Répondre à : Rapport de scan de Usbfix – étape suivante 2016-09-08T13:19:40+00:00
Adnen
Participant
Post count: 11

Rebonjour et merci de votre réactivité.

S’agissant de McAfee, je vous informe que j’utilise la version 8.7i et je ne suis pas sûr qu’il rempli sa fonction comme il se doit. D’une part et après avoir lancé une mise à jour de la base de données, le fichier journal de McAfee signale ceci “Les mises à jour n’ont pas été appliquées parce que les packages n’étaient pas dans le référentiel : VSCANCEU1000, EXTRADAT1000” . D’autre part, à la fin de l’opération de mise à jour, ce même fichier journal indique ceci: “mise à jour réussie”. Est ce que c’est normal ?

Concernant notre scan avec USBFIX, j’ai bien suivi vos conseils (je n’était pas obligé de passer par le mode sans échec) et voici le contenu du rapport d’analyse.

Bien à vous!
Adnen

############################## | UsbFix V 7.151 | [Suppression]

Utilisateur: ADMIN (Administrateur) # ADMIN-PC
Mis à jour le 19/11/2013 par El Desaparecido – Team SosVirus
Lancé à 14:53:05 | 20/11/2013

Site Web : http://www.usbfix.net” onclick=”window.open(this.href);return false;
Forum : https://www.sosvirus.net/” onclick=”window.open(this.href);return false;
Upload Malware : upload_malware.php
Contact : http://www.usbfix.net/contact/” onclick=”window.open(this.href);return false;

PC: eMachines (eMachines E727 )
CPU: Pentium(R) Dual-Core CPU T4400 @ 2.20GHz
RAM -> [Total : 1978 | Free : 688]
Bios: eMachines
Boot: Normal boot

OS: Microsoft Windows 7 Professionnel N (6.1.7601 32-Bit) Service Pack 1
WB: Windows Internet Explorer : 11.0.9600.16428
WB: Google Chrome : 31.0.1650.57
WB: Mozilla Firefox : 18.0.2

SC: Security Center Service [Enabled]
WU: Windows Update Service [Enabled]
AS: Windows Defender [Enabled | Updated]
AS: Windows Defender : 6.1.7600.16385 (win7_rtm.090713-1255)
AS: Malwarebytes’ Anti-Malware : 1.75.0001
FW: Windows FireWall Service [Enabled]

C: (%systemdrive%) -> Disque fixe # 127 Go (72 Go libre(s) – 57%) [] # NTFS
D: -> Disque fixe # 103 Go (28 Go libre(s) – 27%) [Nouveau nom] # NTFS
E: -> CD-ROM
F: -> Disque fixe # 68 Go (65 Go libre(s) – 95%) [Nouveau nom] # NTFS

