Répondre à : PC et clé USB infecté 2016-09-08T13:36:02+00:00
Debiloss
Participant
Nombre d'articles : 16

Bonjour, et merci :hello:

Alors j’ai perdu cet clé usb, est-ce grave?
Sinon j’ai fais comme vous me l’avez dis, et voici le rapport.
Merci de votre temps.

############################## | UsbFix V 7.169 | [Recherche]

Utilisateur: claire (Administrateur) # GOGOLE
Mis à jour le 31/03/2014 par El Desaparecido -0 Team SosVirus
Lancé à 13:04:35 | 23/04/2014

Site Web : http://www.usbfix.net/” onclick=”window.open(this.href);return false;
Changelog : http://www.usbfix.net/maj/” onclick=”window.open(this.href);return false;
Support : forum-virus-securite.html
Upload Malware : upload_malware.php
Contact : http://www.usbfix.net/contact/” onclick=”window.open(this.href);return false;

PC: ASUSTeK COMPUTER INC. (X301A1)
CPU: Intel(R) Pentium(R) CPU 2020M @ 2.40GHz
RAM -> [Total : 3982 Mo| Free : 2595 Mo]
Bios: American Megatrends Inc.
Boot: Normal boot

OS: Microsoft Windows 8 (6.2.9200 64-Bit)
WB: Windows Internet Explorer : 10.0.9200.16843
WB: Google Chrome : 34.0.1847.116

SC: Security Center [Enabled]
WU: Windows Update [Enabled]
AV: Windows Defender [(!) Disabled | Updated]
AV: avast! Antivirus [Enabled | Updated]
AS: Windows Defender [(!) Disabled | Updated]
AS: Spybot -0 Search and Destroy [Enabled | (!) Outdated]
AS: avast! Antivirus [Enabled | Updated]
FW: Windows FireWall [(!) Disabled]

C: (%systemdrive%) -> Disque fixe # 186 Go (46 Go libre(s) -0 25%) [OS] # NTFS
D: -> Disque fixe # 258 Go (234 Go libre(s) -0 91%) [Data] # NTFS

