Virus sur clé USB Rapport

Fermé
hk - 22 juin 2014 à 13:18
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 - 22 juin 2014 à 13:28
Bonjour,

[b]############################## | UsbFix V 7.171 | [Recherche][/b]

Utilisateur: DELL (Administrateur) # DELL-PC
Mis à jour le 09/06/2014 par El Desaparecido - SosVirus
Lancé à 11:04:42 | 22/06/2014

Site Web : [url=http://www.usbfix.net/]http://www.usbfix.net/[/url]
Changelog : [url=http://www.usbfix.net/maj/]http://www.usbfix.net/maj/[/url]
Assistance : [url=http://www.sosvirus.net/forum-virus-securite.html]http://www.sosvirus.net/forum-virus-securite.html[/url]
Upload Malware : [url=http://www.sosvirus.net/upload_malware.php]http://www.sosvirus.net/upload_malware.php[/url]
Contact : [url=http://www.usbfix.net/contact/]http://www.usbfix.net/contact/[/url]

PC: Dell Inc. (0GGRV5)
CPU: Intel(R) Core(TM) i5-2450M CPU @ 2.50GHz
RAM -> [Total : 6052 Mo| Free : 4023 Mo]
Bios: Dell Inc.
Boot: Normal boot

OS: Microsoft Windows 7 Professionnel (6.1.7600 64-Bit)
WB: Windows Internet Explorer : 8.0.7600.16385
WB: Google Chrome : 35.0.1916.153
WB: Mozilla Firefox : 30.0

SC: Security Center [Enabled]
WU: Windows Update [Enabled]
AV: Avira Desktop [Enabled | Updated]
AS: Avira Desktop [Enabled | Updated]
AS: Windows Defender [(!) Disabled | Updated]
FW: Windows FireWall [(!) Disabled]

C:\ (%SystemDrive%) -> Disque fixe # 349 Go (309 Go libre(s) - 88%) [] # NTFS
D:\ -> Disque fixe # 349 Go (349 Go libre(s) - 100%) [] # NTFS
E:\ -> CD-ROM
F:\ -> Disque amovible # 2 Go (1 Go libre(s) - 56%) [HAMAMA] # FAT

[b]################## | Processus Actif |[/b]

C:\Windows\System32\smss.exe (ID: 284|ParentID: 4|Système)
C:\Windows\System32\wininit.exe (ID: 520|ParentID: 368)
C:\Windows\System32\services.exe (ID: 576|ParentID: 520)
C:\Windows\System32\lsass.exe (ID: 596|ParentID: 520)
C:\Windows\System32\lsm.exe (ID: 604|ParentID: 520)
C:\Windows\System32\winlogon.exe (ID: 720|ParentID: 528)
C:\Windows\System32\svchost.exe (ID: 760|ParentID: 576)
C:\Windows\System32\svchost.exe (ID: 844|ParentID: 576)
C:\Windows\System32\atiesrxx.exe (ID: 908|ParentID: 576)
C:\Windows\System32\svchost.exe (ID: 964|ParentID: 576)
C:\Windows\System32\svchost.exe (ID: 1016|ParentID: 576)
C:\Windows\System32\svchost.exe (ID: 308|ParentID: 576)
C:\Program Files\IDT\WDM\stacsv64.exe (ID: 396|ParentID: 576)
C:\Windows\System32\svchost.exe (ID: 1088|ParentID: 576)
C:\Windows\System32\atieclxx.exe (ID: 1128|ParentID: 908)
C:\Windows\System32\svchost.exe (ID: 1252|ParentID: 576)
C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE (ID: 1348|ParentID: 576)
C:\Windows\System32\wlanext.exe (ID: 1356|ParentID: 1016)
C:\Windows\System32\conhost.exe (ID: 1364|ParentID: 380)
C:\Program Files\Dell\DW WLAN Card\BCMWLTRY.EXE (ID: 1392|ParentID: 1348)
C:\Windows\System32\spoolsv.exe (ID: 1512|ParentID: 576)
C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (ID: 1552|ParentID: 576)
C:\Windows\System32\svchost.exe (ID: 1580|ParentID: 576)
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (ID: 1868|ParentID: 576)
C:\Program Files\IDT\WDM\AESTSr64.exe (ID: 1892|ParentID: 576)
C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (ID: 1924|ParentID: 576)
C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (ID: 1948|ParentID: 576)
C:\Windows\System32\svchost.exe (ID: 2020|ParentID: 576)
C:\Windows\System32\dwm.exe (ID: 2244|ParentID: 1016|DELL)
C:\Windows\System32\taskhost.exe (ID: 2252|ParentID: 576|DELL)
C:\Windows\explorer.exe (ID: 2304|ParentID: 2224|DELL)
C:\Program Files\IDT\WDM\sttray64.exe (ID: 2692|ParentID: 2304|DELL)
C:\Windows\System32\igfxtray.exe (ID: 2700|ParentID: 2304|DELL)
C:\Windows\System32\hkcmd.exe (ID: 2708|ParentID: 2304|DELL)
C:\Windows\System32\igfxpers.exe (ID: 2720|ParentID: 2304|DELL)
C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE (ID: 2728|ParentID: 2304|DELL)
C:\Program Files (x86)\Skype\Phone\Skype.exe (ID: 2964|ParentID: 2304|DELL)
C:\Windows\System32\wscript.exe (ID: 2980|ParentID: 2304|DELL)
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (ID: 2996|ParentID: 2304|DELL)
C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (ID: 3012|ParentID: 2304|DELL)
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (ID: 1932|ParentID: 2988|DELL)
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (ID: 2592|ParentID: 1640|DELL)
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (ID: 2608|ParentID: 2988|DELL)
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (ID: 2564|ParentID: 2988)
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (ID: 1808|ParentID: 2592|DELL)
C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (ID: 3496|ParentID: 1924)
C:\Windows\SysWOW64\rundll32.exe (ID: 3484|ParentID: 2996|DELL)
C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe (ID: 3540|ParentID: 760|DELL)
C:\Windows\System32\svchost.exe (ID: 3880|ParentID: 576)
C:\Windows\System32\SearchIndexer.exe (ID: 948|ParentID: 576)
C:\Windows\System32\svchost.exe (ID: 4124|ParentID: 576)
C:\Program Files\WIDCOMM\Bluetooth Software\Bluetooth Headset Helper.exe (ID: 4932|ParentID: 2996|DELL)
C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (ID: 5052|ParentID: 576)
C:\Windows\explorer.exe (ID: 2004|ParentID: 760|DELL)
C:\Program Files (x86)\Mozilla Firefox\firefox.exe (ID: 4524|ParentID: 2304|DELL)
C:\Windows\System32\audiodg.exe (ID: 6072|ParentID: 964)
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe (ID: 5220|ParentID: 4524|DELL)
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe (ID: 2852|ParentID: 5220|DELL)
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe (ID: 5244|ParentID: 2852|DELL)
C:\Windows\System32\SearchProtocolHost.exe (ID: 6048|ParentID: 948)
C:\Windows\System32\SearchFilterHost.exe (ID: 4832|ParentID: 948|Système)
C:\UsbFix\UsbFix.exe (ID: 5012|ParentID: 5756|DELL)

