SOSVirus : Dépannage PC Gratuit Forums Aide à la désinfection – Forum Virus Sécurité Infection clé Usb – Aide au décryptage de rapport UsbFix [Need Help] Répondre à : Infection clé Usb – Aide au décryptage de rapport UsbFix [Need Help]

victo24dord
Nombre d'articles : 0

Merci pour la réponse rapide :

############################## | UsbFix V 7.150 | [Suppression]

Utilisateur: Olivia (Administrateur) # OLIVIA-PC
Mis à jour le 08/11/2013 par El Desaparecido – Team SosVirus
Lancé à 23:43:50 | 12/11/2013

Site Web : http://www.usbfix.net” onclick=”window.open(this.href);return false;
Forum : https://www.sosvirus.net/” onclick=”window.open(this.href);return false;
Upload Malware : upload_malware.php
Contact : http://www.usbfix.net/contact/” onclick=”window.open(this.href);return false;

PC: SAMSUNG ELECTRONICS CO., LTD. (R530/R730 )
CPU: Pentium(R) Dual-Core CPU T4500 @ 2.30GHz
RAM -> [Total : 3033 | Free : 1616]
Bios: Phoenix Technologies Ltd.
Boot: Normal boot

OS: Microsoft Windows 7 Édition Familiale Premium (6.1.7601 32-Bit) Service Pack 1
WB: Windows Internet Explorer : 10.0.9200.16721
WB: Safari : 534.52.7

SC: Security Center Service [Enabled]
WU: Windows Update Service [Enabled]
AV: avast! Antivirus [(!) Disabled | Updated]
AS: Windows Defender : 6.1.7600.16385 (win7_rtm.090713-1255)
FW: Windows FireWall Service [Enabled]

C: (%systemdrive%) -> Disque fixe # 78 Go (3 Go libre(s) – 4%) [] # NTFS
D: -> Disque fixe # 200 Go (71 Go libre(s) – 36%) [] # NTFS
E: -> CD-ROM
F: -> Disque amovible # 7 Go (5 Go libre(s) – 69%) [SP UFD U2] # FAT32

################## | Processus Stoppés |

Stoppé! C:Program FilesAVAST SoftwareAvastAvastSvc.exe (ID: 1324 |ParentID: 580)
Stoppé! C:windowsSystem32WUDFHost.exe (ID: 5724 |ParentID: 968)
Stoppé! C:Program FilesTeamViewerVersion8TeamViewer_Service.exe (ID: 5488 |ParentID: 580)
Stoppé! C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSVC.EXE (ID: 5812 |ParentID: 580)
Stoppé! C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSvcM.exe (ID: 5788 |ParentID: 5812)
Stoppé! C:Program FilesWindows Media Playerwmpnetwk.exe (ID: 4908 |ParentID: 580)
Stoppé! C:windowssystem32SearchIndexer.exe (ID: 3844 |ParentID: 580)
Stoppé! C:windowssystem32SearchProtocolHost.exe (ID: 1972 |ParentID: 3844)
Stoppé! C:windowsSystem32spoolsv.exe (ID: 5128 |ParentID: 580)
Stoppé! C:Program FilesCommon FilesAppleMobile Device SupportAppleMobileDeviceService.exe (ID: 4504 |ParentID: 580)
Stoppé! C:windowsservicingTrustedInstaller.exe (ID: 2480 |ParentID: 580)
Stoppé! C:windowssystem32sppsvc.exe (ID: 5104 |ParentID: 580)
Stoppé! C:windowssystem32wbemWmiApSrv.exe (ID: 1924 |ParentID: 580)
Stoppé! C:windowssystem32taskhost.exe (ID: 460 |ParentID: 580)
Stoppé! C:windowssystem32taskeng.exe (ID: 4540 |ParentID: 1036)
Stoppé! C:windowsExplorer.EXE (ID: 4560 |ParentID: 4164)
Stoppé! C:windowssystem32taskeng.exe (ID: 5744 |ParentID: 1036)
Stoppé! C:Program FilesSynapticsSynTPSynTPEnh.exe (ID: 2676 |ParentID: 4560)
Stoppé! C:Program FilesAVAST SoftwareAvastAvastUI.exe (ID: 2664 |ParentID: 4560)
Stoppé! C:Program FilesWindows Sidebarsidebar.exe (ID: 2892 |ParentID: 4560)
Stoppé! C:WindowsSystem32wscript.exe (ID: 5472 |ParentID: 4560)
Stoppé! C:UsersOliviaAppDataRoamingDropboxbinDropbox.exe (ID: 2992 |ParentID: 4560)
Stoppé! C:Program FilesSynapticsSynTPSynTPHelper.exe (ID: 4100 |ParentID: 2676)
Stoppé! C:Program FilesTeamViewerVersion8TeamViewer.exe (ID: 4420 |ParentID: 4560)
Stoppé! C:Program FilesTeamViewerVersion8tv_w32.exe (ID: 6108 |ParentID: 5488)
Stoppé! c:program filesteamviewerversion8TeamViewer_Desktop.exe (ID: 5060 |ParentID: 5488)

