Répondre à : Dossiers en raccourcis sur clé USB 2016-09-08T13:11:03+00:00
Kamy
Nombre d'articles : 0

:merci2: dejà pour votre attention…
resultat de USB fix
############################## | UsbFix V 7.145 | [Suppression]

Utilisateur: SOFTWARE-FIXE (Administrateur) # SOFTWARE-FIXE
Mis à jour le 17/10/2013 par El Desaparecido – Team SosVirus
Lancé à 14:26:04 | 24/10/2013

Site Web: http://www.usbfix.net/” onclick=”window.open(this.href);return false;
Forum : https://www.sosvirus.net/” onclick=”window.open(this.href);return false;
Upload Malware: upload_malware.php
Contact: http://www.usbfix.net/contact/” onclick=”window.open(this.href);return false;

PC: Dell Inc. (0GDG8Y )
CPU: Intel(R) Pentium(R) CPU G630 @ 2.70GHz
RAM -> [Total : 3319 | Free : 1570]
Bios: Dell Inc.
Boot: Normal boot

OS: Microsoft Windows 7 Édition Intégrale (6.1.7601 32-Bit) # Service Pack 1
WB: Windows Internet Explorer 10.0.9200.16721

SC: Security Center Service [(!) Disabled]
WU: Windows Update Service [Enabled]
AV: Microsoft Security Essentials [Enabled | Updated]
FW: Windows FireWall Service [Enabled]

C: (%systemdrive%) -> Disque fixe # 98 Go (5 Go libre(s) – 5%) [] # NTFS
D: -> Disque fixe # 149 Go (8 Go libre(s) – 6%) [Save 2] # NTFS
E: -> Disque fixe # 368 Go (8 Go libre(s) – 2%) [Save 1] # NTFS
F: -> Disque fixe # 233 Go (68 Go libre(s) – 29%) [HDD DATA] # NTFS
G: -> CD-ROM
H: -> Disque amovible # 4 Go (689 Mo libre(s) – 18%) [KODESH 1] # FAT32
I: -> Disque amovible # 2 Go (283 Mo libre(s) – 18%) [T98] # FAT32
J: -> Disque amovible # 4 Go (68 Mo libre(s) – 2%) [] # FAT32

