2 sujets de 1 à 2 (sur un total de 2)
  • Auteur
    Messages
  • MARCEL KOUAME
    Participant
    Nombre d'articles : 1

    ############################## | UsbFix V 7.145 | [Recherche]

    Utilisateur: hp (Administrateur) # HP-PC
    Mis à jour le 17/10/2013 par El Desaparecido – Team SosVirus
    Lancé à 12:22:29 | 23/10/2013

    Site Web: http://www.usbfix.net/ » onclick= »window.open(this.href);return false;
    Forum : http://www.sosvirus.net/ » onclick= »window.open(this.href);return false;
    Upload Malware: upload_malware.php
    Contact: http://www.usbfix.net/contact/ » onclick= »window.open(this.href);return false;

    PC: Hewlett-Packard (365C)
    CPU: Intel(R) Core(TM) i3 CPU M 330 @ 2.13GHz
    RAM -> [Total : 4023 | Free : 1370]
    Bios: Hewlett-Packard
    Boot: Normal boot

    OS: Microsoft Windows 7 Édition Familiale Premium (6.1.7601 64-Bit) # Service Pack 1
    WB: Windows Internet Explorer 10.0.9200.16721

    SC: Security Center Service [Enabled]
    WU: Windows Update Service [Enabled]
    AV: avast! Internet Security [(!) Disabled | Updated]
    FW: Windows FireWall Service [Enabled]

    C: (%systemdrive%) -> Disque fixe # 233 Go (149 Go libre(s) – 64%) [] # NTFS
    D: -> CD-ROM
    E: -> Disque fixe # 125 Go (69 Go libre(s) – 55%) [DONNEES] # NTFS
    F: -> Disque fixe # 107 Go (35 Go libre(s) – 32%) [Nouveau nom] # NTFS
    G: -> CD-ROM
    H: -> CD-ROM
    I: -> CD-ROM
    J: -> Disque amovible # 14 Go (14 Go libre(s) – 100%) [TOSHIBA] # FAT32

