Répondre à : Clé USB infectée 2016-09-08T12:59:50+00:00
Hiboo444
Post count: 0

Merci beaucoup!!!!

Voici le rapport, désolée pr le tps d’attente..[spoiler:1nob8eng]############################## | UsbFix V 7.127 | [Suppression]

Utilisateur: Chloé (Administrateur) # PC-DE-CHLOÉ
Mis à jour le 05/06/2013 par El Desaparecido
Lancé à 11:42:45 | 09/06/2013

Site Web: http://sosvirus.org/” onclick=”window.open(this.href);return false;
Upload Malware: http://upload.sosvirus.org/” onclick=”window.open(this.href);return false;
Contact: contact@sosvirus.org

PC: Sony Corporation (VGN-NS11M_S) (X86-based PC)
CPU: Intel(R) Core(TM)2 Duo CPU T5800 @ 2.00GHz (2000)
RAM -> [Total : 2938 | Free : 1458]
BIOS: BIOS Date: 05/09/08 11:12:06 Ver: 08.00.10
BOOT: Normal boot

OS: Microsoft® Windows Vista™ Édition Familiale Premium (6.0.6001 32-Bit) # Service Pack 1
WB: Windows Internet Explorer 7.0.6001.18000

SC: Security Center Service [Enabled]
WU: Windows Update Service [Enabled]
AV: Protection antivirus et antispyware McAfee [(!) Disabled | Updated]
FW: Windows FireWall Service [(!) Disabled]

C: (%systemdrive%) -> Disque fixe # 225 Go (128 Go libre(s) – 57%) [] # NTFS
F: -> CD-ROM
G: -> Disque amovible # 30 Go (5 Go libre(s) – 15%) [KINGSTON] # FAT32

################## | El Desaparecido Section |

HKLMSOFTWARE | Run : [RtHDVCpl] – RtHDVCpl.exe
HKLMSOFTWARE | Run : [SynTPEnh] – C:Program FilesSynapticsSynTPSynTPEnh.exe
HKLMSOFTWARE | Run : [ISBMgr.exe] – “C:Program FilesSonyISB UtilityISBMgr.exe”
HKLMSOFTWARE | Run : [mcui_exe] – “C:Program FilesMcAfee.comAgentmcagent.exe” /runkey
HKLMSOFTWARE | Run : [APSDaemon] – “C:Program FilesCommon FilesAppleApple Application SupportAPSDaemon.exe”
HKLMSOFTWARE | Run : [iTunesHelper] – “C:Program FilesiTunesiTunesHelper.exe”
HKLMSOFTWARE | RunOnce : [] –
HKUS-1-5-19SOFTWARE | Run : [Sidebar] – %ProgramFiles%Windows SidebarSidebar.exe /detectMem
HKUS-1-5-19SOFTWARE | Run : [WindowsWelcomeCenter] – rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKUS-1-5-20SOFTWARE | Run : [Sidebar] – %ProgramFiles%Windows SidebarSidebar.exe /detectMem
HKUS-1-5-20SOFTWARE | Run : [WindowsWelcomeCenter] – rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKUS-1-5-21-2937867324-1874406865-260594779-1003SOFTWARE | Run : [swg] – “C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe”
HKUS-1-5-21-2937867324-1874406865-260594779-1003SOFTWARE | Run : [ehTray.exe] – C:WindowsehomeehTray.exe

