Répondre à : Carte mémoire infecté 2016-09-08T13:23:30+00:00
kosovo
Participant
Post count: 1

bonjour,
Merci pour ta réponse et voici le rapport :

############################## | UsbFix V 7.152 | [Suppression]

Utilisateur: Kosovo1 (Administrateur) # KOSOVO
Mis à jour le 20/11/2013 par El Desaparecido – Team SosVirus
Lancé à 16:29:08 | 05/12/2013

Site Web : http://www.usbfix.net” onclick=”window.open(this.href);return false;
Forum : https://www.sosvirus.net/” onclick=”window.open(this.href);return false;
Upload Malware : upload_malware.php
Contact : http://www.usbfix.net/contact/” onclick=”window.open(this.href);return false;

PC: Micro-Star International Co., Ltd. (MS-16GA)
CPU: Intel(R) Core(TM) i5-3230M CPU @ 2.60GHz
RAM -> [Total : 3993 | Free : 2505]
Bios: American Megatrends Inc.
Boot: Normal boot

OS: Microsoft Windows 8 Professionnel (6.2.9200 64-Bit)
WB: Windows Internet Explorer : 10.0.9200.16384
WB: Google Chrome : 31.0.1650.57

SC: Security Center Service [Enabled]
WU: Windows Update Service [(!) Disabled]
AV: AVG AntiVirus Free Edition 2014 [Enabled | Updated]
AS: Windows Defender : 4.0.9200.16384 (win8_rtm.120725-1247)
FW: Windows FireWall Service [Enabled]

C: (%systemdrive%) -> Disque fixe # 146 Go (47 Go libre(s) – 32%) [] # NTFS
D: -> Disque fixe # 319 Go (238 Go libre(s) – 75%) [] # NTFS
E: -> CD-ROM
F: -> CD-ROM
G: -> Disque amovible # 7 Go (7 Go libre(s) – 99%) [] # FAT32

################## | Processus Stoppés |

Stoppé! C:Program Files (x86)AVGAVG2014avgidsagent.exe (ID: 2716 |ParentID: 644)
Stoppé! C:Program Files (x86)AVGAVG2014avgwdsvc.exe (ID: 440 |ParentID: 644)
Stoppé! C:Program Files (x86)AVGAVG2014avgnsa.exe (ID: 6748 |ParentID: 440)
Stoppé! C:Program Files (x86)AVGAVG2014avgemca.exe (ID: 708 |ParentID: 440)
Stoppé! C:Program Files (x86)AVGAVG2014avgrsa.exe (ID: 6924 |ParentID: 440)
Stoppé! C:Program Files (x86)AVGAVG2014avgcsrva.exe (ID: 6364 |ParentID: 6924)
Stoppé! C:Program Files (x86)AVGAVG2014avgui.exe (ID: 4608 |ParentID: 7624)
Stoppé! C:Windowsexplorer.exe (ID: 9156 |ParentID: 6556)
Stoppé! C:WindowsSystem32spoolsv.exe (ID: 9452 |ParentID: 644)
Stoppé! C:Program Files (x86)TeamViewerVersion8TeamViewer_Service.exe (ID: 1812 |ParentID: 644)
Stoppé! C:Windowssystem32DllHost.exe (ID: 3816 |ParentID: 760)
Stoppé! C:Program Filesma-config.comMaConfigAgent.exe (ID: 8064 |ParentID: 644)
Stoppé! C:Windowssystem32SearchIndexer.exe (ID: 5668 |ParentID: 644)
Stoppé! C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID: 6180 |ParentID: 7620)
Stoppé! C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID: 4928 |ParentID: 6180)
Stoppé! C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID: 6532 |ParentID: 6180)
Stoppé! C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID: 2508 |ParentID: 6180)
Stoppé! C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID: 1792 |ParentID: 6180)
Stoppé! C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID: 5428 |ParentID: 6180)
Stoppé! C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID: 3060 |ParentID: 6180)
Stoppé! C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID: 2492 |ParentID: 6180)
Stoppé! C:Windowssystem32msiexec.exe (ID: 1068 |ParentID: 644)

