Répondre à : infection ordinateur par clé usb et micro SD 2016-09-08T13:13:21+00:00
Photo du profil de ChikoungouniaChikoungounia
Participant
Nombre d'articles : 10

Super, merci de la réactivité. L’ordinateur aura été nettoyé aussi ?

Voici le rapport après suppression :

############################## | UsbFix V 7.147 | [Suppression]

Utilisateur: Bastien (Administrateur) # BASTIEN-PC
Mis à jour le 30/10/2013 par El Desaparecido – Team SosVirus
Lancé à 19:38:33 | 01/11/2013

Site Web: http://www.usbfix.net/” onclick=”window.open(this.href);return false;
Forum : https://www.sosvirus.net/” onclick=”window.open(this.href);return false;
Upload Malware: upload_malware.php
Contact: http://www.usbfix.net/contact/” onclick=”window.open(this.href);return false;

PC: Acer (VA50_HC_HR)
CPU: Intel(R) Core(TM) i3-2310M CPU @ 2.10GHz
RAM -> [Total : 3932 | Free : 1303]
Bios: Acer
Boot: Normal boot

OS: Microsoft Windows 7 Édition Familiale Premium (6.1.7601 64-Bit) Service Pack 1
WB: Windows Internet Explorer : 10.0.9200.16721
WB: Mozilla Firefox : 24.0

SC: Security Center Service [Enabled]
WU: Windows Update Service [Enabled]
AV: Bitdefender Antivirus [Enabled | Updated]
AS: Windows Defender : 6.1.7600.16385 (win7_rtm.090713-1255)
FW: Windows FireWall Service [Enabled]

C: (%systemdrive%) -> Disque fixe # 681 Go (248 Go libre(s) – 36%) [Acer] # NTFS
D: -> CD-ROM
E: -> Disque amovible # 4 Go (778 Mo libre(s) – 21%) [] # FAT32

