Vous pensez être infecté, des pubs s'affichent quand vous naviguez sur internet ?
Perte de données, ralentissement système, virus USB ?
Désinfectez votre ordinateur gratuitement !
  • Avatar du membre
  • Avatar du membre
Avatar du membre
par Marion01
#18539
Bonjour, je ne comprends pas grand chose à  l'informatique.
J'ai un virus sur les ports USB de mon ordinateur qui infecte toutes clés USB que je connecte.
On m'a dit de télécharger USBfix mais le tutoriel me renvoie sur votre site.
Est-ce que vous pourriez m'expliquer comment faire pour vacciner mon ordi ?

Voilà  le rapport que la "recherche" dans usbfix a donné:

############################## | UsbFix V 7.152 | [Recherche]

Utilisateur: util (Administrateur) # UTIL-VAIO
Mis à  jour le 20/11/2013 par El Desaparecido - Team SosVirus
Lancé à  18:06:49 | 22/11/2013

Site Web : http://www.usbfix.net" onclick="window.open(this.href);return false;
Forum : http://www.sosvirus.net/" onclick="window.open(this.href);return false;
Upload Malware : http://www.sosvirus.net/upload_malware.php" onclick="window.open(this.href);return false;
Contact : http://www.usbfix.net/contact/" onclick="window.open(this.href);return false;

PC: Sony Corporation (VAIO)
CPU: Intel(R) Core(TM) i3 CPU M 350 @ 2.27GHz
RAM -> [Total : 3950 | Free : 2120]
Bios: American Megatrends Inc.
Boot: Normal boot

OS: Microsoft Windows 7 à‰dition Familiale Premium (6.1.7601 64-Bit) Service Pack 1
WB: Windows Internet Explorer : 10.0.9200.16736
WB: Google Chrome : 0.0.0.0
WB: Mozilla Firefox : 25.0.1

SC: Security Center Service [Enabled]
WU: Windows Update Service [Enabled]
AS: Windows Defender [Enabled | Updated]
AS: Windows Defender : 6.1.7600.16385 (win7_rtm.090713-1255)
FW: Windows FireWall Service [Enabled]

C:\ (%systemdrive%) -> Disque fixe # 455 Go (76 Go libre(s) - 17%) [] # NTFS
E:\ -> CD-ROM
G:\ -> Disque amovible # 4 Go (2 Go libre(s) - 54%) [MARION] # FAT32

