Répondre à : usb fix 2016-09-08T13:02:24+00:00
kiki
Participant
Nombre d'articles : 11

Voici le rapport après la suppression.
Si j’ai compris, ma clé est vaccinée maintenant [spoiler:1est5kwe]############################## | UsbFix V 7.129 | [Suppression]

Utilisateur: Famille MOREAU (Administrateur) # FAMILLEMOREAU
Mis à jour le 24/06/2013 par El Desaparecido
Lancé à 18:01:43 | 31/07/2013

Site Web: https://www.sosvirus.net/” onclick=”window.open(this.href);return false;
Upload Malware: upload-malware-pour-analyse-t489.html
Contact: contact@sosvirus.net

PC: TOSHIBA (SATELLITE L750) (x64-based PC)
CPU: Intel(R) Core(TM) i3 CPU M 370 @ 2.40GHz (2399)
RAM -> [Total : 3894 | Free : 1678]
BIOS: InsydeH2O Version 2.30
BOOT: Normal boot

OS: Microsoft Windows 7 Édition Familiale Premium (6.1.7601 64-Bit) # Service Pack 1
WB: Windows Internet Explorer 10.0.9200.16635

SC: Security Center Service [Enabled]
WU: Windows Update Service [Enabled]
AV: Kaspersky Internet Security [Enabled | Updated]
FW: Windows FireWall Service [Enabled]

C: (%systemdrive%) -> Disque fixe # 297 Go (222 Go libre(s) – 75%) [WINDOWS] # NTFS
D: -> Disque fixe # 298 Go (74 Go libre(s) – 25%) [Data] # NTFS
E: -> CD-ROM

################## | El Desaparecido Section |

HKLMSOFTWARE | Run : [AVP] – “C:Program Files (x86)Kaspersky LabKaspersky Internet Security 2013avp.exe”
HKLMSOFTWARE | Run : [TSleepSrv] – %ProgramFiles(x86)%TOSHIBATOSHIBA Sleep UtilityTSleepSrv.exe
HKLMSOFTWARE | Run : [ToshibaServiceStation] – “C:Program Files (x86)TOSHIBATOSHIBA Service StationToshibaServiceStation.exe” /hide:60
HKLMSOFTWARE | Run : [Microsoft Default Manager] – “C:Program Files (x86)MicrosoftSearch Enhancement PackDefault ManagerDefMgr.exe” -resume
HKLMSOFTWARE | Run : [HP Software Update] – C:Program Files (x86)HPHP Software UpdateHPWuSchd2.exe
HKLMSOFTWARE | Run : [] –
HKLMSOFTWARE | Run : [NPSStartup] –
HKLMSOFTWARE | Run : [Boxore Client] – C:Program Files (x86)BoxoreBoxoreClientboxore.exe
HKLMSOFTWAREwow6432Node | Run : [AVP] – “C:Program Files (x86)Kaspersky LabKaspersky Internet Security 2013avp.exe”
HKLMSOFTWAREwow6432Node | Run : [TSleepSrv] – %ProgramFiles(x86)%TOSHIBATOSHIBA Sleep UtilityTSleepSrv.exe
HKLMSOFTWAREwow6432Node | Run : [ToshibaServiceStation] – “C:Program Files (x86)TOSHIBATOSHIBA Service StationToshibaServiceStation.exe” /hide:60
HKLMSOFTWAREwow6432Node | Run : [Microsoft Default Manager] – “C:Program Files (x86)MicrosoftSearch Enhancement PackDefault ManagerDefMgr.exe” -resume
HKLMSOFTWAREwow6432Node | Run : [HP Software Update] – C:Program Files (x86)HPHP Software UpdateHPWuSchd2.exe
HKLMSOFTWAREwow6432Node | Run : [] –
HKLMSOFTWAREwow6432Node | Run : [NPSStartup] –
HKLMSOFTWAREwow6432Node | Run : [Boxore Client] – C:Program Files (x86)BoxoreBoxoreClientboxore.exe
HKLMSOFTWARE | RunOnce : [] –
HKLMSOFTWAREwow6432Node | RunOnce : [] –
HKUS-1-5-19SOFTWARE | Run : [Sidebar] – %ProgramFiles%Windows SidebarSidebar.exe /autoRun
HKUS-1-5-19SOFTWARE | Run : [TOPI.EXE] – C:Program Files (x86)TOSHIBATOSHIBA Online Product Informationtopi.exe /STARTUP
HKUS-1-5-20SOFTWARE | Run : [Sidebar] – %ProgramFiles%Windows SidebarSidebar.exe /autoRun
HKUS-1-5-20SOFTWARE | Run : [TOPI.EXE] – C:Program Files (x86)TOSHIBATOSHIBA Online Product Informationtopi.exe /STARTUP
HKUS-1-5-21-3577049793-2904340903-794327574-1000SOFTWARE | Run : [TOPI.EXE] – C:Program Files (x86)TOSHIBATOSHIBA Online Product Informationtopi.exe /STAR
HKUS-1-5-21-3577049793-2904340903-794327574-1000SOFTWARE | Run : [swg] – “C:Program Files (x86)GoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe”
HKUS-1-5-18SOFTWARE | Run : [TOPI.EXE] – C:Program Files (x86)TOSHIBATOSHIBA Online Product Informationtopi.exe /STARTUP
HKUS-1-5-19SOFTWARE | RunOnce : [mctadmin] – C:WindowsSystem32mctadmin.exe
HKUS-1-5-20SOFTWARE | RunOnce : [mctadmin] – C:WindowsSystem32mctadmin.exe