################## | Processus Stoppés |

Stoppé! C:WindowsSystem32spoolsv.exe (ID: 1424 |ParentID: 496)
Stoppé! C:Program FilesCommon FilesAdobeARM1.0armsvc.exe (ID: 1540 |ParentID: 496)
Stoppé! C:Program FilesMicrosoftBingBarSeaPort.EXE (ID: 1600 |ParentID: 496)
Stoppé! C:ProgramDataDatacardServiceDCService.exe (ID: 1644 |ParentID: 496)
Stoppé! C:Program FilesMcAfeeVirusScan EnterpriseEngineServer.exe (ID: 1728 |ParentID: 496)
Stoppé! C:Program FilesMcAfeeCommon FrameworkFrameworkService.exe (ID: 1776 |ParentID: 496)
Stoppé! C:Program FilesMcAfeeVirusScan EnterpriseVsTskMgr.exe (ID: 1844 |ParentID: 496)
Stoppé! C:Program FilesMcAfeeCommon FrameworknaPrdMgr.exe (ID: 1920 |ParentID: 680)
Stoppé! C:Program FilesCommon FilesMicrosoft SharedVS7DEBUGmdm.exe (ID: 1964 |ParentID: 496)
Stoppé! C:Windowssystem32mfevtps.exe (ID: 1992 |ParentID: 496)
Stoppé! C:UsersADMINAppDataLocalTorchUpdateTorchCrashHandler.exe (ID: 432 |ParentID: 496)
Stoppé! C:Program FilesYahoo!SoftwareUpdateYahooAUService.exe (ID: 356 |ParentID: 496)
Stoppé! C:Program FilesMcAfeeVirusScan EnterpriseMcshield.exe (ID: 908 |ParentID: 496)
Stoppé! C:Program FilesMcAfeeVirusScan Enterprisemfeann.exe (ID: 2072 |ParentID: 908)
Stoppé! C:Windowssystem32conhost.exe (ID: 2096 |ParentID: 384)
Stoppé! C:Windowssystem32taskhost.exe (ID: 2808 |ParentID: 496)
Stoppé! C:Program FilesGoogleUpdate1.3.21.165GoogleCrashHandler.exe (ID: 2908 |ParentID: 2760)
Stoppé! C:WindowsExplorer.EXE (ID: 2916 |ParentID: 2888)
Stoppé! C:ProgramDataDatacardServiceDCSHelper.exe (ID: 3004 |ParentID: 1644)
Stoppé! C:Program FilesMcAfeeCommon FrameworkUdaterUI.exe (ID: 3100 |ParentID: 2916)
Stoppé! C:Program FilesMcAfeeVirusScan Enterpriseshstat.exe (ID: 3116 |ParentID: 2916)
Stoppé! C:WindowsSystem32igfxtray.exe (ID: 3132 |ParentID: 2916)
Stoppé! C:Windowssystem32igfxsrvc.exe (ID: 3176 |ParentID: 680)
Stoppé! C:WindowsSystem32hkcmd.exe (ID: 3188 |ParentID: 2916)
Stoppé! C:WindowsSystem32igfxpers.exe (ID: 3240 |ParentID: 2916)
Stoppé! C:Program FilesCommon FilesCommon Desktop AgentCDASrv.exe (ID: 3296 |ParentID: 2916)
Stoppé! C:Program FilesRealrealplayerUpdaterealsched.exe (ID: 3320 |ParentID: 2916)
Stoppé! C:Program FilesMcAfeeCommon FrameworkMcTray.exe (ID: 3352 |ParentID: 3100)
Stoppé! C:Program FilesCommon FilesJavaJava Updatejusched.exe (ID: 3372 |ParentID: 2916)
Stoppé! C:Program FilesSmart ComputeResearcherResearcher.exe (ID: 3448 |ParentID: 2916)
Stoppé! C:UsersADMINAppDataLocaliexplorerBrowsers Monitoriexplorer_monitor.exe (ID: 3464 |ParentID: 2916)
Stoppé! C:Windowssystem32SearchIndexer.exe (ID: 4004 |ParentID: 496)
Stoppé! C:Program FilesSmart ComputeResearchersclc.exe (ID: 740 |ParentID: 3448)
Stoppé! C:Windowssystem32conhost.exe (ID: 776 |ParentID: 452)
Stoppé! C:Program FilesGoogleChromeApplicationchrome.exe (ID: 3080 |ParentID: 2916)
Stoppé! C:Program FilesGoogleChromeApplicationchrome.exe (ID: 4520 |ParentID: 3080)
Stoppé! C:Program FilesGoogleChromeApplicationchrome.exe (ID: 2716 |ParentID: 3080)
Stoppé! C:Program FilesGoogleChromeApplicationchrome.exe (ID: 1664 |ParentID: 3080)
Stoppé! C:Program FilesGoogleChromeApplicationchrome.exe (ID: 4040 |ParentID: 3080)
Stoppé! C:Program FilesGoogleChromeApplicationchrome.exe (ID: 5644 |ParentID: 3080)
Stoppé! C:Program FilesGoogleChromeApplicationchrome.exe (ID: 6112 |ParentID: 3080)
Stoppé! C:Program FilesGoogleChromeApplicationchrome.exe (ID: 1508 |ParentID: 3080)
Stoppé! C:Program FilesRealNetworksRealDownloaderrecordingmanager.exe (ID: 1280 |ParentID: 6112)
Stoppé! C:Program FilesGoogleChromeApplicationchrome.exe (ID: 4364 |ParentID: 3080)
Stoppé! C:Windowssystem32SearchProtocolHost.exe (ID: 5528 |ParentID: 4004)
Stoppé! C:Windowssystem32taskmgr.exe (ID: 5716 |ParentID: 2916)
Stoppé! C:Program FilesMcAfeeVirusScan Enterprisemcconsol.exe (ID: 1388 |ParentID: 3116)
Stoppé! C:Windowssystem32SearchFilterHost.exe (ID: 2768 |ParentID: 4004)
Stoppé! C:Program FilesGoogleChromeApplicationchrome.exe (ID: 4468 |ParentID: 3080)