[b]################## | Autorun |[/b]

F:\siemens.lnk -> F:\z12789176.vbs - [url=https://www.virustotal.com/file/ac04e37e2e592fd220af5d079ae5326c0f90a477876a5bed6cf9965bb8b3ef55/analysis/1392166218/]VirusTotal[/url] - ([color=#FF0000]17[/color]/[color=#FF0000]48[/color])
F:\ue302(1).lnk -> F:\z12789176.vbs - [url=https://www.virustotal.com/file/ac04e37e2e592fd220af5d079ae5326c0f90a477876a5bed6cf9965bb8b3ef55/analysis/1392166218/]VirusTotal[/url] - ([color=#FF0000]17[/color]/[color=#FF0000]48[/color])
F:\067-8conception_systemes_cdg_relations_budget_systeme-meusre_perf.lnk -> F:\z12789176.vbs - [url=https://www.virustotal.com/file/ac04e37e2e592fd220af5d079ae5326c0f90a477876a5bed6cf9965bb8b3ef55/analysis/1392166218/]VirusTotal[/url] - ([color=#FF0000]17[/color]/[color=#FF0000]48[/color])
F:\Lecon_inaugurale.lnk -> F:\z12789176.vbs - [url=https://www.virustotal.com/file/ac04e37e2e592fd220af5d079ae5326c0f90a477876a5bed6cf9965bb8b3ef55/analysis/1392166218/]VirusTotal[/url] - ([color=#FF0000]17[/color]/[color=#FF0000]48[/color])
F:\thA_se-MIROIR_-_LAIR.lnk -> F:\z12789176.vbs - [url=https://www.virustotal.com/file/ac04e37e2e592fd220af5d079ae5326c0f90a477876a5bed6cf9965bb8b3ef55/analysis/1392166218/]VirusTotal[/url] - ([color=#FF0000]17[/color]/[color=#FF0000]48[/color])
F:\RAPPORT MISSION 31 03 2014_2.lnk -> F:\z12789176.vbs - [url=https://www.virustotal.com/file/ac04e37e2e592fd220af5d079ae5326c0f90a477876a5bed6cf9965bb8b3ef55/analysis/1392166218/]VirusTotal[/url] - ([color=#FF0000]17[/color]/[color=#FF0000]48[/color])
F:\cover letter.lnk -> F:\z12789176.vbs - [url=https://www.virustotal.com/file/ac04e37e2e592fd220af5d079ae5326c0f90a477876a5bed6cf9965bb8b3ef55/analysis/1392166218/]VirusTotal[/url] - ([color=#FF0000]17[/color]/[color=#FF0000]48[/color])
F:\projet ange du désert.lnk -> F:\z12789176.vbs - [url=https://www.virustotal.com/file/ac04e37e2e592fd220af5d079ae5326c0f90a477876a5bed6cf9965bb8b3ef55/analysis/1392166218/]VirusTotal[/url] - ([color=#FF0000]17[/color]/[color=#FF0000]48[/color])
F:\Sponem-These-2004.lnk -> F:\z12789176.vbs - [url=https://www.virustotal.com/file/ac04e37e2e592fd220af5d079ae5326c0f90a477876a5bed6cf9965bb8b3ef55/analysis/1392166218/]VirusTotal[/url] - ([color=#FF0000]17[/color]/[color=#FF0000]48[/color])
F:\These_KOMAREV_Resume_Etendu.lnk -> F:\z12789176.vbs - [url=https://www.virustotal.com/file/ac04e37e2e592fd220af5d079ae5326c0f90a477876a5bed6cf9965bb8b3ef55/analysis/1392166218/]VirusTotal[/url] - ([color=#FF0000]17[/color]/[color=#FF0000]48[/color])
F:\[Untitled][1].lnk -> F:\z12789176.vbs - [url=https://www.virustotal.com/file/ac04e37e2e592fd220af5d079ae5326c0f90a477876a5bed6cf9965bb8b3ef55/analysis/1392166218/]VirusTotal[/url] - ([color=#FF0000]17[/color]/[color=#FF0000]48[/color])
F:\THESE_KOMAREV_RV.lnk -> F:\z12789176.vbs - [url=https://www.virustotal.com/file/ac04e37e2e592fd220af5d079ae5326c0f90a477876a5bed6cf9965bb8b3ef55/analysis/1392166218/]VirusTotal[/url] - ([color=#FF0000]17[/color]/[color=#FF0000]48[/color])
F:\Monographie.lnk -> F:\z12789176.vbs - [url=https://www.virustotal.com/file/ac04e37e2e592fd220af5d079ae5326c0f90a477876a5bed6cf9965bb8b3ef55/analysis/1392166218/]VirusTotal[/url] - ([color=#FF0000]17[/color]/[color=#FF0000]48[/color])
F:\KHATIHAMAMA-PC.lnk -> F:\z12789176.vbs - [url=https://www.virustotal.com/file/ac04e37e2e592fd220af5d079ae5326c0f90a477876a5bed6cf9965bb8b3ef55/analysis/1392166218/]VirusTotal[/url] - ([color=#FF0000]17[/color]/[color=#FF0000]48[/color])
F:\.Spotlight-V100.lnk -> F:\z12789176.vbs - [url=https://www.virustotal.com/file/ac04e37e2e592fd220af5d079ae5326c0f90a477876a5bed6cf9965bb8b3ef55/analysis/1392166218/]VirusTotal[/url] - ([color=#FF0000]17[/color]/[color=#FF0000]48[/color])
F:\legalais.lnk -> F:\z12789176.vbs - [url=https://www.virustotal.com/file/ac04e37e2e592fd220af5d079ae5326c0f90a477876a5bed6cf9965bb8b3ef55/analysis/1392166218/]VirusTotal[/url] - ([color=#FF0000]17[/color]/[color=#FF0000]48[/color])
F:\071052.lnk -> F:\z12789176.vbs - [url=https://www.virustotal.com/file/ac04e37e2e592fd220af5d079ae5326c0f90a477876a5bed6cf9965bb8b3ef55/analysis/1392166218/]VirusTotal[/url] - ([color=#FF0000]17[/color]/[color=#FF0000]48[/color])
