 5436|filassira)
C:\PROGRA~1\EASYPH~1\mysql\bin\mysqld.exe (ID: 4872|ParentID: 6020|filassira)
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (ID: 5888|ParentID: 636|Système)
C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (ID: 3776|ParentID: 636|Système)
C:\Program Files\Windows Media Player\wmpnetwk.exe (ID: 5440|ParentID: 636|SERVICE RÉSEAU)
C:\Program Files\Google\Chrome\Application\chrome.exe (ID: 5208|ParentID: 2580|filassira)
C:\Program Files\Common Files\Java\Java Update\jucheck.exe (ID: 5664|ParentID: 2848|filassira)
C:\Program Files\Google\Chrome\Application\chrome.exe (ID: 5212|ParentID: 5208|filassira)
C:\Users\filassira\AppData\Local\Aptana Studio 3\AptanaStudio3.exe (ID: 7376|ParentID: 2580|filassira)
C:\Users\filassira\AppData\Local\iLivid\iLivid.exe (ID: 3588|ParentID: 7048|filassira)
C:\Program Files\Google\Chrome\Application\chrome.exe (ID: 7124|ParentID: 5208|filassira)

[b]################## | Autorun |[/b]

F:\recup.lnk -> F:\168816984_MicrosoftUpdate.vbe - (SHA1: 5A941311A7746F28D3A4A709A2E398F0AB297254)

[b]################## | Recherche générique |[/b]

Supprimé! C:\Users\All Users\rescue.vbe
Supprimé! C:\Users\filassira\AppData\Roaming\168816984_MicrosoftUpdate.vbe
Supprimé! F:\168816984_MicrosoftUpdate.vbe
Supprimé! E:\cacaoweb.exe
Supprimé! F:\recup.lnk
Supprimé! C:\kernel\Aplikasi.lnk
Supprimé! C:\kernel\Lirik.rtf
Non supprimé ! C:\kernel\lpt1
Supprimé! C:\kernel\Microsoft.lnk
Supprimé! C:\kernel\Music.lnk
Supprimé! C:\kernel
Supprimé! C:\system32\SystemProtection.exe
Supprimé! C:\Program Files\Common Files\System\Windows Update
Supprimé! C:\Windows\system32\system\svchost.exe
Supprimé! C:\Windows\svchost .exe

(!) Fichiers temporaires supprimés.

[b]################## | Registre |[/b]

