Vous pensez être infecté, des pubs s'affichent quand vous naviguez sur internet ?
Perte de données, ralentissement système, virus USB ?
Désinfectez votre ordinateur gratuitement !
  • Avatar du membre
Avatar du membre
par Kamy
#13408
############################## | UsbFix V 7.145 | [Deletion]

User: Mess (Administrator) # TABLETTE
Updated 17/10/2013 by El Desaparecido - Team SosVirus
Started at 14:37:15 | 29/10/2013

Website: https://www.usbfix.net/
Forum : https://www.sosvirus.net/
Upload Malware: https://www.sosvirus.net/upload_malware.php
Contact: https://www.usbfix.net/contact/

PC: Dell Inc. (Inspiron 1090)
CPU: Intel(R) Atom(TM) CPU N550 @ 1.50GHz
RAM -> [Total : 2036 | Free : 1299]
Bios: Dell Inc.
Boot: Normal boot

OS: Microsoft Windows 8 Professionnel (6.2.9200 32-Bit) #
WB: Windows Internet Explorer 10.0.9200.16721

SC: Security Center Service [Enabled]
WU: Windows Update Service [(!) Disabled]
AV: Windows Defender [Enabled | Updated]
FW: Windows FireWall Service [Enabled]

C:\ -> Fixed drive # 25 Gb (347 Mb free - 1%) [DATAS 2] # NTFS
D:\ (%systemdrive%) -> Fixed drive # 98 Gb (2 Mb free - 2%) [OS] # NTFS
F:\ -> Fixed drive # 162 Gb (2 Mb free - 2%) [DATAS] # NTFS
G:\ -> Fixed drive # 14 Gb (2 Mb free - 18%) [Recovery] # NTFS

################## | Regedit Run |

HKLM\SOFTWARE | Run : [PWRISOVM.EXE] - D:\Program Files\PowerISO\PWRISOVM.EXE
HKLM\SOFTWARE | Run : [Adobe Reader Speed Launcher] - "D:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
HKLM\SOFTWARE | Run : [Adobe ARM] - "D:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
HKLM\SOFTWARE | Run : [SunJavaUpdateSched] - "D:\Program Files\Common Files\Java\Java Update\jusched.exe"
HKLM\SOFTWARE | RunOnce : [] -
HKU\S-1-5-21-3559574157-1178214688-1171325909-1002\SOFTWARE | Run : [IDMan] - D:\Program Files\Internet Download Manager\IDMan.exe /onboot
HKU\S-1-5-21-3559574157-1178214688-1171325909-1002\SOFTWARE | Run : [Google Update] - "D:\Users\Mess\AppData\Local\Google\Update\GoogleUpdate.exe" /c
HKU\S-1-5-21-3559574157-1178214688-1171325909-1002\SOFTWARE | Run : [Skype] - "D:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
HKU\S-1-5-21-3559574157-1178214688-1171325909-1002\SOFTWARE | Run : [xGyreppr] - wscript.exe //B "D:\Users\Mess\AppData\Local\Temp\xGyreppr.vbs"