F:\UNIVERSITE_MONTPELLIER_I.lnk -> F:\z12789176.vbs - [url=https://www.virustotal.com/file/ac04e37e2e592fd220af5d079ae5326c0f90a477876a5bed6cf9965bb8b3ef55/analysis/1392166218/]VirusTotal[/url] - ([color=#FF0000]17[/color]/[color=#FF0000]48[/color])
F:\.Trashes.lnk -> F:\z12789176.vbs - [url=https://www.virustotal.com/file/ac04e37e2e592fd220af5d079ae5326c0f90a477876a5bed6cf9965bb8b3ef55/analysis/1392166218/]VirusTotal[/url] - ([color=#FF0000]17[/color]/[color=#FF0000]48[/color])
F:\anglais présentation.lnk -> F:\z12789176.vbs - [url=https://www.virustotal.com/file/ac04e37e2e592fd220af5d079ae5326c0f90a477876a5bed6cf9965bb8b3ef55/analysis/1392166218/]VirusTotal[/url] - ([color=#FF0000]17[/color]/[color=#FF0000]48[/color])
F:\FOUND.000.lnk -> F:\z12789176.vbs - [url=https://www.virustotal.com/file/ac04e37e2e592fd220af5d079ae5326c0f90a477876a5bed6cf9965bb8b3ef55/analysis/1392166218/]VirusTotal[/url] - ([color=#FF0000]17[/color]/[color=#FF0000]48[/color])
F:\KHATI HAMAMA LETTRE DE MOTIVATION.lnk -> F:\z12789176.vbs - [url=https://www.virustotal.com/file/ac04e37e2e592fd220af5d079ae5326c0f90a477876a5bed6cf9965bb8b3ef55/analysis/1392166218/]VirusTotal[/url] - ([color=#FF0000]17[/color]/[color=#FF0000]48[/color])
F:\~$anglais présentation.lnk -> F:\z12789176.vbs - [url=https://www.virustotal.com/file/ac04e37e2e592fd220af5d079ae5326c0f90a477876a5bed6cf9965bb8b3ef55/analysis/1392166218/]VirusTotal[/url] - ([color=#FF0000]17[/color]/[color=#FF0000]48[/color])
F:\RAZLOG.lnk -> F:\z12789176.vbs - [url=https://www.virustotal.com/file/ac04e37e2e592fd220af5d079ae5326c0f90a477876a5bed6cf9965bb8b3ef55/analysis/1392166218/]VirusTotal[/url] - ([color=#FF0000]17[/color]/[color=#FF0000]48[/color])
F:\informatik_L3.lnk -> F:\z12789176.vbs - [url=https://www.virustotal.com/file/ac04e37e2e592fd220af5d079ae5326c0f90a477876a5bed6cf9965bb8b3ef55/analysis/1392166218/]VirusTotal[/url] - ([color=#FF0000]17[/color]/[color=#FF0000]48[/color])
F:\~$buffet cinema espagnol.lnk -> F:\z12789176.vbs - [url=https://www.virustotal.com/file/ac04e37e2e592fd220af5d079ae5326c0f90a477876a5bed6cf9965bb8b3ef55/analysis/1392166218/]VirusTotal[/url] - ([color=#FF0000]17[/color]/[color=#FF0000]48[/color])
F:\Hamama KHATI CV.lnk -> F:\z12789176.vbs - [url=https://www.virustotal.com/file/ac04e37e2e592fd220af5d079ae5326c0f90a477876a5bed6cf9965bb8b3ef55/analysis/1392166218/]VirusTotal[/url] - ([color=#FF0000]17[/color]/[color=#FF0000]48[/color])
F:\finance.lnk -> F:\z12789176.vbs - [url=https://www.virustotal.com/file/ac04e37e2e592fd220af5d079ae5326c0f90a477876a5bed6cf9965bb8b3ef55/analysis/1392166218/]VirusTotal[/url] - ([color=#FF0000]17[/color]/[color=#FF0000]48[/color])
F:\Evaluation d'entreprise.lnk -> F:\z12789176.vbs - [url=https://www.virustotal.com/file/ac04e37e2e592fd220af5d079ae5326c0f90a477876a5bed6cf9965bb8b3ef55/analysis/1392166218/]VirusTotal[/url] - ([color=#FF0000]17[/color]/[color=#FF0000]48[/color])
F:\~AutoSave-00000005.lnk -> F:\z12789176.vbs - [url=https://www.virustotal.com/file/ac04e37e2e592fd220af5d079ae5326c0f90a477876a5bed6cf9965bb8b3ef55/analysis/1392166218/]VirusTotal[/url] - ([color=#FF0000]17[/color]/[color=#FF0000]48[/color])
F:\~WRL0004.lnk -> F:\z12789176.vbs - [url=https://www.virustotal.com/file/ac04e37e2e592fd220af5d079ae5326c0f90a477876a5bed6cf9965bb8b3ef55/analysis/1392166218/]VirusTotal[/url] - ([color=#FF0000]17[/color]/[color=#FF0000]48[/color])
F:\~WRL3030.lnk -> F:\z12789176.vbs - [url=https://www.virustotal.com/file/ac04e37e2e592fd220af5d079ae5326c0f90a477876a5bed6cf9965bb8b3ef55/analysis/1392166218/]VirusTotal[/url] - ([color=#FF0000]17[/color]/[color=#FF0000]48[/color])
F:\MANAGEMENT final.lnk -> F:\z12789176.vbs - [url=https://www.virustotal.com/file/ac04e37e2e592fd220af5d079ae5326c0f90a477876a5bed6cf9965bb8b3ef55/analysis/1392166218/]VirusTotal[/url] - ([color=#FF0000]17[/color]/[color=#FF0000]48[/color])
F:\CORRIGE.lnk -> F:\z12789176.vbs - [url=https://www.virustotal.com/file/ac04e37e2e592fd220af5d079ae5326c0f90a477876a5bed6cf9965bb8b3ef55/analysis/1392166218/]VirusTotal[/url] - ([color=#FF0000]17[/color]/[color=#FF0000]48[/color])
F:\KHATI.lnk -> F:\z12789176.vbs - [url=https://www.virustotal.com/file/ac04e37e2e592fd220af5d079ae5326c0f90a477876a5bed6cf9965bb8b3ef55/analysis/1392166218/]VirusTotal[/url] - ([color=#FF0000]17[/color]/[color=#FF0000]48[/color])
