Younes
Participant
Nombre d'articles : 15

@El Desaparecido wrote:

Le disque dur externe doit-il être branché durant le scan?

Oui stp

Voila ce que ca donne

[spoiler:2mm09x54]############################## | UsbFix V 7.146 | [Suppression]

Utilisateur: Younes (Administrateur) # YOUNES-PC
Mis à jour le 28/10/2013 par El Desaparecido – Team SosVirus
Lancé à 10:00:58 | 30/10/2013

Site Web: http://www.usbfix.net/” onclick=”window.open(this.href);return false;
Forum : https://www.sosvirus.net/” onclick=”window.open(this.href);return false;
Upload Malware: upload_malware.php
Contact: http://www.usbfix.net/contact/” onclick=”window.open(this.href);return false;

PC: ASUSTeK COMPUTER INC. (P8H61)
CPU: Intel(R) Core(TM) i5-2500K CPU @ 3.30GHz
RAM -> [Total : 8157 | Free : 6819]
Bios: American Megatrends Inc.
Boot: Normal boot

OS: Microsoft Windows 7 Édition Intégrale (6.1.7600 64-Bit)
WB: Windows Internet Explorer : 8.0.7600.16385
WB: Google Chrome : 30.0.1599.101
WB: Mozilla Firefox : 6.0

SC: Security Center Service [Enabled]
WU: Windows Update Service [Enabled]
AS: Windows Defender : 6.1.7600.16385 (win7_rtm.090713-1255)
AS: Malwarebytes' Anti-Malware : 1.75.0001
FW: Windows FireWall Service [Enabled]

C: (%systemdrive%) -> Disque fixe # 146 Go (4 Go libre(s) – 3%) [] # NTFS
D: -> Disque fixe # 319 Go (218 Go libre(s) – 68%) [FsX] # NTFS
E: -> CD-ROM
F: -> CD-ROM
G: -> Disque fixe # 149 Go (52 Go libre(s) – 35%) [YOUNES] # FAT32

################## | Processus Stoppés |

Stoppé! C:Program FilesAlwil SoftwareAvast5AvastSvc.exe (ID: 1328 |ParentID: 820)
Stoppé! C:WindowsSystem32spoolsv.exe (ID: 1776 |ParentID: 820)
Stoppé! C:Program Files (x86)Common FilesAdobeARM1.0armsvc.exe (ID: 1900 |ParentID: 820)
Stoppé! C:WindowsRNDIS_MGRWmGenieFwSrv.exe (ID: 1944 |ParentID: 820)
Stoppé! C:Program Files (x86)RazerRazer Game BoosterRzKLService.exe (ID: 2016 |ParentID: 820)
Stoppé! C:Program Files (x86)NVIDIA Corporation3D VisionnvSCPAPISvr.exe (ID: 1472 |ParentID: 820)
Stoppé! C:Windowssystem32sppsvc.exe (ID: 2212 |ParentID: 820)
Stoppé! C:Windowssystem32taskhost.exe (ID: 2724 |ParentID: 820)
Stoppé! C:Program FilesCommon FilesMicrosoft SharedOfficeSoftwareProtectionPlatformOSPPSVC.EXE (ID: 2004 |ParentID: 820)
Stoppé! C:WindowsExplorer.EXE (ID: 2844 |ParentID: 2864)
Stoppé! C:Program Files (x86)SuperCopierSuperCopier2.exe (ID: 1500 |ParentID: 2844)
Stoppé! C:Program FilesAlwil SoftwareAvast5AvastUI.exe (ID: 3060 |ParentID: 1540)
Stoppé! C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe (ID: 1348 |ParentID: 1540)
Stoppé! C:Windowssystem32SearchIndexer.exe (ID: 3156 |ParentID: 820)
Stoppé! C:Windowssystem32taskmgr.exe (ID: 3496 |ParentID: 860)

