Vous pensez être infecté, des pubs s'affichent quand vous naviguez sur internet ?
Perte de données, ralentissement système, virus USB ?
Désinfectez votre ordinateur gratuitement !
  • Avatar du membre
  • Avatar du membre
Avatar du membre
par MARCEL KOUAME
#12593
############################## | UsbFix V 7.145 | [Recherche]

Utilisateur: hp (Administrateur) # HP-PC
Mis à  jour le 17/10/2013 par El Desaparecido - Team SosVirus
Lancé à  12:22:29 | 23/10/2013

Site Web: http://www.usbfix.net/" onclick="window.open(this.href);return false;
Forum : http://www.sosvirus.net/" onclick="window.open(this.href);return false;
Upload Malware: http://www.sosvirus.net/upload_malware.php" onclick="window.open(this.href);return false;
Contact: http://www.usbfix.net/contact/" onclick="window.open(this.href);return false;

PC: Hewlett-Packard (365C)
CPU: Intel(R) Core(TM) i3 CPU M 330 @ 2.13GHz
RAM -> [Total : 4023 | Free : 1370]
Bios: Hewlett-Packard
Boot: Normal boot

OS: Microsoft Windows 7 à‰dition Familiale Premium (6.1.7601 64-Bit) # Service Pack 1
WB: Windows Internet Explorer 10.0.9200.16721

SC: Security Center Service [Enabled]
WU: Windows Update Service [Enabled]
AV: avast! Internet Security [(!) Disabled | Updated]
FW: Windows FireWall Service [Enabled]

C:\ (%systemdrive%) -> Disque fixe # 233 Go (149 Go libre(s) - 64%) [] # NTFS
D:\ -> CD-ROM
E:\ -> Disque fixe # 125 Go (69 Go libre(s) - 55%) [DONNEES] # NTFS
F:\ -> Disque fixe # 107 Go (35 Go libre(s) - 32%) [Nouveau nom] # NTFS
G:\ -> CD-ROM
H:\ -> CD-ROM
I:\ -> CD-ROM
J:\ -> Disque amovible # 14 Go (14 Go libre(s) - 100%) [TOSHIBA] # FAT32