################## | Processus Stoppés |

Stoppé! C:Windowssystem32taskeng.exe (1444)
Stoppé! C:WindowsSystem32spoolsv.exe (1472)
Stoppé! C:Program Files (x86)Common FilesAdobeARM1.0armsvc.exe (1628)
Stoppé! C:Program Files (x86)Common FilesAppleMobile Device SupportAppleMobileDeviceService.exe (1716)
Stoppé! C:Program Files (x86)Kaspersky LabKaspersky Internet Security 2013avp.exe (1752)
Stoppé! C:Program FilesBonjourmDNSResponder.exe (1804)
Stoppé! C:Program Files (x86)IntelIntel(R) Management Engine ComponentsLMSLMS.exe (1936)
Stoppé! C:Program Files (x86)MicrosoftSearch Enhancement PackSeaPortSeaPort.exe (1668)
Stoppé! C:Program Files (x86)Microsoft Application Virtualization Clientsftvsa.exe (2236)
Stoppé! C:ProgramDataSkypeToolbarsSkype C2C Servicec2c_service.exe (2256)
Stoppé! C:Windowssystem32TODDSrv.exe (2432)
Stoppé! C:Program FilesToshibaPower SaverTosCoSrv.exe (2468)
Stoppé! C:Program Files (x86)SoftwareUpdate1.2.201.0SoftwareCrashHandler.exe (2600)
Stoppé! C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSVC.EXE (2636)
Stoppé! C:Program Files (x86)Microsoft Application Virtualization Clientsftlist.exe (2700)
Stoppé! C:Program FilesTOSHIBATECOTecoService.exe (2804)
Stoppé! C:Program Files (x86)Common FilesMicrosoft SharedVirtualization HandlerCVHSVC.EXE (2676)
Stoppé! C:WindowsMicrosoft.NetFramework64v3.0WPFPresentationFontCache.exe (3236)
Stoppé! C:WindowsservicingTrustedInstaller.exe (3940)
Stoppé! C:Windowssystem32taskhost.exe (1964)
Stoppé! C:Program FilesToshibaTosVolRegulatorTosVolRegulator.exe (4492)
Stoppé! C:Program Files (x86)Toshiba TEMPROTemproTray.exe (4612)
Stoppé! C:WindowsSystem32igfxpers.exe (4636)
Stoppé! C:WindowsSystem32igfxtray.exe (4644)
Stoppé! C:WindowsSystem32hkcmd.exe (4668)
Stoppé! C:Program Files (x86)TOSHIBATOSHIBA Online Product InformationTOPI.exe (4684)
Stoppé! C:Program Files (x86)GoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe (4692)
Stoppé! C:Program Files (x86)Kaspersky LabKaspersky Internet Security 2013avp.exe (4848)
Stoppé! C:Program Files (x86)TOSHIBATOSHIBA Service StationToshibaServiceStation.exe (4900)
Stoppé! C:Windowssystem32SearchIndexer.exe (5080)
Stoppé! C:Windowssystem32taskeng.exe (5104)
Stoppé! C:Program Files (x86)HPHP Software Updatehpwuschd2.exe (3424)
Stoppé! C:Program Files (x86)BoxoreBoxoreClientboxore.exe (1140)
Stoppé! C:Program Files (x86)BoxoreBoxoreClientboxore.exe (4024)
Stoppé! C:Program Files (x86)TOSHIBAConfigFreeNDSTray.exe (2980)
Stoppé! C:Program FilesWindows Media Playerwmpnetwk.exe (4248)
Stoppé! C:Windowssystem32SearchProtocolHost.exe (4376)
Stoppé! C:Program Files (x86)Mozilla Firefoxfirefox.exe (4784)
Stoppé! C:Program Files (x86)TOSHIBAConfigFreeCFIWmxSvcs64.exe (4796)
Stoppé! C:WindowsMicrosoft.NETFrameworkv4.0.30319mscorsvw.exe (3400)
Stoppé! C:Windowssystem32DllHost.exe (3048)
Stoppé! C:WindowsMicrosoft.NETFramework64v4.0.30319mscorsvw.exe (4868)
Stoppé! C:Program Files (x86)TOSHIBATOSHIBA Service StationTMachInfo.exe (5180)
Stoppé! C:Program Files (x86)TOSHIBAConfigFreeCFSvcs.exe (5512)
Stoppé! c:Program Files (x86)NeroUpdateNASvc.exe (5676)
Stoppé! C:Windowssystem32sppsvc.exe (5844)
Stoppé! C:Program Files (x86)Mozilla Firefoxplugin-container.exe (5408)
Stoppé! C:WindowsSysWOW64MacromedFlashFlashPlayerPlugin_11_8_800_94.exe (5508)
Stoppé! C:WindowsSysWOW64MacromedFlashFlashPlayerPlugin_11_8_800_94.exe (5548)
Stoppé! C:Program Files (x86)IntelIntel(R) Management Engine ComponentsUNSUNS.exe (5208)
Stoppé! C:Program Files (x86)TOSHIBAConfigFreeCFSwMgr.exe (5952)
Stoppé! C:Program FilesTOSHIBATOSHIBA HDD SSD AlertTosSmartSrv.exe (5616)
Stoppé! C:Program FilesTOSHIBATOSHIBA HDD SSD AlertTosSENotify.exe (4316)