################## | Regedit Run |

04 – HKLMSOFTWARE | Run : [SunJavaUpdateSched] – “C:Program Files (x86)Common FilesJavaJava Updatejusched.exe”
04 – HKLMSOFTWARE | Run : [AVG_UI] – “C:Program Files (x86)AVGAVG2014avgui.exe” /TRAYONLY
04 – HKLMSOFTWAREwow6432Node | Run : [SunJavaUpdateSched] – “C:Program Files (x86)Common FilesJavaJava Updatejusched.exe”
04 – HKLMSOFTWAREwow6432Node | Run : [AVG_UI] – “C:Program Files (x86)AVGAVG2014avgui.exe” /TRAYONLY
04 – HKLMSOFTWARE | RunOnce : [] –
04 – HKLMSOFTWAREwow6432Node | RunOnce : [] –
04 – HKUS-1-5-21-73403890-3184686911-3893120102-1001SOFTWARE | Run : [uTorrent] – “C:UsersKosovo1AppDataRoaminguTorrentuTorrent.exe” /MINIMIZED
04 – HKUS-1-5-21-73403890-3184686911-3893120102-1001SOFTWARE | Run : [DAEMON Tools Lite] – “C:Program Files (x86)DAEMON Tools LiteDTLite.exe” -autorun
04 – HKUS-1-5-21-73403890-3184686911-3893120102-1001SOFTWARE | Run : [AppsHat] – C:UsersKosovo1AppDataLocalWebPlayerAppsHatWebPlayer.exe
04 – HKUS-1-5-21-73403890-3184686911-3893120102-1001SOFTWARE | Run : [Apps Hat] – C:UsersKosovo1AppDataLocalWebPlayerAppsHatWebPlayer.exe
04 – HKUS-1-5-21-73403890-3184686911-3893120102-1001SOFTWARE | Run : [EADM] – “C:Program Files (x86)OriginOrigin.exe” -AutoStart
04 – HKUS-1-5-21-73403890-3184686911-3893120102-1001SOFTWARE | Run : [install_flashplayer] – wscript.exe //B “C:UsersKosovo1AppDataLocalTempinstall_flashplayer.vbs”

################## | Recherche générique |

Supprimé! C:UsersKosovo1AppDataLocalTemputtFF1F.tmp.exe
Non supprimé ! F:autorun.inf

(!) Fichiers temporaires supprimés.

################## | Registre |

Réparé ! HKLMSOFTWAREMicrosoftWindowsCurrentVersionPoliciesExplorer|NoActiveDesktop -> 0
Réparé ! HKLMSOFTWAREMicrosoftWindowsCurrentVersionPoliciesExplorer|NoActiveDesktopChanges -> 0
Supprimé! HKUS-1-5-21-73403890-3184686911-3893120102-1001Software….Mountpoints2{7621f3dc-2569-11e3-be6b-8c89a50b1649}