################## | Processus Actif |

C:\Windows\system32\csrss.exe (ID 584 |ParentID 576)
C:\Windows\system32\wininit.exe (ID 636 |ParentID 576)
C:\Windows\system32\csrss.exe (ID 652 |ParentID 644)
C:\Windows\system32\services.exe (ID 708 |ParentID 636)
C:\Windows\system32\lsass.exe (ID 716 |ParentID 636)
C:\Windows\system32\lsm.exe (ID 728 |ParentID 636)
C:\Windows\system32\svchost.exe (ID 816 |ParentID 708)
C:\Windows\system32\winlogon.exe (ID 888 |ParentID 644)
C:\Windows\system32\nvvsvc.exe (ID 944 |ParentID 708)
C:\Windows\system32\svchost.exe (ID 984 |ParentID 708)
C:\Windows\System32\svchost.exe (ID 616 |ParentID 708)
C:\Windows\System32\svchost.exe (ID 540 |ParentID 708)
C:\Windows\system32\svchost.exe (ID 644 |ParentID 708)
C:\Windows\system32\svchost.exe (ID 1032 |ParentID 708)
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_471277d5d45019ea\STacSV64.exe (ID 1128 |ParentID 708)
C:\Windows\system32\Hpservice.exe (ID 1352 |ParentID 708)
C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe (ID 1372 |ParentID 944)
C:\Windows\system32\nvvsvc.exe (ID 1384 |ParentID 944)
C:\Windows\system32\svchost.exe (ID 1464 |ParentID 708)
C:\Windows\system32\WLANExt.exe (ID 1624 |ParentID 540)
C:\Program Files\AVAST Software\Avast\AvastSvc.exe (ID 1632 |ParentID 708)
C:\Windows\system32\conhost.exe (ID 1640 |ParentID 584)
C:\Windows\system32\Dwm.exe (ID 1776 |ParentID 540)
C:\Windows\Explorer.EXE (ID 1784 |ParentID 1764)
C:\Program Files\AVAST Software\Avast\afwServ.exe (ID 1912 |ParentID 708)
C:\Windows\System32\spoolsv.exe (ID 1168 |ParentID 708)
C:\Windows\system32\svchost.exe (ID 1280 |ParentID 708)
C:\Windows\system32\taskhost.exe (ID 1744 |ParentID 708)
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (ID 2076 |ParentID 708)
C:\Windows\system32\taskeng.exe (ID 2120 |ParentID 1032)
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_471277d5d45019ea\AESTSr64.exe (ID 2160 |ParentID 708)
C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe (ID 2524 |ParentID 708)
C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe (ID 2784 |ParentID 2524)
C:\Program Files (x86)\InternetEverywhere\InternetEverywhere_Service.exe (ID 2880 |ParentID 708)
C:\Windows\SysWOW64\nlssrv32.exe (ID 2908 |ParentID 708)
C:\Program Files (x86)\PDF Architect\HelperService.exe (ID 2976 |ParentID 708)
C:\Program Files (x86)\PDF Architect\ConversionService.exe (ID 3016 |ParentID 708)
C:\Windows\system32\svchost.exe (ID 3048 |ParentID 708)
C:\Windows\System32\Drivers\WTSRV.EXE (ID 1860 |ParentID 708)
C:\Windows\system32\svchost.exe (ID 3228 |ParentID 708)
C:\Program Files\IDT\WDM\sttray64.exe (ID 3536 |ParentID 1784)
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (ID 3576 |ParentID 1784)
C:\Program Files (x86)\Internet Download Manager\IDMan.exe (ID 3968 |ParentID 1784)
C:\Windows\system32\SearchIndexer.exe (ID 4036 |ParentID 708)
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (ID 4088 |ParentID 3576)
C:\Windows\SysWOW64\rundll32.exe (ID 3196 |ParentID 1784)
C:\Windows\System32\wscript.exe (ID 3180 |ParentID 1784)
C:\Program Files (x86)\InternetEverywhere\InternetEverywhere_Launcher.exe (ID 3392 |ParentID 1784)
C:\Program Files (x86)\PowerISO\PWRISOVM.EXE (ID 3956 |ParentID 3172)
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (ID 3880 |ParentID 3172)
C:\Windows\SysWOW64\WTClient.exe (ID 3848 |ParentID 3172)
C:\Program Files\AVAST Software\Avast\AvastUI.exe (ID 3768 |ParentID 3172)
C:\Windows\system32\wbem\wmiprvse.exe (ID 4764 |ParentID 816)
C:\Windows\System32\svchost.exe (ID 3216 |ParentID 708)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID 168 |ParentID 1784)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID 4868 |ParentID 168)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID 5040 |ParentID 168)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID 4188 |ParentID 168)
C:\Windows\system32\DllHost.exe (ID 1196 |ParentID 816)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID 4968 |ParentID 168)
C:\Program Files (x86)\DVDVideoSoft\Free YouTube Download\FreeYTVDownloader.exe (ID 4656 |ParentID 1784)
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (ID 3116 |ParentID 816)
C:\Windows\system32\taskhost.exe (ID 4608 |ParentID 708)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID 5896 |ParentID 168)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID 3628 |ParentID 168)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID 2476 |ParentID 168)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID 5996 |ParentID 168)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID 5376 |ParentID 168)
C:\Windows\explorer.exe (ID 1424 |ParentID 816)
C:\Windows\System32\WUDFHost.exe (ID 4256 |ParentID 540)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID 5492 |ParentID 168)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID 5852 |ParentID 168)
C:\UsbFix\Go.exe (ID 4128 |ParentID 4464)
C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\ffmpeg.exe (ID 5268 |ParentID 4656)

