Répondre à : Infection virus PC + USB + DDE 2016-09-08T13:12:55+00:00
Sofia
Participant
Post count: 13

Rebonjour!

J’ai lancé usbfix en mode normal mais il a planté a 21%, alors je l’ai lancé en mode sans echec, en conectant mon USB + DDE, voilà le résultat:

[spoiler:13gq65d4]############################## | UsbFix V 7.147 | [Supresión]

Usuario: AMB (Administrador) # RS
Actualizado el 30/10/2013 por El Desaparecido – Team SosVirus
Comenzó a 11:23:21 | 31/10/2013

Sitio web: http://www.usbfix.net/” onclick=”window.open(this.href);return false;
Forum : https://www.sosvirus.net/” onclick=”window.open(this.href);return false;
Upload Malware: upload_malware.php
Contacto: http://www.usbfix.net/contact/” onclick=”window.open(this.href);return false;

PC: ASUSTeK COMPUTER INC. (X55U)
CPU: AMD E-450 APU with Radeon(tm) HD Graphics
RAM -> [Total : 3673 | Free : 2789]
Bios: American Megatrends Inc.
Boot: Fail-safe boot

OS: Microsoft Windows 8 Single Language (6.2.9200 64-Bit)
WB: Windows Internet Explorer : 10.0.9200.16721
WB: Mozilla Firefox : 25.0

SC: Security Center Service [Enabled]
WU: Windows Update Service [(!) Disabled]
AV: Kaspersky Internet Security [Enabled | Updated]
AS: Windows Defender : 4.3.0215.0
AS: Malwarebytes' Anti-Malware : 1.75.0001
FW: Windows FireWall Service [(!) Disabled]

C: (%systemdrive%) -> Disco fijo # 186 Gb (61 Mb libre(s) – 33%) [OS] # NTFS
D: -> Disco fijo # 258 Gb (258 Mb libre(s) – 100%) [Data] # NTFS
E: -> CD-ROM
F: -> Disco fijo # 298 Gb (122 Mb libre(s) – 41%) [My Passport] # NTFS
G: -> Disco extraíble # 4 Gb (2 Mb libre(s) – 41%) [ADATA UFD] # FAT32

################## | Procesos Parados |

Parado! C:WindowsExplorer.EXE (ID: 644 |ParentID: 628)
Parado! C:Windowssystem32ctfmon.exe (ID: 864 |ParentID: 644)
Parado! C:Windowssystem32DllHost.exe (ID: 1204 |ParentID: 612)
Parado! \?C:Windowssystem32wbemWMIADAP.EXE (ID: 1912 |ParentID: 784)

################## | Regedit Run |

HKLMSOFTWARE | Run : [Adobe Reader Speed Launcher] – “C:Program Files (x86)AdobeReader 10.0ReaderReader_sl.exe”
HKLMSOFTWARE | Run : [Adobe ARM] – “C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe”
HKLMSOFTWARE | Run : [StartCCC] – “C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticCLIStart.exe” MSRun
HKLMSOFTWARE | Run : [HDAudDeck] – C:Program Files (x86)VIAVIAudioiVDeckVDeck.exe -r
HKLMSOFTWARE | Run : [RemoteControl10] – “C:Program Files (x86)CyberLinkPowerDVD10PDVD10Serv.exe”
HKLMSOFTWARE | Run : [ASUSWebStorage] – C:Program Files (x86)ASUSWebStorage Sync Agent1.1.9.120AsusWSPanel.exe /S
HKLMSOFTWARE | Run : [AVP] – “C:Program Files (x86)Kaspersky LabKaspersky Internet Security 2013runner_avp.exe”
HKLMSOFTWAREwow6432Node | Run : [Adobe Reader Speed Launcher] – “C:Program Files (x86)AdobeReader 10.0ReaderReader_sl.exe”
HKLMSOFTWAREwow6432Node | Run : [Adobe ARM] – “C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe”
HKLMSOFTWAREwow6432Node | Run : [StartCCC] – “C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticCLIStart.exe” MSRun
HKLMSOFTWAREwow6432Node | Run : [HDAudDeck] – C:Program Files (x86)VIAVIAudioiVDeckVDeck.exe -r
HKLMSOFTWAREwow6432Node | Run : [RemoteControl10] – “C:Program Files (x86)CyberLinkPowerDVD10PDVD10Serv.exe”
HKLMSOFTWAREwow6432Node | Run : [ASUSWebStorage] – C:Program Files (x86)ASUSWebStorage Sync Agent1.1.9.120AsusWSPanel.exe /S
HKLMSOFTWAREwow6432Node | Run : [AVP] – “C:Program Files (x86)Kaspersky LabKaspersky Internet Security 2013runner_avp.exe”
HKLMSOFTWARE | RunOnce : [] –
HKLMSOFTWAREwow6432Node | RunOnce : [] –