################## | Regedit Run |

04 – HKLMSOFTWARE | Run : [McAfeeUpdaterUI] – “C:Program FilesMcAfeeCommon Frameworkudaterui.exe” /StartedFromRunKey
04 – HKLMSOFTWARE | Run : [ShStatEXE] – “C:Program FilesMcAfeeVirusScan EnterpriseSHSTAT.EXE” /STANDALONE
04 – HKLMSOFTWARE | Run : [] –
04 – HKLMSOFTWARE | Run : [IgfxTray] – C:Windowssystem32igfxtray.exe
04 – HKLMSOFTWARE | Run : [HotKeysCmds] – C:Windowssystem32hkcmd.exe
04 – HKLMSOFTWARE | Run : [Persistence] – C:Windowssystem32igfxpers.exe
04 – HKLMSOFTWARE | Run : [CDAServer] – C:Program FilesCommon FilesCommon Desktop AgentCDASrv.exe
04 – HKLMSOFTWARE | Run : [TkBellExe] – “C:Program FilesRealrealplayerupdaterealsched.exe” -osboot
04 – HKLMSOFTWARE | Run : [SunJavaUpdateSched] – “C:Program FilesCommon FilesJavaJava Updatejusched.exe”
04 – HKLMSOFTWARE | RunOnce : [] –
04 – HKUS-1-5-19SOFTWARE | Run : [Sidebar] – %ProgramFiles%Windows SidebarSidebar.exe /autoRun
04 – HKUS-1-5-20SOFTWARE | Run : [Sidebar] – %ProgramFiles%Windows SidebarSidebar.exe /autoRun
04 – HKUS-1-5-21-3455905214-2737271888-1687622489-1000SOFTWARE | Run : [DriverMax_RESTART] –
04 – HKUS-1-5-19SOFTWARE | RunOnce : [mctadmin] – C:WindowsSystem32mctadmin.exe
04 – HKUS-1-5-20SOFTWARE | RunOnce : [mctadmin] – C:WindowsSystem32mctadmin.exe

################## | Recherche générique |

(!) Fichiers temporaires supprimés.

################## | Registre |

Réparé ! HKLMSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem|EnableLUA -> 1
Réparé ! HKLMSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem|ConsentPromptBehaviorAdmin -> 5
Réparé ! HKCUSoftwareMicrosoftWindowsCurrentVersionExplorerAdvanced|Start_ShowMyGames -> 1
Supprimé! HKUS-1-5-21-3455905214-2737271888-1687622489-1000Software….Mountpoints2{3a78d151-fecc-11e2-ba40-705ab6ed8130}
Supprimé! HKUS-1-5-21-3455905214-2737271888-1687622489-1000Software….Mountpoints2{69429c3e-6533-11e1-b070-705ab6ed8130}
Supprimé! HKUS-1-5-21-3455905214-2737271888-1687622489-1000Software….Mountpoints2{8888ca34-37a5-11e0-b896-705ab6ed8130}