################## | Stopped processes |

Stopped! D:\Windows\System32\spoolsv.exe (ID 1564 |ParentID 688)
Stopped! D:\Windows\system32\AdminService.exe (ID 1780 |ParentID 688)
Stopped! D:\Windows\system32\dashost.exe (ID 1916 |ParentID 1072)
Stopped! D:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe (ID 424 |ParentID 688)
Stopped! D:\Program Files\Windows Defender\MsMpEng.exe (ID 592 |ParentID 688)
Stopped! D:\Windows\System32\WUDFHost.exe (ID 2212 |ParentID 1072)
Stopped! D:\Windows\system32\SearchIndexer.exe (ID 3864 |ParentID 688)
Stopped! D:\Program Files\Windows Media Player\wmpnetwk.exe (ID 4176 |ParentID 688)
Stopped! D:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (ID 4968 |ParentID 688)
Stopped! D:\Windows\system32\taskhost.exe (ID 3168 |ParentID 688)
Stopped! D:\Windows\System32\LogonUI.exe (ID 1128 |ParentID 2840)
Stopped! D:\Windows\System32\LogonUI.exe (ID 2416 |ParentID 900)
Stopped! D:\Windows\System32\LogonUI.exe (ID 6400 |ParentID 8120)
Stopped! D:\Windows\system32\taskhostex.exe (ID 3348 |ParentID 688)
Stopped! D:\Windows\system32\taskhost.exe (ID 6308 |ParentID 688)
Stopped! D:\Program Files\TeamViewer\Version8\TeamViewer.exe (ID 3724 |ParentID 424)
Stopped! D:\Windows\Explorer.EXE (ID 3892 |ParentID 3128)
Stopped! D:\Program Files\TeamViewer\Version8\tv_w32.exe (ID 1608 |ParentID 424)
Stopped! D:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4406.1205_x86__8wekyb3d8bbwe\LiveComm.exe (ID 572 |ParentID 804)
Stopped! D:\Program Files\Common Files\microsoft shared\ink\TabTip.exe (ID 5600 |ParentID 1072)
Stopped! D:\Windows\System32\RuntimeBroker.exe (ID 6732 |ParentID 804)
Stopped! D:\Program Files\Common Files\Java\Java Update\jusched.exe (ID 7828 |ParentID 3892)
Stopped! D:\Program Files\Internet Download Manager\IDMan.exe (ID 1176 |ParentID 3892)
Stopped! D:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe (ID 1264 |ParentID 3892)
Stopped! D:\Program Files\Internet Download Manager\IEMonitor.exe (ID 6556 |ParentID 1176)
Stopped! D:\Windows\system32\wuauclt.exe (ID 4336 |ParentID 956)
Stopped! D:\Windows\System32\wscript.exe (ID 6700 |ParentID 5796)
Stopped! D:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (ID 7052 |ParentID 4284)
Stopped! D:\Windows\explorer.exe (ID 3176 |ParentID 804)
Stopped! D:\Program Files\Windows Defender\MpCmdRun.exe (ID 5968 |ParentID 5152)

################## | Files # Infected Folders |

Deleted ! D:\Users\Mess\AppData\Local\Temp\xGyreppr.vbs
Deleted ! D:\Users\Mess\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\xGyreppr.vbs

(!) Temporary files deleted.

################## | Registry |

Deleted ! HKU\S-1-5-21-3559574157-1178214688-1171325909-1002\Software\Microsoft\Windows\CurrentVersion\Run|xGyreppr
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{ee5e3e7d-bb41-11e2-afb5-485d60fc4247}

