Répondre à : clé usb infectée? problème de raccourcis 2016-09-08T13:16:34+00:00
Photo du profil de tic-tac87tic-tac87
Participant
Post count: 13

alors voici le rapport de suppression.

par contre il n’y a que 3 clés, non 4, c’est une erreur de ma part

rapport:

############################## | UsbFix V 7.150 | [Recherche]

Utilisateur: user (Administrateur) # MARGAUX
Mis à jour le 08/11/2013 par El Desaparecido – Team SosVirus
Lancé à 10:29:47 | 11/11/2013

Site Web : http://www.usbfix.net” onclick=”window.open(this.href);return false;
Forum : https://www.sosvirus.net/” onclick=”window.open(this.href);return false;
Upload Malware : upload_malware.php
Contact : http://www.usbfix.net/contact/” onclick=”window.open(this.href);return false;

PC: ASUSTeK Computer INC. (N61Jv)
CPU: Intel(R) Core(TM) i3 CPU M 350 @ 2.27GHz
RAM -> [Total : 3886 | Free : 2100]
Bios: American Megatrends Inc.
Boot: Normal boot

OS: Microsoft Windows 7 Édition Familiale Premium (6.1.7601 64-Bit) Service Pack 1
WB: Windows Internet Explorer : 10.0.9200.16721
WB: Mozilla Firefox : 25.0

SC: Security Center Service [Enabled]
WU: Windows Update Service [Enabled]
AV: Bitdefender Antivirus [(!) Disabled | Updated]
AS: Windows Defender : 6.1.7600.16385 (win7_rtm.090713-1255)
FW: Windows FireWall Service [Enabled]

C: (%systemdrive%) -> Disque fixe # 116 Go (23 Go libre(s) – 19%) [OS] # NTFS
D: -> Disque fixe # 335 Go (292 Go libre(s) – 87%) [DATA] # NTFS
E: -> CD-ROM
F: -> Disque amovible # 7 Go (7 Go libre(s) – 99%) [MGX4] # NTFS
G: -> Disque amovible # 29 Go (29 Go libre(s) – 99%) [] # NTFS
H: -> Disque amovible # 2 Go (2 Go libre(s) – 96%) [MGX1] # FAT

################## | Processus Actif |

C:Windowssystem32csrss.exe (ID: 588 |ParentID: 488)
C:Windowssystem32wininit.exe (ID: 660 |ParentID: 488)
C:Windowssystem32csrss.exe (ID: 680 |ParentID: 668)
C:Windowssystem32services.exe (ID: 720 |ParentID: 660)
C:Windowssystem32lsass.exe (ID: 740 |ParentID: 660)
C:Windowssystem32lsm.exe (ID: 748 |ParentID: 660)
C:Windowssystem32svchost.exe (ID: 852 |ParentID: 720)
C:Program FilesBitdefenderBitdefender 2012vsserv.exe (ID: 908 |ParentID: 720)
C:Windowssystem32winlogon.exe (ID: 932 |ParentID: 668)
C:Windowssystem32svchost.exe (ID: 1216 |ParentID: 720)
C:WindowsSystem32svchost.exe (ID: 1508 |ParentID: 720)
C:WindowsSystem32svchost.exe (ID: 1548 |ParentID: 720)
C:Windowssystem32svchost.exe (ID: 1576 |ParentID: 720)
C:Windowssystem32svchost.exe (ID: 1612 |ParentID: 720)
C:Windowssystem32svchost.exe (ID: 1788 |ParentID: 720)
C:Windowssystem32svchost.exe (ID: 2244 |ParentID: 720)
C:Windowssystem32svchost.exe (ID: 2276 |ParentID: 720)
C:Windowssystem32svchost.exe (ID: 3040 |ParentID: 720)
C:Program FilesBitdefenderBitdefender 2012updatesrv.exe (ID: 2540 |ParentID: 720)
C:Program FilesBitdefenderBitdefender 2012bdagent.exe (ID: 3536 |ParentID: 3408)
C:Windowssystem32Dwm.exe (ID: 3576 |ParentID: 1548)
C:Windowssystem32wbemunsecapp.exe (ID: 3676 |ParentID: 852)
C:Windowssystem32svchost.exe (ID: 3848 |ParentID: 720)
C:WindowsSystem32svchost.exe (ID: 304 |ParentID: 720)
C:WindowsSystem32svchost.exe (ID: 6492 |ParentID: 720)
C:Windowssystem32svchost.exe (ID: 2068 |ParentID: 720)
C:Program FilesBitdefender60-Second Virus Scannerpdscan.exe (ID: 3224 |ParentID: 720)
C:Windowsexplorer.exe (ID: 3772 |ParentID: 932)
C:WindowsSystem32rundll32.exe (ID: 5892 |ParentID: 852)
C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSVC.EXE (ID: 2420 |ParentID: 720)
C:Program Files (x86)IntelIntel(R) Management Engine ComponentsLMSLMS.exe (ID: 4856 |ParentID: 720)
C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSvcM.exe (ID: 5168 |ParentID: 2420)
C:Windowssystem32SearchIndexer.exe (ID: 3620 |ParentID: 720)
C:Program FilesWindows Media Playerwmpnetwk.exe (ID: 2604 |ParentID: 720)
C:WindowsSystem32spoolsv.exe (ID: 3356 |ParentID: 720)
C:Program Files (x86)Common FilesAppleMobile Device SupportAppleMobileDeviceService.exe (ID: 3832 |ParentID: 720)
C:Program Files (x86)Mozilla Firefoxfirefox.exe (ID: 6508 |ParentID: 3772)
C:Program Files (x86)Mozilla Firefoxplugin-container.exe (ID: 5748 |ParentID: 6508)
C:WindowsSysWOW64MacromedFlashFlashPlayerPlugin_11_9_900_117.exe (ID: 4584 |ParentID: 5748)
C:WindowsSysWOW64MacromedFlashFlashPlayerPlugin_11_9_900_117.exe (ID: 6068 |ParentID: 4584)
C:Windowssystem32DllHost.exe (ID: 3860 |ParentID: 852)
C:Windowssystem32wbemwmiprvse.exe (ID: 4696 |ParentID: 852)
C:WindowsSystem32WUDFHost.exe (ID: 4828 |ParentID: 1548)
C:UsbFixGo.exe (ID: 2096 |ParentID: 5648)
C:Program FilesBitdefenderBitdefender 2012seccenter.exe (ID: 4064 |ParentID: 3536)
\?C:Windowssystem32wbemWMIADAP.EXE (ID: 6280 |ParentID: 1612)
C:Windowssystem32wbemwmiprvse.exe (ID: 2496 |ParentID: 852)