################## | Éléments infectieux |

Supprimé! C:UsersFAMILL~1AppDataLocalTempDrives.vbs

(!) Fichiers temporaires supprimés.

################## | Registre |

################## | Mountpoints2 |

################## | Listing |

[19/01/2012 – 20:00:54 | SHD ] C:$RECYCLE.BIN
[26/07/2013 – 09:46:31 | D ] C:Config.Msi
[14/07/2009 – 07:08:56 | SHD ] C:Documents and Settings
[31/07/2013 – 17:56:02 | ASH | 3062255616] C:hiberfil.sys
[15/10/2011 – 12:00:17 | D ] C:Intel
[20/06/2013 – 17:54:08 | RHD ] C:MSOCache
[31/07/2013 – 17:56:02 | ASH | 5557452800] C:pagefile.sys
[14/07/2009 – 05:20:08 | D ] C:PerfLogs
[28/06/2013 – 17:36:02 | D ] C:Program Files
[26/07/2013 – 21:37:05 | D ] C:Program Files (x86)
[26/07/2013 – 21:37:05 | HD ] C:ProgramData
[09/09/2011 – 12:04:25 | N | 70] C:SWSTAMP.TXT
[30/07/2013 – 21:23:15 | SHD ] C:System Volume Information
[06/04/2013 – 19:15:15 | D ] C:Temp
[23/03/2013 – 16:23:20 | D ] C:Toshiba
[31/07/2013 – 18:06:59 | D ] C:UsbFix
[31/07/2013 – 18:07:08 | A | 8825] C:UsbFix [Clean 1] FAMILLEMOREAU.txt
[31/07/2013 – 17:12:43 | N | 8603] C:UsbFix [Scan 2] FAMILLEMOREAU.txt
[13/01/2012 – 19:31:16 | D ] C:Users
[21/07/2013 – 18:42:27 | D ] C:Windows
[13/01/2012 – 19:42:51 | SHD ] D:$RECYCLE.BIN
[01/07/2013 – 20:10:56 | D ] D:FAMILLEMOREAU
[25/09/2011 – 18:51:12 | D ] D:HDDRecovery
[14/01/2012 – 17:46:00 | N | 528] D:MediaID.bin
[31/07/2013 – 17:56:03 | ASH | 4083007488] D:pagefile.sys
[25/09/2011 – 19:53:38 | N | 11] D:R16527SO.tag
[30/07/2013 – 21:23:15 | SHD ] D:System Volume Information
[14/01/2012 – 17:32:01 | D ] D:WindowsImageBackup

################## | Vaccin |

C:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
D:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)

################## | E.O.F | https://www.sosvirus.net” onclick=”window.open(this.href);return false; |[/spoiler:1est5kwe]