################## | Listing |

[05/12/2013 – 15:05:35 | D ] C:$AVG
[23/09/2013 – 19:20:06 | SHD ] C:$Recycle.Bin
[24/10/2013 – 12:24:46 | D ] C:$WINDOWS.~BT
[10/06/2009 – 22:42:20 | N | 24] C:autoexec.bat
[26/07/2012 – 04:44:30 | RASH | 398156] C:bootmgr
[02/06/2012 – 15:30:55 | N | 1] C:BOOTNXT
[10/06/2009 – 22:42:20 | N | 10] C:config.sys
[26/07/2012 – 08:22:08 | SHD ] C:Documents and Settings
[04/12/2013 – 19:32:59 | ASH | 3349520384] C:hiberfil.sys
[20/09/2013 – 03:47:03 | D ] C:Intel
[26/09/2013 – 21:23:07 | RHD ] C:MSOCache
[21/09/2013 – 16:38:28 | D ] C:NVIDIA
[04/12/2013 – 19:33:07 | ASH | 1207959552] C:pagefile.sys
[26/07/2012 – 08:33:46 | D ] C:PerfLogs
[05/12/2013 – 16:22:43 | N | 512] C:PhysicalDisk0_MBR.bin
[24/10/2013 – 12:34:15 | D ] C:Program Files
[05/12/2013 – 16:19:30 | D ] C:Program Files (x86)
[05/12/2013 – 15:05:35 | HD ] C:ProgramData
[21/09/2013 – 21:29:58 | SHD ] C:Recovery
[21/09/2013 – 22:04:22 | N | 1118] C:Settings.ini
[04/12/2013 – 19:33:08 | ASH | 268435456] C:swapfile.sys
[05/12/2013 – 15:05:24 | SHD ] C:System Volume Information
[05/12/2013 – 16:29:27 | D ] C:UsbFix
[05/12/2013 – 16:29:42 | A | 6331] C:UsbFix [Clean 2] KOSOVO.txt
[05/12/2013 – 16:04:50 | N | 10257] C:UsbFix [Scan 1] KOSOVO.txt
[04/12/2013 – 20:28:59 | RD ] C:Users
[04/12/2013 – 20:29:08 | D ] C:Windows
[21/09/2013 – 22:16:28 | D ] C:Windows.old
[20/09/2013 – 03:41:25 | SHD ] D:$RECYCLE.BIN
[22/11/2013 – 21:00:27 | N | 1796934343] D:2.Guns.2013.mkv
[06/11/2013 – 11:54:51 | D ] D:Breakin .Bad.S04E01.FRENCH.HDTV.XviD-ArRoWs
[30/09/2013 – 23:40:08 | D ] D:Breaking Bad S02 MULTi 720p BluRay AC3 x264 BoO
[30/10/2013 – 17:51:41 | D ] D:Breaking Bad.S03.FRENCH.LD.DVDRIP.XviD-JMT
[10/11/2013 – 21:52:42 | D ] D:Breaking.Bad.S04E02 à 10.FRENCH.HDTV.XviD-JMT
[12/11/2013 – 23:31:40 | D ] D:F1 2013 1
[20/10/2013 – 18:39:12 | D ] D:Fifa 14 Crack Only V4 [PC][MafiaSSS]
[24/10/2013 – 20:39:01 | D ] D:Khaled – C’est La Vie (2012)
[22/11/2013 – 19:21:54 | D ] D:Paris.A.Tout.Prix.2013.FRENCH.DVDRip.XviD-UTT
[12/11/2013 – 22:09:11 | N | 5920073728] D:rld-f12013.iso
[20/09/2013 – 01:36:49 | SHD ] D:System Volume Information
[02/11/2013 – 12:16:19 | D ] D:W9 Hits 2014 2CD MP3 320 Maxx
[24/10/2013 – 08:40:43 | D ] D:Windows 8 Professionnel 64 bits [Originale]
[27/10/2013 – 14:32:10 | D ] D:[www.Cpasbien.me] Ne.Quelque.Part.2013.FRENCH.BDRip.XviD-UTT
[14/10/2013 – 22:40:52 | D ] D:[www.Cpasbien.me] The.Walkind.Dead.S04E01.FASTSUB.VOSTFR.HDTV.XviD-MiND
[03/10/2013 – 23:43:17 | D ] F:Crack
[03/10/2013 – 23:06:27 | R | 43] F:autorun.inf
[03/10/2013 – 23:12:45 | R | 2098730752] F:setup-1.bin
[03/10/2013 – 23:15:58 | R | 2100000000] F:setup-2.bin
[03/10/2013 – 23:18:03 | R | 1701648223] F:setup-3.bin
[03/10/2013 – 23:18:03 | R | 1269159] F:setup.exe
[05/12/2013 – 15:37:50 | N | 9114853] G:Adele – Someone Like You.mp3
[05/12/2013 – 15:36:54 | N | 8253021] G:Maroon 5- She Will Be Loved With Lyrics On Screen.mp3
[05/12/2013 – 15:36:14 | N | 9049651] G:Rihanna – Diamonds.mp3
[05/12/2013 – 15:35:28 | N | 6772609] G:Rihanna – Talk That Talk (Audio) ft. JAY Z.mp3
[05/12/2013 – 15:33:08 | N | 8074134] G:Eminem – The Monster (Audio) ft. Rihanna.mp3
[05/12/2013 – 15:38:18 | N | 7651995] G:Adele – Set Fire to the Rain Lyrics.mp3
[05/12/2013 – 15:41:36 | N | 10975607] G:Saf7a Wetwayta – Wael Kfoury —

################## | Vaccin |

G:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)

################## | E.O.F | http://www.usbfix.net” onclick=”window.open(this.href);return false; – https://www.sosvirus.net” onclick=”window.open(this.href);return false; |