################## | Regedit Run |

HKLMSOFTWARE | Run : [avast5] – “C:Program FilesAlwil SoftwareAvast5avastUI.exe” /nogui
HKLMSOFTWARE | Run : [Adobe ARM] – “C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe”
HKLMSOFTWAREwow6432Node | Run : [avast5] – “C:Program FilesAlwil SoftwareAvast5avastUI.exe” /nogui
HKLMSOFTWAREwow6432Node | Run : [Adobe ARM] – “C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe”
HKLMSOFTWARE | RunOnce : [] –
HKLMSOFTWAREwow6432Node | RunOnce : [] –
HKUS-1-5-19SOFTWARE | Run : [Sidebar] – %ProgramFiles%Windows SidebarSidebar.exe /autoRun
HKUS-1-5-20SOFTWARE | Run : [Sidebar] – %ProgramFiles%Windows SidebarSidebar.exe /autoRun
HKUS-1-5-21-274241942-440908366-385262484-1000SOFTWARE | Run : [ultracopier] – “C:Program Files (x86)Supercopiersupercopier.exe”
HKUS-1-5-21-274241942-440908366-385262484-1000SOFTWARE | Run : [SuperCopier2.exe] – C:Program Files (x86)SuperCopierSuperCopier2.exe
HKUS-1-5-19SOFTWARE | RunOnce : [mctadmin] – C:WindowsSystem32mctadmin.exe
HKUS-1-5-20SOFTWARE | RunOnce : [mctadmin] – C:WindowsSystem32mctadmin.exe
HKUS-1-5-18SOFTWARE | RunOnce : [FlashPlayerUpdate] – C:WindowsSysWOW64MacromedFlashFlashUtil32_11_5_502_110_ActiveX.exe -update activex

################## | Référence de comparaison MD5 |

Md5 : 435cd9fd0193721b56f0c632b5f4a489 -> G:$RECYCLE.BIN.exe
Md5 : 435cd9fd0193721b56f0c632b5f4a489 -> G:$RECYCLE.BIN.exe
Md5 : d41d8cd98f00b204e9800998ecf8427e -> G:keybd.exe
Md5 : 9d8e00cadce7fdc1b6f7f6dc2808624f -> G:System Volume Information.exe
Md5 : 9d8e00cadce7fdc1b6f7f6dc2808624f -> G:System Volume Information.exe

################## | Recherche générique |

Supprimé! G:$RECYCLE.BIN.exe
Non supprimé ! G:FS Addons.exe
Supprimé! G:cours photoshop.exe
Supprimé! G:System Volume Information.exe
Supprimé! G:$RECYCLE.BIN$RMVWAML.exe
Supprimé! G:$RECYCLE.BIN$RGHB91J.exe
Supprimé! G:$RECYCLE.BIN$RRGTFRG.exe
Supprimé! G:$RECYCLE.BIN$R2CSGQT.exe
Supprimé! G:$RECYCLE.BIN$RGDAQFA.exe
Supprimé! G:$RECYCLE.BIN$R3JZ2JN.exe
Supprimé! G:$RECYCLE.BIN$ROMWFN9.exe
Supprimé! G:$RECYCLE.BIN$RD0Q0NE.exe
Supprimé! G:$RECYCLE.BIN$RA0IKDZ.exe
Supprimé! G:$RECYCLE.BIN$R5IH8GY.exe
Supprimé! G:$RECYCLE.BIN$R8ROM5Z.exe
Supprimé! G:$RECYCLE.BIN$R436S7N.exe
Supprimé! G:$RECYCLE.BIN$R7D8RUT.exe
Supprimé! G:keybd.exe
Supprimé! G:trz4D2F.tmp

(!) Fichiers temporaires supprimés.

################## | Comparaison MD5 |

Supprimé! Md5 : D41D8CD98F00B204E9800998ECF8427E -> C:UsersYounesMusiccompilsAlbumTHOMOS Arcordéon (09-04-2009 11-13-59)Album inconnu (09-04-2009 11-13-59) .exe
Supprimé! Md5 : D41D8CD98F00B204E9800998ECF8427E -> C:UsersYounesMusiccompilsAlbumTHOMOS Arcordéon (09-04-2009 11-13-59)FloppyDiskPartion.exe
Non supprimé ! Md5 : D41D8CD98F00B204E9800998ECF8427E -> G:keybd.exe
Non supprimé ! Md5 : 435CD9FD0193721B56F0C632B5F4A489 -> G:$RECYCLE.BIN.exe
Non supprimé ! Md5 : 9D8E00CADCE7FDC1B6F7F6DC2808624F -> G:System Volume Information.exe

################## | Registre |

Réparé ! HKLMSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem|EnableLUA -> 1
Réparé ! HKLMSoftwareMicrosoftWindowsCurrentVersionPoliciesExplorer|NoActiveDesktop -> 0
Réparé ! HKLMSoftwareMicrosoftWindowsCurrentVersionPoliciesExplorer|NoActiveDesktopChanges -> 0
Supprimé! HKUS-1-5-21-274241942-440908366-385262484-1000Software….Mountpoints2{28cf3a03-ebbb-11d4-b3e6-95ef46324056}
Supprimé! HKUS-1-5-21-274241942-440908366-385262484-1000Software….Mountpoints2{64dfe974-331d-11e2-baa5-5404a61f0b6b}
Supprimé! HKUS-1-5-21-274241942-440908366-385262484-1000Software….Mountpoints2{6b1a8f8c-ebbd-11d4-a7c3-bd573001930f}
Supprimé! HKUS-1-5-21-274241942-440908366-385262484-1000Software….Mountpoints2{aa269ba6-3701-11e2-9111-5404a61f0b6b}
Supprimé! HKUS-1-5-21-274241942-440908366-385262484-1000Software….Mountpoints2{bb603503-e3eb-11e2-8466-001ffb5309e5}
Supprimé! HKUS-1-5-21-274241942-440908366-385262484-1000Software….Mountpoints2{def75208-3553-11e2-ae6d-001ffb5309e5}