################## | Processus Actif |

C:\Windows\system32\csrss.exe (ID: 536 |ParentID: 528)
C:\Windows\system32\wininit.exe (ID: 608 |ParentID: 528)
C:\Windows\system32\csrss.exe (ID: 636 |ParentID: 620)
C:\Windows\system32\services.exe (ID: 676 |ParentID: 608)
C:\Windows\system32\winlogon.exe (ID: 712 |ParentID: 620)
C:\Windows\system32\lsass.exe (ID: 724 |ParentID: 608)
C:\Windows\system32\lsm.exe (ID: 732 |ParentID: 608)
C:\Windows\system32\svchost.exe (ID: 844 |ParentID: 676)
C:\Windows\system32\svchost.exe (ID: 940 |ParentID: 676)
C:\Windows\system32\atiesrxx.exe (ID: 1004 |ParentID: 676)
C:\Windows\System32\svchost.exe (ID: 400 |ParentID: 676)
C:\Windows\System32\svchost.exe (ID: 532 |ParentID: 676)
C:\Windows\system32\svchost.exe (ID: 668 |ParentID: 676)
C:\Windows\system32\svchost.exe (ID: 788 |ParentID: 676)
C:\Windows\system32\svchost.exe (ID: 1196 |ParentID: 676)
C:\Windows\system32\atieclxx.exe (ID: 1312 |ParentID: 1004)
C:\Windows\System32\spoolsv.exe (ID: 1580 |ParentID: 676)
C:\Windows\system32\svchost.exe (ID: 1652 |ParentID: 676)
C:\Windows\system32\taskhost.exe (ID: 1832 |ParentID: 676)
C:\Windows\system32\taskeng.exe (ID: 1920 |ParentID: 788)
C:\Windows\system32\Dwm.exe (ID: 1984 |ParentID: 532)
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (ID: 1992 |ParentID: 676)
C:\Windows\Explorer.EXE (ID: 2000 |ParentID: 1976)
C:\Program Files (x86)\Sony\Setting Utility Series\WBCBatteryCare.exe (ID: 2020 |ParentID: 1920)
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (ID: 728 |ParentID: 676)
C:\Program Files\Sony\VAIO Care\VAIOCareService.exe (ID: 1764 |ParentID: 1920)
C:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe (ID: 1700 |ParentID: 1920)
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe (ID: 1888 |ParentID: 1920)
C:\Program Files\Bonjour\mDNSResponder.exe (ID: 2380 |ParentID: 676)
C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (ID: 2648 |ParentID: 676)
C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE (ID: 2776 |ParentID: 676)
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (ID: 2800 |ParentID: 2000)
C:\Program Files\Java\jre6\bin\jusched.exe (ID: 2820 |ParentID: 2000)
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (ID: 2904 |ParentID: 2800)
C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE (ID: 2912 |ParentID: 2000)
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (ID: 2984 |ParentID: 2000)
C:\Users\util\AppData\Roaming\cacaoweb\cacaoweb.exe (ID: 2996 |ParentID: 2000)
C:\Windows\System32\StikyNot.exe (ID: 3004 |ParentID: 2000)
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (ID: 3032 |ParentID: 2000)
C:\Users\util\AppData\Roaming\Dropbox\bin\Dropbox.exe (ID: 2472 |ParentID: 2000)
C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (ID: 1176 |ParentID: 2000)
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (ID: 2840 |ParentID: 676)
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (ID: 2620 |ParentID: 3020)
C:\Program Files (x86)\SONY\ISB Utility\ISBMgr.exe (ID: 2608 |ParentID: 3020)
C:\Program Files (x86)\SONY\PMB\PMBVolumeWatcher.exe (ID: 2752 |ParentID: 3020)
C:\Program Files (x86)\SONY\Marketing Tools\MarketingTools.exe (ID: 2496 |ParentID: 3020)
C:\Program Files\Alwil Software\Avast5\AvastUI.exe (ID: 2532 |ParentID: 3020)
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (ID: 3012 |ParentID: 2956)
C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe (ID: 3128 |ParentID: 676)
C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (ID: 3316 |ParentID: 3020)
C:\Program Files (x86)\iTunes\iTunesHelper.exe (ID: 3336 |ParentID: 3020)
C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE (ID: 3492 |ParentID: 3020)
C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe (ID: 3524 |ParentID: 3020)
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (ID: 3604 |ParentID: 3020)
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (ID: 4000 |ParentID: 3012)
C:\Program Files\Sony\VAIO Care\VCsystray.exe (ID: 3120 |ParentID: 1920)
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (ID: 2956 |ParentID: 676)
C:\Windows\system32\svchost.exe (ID: 3816 |ParentID: 676)
C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe (ID: 3156 |ParentID: 676)
C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe (ID: 4104 |ParentID: 676)
C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe (ID: 4156 |ParentID: 676)
C:\Windows\splwow64.exe (ID: 4260 |ParentID: 3492)
C:\Program Files\Sony\VAIO Smart Network\VSNService.exe (ID: 4328 |ParentID: 676)
C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (ID: 4392 |ParentID: 676)
C:\Windows\System32\svchost.exe (ID: 4412 |ParentID: 676)
C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe (ID: 4492 |ParentID: 4328)
C:\Windows\SysWOW64\DllHost.exe (ID: 4836 |ParentID: 844)
C:\Program Files (x86)\SONY\VAIO Event Service\VESMgrSub.exe (ID: 1828 |ParentID: 4104)
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (ID: 4060 |ParentID: 676)
C:\Program Files\iPod\bin\iPodService.exe (ID: 5108 |ParentID: 676)
C:\Program Files\Sony\VAIO Power Management\SPMService.exe (ID: 5172 |ParentID: 676)
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (ID: 5204 |ParentID: 676)
C:\Windows\system32\SearchIndexer.exe (ID: 5288 |ParentID: 676)
C:\Windows\system32\svchost.exe (ID: 5536 |ParentID: 676)
C:\Windows\system32\svchost.exe (ID: 5764 |ParentID: 676)
C:\Windows\System32\WUDFHost.exe (ID: 5812 |ParentID: 532)
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe (ID: 6000 |ParentID: 844)
C:\Windows\system32\wbem\wmiprvse.exe (ID: 5328 |ParentID: 844)
C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe (ID: 5760 |ParentID: 6000)
C:\Windows\SysWOW64\DllHost.exe (ID: 5568 |ParentID: 844)
C:\Program Files\Windows Media Player\wmpnetwk.exe (ID: 1976 |ParentID: 676)
C:\Windows\SysWOW64\DllHost.exe (ID: 7040 |ParentID: 844)
C:\Program Files (x86)\Mozilla Firefox\firefox.exe (ID: 4888 |ParentID: 2000)
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (ID: 5348 |ParentID: 676)
C:\Program Files\Windows Sidebar\sidebar.exe (ID: 3748 |ParentID: 7080)
C:\Windows\servicing\TrustedInstaller.exe (ID: 3772 |ParentID: 676)
C:\Windows\system32\SearchProtocolHost.exe (ID: 2892 |ParentID: 5288)
C:\Windows\system32\SearchFilterHost.exe (ID: 3476 |ParentID: 5288)
C:\UsbFix\Go.exe (ID: 1712 |ParentID: 3068)
C:\Windows\system32\wbem\wmiprvse.exe (ID: 6828 |ParentID: 844)