    ################## | Processus Actif |

    C:Windowssystem32csrss.exe (ID 584 |ParentID 576)
    C:Windowssystem32wininit.exe (ID 636 |ParentID 576)
    C:Windowssystem32csrss.exe (ID 652 |ParentID 644)
    C:Windowssystem32services.exe (ID 708 |ParentID 636)
    C:Windowssystem32lsass.exe (ID 716 |ParentID 636)
    C:Windowssystem32lsm.exe (ID 728 |ParentID 636)
    C:Windowssystem32svchost.exe (ID 816 |ParentID 708)
    C:Windowssystem32winlogon.exe (ID 888 |ParentID 644)
    C:Windowssystem32nvvsvc.exe (ID 944 |ParentID 708)
    C:Windowssystem32svchost.exe (ID 984 |ParentID 708)
    C:WindowsSystem32svchost.exe (ID 616 |ParentID 708)
    C:WindowsSystem32svchost.exe (ID 540 |ParentID 708)
    C:Windowssystem32svchost.exe (ID 644 |ParentID 708)
    C:Windowssystem32svchost.exe (ID 1032 |ParentID 708)
    C:WindowsSystem32DriverStoreFileRepositorystwrt64.inf_amd64_neutral_471277d5d45019eaSTacSV64.exe (ID 1128 |ParentID 708)
    C:Windowssystem32Hpservice.exe (ID 1352 |ParentID 708)
    C:Program FilesNVIDIA CorporationDisplayNvXDSync.exe (ID 1372 |ParentID 944)
    C:Windowssystem32nvvsvc.exe (ID 1384 |ParentID 944)
    C:Windowssystem32svchost.exe (ID 1464 |ParentID 708)
    C:Windowssystem32WLANExt.exe (ID 1624 |ParentID 540)
    C:Program FilesAVAST SoftwareAvastAvastSvc.exe (ID 1632 |ParentID 708)
    C:Windowssystem32conhost.exe (ID 1640 |ParentID 584)
    C:Windowssystem32Dwm.exe (ID 1776 |ParentID 540)
    C:WindowsExplorer.EXE (ID 1784 |ParentID 1764)
    C:Program FilesAVAST SoftwareAvastafwServ.exe (ID 1912 |ParentID 708)
    C:WindowsSystem32spoolsv.exe (ID 1168 |ParentID 708)
    C:Windowssystem32svchost.exe (ID 1280 |ParentID 708)
    C:Windowssystem32taskhost.exe (ID 1744 |ParentID 708)
    C:Program Files (x86)Common FilesAdobeARM1.0armsvc.exe (ID 2076 |ParentID 708)
    C:Windowssystem32taskeng.exe (ID 2120 |ParentID 1032)
    C:WindowsSystem32DriverStoreFileRepositorystwrt64.inf_amd64_neutral_471277d5d45019eaAESTSr64.exe (ID 2160 |ParentID 708)
    C:ProgramDataBitGuard2.6.1694.246{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}BitGuard.exe (ID 2524 |ParentID 708)
    C:ProgramDataBitGuard2.6.1694.246{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}BitGuard.exe (ID 2784 |ParentID 2524)
    C:Program Files (x86)InternetEverywhereInternetEverywhere_Service.exe (ID 2880 |ParentID 708)
    C:WindowsSysWOW64nlssrv32.exe (ID 2908 |ParentID 708)
    C:Program Files (x86)PDF ArchitectHelperService.exe (ID 2976 |ParentID 708)
    C:Program Files (x86)PDF ArchitectConversionService.exe (ID 3016 |ParentID 708)
    C:Windowssystem32svchost.exe (ID 3048 |ParentID 708)
