Mise à jour Java > OK
Mise à jour Avast > ...bizarre, je clique sur "mettre à jour" mais rien ne se passe. La Base virale est à jour elle.
Pour les cracks, je regarde ça plus tard.
Merci BillMaxime!
RAPPORT USBFIX:
############################## | UsbFix V 7.167 | [Suppression]
Utilisateur: Andréas (Administrateur) # ANDRà‰AS-PC
Mis à jour le 13/03/2014 par El Desaparecido - Team SosVirus
Lancé à 11:02:44 | 20/03/2014
Site Web :
Changelog :
Support :
https://www.sosvirus.net/forum-virus-securite.html Upload Malware :
https://www.sosvirus.net/upload_malware.php Contact :
PC: Acer (WMCP78M)
CPU: AMD Athlon(tm) II X2 215 Processor
RAM -> [Total : 4095 Mo| Free : 2991 Mo]
Bios: Phoenix Technologies, LTD
Boot: Normal boot
OS: Microsoft Windows 7 à‰dition Familiale Premium (6.1.7601 64-Bit) Service Pack 1
WB: Windows Internet Explorer : 11.0.9600.16521
WB: Mozilla Firefox : 27.0.1
SC: Security Center [Enabled]
WU: Windows Update [Enabled]
AV: avast! Antivirus [Enabled | Updated]
AS: Windows Defender [Enabled | Updated]
AS: avast! Antivirus [Enabled | Updated]
FW: Windows FireWall [(!) Disabled]
AS: Malwarebytes' Anti-Malware : 1.75.0001
C:\ (%systemdrive%) -> Disque fixe # 141 Go (42 Go libre(s) - 30%) [Acer] # NTFS
D:\ -> Disque fixe # 141 Go (24 Go libre(s) - 17%) [DATA] # NTFS
E:\ -> CD-ROM
F:\ -> CD-ROM
G:\ -> CD-ROM
H:\ -> CD-ROM
I:\ -> Disque fixe # 930 Go (234 Go libre(s) - 25%) [] # FAT32
K:\ -> Disque amovible # 481 Mo (474 Mo libre(s) - 99%) [] # FAT
N:\ -> Disque amovible # 4 Go (3 Go libre(s) - 70%) [0642220612] # FAT32
################## | Processus Actif |
C:\Windows\system32\csrss.exe (ID: 508 |ParentID: 500)
C:\Windows\system32\wininit.exe (ID: 568 |ParentID: 500)
C:\Windows\system32\csrss.exe (ID: 604 |ParentID: 580)
C:\Windows\system32\services.exe (ID: 636 |ParentID: 568)
C:\Windows\system32\lsass.exe (ID: 668 |ParentID: 568)
C:\Windows\system32\lsm.exe (ID: 676 |ParentID: 568)
C:\Windows\system32\winlogon.exe (ID: 720 |ParentID: 580)
C:\Windows\system32\svchost.exe (ID: 816 |ParentID: 636)
C:\Windows\system32\nvvsvc.exe (ID: 896 |ParentID: 636)
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (ID: 920 |ParentID: 636)
C:\Windows\system32\svchost.exe (ID: 960 |ParentID: 636)
C:\Windows\System32\svchost.exe (ID: 1020 |ParentID: 636)
C:\Windows\System32\svchost.exe (ID: 528 |ParentID: 636)
C:\Windows\system32\svchost.exe (ID: 628 |ParentID: 636)
C:\Windows\system32\svchost.exe (ID: 1036 |ParentID: 636)
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (ID: 1164 |ParentID: 896)
C:\Windows\system32\nvvsvc.exe (ID: 1172 |ParentID: 896)
C:\Windows\system32\svchost.exe (ID: 1320 |ParentID: 636)
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (ID: 1452 |ParentID: 636)
C:\Windows\system32\Dwm.exe (ID: 1644 |ParentID: 528)
C:\Windows\System32\spoolsv.exe (ID: 1672 |ParentID: 636)
C:\Windows\Explorer.EXE (ID: 1704 |ParentID: 1628)
C:\Windows\system32\svchost.exe (ID: 1752 |ParentID: 636)
C:\Windows\system32\taskhost.exe (ID: 1812 |ParentID: 636)
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (ID: 1868 |ParentID: 636)