################## | Listing |

[25/01/2013 - 08:46:08 | SHD ] C:\$RECYCLE.BIN
[23/09/2013 - 22:46:51 | D ] C:\En attente
[09/07/2013 - 15:23:38 | N | 1502720] C:\FETE DE L'INDEPENDANCE 2011.ppt
[09/07/2013 - 15:23:38 | N | 1810432] C:\INDEPENDANCE 2012.ppt
[25/01/2013 - 08:36:13 | N | 0] C:\IO.SYS
[25/01/2013 - 08:36:13 | N | 0] C:\MSDOS.SYS
[24/01/2013 - 01:08:28 | SHD ] C:\System Volume Information
[23/01/2013 - 10:59:20 | SHD ] D:\$Recycle.Bin
[26/07/2012 - 06:52:25 | N | 24] D:\autoexec.bat
[20/01/2013 - 23:01:32 | N | 66707] D:\bdlog.txt
[31/01/2013 - 18:37:50 | SHD ] D:\Boot
[20/09/2012 - 06:27:51 | RASH | 398158] D:\bootmgr
[02/06/2012 - 14:30:55 | N | 1] D:\BOOTNXT
[23/01/2013 - 18:31:19 | RASH | 8192] D:\BOOTSECT.BAK
[26/07/2012 - 06:52:25 | N | 10] D:\config.sys
[24/08/2012 - 23:28:50 | D ] D:\dell
[26/07/2012 - 06:04:44 | SHD ] D:\Documents and Settings
[18/10/2013 - 08:49:31 | ASH | 1707802624] D:\hiberfil.sys
[24/03/2011 - 02:18:07 | D ] D:\Intel
[24/03/2011 - 02:16:23 | N | 0] D:\mini-agent.log
[24/03/2011 - 02:16:23 | N | 29] D:\mini-agent.txt
[24/03/2011 - 10:44:41 | D ] D:\MININT
[25/08/2012 - 21:55:09 | RHD ] D:\MSOCache
[18/10/2013 - 08:50:07 | ASH | 1073741824] D:\pagefile.sys
[26/07/2012 - 06:29:57 | D ] D:\PerfLogs
[25/10/2013 - 11:40:42 | D ] D:\Program Files
[20/08/2013 - 08:26:34 | HD ] D:\ProgramData
[25/01/2013 - 12:53:32 | SHD ] D:\Recovery
[14/11/2012 - 12:12:40 | D ] D:\SkyDriveTemp
[23/01/2013 - 12:58:47 | D ] D:\sources
[18/10/2013 - 08:50:07 | ASH | 268435456] D:\swapfile.sys
[29/10/2013 - 12:03:54 | SHD ] D:\System Volume Information
[24/08/2012 - 23:24:18 | D ] D:\tmp
[29/10/2013 - 14:40:34 | D ] D:\UsbFix
[29/10/2013 - 14:46:40 | A | 6771] D:\UsbFix [Clean 1] TABLETTE.txt
[15/04/2013 - 17:34:14 | RD ] D:\Users
[18/10/2013 - 20:03:40 | D ] D:\VIDEO_TS_DVD2
[18/10/2013 - 20:05:47 | D ] D:\VIDEO_TS_DVD3
[27/08/2012 - 11:07:40 | D ] D:\wamp
[11/09/2013 - 17:11:45 | D ] D:\Windows
[03/10/2012 - 10:23:05 | SHD ] F:\$RECYCLE.BIN
[30/01/2013 - 14:37:28 | D ] F:\Divers
[13/09/2013 - 11:52:54 | D ] F:\Documents
[14/10/2013 - 20:37:32 | D ] F:\Enseignements
[06/09/2012 - 11:18:18 | D ] F:\Facture Mess
[02/04/2013 - 00:43:36 | D ] F:\Formation Regis
[26/08/2012 - 11:21:17 | D ] F:\Images
[04/08/2013 - 12:27:37 | D ] F:\jo
[22/01/2013 - 16:00:33 | D ] F:\Labo Mess
[25/10/2012 - 10:32:23 | D ] F:\Labo sites
[04/02/2013 - 16:11:04 | D ] F:\Logiciels
[01/06/2013 - 15:18:34 | D ] F:\Lt Boleba
[12/10/2012 - 10:19:38 | D ] F:\lt soro
[27/05/2013 - 20:31:29 | D ] F:\Musique
[06/09/2013 - 09:51:57 | D ] F:\PS
[26/03/2013 - 11:18:58 | D ] F:\QNET
[06/09/2012 - 11:18:19 | D ] F:\Recu INP
[25/08/2012 - 10:08:28 | SHD ] F:\System Volume Information
[26/03/2013 - 11:18:58 | D ] F:\Videos
[03/10/2012 - 10:23:05 | SHD ] G:\$RECYCLE.BIN
[26/01/2013 - 10:33:21 | D ] G:\Dell
[24/03/2011 - 13:48:07 | N | 2] G:\Factory.log
[24/03/2011 - 10:43:33 | D ] G:\recovery
[24/03/2011 - 10:41:54 | N | 205] G:\ResSys.ini
[19/11/2012 - 08:55:25 | SHD ] G:\System Volume Information
[18/10/2013 - 20:10:22 | D ] G:\VIDEO_TS_DVD4
[18/10/2013 - 20:11:52 | D ] G:\VIDEO_TS_DVD5

################## | Vaccin |

C:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
D:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
F:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
G:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)

################## | E.O.F | https://www.usbfix.net - https://www.sosvirus.net |
Avatar du membre
par Kamy
#13420
Ok je le ferai ce soir même,
dernière question les infections que j avais peuvent se transmettre par réseau?
Si oui, je crois que je posterai très bientôt...
Avatar du membre
par Kamy
#13431
Merci je vais faire le tour pour voir et surement posté un autre sujet...
Dans ce cas je commence toujours par le rapport de USBfix???
PC bloqué sur une image

salut à vous peut-être tester avec u[…]

[RESOLU] Virus sur pc

Merci à vous pour l'aide :)

Mimisuitou N' installez pas de cracks sur votre […]

virus ou pas

Re, Démarrez en mode sans echec, et lance[…]