    C:WindowsSystem32DriversWTSRV.EXE (ID 1860 |ParentID 708)
    C:Windowssystem32svchost.exe (ID 3228 |ParentID 708)
    C:Program FilesIDTWDMsttray64.exe (ID 3536 |ParentID 1784)
    C:Program FilesSynapticsSynTPSynTPEnh.exe (ID 3576 |ParentID 1784)
    C:Program Files (x86)Internet Download ManagerIDMan.exe (ID 3968 |ParentID 1784)
    C:Windowssystem32SearchIndexer.exe (ID 4036 |ParentID 708)
    C:Program FilesSynapticsSynTPSynTPHelper.exe (ID 4088 |ParentID 3576)
    C:WindowsSysWOW64rundll32.exe (ID 3196 |ParentID 1784)
    C:WindowsSystem32wscript.exe (ID 3180 |ParentID 1784)
    C:Program Files (x86)InternetEverywhereInternetEverywhere_Launcher.exe (ID 3392 |ParentID 1784)
    C:Program Files (x86)PowerISOPWRISOVM.EXE (ID 3956 |ParentID 3172)
    C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe (ID 3880 |ParentID 3172)
    C:WindowsSysWOW64WTClient.exe (ID 3848 |ParentID 3172)
    C:Program FilesAVAST SoftwareAvastAvastUI.exe (ID 3768 |ParentID 3172)
    C:Windowssystem32wbemwmiprvse.exe (ID 4764 |ParentID 816)
    C:WindowsSystem32svchost.exe (ID 3216 |ParentID 708)
    C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID 168 |ParentID 1784)
    C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID 4868 |ParentID 168)
    C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID 5040 |ParentID 168)
    C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID 4188 |ParentID 168)
    C:Windowssystem32DllHost.exe (ID 1196 |ParentID 816)
    C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID 4968 |ParentID 168)
    C:Program Files (x86)DVDVideoSoftFree YouTube DownloadFreeYTVDownloader.exe (ID 4656 |ParentID 1784)
    C:Program Files (x86)GoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe (ID 3116 |ParentID 816)
    C:Windowssystem32taskhost.exe (ID 4608 |ParentID 708)
    C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID 5896 |ParentID 168)
    C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID 3628 |ParentID 168)
    C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID 2476 |ParentID 168)
    C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID 5996 |ParentID 168)
    C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID 5376 |ParentID 168)
    C:Windowsexplorer.exe (ID 1424 |ParentID 816)
    C:WindowsSystem32WUDFHost.exe (ID 4256 |ParentID 540)
    C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID 5492 |ParentID 168)
    C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID 5852 |ParentID 168)
    C:UsbFixGo.exe (ID 4128 |ParentID 4464)
    C:Program Files (x86)Common FilesDVDVideoSoftlibffmpeg.exe (ID 5268 |ParentID 4656)