Supprimé! HKLM\Software\Classes\CLSID\{11111111-2222-3333-4444-555555555555}
Supprimé! HKLM\SYSTEM\CurrentControlSet\Services\system
Supprimé! HKLM\SYSTEM\ControlSet002\Services\system
Supprimé! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe
Supprimé! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe
Supprimé! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe
Supprimé! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe
Supprimé! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe
Supprimé! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe
Supprimé! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe
Supprimé! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip
Supprimé! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe
Supprimé! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe
Supprimé! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe
Supprimé! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe
Supprimé! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe
Supprimé! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe
Supprimé! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe
Supprimé! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe
Supprimé! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe
Supprimé! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe
Supprimé! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe
Supprimé! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\volaro
Supprimé! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vonteera
Supprimé! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe
Supprimé! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe
Supprimé! HKU\S-1-5-21-3730267795-164748586-569420196-1000\Software\Microsoft\Windows\CurrentVersion\Run|168816984_MicrosoftUpdate
Supprimé! HKLM\Software\Microsoft\Windows\CurrentVersion\Run|168816984_MicrosoftUpdate
Supprimé! HKU\S-1-5-21-3730267795-164748586-569420196-1000\Software\Microsoft\Windows\CurrentVersion\Run|cacaoweb
Supprimé! HKU\S-1-5-21-3730267795-164748586-569420196-1000\Software\Microsoft\Windows\CurrentVersion\Run|Explorer
Supprimé! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run|rescue
Supprimé! HKU\S-1-5-21-3730267795-164748586-569420196-1000\Software\Microsoft\Windows\CurrentVersion\Run|Secret
Supprimé! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run|Updates
Supprimé! HKLM\Software\Microsoft\Windows\CurrentVersion\Run|WinUpdate
Supprimé! HKU\S-1-5-21-3730267795-164748586-569420196-1000\Software\.\.\.\.\Mountpoints2\F
Supprimé! HKU\S-1-5-21-3730267795-164748586-569420196-1000\Software\.\.\.\.\Mountpoints2\{28c4dd3a-fbc8-11e0-bdeb-e839df07b235}
Supprimé! HKU\S-1-5-21-3730267795-164748586-569420196-1000\Software\.\.\.\.\Mountpoints2\{29e2746e-a800-11e0-9400-806e6f6e6963}
Supprimé! HKU\S-1-5-21-3730267795-164748586-569420196-1000\Software\.\.\.\.\Mountpoints2\{5298086d-ffff-11e1-8bcf-0023269168cf}
Supprimé! HKU\S-1-5-21-3730267795-164748586-569420196-1000\Software\.\.\.\.\Mountpoints2\{5fd2e616-ee2f-11e1-89ea-e839df07b235}
Supprimé! HKU\S-1-5-21-3730267795-164748586-569420196-1000\Software\.\.\.\.\Mountpoints2\{6e21241e-7765-11e2-a083-e839df07b235}
Supprimé! HKU\S-1-5-21-3730267795-164748586-569420196-1000\Software\.\.\.\.\Mountpoints2\{797b42ab-5e92-11e3-a2bb-e839df07b235}
Supprimé! HKU\S-1-5-21-3730267795-164748586-569420196-1000\Software\.\.\.\.\Mountpoints2\{807160cc-1cbd-11e1-b8c4-e839df07b235}
Supprimé! HKU\S-1-5-21-3730267795-164748586-569420196-1000\Software\.\.\.\.\Mountpoints2\{b47e4c3c-d406-11e2-8cab-e839df07b235}
Supprimé! HKU\S-1-5-21-3730267795-164748586-569420196-1000\Software\.\.\.\.\Mountpoints2\{df9efb87-f2da-11e1-88a5-0023269168cf}
Supprimé! HKU\S-1-5-21-3730267795-164748586-569420196-1000\Software\.\.\.\.\Mountpoints2\{fb3143e5-825c-11e2-8b5d-e839df07b235}

[b]################## | Regedit Run |[/b]