################## | Regedit Run |

HKLM\SOFTWARE | Run : [PWRISOVM.EXE] - C:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startup
HKLM\SOFTWARE | Run : [AdobeCS5ServiceManager] - "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
HKLM\SOFTWARE | Run : [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
HKLM\SOFTWARE | Run : [GrooveMonitor] - "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
HKLM\SOFTWARE | Run : [Adobe ARM] - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
HKLM\SOFTWARE | Run : [WTClient] - WTClient.exe
HKLM\SOFTWARE | Run : [avast] - "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
HKLM\SOFTWARE\wow6432Node | Run : [PWRISOVM.EXE] - C:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startup
HKLM\SOFTWARE\wow6432Node | Run : [AdobeCS5ServiceManager] - "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
HKLM\SOFTWARE\wow6432Node | Run : [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
HKLM\SOFTWARE\wow6432Node | Run : [GrooveMonitor] - "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
HKLM\SOFTWARE\wow6432Node | Run : [Adobe ARM] - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
HKLM\SOFTWARE\wow6432Node | Run : [WTClient] - WTClient.exe
HKLM\SOFTWARE\wow6432Node | Run : [avast] - "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
HKLM\SOFTWARE | RunOnce : [] -
HKLM\SOFTWARE\wow6432Node | RunOnce : [] -
HKU\S-1-5-19\SOFTWARE | Run : [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-20\SOFTWARE | Run : [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-21-2169046541-45753796-839280549-1000\SOFTWARE | Run : [DAEMON Tools Lite] - "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
HKU\S-1-5-21-2169046541-45753796-839280549-1000\SOFTWARE | Run : [IDMan] - C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot
HKU\S-1-5-21-2169046541-45753796-839280549-1000\SOFTWARE | Run : [AdobeBridge] -
HKU\S-1-5-21-2169046541-45753796-839280549-1000\SOFTWARE | Run : [Facebook Update] - "C:\Users\hp\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
HKU\S-1-5-21-2169046541-45753796-839280549-1000\SOFTWARE | Run : [NTRedirect] - C:\Windows\SysWOW64\rundll32.exe "C:\Users\hp\AppData\Roaming\BabSolution\Shared\enhancedNT.dll",Run
HKU\S-1-5-21-2169046541-45753796-839280549-1000\SOFTWARE | Run : [swg] - "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
HKU\S-1-5-21-2169046541-45753796-839280549-1000\SOFTWARE | Run : [iTunesHelper] - wscript.exe //B "C:\Users\hp\AppData\Local\Temp\iTunesHelper.vbe"
HKU\S-1-5-19\SOFTWARE | RunOnce : [mctadmin] - C:\Windows\System32\mctadmin.exe
HKU\S-1-5-20\SOFTWARE | RunOnce : [mctadmin] - C:\Windows\System32\mctadmin.exe
HKU\S-1-5-18\SOFTWARE | RunOnce : [SPReview] - "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601

################## | à‰léments infectieux |

Présent! J:\iTunesHelper.vbe
Présent! C:\Users\hp\AppData\Local\Temp\iTunesHelper.vbe
Présent! C:\Users\hp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\iTunesHelper.vbe
Présent! C:\Users\hp\AppData\Local\Temp\nsiB32A.tmp.exe

################## | Registre |

Présent! HKU\S-1-5-21-2169046541-45753796-839280549-1000\Software\Microsoft\Windows\CurrentVersion\Run|iTunesHelper
Présent! HKCU\Software\Microsoft\Windows\CurrentVersion\Run|iTunesHelper
Présent! HKU\S-1-5-21-2169046541-45753796-839280549-1000\Software\Microsoft\Windows\CurrentVersion\Run|iTunesHelper
Présent! HKCU\Software\Microsoft\Windows\CurrentVersion\Run|iTunesHelper
Présent! HKU\S-1-5-21-2169046541-45753796-839280549-1000\Software\Microsoft\Windows\CurrentVersion\Run|iTunesHelper
Présent! HKCU\Software\Microsoft\Windows\CurrentVersion\Run|iTunesHelper
HKCU\.\.\.\.\Explorer\MountPoints2\{f044754c-9734-11e2-92f4-00269ec426a3}
Shell\AutoRun\Command = G:\.\Setup.exe AUTORUN=1



################## | Vaccin |

(!) Cet ordinateur n'est pas vacciné!