    ################## | Regedit Run |

    HKLMSOFTWARE | Run : [PWRISOVM.EXE] – C:Program Files (x86)PowerISOPWRISOVM.EXE -startup
    HKLMSOFTWARE | Run : [AdobeCS5ServiceManager] – « C:Program Files (x86)Common FilesAdobeCS5ServiceManagerCS5ServiceManager.exe » -launchedbylogin
    HKLMSOFTWARE | Run : [SwitchBoard] – C:Program Files (x86)Common FilesAdobeSwitchBoardSwitchBoard.exe
    HKLMSOFTWARE | Run : [GrooveMonitor] – « C:Program Files (x86)Microsoft OfficeOffice12GrooveMonitor.exe »
    HKLMSOFTWARE | Run : [Adobe ARM] – « C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe »
    HKLMSOFTWARE | Run : [WTClient] – WTClient.exe
    HKLMSOFTWARE | Run : [avast] – « C:Program FilesAVAST SoftwareAvastavastUI.exe » /nogui
    HKLMSOFTWAREwow6432Node | Run : [PWRISOVM.EXE] – C:Program Files (x86)PowerISOPWRISOVM.EXE -startup
    HKLMSOFTWAREwow6432Node | Run : [AdobeCS5ServiceManager] – « C:Program Files (x86)Common FilesAdobeCS5ServiceManagerCS5ServiceManager.exe » -launchedbylogin
    HKLMSOFTWAREwow6432Node | Run : [SwitchBoard] – C:Program Files (x86)Common FilesAdobeSwitchBoardSwitchBoard.exe
    HKLMSOFTWAREwow6432Node | Run : [GrooveMonitor] – « C:Program Files (x86)Microsoft OfficeOffice12GrooveMonitor.exe »
    HKLMSOFTWAREwow6432Node | Run : [Adobe ARM] – « C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe »
    HKLMSOFTWAREwow6432Node | Run : [WTClient] – WTClient.exe
    HKLMSOFTWAREwow6432Node | Run : [avast] – « C:Program FilesAVAST SoftwareAvastavastUI.exe » /nogui
    HKLMSOFTWARE | RunOnce : [] –
    HKLMSOFTWAREwow6432Node | RunOnce : [] –
    HKUS-1-5-19SOFTWARE | Run : [Sidebar] – %ProgramFiles%Windows SidebarSidebar.exe /autoRun
    HKUS-1-5-20SOFTWARE | Run : [Sidebar] – %ProgramFiles%Windows SidebarSidebar.exe /autoRun
    HKUS-1-5-21-2169046541-45753796-839280549-1000SOFTWARE | Run : [DAEMON Tools Lite] – « C:Program Files (x86)DAEMON Tools LiteDTLite.exe » -autorun
    HKUS-1-5-21-2169046541-45753796-839280549-1000SOFTWARE | Run : [IDMan] – C:Program Files (x86)Internet Download ManagerIDMan.exe /onboot
    HKUS-1-5-21-2169046541-45753796-839280549-1000SOFTWARE | Run : [AdobeBridge] –
    HKUS-1-5-21-2169046541-45753796-839280549-1000SOFTWARE | Run : [Facebook Update] – « C:UsershpAppDataLocalFacebookUpdateFacebookUpdate.exe » /c /nocrashserver
    HKUS-1-5-21-2169046541-45753796-839280549-1000SOFTWARE | Run : [NTRedirect] – C:WindowsSysWOW64rundll32.exe « C:UsershpAppDataRoamingBabSolutionSharedenhancedNT.dll »,Run
    HKUS-1-5-21-2169046541-45753796-839280549-1000SOFTWARE | Run : [swg] – « C:Program Files (x86)GoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe »
    HKUS-1-5-21-2169046541-45753796-839280549-1000SOFTWARE | Run : [iTunesHelper] – wscript.exe //B « C:UsershpAppDataLocalTempiTunesHelper.vbe »
    HKUS-1-5-19SOFTWARE | RunOnce : [mctadmin] – C:WindowsSystem32mctadmin.exe
    HKUS-1-5-20SOFTWARE | RunOnce : [mctadmin] – C:WindowsSystem32mctadmin.exe
    HKUS-1-5-18SOFTWARE | RunOnce : [SPReview] – « C:WindowsSystem32SPReviewSPReview.exe » /sp:1 /errorfwlink: »http://go.microsoft.com/fwlink/?LinkID=122915″ /build:7601

