cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

[b]############################## | UsbFix V 7.945 | [Recherche][/b]

Utilisateur: ahmed (Administrateur) # AHMED-PC
Mis � jour le 29/05/2015 par El Desaparecido - SosVirus
Lanc� � 14:28:51 | 30/05/2015

Site Web : [url=http://www.usbfix.net/]http://www.usbfix.net/[/url]
Changelog : [url=http://www.usbfix.net/maj/]http://www.usbfix.net/maj/[/url]
Assistance : [url=http://www.sosvirus.net/forum-virus-securite.html]http://www.sosvirus.net/forum-virus-securite.html[/url]
D�tection en Live : [url=http://comment-supprimer.fr/]http://comment-supprimer.fr/[/url]
Contact : [url=http://www.usbfix.net/contact/]http://www.usbfix.net/contact/[/url]

[b]################## | System information |[/b]

MB: TOSHIBA (Portable PC)
CPU: Intel(R) Core(TM)2 Duo CPU T5800 @ 2.00GHz
GC: Famille de jeu de puces Express Mobile Intel(R) 45 (Microsoft Corporation - WDDM 1.1)
RAM -> [Total : 2940 Mo | Free : 1911 Mo]
Bios: INSYDE
Boot: Normal boot

OS: Microsoft� Windows 7 Professional (6.1.7601 32-Bit) Service Pack 1
WB: Internet Explorer : 11.00.9600.16428
WB: Mozilla Firefox : 38.0.1

[b]################## | Security Information |[/b]

AS: Windows Defender [Actif |A jour]
FW: Windows Firewall [Actif]
SC: Security Center [Actif]
WU: Windows Update [Actif]

[b]################## | Disk Information |[/b]

C:\ (%SystemDrive%) -> Disque fixe # 198 Go (153 Go libre(s) - 77%) [] # NTFS
D:\ -> Disque fixe # 100 Go (84 Go libre(s) - 84%) [] # NTFS
F:\ -> Disque amovible # 7 Go (0 Mo libre(s) - 0%) [LAGHNEJ] # FAT32

[b]################## | Autorun |[/b]

F:\autorun.lnk -> F:\tmp44F7.tmp.vbs
F:\Sweet Dreams (Goodnight Song).lnk -> F:\tmp44F7.tmp.vbs
F:\Twinkle Twinkle Little Star.lnk -> F:\tmp44F7.tmp.vbs
F:\uswyqm.lnk -> F:\tmp44F7.tmp.vbs
F:\trace_analyse.lnk -> F:\tmp44F7.tmp.vbs
F:\sebri karima.lnk -> F:\tmp44F7.tmp.vbs
F:\canada-ing.lnk -> F:\tmp44F7.tmp.vbs
F:\FileViewPro_2014.lnk -> F:\tmp44F7.tmp.vbs
F:\PP_TDC.lnk -> F:\tmp44F7.tmp.vbs
F:\Content Agreement.lnk -> F:\tmp44F7.tmp.vbs
F:\path_IGDv1_IGDv2.lnk -> F:\tmp44F7.tmp.vbs
F:\BBOX3_results_cdrouter_0102014_102A.lnk -> F:\tmp44F7.tmp.vbs
F:\server.lnk -> F:\tmp44F7.tmp.vbs
F:\FON_SagemCom_EAP-cert.lnk -> F:\tmp44F7.tmp.vbs
F:\BBOX_SofUnifi�.lnk -> F:\tmp44F7.tmp.vbs
F:\Doc_20141110_124218.lnk -> F:\tmp44F7.tmp.vbs
F:\TransferXL-nhmdgxryjsn.lnk -> F:\tmp44F7.tmp.vbs
F:\skernel.lnk -> F:\tmp44F7.tmp.vbs
F:\QTF_ahmed_laghnej(1).lnk -> F:\tmp44F7.tmp.vbs
F:\CV-slimane-hmidi(1)(2).lnk -> F:\tmp44F7.tmp.vbs
F:\Brochures Explicatives des Sports.lnk -> F:\tmp44F7.tmp.vbs
F:\Sport Explanatory Brochures.lnk -> F:\tmp44F7.tmp.vbs
F:\JBO.lnk -> F:\tmp44F7.tmp.vbs
F:\qualit�.lnk -> F:\tmp44F7.tmp.vbs
F:\certif_upnp.lnk -> F:\tmp44F7.tmp.vbs
F:\dhcpd.lnk -> F:\tmp44F7.tmp.vbs
F:\015 Plant Engineer.lnk -> F:\tmp44F7.tmp.vbs
F:\main2.lnk -> F:\tmp44F7.tmp.vbs
F:\bbox2_bridge_wifi.lnk -> F:\tmp44F7.tmp.vbs
F:\configure_acs.lnk -> F:\tmp44F7.tmp.vbs
F:\Wheels On The Bus - NEW VIDEO - Nursery Rhymes - HD Version.lnk -> F:\tmp44F7.tmp.vbs
F:\Little Snowflake - Super Simple Songs.lnk -> F:\tmp44F7.tmp.vbs
F:\20150512_PeriodicInformTime_Rescue.lnk -> F:\tmp44F7.tmp.vbs
F:\filtre_wireshar.lnk -> F:\tmp44F7.tmp.vbs
F:\pp.lnk -> F:\tmp44F7.tmp.vbs
F:\11358630_921439114579841_1114141187_n.lnk -> F:\tmp44F7.tmp.vbs
F:\11289573_921439097913176_1352161483_n.lnk -> F:\tmp44F7.tmp.vbs