################## | Regedit Run |

04 – HKLMSOFTWARE | Run : [SynTPEnh] – %ProgramFiles%SynapticsSynTPSynTPEnh.exe
04 – HKLMSOFTWARE | Run : [avast] – “C:Program FilesAVAST SoftwareAvastavastUI.exe” /nogui
04 – HKLMSOFTWARE | Run : [IgfxTray] – C:windowssystem32igfxtray.exe
04 – HKLMSOFTWARE | RunOnce : [AvgUninstallURL] – cmd.exe /c start http://www.avg.fr/fr.special-uninstallation-feedback-app?lic=SUFaUDItUkJSUFItN0dOTVUtQUJITjktU1A5Q1YtSQ” onclick=”window.open(this.href);return false;”&”inst=NzYtODM1Mjc5MjIzLVFJWDErNC1YMjAxMCsyLUZMMTArMS1UVUcrMy1MSUMrOC1TUDErMS1TUDFTMisxLVNVRCsxLVMxSSsxLVNVMysxLVNVM1QrMQ”&”prod=94″&”ver=10.0.1382
04 – HKLMSOFTWARE | RunOnce : [] –
04 – HKUS-1-5-19SOFTWARE | Run : [Sidebar] – %ProgramFiles%Windows SidebarSidebar.exe /autoRun
04 – HKUS-1-5-20SOFTWARE | Run : [Sidebar] – %ProgramFiles%Windows SidebarSidebar.exe /autoRun
04 – HKUS-1-5-21-3219418776-4157282183-555089908-1000SOFTWARE | Run : [Sidebar] – C:Program FilesWindows Sidebarsidebar.exe /autoRun
04 – HKUS-1-5-21-3219418776-4157282183-555089908-1000SOFTWARE | Run : [updat] – wscript.exe //B “C:UsersOliviaAppDataLocalTempupdat.vbs”
04 – HKUS-1-5-19SOFTWARE | RunOnce : [mctadmin] – C:WindowsSystem32mctadmin.exe
04 – HKUS-1-5-20SOFTWARE | RunOnce : [mctadmin] – C:WindowsSystem32mctadmin.exe

################## | Recherche générique |

Supprimé! C:UsersOliviaAppDataLocalTempupdat.vbs
Supprimé! C:UsersOliviaAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupupdat.vbs
Supprimé! F:updat.vbs
Supprimé! F:Cahier de texte 2nde.lnk
Supprimé! F:Cahier de texte SL.lnk
Supprimé! F:Formation.lnk
Supprimé! F:Internet.lnk
Supprimé! F:Ressources.lnk
Supprimé! F:Seconde.lnk
Supprimé! F:Tuteurs.lnk
Supprimé! F:Utilitaires.lnk
Supprimé! C:UsersOliviaAppDataLocalTemputt9F8.tmp.exe
Supprimé! C:UsersOliviaAppDataLocalTemputtE901.tmp.exe

(!) Fichiers temporaires supprimés.