F:\MONTPELLIER-NANTES_GARE_01-12-12_PALANQUE_JEREMIE_QYSGHK_d8dUwF9uEschIlsCeePd.lnk -> F:\z12789176.vbs - [url=https://www.virustotal.com/file/ac04e37e2e592fd220af5d079ae5326c0f90a477876a5bed6cf9965bb8b3ef55/analysis/1392166218/]VirusTotal[/url] - ([color=#FF0000]17[/color]/[color=#FF0000]48[/color])
F:\CORRIGE1.lnk -> F:\z12789176.vbs - [url=https://www.virustotal.com/file/ac04e37e2e592fd220af5d079ae5326c0f90a477876a5bed6cf9965bb8b3ef55/analysis/1392166218/]VirusTotal[/url] - ([color=#FF0000]17[/color]/[color=#FF0000]48[/color])
F:\def.lnk -> F:\z12789176.vbs - [url=https://www.virustotal.com/file/ac04e37e2e592fd220af5d079ae5326c0f90a477876a5bed6cf9965bb8b3ef55/analysis/1392166218/]VirusTotal[/url] - ([color=#FF0000]17[/color]/[color=#FF0000]48[/color])
F:\ALARM4.lnk -> F:\z12789176.vbs - [url=https://www.virustotal.com/file/ac04e37e2e592fd220af5d079ae5326c0f90a477876a5bed6cf9965bb8b3ef55/analysis/1392166218/]VirusTotal[/url] - ([color=#FF0000]17[/color]/[color=#FF0000]48[/color])
F:\~WRL3603.lnk -> F:\z12789176.vbs - [url=https://www.virustotal.com/file/ac04e37e2e592fd220af5d079ae5326c0f90a477876a5bed6cf9965bb8b3ef55/analysis/1392166218/]VirusTotal[/url] - ([color=#FF0000]17[/color]/[color=#FF0000]48[/color])
F:\Section 2.lnk -> F:\z12789176.vbs - [url=https://www.virustotal.com/file/ac04e37e2e592fd220af5d079ae5326c0f90a477876a5bed6cf9965bb8b3ef55/analysis/1392166218/]VirusTotal[/url] - ([color=#FF0000]17[/color]/[color=#FF0000]48[/color])
F:\28 05 MATIN.lnk -> F:\z12789176.vbs - [url=https://www.virustotal.com/file/ac04e37e2e592fd220af5d079ae5326c0f90a477876a5bed6cf9965bb8b3ef55/analysis/1392166218/]VirusTotal[/url] - ([color=#FF0000]17[/color]/[color=#FF0000]48[/color])
F:\Annexe .lnk -> F:\z12789176.vbs - [url=https://www.virustotal.com/file/ac04e37e2e592fd220af5d079ae5326c0f90a477876a5bed6cf9965bb8b3ef55/analysis/1392166218/]VirusTotal[/url] - ([color=#FF0000]17[/color]/[color=#FF0000]48[/color])
F:\CORRIGE10.lnk -> F:\z12789176.vbs - [url=https://www.virustotal.com/file/ac04e37e2e592fd220af5d079ae5326c0f90a477876a5bed6cf9965bb8b3ef55/analysis/1392166218/]VirusTotal[/url] - ([color=#FF0000]17[/color]/[color=#FF0000]48[/color])
F:\Manoir d'Ardignan modifié le ENT.lnk -> F:\z12789176.vbs - [url=https://www.virustotal.com/file/ac04e37e2e592fd220af5d079ae5326c0f90a477876a5bed6cf9965bb8b3ef55/analysis/1392166218/]VirusTotal[/url] - ([color=#FF0000]17[/color]/[color=#FF0000]48[/color])
F:\Document sans titre.lnk -> F:\z12789176.vbs - [url=https://www.virustotal.com/file/ac04e37e2e592fd220af5d079ae5326c0f90a477876a5bed6cf9965bb8b3ef55/analysis/1392166218/]VirusTotal[/url] - ([color=#FF0000]17[/color]/[color=#FF0000]48[/color])
F:\syncguid.lnk -> F:\z12789176.vbs - [url=https://www.virustotal.com/file/ac04e37e2e592fd220af5d079ae5326c0f90a477876a5bed6cf9965bb8b3ef55/analysis/1392166218/]VirusTotal[/url] - ([color=#FF0000]17[/color]/[color=#FF0000]48[/color])
F:\khati hamama.lnk -> F:\z12789176.vbs - [url=https://www.virustotal.com/file/ac04e37e2e592fd220af5d079ae5326c0f90a477876a5bed6cf9965bb8b3ef55/analysis/1392166218/]VirusTotal[/url] - ([color=#FF0000]17[/color]/[color=#FF0000]48[/color])
F:\CORRIGE1000.lnk -> F:\z12789176.vbs - [url=https://www.virustotal.com/file/ac04e37e2e592fd220af5d079ae5326c0f90a477876a5bed6cf9965bb8b3ef55/analysis/1392166218/]VirusTotal[/url] - ([color=#FF0000]17[/color]/[color=#FF0000]48[/color])
F:\def3.lnk -> F:\z12789176.vbs - [url=https://www.virustotal.com/file/ac04e37e2e592fd220af5d079ae5326c0f90a477876a5bed6cf9965bb8b3ef55/analysis/1392166218/]VirusTotal[/url] - ([color=#FF0000]17[/color]/[color=#FF0000]48[/color])
F:\def1.lnk -> F:\z12789176.vbs - [url=https://www.virustotal.com/file/ac04e37e2e592fd220af5d079ae5326c0f90a477876a5bed6cf9965bb8b3ef55/analysis/1392166218/]VirusTotal[/url] - ([color=#FF0000]17[/color]/[color=#FF0000]48[/color])
F:\~WRL4052.lnk -> F:\z12789176.vbs - [url=https://www.virustotal.com/file/ac04e37e2e592fd220af5d079ae5326c0f90a477876a5bed6cf9965bb8b3ef55/analysis/1392166218/]VirusTotal[/url] - ([color=#FF0000]17[/color]/[color=#FF0000]48[/color])
F:\def2.lnk -> F:\z12789176.vbs - [url=https://www.virustotal.com/file/ac04e37e2e592fd220af5d079ae5326c0f90a477876a5bed6cf9965bb8b3ef55/analysis/1392166218/]VirusTotal[/url] - ([color=#FF0000]17[/color]/[color=#FF0000]48[/color])