################## | Regedit Run |

04 – HKLMSOFTWARE | Run : [ATKOSD2] – C:Program Files (x86)ASUSATK PackageATKOSD2ATKOSD2.exe
04 – HKLMSOFTWARE | Run : [ATKMEDIA] – C:Program Files (x86)ASUSATK PackageATK MediaDMedia.exe
04 – HKLMSOFTWARE | Run : [HControlUser] – C:Program Files (x86)ASUSATK PackageATK HotkeyHControlUser.exe
04 – HKLMSOFTWARE | Run : [GBMLite8AgentLaCie] – C:Program Files (x86)LaCieGenie Backup AssistantGBMAgent.exe
04 – HKLMSOFTWARE | Run : [Adobe ARM] – “C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe”
04 – HKLMSOFTWARE | Run : [APSDaemon] – “C:Program Files (x86)Common FilesAppleApple Application SupportAPSDaemon.exe”
04 – HKLMSOFTWARE | Run : [HP Software Update] – C:Program Files (x86)HpHP Software UpdateHPWuSchd2.exe
04 – HKLMSOFTWARE | Run : [] –
04 – HKLMSOFTWARE | Run : [DivXMediaServer] – C:Program Files (x86)DivXDivX Media ServerDivXMediaServer.exe
04 – HKLMSOFTWARE | Run : [QuickTime Task] – “C:Program Files (x86)QuickTimeQTTask.exe” -atboottime
04 – HKLMSOFTWARE | Run : [DivXUpdate] – “C:Program Files (x86)DivXDivX UpdateDivXUpdate.exe” /CHECKNOW
04 – HKLMSOFTWAREwow6432Node | Run : [ATKOSD2] – C:Program Files (x86)ASUSATK PackageATKOSD2ATKOSD2.exe
04 – HKLMSOFTWAREwow6432Node | Run : [ATKMEDIA] – C:Program Files (x86)ASUSATK PackageATK MediaDMedia.exe
04 – HKLMSOFTWAREwow6432Node | Run : [HControlUser] – C:Program Files (x86)ASUSATK PackageATK HotkeyHControlUser.exe
04 – HKLMSOFTWAREwow6432Node | Run : [GBMLite8AgentLaCie] – C:Program Files (x86)LaCieGenie Backup AssistantGBMAgent.exe
04 – HKLMSOFTWAREwow6432Node | Run : [Adobe ARM] – “C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe”
04 – HKLMSOFTWAREwow6432Node | Run : [APSDaemon] – “C:Program Files (x86)Common FilesAppleApple Application SupportAPSDaemon.exe”
04 – HKLMSOFTWAREwow6432Node | Run : [HP Software Update] – C:Program Files (x86)HpHP Software UpdateHPWuSchd2.exe
04 – HKLMSOFTWAREwow6432Node | Run : [] –
04 – HKLMSOFTWAREwow6432Node | Run : [DivXMediaServer] – C:Program Files (x86)DivXDivX Media ServerDivXMediaServer.exe
04 – HKLMSOFTWAREwow6432Node | Run : [QuickTime Task] – “C:Program Files (x86)QuickTimeQTTask.exe” -atboottime
04 – HKLMSOFTWAREwow6432Node | Run : [DivXUpdate] – “C:Program Files (x86)DivXDivX UpdateDivXUpdate.exe” /CHECKNOW
04 – HKLMSOFTWARE | RunOnce : [] –
04 – HKLMSOFTWAREwow6432Node | RunOnce : [] –
04 – HKUS-1-5-19SOFTWARE | Run : [Sidebar] – %ProgramFiles%Windows SidebarSidebar.exe /autoRun
04 – HKUS-1-5-20SOFTWARE | Run : [Sidebar] – %ProgramFiles%Windows SidebarSidebar.exe /autoRun