################## | Listing |

[16/01/2001 – 15:25:23 | SHD ] C:$Recycle.Bin
[29/10/2013 – 19:11:09 | DC ] C:AdwCleaner
[30/06/2013 – 15:09:14 | RASHDC ] C:Autorun.inf
[29/10/2013 – 14:07:28 | C | 21685] C:autoupdate.log
[29/10/2013 – 17:56:58 | SHDC ] C:Config.Msi
[14/07/2009 – 06:08:56 | SHD ] C:Documents and Settings
[30/10/2013 – 09:49:33 | ASH | 6414835712] C:hiberfil.sys
[16/01/2001 – 15:41:54 | D ] C:Intel
[22/07/2012 – 10:06:29 | C | 1015] C:logFile.xsl
[22/07/2012 – 10:07:44 | RHD ] C:MSOCache
[16/01/2001 – 15:46:19 | D ] C:NVIDIA
[30/10/2013 – 09:49:36 | ASH | 8553115648] C:pagefile.sys
[29/10/2013 – 19:26:43 | C | 512] C:PhysicalDisk0_MBR.bin
[05/09/2013 – 17:08:37 | D ] C:Program Files
[29/10/2013 – 19:15:02 | D ] C:Program Files (x86)
[29/10/2013 – 19:12:09 | HD ] C:ProgramData
[16/01/2001 – 15:24:58 | SHD ] C:Recovery
[29/10/2013 – 17:56:32 | SHD ] C:System Volume Information
[30/10/2013 – 10:03:56 | DC ] C:UsbFix
[30/10/2013 – 09:57:33 | C | 807] C:UsbFix [Clean 2] YOUNES-PC.txt
[30/10/2013 – 09:59:30 | C | 1243] C:UsbFix [Clean 4] YOUNES-PC.txt
[30/10/2013 – 10:04:41 | AC | 7835] C:UsbFix [Clean 5] YOUNES-PC.txt
[29/10/2013 – 18:31:17 | C | 7073] C:UsbFix [Scan 1] YOUNES-PC.txt
[29/10/2013 – 18:35:17 | C | 7220] C:UsbFix [Scan 2] YOUNES-PC.txt
[29/10/2013 – 19:01:44 | C | 7197] C:UsbFix [Scan 3] YOUNES-PC.txt
[30/06/2013 – 15:12:11 | C | 3676] C:UsbFix.txt
[02/05/2013 – 14:22:56 | RD ] C:Users
[30/10/2013 – 09:52:03 | D ] C:Windows
[20/11/2012 – 18:58:13 | D ] C:wmm_log
[16/01/2001 – 15:53:16 | SHD ] D:$RECYCLE.BIN
[29/10/2013 – 14:01:23 | D ] D:a459ac0721ab2217a4a0588c18
[15/12/2012 – 14:47:39 | D ] D:aircraft
[16/11/2012 – 08:10:16 | N | 0] D:Aircraft_cameras.INI
[15/12/2012 – 14:47:39 | N | 118761] D:airlines.txt
[30/06/2013 – 15:09:16 | RASHD ] D:Autorun.inf
[20/05/2013 – 06:01:32 | D ] D:B737NG
[16/11/2012 – 08:12:05 | N | 184] D:B737_.ini
[20/05/2013 – 06:01:43 | D ] D:CBT767
[15/12/2012 – 14:47:39 | N | 12808] D:csl_legacy.txt
[15/12/2012 – 14:47:39 | N | 253054] D:equipment.txt
[07/11/2007 – 08:00:40 | N | 17734] D:eula.1028.txt
[07/11/2007 – 08:00:40 | N | 17734] D:eula.1031.txt
[07/11/2007 – 08:00:40 | N | 10134] D:eula.1033.txt
[07/11/2007 – 08:00:40 | N | 17734] D:eula.1036.txt
[07/11/2007 – 08:00:40 | N | 17734] D:eula.1040.txt
[07/11/2007 – 08:00:40 | N | 118] D:eula.1041.txt
[07/11/2007 – 08:00:40 | N | 17734] D:eula.1042.txt
[07/11/2007 – 08:00:40 | N | 17734] D:eula.2052.txt
[07/11/2007 – 08:00:40 | N | 17734] D:eula.3082.txt
[15/12/2012 – 14:47:39 | N | 1535] D:fictional.txt
[07/11/2007 – 08:00:40 | N | 1110] D:globdata.ini
[07/11/2007 – 08:03:18 | N | 562688] D:install.exe
[07/11/2007 – 08:00:40 | N | 843] D:install.ini