################## | Búsqueda genérica |

(!) Archivos temporales suprimido.

################## | Registro |

Reparado ! HKLMSoftwareMicrosoftWindowsCurrentVersionPoliciesExplorer|NoActiveDesktop -> 0
Reparado ! HKLMSoftwareMicrosoftWindowsCurrentVersionPoliciesExplorer|NoActiveDesktopChanges -> 0

################## | Listing |

[19/10/2013 – 16:32:41 | SHD ] C:$Recycle.Bin
[23/10/2013 – 12:11:58 | D ] C:$SysReset
[30/10/2013 – 20:40:51 | D ] C:AdwCleaner
[19/10/2013 – 16:23:06 | SHD ] C:Archivos de programa
[05/10/2012 – 04:24:40 | D ] C:AsusVibeData
[04/08/2012 – 22:53:19 | SHD ] C:Boot
[25/07/2012 – 21:44:30 | RASH | 398156] C:bootmgr
[02/06/2012 – 08:30:55 | N | 1] C:BOOTNXT
[26/07/2012 – 01:22:08 | SHD ] C:Documents and Settings
[05/10/2012 – 04:19:58 | D ] C:eSupport
[31/10/2013 – 11:20:31 | ASH | 3081383936] C:hiberfil.sys
[31/10/2013 – 11:20:32 | ASH | 671088640] C:pagefile.sys
[26/07/2012 – 01:33:46 | D ] C:PerfLogs
[30/10/2013 – 21:07:57 | N | 512] C:PhysicalDisk0_MBR.bin
[19/10/2013 – 17:08:02 | D ] C:Program Files
[30/10/2013 – 20:53:16 | D ] C:Program Files (x86)
[30/10/2013 – 20:25:36 | HD ] C:ProgramData
[31/10/2013 – 11:20:32 | ASH | 268435456] C:swapfile.sys
[31/10/2013 – 09:58:44 | SHD ] C:System Volume Information
[31/10/2013 – 11:29:23 | D ] C:UsbFix
[31/10/2013 – 10:02:22 | N | 6892] C:UsbFix [Clean 1] RS.txt
[31/10/2013 – 11:33:27 | A | 4756] C:UsbFix [Clean 2] RS.txt
[19/10/2013 – 16:24:16 | RD ] C:Users
[31/10/2013 – 11:20:31 | D ] C:Windows
[25/10/2013 – 10:01:31 | D ] C:Windows.old
[21/08/2012 – 22:08:34 | N | 4196352] C:X45U.BIN
[21/08/2012 – 22:06:49 | N | 4196352] C:X55U.BIN
[19/05/2013 – 07:57:18 | SHD ] D:$RECYCLE.BIN
[04/09/2013 – 20:07:56 | SHD ] D:System Volume Information

################## | Vaccin |

(!) Este ordenador no está vacunado!

################## | E.O.F | http://www.usbfix.net” onclick=”window.open(this.href);return false; – https://www.sosvirus.net” onclick=”window.open(this.href);return false; |[/spoiler:13gq65d4]
(désolée, le rapport est en español…)
:bye: