Répondre à : Fichiers clés USB transformés en liens 2016-09-08T13:11:50+00:00
Myszko
Nombre d'articles : 0

Merci pour la prise en charge de mon problème !

En effet il y a eu blocage mais a 22%.

Voici le résultat:

############################## | UsbFix V 7.145 | [Suppression]

Utilisateur: Myszko (Administrateur) # STRIKE
Mis à jour le 17/10/2013 par El Desaparecido – Team SosVirus
Lancé à 13:14:38 | 28/10/2013

Site Web: http://www.usbfix.net/” onclick=”window.open(this.href);return false;
Forum : https://www.sosvirus.net/” onclick=”window.open(this.href);return false;
Upload Malware: upload_malware.php
Contact: http://www.usbfix.net/contact/” onclick=”window.open(this.href);return false;

PC: SAMSUNG ELECTRONICS CO., LTD. (NF110/NF210/NF310 )
CPU: Intel(R) Atom(TM) CPU N550 @ 1.50GHz
RAM -> [Total : 1013 | Free : 311]
Bios: Phoenix Technologies Ltd.
Boot: Fail-safe with network boot

OS: Microsoft Windows 7 Édition Starter (6.1.7601 32-Bit) # Service Pack 1
WB: Windows Internet Explorer 10.0.9200.16721

SC: Security Center Service [Enabled]
WU: Windows Update Service [Enabled]
AV: avast! Antivirus [(!) Disabled | Updated]
FW: Windows FireWall Service [Enabled]

C: (%systemdrive%) -> Disque fixe # 87 Go (14 Go libre(s) – 16%) [] # NTFS
D: -> Disque fixe # 129 Go (4 Go libre(s) – 3%) [] # NTFS
E: -> Disque amovible # 4 Go (2 Go libre(s) – 44%) [TRANSCEND] # FAT32
F: -> Disque amovible # 7 Go (7 Go libre(s) – 100%) [CIBOX 8GB] # FAT32

################## | Regedit Run |

HKLMSOFTWARE | Run : [RtHDVCpl] – C:Program FilesRealtekAudioHDARtHDVCpl.exe -s
HKLMSOFTWARE | Run : [SynTPEnh] – %ProgramFiles%SynapticsSynTPSynTPEnh.exe
HKLMSOFTWARE | Run : [avast] – “C:Program FilesAVAST SoftwareAvastavastUI.exe” /nogui
HKLMSOFTWARE | Run : [AppleSyncNotifier] – C:Program FilesCommon FilesAppleMobile Device SupportAppleSyncNotifier.exe
HKLMSOFTWARE | Run : [Windows Mobile-based device management] – %windir%WindowsMobilewmdcBase.exe
HKLMSOFTWARE | Run : [APSDaemon] – “C:Program FilesCommon FilesAppleApple Application SupportAPSDaemon.exe”
HKLMSOFTWARE | Run : [QuickTime Task] – “C:Program FilesQuickTimeQTTask.exe” -atboottime
HKLMSOFTWARE | Run : [iTunesHelper] – “C:Program FilesiTunesiTunesHelper.exe”
HKLMSOFTWARE | Run : [Adobe ARM] – “C:Program FilesCommon FilesAdobeARM1.0AdobeARM.exe”
HKLMSOFTWARE | Run : [SunJavaUpdateSched] – “C:Program FilesCommon FilesJavaJava Updatejusched.exe”
HKLMSOFTWARE | RunOnce : [] –
HKUS-1-5-19SOFTWARE | Run : [Sidebar] – %ProgramFiles%Windows SidebarSidebar.exe /autoRun
HKUS-1-5-20SOFTWARE | Run : [Sidebar] – %ProgramFiles%Windows SidebarSidebar.exe /autoRun
HKUS-1-5-21-3912383593-2352673496-10441196-1000SOFTWARE | Run : [Facebook Update] – “C:UsersMyszkoAppDataLocalFacebookUpdateFacebookUpdate.exe” /c /nocrashserver
HKUS-1-5-21-3912383593-2352673496-10441196-1000SOFTWARE | Run : [Google Update] – “C:UsersMyszkoAppDataLocalGoogleUpdateGoogleUpdate.exe” /c
HKUS-1-5-21-3912383593-2352673496-10441196-1000SOFTWARE | Run : [updat] – wscript.exe //B “C:UsersMyszkoAppDataLocalTempupdat.vbs”
HKUS-1-5-19SOFTWARE | RunOnce : [mctadmin] – C:WindowsSystem32mctadmin.exe
HKUS-1-5-20SOFTWARE | RunOnce : [mctadmin] – C:WindowsSystem32mctadmin.exe

################## | Processus Stoppés |

Stoppé! C:windowsExplorer.EXE (ID 1396 |ParentID 1388)
Stoppé! C:windowssystem32ctfmon.exe (ID 1464 |ParentID 1396)
Stoppé! C:windowssystem32DllHost.exe (ID 1836 |ParentID 644)
Stoppé! \?C:windowssystem32wbemWMIADAP.EXE (ID 1632 |ParentID 840)