################## | Processus Stoppés |

Stoppé! C:Windowssystem32SLsvc.exe (1476)
Stoppé! C:WindowsRtkAudioService.exe (1632)
Stoppé! C:WindowsExplorer.EXE (1860)
Stoppé! C:WindowsSystem32spoolsv.exe (412)
Stoppé! C:Windowssystem32WLANExt.exe (500)
Stoppé! C:Windowssystem32taskeng.exe (588)
Stoppé! C:Windowssystem32taskeng.exe (736)
Stoppé! C:Program FilesCommon FilesAppleMobile Device SupportAppleMobileDeviceService.exe (928)
Stoppé! C:Program FilesMicrosoft Small BusinessBusiness Contact ManagerBcmSqlStartupSvc.exe (924)
Stoppé! C:Program FilesBonjourmDNSResponder.exe (1572)
Stoppé! C:Program FilesIntelWiFibinEvtEng.exe (1948)
Stoppé! c:Program FilesCommon FilesInterVideoRegMgriviRegMgr.exe (808)
Stoppé! C:Program FilesCommon FilesMcafeeMcSvcHostMcSvHost.exe (804)
Stoppé! C:Windowssystem32mfevtps.exe (1236)
Stoppé! C:Program FilesTP-LINKTP-LINK Wireless Client UtilityRtlService.exe (2144)
Stoppé! C:Program FilesCommon FilesIntelWirelessCommonRegSrvc.exe (2224)
Stoppé! C:Program FilesTP-LINKTP-LINK Wireless Client UtilityRtWlan.exe (2272)
Stoppé! C:Program FilesMicrosoftSearch Enhancement PackSeaPortSeaPort.exe (2284)
Stoppé! c:Program FilesMicrosoft SQL Server90Sharedsqlbrowser.exe (2360)
Stoppé! c:Program FilesMicrosoft SQL Server90Sharedsqlwriter.exe (2376)
Stoppé! C:Windowssystem32rundll32.exe (2396)
Stoppé! C:Program FilesSonyVAIO Event ServiceVESMgr.exe (2512)
Stoppé! C:Program FilesSonyVAIO Power ManagementSPMService.exe (2556)
Stoppé! C:Windowssystem32DllHost.exe (2644)
Stoppé! C:Program FilesCommon FilesSony SharedVAIO Content Folder WatcherVCFw.exe (2704)
Stoppé! C:Program FilesCommon FilesSony SharedVAIO Entertainment PlatformVzCdbVzCdbSvc.exe (2732)
Stoppé! C:Windowssystem32SearchIndexer.exe (2808)
Stoppé! C:Windowssystem32DRIVERSxaudio.exe (2896)
Stoppé! C:Program FilesCommon FilesMcAfeeSystemCoremcshield.exe (2948)
Stoppé! C:Program FilesCommon FilesMcAfeeSystemCoremfefire.exe (3000)
Stoppé! C:Program FilesSonyVAIO Event ServiceVESMgrSub.exe (3204)
Stoppé! C:Windowssystem32DllHost.exe (3300)
Stoppé! C:Windowssystem32igfxext.exe (3412)
Stoppé! C:Windowssystem32igfxsrvc.exe (3452)
Stoppé! C:Windowssystem32WUDFHost.exe (3696)
Stoppé! C:Program FilesCommon FilesSony SharedVAIO Entertainment PlatformVCSWVCSW.exe (3748)
Stoppé! C:Program FilesSonyVAIO Power ManagementSPMgr.exe (3840)
Stoppé! C:Program FilesSynapticsSynTPSynTPEnh.exe (4052)
Stoppé! C:Program FilesSonyISB UtilityISBMgr.exe (4084)
Stoppé! C:Program FilesMcAfee.comAgentmcagent.exe (2332)
Stoppé! C:Program FilesiTunesiTunesHelper.exe (2508)
Stoppé! C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe (3068)
Stoppé! C:Windowsehomeehtray.exe (3200)
Stoppé! C:Program FilesWinZipWZQKPICK.EXE (3308)
Stoppé! C:UsersChloéAppDataRoamingDropboxbinDropbox.exe (3692)
Stoppé! C:Windowsehomeehmsas.exe (1420)
Stoppé! C:Program FilesiPodbiniPodService.exe (5008)
Stoppé! C:Program FilesWindows Media Playerwmpnetwk.exe (2660)
Stoppé! C:Program FilesMcAfeeVirusScanmcods.exe (4620)
Stoppé! C:Program FilesGoogleChromeApplicationchrome.exe (304)
Stoppé! C:Program FilesGoogleChromeApplicationchrome.exe (5204)
Stoppé! C:Program FilesGoogleChromeApplicationchrome.exe (3532)
Stoppé! C:Program FilesGoogleChromeApplicationchrome.exe (4312)
Stoppé! C:Program FilesGoogleChromeApplicationchrome.exe (4304)
Stoppé! c:PROGRA~1mcafeeSITEAD~1saui.exe (240)
Stoppé! C:Program FilesOpenOffice.org 3programswriter.exe (5284)
Stoppé! C:Program FilesOpenOffice.org 3programsoffice.exe (812)
Stoppé! C:Program FilesOpenOffice.org 3programsoffice.bin (5860)

################## | Éléments infectieux |

Supprimé! G:KINGSTON (30GB).lnk
Supprimé! G:_WNMAVWAONOR.nil
Supprimé! G:autorun.inf
Supprimé! G:desktop.ini
Supprimé! G:Thumbs.db

(!) Fichiers temporaires supprimés.