################## | Processus Actif |

C:Windowssystem32csrss.exe (ID: 536 |ParentID: 528)
C:Windowssystem32wininit.exe (ID: 600 |ParentID: 528)
C:Windowssystem32csrss.exe (ID: 608 |ParentID: 592)
C:Windowssystem32winlogon.exe (ID: 664 |ParentID: 592)
C:Windowssystem32services.exe (ID: 680 |ParentID: 600)
C:Windowssystem32lsass.exe (ID: 700 |ParentID: 600)
C:Windowssystem32svchost.exe (ID: 800 |ParentID: 680)
C:Windowssystem32svchost.exe (ID: 876 |ParentID: 680)
C:WindowsSystem32svchost.exe (ID: 928 |ParentID: 680)
C:Windowssystem32dwm.exe (ID: 972 |ParentID: 664)
C:Windowssystem32svchost.exe (ID: 992 |ParentID: 680)
C:Windowssystem32svchost.exe (ID: 480 |ParentID: 680)
C:WindowsSystem32svchost.exe (ID: 904 |ParentID: 680)
C:Windowssystem32svchost.exe (ID: 1148 |ParentID: 680)
C:Program Files (x86)ASUSATK PackageATK HotkeyASLDRSrv.exe (ID: 1228 |ParentID: 680)
C:Program Files (x86)ASUSATK PackageATKGFNEXGFNEXSrv.exe (ID: 1284 |ParentID: 680)
C:Program FilesAVAST SoftwareAvastAvastSvc.exe (ID: 1304 |ParentID: 680)
C:WindowsSystem32spoolsv.exe (ID: 1484 |ParentID: 680)
C:Windowssystem32svchost.exe (ID: 1532 |ParentID: 680)
C:Windowssystem32svchost.exe (ID: 1576 |ParentID: 680)
C:Program Files (x86)Common FilesAdobeARM1.0armsvc.exe (ID: 1716 |ParentID: 680)
C:Program Files (x86)ASUSASUS InstantOnInsOnSrv.exe (ID: 1736 |ParentID: 680)
C:Windowssystem32dashost.exe (ID: 1788 |ParentID: 904)
C:Program FilesInteliCLS ClientHeciServer.exe (ID: 1820 |ParentID: 680)
C:Program Files (x86)IntelIntel(R) Management Engine ComponentsDALjhi_service.exe (ID: 1876 |ParentID: 680)
C:Program Files (x86)Spybot -0 Search & Destroy 2SDFSSvc.exe (ID: 1948 |ParentID: 680)
C:Windowssystem32svchost.exe (ID: 2044 |ParentID: 680)
C:Program Files (x86)Tortor.exe (ID: 1180 |ParentID: 680)
C:Program Files (x86)Spybot -0 Search & Destroy 2SDUpdSvc.exe (ID: 1560 |ParentID: 680)
C:Program Files (x86)Spybot -0 Search & Destroy 2SDWSCSvc.exe (ID: 2104 |ParentID: 680)
C:Program Files (x86)ASUSATK PackageATK HotkeyHControl.exe (ID: 2816 |ParentID: 1228)
C:Program Files (x86)ASUSASUS InstantOnInsOnWMI.exe (ID: 2824 |ParentID: 1736)
C:Program Files (x86)ASUSASUS InstantOnInsOnCfg.exe (ID: 2836 |ParentID: 680)
C:Windowssystem32taskhostex.exe (ID: 2844 |ParentID: 680)
C:Program FilesASUSP4GBatteryLife.exe (ID: 2856 |ParentID: 680)
C:WindowsExplorer.EXE (ID: 2984 |ParentID: 2928)
C:Program FilesWindowsAppsmicrosoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbweLiveComm.exe (ID: 3208 |ParentID: 800)
C:Program Files (x86)ASUSATK PackageATK HotkeyKBFiltr.exe (ID: 3316 |ParentID: 2816)
C:Windowssystem32wbemwmiprvse.exe (ID: 3332 |ParentID: 800)
C:Program Files (x86)ASUSATK PackageATK MediaDMedia.exe (ID: 3492 |ParentID: 3184)
C:Program Files (x86)ASUSATK PackageATKOSD2ATKOSD2.exe (ID: 3536 |ParentID: 3172)
C:Windowssystem32SearchIndexer.exe (ID: 4024 |ParentID: 680)
C:Program Files (x86)ASUSASUS Smart GestureAsTPCenterx64AsusTPLoader.exe (ID: 3112 |ParentID: 2796)
C:Program Files (x86)ASUSASUS Smart GestureQuickGesturex64QuickGesture64.exe (ID: 1828 |ParentID: 3112)
C:Program Files (x86)ASUSASUS Smart GestureQuickGesturex86QuickGesture.exe (ID: 1244 |ParentID: 3112)
C:WindowsSystem32RuntimeBroker.exe (ID: 1072 |ParentID: 800)
C:WindowsSystem32igfxtray.exe (ID: 4212 |ParentID: 2984)
C:WindowsSystem32hkcmd.exe (ID: 4260 |ParentID: 2984)
C:Program FilesRealtekAudioHDARAVCpl64.exe (ID: 4296 |ParentID: 2984)
C:Program Files (x86)ASUSSplendidACMON.exe (ID: 4364 |ParentID: 2984)
C:Program Files (x86)ASUSASUS Smart GestureAsTPCenterx64AsusTPHelper.exe (ID: 4472 |ParentID: 1448)
C:Windowssystem32igfxpers.exe (ID: 4484 |ParentID: 4412)
C:WindowsSysWOW64ACEngSvr.exe (ID: 4520 |ParentID: 800)
C:Program FilesZuneZuneLauncher.exe (ID: 4544 |ParentID: 2984)
C:UsersclaireAppDataLocalAkamainetsession_win.exe (ID: 4624 |ParentID: 2984)
C:UsersclaireAppDataLocalAkamainetsession_win.exe (ID: 4636 |ParentID: 4624)
C:Program Files (x86)Common FilesJavaJava Updatejusched.exe (ID: 4756 |ParentID: 4664)
C:Program FilesAVAST SoftwareAvastAvastUI.exe (ID: 4768 |ParentID: 4664)
C:Program Files (x86)Spybot -0 Search & Destroy 2SDTray.exe (ID: 4812 |ParentID: 4664)
C:WindowsSystem32svchost.exe (ID: 3808 |ParentID: 680)
C:Program Files (x86)ASUSASUS Live UpdateLiveUpdate.exe (ID: 4664 |ParentID: 680)
C:Windowssystem32DllHost.exe (ID: 232 |ParentID: 800)
C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID: 5364 |ParentID: 5332)
C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID: 5580 |ParentID: 5364)
C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID: 5728 |ParentID: 5364)
C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID: 6052 |ParentID: 5364)
C:Program Files (x86)IntelIntel(R) Management Engine ComponentsFWServiceIntelMeFWService.exe (ID: 3656 |ParentID: 680)
C:Program Files (x86)IntelIntel(R) Management Engine ComponentsLMSLMS.exe (ID: 1672 |ParentID: 680)
C:Program Files (x86)IntelIntel(R) Management Engine ComponentsUNSUNS.exe (ID: 3968 |ParentID: 680)
C:Program FilesWindows Media Playerwmpnetwk.exe (ID: 5404 |ParentID: 680)
C:WindowsSystem32ThumbnailExtractionHost.exe (ID: 1248 |ParentID: 800)
C:Windowssyswow64wwahost.exe (ID: 6120 |ParentID: 800)
C:Program Files (x86)ASUSASUS Smart GestureAsTPCenterx64AsusTPCenter.exe (ID: 3780 |ParentID: 3112)
C:Windowssystem32wbemwmiprvse.exe (ID: 5180 |ParentID: 800)
C:Windowssystem32SearchProtocolHost.exe (ID: 4556 |ParentID: 4024)
C:Windowssystem32SearchFilterHost.exe (ID: 6020 |ParentID: 4024)
C:Windowssystem32SearchProtocolHost.exe (ID: 4124 |ParentID: 4024)

