Répondre à : Clé USB 2016-09-08T13:05:56+00:00
Anonyme
Post count: 0

les résultats :[spoiler:2ldz5q2k]############################## | UsbFix V 7.134 | [Recherche]

Utilisateur: Manu (Administrateur) # MANU-PORTABLE
Mis à jour le 06/09/2013 par El Desaparecido
Lancé à 13:48:03 | 14/09/2013

Site Web: https://www.sosvirus.net/” onclick=”window.open(this.href);return false;
Upload Malware: upload_malware.php
Contact: http://wwww.sosvirus.net/contact_eldesaparecido.php” onclick=”window.open(this.href);return false;

PC: ASUSTeK Computer Inc. (K53SD) (x64-based PC)
CPU: Intel(R) Core(TM) i3-2350M CPU @ 2.30GHz (2300)
RAM -> [Total : 5920 | Free : 3697]
BIOS: BIOS Date: 03/06/12 14:39:25 Ver: 04.06.03
BOOT: Normal boot

OS: Microsoft Windows 8 Professionnel (6.2.9200 64-Bit) #
WB: Windows Internet Explorer 10.0.9200.16688

SC: Security Center Service [Enabled]
WU: Windows Update Service [Enabled]
AV: Windows Defender [(!) Disabled | Updated]
FW: Windows FireWall Service [Enabled]

C: (%systemdrive%) -> Disque fixe # 238 Go (112 Go libre(s) – 47%) [OS] # NTFS
D: -> Disque fixe # 333 Go (83 Go libre(s) – 25%) [Travail] # NTFS
E: -> CD-ROM
F: -> Disque amovible # 29 Go (6 Go libre(s) – 20%) [30GO] # FAT32