F2 - HKLM\..\Winlogon : [Shell] explorer.exe
F2 - HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe,
04 - HKCU\..\Run : [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
04 - HKCU\..\Run : [ares] "C:\Program Files\Ares\Ares.exe" -h
04 - HKCU\..\Run : [sunuradiotv] C:\Program Files\sunugraf\sunuradiotv\iconebarre.exe
04 - HKCU\..\Run : [Software Informer] "C:\Program Files\Software Informer\softinfo.exe" -autorun
04 - HKCU\..\Run : [MediaDICO36] C:\Program Files\Micro Application\36 Dictionnaires et Recueils de Correspondance\LanceMediaDICO36.exe Lancement
04 - HKCU\..\Run : [Awake.Tres tres bon film] F:\Awake.Tres tres bon film.exe /l
04 - HKCU\..\Run : [coiyiip] C:\Users\filassira\coiyiip.exe /a
04 - HKCU\..\Run : [OfficeSyncProcess] "C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE"
04 - HKCU\..\Run : [iLivid] "C:\Users\filassira\AppData\Local\iLivid\iLivid.exe" -autorun
04 - HKCU\..\Run : [Df5serv] Wscript.exe //e:VBScript "C:\Users\filassira\Documents\df5srvc.bfe"
04 - HKCU\..\Run : [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
04 - HKCU\..\Run : [Spybot-S&D Cleaning] "C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
04 - HKLM\..\Run : [IgfxTray] C:\Windows\system32\igfxtray.exe
04 - HKLM\..\Run : [HotKeysCmds] C:\Windows\system32\hkcmd.exe
04 - HKLM\..\Run : [Persistence] C:\Windows\system32\igfxpers.exe
04 - HKLM\..\Run : [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
04 - HKLM\..\Run : [IndicatorUtility] C:\Program Files\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe
04 - HKLM\..\Run : [LoadFUJ02E3] C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe
04 - HKLM\..\Run : [LoadFujitsuQuickTouch] C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe
04 - HKLM\..\Run : [LoadBtnHnd] C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe
04 - HKLM\..\Run : [PSUTility] C:\Program Files\Fujitsu\PSUtility\TrayManager.exe
04 - HKLM\..\Run : [FDM7] C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe
04 - HKLM\..\Run : [CSRSkype] C:\Program Files\CSR\Bluetooth Feature Pack 5.0\CSRSkype.exe
04 - HKLM\..\Run : [ConMgr] "C:\Program Files\CSR\Bluetooth Feature Pack 5.0\ConMgr.exe"
04 - HKLM\..\Run : [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
04 - HKLM\..\Run : [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
04 - HKLM\..\Run : [DeskUpdateNotifier] "C:\Program Files\Fujitsu\DeskUpdate\DeskUpdateNotifier.exe"
04 - HKLM\..\Run : [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
04 - HKLM\..\Run : [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
04 - HKLM\..\Run : [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
04 - HKLM\..\Run : [UX Launcher] C:\Program Files\UX Pack\uxlaunch.exe
04 - HKLM\..\Run : [YouCam Service] "C:\Program Files\CyberLink\YouCam\YouCamService.exe" /s
04 - HKLM\..\Run : [CSRBIP] C:\Program Files\CSR\Bluetooth Feature Pack 5.0\CSRBipPushResponder.exe
04 - HKLM\..\Run : [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
04 - HKLM\..\Run : [TkBellExe] "C:\Program Files\Real\RealPlayer\update\realsched.exe" -osboot
04 - HKLM\..\Run : [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
04 - HKLM\..\Run : [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
04 - HKLM\..\Run : [SDTray] "C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe"
04 - HKU\S-1-5-19\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-20\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-21-3730267795-164748586-569420196-1000\..\Run : [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
04 - HKU\S-1-5-21-3730267795-164748586-569420196-1000\..\Run : [ares] "C:\Program Files\Ares\Ares.exe" -h
04 - HKU\S-1-5-21-3730267795-164748586-569420196-1000\..\Run : [sunuradiotv] C:\Program Files\sunugraf\sunuradiotv\iconebarre.exe
04 - HKU\S-1-5-21-3730267795-164748586-569420196-1000\..\Run : [Software Informer] "C:\Program Files\Software Informer\softinfo.exe" -autorun
04 - HKU\S-1-5-21-3730267795-164748586-569420196-1000\..\Run : [MediaDICO36] C:\Program Files\Micro Application\36 Dictionnaires et Recueils de Correspondance\LanceMediaDICO36.exe Lancement
04 - HKU\S-1-5-21-3730267795-164748586-569420196-1000\..\Run : [Awake.Tres tres bon film] F:\Awake.Tres tres bon film.exe /l
04 - HKU\S-1-5-21-3730267795-164748586-569420196-1000\..\Run : [coiyiip] C:\Users\filassira\coiyiip.exe /a
04 - HKU\S-1-5-21-3730267795-164748586-569420196-1000\..\Run : [OfficeSyncProcess] "C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE"
04 - HKU\S-1-5-21-3730267795-164748586-569420196-1000\..\Run : [iLivid] "C:\Users\filassira\AppData\Local\iLivid\iLivid.exe" -autorun
04 - HKU\S-1-5-21-3730267795-164748586-569420196-1000\..\Run : [Df5serv] Wscript.exe //e:VBScript "C:\Users\filassira\Documents\df5srvc.bfe"
04 - HKU\S-1-5-21-3730267795-164748586-569420196-1000\..\Run : [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
04 - HKU\S-1-5-21-3730267795-164748586-569420196-1000\..\Run : [Spybot-S&D Cleaning] "C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
04 - HKU\S-1-5-19\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-20\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe

[b]################## | C:\ %SystemDrive% - Disque Fixe (NTFS) |[/b]

[11/07/2012 - 07:12:14 | N | 20124 Ko] - C:\css3menu-setup.zip
[20/10/2013 - 23:06:43 | AD] - C:\.Trash-1000
[20/10/2013 - 23:08:39 | D] - C:\DeskUpdate.tmp
[10/06/2009 - 21:42:20 | N | 0 Ko] - C:\config.sys
[25/11/2011 - 09:41:57 | RASH | 0 Ko] - C:\MSDOS.SYS
[25/11/2011 - 09:41:57 | RASH | 0 Ko] - C:\IO.SYS
[23/05/2014 - 15:30:40 | ASH | 2252200 Ko] - C:\hiberfil.sys
[23/05/2014 - 15:30:41 | ASH | 3002936 Ko] - C:\pagefile.sys
[16/05/2014 - 09:22:59 | D] - C:\Config.Msi
[07/07/2011 - 14:02:42 | N | 2 Ko] - C:\RHDSetup.log
[22/05/2014 - 10:31:41 | N | 1 Ko] - C:\colorbox.log
[03/05/2012 - 23:12:58 | N | 1 Ko] - C:\user.js
[06/12/2013 - 23:04:21 | N | 236 Ko] - C:\jquery-2.0.3.js
[12/11/2011 - 12:49:52 | N | 5466 Ko | SHA1: A9D74C186EF9C4844CCFB0142DCE0F90836DF9A7] - C:\npp.5.9.6.1.Installer.exe
[15/12/2011 - 21:30:44 | N | 1259 Ko | SHA1: 9BDD765C2CC540965CC9F1CE7075D42C2BDA7657] - C:\wlsetup-web.exe
[02/06/2012 - 00:39:52 | N | 7812 Ko | SHA1: D389C98DB1152BA274B1B75DDE87CA88BA7173B5] - C:\vlc-2.0.1-win32.exe
[18/09/2013 - 15:38:37 | N | 1586 Ko | SHA1: 8AE6AF24A0E6B3005AF09A136674FE195191DCF9] - C:\iLividSetup-r484-n-bf.exe
[20/10/2013 - 20:02:15 | SHD] - C:\$Recycle.Bin
[10/06/2009 - 21:42:20 | A | 0 Ko] - C:\autoexec.bat
[20/10/2013 - 17:10:02 | D] - C:\found.000
[14/07/2009 - 04:53:55 | SHD] - C:\Documents and Settings
[20/10/2013 - 16:03:07 | D] - C:\security
[20/10/2013 - 20:02:12 | RHD] - C:\MSOCache
[20/10/2013 - 20:02:15 | D] - C:\$AVG
[20/10/2013 - 20:02:19 | SHD] - C:\Recovery
[20/10/2013 - 20:02:19 | D] - C:\sunuradio
[20/10/2013 - 20:02:19 | D] - C:\sys
[20/10/2013 - 23:06:52 | D] - C:\36 Dictionnaire et recueils de correspandance
[20/10/2013 - 23:07:15 | D] - C:\Angry Birds [PC-Game]
[20/10/2013 - 23:07:38 | D] - C:\bdoracle
[20/10/2013 - 23:07:48 | D] - C:\BigFishGamesCache
[20/10/2013 - 23:08:12 | D] - C:\Boonty
[20/10/2013 - 23:09:36 | D] - C:\Dev-Cpp
[20/10/2013 - 23:14:37 | D] - C:\Dev-Pas
[20/10/2013 - 23:16:27 | D] - C:\docsql
[20/10/2013 - 23:19:45 | D] - C:\Fairy Jewels
[20/10/2013 - 23:20:13 | D] - C:\FPC
[20/10/2013 - 23:20:34 | D] - C:\Intel
[20/10/2013 - 23:21:43 | D] - C:\Limbo
[20/10/2013 - 23:21:59 | D] - C:\MASM611
[20/10/2013 - 23:23:46 | D] - C:\Masm615
[20/10/2013 - 23:24:36 | D] - C:\monhtml
[20/10/2013 - 23:24:55 | D] - C:\Need For Extreme 3D
[20/10/2013 - 23:26:26 | D] - C:\oraclexe
[20/10/2013 - 23:26:59 | D] - C:\owncloud
[21/10/2013 - 00:09:49 | D] - C:\ProgrammeASM
[21/10/2013 - 00:10:48 | D] - C:\Python26
[21/10/2013 - 00:14:25 | D] - C:\r
[21/10/2013 - 00:14:34 | D] - C:\throttle
[21/10/2013 - 00:14:53 | D] - C:\TP0
[21/10/2013 - 00:16:42 | D] - C:\Users
[21/10/2013 - 00:20:13 | D] - C:\uses cases projet
[21/10/2013 - 00:20:36 | D] - C:\Visual Studio 2010 Express (x86) - DVD (English)
[28/10/2013 - 15:46:14 | D] - C:\23
[16/11/2013 - 20:20:22 | D] - C:\Max Payne 2
[20/11/2013 - 19:28:04 | D] - C:\bc3536efe1c5d6bd234e19457c
[21/11/2013 - 22:16:58 | D] - C:\The Island Castaway
[30/11/2013 - 19:57:10 | D] - C:\python
[07/05/2014 - 16:52:11 | D] - C:\wamp
[21/05/2014 - 08:58:57 | SHD] - C:\System Volume Information
[21/05/2014 - 10:07:30 | D] - C:\extensions
[22/05/2014 - 10:50:54 | D] - C:\eclipse
[23/05/2014 - 14:56:57 | D] - C:\Program Files
[23/05/2014 - 16:17:00 | D] - C:\UsbFix
[23/05/2014 - 16:26:14 | HD] - C:\ProgramData
[23/05/2014 - 16:26:16 | D] - C:\Kernel
[23/05/2014 - 16:26:16 | D] - C:\system32
[23/05/2014 - 16:26:16 | D] - C:\Windows