################## | Regedit Run |

HKLMSOFTWARE | Run : [PWRISOVM.EXE] – C:Program FilesPowerISOPWRISOVM.EXE
HKLMSOFTWARE | Run : [IgfxTray] – C:Windowssystem32igfxtray.exe
HKLMSOFTWARE | Run : [HotKeysCmds] – C:Windowssystem32hkcmd.exe
HKLMSOFTWARE | Run : [Persistence] – C:Windowssystem32igfxpers.exe
HKLMSOFTWARE | Run : [MSC] – “C:Program FilesMicrosoft Security Clientmsseces.exe” -hide -runkey
HKLMSOFTWARE | Run : [AdobeAAMUpdater-1.0] – “C:Program FilesCommon FilesAdobeOOBEPDAppUWAUpdaterStartupUtility.exe”
HKLMSOFTWARE | Run : [SwitchBoard] – C:Program FilesCommon FilesAdobeSwitchBoardSwitchBoard.exe
HKLMSOFTWARE | Run : [AdobeCS6ServiceManager] – “C:Program FilesCommon FilesAdobeCS6ServiceManagerCS6ServiceManager.exe” -launchedbylogin
HKLMSOFTWARE | Run : [Adobe] – C:UsersSOFTWARE-FIXEAppDataRoamingAdobecolor.vbe
HKLMSOFTWARE | Run : [APSDaemon] – “C:Program FilesCommon FilesAppleApple Application SupportAPSDaemon.exe”
HKLMSOFTWARE | Run : [RIMBBLaunchAgent.exe] – C:Program FilesCommon FilesResearch In MotionUSB DriversRIMBBLaunchAgent.exe
HKLMSOFTWARE | RunOnce : [] –
HKUS-1-5-19SOFTWARE | Run : [Sidebar] – %ProgramFiles%Windows SidebarSidebar.exe /autoRun
HKUS-1-5-20SOFTWARE | Run : [Sidebar] – %ProgramFiles%Windows SidebarSidebar.exe /autoRun
HKUS-1-5-21-2605565546-127066393-2246236235-1000SOFTWARE | Run : [IDMan] – C:Program FilesInternet Download ManagerIDMan.exe /onboot
HKUS-1-5-21-2605565546-127066393-2246236235-1000SOFTWARE | Run : [uTorrent] – “C:Program FilesuTorrentuTorrent.exe” /MINIMIZED
HKUS-1-5-21-2605565546-127066393-2246236235-1000SOFTWARE | Run : [Cracked Steam Service] – “C:Program FilesCracked SteamCracked Steam.exe” /SERVICE
HKUS-1-5-21-2605565546-127066393-2246236235-1000SOFTWARE | Run : [SkyDrive] – “C:UsersSOFTWARE-FIXEAppDataLocalMicrosoftSkyDriveSkyDrive.exe” /background
HKUS-1-5-21-2605565546-127066393-2246236235-1000SOFTWARE | Run : [MySQL Notifier] – C:Program FilesMySQLMySQL Notifier 1.1.4MySqlNotifier.exe
HKUS-1-5-21-2605565546-127066393-2246236235-1000SOFTWARE | Run : [Skype] – “C:Program FilesSkypePhoneSkype.exe” /minimized /regrun
HKUS-1-5-19SOFTWARE | RunOnce : [mctadmin] – C:WindowsSystem32mctadmin.exe
HKUS-1-5-20SOFTWARE | RunOnce : [mctadmin] – C:WindowsSystem32mctadmin.exe
HKUS-1-5-21-2605565546-127066393-2246236235-1000SOFTWARE | RunOnce : [Uninstall C:UsersSOFTWARE-FIXEAppDataLocalMicrosoftSkyDrive17.0.2003.1112] – C:Windowssystem32cmd.exe /q /c rmdir /s /q “C:UsersSOFTWARE-FIXEAppDataLocalMicrosoftSkyDrive17.0.2003.1112”
HKUS-1-5-21-2605565546-127066393-2246236235-1000SOFTWARE | RunOnce : [Uninstall C:UsersSOFTWARE-FIXEAppDataLocalMicrosoftSkyDrive17.0.2006.0314] – C:Windowssystem32cmd.exe /q /c rmdir /s /q “C:UsersSOFTWARE-FIXEAppDataLocalMicrosoftSkyDrive17.0.2006.0314”
HKUS-1-5-21-2605565546-127066393-2246236235-1000SOFTWARE | RunOnce : [Uninstall C:UsersSOFTWARE-FIXEAppDataLocalMicrosoftSkyDrive17.0.2010.0530] – C:Windowssystem32cmd.exe /q /c rmdir /s /q “C:UsersSOFTWARE-FIXEAppDataLocalMicrosoftSkyDrive17.0.2010.0530”
HKUS-1-5-21-2605565546-127066393-2246236235-1000SOFTWARE | RunOnce : [Uninstall C:UsersSOFTWARE-FIXEAppDataLocalMicrosoftSkyDrive17.0.2011.0627] – C:Windowssystem32cmd.exe /q /c rmdir /s /q “C:UsersSOFTWARE-FIXEAppDataLocalMicrosoftSkyDrive17.0.2011.0627”