    ################## | Éléments infectieux |

    Présent! J:iTunesHelper.vbe
    Présent! C:UsershpAppDataLocalTempiTunesHelper.vbe
    Présent! C:UsershpAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupiTunesHelper.vbe
    Présent! C:UsershpAppDataLocalTempnsiB32A.tmp.exe

    ################## | Registre |

    Présent! HKUS-1-5-21-2169046541-45753796-839280549-1000SoftwareMicrosoftWindowsCurrentVersionRun|iTunesHelper
    Présent! HKCUSoftwareMicrosoftWindowsCurrentVersionRun|iTunesHelper
    Présent! HKUS-1-5-21-2169046541-45753796-839280549-1000SoftwareMicrosoftWindowsCurrentVersionRun|iTunesHelper
    Présent! HKCUSoftwareMicrosoftWindowsCurrentVersionRun|iTunesHelper
    Présent! HKUS-1-5-21-2169046541-45753796-839280549-1000SoftwareMicrosoftWindowsCurrentVersionRun|iTunesHelper
    Présent! HKCUSoftwareMicrosoftWindowsCurrentVersionRun|iTunesHelper
    HKCU….ExplorerMountPoints2{f044754c-9734-11e2-92f4-00269ec426a3}
    ShellAutoRunCommand = G:.Setup.exe AUTORUN=1

    ################## | Vaccin |

    (!) Cet ordinateur n’est pas vacciné!

    ################## | E.O.F | http://www.usbfix.net » onclick= »window.open(this.href);return false; – http://www.sosvirus.net » onclick= »window.open(this.href);return false; |

    ############################## | UsbFix V 7.145 | [Suppression]

    Utilisateur: hp (Administrateur) # HP-PC
    Mis à jour le 17/10/2013 par El Desaparecido – Team SosVirus
    Lancé à 13:43:17 | 23/10/2013

    Site Web: http://www.usbfix.net/ » onclick= »window.open(this.href);return false;
    Forum : http://www.sosvirus.net/ » onclick= »window.open(this.href);return false;
    Upload Malware: upload_malware.php
    Contact: http://www.usbfix.net/contact/ » onclick= »window.open(this.href);return false;

    PC: Hewlett-Packard (365C)
    CPU: Intel(R) Core(TM) i3 CPU M 330 @ 2.13GHz
    RAM -> [Total : 4023 | Free : 1070]
    Bios: Hewlett-Packard
    Boot: Normal boot

    OS: Microsoft Windows 7 Édition Familiale Premium (6.1.7601 64-Bit) # Service Pack 1
    WB: Windows Internet Explorer 10.0.9200.16721

    SC: Security Center Service [Enabled]
    WU: Windows Update Service [Enabled]
    AV: avast! Internet Security [(!) Disabled | Updated]
    FW: Windows FireWall Service [Enabled]