################## | Processus Stoppés |

Stoppé! C:Program FilesBitdefenderBitdefender 2013vsserv.exe (ID: 720 |ParentID: 956)
Stoppé! C:Windowssystem32nvvsvc.exe (ID: 1176 |ParentID: 956)
Stoppé! C:Windowssystem32WLANExt.exe (ID: 1732 |ParentID: 1364)
Stoppé! C:Windowssystem32conhost.exe (ID: 1740 |ParentID: 652)
Stoppé! C:Program FilesBroadcomBroadcom 802.11 Network AdapterWLTRYSVC.EXE (ID: 1832 |ParentID: 956)
Stoppé! C:Program FilesBroadcomBroadcom 802.11 Network Adapterbcmwltry.exe (ID: 1884 |ParentID: 1832)
Stoppé! C:WindowsSystem32spoolsv.exe (ID: 1936 |ParentID: 956)
Stoppé! C:Program Files (x86)Common FilesAdobeARM1.0armsvc.exe (ID: 1588 |ParentID: 956)
Stoppé! C:Program FilesNVIDIA CorporationDisplaynvxdsync.exe (ID: 1684 |ParentID: 1176)
Stoppé! C:Windowssystem32nvvsvc.exe (ID: 1744 |ParentID: 1176)
Stoppé! C:Windowssystem32taskhost.exe (ID: 2076 |ParentID: 956)
Stoppé! C:WindowsExplorer.EXE (ID: 2260 |ParentID: 2136)
Stoppé! C:Program Files (x86)Common FilesAppleMobile Device SupportAppleMobileDeviceService.exe (ID: 2352 |ParentID: 956)
Stoppé! C:Program FilesWIDCOMMBluetooth Softwarebtwdins.exe (ID: 2516 |ParentID: 956)
Stoppé! C:WindowsSystem32hkcmd.exe (ID: 2604 |ParentID: 2260)
Stoppé! C:Program Files (x86)Launch Managerdsiwmis.exe (ID: 2664 |ParentID: 956)
Stoppé! C:WindowsSystem32igfxpers.exe (ID: 2712 |ParentID: 2260)
Stoppé! C:Program FilesAcerAcer ePower ManagementePowerSvc.exe (ID: 2768 |ParentID: 956)
Stoppé! C:Program Files (x86)Launch ManagerLMworker.exe (ID: 2804 |ParentID: 2664)
Stoppé! C:Program Files (x86)Launch ManagerLMutilps32.exe (ID: 2840 |ParentID: 2664)
Stoppé! C:Program FilesRealtekAudioHDARAVCpl64.exe (ID: 2900 |ParentID: 2260)
Stoppé! C:Program FilesInteliCLS ClientHeciServer.exe (ID: 2912 |ParentID: 956)
Stoppé! C:Program FilesRealtekAudioHDARAVBg64.exe (ID: 2988 |ParentID: 2260)
Stoppé! C:Program Files (x86)IntelIntel(R) Management Engine ComponentsDALjhi_service.exe (ID: 3068 |ParentID: 956)
Stoppé! C:Program FilesAcerAcer UpdaterUpdaterService.exe (ID: 2688 |ParentID: 956)
Stoppé! C:Program FilesElantechETDCtrl.exe (ID: 1380 |ParentID: 2260)
Stoppé! C:Program FilesNVIDIA CorporationDisplaynvtray.exe (ID: 1328 |ParentID: 1684)
Stoppé! C:Program Files (x86)NTIAcer Backup ManagerIScheduleSvc.exe (ID: 3100 |ParentID: 956)
Stoppé! C:Program FilesAcerAcer ePower ManagementePowerTray.exe (ID: 3172 |ParentID: 2260)
Stoppé! C:Program Files (x86)Microsoft Application Virtualization Clientsftvsa.exe (ID: 3452 |ParentID: 956)
Stoppé! C:Program FilesBitdefenderBitdefender 2013bdagent.exe (ID: 3536 |ParentID: 2260)
Stoppé! C:Program Files (x86)RocketDockRocketDock.exe (ID: 3580 |ParentID: 2260)
Stoppé! C:Program FilesBitdefenderBitdefender 2013updatesrv.exe (ID: 3748 |ParentID: 956)
Stoppé! C:Program Files (x86)POST-NETPost-Net.exe (ID: 3828 |ParentID: 2260)
Stoppé! C:Program Files (x86)NTIAcer Backup ManagerBackupManagerTray.exe (ID: 3876 |ParentID: 3644)
Stoppé! C:Program Files (x86)Microsoft Application Virtualization Clientsftlist.exe (ID: 3888 |ParentID: 956)
Stoppé! C:Dolby PCEE4pcee4.exe (ID: 3944 |ParentID: 3644)
Stoppé! C:Program Files (x86)Launch ManagerLManager.exe (ID: 4068 |ParentID: 3644)
Stoppé! C:Program Files (x86)Common FilesJavaJava Updatejusched.exe (ID: 3164 |ParentID: 3644)
Stoppé! C:Program Files (x86)Launch ManagerMMDx64Fx.exe (ID: 2380 |ParentID: 4068)
Stoppé! C:Windowssystem32igfxext.exe (ID: 4108 |ParentID: 660)
Stoppé! C:Windowssystem32igfxsrvc.exe (ID: 4140 |ParentID: 660)
Stoppé! C:Program Files (x86)Common FilesMicrosoft SharedVirtualization HandlerCVHSVC.EXE (ID: 4424 |ParentID: 956)
Stoppé! C:Program FilesAcerAcer ePower ManagementePowerEvent.exe (ID: 4444 |ParentID: 2768)
Stoppé! C:Windowssystem32SearchIndexer.exe (ID: 4692 |ParentID: 956)
Stoppé! C:Program FilesElantechETDCtrlHelper.exe (ID: 5004 |ParentID: 1380)
Stoppé! C:Windowssystem32taskeng.exe (ID: 4940 |ParentID: 1508)
Stoppé! C:Program Files (x86)CyberLinkMediaEspressoDeviceDetectorDeviceDetector.exe (ID: 3304 |ParentID: 4940)
Stoppé! C:Program FilesAcerAcer Instant ServiceInstantUpdateiuBrowserIEAgent.exe (ID: 4672 |ParentID: 3500)
Stoppé! C:Program FilesAcerAcer Instant ServiceInstantUpdateiuEmailOutlookAgent.exe (ID: 4668 |ParentID: 3500)
Stoppé! C:Program Files (x86)IntelIntel(R) Rapid Storage TechnologyIAStorDataMgrSvc.exe (ID: 2724 |ParentID: 956)
Stoppé! C:Program Files (x86)IntelIntel(R) Management Engine ComponentsLMSLMS.exe (ID: 5236 |ParentID: 956)
Stoppé! C:WindowsSystem32WUDFHost.exe (ID: 5248 |ParentID: 1364)
Stoppé! C:Program Files (x86)NVIDIA CorporationNVIDIA Update Coredaemonu.exe (ID: 5416 |ParentID: 956)
Stoppé! C:Program Files (x86)IntelIntel(R) Management Engine ComponentsUNSUNS.exe (ID: 5692 |ParentID: 956)
Stoppé! C:Program FilesEgisTec IPSPMMUpdate.exe (ID: 6084 |ParentID: 4940)
Stoppé! C:Program FilesEgisTec IPSEgisUpdate.exe (ID: 3504 |ParentID: 5644)
Stoppé! C:Program Files (x86)Mozilla Firefoxfirefox.exe (ID: 3188 |ParentID: 3580)
Stoppé! C:WindowsSysWOW64NOTEPAD.EXE (ID: 6012 |ParentID: 3548)
Stoppé! C:Program Files (x86)Mozilla Firefoxplugin-container.exe (ID: 732 |ParentID: 3188)
Stoppé! C:WindowsSysWOW64MacromedFlashFlashPlayerPlugin_11_9_900_117.exe (ID: 5164 |ParentID: 732)
Stoppé! C:WindowsSysWOW64MacromedFlashFlashPlayerPlugin_11_9_900_117.exe (ID: 5972 |ParentID: 5164)

