Salut
je pense que ma clé est virusé car les fichiers sont pas visibles et il y'a des fichiers bizzards
j'ai lancé la recherche de USBfixe est Voilà le rapport pourriez vous m'aider svp
############################## | UsbFix V 7.126 | [Recherche]
Utilisateur: Administrateur (Administrateur) # EDITION_ULTRA
Mis à jour le 13/05/2013 par El Desaparecido
Lancé à 16:33:49 | 21/05/2013
Site Web:
https://www.sosvirus.net/
Upload Malware: http://upload.sosvirus.org/
Contact: contact@sosvirus.org
PC: Hewlett-Packard (HP Compaq nc4200 (EW284EC)) (X86-based PC)
CPU: Intel(R) Pentium(R) M processor 1.73GHz (798)
RAM -> [Total : 1015 | Free : 401]
BIOS: KBC Version 38.59
BOOT: Normal boot
OS: Microsoft Windows XP Professionnel (5.1.2600 32-Bit) # Service Pack 3
WB: Windows Internet Explorer 8.0.6001.18702
SC: Security Center Service [Enabled]
WU: Windows Update Service [Enabled]
FW: Windows FireWall Service [Enabled]
C:\ (%systemdrive%) -> Disque fixe # 20 Go (1 Go libre(s) - 7%) [] # NTFS
D:\ -> Disque fixe # 18 Go (17 Go libre(s) - 98%) [] # NTFS
E:\ -> Disque amovible # 4 Go (2 Go libre(s) - 67%) [] # FAT32
################## | Processus Actif |
C:\WINDOWS\System32\smss.exe (632)
C:\WINDOWS\system32\winlogon.exe (720)
C:\WINDOWS\system32\services.exe (764)
C:\WINDOWS\system32\lsass.exe (776)
C:\WINDOWS\system32\svchost.exe (924)
C:\WINDOWS\System32\svchost.exe (1032)
C:\Program Files\AVAST Software\Avast\AvastSvc.exe (1504)
C:\WINDOWS\Explorer.EXE (1640)
C:\WINDOWS\system32\spoolsv.exe (1692)
C:\WINDOWS\system32\igfxsrvc.exe (672)
C:\WINDOWS\system32\hkcmd.exe (132)
C:\WINDOWS\system32\igfxpers.exe (908)
C:\Program Files\Apoint2K\Apoint.exe (780)
C:\WINDOWS\VistaDrive\VistaDrive.exe (1096)
C:\Program Files\Java\jre6\bin\jusched.exe (1208)
C:\WINDOWS\AGRSMMSG.exe (1340)
C:\Program Files\AVAST Software\Avast\avastUI.exe (1352)
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (1368)
C:\WINDOWS\system32\ctfmon.exe (1384)
C:\Program Files\Messenger\msmsgs.exe (1392)
C:\Program Files\Windows Live\Messenger\msnmsgr.exe (1444)
C:\Program Files\Apoint2K\Apntex.exe (1604)
C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (2328)
C:\WINDOWS\system32\inetsrv\inetinfo.exe (2388)
C:\Program Files\Java\jre6\bin\jqs.exe (2400)
C:\WINDOWS\system32\svchost.exe (2484)
C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe (2620)
C:\WINDOWS\system32\wbem\wmiapsrv.exe (1584)
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\Application\chrome.exe (424)
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\Application\chrome.exe (3940)
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\Application\chrome.exe (3996)
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\Application\chrome.exe (4056)
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\Application\chrome.exe (680)
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\Application\chrome.exe (176)
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\Application\chrome.exe (3596)
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\Application\chrome.exe (2860)
C:\UsbFix\Go.exe (372)
################## | El Desaparecido Section |
HKLM\SOFTWARE | Run : [igfxtray] - C:\WINDOWS\system32\igfxtray.exe
HKLM\SOFTWARE | Run : [igfxhkcmd] - C:\WINDOWS\system32\hkcmd.exe
HKLM\SOFTWARE | Run : [igfxpers] - C:\WINDOWS\system32\igfxpers.exe
