Répondre à : Virus clé USB 2016-09-08T13:08:12+00:00
Mélanie
Nombre d'articles : 0

C’est du rapide! :super:

Rapport usbfix:

[spoiler:3k74es9q]############################## | UsbFix V 7.143 | [Suppression]

Utilisateur: Moi (Administrateur) # MÉLANIE
Mis à jour le 05/10/2013 par El Desaparecido – Team SosVirus
Lancé à 22:18:54 | 07/10/2013

Site Web: http://www.usbfix.net/” onclick=”window.open(this.href);return false;
Forum : https://www.sosvirus.net/” onclick=”window.open(this.href);return false;
Upload Malware: upload_malware.php
Contact: http://www.usbfix.net/contact/” onclick=”window.open(this.href);return false;

PC: ASUSTeK COMPUTER INC. (K56CM)
CPU: Intel(R) Core(TM) i3-3217U CPU @ 1.80GHz
RAM -> [Total : 3982 | Free : 3014]
Bios: American Megatrends Inc.
Boot: Fail-safe boot

OS: Microsoft Windows 8 (6.2.9200 64-Bit) #
WB: Windows Internet Explorer 10.0.9200.16688

SC: Security Center Service [Enabled]
WU: Windows Update Service [(!) Disabled]
AV: Windows Defender [(!) Disabled | Updated]
FW: Windows FireWall Service [(!) Disabled]

C: (%systemdrive%) -> Disque fixe # 279 Go (221 Go libre(s) – 79%) [OS] # NTFS
D: -> Disque fixe # 398 Go (398 Go libre(s) – 100%) [DATA] # NTFS
E: -> CD-ROM
F: -> Disque amovible # 2 Go (2 Go libre(s) – 98%) [UDISK 2.0] # FAT

################## | Regedit Run |

HKLMSOFTWARE | Run : [Adobe Reader Speed Launcher] – “C:Program Files (x86)AdobeReader 10.0ReaderReader_sl.exe”
HKLMSOFTWARE | Run : [Adobe ARM] – “C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe”
HKLMSOFTWARE | Run : [RemoteControl10] – “C:Program Files (x86)CyberLinkPowerDVD10PDVD10Serv.exe”
HKLMSOFTWARE | Run : [mcpltui_exe] – “C:Program FilesCommon FilesMcAfeePlatformmcuicnt.exe” /platui
HKLMSOFTWARE | Run : [ATLauncher] – “C:Program FilesMcAfeeExMcAfeeAntiTheftATLauncher.exe” /createshortcuts:1
HKLMSOFTWARE | Run : [ASUSWebStorage] – C:Program Files (x86)ASUSWebStorage Sync Agent1.1.9.120AsusWSPanel.exe /S
HKLMSOFTWARE | Run : [ATUninstallIcon] – “C:Program FilesMcAfeeExMcAfeeAntiTheftATLauncher.exe” /createuninstallentry:1
HKLMSOFTWAREwow6432Node | Run : [Adobe Reader Speed Launcher] – “C:Program Files (x86)AdobeReader 10.0ReaderReader_sl.exe”
HKLMSOFTWAREwow6432Node | Run : [Adobe ARM] – “C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe”
HKLMSOFTWAREwow6432Node | Run : [RemoteControl10] – “C:Program Files (x86)CyberLinkPowerDVD10PDVD10Serv.exe”
HKLMSOFTWAREwow6432Node | Run : [mcpltui_exe] – “C:Program FilesCommon FilesMcAfeePlatformmcuicnt.exe” /platui
HKLMSOFTWAREwow6432Node | Run : [ATLauncher] – “C:Program FilesMcAfeeExMcAfeeAntiTheftATLauncher.exe” /createshortcuts:1
HKLMSOFTWAREwow6432Node | Run : [ASUSWebStorage] – C:Program Files (x86)ASUSWebStorage Sync Agent1.1.9.120AsusWSPanel.exe /S
HKLMSOFTWAREwow6432Node | Run : [ATUninstallIcon] – “C:Program FilesMcAfeeExMcAfeeAntiTheftATLauncher.exe” /createuninstallentry:1
HKLMSOFTWARE | RunOnce : [] –
HKLMSOFTWAREwow6432Node | RunOnce : [] –
HKUS-1-5-21-3377337816-2642854494-2396223647-1002SOFTWARE | Run : [RESTART_STICKY_NOTES] – C:WindowsSystem32StikyNot.exe

################## | Processus Stoppés |

Stoppé! C:Program FilesCommon FilesmcafeePlatformMcSvcHostMcSvHost.exe (ID 880 |ParentID 532)
Stoppé! C:Windowssystem32ctfmon.exe (ID 992 |ParentID 980)
Stoppé! C:Windowssystem32DllHost.exe (ID 1188 |ParentID 644)

################## | Éléments infectieux |

Supprimé! F:CV.lnk
Supprimé! F:DOSSIER METIER.lnk
Supprimé! F:LETTRE DE MOTIVATION.lnk
Non supprimé ! E:autorun.exe
Non supprimé ! E:autorun.inf
Supprimé! F:desktop.ini

(!) Fichiers temporaires supprimés.