F:\~WRL2652.lnk -> F:\z12789176.vbs - [url=https://www.virustotal.com/file/ac04e37e2e592fd220af5d079ae5326c0f90a477876a5bed6cf9965bb8b3ef55/analysis/1392166218/]VirusTotal[/url] - ([color=#FF0000]17[/color]/[color=#FF0000]48[/color])
F:\UNIVERSITE MONTPELLIE accueil.lnk -> F:\z12789176.vbs - [url=https://www.virustotal.com/file/ac04e37e2e592fd220af5d079ae5326c0f90a477876a5bed6cf9965bb8b3ef55/analysis/1392166218/]VirusTotal[/url] - ([color=#FF0000]17[/color]/[color=#FF0000]48[/color])
F:\def30.lnk -> F:\z12789176.vbs - [url=https://www.virustotal.com/file/ac04e37e2e592fd220af5d079ae5326c0f90a477876a5bed6cf9965bb8b3ef55/analysis/1392166218/]VirusTotal[/url] - ([color=#FF0000]17[/color]/[color=#FF0000]48[/color])
F:\~WRL2525.lnk -> F:\z12789176.vbs - [url=https://www.virustotal.com/file/ac04e37e2e592fd220af5d079ae5326c0f90a477876a5bed6cf9965bb8b3ef55/analysis/1392166218/]VirusTotal[/url] - ([color=#FF0000]17[/color]/[color=#FF0000]48[/color])
F:\UNIVERSITE MONTPELLIE accueilllll.lnk -> F:\z12789176.vbs - [url=https://www.virustotal.com/file/ac04e37e2e592fd220af5d079ae5326c0f90a477876a5bed6cf9965bb8b3ef55/analysis/1392166218/]VirusTotal[/url] - ([color=#FF0000]17[/color]/[color=#FF0000]48[/color])
F:\vendredi 31.lnk -> F:\z12789176.vbs - [url=https://www.virustotal.com/file/ac04e37e2e592fd220af5d079ae5326c0f90a477876a5bed6cf9965bb8b3ef55/analysis/1392166218/]VirusTotal[/url] - ([color=#FF0000]17[/color]/[color=#FF0000]48[/color])
F:\MediaID.lnk -> F:\z12789176.vbs - [url=https://www.virustotal.com/file/ac04e37e2e592fd220af5d079ae5326c0f90a477876a5bed6cf9965bb8b3ef55/analysis/1392166218/]VirusTotal[/url] - ([color=#FF0000]17[/color]/[color=#FF0000]48[/color])
F:\les 3 premiers modules.lnk -> F:\z12789176.vbs - [url=https://www.virustotal.com/file/ac04e37e2e592fd220af5d079ae5326c0f90a477876a5bed6cf9965bb8b3ef55/analysis/1392166218/]VirusTotal[/url] - ([color=#FF0000]17[/color]/[color=#FF0000]48[/color])
F:\Transitions.lnk -> F:\z12789176.vbs - [url=https://www.virustotal.com/file/ac04e37e2e592fd220af5d079ae5326c0f90a477876a5bed6cf9965bb8b3ef55/analysis/1392166218/]VirusTotal[/url] - ([color=#FF0000]17[/color]/[color=#FF0000]48[/color])
F:\UNIVERSITE MONTPELLIE accueilllll - Copie.lnk -> F:\z12789176.vbs - [url=https://www.virustotal.com/file/ac04e37e2e592fd220af5d079ae5326c0f90a477876a5bed6cf9965bb8b3ef55/analysis/1392166218/]VirusTotal[/url] - ([color=#FF0000]17[/color]/[color=#FF0000]48[/color])
F:\mémoire M1 CGNST.lnk -> F:\z12789176.vbs - [url=https://www.virustotal.com/file/ac04e37e2e592fd220af5d079ae5326c0f90a477876a5bed6cf9965bb8b3ef55/analysis/1392166218/]VirusTotal[/url] - ([color=#FF0000]17[/color]/[color=#FF0000]48[/color])
F:\INFO TD 3 EXO.lnk -> F:\z12789176.vbs - [url=https://www.virustotal.com/file/ac04e37e2e592fd220af5d079ae5326c0f90a477876a5bed6cf9965bb8b3ef55/analysis/1392166218/]VirusTotal[/url] - ([color=#FF0000]17[/color]/[color=#FF0000]48[/color])
F:\page de garde.lnk -> F:\z12789176.vbs - [url=https://www.virustotal.com/file/ac04e37e2e592fd220af5d079ae5326c0f90a477876a5bed6cf9965bb8b3ef55/analysis/1392166218/]VirusTotal[/url] - ([color=#FF0000]17[/color]/[color=#FF0000]48[/color])
F:\cv Hamama KHATI.lnk -> F:\z12789176.vbs - [url=https://www.virustotal.com/file/ac04e37e2e592fd220af5d079ae5326c0f90a477876a5bed6cf9965bb8b3ef55/analysis/1392166218/]VirusTotal[/url] - ([color=#FF0000]17[/color]/[color=#FF0000]48[/color])
F:\EXOGG.lnk -> F:\z12789176.vbs - [url=https://www.virustotal.com/file/ac04e37e2e592fd220af5d079ae5326c0f90a477876a5bed6cf9965bb8b3ef55/analysis/1392166218/]VirusTotal[/url] - ([color=#FF0000]17[/color]/[color=#FF0000]48[/color])
F:\Copie de secours de cv Hamama KHATI.lnk -> F:\z12789176.vbs - [url=https://www.virustotal.com/file/ac04e37e2e592fd220af5d079ae5326c0f90a477876a5bed6cf9965bb8b3ef55/analysis/1392166218/]VirusTotal[/url] - ([color=#FF0000]17[/color]/[color=#FF0000]48[/color])
F:\~$EXOGG.lnk -> F:\z12789176.vbs - [url=https://www.virustotal.com/file/ac04e37e2e592fd220af5d079ae5326c0f90a477876a5bed6cf9965bb8b3ef55/analysis/1392166218/]VirusTotal[/url] - ([color=#FF0000]17[/color]/[color=#FF0000]48[/color])
F:\Classeur1.lnk -> F:\z12789176.vbs - [url=https://www.virustotal.com/file/ac04e37e2e592fd220af5d079ae5326c0f90a477876a5bed6cf9965bb8b3ef55/analysis/1392166218/]VirusTotal[/url] - ([color=#FF0000]17[/color]/[color=#FF0000]48[/color])