[b]################## | Startup |[/b]

F2 - HKLM\..\Winlogon : [Shell] explorer.exe
F2 - HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe,
04 - HKCU\..\Run : [Facebook Update] "C:\Users\ahmed\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
04 - HKCU\..\Run : [iLivid] "C:\Users\ahmed\AppData\Local\iLivid\iLivid.exe" -autorun
04 - HKCU\..\Run : [NextLive] C:\Windows\system32\rundll32.exe "C:\Users\ahmed\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
04 - HKCU\..\Run : [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
04 - HKCU\..\Run : [tmp44F7] wscript.exe //B "C:\Users\ahmed\AppData\Local\Temp\tmp44F7.tmp.vbs"
04 - HKCU\..\Run : [apo5] C:\win\msn.exe
04 - HKCU\..\RunOnce : [FlashPlayerUpdate] C:\Windows\system32\Macromed\Flash\FlashUtil32_17_0_0_169_Plugin.exe -update plugin
04 - HKLM\..\Run : [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
04 - HKLM\..\Run : [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
04 - HKLM\..\Run : [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
04 - HKLM\..\Run : [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
04 - HKLM\..\Run : [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
04 - HKLM\..\Run : [HDMICtrlMan] C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe
04 - HKLM\..\Run : [VideoDownloadConverter Search Scope Monitor] "C:\PROGRA~1\VIDEOD~2\bar\1.bin\4zsrchmn.exe" /m=2 /w /h
04 - HKLM\..\Run : [VideoDownloadConverter_4z Browser Plugin Loader] C:\PROGRA~1\VIDEOD~2\bar\1.bin\4zbrmon.exe
04 - HKLM\..\Run : [mobilegeni daemon] C:\Program Files\Mobogenie\DaemonProcess.exe
04 - HKLM\..\Run : [YoutubeDownloader] C:\Program Files\OneStopSoft.com\Youtube Downloader\Youtube Downloader.exe /minimize
04 - HKU\S-1-5-19\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-20\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-21-2215556257-1647786502-870001207-1000\..\Run : [Facebook Update] "C:\Users\ahmed\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
04 - HKU\S-1-5-21-2215556257-1647786502-870001207-1000\..\Run : [iLivid] "C:\Users\ahmed\AppData\Local\iLivid\iLivid.exe" -autorun
04 - HKU\S-1-5-21-2215556257-1647786502-870001207-1000\..\Run : [NextLive] C:\Windows\system32\rundll32.exe "C:\Users\ahmed\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
04 - HKU\S-1-5-21-2215556257-1647786502-870001207-1000\..\Run : [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
04 - HKU\S-1-5-21-2215556257-1647786502-870001207-1000\..\Run : [tmp44F7] wscript.exe //B "C:\Users\ahmed\AppData\Local\Temp\tmp44F7.tmp.vbs"
04 - HKU\S-1-5-21-2215556257-1647786502-870001207-1000\..\Run : [apo5] C:\win\msn.exe
04 - HKU\S-1-5-19\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-20\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-21-2215556257-1647786502-870001207-1000\..\RunOnce : [FlashPlayerUpdate] C:\Windows\system32\Macromed\Flash\FlashUtil32_17_0_0_169_Plugin.exe -update plugin
04 - HKU\S-1-5-18\..\RunOnce : [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
04GS - Launcher.lnk : C:\Program Files\InternetEverywhere\InternetEverywhere_Launcher.exe