################## | E.O.F | http://www.usbfix.net" onclick="window.open(this.href);return false; - http://www.sosvirus.net" onclick="window.open(this.href);return false; |


############################## | UsbFix V 7.145 | [Suppression]

Utilisateur: hp (Administrateur) # HP-PC
Mis à  jour le 17/10/2013 par El Desaparecido - Team SosVirus
Lancé à  13:43:17 | 23/10/2013

Site Web: http://www.usbfix.net/" onclick="window.open(this.href);return false;
Forum : http://www.sosvirus.net/" onclick="window.open(this.href);return false;
Upload Malware: http://www.sosvirus.net/upload_malware.php" onclick="window.open(this.href);return false;
Contact: http://www.usbfix.net/contact/" onclick="window.open(this.href);return false;

PC: Hewlett-Packard (365C)
CPU: Intel(R) Core(TM) i3 CPU M 330 @ 2.13GHz
RAM -> [Total : 4023 | Free : 1070]
Bios: Hewlett-Packard
Boot: Normal boot

OS: Microsoft Windows 7 à‰dition Familiale Premium (6.1.7601 64-Bit) # Service Pack 1
WB: Windows Internet Explorer 10.0.9200.16721

SC: Security Center Service [Enabled]
WU: Windows Update Service [Enabled]
AV: avast! Internet Security [(!) Disabled | Updated]
FW: Windows FireWall Service [Enabled]

C:\ (%systemdrive%) -> Disque fixe # 233 Go (149 Go libre(s) - 64%) [] # NTFS
D:\ -> CD-ROM
E:\ -> Disque fixe # 125 Go (69 Go libre(s) - 55%) [DONNEES] # NTFS
F:\ -> Disque fixe # 107 Go (35 Go libre(s) - 32%) [Nouveau nom] # NTFS
G:\ -> CD-ROM
H:\ -> CD-ROM
I:\ -> CD-ROM
J:\ -> Disque amovible # 14 Go (14 Go libre(s) - 100%) [TOSHIBA] # FAT32

################## | Regedit Run |

HKLM\SOFTWARE | Run : [PWRISOVM.EXE] - C:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startup
HKLM\SOFTWARE | Run : [AdobeCS5ServiceManager] - "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
HKLM\SOFTWARE | Run : [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
HKLM\SOFTWARE | Run : [GrooveMonitor] - "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
HKLM\SOFTWARE | Run : [Adobe ARM] - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
HKLM\SOFTWARE | Run : [WTClient] - WTClient.exe
HKLM\SOFTWARE | Run : [avast] - "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
HKLM\SOFTWARE\wow6432Node | Run : [PWRISOVM.EXE] - C:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startup
HKLM\SOFTWARE\wow6432Node | Run : [AdobeCS5ServiceManager] - "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
HKLM\SOFTWARE\wow6432Node | Run : [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
HKLM\SOFTWARE\wow6432Node | Run : [GrooveMonitor] - "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
HKLM\SOFTWARE\wow6432Node | Run : [Adobe ARM] - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
HKLM\SOFTWARE\wow6432Node | Run : [WTClient] - WTClient.exe
HKLM\SOFTWARE\wow6432Node | Run : [avast] - "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
HKLM\SOFTWARE | RunOnce : [] -
HKLM\SOFTWARE\wow6432Node | RunOnce : [] -
HKU\S-1-5-19\SOFTWARE | Run : [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-20\SOFTWARE | Run : [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-21-2169046541-45753796-839280549-1000\SOFTWARE | Run : [DAEMON Tools Lite] - "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
HKU\S-1-5-21-2169046541-45753796-839280549-1000\SOFTWARE | Run : [IDMan] - C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot
HKU\S-1-5-21-2169046541-45753796-839280549-1000\SOFTWARE | Run : [AdobeBridge] -
HKU\S-1-5-21-2169046541-45753796-839280549-1000\SOFTWARE | Run : [Facebook Update] - "C:\Users\hp\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
HKU\S-1-5-21-2169046541-45753796-839280549-1000\SOFTWARE | Run : [NTRedirect] - C:\Windows\SysWOW64\rundll32.exe "C:\Users\hp\AppData\Roaming\BabSolution\Shared\enhancedNT.dll",Run
HKU\S-1-5-21-2169046541-45753796-839280549-1000\SOFTWARE | Run : [swg] - "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
HKU\S-1-5-21-2169046541-45753796-839280549-1000\SOFTWARE | Run : [iTunesHelper] - wscript.exe //B "C:\Users\hp\AppData\Local\Temp\iTunesHelper.vbe"
HKU\S-1-5-19\SOFTWARE | RunOnce : [mctadmin] - C:\Windows\System32\mctadmin.exe
HKU\S-1-5-20\SOFTWARE | RunOnce : [mctadmin] - C:\Windows\System32\mctadmin.exe
HKU\S-1-5-18\SOFTWARE | RunOnce : [SPReview] - "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601