HKLM\SOFTWARE | Run : [Apoint] - C:\Program Files\Apoint2K\Apoint.exe
HKLM\SOFTWARE | Run : [VistaDrive] - C:\WINDOWS\VistaDrive\VistaDrive.exe
HKLM\SOFTWARE | Run : [SunJavaUpdateSched] - "C:\Program Files\Java\jre6\bin\jusched.exe"
HKLM\SOFTWARE | Run : [AGRSMMSG] - AGRSMMSG.exe
HKLM\SOFTWARE | Run : [avast] - "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
HKLM\SOFTWARE | Run : [GrooveMonitor] - "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
HKLM\SOFTWARE | Run : [WinampAgent] - "C:\Program Files\Winamp\winampa.exe"
HKLM\SOFTWARE | RunOnce : [] -
HKU\S-1-5-21-1957994488-2000478354-515967899-500\SOFTWARE | Run : [ctfmon.exe] - C:\WINDOWS\system32\ctfmon.exe
HKU\S-1-5-21-1957994488-2000478354-515967899-500\SOFTWARE | Run : [MSMSGS] - "C:\Program Files\Messenger\msmsgs.exe" /background
HKU\S-1-5-21-1957994488-2000478354-515967899-500\SOFTWARE | Run : [Google Update] - "C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
HKU\S-1-5-21-1957994488-2000478354-515967899-500\SOFTWARE | Run : [msnmsgr] - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
HKU\S-1-5-21-1957994488-2000478354-515967899-500\SOFTWARE | Run : [Skype] - "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
HKU\S-1-5-19\SOFTWARE | RunOnce : [nltide_3] - rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
HKU\S-1-5-19\SOFTWARE | RunOnce : [_nltide_3] - rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
HKU\S-1-5-19\SOFTWARE | RunOnce : [ShowDeskFix] - regsvr32 /s /n /i:u shell32
HKU\S-1-5-20\SOFTWARE | RunOnce : [nltide_3] - rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
HKU\S-1-5-20\SOFTWARE | RunOnce : [_nltide_3] - rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
HKU\S-1-5-20\SOFTWARE | RunOnce : [ShowDeskFix] - regsvr32 /s /n /i:u shell32
HKU\S-1-5-18\SOFTWARE | RunOnce : [nltide_3] - rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
HKU\S-1-5-18\SOFTWARE | RunOnce : [_nltide_3] - rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
HKU\S-1-5-18\SOFTWARE | RunOnce : [ShowDeskFix] - regsvr32 /s /n /i:u shell32
################## | Éléments infectieux |
################## | Registre |
################## | Mountpoints2 |
HKCU\.\.\.\.\Explorer\MountPoints2\{55efebbe-c4bc-11e2-8612-00166f06c317}
Shell\AutoRun\Command = E:\AutoRun.exe
HKCU\.\.\.\.\Explorer\MountPoints2\{55efebc1-c4bc-11e2-8612-00166f06c317}
Shell\AutoRun\Command = E:\AutoRun.exe
HKCU\.\.\.\.\Explorer\MountPoints2\{625efc80-0809-11e2-83e5-00166f06c317}
Shell\AutoRun\Command = E:\AutoRun.exe
HKCU\.\.\.\.\Explorer\MountPoints2\{625efc87-0809-11e2-83e5-00166f06c317}
Shell\AutoRun\Command = E:\AutoRun.exe
HKCU\.\.\.\.\Explorer\MountPoints2\{76ee1472-8699-11e2-8523-00166f06c317}
Shell\AutoRun\Command = E:\AutoRun.exe
HKCU\.\.\.\.\Explorer\MountPoints2\{7bf21db1-3a04-11e2-843d-00166f06c317}
Shell\AutoRun\Command = E:\AutoRun.exe
HKCU\.\.\.\.\Explorer\MountPoints2\{7bf21db3-3a04-11e2-843d-00166f06c317}
Shell\AutoRun\Command = E:\AutoRun.exe
HKCU\.\.\.\.\Explorer\MountPoints2\{a47e6902-89c7-11e2-8529-00166f06c317}
Shell\AutoRun\Command = E:\AutoRun.exe
HKCU\.\.\.\.\Explorer\MountPoints2\{a47e6903-89c7-11e2-8529-00166f06c317}
Shell\AutoRun\Command = E:\AutoRun.exe
################## | Vaccin |
(!) Cet ordinateur n'est pas vacciné!
################## | E.O.F |
https://www.sosvirus.net/ |
Afficher la suite