################## | Regedit Run |

04 - HKLM\SOFTWARE | Run : [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
04 - HKLM\SOFTWARE | Run : [ISBMgr.exe] - "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"
04 - HKLM\SOFTWARE | Run : [StartCCC] - "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
04 - HKLM\SOFTWARE | Run : [NortonOnlineBackupReminder] - "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
04 - HKLM\SOFTWARE | Run : [PMBVolumeWatcher] - C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
04 - HKLM\SOFTWARE | Run : [MarketingTools] - C:\Program Files (x86)\Sony\Marketing Tools\MarketingTools.exe
04 - HKLM\SOFTWARE | Run : [avast5] - "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
04 - HKLM\SOFTWARE | Run : [EEventManager] - C:\PROGRA~2\EPSONS~1\EVENTM~1\EEventManager.exe
04 - HKLM\SOFTWARE | Run : [APSDaemon] - "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
04 - HKLM\SOFTWARE | Run : [iTunesHelper] - "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
04 - HKLM\SOFTWARE | Run : [BCSSync] - "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
04 - HKLM\SOFTWARE | Run : [CanonSolutionMenuEx] - C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
04 - HKLM\SOFTWARE | Run : [Adobe ARM] - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
04 - HKLM\SOFTWARE | Run : [IJNetworkScannerSelectorEX] - C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
04 - HKLM\SOFTWARE | Run : [SunJavaUpdateSched] - "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
04 - HKLM\SOFTWARE\wow6432Node | Run : [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
04 - HKLM\SOFTWARE\wow6432Node | Run : [ISBMgr.exe] - "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"
04 - HKLM\SOFTWARE\wow6432Node | Run : [StartCCC] - "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
04 - HKLM\SOFTWARE\wow6432Node | Run : [NortonOnlineBackupReminder] - "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
04 - HKLM\SOFTWARE\wow6432Node | Run : [PMBVolumeWatcher] - C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
04 - HKLM\SOFTWARE\wow6432Node | Run : [MarketingTools] - C:\Program Files (x86)\Sony\Marketing Tools\MarketingTools.exe
04 - HKLM\SOFTWARE\wow6432Node | Run : [avast5] - "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
04 - HKLM\SOFTWARE\wow6432Node | Run : [EEventManager] - C:\PROGRA~2\EPSONS~1\EVENTM~1\EEventManager.exe
04 - HKLM\SOFTWARE\wow6432Node | Run : [APSDaemon] - "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
04 - HKLM\SOFTWARE\wow6432Node | Run : [iTunesHelper] - "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
04 - HKLM\SOFTWARE\wow6432Node | Run : [BCSSync] - "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
04 - HKLM\SOFTWARE\wow6432Node | Run : [CanonSolutionMenuEx] - C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
04 - HKLM\SOFTWARE\wow6432Node | Run : [Adobe ARM] - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
04 - HKLM\SOFTWARE\wow6432Node | Run : [IJNetworkScannerSelectorEX] - C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
04 - HKLM\SOFTWARE\wow6432Node | Run : [SunJavaUpdateSched] - "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
04 - HKLM\SOFTWARE | RunOnce : [] -
04 - HKLM\SOFTWARE\wow6432Node | RunOnce : [] -
04 - HKU\S-1-5-19\SOFTWARE | Run : [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-20\SOFTWARE | Run : [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-21-4171943823-1265886224-166694169-1000\SOFTWARE | Run : [ccleaner] - "C:\Program Files\CCleaner\CCleaner64.exe" /AUTO
04 - HKU\S-1-5-21-4171943823-1265886224-166694169-1000\SOFTWARE | Run : [EPSON SX510W Series] - C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFIE.EXE /FU "C:\Windows\TEMP\E_S6FA3.tmp" /EF "HKCU"
04 - HKU\S-1-5-21-4171943823-1265886224-166694169-1000\SOFTWARE | Run : [Facebook Update] - "C:\Users\util\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
04 - HKU\S-1-5-21-4171943823-1265886224-166694169-1000\SOFTWARE | Run : [Sidebar] - C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
04 - HKU\S-1-5-21-4171943823-1265886224-166694169-1000\SOFTWARE | Run : [swg] - "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
04 - HKU\S-1-5-21-4171943823-1265886224-166694169-1000\SOFTWARE | Run : [cacaoweb] - "C:\Users\util\AppData\Roaming\cacaoweb\cacaoweb.exe" -noplayer
04 - HKU\S-1-5-21-4171943823-1265886224-166694169-1000\SOFTWARE | Run : [RESTART_STICKY_NOTES] - C:\Windows\System32\StikyNot.exe
04 - HKU\S-1-5-21-4171943823-1265886224-166694169-1000\SOFTWARE | Run : [iTunesHelper] - wscript.exe //B "C:\Users\util\AppData\Local\Temp\iTunesHelper.vbe"
04 - HKU\S-1-5-19\SOFTWARE | RunOnce : [mctadmin] - C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-20\SOFTWARE | RunOnce : [mctadmin] - C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-18\SOFTWARE | RunOnce : [SPReview] - "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601