################## | Processus Stoppés |

Stoppé! C:\Windows\system32\nvvsvc.exe (ID 944 |ParentID 708)
Stoppé! C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_471277d5d45019ea\STacSV64.exe (ID 1128 |ParentID 708)
Stoppé! C:\Windows\system32\Hpservice.exe (ID 1352 |ParentID 708)
Stoppé! C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe (ID 1372 |ParentID 944)
Stoppé! C:\Windows\system32\nvvsvc.exe (ID 1384 |ParentID 944)
Stoppé! C:\Windows\system32\WLANExt.exe (ID 1624 |ParentID 540)
Stoppé! C:\Program Files\AVAST Software\Avast\AvastSvc.exe (ID 1632 |ParentID 708)
Stoppé! C:\Windows\system32\conhost.exe (ID 1640 |ParentID 584)
Stoppé! C:\Windows\Explorer.EXE (ID 1784 |ParentID 1764)
Stoppé! C:\Program Files\AVAST Software\Avast\afwServ.exe (ID 1912 |ParentID 708)
Stoppé! C:\Windows\System32\spoolsv.exe (ID 1168 |ParentID 708)
Stoppé! C:\Windows\system32\taskhost.exe (ID 1744 |ParentID 708)
Stoppé! C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (ID 2076 |ParentID 708)
Stoppé! C:\Windows\system32\taskeng.exe (ID 2120 |ParentID 1032)
Stoppé! C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_471277d5d45019ea\AESTSr64.exe (ID 2160 |ParentID 708)
Stoppé! C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe (ID 2524 |ParentID 708)
Stoppé! C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe (ID 2784 |ParentID 2524)
Stoppé! C:\Program Files (x86)\InternetEverywhere\InternetEverywhere_Service.exe (ID 2880 |ParentID 708)
Stoppé! C:\Windows\SysWOW64\nlssrv32.exe (ID 2908 |ParentID 708)
Stoppé! C:\Program Files (x86)\PDF Architect\HelperService.exe (ID 2976 |ParentID 708)
Stoppé! C:\Program Files (x86)\PDF Architect\ConversionService.exe (ID 3016 |ParentID 708)
Stoppé! C:\Windows\System32\Drivers\WTSRV.EXE (ID 1860 |ParentID 708)
Stoppé! C:\Program Files\IDT\WDM\sttray64.exe (ID 3536 |ParentID 1784)
Stoppé! C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (ID 3576 |ParentID 1784)
Stoppé! C:\Program Files (x86)\Internet Download Manager\IDMan.exe (ID 3968 |ParentID 1784)
Stoppé! C:\Windows\system32\SearchIndexer.exe (ID 4036 |ParentID 708)
Stoppé! C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (ID 4088 |ParentID 3576)
Stoppé! C:\Windows\SysWOW64\rundll32.exe (ID 3196 |ParentID 1784)
Stoppé! C:\Windows\System32\wscript.exe (ID 3180 |ParentID 1784)
Stoppé! C:\Program Files (x86)\InternetEverywhere\InternetEverywhere_Launcher.exe (ID 3392 |ParentID 1784)
Stoppé! C:\Program Files (x86)\PowerISO\PWRISOVM.EXE (ID 3956 |ParentID 3172)
Stoppé! C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (ID 3880 |ParentID 3172)
Stoppé! C:\Windows\SysWOW64\WTClient.exe (ID 3848 |ParentID 3172)
Stoppé! C:\Program Files\AVAST Software\Avast\AvastUI.exe (ID 3768 |ParentID 3172)
Stoppé! C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID 168 |ParentID 1784)
Stoppé! C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID 4868 |ParentID 168)
Stoppé! C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID 5040 |ParentID 168)
Stoppé! C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID 4188 |ParentID 168)
Stoppé! C:\Windows\system32\DllHost.exe (ID 1196 |ParentID 816)
Stoppé! C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID 4968 |ParentID 168)
Stoppé! C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (ID 3116 |ParentID 816)
Stoppé! C:\Windows\system32\taskhost.exe (ID 4608 |ParentID 708)
Stoppé! C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID 5896 |ParentID 168)
Stoppé! C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID 3628 |ParentID 168)
Stoppé! C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID 2476 |ParentID 168)
Stoppé! C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID 5996 |ParentID 168)
Stoppé! C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID 5376 |ParentID 168)
Stoppé! C:\Windows\explorer.exe (ID 1424 |ParentID 816)
Stoppé! C:\Windows\System32\WUDFHost.exe (ID 4256 |ParentID 540)
Stoppé! C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID 5492 |ParentID 168)
Stoppé! C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID 5196 |ParentID 168)
Stoppé! C:\Windows\SysWOW64\NOTEPAD.EXE (ID 4368 |ParentID 4128)
Stoppé! C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID 5512 |ParentID 168)
Stoppé! C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID 3500 |ParentID 168)
Stoppé! C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID 5296 |ParentID 168)