################## | Processus Stoppés |

Stoppé! C:Windowssystem32nvvsvc.exe (ID 840 |ParentID 596)
Stoppé! C:Program FilesNVIDIA Corporation3D VisionnvSCPAPISvr.exe (ID 864 |ParentID 596)
Stoppé! c:Program FilesMicrosoft Security ClientMsMpEng.exe (ID 956 |ParentID 596)
Stoppé! C:Program FilesNVIDIA CorporationDisplaynvxdsync.exe (ID 1388 |ParentID 840)
Stoppé! C:Windowssystem32nvvsvc.exe (ID 1396 |ParentID 840)
Stoppé! C:WindowsSystem32spoolsv.exe (ID 1664 |ParentID 596)
Stoppé! C:Program FilesCommon FilesAdobeARM1.0armsvc.exe (ID 1848 |ParentID 596)
Stoppé! C:Windowssystem32taskhost.exe (ID 1916 |ParentID 596)
Stoppé! C:Program FilesCommon FilesAppleMobile Device SupportAppleMobileDeviceService.exe (ID 2024 |ParentID 596)
Stoppé! C:Program FilesBonjourmDNSResponder.exe (ID 404 |ParentID 596)
Stoppé! C:Program FilesDefaultTabDefaultTabSearch.exe (ID 484 |ParentID 596)
Stoppé! C:UsersSOFTWARE-FIXEAppDataRoamingDefaultTabDefaultTabDTUpdate.exe (ID 724 |ParentID 596)
Stoppé! C:Program FilesInteliCLS ClientHeciServer.exe (ID 1052 |ParentID 596)
Stoppé! C:Program FilesInternetEverywhereInternetEverywhere_Service.exe (ID 1416 |ParentID 596)
Stoppé! C:Program FilesIntelIntel(R) Management Engine ComponentsDALjhi_service.exe (ID 1816 |ParentID 596)
Stoppé! C:Program FilesMySQLMySQL Server 5.6binmysqld.exe (ID 2008 |ParentID 596)
Stoppé! C:WindowsExplorer.EXE (ID 2068 |ParentID 492)
Stoppé! C:Program FilesTeamViewerVersion8TeamViewer_Service.exe (ID 2384 |ParentID 596)
Stoppé! C:Program FilesTuneUp Utilities 2012TuneUpUtilitiesService32.exe (ID 2624 |ParentID 596)
Stoppé! C:Program Fileslucky leapupdateluckyleap.exe (ID 2692 |ParentID 596)
Stoppé! C:Program FilesTuneUp Utilities 2012TuneUpUtilitiesApp32.exe (ID 2800 |ParentID 2624)
Stoppé! C:Program Fileslucky leapbinutilluckyleap.exe (ID 2916 |ParentID 596)
Stoppé! c:wampbinapacheapache2.2.22binhttpd.exe (ID 2968 |ParentID 596)
Stoppé! c:wampbinmysqlmysql5.5.24binmysqld.exe (ID 3048 |ParentID 596)
Stoppé! C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSVC.EXE (ID 3124 |ParentID 596)
Stoppé! C:wampbinapacheapache2.2.22binhttpd.exe (ID 3132 |ParentID 2968)
Stoppé! C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSvcM.exe (ID 3572 |ParentID 3124)
Stoppé! C:Program FilesTeamViewerVersion8TeamViewer.exe (ID 3860 |ParentID 2384)
Stoppé! C:Program FilesTeamViewerVersion8tv_w32.exe (ID 2400 |ParentID 2384)
Stoppé! C:Program FilesPowerISOPWRISOVM.EXE (ID 4148 |ParentID 2068)
Stoppé! C:Program FilesMicrosoft Security Clientmsseces.exe (ID 4200 |ParentID 2068)
Stoppé! C:Program FilesCommon FilesResearch In MotionUSB DriversRIMBBLaunchAgent.exe (ID 4436 |ParentID 2068)
Stoppé! C:Program FilesInternet Download ManagerIDMan.exe (ID 4460 |ParentID 2068)
Stoppé! C:Program FilesuTorrentuTorrent.exe (ID 4504 |ParentID 2068)
Stoppé! C:UsersSOFTWARE-FIXEAppDataLocalMicrosoftSkyDriveSkyDrive.exe (ID 4560 |ParentID 2068)
Stoppé! C:Program FilesMySQLMySQL Notifier 1.1.4MySQLNotifier.exe (ID 4572 |ParentID 2068)
Stoppé! C:Program FilesSkypePhoneSkype.exe (ID 4596 |ParentID 2068)
Stoppé! C:Program FilesInternetEverywhereInternetEverywhere_Launcher.exe (ID 4608 |ParentID 2068)
Stoppé! C:Program FilesCommon FilesResearch In MotionUSB DriversBbDevMgr.exe (ID 4624 |ParentID 596)
Stoppé! C:Program FilesNVIDIA CorporationDisplaynvtray.exe (ID 5452 |ParentID 1388)
Stoppé! C:Windowssystem32SearchIndexer.exe (ID 5792 |ParentID 596)
Stoppé! C:Program FilesWindows Media Playerwmpnetwk.exe (ID 5876 |ParentID 596)
Stoppé! C:UsersSOFTWA~1AppDataLocalTempsvchost.exe (ID 5144 |ParentID 4380)
Stoppé! C:Windowssystem32conhost.exe (ID 4860 |ParentID 552)
Stoppé! C:PROGRA~1COMMON~1MICROS~1OFFICE15CSISYN~1.EXE (ID 380 |ParentID 780)
Stoppé! C:Windowssystem32DllHost.exe (ID 2436 |ParentID 780)
Stoppé! C:Windowssystem32DllHost.exe (ID 2580 |ParentID 780)
Stoppé! C:Windowsexplorer.exe (ID 5592 |ParentID 780)
Stoppé! C:Program FilesIntelIntel(R) Management Engine ComponentsLMSLMS.exe (ID 6148 |ParentID 596)
Stoppé! C:Program FilesIntelIntel(R) Management Engine ComponentsUNSUNS.exe (ID 6292 |ParentID 596)
Stoppé! C:Program FilesMozilla Firefoxfirefox.exe (ID 6968 |ParentID 2068)
Stoppé! C:Program FilesMozilla Firefoxplugin-container.exe (ID 8016 |ParentID 6968)
Stoppé! C:Windowssystem32MacromedFlashFlashPlayerPlugin_11_9_900_117.exe (ID 8092 |ParentID 8016)
Stoppé! C:Windowssystem32MacromedFlashFlashPlayerPlugin_11_9_900_117.exe (ID 8116 |ParentID 8092)
Stoppé! C:Program FilesCommon FilesAdobeOOBEPDAppUWAAAM Updates Notifier.exe (ID 2772 |ParentID 7788)
Stoppé! C:Windowsexplorer.exe (ID 5912 |ParentID 780)
Stoppé! C:WindowsSystem32WUDFHost.exe (ID 7760 |ParentID 1144)
Stoppé! \?C:Windowssystem32wbemWMIADAP.EXE (ID 7952 |ParentID 1204)
Stoppé! C:Windowssystem32SearchProtocolHost.exe (ID 6764 |ParentID 5792)
Stoppé! C:Windowssystem32SearchFilterHost.exe (ID 7368 |ParentID 5792)