################## | Recherche générique |

Présent! C:\Users\util\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\iTunesHelper.vbe

################## | Référence de comparaison MD5 |

Md5 : E0EB892AA2F6A759B68EB0F11F9B5A47 -> C:\Users\util\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\iTunesHelper.vbe
Md5 : E0EB892AA2F6A759B68EB0F11F9B5A47 -> C:\Users\util\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\iTunesHelper.vbe

################## | Comparaison MD5 |

Présent! Md5 : E0EB892AA2F6A759B68EB0F11F9B5A47 -> C:\Users\util\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\iTunesHelper.vbe

################## | Registre |

Présent! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System|EnableLUA -> 0
Présent! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System|ConsentPromptBehaviorAdmin -> 0
Présent! HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer|NoActiveDesktop -> 1
Présent! HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer|NoActiveDesktopChanges -> 1
Présent! HKU\S-1-5-21-4171943823-1265886224-166694169-1000\Software\Microsoft\Windows\CurrentVersion\Run|iTunesHelper
Présent! HKCU\Software\Microsoft\Windows\CurrentVersion\Run|iTunesHelper
Présent! HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Run|iTunesHelper
Présent! HKLM\Software\Microsoft\Windows\CurrentVersion\Run|iTunesHelper

################## | Vaccin |

(!) Cet ordinateur n'est pas vacciné!

################## | E.O.F | http://www.usbfix.net" onclick="window.open(this.href);return false; - http://www.sosvirus.net" onclick="window.open(this.href);return false; |
Avatar du membre
par g3n-h@ckm@n
#18542
bonsoir il faut relancer usbfix , puis cliquer sur supression , en ayant au préalable branché tout ce que se branche au ports usb
Avatar du membre
par Marion01
#18545
J'ai fait ce que vous m'avez dit avec ma clé USB, parce que je l'avais déjà  sauvegarder sur mon ordinateur. Voilà  le nouveau rapport :

############################## | UsbFix V 7.152 | [Suppression]

Utilisateur: util (Administrateur) # UTIL-VAIO
Mis à  jour le 20/11/2013 par El Desaparecido - Team SosVirus
Lancé à  18:50:40 | 22/11/2013

