Bonjour Gabriel,
j'ai eu un petit souci au démarrage de Usb fix :
http://i83.servimg.com/u/f83/18/26/48/69/2013-013.png
après l'affichage de cette fenêtre, le programme s'est exécuter correctement. voici donc le rapport:
############################## | UsbFix V 7.124 | [Recherche]
Utilisateur: Mickael (Administrateur) # HPPAVILION
Mis à jour le 24/04/2013 par El Desaparecido
Lancé à 16:13:47 | 25/04/2013
Site Web:
http://sosvirus.org/
Upload Malware:
http://upload.sosvirus.org/
Contact:
contact@sosvirus.org
PC: HP-Pavilion (NF327AA-B14 m9553be) (x64-based PC)
CPU: Intel(R) Core(TM)2 Quad CPU Q8200 @ 2.33GHz (2333)
RAM - [Total : 8191 | Free : 5086]
BIOS: BIOS Date: 12/16/08 15:33:21 Ver: 5.35
BOOT: Normal boot
OS: Microsoft Windows 7 Édition Intégrale (6.1.7601 64-Bit) # Service Pack 1
WB: Windows Internet Explorer 10.0.9200.16540
SC: Security Center Service [Enabled]
WU: Windows Update Service [Enabled]
FW: Windows FireWall Service [Enabled]
C:\ (%systemdrive%) - Disque fixe # 931 Go (471 Go libre(s) - 51%) [] # NTFS
D:\ - CD-ROM
E:\ - CD-ROM
F:\ - CD-ROM
J:\ - Disque amovible # 31 Go (8 Go libre(s) - 24%) [WDO_Media64] # NTFS
K:\ - Disque fixe # 931 Go (377 Go libre(s) - 41%) [My Book] # NTFS
################## | Processus Actif |
C:\Windows\system32\csrss.exe (696)
C:\Windows\system32\csrss.exe (804)
C:\Windows\system32\wininit.exe (816)
C:\Windows\system32\winlogon.exe (856)
C:\Windows\system32\services.exe (924)
C:\Windows\system32\lsass.exe (936)
C:\Windows\system32\lsm.exe (948)
C:\Windows\system32\svchost.exe (564)
C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe (812)
C:\Windows\system32\nvvsvc.exe (1028)
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (1056)
C:\Windows\system32\svchost.exe (1104)
C:\Windows\System32\svchost.exe (1212)
C:\Windows\System32\svchost.exe (1248)
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe (1288)
C:\Windows\system32\svchost.exe (1328)
C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe (1376)
C:\Windows\system32\svchost.exe (1492)
C:\Windows\system32\svchost.exe (1528)
C:\Windows\system32\svchost.exe (1624)
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (1924)
C:\Windows\system32\nvvsvc.exe (1936)
C:\Windows\System32\spoolsv.exe (1668)
C:\Windows\system32\svchost.exe (1904)
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE (1608)
C:\Program Files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe (1280)
C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe (644)
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (1096)
C:\Windows\system32\taskeng.exe (1900)
C:\Program Files (x86)\Anti-Hacks Free\AntiHacksServiceFree.exe (1820)
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (2192)
C:\Program Files\Bonjour\mDNSResponder.exe (2288)
C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe (2348)
C:\Windows\system32\taskhost.exe (2460)
C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe (2564)
C:\Windows\system32\Dwm.exe (2612)
C:\Windows\Explorer.EXE (2676)
C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe (2760)
C:\Windows\SysWow64\WinFLService.exe (2844)
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (2572)
C:\Program Files (x86)\Skype\Phone\Skype.exe (2584)
C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe (2672)
C:\Users\Mickael\AppData\Local\Google\Chrome\Application\chrome.exe (2636)
C:\Program Files (x86)\Windows Sidebar\sidebar.exe (2748)
C:\Windows\SysWOW64\WinFLTray.exe (2888)
C:\Program Files (x86)\NewSoftware's\Folder Lock\FLComServCtrl.exe (3048)
C:\Program Files (x86)\NewSoftware's\Folder Lock\FLComServ.exe (3008)
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (2376)
C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTray.exe (3112)
C:\Windows\system32\taskeng.exe (3280)
c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe (3372)
c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe (3388)
C:\Users\Mickael\AppData\Local\Google\Chrome\Application\chrome.exe (3420)
C:\Windows\SysWOW64\svchost.exe (3548)
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe (3616)
C:\Users\Mickael\AppData\Local\Google\Chrome\Application\chrome.exe (3632)
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (3752)
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (3852)
C:\Users\Mickael\AppData\Local\Google\Chrome\Application\chrome.exe (3876)
C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware_main.exe (3900)
C:\Program Files (x86)\Emsisoft Anti-Malware\a2guard.exe (3912)
C:\Program Files (x86)\Cyberlink\YouCam\YouCamService.exe (3992)
C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (3196)
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (3264)
C:\Users\Mickael\AppData\Local\Google\Chrome\Application\chrome.exe (2916)
C:\Users\Mickael\AppData\Local\Google\Chrome\Application\chrome.exe (864)
C:\Users\Mickael\AppData\Local\Google\Chrome\Application\chrome.exe (3516)
C:\Users\Mickael\AppData\Local\Google\Chrome\Application\chrome.exe (3524)
C:\Users\Mickael\AppData\Local\Google\Chrome\Application\chrome.exe (3504)
C:\Users\Mickael\AppData\Local\Google\Chrome\Application\chrome.exe (3596)
C:\Users\Mickael\AppData\Local\Google\Chrome\Application\chrome.exe (3624)
C:\Windows\System32\svchost.exe (4200)
C:\Windows\System32\svchost.exe (4460)
C:\Windows\SysWOW64\PnkBstrA.exe (4564)
c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (4264)