################## | Éléments infectieux |

Supprimé! C:UsersPublice-book-Les 2 Clés universelles pour réussir en affaires.pdf
Supprimé! C:UsersSOFTWARE-FIXEAppDataRoamingAdobecolor.vbe
Supprimé! C:UsersSOFTWA~1AppDataLocalTempsvchost.exe
Supprimé! C:UsersSOFTWARE-FIXEAppDataLocalMicrosoftWindowsTemporary Internet FilesContent.IE5V0YNTB2Bsvchost[4].exe

(!) Fichiers temporaires supprimés.

################## | Registre |

Supprimé! HKLMSoftwareMicrosoftWindowsCurrentVersionRun|Adobe
Supprimé! HKCU….ExplorerMountPoints2F
Supprimé! HKCU….ExplorerMountPoints2{068c4024-1a05-11e3-90e9-d4bed9c4c8c6}
Supprimé! HKCU….ExplorerMountPoints2{33e177d6-edea-11e2-8d5c-d4bed9c4c8c6}
Supprimé! HKCU….ExplorerMountPoints2{a5f4a6f0-0347-11e3-8ca6-d4bed9c4c8c6}
Supprimé! HKCU….ExplorerMountPoints2{fca286f1-5ad4-11e2-8b11-d4bed9c4c8c6}