Site Web : http://www.usbfix.net" onclick="window.open(this.href);return false;
Forum : http://www.sosvirus.net/" onclick="window.open(this.href);return false;
Upload Malware : http://www.sosvirus.net/upload_malware.php" onclick="window.open(this.href);return false;
Contact : http://www.usbfix.net/contact/" onclick="window.open(this.href);return false;

PC: Sony Corporation (VAIO)
CPU: Intel(R) Core(TM) i3 CPU M 350 @ 2.27GHz
RAM -> [Total : 3950 | Free : 2333]
Bios: American Megatrends Inc.
Boot: Normal boot

OS: Microsoft Windows 7 à‰dition Familiale Premium (6.1.7601 64-Bit) Service Pack 1
WB: Windows Internet Explorer : 10.0.9200.16736
WB: Google Chrome : 0.0.0.0
WB: Mozilla Firefox : 25.0.1

SC: Security Center Service [Enabled]
WU: Windows Update Service [Enabled]
AS: Windows Defender [Enabled | Updated]
AS: Windows Defender : 6.1.7600.16385 (win7_rtm.090713-1255)
FW: Windows FireWall Service [Enabled]

C:\ (%systemdrive%) -> Disque fixe # 455 Go (76 Go libre(s) - 17%) [] # NTFS
E:\ -> CD-ROM
G:\ -> Disque amovible # 4 Go (2 Go libre(s) - 54%) [MARION] # FAT32

################## | Processus Stoppés |

Stoppé! C:\Program Files\Alwil Software\Avast5\AvastUI.exe (ID: 2532 |ParentID: 3020)
Stoppé! C:\Windows\explorer.exe (ID: 5508 |ParentID: 712)
Stoppé! C:\Windows\System32\WUDFHost.exe (ID: 6636 |ParentID: 532)
Stoppé! C:\Windows\System32\rundll32.exe (ID: 1912 |ParentID: 844)
Stoppé! C:\Windows\system32\SearchIndexer.exe (ID: 5252 |ParentID: 676)
Stoppé! C:\Program Files\Windows Media Player\wmpnetwk.exe (ID: 5000 |ParentID: 676)
Stoppé! C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (ID: 5740 |ParentID: 676)
Stoppé! C:\Windows\System32\spoolsv.exe (ID: 1636 |ParentID: 676)
Stoppé! C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (ID: 3888 |ParentID: 676)
Stoppé! C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (ID: 6548 |ParentID: 676)
Stoppé! C:\Program Files (x86)\Mozilla Firefox\firefox.exe (ID: 2016 |ParentID: 5508)
Stoppé! C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (ID: 5892 |ParentID: 844)
Stoppé! C:\Users\util\AppData\Roaming\Dropbox\bin\Dropbox.exe (ID: 4380 |ParentID: 844)
Stoppé! C:\Windows\system32\taskeng.exe (ID: 2152 |ParentID: 788)