    C: (%systemdrive%) -> Disque fixe # 233 Go (149 Go libre(s) – 64%) [] # NTFS
    D: -> CD-ROM
    E: -> Disque fixe # 125 Go (69 Go libre(s) – 55%) [DONNEES] # NTFS
    F: -> Disque fixe # 107 Go (35 Go libre(s) – 32%) [Nouveau nom] # NTFS
    G: -> CD-ROM
    H: -> CD-ROM
    I: -> CD-ROM
    J: -> Disque amovible # 14 Go (14 Go libre(s) – 100%) [TOSHIBA] # FAT32

    ################## | Regedit Run |

    HKLMSOFTWARE | Run : [PWRISOVM.EXE] – C:Program Files (x86)PowerISOPWRISOVM.EXE -startup
    HKLMSOFTWARE | Run : [AdobeCS5ServiceManager] – « C:Program Files (x86)Common FilesAdobeCS5ServiceManagerCS5ServiceManager.exe » -launchedbylogin
    HKLMSOFTWARE | Run : [SwitchBoard] – C:Program Files (x86)Common FilesAdobeSwitchBoardSwitchBoard.exe
    HKLMSOFTWARE | Run : [GrooveMonitor] – « C:Program Files (x86)Microsoft OfficeOffice12GrooveMonitor.exe »
    HKLMSOFTWARE | Run : [Adobe ARM] – « C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe »
    HKLMSOFTWARE | Run : [WTClient] – WTClient.exe
    HKLMSOFTWARE | Run : [avast] – « C:Program FilesAVAST SoftwareAvastavastUI.exe » /nogui
    HKLMSOFTWAREwow6432Node | Run : [PWRISOVM.EXE] – C:Program Files (x86)PowerISOPWRISOVM.EXE -startup
    HKLMSOFTWAREwow6432Node | Run : [AdobeCS5ServiceManager] – « C:Program Files (x86)Common FilesAdobeCS5ServiceManagerCS5ServiceManager.exe » -launchedbylogin
    HKLMSOFTWAREwow6432Node | Run : [SwitchBoard] – C:Program Files (x86)Common FilesAdobeSwitchBoardSwitchBoard.exe
    HKLMSOFTWAREwow6432Node | Run : [GrooveMonitor] – « C:Program Files (x86)Microsoft OfficeOffice12GrooveMonitor.exe »
    HKLMSOFTWAREwow6432Node | Run : [Adobe ARM] – « C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe »
    HKLMSOFTWAREwow6432Node | Run : [WTClient] – WTClient.exe
    HKLMSOFTWAREwow6432Node | Run : [avast] – « C:Program FilesAVAST SoftwareAvastavastUI.exe » /nogui
    HKLMSOFTWARE | RunOnce : [] –
    HKLMSOFTWAREwow6432Node | RunOnce : [] –
    HKUS-1-5-19SOFTWARE | Run : [Sidebar] – %ProgramFiles%Windows SidebarSidebar.exe /autoRun
    HKUS-1-5-20SOFTWARE | Run : [Sidebar] – %ProgramFiles%Windows SidebarSidebar.exe /autoRun
    HKUS-1-5-21-2169046541-45753796-839280549-1000SOFTWARE | Run : [DAEMON Tools Lite] – « C:Program Files (x86)DAEMON Tools LiteDTLite.exe » -autorun
    HKUS-1-5-21-2169046541-45753796-839280549-1000SOFTWARE | Run : [IDMan] – C:Program Files (x86)Internet Download ManagerIDMan.exe /onboot
    HKUS-1-5-21-2169046541-45753796-839280549-1000SOFTWARE | Run : [AdobeBridge] –
    HKUS-1-5-21-2169046541-45753796-839280549-1000SOFTWARE | Run : [Facebook Update] – « C:UsershpAppDataLocalFacebookUpdateFacebookUpdate.exe » /c /nocrashserver
    HKUS-1-5-21-2169046541-45753796-839280549-1000SOFTWARE | Run : [NTRedirect] – C:WindowsSysWOW64rundll32.exe « C:UsershpAppDataRoamingBabSolutionSharedenhancedNT.dll »,Run
    HKUS-1-5-21-2169046541-45753796-839280549-1000SOFTWARE | Run : [swg] – « C:Program Files (x86)GoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe »
    HKUS-1-5-21-2169046541-45753796-839280549-1000SOFTWARE | Run : [iTunesHelper] – wscript.exe //B « C:UsershpAppDataLocalTempiTunesHelper.vbe »
    HKUS-1-5-19SOFTWARE | RunOnce : [mctadmin] – C:WindowsSystem32mctadmin.exe
    HKUS-1-5-20SOFTWARE | RunOnce : [mctadmin] – C:WindowsSystem32mctadmin.exe
    HKUS-1-5-18SOFTWARE | RunOnce : [SPReview] – « C:WindowsSystem32SPReviewSPReview.exe » /sp:1 /errorfwlink: »http://go.microsoft.com/fwlink/?LinkID=122915″ /build:7601