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (ID: 1912 |ParentID: 636)
C:\Windows\system32\taskeng.exe (ID: 1376 |ParentID: 1036)
C:\Windows\system32\taskeng.exe (ID: 1424 |ParentID: 1036)
C:\Program Files (x86)\Acer\Registration\GregHSRW.exe (ID: 1772 |ParentID: 636)
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (ID: 1588 |ParentID: 636)
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (ID: 832 |ParentID: 636)
C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe (ID: 2064 |ParentID: 636)
C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe (ID: 2092 |ParentID: 636)
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (ID: 2124 |ParentID: 832)
C:\Windows\system32\runonce.exe (ID: 2144 |ParentID: 1704)
C:\Windows\SysWOW64\runonce.exe (ID: 2156 |ParentID: 2144)
C:\Windows\system32\svchost.exe (ID: 2220 |ParentID: 636)
C:\Program Files\Acer\Acer Updater\UpdaterService.exe (ID: 2296 |ParentID: 636)
C:\Windows\System32\svchost.exe (ID: 2320 |ParentID: 636)
C:\Program Files (x86)\D-Link\DWA-131 revA\WlanWpsSvc.exe (ID: 2448 |ParentID: 636)
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (ID: 2532 |ParentID: 636)
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe (ID: 2576 |ParentID: 636)
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (ID: 2716 |ParentID: 1164)
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe (ID: 3036 |ParentID: 636)
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (ID: 2872 |ParentID: 2532)
C:\Windows\system32\svchost.exe (ID: 2912 |ParentID: 636)
C:\Windows\System32\svchost.exe (ID: 3264 |ParentID: 636)
C:\Windows\System32\WUDFHost.exe (ID: 3620 |ParentID: 528)
C:\Windows\system32\svchost.exe (ID: 3928 |ParentID: 636)
C:\Windows\system32\wbem\wmiprvse.exe (ID: 3404 |ParentID: 816)
C:\Windows\System32\WUDFHost.exe (ID: 3920 |ParentID: 528)
C:\Windows\System32\rundll32.exe (ID: 3288 |ParentID: 816)
C:\Windows\system32\DeviceDisplayObjectProvider.exe (ID: 3988 |ParentID: 816)
################## | Regedit Run |
F2 - HKLM\..\Winlogon : [Shell] explorer.exe
F2 - [64bit] HKLM\..\Winlogon : [Shell] explorer.exe
F2 - HKLM\..\Winlogon : [Userinit] userinit.exe,
F2 - [64bit] HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe,
04 - HKCU\..\Run : [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
04 - HKCU\..\Run : [RGSC] D:\jeux\gta4\Rockstar Games Social Club\RGSCLauncher.exe /silent
04 - HKCU\..\Run : [ISUSPM Startup] C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
04 - HKCU\..\Run : [Akamai NetSession Interface] "C:\Users\Andréas\AppData\Local\Akamai\netsession_win.exe"
04 - HKCU\..\Run : [DAEMON Tools Lite] "D:\Programmes\DAEMON Tools Lite\DTLite.exe" -autorun
04 - HKCU\..\Run : [BitComet] "C:\Program Files\BitComet\BitComet.exe" /tray
04 - HKLM\..\Run : [BackupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k
04 - HKLM\..\Run : [Hotkey Utility] C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
04 - HKLM\..\Run : [EgisTecLiveUpdate] "C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe"