################## | Regedit Run |

04 - HKLM\SOFTWARE | Run : [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
04 - HKLM\SOFTWARE | Run : [ISBMgr.exe] - "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"
04 - HKLM\SOFTWARE | Run : [StartCCC] - "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
04 - HKLM\SOFTWARE | Run : [NortonOnlineBackupReminder] - "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
04 - HKLM\SOFTWARE | Run : [PMBVolumeWatcher] - C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
04 - HKLM\SOFTWARE | Run : [MarketingTools] - C:\Program Files (x86)\Sony\Marketing Tools\MarketingTools.exe
04 - HKLM\SOFTWARE | Run : [avast5] - "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
04 - HKLM\SOFTWARE | Run : [EEventManager] - C:\PROGRA~2\EPSONS~1\EVENTM~1\EEventManager.exe
04 - HKLM\SOFTWARE | Run : [APSDaemon] - "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
04 - HKLM\SOFTWARE | Run : [iTunesHelper] - "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
04 - HKLM\SOFTWARE | Run : [BCSSync] - "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
04 - HKLM\SOFTWARE | Run : [CanonSolutionMenuEx] - C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
04 - HKLM\SOFTWARE | Run : [Adobe ARM] - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
04 - HKLM\SOFTWARE | Run : [IJNetworkScannerSelectorEX] - C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
04 - HKLM\SOFTWARE | Run : [SunJavaUpdateSched] - "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
04 - HKLM\SOFTWARE\wow6432Node | Run : [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
04 - HKLM\SOFTWARE\wow6432Node | Run : [ISBMgr.exe] - "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"
04 - HKLM\SOFTWARE\wow6432Node | Run : [StartCCC] - "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
04 - HKLM\SOFTWARE\wow6432Node | Run : [NortonOnlineBackupReminder] - "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
04 - HKLM\SOFTWARE\wow6432Node | Run : [PMBVolumeWatcher] - C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
04 - HKLM\SOFTWARE\wow6432Node | Run : [MarketingTools] - C:\Program Files (x86)\Sony\Marketing Tools\MarketingTools.exe
04 - HKLM\SOFTWARE\wow6432Node | Run : [avast5] - "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
04 - HKLM\SOFTWARE\wow6432Node | Run : [EEventManager] - C:\PROGRA~2\EPSONS~1\EVENTM~1\EEventManager.exe
04 - HKLM\SOFTWARE\wow6432Node | Run : [APSDaemon] - "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
04 - HKLM\SOFTWARE\wow6432Node | Run : [iTunesHelper] - "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
04 - HKLM\SOFTWARE\wow6432Node | Run : [BCSSync] - "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
04 - HKLM\SOFTWARE\wow6432Node | Run : [CanonSolutionMenuEx] - C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
04 - HKLM\SOFTWARE\wow6432Node | Run : [Adobe ARM] - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
04 - HKLM\SOFTWARE\wow6432Node | Run : [IJNetworkScannerSelectorEX] - C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
04 - HKLM\SOFTWARE\wow6432Node | Run : [SunJavaUpdateSched] - "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
04 - HKLM\SOFTWARE | RunOnce : [] -
04 - HKLM\SOFTWARE\wow6432Node | RunOnce : [] -
04 - HKU\S-1-5-19\SOFTWARE | Run : [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-20\SOFTWARE | Run : [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-21-4171943823-1265886224-166694169-1000\SOFTWARE | Run : [ccleaner] - "C:\Program Files\CCleaner\CCleaner64.exe" /AUTO
04 - HKU\S-1-5-21-4171943823-1265886224-166694169-1000\SOFTWARE | Run : [EPSON SX510W Series] - C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFIE.EXE /FU "C:\Windows\TEMP\E_S6FA3.tmp" /EF "HKCU"
04 - HKU\S-1-5-21-4171943823-1265886224-166694169-1000\SOFTWARE | Run : [Facebook Update] - "C:\Users\util\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
04 - HKU\S-1-5-21-4171943823-1265886224-166694169-1000\SOFTWARE | Run : [Sidebar] - C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
04 - HKU\S-1-5-21-4171943823-1265886224-166694169-1000\SOFTWARE | Run : [swg] - "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
04 - HKU\S-1-5-21-4171943823-1265886224-166694169-1000\SOFTWARE | Run : [cacaoweb] - "C:\Users\util\AppData\Roaming\cacaoweb\cacaoweb.exe" -noplayer
04 - HKU\S-1-5-21-4171943823-1265886224-166694169-1000\SOFTWARE | Run : [RESTART_STICKY_NOTES] - C:\Windows\System32\StikyNot.exe
04 - HKU\S-1-5-21-4171943823-1265886224-166694169-1000\SOFTWARE | Run : [iTunesHelper] - wscript.exe //B "C:\Users\util\AppData\Local\Temp\iTunesHelper.vbe"
04 - HKU\S-1-5-19\SOFTWARE | RunOnce : [mctadmin] - C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-20\SOFTWARE | RunOnce : [mctadmin] - C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-18\SOFTWARE | RunOnce : [SPReview] - "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601

################## | Recherche générique |

Supprimé! C:\Users\util\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\iTunesHelper.vbe

(!) Fichiers temporaires supprimés.