    ################## | Processus Stoppés |

    Stoppé! C:Windowssystem32nvvsvc.exe (ID 944 |ParentID 708)
    Stoppé! C:WindowsSystem32DriverStoreFileRepositorystwrt64.inf_amd64_neutral_471277d5d45019eaSTacSV64.exe (ID 1128 |ParentID 708)
    Stoppé! C:Windowssystem32Hpservice.exe (ID 1352 |ParentID 708)
    Stoppé! C:Program FilesNVIDIA CorporationDisplayNvXDSync.exe (ID 1372 |ParentID 944)
    Stoppé! C:Windowssystem32nvvsvc.exe (ID 1384 |ParentID 944)
    Stoppé! C:Windowssystem32WLANExt.exe (ID 1624 |ParentID 540)
    Stoppé! C:Program FilesAVAST SoftwareAvastAvastSvc.exe (ID 1632 |ParentID 708)
    Stoppé! C:Windowssystem32conhost.exe (ID 1640 |ParentID 584)
    Stoppé! C:WindowsExplorer.EXE (ID 1784 |ParentID 1764)
    Stoppé! C:Program FilesAVAST SoftwareAvastafwServ.exe (ID 1912 |ParentID 708)
    Stoppé! C:WindowsSystem32spoolsv.exe (ID 1168 |ParentID 708)
    Stoppé! C:Windowssystem32taskhost.exe (ID 1744 |ParentID 708)
    Stoppé! C:Program Files (x86)Common FilesAdobeARM1.0armsvc.exe (ID 2076 |ParentID 708)
    Stoppé! C:Windowssystem32taskeng.exe (ID 2120 |ParentID 1032)
    Stoppé! C:WindowsSystem32DriverStoreFileRepositorystwrt64.inf_amd64_neutral_471277d5d45019eaAESTSr64.exe (ID 2160 |ParentID 708)
    Stoppé! C:ProgramDataBitGuard2.6.1694.246{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}BitGuard.exe (ID 2524 |ParentID 708)
    Stoppé! C:ProgramDataBitGuard2.6.1694.246{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}BitGuard.exe (ID 2784 |ParentID 2524)
    Stoppé! C:Program Files (x86)InternetEverywhereInternetEverywhere_Service.exe (ID 2880 |ParentID 708)
    Stoppé! C:WindowsSysWOW64nlssrv32.exe (ID 2908 |ParentID 708)
    Stoppé! C:Program Files (x86)PDF ArchitectHelperService.exe (ID 2976 |ParentID 708)
    Stoppé! C:Program Files (x86)PDF ArchitectConversionService.exe (ID 3016 |ParentID 708)
    Stoppé! C:WindowsSystem32DriversWTSRV.EXE (ID 1860 |ParentID 708)
    Stoppé! C:Program FilesIDTWDMsttray64.exe (ID 3536 |ParentID 1784)
    Stoppé! C:Program FilesSynapticsSynTPSynTPEnh.exe (ID 3576 |ParentID 1784)
    Stoppé! C:Program Files (x86)Internet Download ManagerIDMan.exe (ID 3968 |ParentID 1784)
    Stoppé! C:Windowssystem32SearchIndexer.exe (ID 4036 |ParentID 708)
    Stoppé! C:Program FilesSynapticsSynTPSynTPHelper.exe (ID 4088 |ParentID 3576)
    Stoppé! C:WindowsSysWOW64rundll32.exe (ID 3196 |ParentID 1784)
    Stoppé! C:WindowsSystem32wscript.exe (ID 3180 |ParentID 1784)
    Stoppé! C:Program Files (x86)InternetEverywhereInternetEverywhere_Launcher.exe (ID 3392 |ParentID 1784)
    Stoppé! C:Program Files (x86)PowerISOPWRISOVM.EXE (ID 3956 |ParentID 3172)
    Stoppé! C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe (ID 3880 |ParentID 3172)
    Stoppé! C:WindowsSysWOW64WTClient.exe (ID 3848 |ParentID 3172)
    Stoppé! C:Program FilesAVAST SoftwareAvastAvastUI.exe (ID 3768 |ParentID 3172)
    Stoppé! C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID 168 |ParentID 1784)
    Stoppé! C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID 4868 |ParentID 168)
    Stoppé! C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID 5040 |ParentID 168)
    Stoppé! C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID 4188 |ParentID 168)
    Stoppé! C:Windowssystem32DllHost.exe (ID 1196 |ParentID 816)
    Stoppé! C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID 4968 |ParentID 168)
    Stoppé! C:Program Files (x86)GoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe (ID 3116 |ParentID 816)
    Stoppé! C:Windowssystem32taskhost.exe (ID 4608 |ParentID 708)
    Stoppé! C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID 5896 |ParentID 168)
    Stoppé! C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID 3628 |ParentID 168)
    Stoppé! C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID 2476 |ParentID 168)
    Stoppé! C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID 5996 |ParentID 168)
    Stoppé! C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID 5376 |ParentID 168)
    Stoppé! C:Windowsexplorer.exe (ID 1424 |ParentID 816)
    Stoppé! C:WindowsSystem32WUDFHost.exe (ID 4256 |ParentID 540)
    Stoppé! C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID 5492 |ParentID 168)
    Stoppé! C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID 5196 |ParentID 168)
    Stoppé! C:WindowsSysWOW64NOTEPAD.EXE (ID 4368 |ParentID 4128)
    Stoppé! C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID 5512 |ParentID 168)
    Stoppé! C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID 3500 |ParentID 168)
    Stoppé! C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID 5296 |ParentID 168)