################## | Registre |

Supprimé! HKCU….ExplorerMountPoints2{e371676e-4cbc-11e2-be6a-806e6f6e6963}

################## | Listing |

[05/07/2013 – 20:34:23 | SHD ] C:$Recycle.Bin
[07/10/2013 – 20:53:58 | D ] C:AdwCleaner
[17/08/2012 – 11:42:50 | SHD ] C:Boot
[26/07/2012 – 05:44:30 | RASH | 398156] C:bootmgr
[02/06/2012 – 16:30:55 | N | 1] C:BOOTNXT
[26/07/2012 – 09:22:08 | SHD ] C:Documents and Settings
[23/12/2012 – 07:24:26 | D ] C:eSupport
[07/10/2013 – 22:17:51 | ASH | 3339931648] C:hiberfil.sys
[23/12/2012 – 07:00:04 | D ] C:Intel
[19/09/2012 – 13:05:36 | N | 6293504] C:K56CA.BIN
[19/09/2012 – 12:56:52 | N | 6293504] C:K56CM.BIN
[07/10/2013 – 22:17:56 | ASH | 3489660928] C:pagefile.sys
[26/07/2012 – 09:33:46 | D ] C:PerfLogs
[17/09/2013 – 18:39:13 | D ] C:Program Files
[07/10/2013 – 20:41:49 | D ] C:Program Files (x86)
[07/10/2013 – 20:41:52 | HD ] C:ProgramData
[06/07/2013 – 10:25:28 | D ] C:sources
[07/10/2013 – 22:17:56 | ASH | 268435456] C:swapfile.sys
[05/10/2013 – 12:08:37 | SHD ] C:System Volume Information
[23/12/2012 – 07:07:14 | D ] C:temp
[07/10/2013 – 22:23:19 | D ] C:UsbFix
[07/10/2013 – 22:01:27 | N | 8428] C:UsbFix [Clean 1] MÉLANIE.txt
[07/10/2013 – 22:07:29 | N | 8096] C:UsbFix [Clean 2] MÉLANIE.txt
[07/10/2013 – 22:23:36 | A | 4856] C:UsbFix [Clean 3] MÉLANIE.txt
[07/10/2013 – 20:48:08 | N | 9762] C:UsbFix [Scan 1] MÉLANIE.txt
[05/07/2013 – 20:30:08 | RD ] C:Users
[07/10/2013 – 22:17:52 | D ] C:Windows
[05/07/2013 – 20:34:23 | SHD ] D:$RECYCLE.BIN
[20/09/2013 – 14:17:49 | N | 905] D:Musique – Raccourci.lnk
[23/12/2012 – 06:55:53 | SHD ] D:System Volume Information
[12/07/2011 – 21:06:58 | R | 9061653] E:autorun.exe
[06/07/2011 – 16:20:34 | R | 95] E:autorun.inf
[06/07/2011 – 19:13:54 | R | 156374] E:bd.ico
[19/09/2012 – 10:34:03 | D ] E:images
[19/09/2012 – 10:34:03 | D ] E:language
[19/09/2012 – 10:34:03 | D ] E:outils
[19/09/2012 – 10:33:41 | D ] E:products
[04/10/2013 – 09:18:36 | D ] F:CV
[04/10/2013 – 09:19:20 | D ] F:DOSSIER METIER
[04/10/2013 – 09:52:46 | N | 461403] F:CV Melanie Bienvenu.pdf
[03/05/2013 – 17:46:20 | N | 41091072] F:.HPIMAGE.VFS
[07/10/2013 – 19:40:22 | N | 51524] F:Lettre de motivation Mélanie Bienvenu.pdf
[04/10/2013 – 09:18:48 | D ] F:LETTRE DE MOTIVATION
[11/11/2007 – 01:14:52 | N | 172] F:DRMv1PM.lic

################## | Vaccin |

C:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
D:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
F:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)

################## | E.O.F | http://www.usbfix.net” onclick=”window.open(this.href);return false; – https://www.sosvirus.net” onclick=”window.open(this.href);return false; |[/spoiler:3k74es9q]

Rapport AdwCleaner :

[spoiler:3k74es9q]# AdwCleaner v3.006 – Rapport créé le 07/10/2013 à 22:40:28
# Mis à jour le 01/10/2013 par Xplode
# Système d'exploitation : Windows 8 (64 bits)
# Nom d'utilisateur : Moi – MÉLANIE
# Exécuté depuis : C:UsersMoiDesktopadwcleaner.exe
# Option : Nettoyer

***** [ Services ] *****

***** [ Fichiers / Dossiers ] *****

Dossier Supprimé : C:ProgramDataBabylon
Dossier Supprimé : C:UsersMoiAppDataLocalBabylon
Dossier Supprimé : C:UsersMoiAppDataRoamingBabylon

***** [ Raccourcis ] *****

***** [ Registre ] *****

Clé Supprimée : HKLMSOFTWAREClassesProd.cap
Clé Supprimée : HKLMSOFTWAREClassesAppID{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Clé Supprimée : HKCUSoftwareMicrosoftWindowsCurrentVersionExtSettings{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Clé Supprimée : HKCUSoftwareMicrosoftInternet ExplorerSearchScopes{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Clé Supprimée : HKCUSoftwareConduit
Clé Supprimée : HKCUSoftwareInstallCore
Clé Supprimée : HKCUSoftwareAppDataLowSoftwaresmartbar

***** [ Navigateurs ] *****

-\ Internet Explorer v10.0.9200.16688

Paramètre Restauré : HKCUSoftwareMicrosoftInternet ExplorerMain [Start Page]

*************************

AdwCleaner[R0].txt – [1677 octets] – [07/10/2013 20:53:34]
AdwCleaner[R1].txt – [1735 octets] – [07/10/2013 22:39:52]
AdwCleaner[S0].txt – [1360 octets] – [07/10/2013 22:40:28]

########## EOF – C:AdwCleanerAdwCleaner[S0].txt – [1420 octets] ##########[/spoiler:3k74es9q]