################## | Référence de comparaison MD5 |

Md5 : E0EB892AA2F6A759B68EB0F11F9B5A47 -> C:\Users\util\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\iTunesHelper.vbe
Md5 : E0EB892AA2F6A759B68EB0F11F9B5A47 -> C:\Users\util\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\iTunesHelper.vbe

################## | Comparaison MD5 |


################## | Registre |

Réparé ! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System|EnableLUA -> 1
Réparé ! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System|ConsentPromptBehaviorAdmin -> 5
Réparé ! HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer|NoActiveDesktop -> 0
Réparé ! HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer|NoActiveDesktopChanges -> 0
Supprimé! HKU\S-1-5-21-4171943823-1265886224-166694169-1000\Software\Microsoft\Windows\CurrentVersion\Run|iTunesHelper
Supprimé! HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Run|iTunesHelper
Supprimé! HKU\S-1-5-21-4171943823-1265886224-166694169-1000\Software\.\.\.\.\Mountpoints2\{7a980a4f-d5c8-11df-86d4-c44619bb62e2}

################## | Listing |

[11/10/2010 - 17:48:01 | SHD ] C:\$Recycle.Bin
[12/05/2012 - 00:16:00 | D ] C:\9da37e14f75b731e18f1e2013591
[26/03/2013 - 12:56:26 | N | 16528] C:\AdwCleaner[R1].txt
[26/03/2013 - 12:56:46 | N | 16900] C:\AdwCleaner[S1].txt
[20/11/2013 - 03:33:47 | SHD ] C:\Config.Msi
[20/05/2010 - 10:40:16 | D ] C:\Documentation
[14/07/2009 - 06:08:56 | SHD ] C:\Documents and Settings
[22/11/2013 - 17:54:07 | ASH | 3106480128] C:\hiberfil.sys
[19/05/2010 - 22:10:37 | D ] C:\Intel
[20/05/2010 - 09:58:23 | N | 310122] C:\lv.log
[22/01/2011 - 09:27:29 | RHD ] C:\MSOCache
[22/11/2013 - 17:54:14 | ASH | 4141977600] C:\pagefile.sys
[14/07/2009 - 04:20:08 | D ] C:\PerfLogs
[20/09/2013 - 15:45:12 | D ] C:\Program Files
[16/11/2013 - 15:25:32 | D ] C:\Program Files (x86)
[04/11/2013 - 16:38:42 | HD ] C:\ProgramData
[20/05/2010 - 09:53:14 | N | 2895] C:\RHDSetup.log
[19/11/2012 - 13:50:58 | D ] C:\SphinxIQ
[20/05/2010 - 09:58:15 | D ] C:\SPLASH.000
[20/05/2010 - 09:58:15 | N | 73] C:\splash.idx
[20/05/2010 - 09:58:02 | D ] C:\SPLASH.SYS
[22/11/2013 - 17:59:20 | SHD ] C:\System Volume Information
[20/05/2010 - 10:30:43 | D ] C:\Temp
[08/01/2013 - 20:19:39 | N | 201977] C:\test.xml
[22/11/2013 - 18:52:08 | D ] C:\UsbFix
[22/11/2013 - 18:52:10 | A | 10546] C:\UsbFix [Clean 1] UTIL-VAIO.txt
[22/11/2013 - 18:12:37 | N | 15169] C:\UsbFix [Scan 1] UTIL-VAIO.txt
[11/10/2010 - 16:34:45 | RD ] C:\Users
[15/12/2009 - 10:53:48 | N | 3872] C:\version
[22/11/2013 - 18:00:22 | D ] C:\Windows
[29/03/2013 - 08:19:06 | N | 31482] C:\xlstatsupport.txt
[20/05/2010 - 10:40:16 | D ] C:\_FS_SWRINFO
[29/03/2012 - 12:02:54 | N | 141069] G:\organi.jpg
[11/05/2012 - 19:37:46 | N | 692107] G:\FORMATION INITIATEURS.docx
[17/10/2012 - 09:06:54 | D ] G:\LOST.DIR
[27/02/2012 - 14:23:46 | AH | 4096] G:\._.Trashes
[17/10/2012 - 09:07:00 | D ] G:\DCIM
[27/02/2012 - 14:23:46 | HD ] G:\.Trashes
[12/06/2012 - 18:12:28 | N | 28672] G:\oral T.doc
[27/02/2012 - 14:23:48 | HD ] G:\.Spotlight-V100
[07/10/2013 - 11:13:56 | N | 126632] G:\ETUDE DE CAS.pptx
[28/02/2012 - 08:43:40 | N | 1227023] G:\Numériser0002.jpg
[22/10/2012 - 13:05:00 | N | 67072] G:\Enquête.doc
[22/10/2013 - 12:34:30 | N | 12168] G:\Cas SCAMI.xlsx
[14/10/2013 - 10:25:00 | N | 277339] G:\AFF CM.docx
[05/06/2012 - 16:30:10 | N | 3747757] G:\Rapport de stage TA.docx
[22/11/2013 - 18:34:14 | RASHD ] G:\Autorun.inf
[09/03/2012 - 11:48:10 | N | 39632] G:\Sté TUBES BRESTOISE Partie 1 -.xlsx
[07/06/2012 - 14:59:32 | N | 9348] G:\CV rapport.pdf
[13/11/2012 - 22:18:42 | N | 16572] G:\Revue de presse Les priorités du second mandat de Barack Obama.docx
[14/11/2012 - 16:02:42 | N | 15124] G:\plan powerpoint revue de presse.docx
[16/11/2012 - 14:57:12 | N | 19532] G:\Le conflit social.docx
[16/11/2012 - 15:36:58 | N | 13504] G:\Un conflit chez Copitol SA.docx
[16/11/2012 - 16:27:18 | N | 17596] G:\Un conflit chez Copitol td RH.docx
[17/10/2012 - 09:06:54 | D ] G:\.android_secure
[17/10/2012 - 09:15:42 | D ] G:\~wmtthumb
[27/01/2013 - 14:18:22 | N | 32256] G:\III LA HIERARCHIE.doc
[20/02/2013 - 10:22:16 | N | 9598] G:\HEURES SAINT PRIEST.xlsx
[07/03/2013 - 16:34:40 | N | 144624] G:\media.docx
[22/02/2013 - 14:27:04 | N | 12629] G:\Exo chap 5.xlsx
[06/03/2013 - 16:21:12 | N | 138282] G:\rapport DM.docx
[06/04/2013 - 09:20:12 | N | 38912] G:\Tableau de financement.doc
[20/03/2013 - 10:17:48 | N | 1171883] G:\Semi partiel Compta.pdf
[26/03/2013 - 11:49:20 | N | 20439] G:\lettre de recommandation.pdf
[15/04/2013 - 13:46:20 | N | 825675] G:\Ex_avr10.pdf
[03/05/2013 - 09:32:36 | D ] G:\Stage Faivre expert
[26/03/2013 - 14:17:42 | D ] G:\Dossier Adri
[10/04/2013 - 08:30:44 | D ] G:\Analyse de l'information comptable
[26/03/2013 - 12:39:44 | D ] G:\Analyse Info Comptable
[31/05/2013 - 10:06:24 | D ] G:\coalaclient
[16/06/2013 - 17:40:54 | D ] G:\adrien photos
[04/11/2010 - 17:13:22 | D ] G:\IUT
[14/12/2010 - 16:44:06 | N | 16091] G:\~WRL0190.tmp
[12/01/2011 - 12:13:36 | D ] G:\Adri