################## | Référence de comparaison MD5 |

Md5 : 01C034D0EFFBF218689F6F4678AF63CC -> C:UsersOliviaAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupupdat.vbs
Md5 : 01C034D0EFFBF218689F6F4678AF63CC -> C:UsersOliviaAppDataLocalTempupdat.vbs
Md5 : 01C034D0EFFBF218689F6F4678AF63CC -> C:UsersOliviaAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupupdat.vbs
Md5 : 01C034D0EFFBF218689F6F4678AF63CC -> C:UsersOliviaAppDataLocalTempupdat.vbs
Md5 : 01C034D0EFFBF218689F6F4678AF63CC -> F:updat.vbs

################## | Comparaison MD5 |

################## | Registre |

Réparé ! HKLMSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem|ConsentPromptBehaviorAdmin -> 5
Supprimé! HKUS-1-5-21-3219418776-4157282183-555089908-1000SoftwareMicrosoftWindowsCurrentVersionRun|updat
Supprimé! HKUS-1-5-21-3219418776-4157282183-555089908-1000Software….Mountpoints2{c86865b5-f41c-11e1-a44a-002454c4baaa}

################## | Listing |

[27/11/2010 – 14:09:27 | D ] C:$AVG
[24/11/2010 – 20:17:11 | SHD ] C:$Recycle.Bin
[12/09/2013 – 17:09:59 | D ] C:AdwCleaner
[10/06/2009 – 22:42:20 | N | 24] C:autoexec.bat
[09/11/2013 – 23:02:20 | HD ] C:Config.Msi
[10/06/2009 – 22:42:20 | N | 10] C:config.sys
[14/07/2009 – 05:53:55 | SHD ] C:Documents and Settings
[28/06/2012 – 20:30:54 | N | 0] C:IO.SYS
[28/06/2012 – 20:30:54 | N | 0] C:MSDOS.SYS
[13/05/2011 – 21:19:27 | RHD ] C:MSOCache
[14/07/2009 – 03:37:05 | D ] C:PerfLogs
[18/10/2013 – 17:33:53 | D ] C:Program Files
[12/09/2013 – 17:09:48 | HD ] C:ProgramData
[24/11/2010 – 20:02:51 | SHD ] C:Recovery
[02/10/2012 – 23:29:04 | D ] C:sn0wbreeze
[12/11/2013 – 23:02:17 | SHD ] C:System Volume Information
[28/06/2012 – 20:30:51 | D ] C:Temp
[12/11/2013 – 23:46:56 | D ] C:UsbFix
[12/11/2013 – 23:38:43 | N | 5238] C:UsbFix [Clean 1] OLIVIA-PC.txt
[12/11/2013 – 23:46:59 | A | 7260] C:UsbFix [Clean 2] OLIVIA-PC.txt
[12/11/2013 – 23:08:24 | N | 8344] C:UsbFix [Scan 1] OLIVIA-PC.txt
[24/11/2010 – 20:04:09 | RD ] C:Users
[27/09/2013 – 18:13:53 | D ] C:Windows
[21/01/2012 – 22:35:16 | SHD ] D:$RECYCLE.BIN
[01/07/2013 – 15:21:41 | D ] D:Ma Musique
[06/10/2013 – 00:44:47 | D ] D:Mes images
[11/11/2013 – 14:31:27 | D ] D:Mes Vidéos
[12/11/2013 – 23:35:59 | ASH | 3179921408] D:pagefile.sys
[30/04/2013 – 12:12:42 | D ] D:Papier Australie
[15/04/2013 – 22:45:02 | D ] D:Programmes
[12/11/2013 – 22:06:09 | D ] D:Ressources
[24/11/2010 – 21:03:27 | SHD ] D:System Volume Information
[12/11/2013 – 23:00:44 | D ] D:Téléchargements
[12/11/2013 – 21:58:06 | D ] F:Formation
[12/11/2013 – 21:58:22 | D ] F:Internet
[12/11/2013 – 21:57:06 | D ] F:Ressources
[12/11/2013 – 21:56:34 | D ] F:Seconde
[12/11/2013 – 22:01:58 | D ] F:Tuteurs
[12/11/2013 – 22:29:40 | D ] F:Utilitaires
[12/11/2013 – 22:27:16 | N | 34143] F:Cahier de texte 2nde.docx
[12/11/2013 – 21:54:58 | N | 15071] F:Cahier de texte SL.docx

################## | Vaccin |

F:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)

################## | E.O.F | http://www.usbfix.net” onclick=”window.open(this.href);return false; – https://www.sosvirus.net” onclick=”window.open(this.href);return false; |