################## | Listing |

[26/03/2013 – 14:59:10 | SHD ] C:$Recycle.Bin
[10/06/2009 – 21:42:20 | N | 24] C:autoexec.bat
[23/10/2013 – 17:04:14 | RASHD ] C:Autorun.inf
[10/06/2009 – 21:42:20 | N | 10] C:config.sys
[14/07/2009 – 04:53:55 | SHD ] C:Documents and Settings
[23/10/2013 – 17:01:00 | ASH | 2609897472] C:hiberfil.sys
[31/12/2012 – 16:12:33 | RHD ] C:MSOCache
[23/10/2013 – 17:01:02 | ASH | 3479867392] C:pagefile.sys
[08/10/2013 – 16:13:36 | D ] C:Program Files
[08/10/2013 – 16:13:44 | HD ] C:ProgramData
[28/12/2012 – 09:02:57 | SHD ] C:Recovery
[21/10/2013 – 17:34:10 | SHD ] C:System Volume Information
[24/10/2013 – 14:28:25 | D ] C:UsbFix
[24/10/2013 – 14:29:26 | A | 11670] C:UsbFix [Clean 2] SOFTWARE-FIXE.txt
[08/04/2013 – 17:15:20 | RD ] C:Users
[23/01/2013 – 10:32:34 | D ] C:wamp
[14/10/2013 – 10:58:33 | D ] C:Windows
[24/06/2013 – 08:01:49 | SHD ] D:$RECYCLE.BIN
[12/02/2013 – 13:58:33 | N | 314] D:activer taskmgr.txt
[24/08/2013 – 12:55:29 | D ] D:Anime
[23/10/2013 – 17:04:18 | RASHD ] D:Autorun.inf
[06/09/2013 – 13:59:51 | D ] D:Denis.2013.FRENCH.DVDRip.XviD-UTT
[06/09/2013 – 15:15:59 | N | 288642569] D:epz-revenge.217.victoire.mkv
[12/02/2013 – 16:59:34 | N | 14610] D:Nouveau Document Microsoft Word.docx
[06/09/2013 – 14:45:25 | N | 366645248] D:Revenge.S02E18.FRENCH.LD.DVDRiP.XviD-ASPHiXiAS.avi
[30/08/2013 – 11:47:01 | D ] D:Sauvegardes
[06/09/2013 – 14:00:52 | D ] D:Scandal.S02E18.FRENCH.LD.DVDRIP.XviD-ATN
[06/09/2013 – 14:01:01 | D ] D:Scandal.S02E19.FRENCH.LD.DVDRIP.XviD-ATN
[24/06/2013 – 08:01:42 | SHD ] D:System Volume Information
[13/02/2013 – 08:43:18 | N | 17635] D:tableau de distribution.docx
[23/09/2013 – 17:32:27 | D ] D:Telechargements
[21/06/2013 – 18:19:09 | D ] D:VIDEO_TS
[24/07/2013 – 12:44:32 | N | 2637702] D:VN-20130724-00014.amr
[06/09/2013 – 14:45:50 | N | 207704341] D:[Fansub-Resistance]Naruto Shippuuden 329 (1280×720).mp4
[28/12/2012 – 09:03:08 | SHD ] E:$RECYCLE.BIN
[23/10/2013 – 17:04:19 | RASHD ] E:Autorun.inf
[13/09/2013 – 15:20:10 | D ] E:ESSOH
[10/09/2013 – 16:33:41 | D ] E:jaye
[06/09/2013 – 16:00:09 | D ] E:Sauvegardes
[27/12/2012 – 16:10:18 | SHD ] E:System Volume Information
[09/08/2013 – 15:04:18 | SHD ] F:$RECYCLE.BIN
[23/10/2013 – 17:04:21 | RASHD ] F:Autorun.inf
[09/08/2013 – 15:04:07 | SHD ] F:System Volume Information
[18/09/2013 – 07:36:57 | D ] F:Séries

################## | Vaccin |

C:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
D:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
E:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
F:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)

################## | E.O.F | http://www.usbfix.net” onclick=”window.open(this.href);return false; – https://www.sosvirus.net” onclick=”window.open(this.href);return false; |