[b]################## | E:\ - Disque Fixe (NTFS) |[/b]

[21/10/2013 - 00:42:52 | AD] - E:\.Trash-1000
[10/11/2009 - 00:52:18 | N | 142565 Ko] - E:\Conduite 3D - Evaluation.msi
[30/06/2013 - 16:01:07 | N | 191 Ko] - E:\PHP date - Manual.htm
[20/01/2014 - 21:23:25 | N | 50 Ko] - E:\Root et déblocage Alcatel One Touch 4007X Pixi DeblokGsm.htm
[03/02/2011 - 19:30:46 | N | 227464 Ko | SHA1: BEC076E9E777DE932726A29FBFE4BD589B7F31D4] - E:\codepratic.exe
[28/03/2013 - 12:29:23 | N | 0 Ko] - E:\~$rmes de corruption.docx
[28/03/2013 - 12:31:40 | N | 0 Ko] - E:\~$resume.docx
[10/05/2013 - 16:07:12 | N | 0 Ko] - E:\~$ésentation projet Master SYSCOM.docx
[03/06/2013 - 17:21:32 | N | 186 Ko] - E:\routine capillaire.docx
[23/07/2013 - 10:21:16 | N | 0 Ko] - E:\~$ude de cas UML - Site Marchand.docx
[29/07/2013 - 10:12:47 | N | 0 Ko] - E:\~$astrap.docm
[22/05/2014 - 19:48:22 | N | 3 Ko] - E:\bootsqm.dat
[20/05/2014 - 09:15:00 | SHD] - E:\$RECYCLE.BIN
[22/05/2014 - 19:48:02 | D] - E:\found.000
[15/02/2012 - 11:55:12 | SHD] - E:\System Volume Information
[20/10/2013 - 22:53:42 | D] - E:\Zuma's Revenge!
[20/10/2013 - 22:57:14 | D] - E:\PHP date - Manual_files
[20/10/2013 - 22:58:22 | D] - E:\Minilyrics
[21/10/2013 - 00:39:45 | D] - E:\f5ea4545cf07739da409cb335753
[21/10/2013 - 00:40:20 | D] - E:\e0787aabe4a41f2e2f
[21/10/2013 - 00:41:37 | D] - E:\cbc26011338a1b6b4f6440a1
[21/10/2013 - 00:42:22 | D] - E:\371d17137ef71e4902c47fa46367d36b
[21/10/2013 - 00:42:42 | D] - E:\7fbf2b25fb9ed7333d15f2be77f8644d
[26/10/2013 - 22:50:43 | D] - E:\photos
[28/11/2013 - 20:52:12 | D] - E:\série
[20/12/2013 - 19:11:59 | D] - E:\Lyrics
[20/01/2014 - 21:23:26 | D] - E:\Root et déblocage Alcatel One Touch 4007X Pixi DeblokGsm_files
[24/03/2014 - 16:44:27 | D] - E:\webcole
[16/05/2014 - 08:50:31 | D] - E:\série
[20/05/2014 - 09:09:35 | D] - E:\filaa
[21/05/2014 - 23:25:15 | D] - E:\film