################## | Processus Actif |

C:WINDOWSsystem32csrss.exe (548)
C:WINDOWSsystem32wininit.exe (624)
C:WINDOWSsystem32csrss.exe (640)
C:WINDOWSsystem32winlogon.exe (696)
C:WINDOWSsystem32services.exe (708)
C:WINDOWSsystem32lsass.exe (716)
C:WINDOWSsystem32svchost.exe (844)
C:Program Files (x86)NVIDIA Corporation3D VisionnvSCPAPISvr.exe (884)
C:WINDOWSsystem32svchost.exe (932)
C:WINDOWSSystem32svchost.exe (992)
C:WINDOWSsystem32svchost.exe (1020)
C:WINDOWSsystem32svchost.exe (388)
C:WINDOWSsystem32svchost.exe (416)
C:WINDOWSsystem32dwm.exe (536)
C:WINDOWSSystem32svchost.exe (1032)
C:WINDOWSsystem32svchost.exe (1196)
C:Windowssystem32FBAgent.exe (1272)
C:WINDOWSsystem32WLANExt.exe (1292)
C:WINDOWSsystem32conhost.exe (1300)
C:Program Files (x86)ASUSATK PackageATK HotkeyASLDRSrv.exe (1364)
C:Program Files (x86)ASUSATK PackageATKGFNEXGFNEXSrv.exe (1388)
C:WINDOWSSystem32spoolsv.exe (1456)
C:WINDOWSsystem32svchost.exe (1484)
C:WINDOWSsystem32svchost.exe (1504)
C:WINDOWSsystem32taskeng.exe (1632)
C:Program Files (x86)Common FilesAdobeARM1.0armsvc.exe (1792)
C:Program FilesIntelBluetoothHSBTHSAmpPalService.exe (1848)
C:Program Files (x86)ASUSInstantOn for NBInsOnSrv.exe (1880)
C:Program FilesIntelBluetoothHSBTHSSecurityMgr.exe (1912)
C:Program FilesIntelWiFibinEvtEng.exe (1992)
C:WINDOWSsystem32dashost.exe (2044)
C:Program Files (x86)Malwarebytes' Anti-Malwarembamscheduler.exe (1608)
C:Program Files (x86)Malwarebytes' Anti-Malwarembamservice.exe (2092)
C:Program Files (x86)Norton Internet SecurityEngine20.4.0.40ccSvcHst.exe (2124)
C:Program FilesNVIDIA CorporationNvStreamSrvnvstreamsvc.exe (2152)
C:WINDOWSsystem32rundll32.exe (2328)
C:Program Files (x86)NVIDIA CorporationNVIDIA Update Coredaemonu.exe (2336)
C:Program FilesCommon FilesIntelWirelessCommonRegSrvc.exe (2452)
C:Program Files (x86)Microsoft Application Virtualization Clientsftvsa.exe (2068)
C:WINDOWSsystem32svchost.exe (2988)
C:WINDOWSsystem32svchost.exe (3028)
C:Program Files (x86)Microsoft Application Virtualization Clientsftlist.exe (2016)
C:WINDOWSMicrosoft.NETFramework64v4.0.30319SMSvcHost.exe (2604)
C:Program Files (x86)Common FilesMicrosoft SharedVirtualization HandlerCVHSVC.EXE (3092)
C:WINDOWSsystem32svchost.exe (3512)
C:Program Files (x86)ASUSATK PackageATK HotkeyHControl.exe (4572)
C:Program Files (x86)ASUSInstantOn for NBInsOnWMI.exe (4060)
C:WINDOWSsystem32taskhostex.exe (3192)
C:Program Files (x86)Malwarebytes' Anti-Malwarembamgui.exe (5084)
C:WINDOWSExplorer.EXE (4420)
C:Program Files (x86)Norton Internet SecurityEngine20.4.0.40ccSvcHst.exe (4552)
C:Program FilesNVIDIA CorporationNvStreamSrvnvstreamsvc.exe (4492)
C:WINDOWSsystem32conhost.exe (4712)
C:WINDOWSsystem32taskeng.exe (4156)
C:Program Files (x86)UniblueSpeedUpMyPCsump.exe (4636)
C:Program Files (x86)UniblueSpeedUpMyPCspmonitor.exe (4220)
C:Program Files (x86)ASUSSplendidACMON.exe (4812)
C:WINDOWSsystem32SearchIndexer.exe (3468)
C:WINDOWSsystem32wbemunsecapp.exe (4724)
C:WINDOWSsystem32wbemwmiprvse.exe (4820)
C:WINDOWSsystem32wbemwmiprvse.exe (4144)
C:WindowsSysWOW64ACEngSvr.exe (5292)
C:Program Files (x86)ASUSATK PackageATK HotkeyKBFiltr.exe (5348)
C:WindowsAsScrPro.exe (5548)
C:Program Files (x86)CyberLinkPower2GoCLMLSvc.exe (5864)
C:Program FilesRealtekAudioHDARAVCpl64.exe (5664)
C:WINDOWSsysWOW64wbemwmiprvse.exe (5700)
C:Program FilesWindowsAppsmicrosoft.windowscommunicationsapps_16.4.4406.1205_x64__8wekyb3d8bbweLiveComm.exe (5712)
C:WindowsSystem32RuntimeBroker.exe (4612)
C:WindowsSystem32igfxtray.exe (1628)
C:WindowsSystem32hkcmd.exe (1144)
C:WindowsSystem32igfxpers.exe (1840)
C:Program FilesRealtekAudioHDARAVBg64.exe (5432)
C:Program FilesCommon FilesIntelWirelessCommoniFrmewrk.exe (3672)
C:Program Files (x86)NVIDIA CorporationNVIDIA Update CoreNvTmru.exe (3928)
C:Program Files (x86)SuperCopier2SuperCopier2.exe (3744)
C:Program Files (x86)SkypePhoneSkype.exe (3276)
C:UsersManuAppDataRoaminguTorrentuTorrent.exe (3968)
C:WindowsSystem32wscript.exe (1516)
C:Program FilesCCleanerCCleaner64.exe (3884)
C:Program Files (x86)Micro Application12 DICOS IndispensablesMediaDICO12.EXE (4788)
C:Program Files (x86)GoogleChromeApplicationchrome.exe (3932)
C:Program Files (x86)ASUSATK PackageATK HotkeyHControlUser.exe (3920)
C:WINDOWSsystem32wbemunsecapp.exe (3824)
C:Program Files (x86)DruideAntidote 7Programmes64AgentAntidote64.exe (5276)
C:Program Files (x86)Micro Application12 DICOS IndispensablesRac12.EXE (2864)
C:Program Files (x86)Common FilesJavaJava Updatejusched.exe (1612)
C:Program Files (x86)GoogleChromeApplicationchrome.exe (6816)
C:Program Files (x86)GoogleChromeApplicationchrome.exe (6788)
C:Program Files (x86)GoogleChromeApplicationchrome.exe (5824)
C:WINDOWSSystem32wsqmcons.exe (4124)
C:WindowsSystem32WUDFHost.exe (6464)
C:Program Files (x86)GoogleChromeApplicationchrome.exe (6172)
C:WINDOWSsystem32SearchProtocolHost.exe (5052)
C:WINDOWSsystem32SearchFilterHost.exe (3464)
C:WindowsSystem32SettingSyncHost.exe (6976)
C:Program Files (x86)IntelIntel(R) Management Engine ComponentsLMSLMS.exe (5480)
C:WINDOWSsysWow64SearchProtocolHost.exe (1212)
C:UsbFixGo.exe (5936)
C:Program Files (x86)IntelIntel(R) Management Engine ComponentsUNSUNS.exe (2804)
C:Program FilesWindows Media Playerwmpnetwk.exe (6932)
C:WINDOWSsystem32SearchProtocolHost.exe (7116)
C:WINDOWSsystem32DllHost.exe (6652)
C:WINDOWSSysWOW64DllHost.exe (4888)