################## | à‰léments infectieux |

Supprimé! J:\iTunesHelper.vbe
Supprimé! C:\Users\hp\AppData\Local\Temp\iTunesHelper.vbe
Supprimé! C:\Users\hp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\iTunesHelper.vbe
Supprimé! C:\Users\hp\AppData\Local\Temp\nsiB32A.tmp.exe

(!) Fichiers temporaires supprimés.

################## | Registre |

Supprimé! HKU\S-1-5-21-2169046541-45753796-839280549-1000\Software\Microsoft\Windows\CurrentVersion\Run|iTunesHelper
Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{f044754c-9734-11e2-92f4-00269ec426a3}

################## | Listing |

[27/03/2013 - 00:44:02 | SHD ] C:\$Recycle.Bin
[14/07/2009 - 07:08:56 | SHD ] C:\Documents and Settings
[07/11/2007 - 08:00:40 | N | 17734] C:\eula.1028.txt
[07/11/2007 - 08:00:40 | N | 17734] C:\eula.1031.txt
[07/11/2007 - 08:00:40 | N | 10134] C:\eula.1033.txt
[07/11/2007 - 08:00:40 | N | 17734] C:\eula.1036.txt
[07/11/2007 - 08:00:40 | N | 17734] C:\eula.1040.txt
[07/11/2007 - 08:00:40 | N | 118] C:\eula.1041.txt
[07/11/2007 - 08:00:40 | N | 17734] C:\eula.1042.txt
[07/11/2007 - 08:00:40 | N | 17734] C:\eula.2052.txt
[07/11/2007 - 08:00:40 | N | 17734] C:\eula.3082.txt
[07/11/2007 - 08:00:40 | N | 1110] C:\globdata.ini
[23/10/2013 - 09:23:09 | ASH | 3163709440] C:\hiberfil.sys
[07/11/2007 - 08:03:18 | N | 562688] C:\install.exe
[07/11/2007 - 08:00:40 | N | 843] C:\install.ini
[07/11/2007 - 08:03:18 | N | 76304] C:\install.res.1028.dll
[07/11/2007 - 08:03:18 | N | 96272] C:\install.res.1031.dll
[07/11/2007 - 08:03:18 | N | 91152] C:\install.res.1033.dll
[07/11/2007 - 08:03:18 | N | 97296] C:\install.res.1036.dll
[07/11/2007 - 08:03:18 | N | 95248] C:\install.res.1040.dll
[07/11/2007 - 08:03:18 | N | 81424] C:\install.res.1041.dll
[07/11/2007 - 08:03:18 | N | 79888] C:\install.res.1042.dll
[07/11/2007 - 08:03:18 | N | 75792] C:\install.res.2052.dll
[07/11/2007 - 08:03:18 | N | 96272] C:\install.res.3082.dll
[11/04/2013 - 02:21:51 | RHD ] C:\MSOCache
[23/10/2013 - 09:23:11 | ASH | 4218281984] C:\pagefile.sys
[14/07/2009 - 05:20:08 | D ] C:\PerfLogs
[21/10/2013 - 12:45:46 | D ] C:\Program Files
[21/10/2013 - 12:38:20 | D ] C:\Program Files (x86)
[07/10/2013 - 01:55:21 | HD ] C:\ProgramData
[27/03/2013 - 00:43:42 | SHD ] C:\Recovery
[21/10/2013 - 12:45:37 | SHD ] C:\System Volume Information
[23/10/2013 - 13:50:52 | D ] C:\UsbFix
[23/10/2013 - 13:53:53 | A | 11518] C:\UsbFix [Clean 2] HP-PC.txt
