cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

[b]############################## | UsbFix V 7.927 | [Recherche][/b]

Utilisateur: bilel (Administrateur) # BILEL-PC
Mis � jour le 21/04/2015 par El Desaparecido - SosVirus
Lanc� � 15:35:26 | 23/04/2015

Site Web : [url=http://www.usbfix.net/]http://www.usbfix.net/[/url]
Changelog : [url=http://www.usbfix.net/maj/]http://www.usbfix.net/maj/[/url]
Assistance : [url=http://www.sosvirus.net/forum-virus-securite.html]http://www.sosvirus.net/forum-virus-securite.html[/url]
D�tection en Live : [url=http://comment-supprimer.fr/]http://comment-supprimer.fr/[/url]
Contact : [url=http://www.usbfix.net/contact/]http://www.usbfix.net/contact/[/url]

[b]################## | System information |[/b]

MB: FOXCONN (G41MXE/G41MXE-K)
CPU: Pentium(R) Dual-Core CPU E5700 @ 3.00GHz
GC: Intel(R) G41 Express Chipset
RAM -> [Total : 2013 Mo | Free : 685 Mo]
Bios: American Megatrends Inc.
Boot: Normal boot

OS: Microsoft� Windows 7 Ultimate (6.1.7601 32-Bit) Service Pack 1
WB: Internet Explorer : 8.00.7600.16385
WB: Mozilla Firefox : 14.0.1

[b]################## | Security Information |[/b]

AV: avast! Antivirus [Actif |A jour]
AS: Windows Defender [Actif |[b](!) Non � jour[/b]]
AS: avast! Antivirus [Actif |A jour]
FW: avast! Antivirus [Actif]
FW: Windows Firewall [Actif]
SC: Security Center [Actif]
WU: Windows Update [Actif]

[b]################## | Disk Information |[/b]

C:\ (%SystemDrive%) -> Disque fixe # 98 Go (32 Go libre(s) - 32%) [] # NTFS
D:\ -> Disque fixe # 466 Go (206 Go libre(s) - 44%) [Nouveau nom] # NTFS
E:\ -> Disque fixe # 368 Go (137 Go libre(s) - 37%) [] # NTFS
G:\ -> Disque amovible # 4 Go (4 Go libre(s) - 100%) [] # FAT32

[b]################## | Autorun |[/b]

G:\Microsoft Excel.lnk -> G:\notepad.vbe
G:\2.lnk -> G:\notepad.vbe

[b]################## | Startup |[/b]

F2 - HKLM\..\Winlogon : [Shell] Explorer.exe
F2 - HKLM\..\Winlogon : [Userinit] C:\Windows\system32\Userinit.exe,
04 - HKCU\..\Run : [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
04 - HKCU\..\Run : [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
04 - HKCU\..\Run : [Facebook Update] "C:\Users\bilel\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
04 - HKCU\..\Run : [WebcamMaxAutoRun] "C:\Program Files\WebcamMax\wcmmon.exe" -a
04 - HKCU\..\Run : [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
04 - HKCU\..\Run : [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
04 - HKCU\..\Run : [IDMan] C:\Users\bilel\Downloads\Compressed\IDMan 6.21 build 11 crack_2\IDMan.exe /onboot
04 - HKCU\..\Run : [14F7AC58872E2E876673AC92B04A461C10DE736B._service_run] "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=service
04 - HKCU\..\Run : [Google Update] "C:\Users\bilel\AppData\Local\Google\Update\GoogleUpdate.exe" /c
04 - HKCU\..\Run : [notepad] wscript.exe //B "C:\Users\bilel\AppData\Roaming\notepad\\notepad.vbe"
04 - HKCU\..\Run : [Microsoft Excel] wscript.exe //B "C:\Users\bilel\AppData\Roaming\Microsoft Office\\Microsoft Excel.WsF"
04 - HKLM\..\Run : [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun
04 - HKLM\..\Run : [BrStsMon00] C:\Program Files\Browny02\Brother\BrStMonW.exe /AUTORUN
04 - HKLM\..\Run : [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
04 - HKLM\..\Run : [IgfxTray] C:\Windows\system32\igfxtray.exe
04 - HKLM\..\Run : [HotKeysCmds] C:\Windows\system32\hkcmd.exe
04 - HKLM\..\Run : [Persistence] C:\Windows\system32\igfxpers.exe
04 - HKLM\..\Run : [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
04 - HKLM\..\Run : [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
04 - HKLM\..\Run : [AdobeCS6ServiceManager] "C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
04 - HKLM\..\Run : [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE -startup
04 - HKLM\..\Run : [Wondershare Helper Compact.exe] C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
04 - HKLM\..\Run : [UIExec] "C:\Program Files\Dim@Net\UIExec.exe"
04 - HKLM\..\Run : [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
04 - HKLM\..\Run : [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe
04 - HKLM\..\Run : [notepad] wscript.exe //B "C:\Users\bilel\AppData\Roaming\notepad\\notepad.vbe"
04 - HKLM\..\Run : [Microsoft Excel] wscript.exe //B "C:\Users\bilel\AppData\Roaming\Microsoft Office\\Microsoft Excel.WsF"
04 - HKLM\..\Run : [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
04 - HKLM\..\RunOnce : [20150107] C:\Program Files\AVAST Software\Avast\setup\emupdate\40124df2-0547-415d-9e95-f3a5e93728f0.exe /check
04 - HKU\S-1-5-19\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-20\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-21-3582813310-3150529009-4127432832-1000\..\Run : [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
04 - HKU\S-1-5-21-3582813310-3150529009-4127432832-1000\..\Run : [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
04 - HKU\S-1-5-21-3582813310-3150529009-4127432832-1000\..\Run : [Facebook Update] "C:\Users\bilel\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
04 - HKU\S-1-5-21-3582813310-3150529009-4127432832-1000\..\Run : [WebcamMaxAutoRun] "C:\Program Files\WebcamMax\wcmmon.exe" -a
04 - HKU\S-1-5-21-3582813310-3150529009-4127432832-1000\..\Run : [AdobeBridge]
04 - HKU\S-1-5-21-3582813310-3150529009-4127432832-1000\..\Run : [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
04 - HKU\S-1-5-21-3582813310-3150529009-4127432832-1000\..\Run : [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
04 - HKU\S-1-5-21-3582813310-3150529009-4127432832-1000\..\Run : [IDMan] C:\Users\bilel\Downloads\Compressed\IDMan 6.21 build 11 crack_2\IDMan.exe /onboot
04 - HKU\S-1-5-21-3582813310-3150529009-4127432832-1000\..\Run : [14F7AC58872E2E876673AC92B04A461C10DE736B._service_run] "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=service
04 - HKU\S-1-5-21-3582813310-3150529009-4127432832-1000\..\Run : [Google Update] "C:\Users\bilel\AppData\Local\Google\Update\GoogleUpdate.exe" /c
04 - HKU\S-1-5-21-3582813310-3150529009-4127432832-1000\..\Run : [notepad] wscript.exe //B "C:\Users\bilel\AppData\Roaming\notepad\\notepad.vbe"
04 - HKU\S-1-5-21-3582813310-3150529009-4127432832-1000\..\Run : [Microsoft Excel] wscript.exe //B "C:\Users\bilel\AppData\Roaming\Microsoft Office\\Microsoft Excel.WsF"
04 - HKU\S-1-5-19\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-20\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
04GS - notepad.lnk :
04GS - McAfee Security Scan Plus.lnk :
04GS - Ralink Wireless Utility.lnk : -s
04GS - rvlkl.lnk : /b
04GS - Sharp Button Manager AA.lnk :