F:\AAHamama KHATI.lnk -> F:\z12789176.vbs - [url=https://www.virustotal.com/file/ac04e37e2e592fd220af5d079ae5326c0f90a477876a5bed6cf9965bb8b3ef55/analysis/1392166218/]VirusTotal[/url] - ([color=#FF0000]17[/color]/[color=#FF0000]48[/color])
F:\Bouygues KHATI Hamama.lnk -> F:\z12789176.vbs - [url=https://www.virustotal.com/file/ac04e37e2e592fd220af5d079ae5326c0f90a477876a5bed6cf9965bb8b3ef55/analysis/1392166218/]VirusTotal[/url] - ([color=#FF0000]17[/color]/[color=#FF0000]48[/color])
F:\Sara(2).lnk -> F:\z12789176.vbs - [url=https://www.virustotal.com/file/ac04e37e2e592fd220af5d079ae5326c0f90a477876a5bed6cf9965bb8b3ef55/analysis/1392166218/]VirusTotal[/url] - ([color=#FF0000]17[/color]/[color=#FF0000]48[/color])
F:\Blason KHATI Hamama.lnk -> F:\z12789176.vbs - [url=https://www.virustotal.com/file/ac04e37e2e592fd220af5d079ae5326c0f90a477876a5bed6cf9965bb8b3ef55/analysis/1392166218/]VirusTotal[/url] - ([color=#FF0000]17[/color]/[color=#FF0000]48[/color])
F:\~$ECONOMIE INTERNATIONLE ISEM.lnk -> F:\z12789176.vbs - [url=https://www.virustotal.com/file/ac04e37e2e592fd220af5d079ae5326c0f90a477876a5bed6cf9965bb8b3ef55/analysis/1392166218/]VirusTotal[/url] - ([color=#FF0000]17[/color]/[color=#FF0000]48[/color])
F:\communication L2.lnk -> F:\z12789176.vbs - [url=https://www.virustotal.com/file/ac04e37e2e592fd220af5d079ae5326c0f90a477876a5bed6cf9965bb8b3ef55/analysis/1392166218/]VirusTotal[/url] - ([color=#FF0000]17[/color]/[color=#FF0000]48[/color])
F:\TP INFORMATIQUE MODULE 6 GRAPHIQUES.lnk -> F:\z12789176.vbs - [url=https://www.virustotal.com/file/ac04e37e2e592fd220af5d079ae5326c0f90a477876a5bed6cf9965bb8b3ef55/analysis/1392166218/]VirusTotal[/url] - ([color=#FF0000]17[/color]/[color=#FF0000]48[/color])
F:\BASE DE DONNEES t.lnk -> F:\z12789176.vbs - [url=https://www.virustotal.com/file/ac04e37e2e592fd220af5d079ae5326c0f90a477876a5bed6cf9965bb8b3ef55/analysis/1392166218/]VirusTotal[/url] - ([color=#FF0000]17[/color]/[color=#FF0000]48[/color])
F:\resume.lnk -> F:\z12789176.vbs - [url=https://www.virustotal.com/file/ac04e37e2e592fd220af5d079ae5326c0f90a477876a5bed6cf9965bb8b3ef55/analysis/1392166218/]VirusTotal[/url] - ([color=#FF0000]17[/color]/[color=#FF0000]48[/color])
F:\BASE DE DONNEES l hk.lnk -> F:\z12789176.vbs - [url=https://www.virustotal.com/file/ac04e37e2e592fd220af5d079ae5326c0f90a477876a5bed6cf9965bb8b3ef55/analysis/1392166218/]VirusTotal[/url] - ([color=#FF0000]17[/color]/[color=#FF0000]48[/color])
F:\Alice.lnk -> F:\z12789176.vbs - [url=https://www.virustotal.com/file/ac04e37e2e592fd220af5d079ae5326c0f90a477876a5bed6cf9965bb8b3ef55/analysis/1392166218/]VirusTotal[/url] - ([color=#FF0000]17[/color]/[color=#FF0000]48[/color])
F:\trois_brasseurs.lnk -> F:\z12789176.vbs - [url=https://www.virustotal.com/file/ac04e37e2e592fd220af5d079ae5326c0f90a477876a5bed6cf9965bb8b3ef55/analysis/1392166218/]VirusTotal[/url] - ([color=#FF0000]17[/color]/[color=#FF0000]48[/color])
F:\macro.lnk -> F:\z12789176.vbs - [url=https://www.virustotal.com/file/ac04e37e2e592fd220af5d079ae5326c0f90a477876a5bed6cf9965bb8b3ef55/analysis/1392166218/]VirusTotal[/url] - ([color=#FF0000]17[/color]/[color=#FF0000]48[/color])
F:\TP INFORMATIQUE MODULE 8 SYNTHETISER UNE BASE DE DONNEES.lnk -> F:\z12789176.vbs - [url=https://www.virustotal.com/file/ac04e37e2e592fd220af5d079ae5326c0f90a477876a5bed6cf9965bb8b3ef55/analysis/1392166218/]VirusTotal[/url] - ([color=#FF0000]17[/color]/[color=#FF0000]48[/color])
F:\TP INFORMATIQUE MODULE 7 GERER LISTE DE DONNES.lnk -> F:\z12789176.vbs - [url=https://www.virustotal.com/file/ac04e37e2e592fd220af5d079ae5326c0f90a477876a5bed6cf9965bb8b3ef55/analysis/1392166218/]VirusTotal[/url] - ([color=#FF0000]17[/color]/[color=#FF0000]48[/color])
F:\hamama.lnk -> F:\z12789176.vbs - [url=https://www.virustotal.com/file/ac04e37e2e592fd220af5d079ae5326c0f90a477876a5bed6cf9965bb8b3ef55/analysis/1392166218/]VirusTotal[/url] - ([color=#FF0000]17[/color]/[color=#FF0000]48[/color])
F:\L (2).lnk -> F:\z12789176.vbs - [url=https://www.virustotal.com/file/ac04e37e2e592fd220af5d079ae5326c0f90a477876a5bed6cf9965bb8b3ef55/analysis/1392166218/]VirusTotal[/url] - ([color=#FF0000]17[/color]/[color=#FF0000]48[/color])