04 – HKUS-1-5-21-748768015-2171451281-2236256235-1000SOFTWARE | Run : [msnmsgr] – “C:Program Files (x86)Windows LiveMessengermsnmsgr.exe” /background
04 – HKUS-1-5-21-748768015-2171451281-2236256235-1000SOFTWARE | Run : [SuperCopier2.exe] – C:Program Files (x86)SuperCopier2SuperCopier2.exe
04 – HKUS-1-5-21-748768015-2171451281-2236256235-1000SOFTWARE | Run : [Gadwin PrintScreen] – C:Program Files (x86)Gadwin SystemsPrintScreenPrintScreen.exe /nosplash
04 – HKUS-1-5-21-748768015-2171451281-2236256235-1000SOFTWARE | Run : [TomTomHOME.exe] – “C:Program Files (x86)TomTom HOME 2TomTomHOMERunner.exe”
04 – HKUS-1-5-21-748768015-2171451281-2236256235-1000SOFTWARE | Run : [GBMLite8AgentLaCie] – C:Program Files (x86)LaCieGenie Backup AssistantGBMAgent.exe
04 – HKUS-1-5-21-748768015-2171451281-2236256235-1000SOFTWARE | Run : [cacaoweb] – “C:UsersuserAppDataRoamingcacaowebcacaoweb.exe” -noplayer
04 – HKUS-1-5-21-748768015-2171451281-2236256235-1000SOFTWARE | Run : [iCloudServices] – C:Program Files (x86)Common FilesAppleInternet ServicesiCloudServices.exe
04 – HKUS-1-5-21-748768015-2171451281-2236256235-1000SOFTWARE | Run : [ApplePhotoStreams] – C:Program Files (x86)Common FilesAppleInternet ServicesApplePhotoStreams.exe
04 – HKUS-1-5-21-748768015-2171451281-2236256235-1000SOFTWARE | Run : [pdiface] – C:Program FilesBitdefender60-Second Virus Scannerpdiface.exe -noshow
04 – HKUS-1-5-19SOFTWARE | RunOnce : [mctadmin] – C:WindowsSystem32mctadmin.exe
04 – HKUS-1-5-20SOFTWARE | RunOnce : [mctadmin] – C:WindowsSystem32mctadmin.exe

################## | Recherche générique |

Présent! G:autorun.inf.lnk
Présent! H:Audrey Neuro 1.lnk
Présent! H:Audrey Neuro 2.lnk
Présent! H:Audrey Neuro 3.lnk
Présent! H:Audrey Psychopathologie de l’enfant.lnk
Présent! H:Patho ENFANT .lnk
Présent! H:psychopathologie de l’adulte cours .lnk
Présent! H:autorun.inf.lnk
Présent! G:iTunesHelper.vbe
Présent! H:iTunesHelper.vbe

################## | Référence de comparaison MD5 |

Md5 : 32BEF3BB4B558ADE6CF41113628FC86D -> G:iTunesHelper.vbe
Md5 : 32BEF3BB4B558ADE6CF41113628FC86D -> H:iTunesHelper.vbe

################## | Comparaison MD5 |

Présent! Md5 : 32BEF3BB4B558ADE6CF41113628FC86D -> G:iTunesHelper.vbe
Présent! Md5 : 32BEF3BB4B558ADE6CF41113628FC86D -> H:iTunesHelper.vbe

################## | Registre |

################## | Vaccin |

F:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
G:autorun.inf -> Vaccin créé par BitDefender USB Immunizer (BitDefender)
H:autorun.inf -> Vaccin créé par BitDefender USB Immunizer (BitDefender)

################## | E.O.F | http://www.usbfix.net” onclick=”window.open(this.href);return false; – https://www.sosvirus.net” onclick=”window.open(this.href);return false; |