################## | Listing |

[13/02/2011 – 20:18:25 | SHD ] C:$Recycle.Bin
[03/02/2011 – 15:27:04 | D ] C:aceee71d77a6ebdb44063
[28/09/2013 – 23:16:46 | D ] C:AdwCleaner
[06/06/2013 – 22:23:14 | N | 18718] C:AdwCleaner[R1].txt
[06/06/2013 – 22:37:12 | N | 1376] C:AdwCleaner[R2].txt
[06/06/2013 – 22:22:41 | N | 437] C:AdwCleaner[S1].txt
[06/06/2013 – 22:25:38 | N | 17662] C:AdwCleaner[S2].txt
[07/06/2013 – 11:00:15 | D ] C:Arij_5ème_bis
[10/06/2009 – 22:42:20 | N | 24] C:autoexec.bat
[14/10/2012 – 00:39:36 | D ] C:CamersoftOutput
[19/11/2013 – 10:26:53 | SHD ] C:Config.Msi
[10/06/2009 – 22:42:20 | N | 10] C:config.sys
[14/07/2009 – 05:17:42 | SHD ] C:Documents and Settings
[07/11/2007 – 08:00:40 | N | 17734] C:eula.1028.txt
[07/11/2007 – 08:00:40 | N | 17734] C:eula.1031.txt
[07/11/2007 – 08:00:40 | N | 10134] C:eula.1033.txt
[07/11/2007 – 08:00:40 | N | 17734] C:eula.1036.txt
[07/11/2007 – 08:00:40 | N | 17734] C:eula.1040.txt
[07/11/2007 – 08:00:40 | N | 118] C:eula.1041.txt
[07/11/2007 – 08:00:40 | N | 17734] C:eula.1042.txt
[07/11/2007 – 08:00:40 | N | 17734] C:eula.2052.txt
[07/11/2007 – 08:00:40 | N | 17734] C:eula.3082.txt
[05/07/2013 – 01:12:22 | D ] C:Fatiha_convertie en mp3
[07/11/2007 – 08:00:40 | N | 1110] C:globdata.ini
[20/11/2013 – 13:41:19 | ASH | 1555537920] C:hiberfil.sys
[13/02/2011 – 20:26:32 | D ] C:IDE
[07/11/2007 – 08:03:18 | N | 562688] C:install.exe
[07/11/2007 – 08:00:40 | N | 843] C:install.ini
[07/11/2007 – 08:03:18 | N | 76304] C:install.res.1028.dll
[07/11/2007 – 08:03:18 | N | 96272] C:install.res.1031.dll
[07/11/2007 – 08:03:18 | N | 91152] C:install.res.1033.dll
[07/11/2007 – 08:03:18 | N | 97296] C:install.res.1036.dll
[07/11/2007 – 08:03:18 | N | 95248] C:install.res.1040.dll
[07/11/2007 – 08:03:18 | N | 81424] C:install.res.1041.dll
[07/11/2007 – 08:03:18 | N | 79888] C:install.res.1042.dll
[07/11/2007 – 08:03:18 | N | 75792] C:install.res.2052.dll
[07/11/2007 – 08:03:18 | N | 96272] C:install.res.3082.dll
[09/02/2013 – 20:37:21 | D ] C:Intel
[07/11/2011 – 18:01:48 | N | 0] C:IO.SYS
[03/07/2011 – 21:13:54 | D ] C:Kao
[11/06/2011 – 18:33:53 | D ] C:Kissas coran 1
[11/06/2011 – 18:36:09 | D ] C:kissas coran 2
[07/11/2011 – 18:01:48 | N | 0] C:MSDOS.SYS
[03/02/2011 – 08:58:59 | RHD ] C:MSOCache
[20/11/2013 – 13:41:25 | ASH | 2074054656] C:pagefile.sys
[14/07/2009 – 03:37:05 | D ] C:PerfLogs
[30/03/2012 – 21:16:23 | D ] C:PFiles
[30/06/2011 – 10:23:46 | D ] C:Photos