[07/11/2007 – 08:03:18 | N | 76304] D:install.res.1028.dll
[07/11/2007 – 08:03:18 | N | 96272] D:install.res.1031.dll
[07/11/2007 – 08:03:18 | N | 91152] D:install.res.1033.dll
[07/11/2007 – 08:03:18 | N | 97296] D:install.res.1036.dll
[07/11/2007 – 08:03:18 | N | 95248] D:install.res.1040.dll
[07/11/2007 – 08:03:18 | N | 81424] D:install.res.1041.dll
[07/11/2007 – 08:03:18 | N | 79888] D:install.res.1042.dll
[07/11/2007 – 08:03:18 | N | 75792] D:install.res.2052.dll
[07/11/2007 – 08:03:18 | N | 96272] D:install.res.3082.dll
[15/12/2012 – 14:47:39 | N | 11295] D:liveries.txt
[09/09/2013 – 19:53:46 | D ] D:msdownld.tmp
[15/12/2012 – 14:47:39 | D ] D:networks
[06/09/2013 – 12:55:32 | D ] D:Program Files
[29/10/2013 – 15:47:26 | D ] D:Program Files (x86)
[15/12/2012 – 14:47:40 | N | 307] D:readme.txt
[15/12/2012 – 14:47:39 | N | 4935] D:related.txt
[15/12/2012 – 14:47:39 | N | 81920] D:sbaicontrol10.dll
[15/12/2012 – 14:47:39 | N | 4468736] D:sbimage.dll
[15/12/2012 – 14:47:39 | N | 4063232] D:sbmod10.dll
[15/12/2012 – 14:47:39 | N | 212992] D:sbtrans10.dll
[15/12/2012 – 14:47:40 | N | 77824] D:sbuninstall.exe
[15/12/2012 – 14:47:39 | N | 2579968] D:simconnect.msi
[15/12/2012 – 14:47:39 | D ] D:sound
[15/12/2012 – 14:47:40 | N | 2550] D:squawkbox.ico
[15/12/2012 – 14:47:40 | N | 13400] D:squawkbox_eula.txt
[15/12/2012 – 14:47:39 | N | 1118208] D:squawkbox_fs.exe
[15/12/2012 – 14:47:39 | N | 1093632] D:squawkbox_fsx.exe
[16/01/2001 – 15:53:01 | SHD ] D:System Volume Information
[07/11/2007 – 08:00:40 | N | 5686] D:vcredist.bmp
[16/11/2012 – 08:10:13 | N | 313] D:VC_cameras.INI
[07/11/2007 – 08:09:22 | N | 1442522] D:VC_RED.cab
[07/11/2007 – 08:12:28 | N | 232960] D:VC_RED.MSI
[15/12/2012 – 14:47:39 | D ] D:weather
[15/12/2012 – 14:47:39 | N | 308209] D:wx.txt
[13/03/2012 – 08:37:18 | SHD ] G:$RECYCLE.BIN
[21/07/2012 – 11:13:54 | D ] G:FS Addons
[18/08/2012 – 22:48:50 | D ] G:cours photoshop
[29/10/2013 – 20:01:08 | N | 2] G:ldupver.txt
[29/10/2013 – 20:35:22 | SHD ] G:System Volume Information
[05/12/2012 – 10:29:04 | N | 0] G:keybd.exe
[21/04/2006 – 18:25:18 | D ] G:Recycled
[03/06/2013 – 17:22:52 | D ] G:XP-Update
[03/06/2013 – 17:22:52 | D ] G:msdn
[29/10/2013 – 20:01:24 | N | 94208] G:$RECYCLE.BIN.exe
[29/10/2013 – 20:01:26 | N | 94208] G:FS Addons.exe
[29/10/2013 – 20:01:26 | N | 94208] G:cours photoshop.exe
[29/10/2013 – 20:01:26 | N | 94208] G:System Volume Information.exe

################## | Vaccin |

C:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
D:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)

################## | E.O.F | http://www.usbfix.net” onclick=”window.open(this.href);return false; – https://www.sosvirus.net” onclick=”window.open(this.href);return false; |[/spoiler:2mm09x54]