[b]################## | Recherche g�n�rique |[/b]

Pr�sent! C:\Users\bilel\AppData\Roaming\Microsoft Office\Microsoft Excel.WsF
Pr�sent! C:\Users\bilel\AppData\Roaming\notepad\notepad.vbe
Pr�sent! C:\Users\bilel\AppData\Roaming\notepad\sd.wsf
Pr�sent! G:\notepad.vbe
Pr�sent! G:\Microsoft Excel.lnk
Pr�sent! G:\2.lnk
Pr�sent! G:\notepad.lnk
Pr�sent! C:\Users\bilel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\notepad.lnk
Pr�sent! G:\Microsoft Excel.WsF
Pr�sent! C:\kernel\lpt1
Pr�sent! C:\kernel
Pr�sent! C:\Users\bilel\AppData\Local\Temp\afolder
Pr�sent! C:\Users\bilel\AppData\Local\Temp\ztmp\tmp18427.exe
Pr�sent! C:\Users\bilel\AppData\Local\Temp\ztmp\tmp38797.bat
Pr�sent! C:\Users\bilel\AppData\Local\Temp\ztmp\tmp41717.bat
Pr�sent! C:\Users\bilel\AppData\Local\Temp\ztmp\tmp51387.exe
Pr�sent! C:\Users\bilel\AppData\Local\Temp\ztmp\tmp91987.bat
Pr�sent! C:\Users\bilel\AppData\Local\Temp\ztmp\tmp92987.exe
Pr�sent! C:\Users\bilel\AppData\Local\Temp\ztmp
Pr�sent! C:\Users\bilel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BE52N18T\unzmfm[1].wsf

[b]################## | Registre |[/b]

Pr�sent! HKCU\Software\OneKit
Pr�sent! HKU\S-1-5-21-3582813310-3150529009-4127432832-1000\Software\OneKit
Pr�sent! HKLM\Software\Microsoft\Windows\CurrentVersion\Run|Microsoft Excel
Pr�sent! HKCU\Software\Microsoft\Windows\CurrentVersion\Run|Microsoft Excel
Pr�sent! HKU\S-1-5-21-3582813310-3150529009-4127432832-1000\Software\Microsoft\Windows\CurrentVersion\Run|Microsoft Excel
Pr�sent! HKLM\Software\Microsoft\Windows\CurrentVersion\Run|notepad
Pr�sent! HKCU\Software\Microsoft\Windows\CurrentVersion\Run|notepad
Pr�sent! HKU\S-1-5-21-3582813310-3150529009-4127432832-1000\Software\Microsoft\Windows\CurrentVersion\Run|notepad

[b]################## | UsbFix - Information |[/b]

Info : [url=https://www.youtube.com/watch?v=vUZYYASd7FE]Comment supprimer l'infection des raccourcis sur USB ? (Video)[/url]
Info : [url=http://www.usbfix.net/2014/10/supprimer-virus-raccourcis-usb/]L'infection des raccourcis USB, c'est quoi ?[/url]
D�tection en Live : [url=http://comment-supprimer.fr/]http://comment-supprimer.fr/[/url]

[b]################## | Attrib - Restore |[/b]


[b]################## | E.O.F | [url=http://www.sosvirus.net/]http://www.sosvirus.net/[/url] | [url=http://www.usbfix.net/]http://www.usbfix.net/[/url] |[/b]

Publicité


Signaler le contenu de ce document

Publicité