[06/10/2012 – 12:01:38 | D ] C:Portable Adnen_28-03-11
[03/07/2011 – 21:47:13 | D ] C:portable arij
[01/11/2013 – 15:23:12 | D ] C:Program Files
[13/02/2011 – 19:00:12 | D ] C:Program Files (x86)
[20/11/2013 – 09:16:31 | HD ] C:ProgramData
[13/10/2013 – 20:04:13 | D ] C:QUARANTINE
[13/02/2011 – 20:17:53 | SHD ] C:Recovery
[19/11/2013 – 07:20:47 | SHD ] C:System Volume Information
[02/04/2012 – 19:46:30 | D ] C:temp
[20/11/2013 – 14:53:34 | D ] C:UsbFix
[20/11/2013 – 14:51:27 | N | 1300] C:UsbFix [Clean 1] ADMIN-PC.txt
[20/11/2013 – 14:56:22 | A | 10809] C:UsbFix [Clean 3] ADMIN-PC.txt
[20/11/2013 – 11:56:41 | N | 21670] C:UsbFix [Scan 1] ADMIN-PC.txt
[13/02/2011 – 20:18:09 | RD ] C:Users
[07/11/2007 – 08:00:40 | N | 5686] C:vcredist.bmp
[07/11/2007 – 08:09:22 | N | 1442522] C:VC_RED.cab
[07/11/2007 – 08:12:28 | N | 232960] C:VC_RED.MSI
[14/11/2013 – 08:24:29 | D ] C:Windows
[13/02/2011 – 20:18:25 | SHD ] D:$RECYCLE.BIN
[12/11/2013 – 10:42:16 | D ] D:00000__fichiers et répertoires de bureau utiles_12-02-13
[16/09/2013 – 23:20:56 | D ] D:0000__Divers raccourcis
[14/03/2013 – 20:45:53 | D ] D:0000__Fichiers Scannés divers
[18/12/2012 – 09:14:14 | D ] D:0000__Recherche du lundi 17-12-12__dimensionnemnt des trottoirs en béton
[07/08/2011 – 20:26:49 | D ] D:1111_Hikayettes El A3irwi
[01/01/2013 – 15:25:35 | D ] D:1111___Nouveau dossier_fichiers de windows-prefetch
[13/10/2013 – 20:06:30 | D ] D:222222___Phlébite_Embolie pulmonnaire
[09/05/2013 – 05:49:16 | D ] D:33333333__Divers 2_Adnen
[07/06/2013 – 10:34:29 | D ] D:3333333___Adnen_prov_juin 2013_1
[05/08/2013 – 17:13:20 | D ] D:3333333___Adnen_prov_juin 2013_2
[19/04/2012 – 19:50:30 | D ] D:Adnen à organisé
[18/01/2012 – 06:20:30 | D ] D:Ancien_Fichiers_Utiles
[29/06/2011 – 21:38:05 | D ] D:Antivirus_Avast_Free
[12/02/2012 – 20:51:53 | D ] D:Axes de Sejnane
[10/06/2013 – 23:54:05 | D ] D:Ayach_envoi du 10-06-13
[08/01/2012 – 22:01:05 | D ] D:BIRD
[13/10/2013 – 20:55:34 | D ] D:CD_Le Grand Livre des Modèles de Lettres
[07/06/2013 – 11:07:29 | D ] D:Chansons_Adnen
[25/05/2013 – 07:20:31 | D ] D:CNAM_Divers Imprimés
[14/03/2012 – 16:04:07 | D ] D:Comparaison Acier & Fonte
[20/03/2012 – 09:57:12 | D ] D:Concours SONEDE
[11/08/2012 – 09:58:27 | D ] D:Contenu du Flash Twinmos_Aout 2012
[31/08/2013 – 09:44:31 | D ] D:CV et lettres de motivation_conseils bons
[12/07/2011 – 00:39:05 | D ] D:Cédric_Tchad
[22/10/2013 – 14:46:53 | D ] D:Divertissement
[31/08/2013 – 09:34:43 | D ] D:Divertissment_2