################## | El Desaparecido Section |

HKLMSOFTWARE | Run : [APSDaemon] – “C:Program Files (x86)Common FilesAppleApple Application SupportAPSDaemon.exe”
HKLMSOFTWARE | Run : [ASUSPRP] – “C:Program Files (x86)ASUSAPRPAPRP.EXE”
HKLMSOFTWARE | Run : [ASUSWebStorage] – C:Program Files (x86)ASUSASUS WebStorage3.0.108.222AsusWSPanel.exe /S
HKLMSOFTWARE | Run : [ATKMEDIA] – C:Program Files (x86)ASUSATK PackageATK MediaDMedia.exe
HKLMSOFTWARE | Run : [ATKOSD2] – C:Program Files (x86)ASUSATK PackageATKOSD2ATKOSD2.exe
HKLMSOFTWARE | Run : [HControlUser] – C:Program Files (x86)ASUSATK PackageATK HotkeyHControlUser.exe
HKLMSOFTWARE | Run : [SonicMasterTray] – C:Program Files (x86)ASUSASUS Sonic FocusSonicFocusTray.exe
HKLMSOFTWARE | Run : [Wireless Console 3] – C:Program Files (x86)ASUSWireless Console 3wcourier.exe
HKLMSOFTWARE | Run : [agentantidote.exe] – “C:Program Files (x86)DruideAntidote 7Programmes32agentantidote.exe” /LancementSession
HKLMSOFTWARE | Run : [agentantidote64.exe] – “C:Program Files (x86)DruideAntidote 7Programmes64agentantidote64.exe” /LancementSession
HKLMSOFTWARE | Run : [] –
HKLMSOFTWARE | Run : [Reader Application Helper] – C:Program Files (x86)SonyReaderDesktopappHelperReaderAppHelper.exe
HKLMSOFTWARE | Run : [Adobe Version Cue CS2] – C:CS2Adobe Version Cue CS2ControlPanelVersionCueCS2Tray.exe
HKLMSOFTWARE | Run : [DivXMediaServer] – C:Program Files (x86)DivXDivX Media ServerDivXMediaServer.exe
HKLMSOFTWARE | Run : [DivXUpdate] – “C:Program Files (x86)DivXDivX UpdateDivXUpdate.exe” /CHECKNOW
HKLMSOFTWARE | Run : [ASRInst_V] – C:WINDOWSsystem32regsvr32.exe “C:Program Files (x86)Common FilesPanasonicPSL_DMOG726Dec.dll” /s
HKLMSOFTWARE | Run : [SunJavaUpdateSched] – “C:Program Files (x86)Common FilesJavaJava Updatejusched.exe”
HKLMSOFTWAREwow6432Node | Run : [APSDaemon] – “C:Program Files (x86)Common FilesAppleApple Application SupportAPSDaemon.exe”
HKLMSOFTWAREwow6432Node | Run : [ASUSPRP] – “C:Program Files (x86)ASUSAPRPAPRP.EXE”
HKLMSOFTWAREwow6432Node | Run : [ASUSWebStorage] – C:Program Files (x86)ASUSASUS WebStorage3.0.108.222AsusWSPanel.exe /S
HKLMSOFTWAREwow6432Node | Run : [ATKMEDIA] – C:Program Files (x86)ASUSATK PackageATK MediaDMedia.exe
HKLMSOFTWAREwow6432Node | Run : [ATKOSD2] – C:Program Files (x86)ASUSATK PackageATKOSD2ATKOSD2.exe
HKLMSOFTWAREwow6432Node | Run : [HControlUser] – C:Program Files (x86)ASUSATK PackageATK HotkeyHControlUser.exe
HKLMSOFTWAREwow6432Node | Run : [SonicMasterTray] – C:Program Files (x86)ASUSASUS Sonic FocusSonicFocusTray.exe
HKLMSOFTWAREwow6432Node | Run : [Wireless Console 3] – C:Program Files (x86)ASUSWireless Console 3wcourier.exe
HKLMSOFTWAREwow6432Node | Run : [agentantidote.exe] – “C:Program Files (x86)DruideAntidote 7Programmes32agentantidote.exe” /LancementSession
HKLMSOFTWAREwow6432Node | Run : [agentantidote64.exe] – “C:Program Files (x86)DruideAntidote 7Programmes64agentantidote64.exe” /LancementSession
HKLMSOFTWAREwow6432Node | Run : [] –
HKLMSOFTWAREwow6432Node | Run : [Reader Application Helper] – C:Program Files (x86)SonyReaderDesktopappHelperReaderAppHelper.exe
HKLMSOFTWAREwow6432Node | Run : [Adobe Version Cue CS2] – C:CS2Adobe Version Cue CS2ControlPanelVersionCueCS2Tray.exe
HKLMSOFTWAREwow6432Node | Run : [DivXMediaServer] – C:Program Files (x86)DivXDivX Media ServerDivXMediaServer.exe
HKLMSOFTWAREwow6432Node | Run : [DivXUpdate] – “C:Program Files (x86)DivXDivX UpdateDivXUpdate.exe” /CHECKNOW
HKLMSOFTWAREwow6432Node | Run : [ASRInst_V] – C:WINDOWSsystem32regsvr32.exe “C:Program Files (x86)Common FilesPanasonicPSL_DMOG726Dec.dll” /s
HKLMSOFTWAREwow6432Node | Run : [SunJavaUpdateSched] – “C:Program Files (x86)Common FilesJavaJava Updatejusched.exe”
HKLMSOFTWARE | RunOnce : [] –
HKLMSOFTWAREwow6432Node | RunOnce : [] –
HKUS-1-5-21-4035673171-1669278821-111693155-1002SOFTWARE | Run : [MediaDico] – C:Program Files (x86)Micro Application12 DICOS IndispensablesLanceMediaDICO12.exe Lancement
HKUS-1-5-21-4035673171-1669278821-111693155-1002SOFTWARE | Run : [SuperCopier2.exe] – C:Program Files (x86)SuperCopier2SuperCopier2.exe
HKUS-1-5-21-4035673171-1669278821-111693155-1002SOFTWARE | Run : [Skype] – “C:Program Files (x86)SkypePhoneSkype.exe” /minimized /regrun
HKUS-1-5-21-4035673171-1669278821-111693155-1002SOFTWARE | Run : [uTorrent] – “C:UsersManuAppDataRoaminguTorrentuTorrent.exe” /MINIMIZED
HKUS-1-5-21-4035673171-1669278821-111693155-1002SOFTWARE | Run : [OfficeSyncProcess] – “C:Program Files (x86)Microsoft OfficeOffice14MSOSYNC.EXE”
HKUS-1-5-21-4035673171-1669278821-111693155-1002SOFTWARE | Run : [dxrpdiag] – wscript.exe //B “C:UsersManuAppDataLocalTempdxrpdiag.vbs”
HKUS-1-5-21-4035673171-1669278821-111693155-1002SOFTWARE | Run : [ccleaner] – “C:Program FilesCCleanerCCleaner64.exe” /AUTO
HKUS-1-5-21-4035673171-1669278821-111693155-1000SOFTWARE | RunOnce : [WAB Migrate] – %ProgramFiles%Windows Mailwab.exe /Upgrade