04 - HKLM\..\Run : [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
04 - HKLM\..\Run : [ISUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
04 - HKLM\..\Run : [AdobeCS4ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
04 - HKLM\..\Run : [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
04 - HKLM\..\Run : [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
04 - HKLM\..\Run : [iTunesHelper] "D:\Programmes\Itunes\iTunesHelper.exe"
04 - HKLM\..\Run : [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
04 - HKLM\..\Run : [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
04 - HKLM\..\Run : [AvastUI.exe] "C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
04 - HKLM\..\Run : [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
04 - HKLM\..\Run : [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
04 - [64bit] HKLM\..\Run : [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
04 - [64bit] HKLM\..\Run : [mwlDaemon] C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
04 - [64bit] HKLM\..\Run : [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
04 - HKU\S-1-5-19\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-20\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-21-2899947742-800667518-1215454381-1000\..\Run : [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
04 - HKU\S-1-5-21-2899947742-800667518-1215454381-1000\..\Run : [RGSC] D:\jeux\gta4\Rockstar Games Social Club\RGSCLauncher.exe /silent
04 - HKU\S-1-5-21-2899947742-800667518-1215454381-1000\..\Run : [ISUSPM Startup] C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
04 - HKU\S-1-5-21-2899947742-800667518-1215454381-1000\..\Run : [Akamai NetSession Interface] "C:\Users\Andréas\AppData\Local\Akamai\netsession_win.exe"
04 - HKU\S-1-5-21-2899947742-800667518-1215454381-1000\..\Run : [DAEMON Tools Lite] "D:\Programmes\DAEMON Tools Lite\DTLite.exe" -autorun
04 - HKU\S-1-5-21-2899947742-800667518-1215454381-1000\..\Run : [BitComet] "C:\Program Files\BitComet\BitComet.exe" /tray
04 - HKU\S-1-5-19\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-20\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-18\..\RunOnce : [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"
" /build:7601
################## | Recherche générique |
Supprimé! I:\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx
Supprimé! I:\Recycler\S-5-3-42-2819952290-8240758988-879315005-3665
Supprimé! N:\U3ROM
(!) Fichiers temporaires supprimés.
################## | Registre |
Réparé ! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System|EnableLUA -> 1
Réparé ! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System|ConsentPromptBehaviorAdmin -> 5
Supprimé! HKU\S-1-5-21-2899947742-800667518-1215454381-1000\Software\.\.\.\.\Mountpoints2\G
Supprimé! HKU\S-1-5-21-2899947742-800667518-1215454381-1000\Software\.\.\.\.\Mountpoints2\{0c31ff40-2683-11e1-a108-806e6f6e6963}
Supprimé! HKU\S-1-5-21-2899947742-800667518-1215454381-1000\Software\.\.\.\.\Mountpoints2\{1f0ee791-71a1-11df-a599-001f16fae1b5}
