Répondre à : vérification d’infection 2016-09-08T13:20:55+00:00
nadouche-3
Post count: 0

excuse moi je pensais que kink06 allais me répondre car je suis en lien avec lui sur un autre pc en se moment.
donc bonjour et merci de ton attention je suis vraiment dsl
alors voila le rapport
############################## | UsbFix V 7.152 | [Suppression]

Utilisateur: damss92 (Administrateur) # DAMSS92-TOSH
Mis à jour le 20/11/2013 par El Desaparecido – Team SosVirus
Lancé à 13:53:56 | 24/11/2013

Site Web : http://www.usbfix.net” onclick=”window.open(this.href);return false;
Forum : https://www.sosvirus.net/” onclick=”window.open(this.href);return false;
Upload Malware : upload_malware.php
Contact : http://www.usbfix.net/contact/” onclick=”window.open(this.href);return false;

PC: Intel Corporation (Oneonta Falls)
CPU: Intel(R) Core(TM) i5-2430M CPU @ 2.40GHz
RAM -> [Total : 4008 | Free : 2505]
Bios: American Megatrends Inc.
Boot: Normal boot

OS: Microsoft Windows 7 Édition Familiale Premium (6.1.7601 64-Bit) Service Pack 1
WB: Windows Internet Explorer : 10.0.9200.16721
WB: Google Chrome : 30.0.1599.101

SC: Security Center Service [Enabled]
WU: Windows Update Service [Enabled]
AV: avast! Antivirus [(!) Disabled | Updated]
AS: Windows Defender : 6.1.7600.16385 (win7_rtm.090713-1255)
FW: Windows FireWall Service [Enabled]

C: (%systemdrive%) -> Disque fixe # 349 Go (286 Go libre(s) – 82%) [WINDOWS] # NTFS
D: -> Disque fixe # 349 Go (335 Go libre(s) – 96%) [Data] # NTFS
E: -> CD-ROM

################## | Processus Stoppés |

Stoppé! C:Program FilesAVAST SoftwareAvastAvastSvc.exe (ID: 1288 |ParentID: 648)
Stoppé! C:Program FilesTOSHIBAFlashCardsTCrdMain.exe (ID: 2892 |ParentID: 1876)
Stoppé! C:Program FilesAVAST SoftwareAvastAvastUI.exe (ID: 4780 |ParentID: 4616)
Stoppé! C:Windowsexplorer.exe (ID: 6376 |ParentID: 412)
Stoppé! C:WindowsMicrosoft.NetFramework64v3.0WPFPresentationFontCache.exe (ID: 1100 |ParentID: 648)
Stoppé! C:Windowssystem32SearchIndexer.exe (ID: 5368 |ParentID: 648)
Stoppé! C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSVC.EXE (ID: 5180 |ParentID: 648)
Stoppé! C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSvcM.exe (ID: 6064 |ParentID: 5180)
Stoppé! C:Program Files (x86)IntelIntel(R) Management Engine ComponentsLMSLMS.exe (ID: 6596 |ParentID: 648)
Stoppé! C:Windowssystem32wuauclt.exe (ID: 3732 |ParentID: 116)
Stoppé! C:WindowsSysWOW64NOTEPAD.EXE (ID: 4540 |ParentID: 6640)
Stoppé! C:Program FilesWindows Media Playerwmpnetwk.exe (ID: 4236 |ParentID: 648)
Stoppé! C:WindowsSystem32spoolsv.exe (ID: 3716 |ParentID: 648)
Stoppé! C:Program FilesInternet Exploreriexplore.exe (ID: 4920 |ParentID: 5424)
Stoppé! C:Program Files (x86)Internet ExplorerIEXPLORE.EXE (ID: 5140 |ParentID: 4920)
Stoppé! C:Windowssystem32DllHost.exe (ID: 3764 |ParentID: 780)
Stoppé! C:Program Files (x86)GoogleGoogle ToolbarGoogleToolbarUser_32.exe (ID: 6924 |ParentID: 5140)
Stoppé! C:Program Files (x86)GoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe (ID: 2624 |ParentID: 780)
Stoppé! C:WindowsSystem32MsSpellCheckingFacility.exe (ID: 2580 |ParentID: 780)
Stoppé! C:Windowssystem32taskeng.exe (ID: 4696 |ParentID: 116)