[23/10/2013 - 13:11:56 | N | 10874] C:\UsbFix [Scan 2] HP-PC.txt
[27/03/2013 - 00:43:54 | RD ] C:\Users
[07/11/2007 - 08:00:40 | N | 5686] C:\vcredist.bmp
[07/11/2007 - 08:09:22 | N | 1442522] C:\VC_RED.cab
[07/11/2007 - 08:12:28 | N | 232960] C:\VC_RED.MSI
[23/10/2013 - 09:20:44 | D ] C:\Windows
[26/03/2013 - 23:57:52 | D ] C:\Windows.old
[27/03/2013 - 14:51:36 | SHD ] E:\$RECYCLE.BIN
[04/01/2013 - 19:15:10 | N | 4096] E:\._Les services agences.doc
[05/08/2013 - 08:48:13 | N | 0] E:\1092_914431_MVM_3.tmp
[05/08/2013 - 08:48:13 | N | 0] E:\1092_914431_MVM_6.tmp
[28/07/2013 - 17:32:07 | N | 0] E:\4212_11488974_MVM_3.tmp
[28/07/2013 - 17:32:07 | N | 0] E:\4212_11488974_MVM_6.tmp
[29/07/2013 - 09:56:11 | N | 0] E:\4480_8128400_MVM_3.tmp
[19/07/2013 - 09:50:14 | D ] E:\Adou
[26/07/2013 - 16:15:10 | D ] E:\Ancien 2009
[11/07/2013 - 16:36:35 | D ] E:\blond curly woman holding lily
[22/07/2013 - 23:45:45 | N | 7948779] E:\BOOK DE MARCEL KOUAME.pdf
[10/04/2013 - 20:36:32 | D ] E:\Bread Templates
[30/03/2013 - 15:12:31 | D ] E:\cinema 4d
[10/04/2013 - 20:36:30 | D ] E:\Coffee_Collection_-_25_HQ_JPEG_Stock_Photo.part1.rar1358348448.tmp
[17/06/2013 - 06:17:00 | D ] E:\doc belle enchanteresse
[17/07/2013 - 23:16:12 | D ] E:\doc clé
[10/04/2013 - 07:22:46 | N | 1619798] E:\DSC06270.JPG
[19/07/2013 - 09:54:34 | D ] E:\eps
[15/04/2013 - 08:05:53 | N | 41254988] E:\EXE.BEKY LINGERIE - 200 CM X 50 CM.pdf
[08/08/2013 - 19:40:42 | D ] E:\FeminineSuperSizePhotos.rar Folder
[10/04/2013 - 20:37:23 | D ] E:\Fresh bread in the basket
[26/07/2013 - 17:19:34 | D ] E:\Images bank HD
[13/05/2013 - 00:48:09 | D ] E:\interativ'co doc
[23/07/2013 - 00:03:04 | N | 12176] E:\Marcel KOUME-lettre de motivation.docx
[19/07/2013 - 09:51:38 | D ] E:\new
[12/04/2013 - 21:38:12 | D ] E:\polices
[20/06/2013 - 06:42:12 | D ] E:\PSD
[19/07/2013 - 19:18:14 | N | 14708] E:\PV DU 14 JUILLET 2013.docx
[18/04/2013 - 07:30:15 | D ] E:\site c4d
[27/03/2013 - 14:51:37 | SHD ] E:\System Volume Information
[23/09/2013 - 21:37:19 | D ] E:\taffs
[20/06/2013 - 20:08:17 | N | 62464] E:\Team Excell_v1.doc
[13/07/2013 - 15:44:38 | D ] E:\TEAMEXCELL
[03/10/2013 - 16:11:59 | D ] E:\to take?
[17/10/2013 - 11:14:16 | D ] E:\tutos
[26/07/2013 - 16:24:57 | D ] E:\Vector MG
[26/07/2013 - 16:14:17 | D ] E:\vectors
[27/03/2013 - 14:51:36 | SHD ] F:\$RECYCLE.BIN
[05/08/2013 - 08:48:13 | N | 0] F:\1092_914431_MVM_2.tmp