[b]################## | Regedit Run |[/b]

F2 - HKLM\..\Winlogon : [Shell] explorer.exe
F2 - [x64] HKLM\..\Winlogon : [Shell] explorer.exe
F2 - HKLM\..\Winlogon : [Userinit] userinit.exe
F2 - [x64] HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe,
04 - HKCU\..\Run : [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
04 - HKCU\..\Run : [z12789176] wscript.exe //B "C:\Users\DELL\AppData\Local\Temp\z12789176.vbs"
04 - HKLM\..\Run : [StartCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
04 - HKLM\..\Run : [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
04 - HKLM\..\Run : [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
04 - HKLM\..\Run : [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
04 - [x64] HKLM\..\Run : [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
04 - [x64] HKLM\..\Run : [IgfxTray] C:\Windows\system32\igfxtray.exe
04 - [x64] HKLM\..\Run : [HotKeysCmds] C:\Windows\system32\hkcmd.exe
04 - [x64] HKLM\..\Run : [Persistence] C:\Windows\system32\igfxpers.exe
04 - [x64] HKLM\..\Run : [Broadcom Wireless Manager UI] C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe
04 - HKU\S-1-5-19\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-20\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-21-2470031793-1243454118-2787397839-1000\..\Run : [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
04 - HKU\S-1-5-21-2470031793-1243454118-2787397839-1000\..\Run : [z12789176] wscript.exe //B "C:\Users\DELL\AppData\Local\Temp\z12789176.vbs"
04 - HKU\S-1-5-19\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-20\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe

[b]################## | Recherche générique |[/b]

Présent! C:\Users\DELL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\z12789176.vbs
Présent! F:\z12789176.vbs
Présent! C:\Users\DELL\AppData\Local\Temp\z12789176.vbs
Présent! F:\CORRIGE1.lnk
Présent! F:\MONTPELLIER-NANTES_GARE_01-12-12_PALANQUE_JEREMIE_QYSGHK_d8dUwF9uEschIlsCeePd.lnk
Présent! F:\~AutoSave-00000005.lnk
Présent! F:\Document sans titre.lnk
Présent! F:\syncguid.lnk
Présent! F:\~WRL0004.lnk
Présent! F:\~WRL3030.lnk
Présent! F:\MANAGEMENT final.lnk
Présent! F:\CORRIGE.lnk
Présent! F:\KHATI.lnk
Présent! F:\ALARM4.lnk
Présent! F:\~WRL3603.lnk
Présent! F:\Annexe .lnk
Présent! F:\Manoir d'Ardignan modifié le ENT.lnk
Présent! F:\CORRIGE10.lnk
Présent! F:\CORRIGE1000.lnk
Présent! F:\Section 2.lnk
Présent! F:\khati hamama.lnk
Présent! F:\28 05 MATIN.lnk
Présent! F:\def.lnk
Présent! F:\def3.lnk
Présent! F:\def1.lnk
Présent! F:\~WRL4052.lnk
Présent! F:\def2.lnk
Présent! F:\~WRL2652.lnk
Présent! F:\UNIVERSITE MONTPELLIE accueil.lnk
Présent! F:\def30.lnk
Présent! F:\~WRL2525.lnk
Présent! F:\UNIVERSITE MONTPELLIE accueilllll.lnk
Présent! F:\vendredi 31.lnk
Présent! F:\MediaID.lnk
Présent! F:\les 3 premiers modules.lnk
Présent! F:\Transitions.lnk
Présent! F:\INFO TD 3 EXO.lnk
Présent! F:\UNIVERSITE MONTPELLIE accueilllll - Copie.lnk
Présent! F:\mémoire M1 CGNST.lnk
Présent! F:\page de garde.lnk
Présent! F:\cv Hamama KHATI.lnk
Présent! F:\EXOGG.lnk
Présent! F:\Copie de secours de cv Hamama KHATI.lnk
Présent! F:\~$EXOGG.lnk
Présent! F:\Classeur1.lnk
Présent! F:\AAHamama KHATI.lnk
Présent! F:\Bouygues KHATI Hamama.lnk
Présent! F:\Sara(2).lnk
Présent! F:\Blason KHATI Hamama.lnk
Présent! F:\~$ECONOMIE INTERNATIONLE ISEM.lnk
Présent! F:\hamama.lnk
Présent! F:\TP INFORMATIQUE MODULE 6 GRAPHIQUES.lnk
Présent! F:\BASE DE DONNEES t.lnk
Présent! F:\resume.lnk
Présent! F:\BASE DE DONNEES l hk.lnk
Présent! F:\Alice.lnk
Présent! F:\macro.lnk
Présent! F:\L (2).lnk
Présent! F:\siemens.lnk
Présent! F:\finance.lnk
Présent! F:\TP INFORMATIQUE MODULE 7 GERER LISTE DE DONNES.lnk
Présent! F:\TP INFORMATIQUE MODULE 8 SYNTHETISER UNE BASE DE DONNEES.lnk
Présent! F:\RAZLOG.lnk
Présent! F:\trois_brasseurs.lnk
Présent! F:\communication L2.lnk
Présent! F:\cover letter.lnk
Présent! F:\projet ange du désert.lnk
Présent! F:\[Untitled][1].lnk
Présent! F:\UNIVERSITE_MONTPELLIER_I.lnk
Présent! F:\.Trashes.lnk
Présent! F:\anglais présentation.lnk
Présent! F:\~$anglais présentation.lnk
Présent! F:\~$buffet cinema espagnol.lnk
Présent! F:\Hamama KHATI CV.lnk
Présent! F:\KHATI HAMAMA LETTRE DE MOTIVATION.lnk
Présent! F:\FOUND.000.lnk
Présent! F:\.Spotlight-V100.lnk
Présent! F:\KHATIHAMAMA-PC.lnk
Présent! F:\Monographie.lnk
Présent! F:\informatik_L3.lnk
Présent! F:\Evaluation d'entreprise.lnk
Présent! F:\Sponem-These-2004.lnk
Présent! F:\thA_se-MIROIR_-_LAIR.lnk
Présent! F:\These_KOMAREV_Resume_Etendu.lnk
Présent! F:\THESE_KOMAREV_RV.lnk
Présent! F:\ue302(1).lnk
Présent! F:\RAPPORT MISSION 31 03 2014_2.lnk
Présent! F:\067-8conception_systemes_cdg_relations_budget_systeme-meusre_perf.lnk
Présent! F:\Lecon_inaugurale.lnk
Présent! F:\071052.lnk
Présent! F:\legalais.lnk
Présent! F:\syncguid.dat
Présent! F:\RAZLOG\Desktop.ini
Présent! F:\RAZLOG

[b]################## | Registre |[/b]

Présent! HKU\S-1-5-21-2470031793-1243454118-2787397839-1000\Software\Microsoft\Windows\CurrentVersion\Run|z12789176
Présent! HKCU\Software\Microsoft\Windows\CurrentVersion\Run|z12789176

[b]################## | E.O.F | [url=http://www.sosvirus.net/]http://www.sosvirus.net/[/url] | [url=http://www.usbfix.net/]http://www.usbfix.net/[/url] |[/b]

A voir également:

1 réponse

Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 660
22 juin 2014 à 13:28
Salut,

Fais nettoyer.
Désinstalle McAfee Security Scan, sert à rien.
0