################## | Regedit Run |

F2 -0 HKLM..Winlogon : [Shell] explorer.exe
F2 -0 [x64] HKLM..Winlogon : [Shell] explorer.exe
F2 -0 HKLM..Winlogon : [Userinit] userinit.exe
F2 -0 [x64] HKLM..Winlogon : [Userinit] C:Windowssystem32userinit.exe,
4 -0 HKCU..Run : [Akamai NetSession Interface] C:UsersclaireAppDataLocalAkamainetsession_win.exe
4 -0 HKCU..Run : [iTunesHelper] wscript.exe //B C:UsersclaireAppDataLocalTempiTunesHelper.vbe
4 -0 HKLM..Run : [Adobe Reader Speed Launcher] C:Program Files (x86)AdobeReader 10.0ReaderReader_sl.exe
4 -0 HKLM..Run : [Adobe ARM] C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe
4 -0 HKLM..Run : [SunJavaUpdateSched] C:Program Files (x86)Common FilesJavaJava Updatejusched.exe
4 -0 HKLM..Run : [AvastUI.exe] C:Program FilesAVAST SoftwareAvastAvastUI.exe /nogui
4 -0 HKLM..Run : [SDTray] C:Program Files (x86)Spybot – Search & Destroy 2SDTray.exe
4 -0 HKLM..Run : [USB Security] C:Program Files (x86)USB Disk SecurityUSBGuard.exe
4 -0 [x64] HKLM..Run : [IgfxTray] C:Windowssystem32igfxtray.exe
4 -0 [x64] HKLM..Run : [HotKeysCmds] C:Windowssystem32hkcmd.exe
4 -0 [x64] HKLM..Run : [RTHDVCPL] C:Program FilesRealtekAudioHDARAVCpl64.exe -s
4 -0 [x64] HKLM..Run : [ACMON] C:Program Files (x86)ASUSSplendidACMON.exe
4 -0 [x64] HKLM..Run : [Zune Launcher] C:Program FilesZuneZuneLauncher.exe
4 -0 HKUS-1-5-21-548881330-262357375-2291440725-1001..Run : [Akamai NetSession Interface] C:UsersclaireAppDataLocalAkamainetsession_win.exe
4 -0 HKUS-1-5-21-548881330-262357375-2291440725-1001..Run : [iTunesHelper] wscript.exe //B C:UsersclaireAppDataLocalTempiTunesHelper.vbe

################## | Recherche générique |

################## | Registre |

################## | E.O.F | http://www.usbfix.net/” onclick=”window.open(this.href);return false; -0 https://www.sosvirus.net” onclick=”window.open(this.href);return false; |