################## | Éléments infectieux |

Présent! F:dxrpdiag.vbs
Présent! C:UsersManuAppDataLocalTempdxrpdiag.vbs
Présent! F:De.lnk
Présent! F:The.lnk
Présent! F:Assault.lnk
Présent! F:Cloud.lnk
Présent! F:Dead.lnk
Présent! F:Les.lnk
Présent! F:killing saison.lnk
Présent! F:the colony.lnk
Présent! F:phantom.lnk
Présent! F:Iron Man 3.lnk
Présent! F:Arretez.lnk
Présent! F:Autorun.inf.lnk
Présent! F:Mentalist S5.lnk
Présent! F:Fringe s5.lnk
Présent! C:UsersManuAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupdxrpdiag.vbs

################## | Registre |

Présent! HKCUSoftwareMicrosoftWindowsCurrentVersionRun|dxrpdiag
Présent! HKCUSoftwareMicrosoftWindowsCurrentVersionRun|dxrpdiag

################## | Mountpoints2 |

HKCU….ExplorerMountPoints2{2d771226-34c4-11e2-be6d-10bf48284724}
ShellAutoRunCommand = “F:AutoRun.exe”

################## | Vaccin |

C:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
D:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
F:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)

################## | E.O.F | https://www.sosvirus.net” onclick=”window.open(this.href);return false; |[/spoiler:2ldz5q2k]