[b]################## | Recherche g�n�rique |[/b]

Pr�sent! C:\win\msn.exe
Pr�sent! C:\Users\ahmed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tmp44F7.tmp.vbs
Pr�sent! C:\Users\ahmed\AppData\Local\Temp\tmp44F7.tmp.vbs

[b]################## | Registre |[/b]

Pr�sent! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe
Pr�sent! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe
Pr�sent! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe
Pr�sent! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsemngr.exe
Pr�sent! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe
Pr�sent! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsermngr.exe
Pr�sent! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe
Pr�sent! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe
Pr�sent! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bundlesweetimsetup.exe
Pr�sent! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cltmngsvc.exe
Pr�sent! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta babylon.exe
Pr�sent! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta tb.exe
Pr�sent! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta2.exe
Pr�sent! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltainstaller.exe
Pr�sent! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltasetup.exe
Pr�sent! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltatb.exe
Pr�sent! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltatb_2501-c733154b.exe
Pr�sent! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\iminentsetup.exe
Pr�sent! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe
Pr�sent! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rjatydimofu.exe
Pr�sent! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe
Pr�sent! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe
Pr�sent! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe
Pr�sent! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe
Pr�sent! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sweetimsetup.exe
Pr�sent! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tbdelta.exetoolbar783881609.exe
Pr�sent! HKCU\Software\Microsoft\Windows\CurrentVersion\Run|tmp44F7
Pr�sent! HKU\S-1-5-21-2215556257-1647786502-870001207-1000\Software\Microsoft\Windows\CurrentVersion\Run|tmp44F7
Pr�sent! HKU\S-1-5-21-2215556257-1647786502-870001207-1000\Software\Microsoft\Windows\CurrentVersion\Run|apo5
Pr�sent! HKCU\Software\Microsoft\Windows\CurrentVersion\Run|apo5

[b]################## | UsbFix - Information |[/b]

Info : [url=https://www.youtube.com/watch?v=vUZYYASd7FE]Comment supprimer l'infection des raccourcis sur USB ? (Video)[/url]
Info : [url=http://www.usbfix.net/2014/10/supprimer-virus-raccourcis-usb/]L'infection des raccourcis USB, c'est quoi ?[/url]
D�tection en Live : [url=http://comment-supprimer.fr/]http://comment-supprimer.fr/[/url]

[b]################## | Attrib - Restore |[/b]


[b]################## | E.O.F | [url=http://www.sosvirus.net/]http://www.sosvirus.net/[/url] | [url=http://www.usbfix.net/]http://www.usbfix.net/[/url] |[/b]

Publicité


Signaler le contenu de ce document

Publicité