Supprimé! HKU\S-1-5-21-2899947742-800667518-1215454381-1000\Software\.\.\.\.\Mountpoints2\{3b3aa013-133f-11e0-956f-001f16fae1b5}
Supprimé! HKU\S-1-5-21-2899947742-800667518-1215454381-1000\Software\.\.\.\.\Mountpoints2\{7a0b4366-7ef2-11df-ac36-001f16fae1b5}
Supprimé! HKU\S-1-5-21-2899947742-800667518-1215454381-1000\Software\.\.\.\.\Mountpoints2\{a542a713-5ab5-11e0-9204-001f16fae1b5}
Supprimé! HKU\S-1-5-21-2899947742-800667518-1215454381-1000\Software\.\.\.\.\Mountpoints2\{aeb50b7f-6fd2-11df-957d-001f16fae1b5}
################## | Listing |
[22/05/2010 - 12:41:58 | SHD] - C:\$Recycle.Bin
[19/02/2014 - 11:22:40 | N | 0 Ko] - C:\9921CE258C8E
[22/02/2014 - 21:34:01 | N | 0 Ko] - C:\9FCC8E728EA0
[19/03/2014 - 10:37:21 | D] - C:\AdwCleaner
[16/12/2013 - 15:08:56 | D] - C:\Autodesk
[22/05/2010 - 12:42:31 | D] - C:\book
[14/08/2009 - 19:30:27 | RASH | 8 Ko] - C:\BOOTSECT.BAK
[14/07/2009 - 06:08:56 | SHD] - C:\Documents and Settings
[09/06/2010 - 15:34:05 | N | 0 Ko] - C:\doPDFInstall.log
[20/12/2013 - 16:43:03 | D] - C:\Downloads
[20/03/2014 - 11:01:14 | ASH | 3144612 Ko] - C:\hiberfil.sys
[15/10/2013 - 12:44:36 | D] - C:\LanguageNames2
[14/08/2009 - 19:03:02 | RHD] - C:\MSOCache
[22/05/2010 - 13:03:27 | D] - C:\OEM
[20/03/2014 - 11:01:18 | ASH | 4192820 Ko] - C:\pagefile.sys
[14/07/2009 - 04:20:08 | D] - C:\PerfLogs
[19/03/2014 - 17:35:24 | N | 1 Ko] - C:\PhysicalDisk0_MBR.bin
[20/03/2014 - 10:52:22 | D] - C:\Program Files
[19/03/2014 - 17:27:50 | D] - C:\Program Files (x86)
[19/03/2014 - 10:41:50 | HD] - C:\ProgramData
[22/05/2010 - 12:35:57 | SHD] - C:\Recovery
[14/08/2009 - 18:49:37 | N | 2 Ko] - C:\RHDSetup.log
[20/03/2014 - 10:54:28 | SHD] - C:\System Volume Information
[20/03/2014 - 10:57:48 | D] - C:\UsbFix
[20/03/2014 - 11:03:48 | A | 12 Ko | 6F8B8A683782B3559455E1B15B48F482] - C:\UsbFix [Clean 2] ANDRà‰AS-PC.txt
[12/12/2012 - 21:39:20 | D] - C:\Users
[25/02/2014 - 23:13:35 | D] - C:\Windows
[22/05/2010 - 12:41:58 | SHD] - D:\$RECYCLE.BIN
[25/02/2014 - 11:32:18 | N | 0 Ko] - D:\9921CE258C8E
[25/02/2014 - 11:32:18 | N | 0 Ko] - D:\9FCC8E728EA0
[16/12/2013 - 15:59:47 | D] - D:\AutoCAD2010
[10/03/2014 - 00:05:36 | D] - D:\films et séries
[23/11/2013 - 17:35:50 | D] - D:\GOPRO
[05/01/2013 - 21:24:01 | D] - D:\HMONP
[25/01/2014 - 00:30:04 | D] - D:\jeux
[12/12/2013 - 12:06:47 | D] - D:\Master
[29/08/2012 - 19:37:54 | D] - D:\msdownld.tmp
[18/01/2014 - 16:21:01 | D] - D:\perso
[11/01/2014 - 18:01:06 | D] - D:\portfolio
[22/01/2014 - 13:17:04 | D] - D:\pro
[17/02/2014 - 13:11:03 | D] - D:\Programmes
[10/10/2006 - 11:57:46 | SHD] - D:\System Volume Information
[19/02/2014 - 22:16:01 | D] - D:\travail
[16/01/2010 - 13:17:18 | D] - I:\FunShop
[06/01/2013 - 11:50:44 | D] - I:\msdownld.tmp
[05/01/2013 - 21:30:48 | D] - I:\GOPRO
[21/02/2013 - 19:18:56 | D] - I:\$AVG
[11/01/2010 - 14:23:26 | SHD] - I:\$RECYCLE.BIN
[11/01/2010 - 14:23:22 | D] - I:\Films
[13/10/2010 - 11:28:44 | SHD] - I:\System Volume Information
[20/02/2011 - 18:32:54 | RSHD] - I:\RECYCLER
[16/12/2013 - 15:51:20 | D] - I:\UPI
[01/03/2013 - 11:59:36 | D] - I:\HMONP