[31/12/2011 – 15:56:39 | D ] D:Facebook_Téléchargements
[15/03/2012 – 08:47:34 | D ] D:Fichier_exe
[06/08/2013 – 23:31:31 | D ] D:Fifa13_fichiers téléchargés
[24/05/2013 – 22:14:52 | D ] D:Flash Disk mama kaki_Mai 2013
[04/03/2012 – 17:29:36 | D ] D:Flash_twinmos_02_2012
[07/08/2013 – 15:11:52 | D ] D:Games
[15/05/2013 – 10:56:35 | D ] D:Kaki_travail
[11/10/2012 – 19:15:09 | N | 10897] D:Liste_Kadhia_hebdomadaire.xlsx
[06/10/2013 – 06:16:03 | D ] D:Logiciels_Divers
[08/04/2012 – 21:04:03 | D ] D:Maher Maikli
[31/08/2013 – 09:46:30 | D ] D:Mails personnels
[15/05/2013 – 10:53:18 | D ] D:Mission en Mauritanie_Février 2012
[14/05/2013 – 18:37:24 | D ] D:Personnel + photos de famille
[15/04/2012 – 17:36:27 | D ] D:rappoort PDF
[29/06/2011 – 21:04:43 | D ] D:Rawi3 kaki MP3
[30/10/2011 – 16:43:40 | D ] D:Réhabilitation des stations de traitement_AFD_Production
[13/03/2012 – 02:43:34 | D ] D:Sauvegarde_Portable_avec PC suite_Février 2011
[09/11/2012 – 10:29:26 | D ] D:Scolaire_Louled
[15/04/2012 – 17:45:30 | D ] D:ST4
[13/02/2011 – 16:02:22 | SHD ] D:System Volume Information
[09/12/2012 – 09:21:14 | D ] D:transfert_docs_Mauritanie
[09/12/2012 – 09:21:39 | D ] D:Utiles_Divers_1
[28/12/2012 – 09:59:37 | D ] D:Utiles_Divers_2
[10/02/2012 – 22:06:42 | D ] D:Variante_1_10-02-12
[13/02/2011 – 21:14:23 | D ] D:Wireless_Atheros_v.7.6.0.264
[13/02/2011 – 21:09:13 | N | 5539297] D:Wireless_Atheros_v.7.6.0.264.zip
[11/05/2013 – 06:17:17 | D ] D:ZZZ__Divers Tunis _Mai 2013
[04/01/2013 – 21:57:31 | D ] D:ZZZ__Photos__Chinguitel_04-01-2013
[04/01/2013 – 22:50:35 | D ] D:ZZZ__Photos__Mauritel_04-01-2013
[06/08/2013 – 20:13:41 | SHD ] F:$RECYCLE.BIN
[29/10/2013 – 15:55:54 | D ] F:_Travail
[07/10/2013 – 20:04:25 | D ] F:1111__Nouveau dossier relatifs à EPANET
[03/10/2013 – 17:43:01 | D ] F:2222_provisoire
[30/09/2013 – 08:20:33 | D ] F:Anciens projets_utiles
[28/09/2013 – 23:39:14 | N | 390183] F:favoris_28_09_13.html
[10/10/2013 – 07:57:25 | D ] F:Flash_H2020_Octobre 2013
[04/11/2013 – 16:27:03 | N | 1201082] F:Fndae27.pdf
[27/10/2013 – 07:33:44 | N | 3884965] F:site ajurry.com- ????? ??? ??????.pdf
[06/08/2013 – 20:13:30 | SHD ] F:System Volume Information
[20/09/2013 – 07:48:01 | N | 14207] F:ugp1.docx

################## | Vaccin |

(!) Cet ordinateur n’est pas vacciné!

################## | E.O.F | http://www.usbfix.net” onclick=”window.open(this.href);return false; – https://www.sosvirus.net” onclick=”window.open(this.href);return false; |