################## | Regedit Run |

HKLMSOFTWARE | Run : [SuiteTray] – “C:Program Files (x86)EgisTec MyWinLockerSuitex86SuiteTray.exe”
HKLMSOFTWARE | Run : [BackupManagerTray] – “C:Program Files (x86)NTIAcer Backup ManagerBackupManagerTray.exe” -h -k
HKLMSOFTWARE | Run : [Dolby Home Theater v4] – “C:Dolby PCEE4pcee4.exe” -autostart
HKLMSOFTWARE | Run : [LManager] – C:Program Files (x86)Launch ManagerLManager.exe
HKLMSOFTWARE | Run : [amd_dc_opt] – C:Program Files (x86)AMDDual-Core Optimizeramd_dc_opt.exe
HKLMSOFTWARE | Run : [Adobe ARM] – “C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe”
HKLMSOFTWARE | Run : [SunJavaUpdateSched] – “C:Program Files (x86)Common FilesJavaJava Updatejusched.exe”
HKLMSOFTWAREwow6432Node | Run : [SuiteTray] – “C:Program Files (x86)EgisTec MyWinLockerSuitex86SuiteTray.exe”
HKLMSOFTWAREwow6432Node | Run : [BackupManagerTray] – “C:Program Files (x86)NTIAcer Backup ManagerBackupManagerTray.exe” -h -k
HKLMSOFTWAREwow6432Node | Run : [Dolby Home Theater v4] – “C:Dolby PCEE4pcee4.exe” -autostart
HKLMSOFTWAREwow6432Node | Run : [LManager] – C:Program Files (x86)Launch ManagerLManager.exe
HKLMSOFTWAREwow6432Node | Run : [amd_dc_opt] – C:Program Files (x86)AMDDual-Core Optimizeramd_dc_opt.exe
HKLMSOFTWAREwow6432Node | Run : [Adobe ARM] – “C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe”
HKLMSOFTWAREwow6432Node | Run : [SunJavaUpdateSched] – “C:Program Files (x86)Common FilesJavaJava Updatejusched.exe”
HKLMSOFTWARE | RunOnce : [] –
HKLMSOFTWAREwow6432Node | RunOnce : [] –
HKUS-1-5-19SOFTWARE | Run : [Sidebar] – %ProgramFiles%Windows SidebarSidebar.exe /autoRun
HKUS-1-5-20SOFTWARE | Run : [Sidebar] – %ProgramFiles%Windows SidebarSidebar.exe /autoRun
HKUS-1-5-21-2788141995-2334679376-359312472-1002SOFTWARE | Run : [RocketDock] – “C:Program Files (x86)RocketDockRocketDock.exe”
HKUS-1-5-21-2788141995-2334679376-359312472-1002SOFTWARE | Run : [wqknxfwfzv] – wscript.exe //B “C:UsersBastienAppDataLocalTempwqknxfwfzv..vbs”
HKUS-1-5-19SOFTWARE | RunOnce : [mctadmin] – C:WindowsSystem32mctadmin.exe
HKUS-1-5-19SOFTWARE | RunOnce : [IsMyWinLockerReboot] – msiexec.exe /qn /x{voidguid}
HKUS-1-5-20SOFTWARE | RunOnce : [mctadmin] – C:WindowsSystem32mctadmin.exe
HKUS-1-5-20SOFTWARE | RunOnce : [IsMyWinLockerReboot] – msiexec.exe /qn /x{voidguid}
HKUS-1-5-18SOFTWARE | RunOnce : [IsMyWinLockerReboot] – msiexec.exe /qn /x{voidguid}

################## | Recherche générique |

Supprimé! E:.lnk
Supprimé! E:DCIM.lnk
Supprimé! E:MISC.lnk
Supprimé! E:PRIVATE.lnk
Supprimé! E:.Trashes.lnk
Supprimé! E:.TemporaryItems.lnk

(!) Fichiers temporaires supprimés.