[07/12/2010 - 22:35:54 | D] - I:\Professionel
[28/04/2009 - 11:03:16 | D] - I:\2008-2009 Photos
[08/01/2010 - 18:53:54 | D] - I:\installation
[27/11/2011 - 23:46:20 | D] - I:\HQE
[01/12/2006 - 23:37:14 | N | 884 Ko | 800B746FDC4D80469AFC7E5E9B510C9C] - I:\msdia80.dll
[11/01/2010 - 16:44:20 | D] - I:\jeux
[17/11/2010 - 00:57:32 | D] - I:\04ba188af023954bcfef0d8c31
[05/06/2010 - 16:16:36 | D] - I:\Master
[09/03/2010 - 09:42:24 | D] - I:\2009-2010 Photos
[28/02/2010 - 04:05:44 | D] - I:\musique cam
[22/03/2011 - 15:26:48 | D] - I:\2010-2011 Photos
[29/05/2010 - 00:40:02 | D] - I:\music fab
[06/06/2005 - 20:10:56 | D] - I:\ZIK
[11/06/2010 - 16:58:38 | D] - I:\Sauvegardes du PC-ACER
[13/06/2010 - 19:00:58 | D] - I:\ANDRà‰AS-PC
[13/06/2010 - 19:00:58 | N | 1 Ko] - I:\MediaID.bin
[31/01/2014 - 13:29:20 | AH | 4 Ko] - K:\._.Trashes
[31/01/2014 - 13:29:20 | HD] - K:\.Trashes
[31/01/2014 - 13:29:20 | HD] - K:\.fseventsd
[31/01/2014 - 13:29:20 | HD] - K:\.Spotlight-V100
[20/05/2013 - 11:55:52 | N | 3162 Ko] - K:\AC mémoire HMONP 2.1.pdf
[08/02/2013 - 14:51:14 | N | 46 Ko] - K:\THB_CR rdv Solecite_130205.doc
[04/10/2013 - 09:53:10 | N | 45 Ko] - K:\THB_CR rdv URSCOP_130214.doc
[07/01/2014 - 15:03:40 | D] - K:\Docs divers
[22/09/2010 - 18:55:16 | AH | 4 Ko] - N:\._.Trashes
[22/09/2010 - 18:55:16 | HD] - N:\.Trashes
[22/09/2010 - 18:55:16 | HD] - N:\.Spotlight-V100
[25/07/2011 - 14:14:46 | HD] - N:\.TemporaryItems
[25/07/2011 - 14:14:46 | AH | 4 Ko] - N:\._.TemporaryItems
[23/02/2014 - 09:45:38 | D] - N:\Documents
[08/03/2013 - 15:29:56 | D] - N:\.Trash-1000
[11/02/2014 - 19:58:04 | N | 4 Ko] - N:\._Princesse Mononoke.avi
[08/09/2013 - 21:41:28 | N | 4 Ko] - N:\._Les Survivants
[02/12/2012 - 00:10:20 | N | 4 Ko] - N:\._Fabriclive 33 Mixed By Spank Rock?
[02/12/2012 - 00:10:42 | N | 4 Ko] - N:\._Fabriclive 36 J.Murphy e P.Mahoney 2007 [Colombo Electronic][Michi80]
[08/09/2013 - 21:41:50 | AH | 0 Ko] - N:\.apdisk
[25/02/2014 - 12:54:44 | N | 0 Ko] - N:\.~lock.SPOT_Note d'intention_250214.odt#
[05/06/2010 - 12:49:22 | D] - N:\data
[11/02/2014 - 19:53:22 | N | 4 Ko] - N:\._Le voyage de chihiro_fr.AVI
[25/02/2014 - 12:55:28 | N | 22734 Ko] - N:\SPOT_Note d'intention_250214.odt
[11/02/2014 - 19:55:40 | N | 4 Ko] - N:\._Mon Voisin Totoro_VOSTFR.avi
[21/12/2009 - 20:07:32 | N | 714500 Ko] - N:\Porco Rosso_VF.avi
[11/02/2014 - 20:02:04 | N | 4 Ko] - N:\._Porco Rosso_VF.avi
[27/02/2014 - 16:45:20 | N | 4 Ko] - N:\._BASE DESSIN VECTOR.vwx
[21/09/2010 - 23:18:28 | HD] - N:\System
[13/02/2007 - 02:33:38 | N | 1084 Ko | AF3543ED6F0ACC75C1C12B094518B289] - N:\LaunchU3.exe
[06/10/2011 - 13:43:02 | D] - N:\à imprimer
################## | Vaccin |
D:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
I:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
K:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
N:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
################## | E.O.F |
-
https://www.sosvirus.net |
,
La désinfection doit être suivie jusqu'à la fin, même si tes problèmes ont disparu.
woru et :welcome: sur sosvirus