[05/08/2013 - 08:48:13 | N | 0] F:\1092_914431_MVM_5.tmp
[28/07/2013 - 17:32:07 | N | 0] F:\4212_11488974_MVM_2.tmp
[28/07/2013 - 17:32:07 | N | 0] F:\4212_11488974_MVM_5.tmp
[29/07/2013 - 09:56:11 | N | 0] F:\4480_8128400_MVM_2.tmp
[29/07/2013 - 09:56:11 | N | 0] F:\4480_8128400_MVM_5.tmp
[02/08/2013 - 15:17:39 | N | 25236] F:\710638021237.png
[02/08/2013 - 15:22:42 | N | 76102] F:\950721679823.png
[16/04/2013 - 06:34:14 | D ] F:\Amazing Lingerie p.28
[25/05/2013 - 16:27:11 | N | 2353391] F:\belle enchanteresse.docx
[12/10/2013 - 10:47:21 | D ] F:\big
[01/08/2013 - 18:49:47 | D ] F:\CCDO
[03/10/2013 - 15:55:12 | D ] F:\clé 16g
[26/04/2013 - 07:36:21 | D ] F:\contenu clé
[17/10/2013 - 16:44:54 | D ] F:\dessin ecole
[17/10/2013 - 21:24:55 | D ] F:\fimls
[20/05/2013 - 15:51:33 | D ] F:\Food&Dishes
[31/07/2013 - 09:00:43 | D ] F:\fredy
[16/04/2013 - 06:45:45 | D ] F:\freemium_tropical_party_flyer_by_ultimateboss-d4dswxb
[14/07/2013 - 15:41:55 | D ] F:\Hearts_3_Vectors
[25/04/2013 - 22:20:01 | D ] F:\Image 01
[23/06/2013 - 07:24:36 | D ] F:\image HD
[25/04/2013 - 22:20:31 | D ] F:\Images
[27/07/2013 - 19:49:06 | N | 5573] F:\images.jpg
[25/07/2013 - 10:48:57 | D ] F:\LOGOS DE TOUS SOCIETES
[02/08/2013 - 13:45:07 | D ] F:\mes vectors
[06/08/2013 - 02:14:43 | D ] F:\mes vectors 111111
[22/07/2013 - 01:16:21 | N | 8905] F:\mon pressbook copie-01.png
[14/10/2013 - 09:47:26 | D ] F:\new doc important
[17/08/2011 - 17:12:54 | N | 27768766] F:\REVOLUTIONPARTYFLYER by ultimateboss.psd
[30/07/2013 - 11:38:40 | N | 27465] F:\stock-vector-bookmarks-icon-set-63755776.jpg
[30/07/2013 - 11:34:40 | N | 36638] F:\stock-vector-modern-spiral-infographics-options-banner-vector-illustration-can-be-used-for-workflow-layout-129229757.jpg
[27/03/2013 - 14:51:36 | SHD ] F:\System Volume Information

################## | Vaccin |

C:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
E:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
F:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
J:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)

################## | E.O.F | http://www.usbfix.net" onclick="window.open(this.href);return false; - http://www.sosvirus.net" onclick="window.open(this.href);return false; |

bonsoir oki pour la fermeture je m'en charge car[…]

how to clean junk files

Hello don't use this program , it's a bullshit :)

Bonjour https://www.aht.li/3213847/AdsFix.exe b[…]

De rien Bon WE :)