################## | Éléments infectieux |

Supprimé! E:updat.vbs
Supprimé! F:updat.vbs
Supprimé! C:UsersMyszkoAppDataLocalTempupdat.vbs
Supprimé! C:UsersMyszkoAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupupdat.vbs
Supprimé! E:F-H.lnk
Supprimé! E:VIDEO.lnk
Supprimé! E:Nouveau dossier.lnk
Supprimé! F:CG.lnk
Supprimé! F:img046.lnk
Supprimé! F:cerfa_13750-03.lnk
Supprimé! F:img007.lnk
Supprimé! F:img008.lnk
Supprimé! F:img032.lnk
Supprimé! F:img045.lnk
Supprimé! F:autorun.inf.lnk

(!) Fichiers temporaires supprimés.

################## | Registre |

Supprimé! HKUS-1-5-21-3912383593-2352673496-10441196-1000SoftwareMicrosoftWindowsCurrentVersionRun|updat

################## | Listing |

[19/05/2011 – 00:07:51 | SHD ] C:$Recycle.Bin
[10/06/2009 – 22:42:20 | N | 24] C:autoexec.bat
[10/06/2009 – 22:42:20 | N | 10] C:config.sys
[14/07/2009 – 05:53:55 | SHD ] C:Documents and Settings
[28/10/2013 – 13:10:54 | ASH | 1062518784] C:hiberfil.sys
[21/10/2010 – 03:14:50 | D ] C:Intel
[16/12/2011 – 13:44:44 | RHD ] C:MSOCache
[28/10/2013 – 13:10:55 | ASH | 1073741824] C:pagefile.sys
[14/07/2009 – 03:37:05 | D ] C:PerfLogs
[25/10/2013 – 20:00:29 | D ] C:Program Files
[25/10/2013 – 20:39:36 | HD ] C:ProgramData
[18/05/2011 – 23:44:41 | SHD ] C:Recovery
[30/08/2012 – 10:47:14 | N | 2255] C:RHDSetup.log
[30/08/2012 – 10:47:14 | N | 206] C:setup.log
[28/10/2013 – 11:24:59 | SHD ] C:System Volume Information
[28/10/2013 – 13:22:55 | D ] C:UsbFix
[28/10/2013 – 12:59:03 | N | 7826] C:UsbFix [Clean 1] STRIKE.txt
[28/10/2013 – 13:30:15 | A | 4984] C:UsbFix [Clean 2] STRIKE.txt
[28/10/2013 – 10:52:51 | N | 10087] C:UsbFix [Scan 2] STRIKE.txt
[18/05/2011 – 23:45:55 | RD ] C:Users
[28/10/2013 – 13:10:55 | D ] C:Windows
[19/05/2011 – 00:07:51 | SHD ] D:$RECYCLE.BIN
[25/07/2011 – 18:07:02 | N | 53926] D:217442_2079193454238_1077085963_2358166_7228707_n.jpg
[16/09/2011 – 15:56:00 | N | 306758] D:290136_2335504308825_1286348615_32675474_7057142_o.jpg
[23/11/2011 – 11:22:16 | N | 78165] D:Anglais romain.docx
[11/10/2013 – 22:34:08 | D ] D:Films
[20/06/2011 – 20:47:20 | N | 942557] D:Image 1.png
[29/05/2011 – 18:05:31 | N | 528] D:MediaID.bin
[24/10/2013 – 22:20:25 | D ] D:Oh La La – White Klub
[25/10/2013 – 21:13:13 | D ] D:Saved
[19/05/2011 – 19:46:11 | SHD ] D:System Volume Information
[26/05/2011 – 11:49:30 | D ] D:VA-The_Hangover_Part_II_OST-2011-FRAY
[24/10/2013 – 22:31:32 | D ] E:F-H
[27/10/2013 – 22:10:28 | D ] E:VIDEO
[26/10/2013 – 09:50:46 | D ] F:CG
[26/10/2013 – 00:44:14 | N | 801687] F:img046.jpg
[25/10/2013 – 21:56:14 | N | 498575] F:cerfa_13750-03.pdf
[13/08/2013 – 12:16:56 | N | 247719] F:img007.jpg
[13/08/2013 – 12:16:56 | N | 228421] F:img008.jpg
[21/08/2013 – 09:29:02 | N | 531824] F:img032.jpg
[26/10/2013 – 00:44:14 | N | 617789] F:img045.jpg
[26/10/2013 – 10:44:54 | SHD ] F:autorun.inf

################## | Vaccin |

C:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
D:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
E:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
F:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)

################## | E.O.F | http://www.usbfix.net” onclick=”window.open(this.href);return false; – https://www.sosvirus.net” onclick=”window.open(this.href);return false; |