[b]################## | F:\ - Disque USB (FAT32) |[/b]

[13/10/2011 - 13:52:16 | N | 0 Ko] - F:\ajdimer.txt
[24/10/2011 - 17:50:18 | N | 1 Ko] - F:\joomla.txt
[19/01/2012 - 12:36:48 | N | 0 Ko] - F:\fidel.txt
[02/02/2012 - 05:47:30 | N | 0 Ko] - F:\ouvrirCptScott.txt
[02/02/2012 - 05:47:52 | N | 0 Ko] - F:\redemarer.txt
[16/02/2012 - 22:58:02 | N | 0 Ko] - F:\Nouveau document texte.txt
[01/01/2014 - 16:46:56 | N | 0 Ko] - F:\Saint2014.txt
[12/12/2009 - 16:24:00 | N | 5820 Ko] - F:\securite.pdf
[24/10/2011 - 18:09:02 | N | 92 Ko] - F:\sauvegarde-transfert-site-joomla.pdf
[28/04/2011 - 16:31:18 | N | 4157 Ko | SHA1: E126C39484D5AEA97860422C40E49637D2B56060] - F:\filezilla_filezilla_3.4.0_francais_11141.exe
[10/02/2012 - 16:00:14 | N | 57 Ko] - F:\Rédiger une offre de service n.docx
[06/05/2012 - 23:52:32 | N | 11 Ko] - F:\Seigneur Jésus.docx
[08/05/2012 - 09:49:08 | N | 115 Ko] - F:\proTarcis.docx
[05/12/2011 - 23:38:32 | N | 11 Ko] - F:\cle(2).doc
[02/05/2007 - 21:09:40 | N | 716792 Ko] - F:\Love Dont Cost A Thing French Dvdrip Xvid-Seq-Ggt.avi
[29/10/2013 - 18:18:06 | D] - F:\recup

[b]################## | Vaccin |[/b]

E:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
F:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)

[b]################## | E.O.F | [url=http://www.sosvirus.net/]https://www.sosvirus.net/[/url] | [url=http://www.usbfix.net/]https://www.usbfix.net/[/url] |[/b]

aidez moi s'il vous plait

1 réponse

Réponse 1 / 1
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 627
23 mai 2014 à 18:42
Salut,

Fais nettoyage.
Désinstalle Spybot, sert à rien.
0
filaa Messages postés 2 Date d'inscription vendredi 23 mai 2014 Statut Membre Dernière intervention 23 mai 2014
23 mai 2014 à 18:46
Merci!
0

Discussions similaires

Impossible d'afficher le rapport de tableau croisé dynamique sur un rapport
Utilisateur anonyme -
TomH. -

13 réponses
écrire un rapport de travail
asi -
REGINALD -

3 réponses
impossible d'afficher le tableau dynamique sur un rapport existant
Pierre -
Adrien71 -

3 réponses
1fichier.com et bloqueur de pub
anthea1309 -
Patoche12 -

60 réponses
Probleme bogue
Ines -
Pimmer -

1 réponse