c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe (4480)
C:\Windows\system32\svchost.exe (4784)
C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (5044)
C:\Windows\system32\svchost.exe (1804)
C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe (4376)
C:\Program Files (x86)\Online Armor\OAhlp.exe (4592)
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe (2448)
C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe (5016)
C:\Windows\System32\svchost.exe (2868)
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (3532)
C:\Windows\system32\SearchIndexer.exe (2280)
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (4836)
C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe (5468)
C:\Windows\system32\svchost.exe (3720)
C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe (5460)
C:\Windows\system32\svchost.exe (5696)
C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe (360)
C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe (5936)
C:\Windows\system32\svchost.exe (3028)
C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe (1788)
C:\Program Files (x86)\Nero\Update\NASvc.exe (5940)
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (3248)
C:\Users\Mickael\AppData\Local\Learnpulse\Screenpresso\Screenpresso.exe (5540)
C:\Users\Mickael\AppData\Local\Google\Chrome\Application\chrome.exe (6816)
C:\Users\Mickael\AppData\Local\Google\Chrome\Application\chrome.exe (6180)
C:\Users\Mickael\AppData\Local\Google\Chrome\Application\chrome.exe (6732)
C:\Program Files\Internet Explorer\iexplore.exe (6188)
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE (6860)
C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe (3464)
C:\Windows\system32\wbem\wmiprvse.exe (4716)
C:\UsbFix\Go.exe (6632)
################## | El Desaparecido Section |
HKLM\SOFTWARE | Run : [APSDaemon] - "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
HKLM\SOFTWARE | Run : [HOSTS Anti-Adware_PUPs] - C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware_main.exe
HKLM\SOFTWARE | Run : [emsisoft anti-malware] - "c:\program files (x86)\emsisoft anti-malware\a2guard.exe" /d=60
HKLM\SOFTWARE | Run : [BrowserPlugInHelper] - C:\Program Files (x86)\iSkysoft\Video Converter\BrowserPlugInHelper.exe
HKLM\SOFTWARE | Run : [YouCam Service] - "C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe" /s
HKLM\SOFTWARE\wow6432Node | Run : [APSDaemon] - "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
HKLM\SOFTWARE\wow6432Node | Run : [HOSTS Anti-Adware_PUPs] - C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware_main.exe
HKLM\SOFTWARE\wow6432Node | Run : [emsisoft anti-malware] - "c:\program files (x86)\emsisoft anti-malware\a2guard.exe" /d=60
HKLM\SOFTWARE\wow6432Node | Run : [BrowserPlugInHelper] - C:\Program Files (x86)\iSkysoft\Video Converter\BrowserPlugInHelper.exe
HKLM\SOFTWARE\wow6432Node | Run : [YouCam Service] - "C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe" /s
HKLM\SOFTWARE | RunOnce : [] -
HKLM\SOFTWARE\wow6432Node | RunOnce : [] -
HKU\S-1-5-21-1583312512-1998274192-2271669801-1000\SOFTWARE | Run : [swg] - "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
HKU\S-1-5-21-1583312512-1998274192-2271669801-1000\SOFTWARE | Run : [Skype] - "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
HKU\S-1-5-21-1583312512-1998274192-2271669801-1000\SOFTWARE | Run : [NokiaSuite.exe] - C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe -tray
HKU\S-1-5-21-1583312512-1998274192-2271669801-1000\SOFTWARE | Run : [GoogleChromeAutoLaunch_871F9A9D26B726733129130369C13544] - "C:\Users\Mickael\AppData\Local\Google\Chrome\Application\chrome.exe" --no-startup-window
HKU\S-1-5-21-1583312512-1998274192-2271669801-1000\SOFTWARE | Run : [Sidebar] - C:\Program Files (x86)\Windows Sidebar\sidebar.exe /autoRun
HKU\S-1-5-21-1583312512-1998274192-2271669801-1000\SOFTWARE | Run : [WinFLTray] - C:\Windows\SysWow64\WinFLTray.exe
HKU\S-1-5-21-1583312512-1998274192-2271669801-1000\SOFTWARE | Run : [FLBackup] - C:\Program Files (x86)\NewSoftware's\Folder Lock\FLComServCtrl.exe
HKU\S-1-5-21-1583312512-1998274192-2271669801-1000\SOFTWARE | Run : [AlcoholAutomount] - "C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" -automount
HKU\S-1-5-21-1583312512-1998274192-2271669801-1000\SOFTWARE | Run : [Zoner Photo Studio Autoupdate] - C:\PROGRAM FILES\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE
HKU\S-1-5-21-1583312512-1998274192-2271669801-1005\SOFTWARE | Run : [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-21-1583312512-1998274192-2271669801-1005\SOFTWARE | Run : [swg] - "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
HKU\S-1-5-21-1583312512-1998274192-2271669801-1005\SOFTWARE | Run : [OfficeSyncProcess] - "C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE"
HKU\S-1-5-21-1583312512-1998274192-2271669801-1005\SOFTWARE | RunOnce : [mctadmin] - C:\Windows\System32\mctadmin.exe
################## | Éléments infectieux |
Présent! J:\Rohos Mini Drive (Portable).exe
Présent! K:\.JxBrowser\prefs.js
Présent! C:\Program Files (x86)\GUMCF98.tmp
Présent! C:\Users\Mickael\AppData\Local\Temp\ubi2990.tmp.exe
Présent! F:\autorun.inf
Présent! J:\autorun.inf
################## | Registre |
Présent! HKCU\Software\VB and VBA Program Settings\INSTALL
################## | Mountpoints2 |
################## | Vaccin |
(!) Cet ordinateur n'est pas vacciné!
################## | E.O.F |
http://sosvirus.org |
à bientôt!
FLTL_BYEl Magnifico