################## | Vaccin |

G:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)

################## | E.O.F | http://www.usbfix.net" onclick="window.open(this.href);return false; - http://www.sosvirus.net" onclick="window.open(this.href);return false; |
Avatar du membre
par g3n-h@ckm@n
#18558
  • Télécharge MalwareBytes Anti-Malware
  • Installe le. Décoche "Activer l'essai gratuit de Malwarebytes Anti-Malware PRO"
  • Lance Malwarebytes' Anti-Malware.
  • Clic sur l'onglet "Mises à  jours" puis sur "Rechercher des mises à  jours"
  • Clic sur l'onglet "Recherche", coche "éxécuter un examen complet" puis clic sur Rechercher

    Image
  • A la fin de l'analyse, si MBAM n'a rien trouvé :
    • Clic sur OK, le rapport s'ouvre spontanément
  • Si des menaces ont été détectées :
    • Clic sur OK puis "Afficher les résultats"
    • Choisis l'option "Supprimer la sélection"
    • Si MBAM demande le redémarrage de Windows : Clic sur "Oui"
    • Une fois le PC redémarré, le rapport se trouve dans l'onglet "Rapports/Logs"
    • Sinon le rapport s'ouvre automatiquement après la suppression
    • Poste le rapport dans ta prochaine réponse
    Image

bonsoir oki pour la fermeture je m'en charge car[…]

how to clean junk files

Hello don't use this program , it's a bullshit :)

Bonjour https://www.aht.li/3213847/AdsFix.exe b[…]

De rien Bon WE :)