################## | Registre |

Supprimé! HKLMSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem|DisableRegistryTools
Supprimé! HKLMSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem|DisableTaskMgr

################## | Mountpoints2 |

Supprimé! HKCU….ExplorerMountPoints2{22f2e070-ee09-11de-8e5f-00215dd92f46}
Supprimé! HKCU….ExplorerMountPoints2{33f57fbb-ce69-11de-91a4-001dba8d2566}
Supprimé! HKCU….ExplorerMountPoints2{3ea771b3-7950-11e0-bec9-001dba8d2566}
Supprimé! HKCU….ExplorerMountPoints2{6c3dbb87-3d76-11df-8bb4-001dba8d2566}
Supprimé! HKCU….ExplorerMountPoints2{85442bc6-ec85-11de-b6fb-00215dd92f46}
Supprimé! HKCU….ExplorerMountPoints2{85442be1-ec85-11de-b6fb-001dba8d2566}
Supprimé! HKCU….ExplorerMountPoints2{85442be5-ec85-11de-b6fb-001dba8d2566}
Supprimé! HKCU….ExplorerMountPoints2{b0e74811-2162-11de-9fe7-a322d53d260e}
Supprimé! HKCU….ExplorerMountPoints2{dd03f134-26a8-11df-a5aa-001dba8d2566}

################## | Listing |

[09/05/2011 – 14:49:38 | SHD ] C:$Recycle.Bin
[18/09/2006 – 23:43:36 | N | 24] C:autoexec.bat
[09/07/2008 – 22:24:02 | SHD ] C:Boot
[21/01/2008 – 04:24:42 | RASH | 333203] C:bootmgr
[09/07/2008 – 22:24:03 | N | 8192] C:BOOTSECT.BAK
[18/09/2006 – 23:43:37 | N | 10] C:config.sys
[28/01/2009 – 16:11:05 | D ] C:Documentation
[02/11/2006 – 15:02:03 | SHD ] C:Documents and Settings
[09/06/2013 – 09:49:04 | ASH | 3081801728] C:hiberfil.sys
[28/01/2009 – 15:47:45 | N | 187] C:Installer_Setup.log
[09/07/2008 – 14:09:19 | D ] C:Intel
[07/06/2013 – 16:01:45 | D ] C:MSI
[28/01/2009 – 15:37:31 | RHD ] C:MSOCache
[09/06/2013 – 09:49:02 | ASH | 3395616768] C:pagefile.sys
[21/01/2008 – 04:32:31 | D ] C:PerfLogs
[28/05/2013 – 20:48:44 | D ] C:Program Files
[10/05/2013 – 15:52:11 | HD ] C:ProgramData
[10/05/2013 – 15:50:16 | SHD ] C:System Volume Information
[09/06/2013 – 11:57:35 | D ] C:UsbFix
[09/06/2013 – 11:58:19 | A | 8377] C:UsbFix [Clean 2] PC-DE-CHLOÉ.txt
[09/06/2013 – 10:49:58 | N | 9106] C:UsbFix [Scan 2] PC-DE-CHLOÉ.txt
[28/01/2009 – 18:04:18 | D ] C:Users
[28/01/2009 – 16:11:45 | N | 390348] C:vcredist_x86.log
[16/05/2013 – 14:15:42 | D ] C:Windows
[20/01/2011 – 16:25:05 | N | 1478] C:WirelessDiagLog.csv
[12/05/2012 – 20:41:18 | N | 137750] G:New actors in global governance Ryngaert.pdf
[12/05/2012 – 20:18:58 | N | 244189] G:Michele Olivier Accomodating non state actors Within Int Law.pdf
[04/06/2013 – 11:43:56 | D ] G: 
[12/05/2012 – 20:25:50 | N | 217506] G:Unique non state status ICRC.pdf

################## | Vaccin |

C:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
G:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)

################## | E.O.F | https://www.usb-antivirus.com/fr/ |[/spoiler:1nob8eng]