################## | Regedit Run |

04 – HKLMSOFTWARE | Run : [Adobe ARM] – “C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe”
04 – HKLMSOFTWARE | Run : [NBAgent] – “c:Program Files (x86)NeroNero 10Nero BackItUpNBAgent.exe” /WinStart
04 – HKLMSOFTWARE | Run : [ToshibaServiceStation] – C:Program Files (x86)TOSHIBATOSHIBA Service StationToshibaServiceStation.exe /hide:60
04 – HKLMSOFTWARE | Run : [avast] – “C:Program FilesAVAST SoftwareAvastavastUI.exe” /nogui
04 – HKLMSOFTWAREwow6432Node | Run : [Adobe ARM] – “C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe”
04 – HKLMSOFTWAREwow6432Node | Run : [NBAgent] – “c:Program Files (x86)NeroNero 10Nero BackItUpNBAgent.exe” /WinStart
04 – HKLMSOFTWAREwow6432Node | Run : [ToshibaServiceStation] – C:Program Files (x86)TOSHIBATOSHIBA Service StationToshibaServiceStation.exe /hide:60
04 – HKLMSOFTWAREwow6432Node | Run : [avast] – “C:Program FilesAVAST SoftwareAvastavastUI.exe” /nogui
04 – HKLMSOFTWARE | RunOnce : [] –
04 – HKLMSOFTWAREwow6432Node | RunOnce : [] –
04 – HKUS-1-5-19SOFTWARE | Run : [Sidebar] – %ProgramFiles%Windows SidebarSidebar.exe /autoRun
04 – HKUS-1-5-19SOFTWARE | Run : [TOPI.EXE] – C:Program Files (x86)TOSHIBATOSHIBA Online Product Informationtopi.exe /STARTUP
04 – HKUS-1-5-20SOFTWARE | Run : [Sidebar] – %ProgramFiles%Windows SidebarSidebar.exe /autoRun
04 – HKUS-1-5-20SOFTWARE | Run : [TOPI.EXE] – C:Program Files (x86)TOSHIBATOSHIBA Online Product Informationtopi.exe /STARTUP
04 – HKUS-1-5-21-2874629607-4032696784-3974590594-1000SOFTWARE | Run : [TOPI.EXE] – C:Program Files (x86)TOSHIBATOSHIBA Online Product Informationtopi.exe /STAR
04 – HKUS-1-5-21-2874629607-4032696784-3974590594-1000SOFTWARE | Run : [swg] – “C:Program Files (x86)GoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe”
04 – HKUS-1-5-21-2874629607-4032696784-3974590594-1000SOFTWARE | Run : [BitTorrent] – “C:Usersdamss92AppDataRoamingBitTorrentBitTorrent.exe” /MINIMIZED
04 – HKUS-1-5-18SOFTWARE | Run : [TOPI.EXE] – C:Program Files (x86)TOSHIBATOSHIBA Online Product Informationtopi.exe /STARTUP
04 – HKUS-1-5-19SOFTWARE | RunOnce : [mctadmin] – C:WindowsSystem32mctadmin.exe
04 – HKUS-1-5-20SOFTWARE | RunOnce : [mctadmin] – C:WindowsSystem32mctadmin.exe

################## | Recherche générique |

Supprimé! C:Usersdamss92AppDataLocalTemputt5F8A.tmp.exe

(!) Fichiers temporaires supprimés.

################## | Registre |

Réparé ! HKLMSOFTWAREMicrosoftWindowsCurrentVersionPoliciesExplorer|NoActiveDesktop -> 0
Réparé ! HKLMSOFTWAREMicrosoftWindowsCurrentVersionPoliciesExplorer|NoActiveDesktopChanges -> 0
Supprimé! HKUS-1-5-21-2874629607-4032696784-3974590594-1000Software….Mountpoints2{43b1669e-0258-11e3-af51-386077bcf42c}

################## | Listing |

[27/07/2013 – 00:04:19 | SHD ] C:$RECYCLE.BIN
[24/10/2013 – 17:26:03 | SHD ] C:Config.Msi
[14/07/2009 – 06:08:56 | SHD ] C:Documents and Settings
[23/11/2013 – 03:55:05 | ASH | 3152003072] C:hiberfil.sys
[10/11/2011 – 09:12:33 | D ] C:Intel
[23/11/2013 – 03:55:28 | ASH | 4202672128] C:pagefile.sys
[14/07/2009 – 04:20:08 | D ] C:PerfLogs
[27/07/2013 – 04:49:02 | D ] C:Program Files
[22/11/2013 – 22:21:40 | D ] C:Program Files (x86)
[27/07/2013 – 04:40:59 | HD ] C:ProgramData
[10/11/2011 – 09:24:36 | N | 2212] C:RHDSetup.log
[23/08/2011 – 04:44:29 | N | 70] C:SWSTAMP.TXT
[22/11/2013 – 23:13:31 | SHD ] C:System Volume Information
[20/01/2012 – 16:34:01 | D ] C:Toshiba
[24/11/2013 – 13:54:14 | D ] C:UsbFix
[24/11/2013 – 13:54:16 | A | 6575] C:UsbFix [Clean 2] DAMSS92-TOSH.txt
[24/11/2013 – 13:38:56 | N | 10484] C:UsbFix [Scan 1] DAMSS92-TOSH.txt
[18/01/2012 – 18:17:33 | RD ] C:Users
[11/08/2013 – 09:23:30 | D ] C:Windows
[18/01/2012 – 18:20:00 | SHD ] D:$RECYCLE.BIN
[22/01/2012 – 20:08:58 | D ] D:11e2f730925687c4f192
[28/06/2011 – 01:40:04 | D ] D:HDDRecovery
[28/06/2011 – 04:48:34 | N | 11] D:R16420SO.tag
[10/11/2011 – 09:06:17 | SHD ] D:System Volume Information

################## | Vaccin |

(!) Cet ordinateur n’est pas vacciné!

################## | E.O.F | http://www.usbfix.net” onclick=”window.open(this.href);return false; – https://www.sosvirus.net” onclick=”window.open(this.href);return false; |