Répondre à : disque dur externe infecté que faire 2016-09-08T13:19:45+00:00
Tati
Participant
Post count: 11

############################## | UsbFix V 7.151 | [Suppression]

Utilisateur: Fathia2 (Administrateur) # FATHIA2-PC
Mis à jour le 19/11/2013 par El Desaparecido – Team SosVirus
Lancé à 00:03:49 | 21/04/2008

Site Web : http://www.usbfix.net” onclick=”window.open(this.href);return false;
Forum : https://www.sosvirus.net/” onclick=”window.open(this.href);return false;
Upload Malware : upload_malware.php
Contact : http://www.usbfix.net/contact/” onclick=”window.open(this.href);return false;

PC: LENOVO (SPEEDY )
CPU: Intel(R) Pentium(R) Dual CPU T2390 @ 1.86GHz
RAM -> [Total : 3071 | Free : 2366]
Bios: LENOVO
Boot: Normal boot

OS: Microsoft Windows 7 Édition Intégrale (6.1.7600 32-Bit)
WB: Windows Internet Explorer : 8.0.7600.16385

SC: Security Center Service [Enabled]
WU: Windows Update Service [Enabled]
AS: Windows Defender [Enabled | Updated]
AS: Windows Defender : 6.1.7600.16385 (win7_rtm.090713-1255)
AS: Malwarebytes’ Anti-Malware : 1.75.0001
FW: Windows FireWall Service [Enabled]

C: (%systemdrive%) -> Disque fixe # 15 Go (1010 Mo libre(s) – 7%) [] # NTFS
D: -> CD-ROM
E: -> Disque fixe # 466 Go (228 Go libre(s) – 49%) [] # NTFS

################## | Processus Stoppés |

Stoppé! C:WindowsSystem32spoolsv.exe (ID: 1352 |ParentID: 472)
Stoppé! C:Program FilesMalwarebytes’ Anti-Malwarembamscheduler.exe (ID: 1484 |ParentID: 472)
Stoppé! C:Program FilesMalwarebytes’ Anti-Malwarembamservice.exe (ID: 1532 |ParentID: 472)
Stoppé! C:Windowssystem32WUDFHost.exe (ID: 1824 |ParentID: 832)
Stoppé! C:Program FilesMalwarebytes’ Anti-Malwarembamgui.exe (ID: 1296 |ParentID: 1532)
Stoppé! C:Windowssystem32taskhost.exe (ID: 192 |ParentID: 472)
Stoppé! C:WindowsExplorer.EXE (ID: 848 |ParentID: 976)
Stoppé! C:Program FilesPDF Pro 10vspdfprsrv.exe (ID: 2008 |ParentID: 848)
Stoppé! C:Windowssystem32SearchIndexer.exe (ID: 1364 |ParentID: 472)
Stoppé! C:Program FilesWindows Media Playerwmpnetwk.exe (ID: 1804 |ParentID: 472)
Stoppé! C:Windowssystem32SearchProtocolHost.exe (ID: 2144 |ParentID: 1364)
Stoppé! C:Windowssystem32SearchFilterHost.exe (ID: 2184 |ParentID: 1364)
Stoppé! C:Windowssystem32sppsvc.exe (ID: 2548 |ParentID: 472)

################## | Regedit Run |

04 – HKLMSOFTWARE | Run : [vspdfprsrv.exe] – C:Program FilesPDF Pro 10vspdfprsrv.exe –background
04 – HKLMSOFTWARE | RunOnce : [] –
04 – HKUS-1-5-19SOFTWARE | Run : [Sidebar] – %ProgramFiles%Windows SidebarSidebar.exe /autoRun
04 – HKUS-1-5-20SOFTWARE | Run : [Sidebar] – %ProgramFiles%Windows SidebarSidebar.exe /autoRun
04 – HKUS-1-5-21-1447436994-609672689-3196038805-1000SOFTWARE | Run : [dauurov] – C:UsersFathia2dauurov.exe
04 – HKUS-1-5-19SOFTWARE | RunOnce : [mctadmin] – C:WindowsSystem32mctadmin.exe
04 – HKUS-1-5-20SOFTWARE | RunOnce : [mctadmin] – C:WindowsSystem32mctadmin.exe

################## | Recherche générique |