################## | Registre |

Réparé ! HKLMSoftwareMicrosoftWindowsCurrentVersionPoliciesExplorer|NoActiveDesktop -> 0
Réparé ! HKLMSoftwareMicrosoftWindowsCurrentVersionPoliciesExplorer|NoActiveDesktopChanges -> 0
Supprimé! HKUS-1-5-21-2788141995-2334679376-359312472-1002Software….Mountpoints2{718ff0e7-eea8-11e1-86fd-08edb9f06f67}
Supprimé! HKUS-1-5-21-2788141995-2334679376-359312472-1002Software….Mountpoints2{7ccbaeaa-52ce-11e2-9f0b-b888e304b38a}

################## | Listing |

[22/08/2012 – 16:43:50 | SHD ] C:$Recycle.Bin
[15/09/2012 – 10:13:14 | N | 14323] C:AdwCleaner[R1].txt
[15/09/2012 – 10:13:39 | N | 14985] C:AdwCleaner[S1].txt
[01/11/2013 – 18:27:33 | N | 437599] C:bdlog.txt
[11/07/2012 – 18:58:44 | N | 2510608] C:bdr-bz01
[22/08/2012 – 17:59:35 | N | 874] C:bdr-cf01
[11/07/2012 – 18:59:03 | N | 37161560] C:bdr-im01.gz
[22/08/2012 – 17:59:35 | N | 253404] C:bdr-ld01
[22/08/2012 – 17:59:35 | N | 9216] C:bdr-ld01.mbr
[29/05/2012 – 17:45:26 | D ] C:book
[26/03/2012 – 08:17:38 | RASH | 8192] C:BOOTSECT.BAK
[14/07/2009 – 06:08:56 | SHD ] C:Documents and Settings
[05/04/2013 – 16:48:16 | D ] C:Dolby PCEE4
[01/11/2013 – 18:28:20 | ASH | 3092533248] C:hiberfil.sys
[29/05/2012 – 17:41:20 | D ] C:Intel
[20/09/2012 – 11:14:04 | RHD ] C:MSOCache
[22/08/2012 – 16:43:42 | D ] C:OEM
[01/11/2013 – 18:28:22 | ASH | 4123377664] C:pagefile.sys
[14/07/2009 – 04:20:08 | D ] C:PerfLogs
[22/09/2013 – 17:51:49 | D ] C:Program Files
[24/09/2013 – 10:59:41 | D ] C:Program Files (x86)
[24/09/2013 – 10:44:46 | HD ] C:ProgramData
[22/08/2012 – 16:38:48 | SHD ] C:Recovery
[01/11/2013 – 15:36:22 | SHD ] C:System Volume Information
[15/09/2012 – 10:07:40 | D ] C:ToolBar SD
[01/11/2013 – 19:40:50 | D ] C:UsbFix
[01/11/2013 – 19:43:42 | A | 11324] C:UsbFix [Clean 1] BASTIEN-PC.txt
[01/11/2013 – 18:48:12 | N | 11109] C:UsbFix [Scan 1] BASTIEN-PC.txt
[05/04/2013 – 17:24:34 | RD ] C:Users
[01/11/2013 – 15:28:26 | D ] C:Windows
[07/06/2013 – 15:56:17 | RAD ] D:AUDIO_TS
[07/06/2013 – 16:08:09 | RAD ] D:VIDEO_TS
[15/09/2013 – 22:15:16 | D ] E:DCIM
[15/09/2013 – 22:15:16 | D ] E:MISC
[15/09/2013 – 22:15:16 | D ] E:PRIVATE
[24/11/2012 – 18:32:22 | SH | 4096] E:._.Trashes
[24/11/2012 – 18:32:22 | SHD ] E:.Trashes
[24/11/2012 – 18:32:40 | SHD ] E:.TemporaryItems
[24/11/2012 – 18:32:40 | SH | 4096] E:._.TemporaryItems
[24/11/2012 – 18:32:40 | N | 293] E:.apdisk
[24/11/2012 – 18:32:40 | SH | 4096] E:._.apdisk

################## | Vaccin |

E:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)

################## | E.O.F | http://www.usbfix.net” onclick=”window.open(this.href);return false; – https://www.sosvirus.net” onclick=”window.open(this.href);return false; |