    ################## | Éléments infectieux |

    Supprimé! J:iTunesHelper.vbe
    Supprimé! C:UsershpAppDataLocalTempiTunesHelper.vbe
    Supprimé! C:UsershpAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupiTunesHelper.vbe
    Supprimé! C:UsershpAppDataLocalTempnsiB32A.tmp.exe

    (!) Fichiers temporaires supprimés.

    ################## | Registre |

    Supprimé! HKUS-1-5-21-2169046541-45753796-839280549-1000SoftwareMicrosoftWindowsCurrentVersionRun|iTunesHelper
    Supprimé! HKCU….ExplorerMountPoints2{f044754c-9734-11e2-92f4-00269ec426a3}

    ################## | Listing |

    [27/03/2013 – 00:44:02 | SHD ] C:$Recycle.Bin
    [14/07/2009 – 07:08:56 | SHD ] C:Documents and Settings
    [07/11/2007 – 08:00:40 | N | 17734] C:eula.1028.txt
    [07/11/2007 – 08:00:40 | N | 17734] C:eula.1031.txt
    [07/11/2007 – 08:00:40 | N | 10134] C:eula.1033.txt
    [07/11/2007 – 08:00:40 | N | 17734] C:eula.1036.txt
    [07/11/2007 – 08:00:40 | N | 17734] C:eula.1040.txt
    [07/11/2007 – 08:00:40 | N | 118] C:eula.1041.txt
    [07/11/2007 – 08:00:40 | N | 17734] C:eula.1042.txt
    [07/11/2007 – 08:00:40 | N | 17734] C:eula.2052.txt
    [07/11/2007 – 08:00:40 | N | 17734] C:eula.3082.txt
    [07/11/2007 – 08:00:40 | N | 1110] C:globdata.ini
    [23/10/2013 – 09:23:09 | ASH | 3163709440] C:hiberfil.sys
    [07/11/2007 – 08:03:18 | N | 562688] C:install.exe
    [07/11/2007 – 08:00:40 | N | 843] C:install.ini
    [07/11/2007 – 08:03:18 | N | 76304] C:install.res.1028.dll
    [07/11/2007 – 08:03:18 | N | 96272] C:install.res.1031.dll
    [07/11/2007 – 08:03:18 | N | 91152] C:install.res.1033.dll
    [07/11/2007 – 08:03:18 | N | 97296] C:install.res.1036.dll
    [07/11/2007 – 08:03:18 | N | 95248] C:install.res.1040.dll
    [07/11/2007 – 08:03:18 | N | 81424] C:install.res.1041.dll
    [07/11/2007 – 08:03:18 | N | 79888] C:install.res.1042.dll
    [07/11/2007 – 08:03:18 | N | 75792] C:install.res.2052.dll
    [07/11/2007 – 08:03:18 | N | 96272] C:install.res.3082.dll
    [11/04/2013 – 02:21:51 | RHD ] C:MSOCache
    [23/10/2013 – 09:23:11 | ASH | 4218281984] C:pagefile.sys
    [14/07/2009 – 05:20:08 | D ] C:PerfLogs
    [21/10/2013 – 12:45:46 | D ] C:Program Files
    [21/10/2013 – 12:38:20 | D ] C:Program Files (x86)
    [07/10/2013 – 01:55:21 | HD ] C:ProgramData
    [27/03/2013 – 00:43:42 | SHD ] C:Recovery
    [21/10/2013 – 12:45:37 | SHD ] C:System Volume Information
    [23/10/2013 – 13:50:52 | D ] C:UsbFix
    [23/10/2013 – 13:53:53 | A | 11518] C:UsbFix [Clean 2] HP-PC.txt
    [23/10/2013 – 13:11:56 | N | 10874] C:UsbFix [Scan 2] HP-PC.txt
    [27/03/2013 – 00:43:54 | RD ] C:Users
    [07/11/2007 – 08:00:40 | N | 5686] C:vcredist.bmp
    [07/11/2007 – 08:09:22 | N | 1442522] C:VC_RED.cab
    [07/11/2007 – 08:12:28 | N | 232960] C:VC_RED.MSI
    [23/10/2013 – 09:20:44 | D ] C:Windows
    [26/03/2013 – 23:57:52 | D ] C:Windows.old
    [27/03/2013 – 14:51:36 | SHD ] E:$RECYCLE.BIN
    [04/01/2013 – 19:15:10 | N | 4096] E:._Les services agences.doc
    [05/08/2013 – 08:48:13 | N | 0] E:1092_914431_MVM_3.tmp
    [05/08/2013 – 08:48:13 | N | 0] E:1092_914431_MVM_6.tmp
    [28/07/2013 – 17:32:07 | N | 0] E:4212_11488974_MVM_3.tmp
    [28/07/2013 – 17:32:07 | N | 0] E:4212_11488974_MVM_6.tmp
    [29/07/2013 – 09:56:11 | N | 0] E:4480_8128400_MVM_3.tmp
    [19/07/2013 – 09:50:14 | D ] E:Adou
    [26/07/2013 – 16:15:10 | D ] E:Ancien 2009
    [11/07/2013 – 16:36:35 | D ] E:blond curly woman holding lily
    [22/07/2013 – 23:45:45 | N | 7948779] E:BOOK DE MARCEL KOUAME.pdf
    [10/04/2013 – 20:36:32 | D ] E:Bread Templates
    [30/03/2013 – 15:12:31 | D ] E:cinema 4d
    [10/04/2013 – 20:36:30 | D ] E:Coffee_Collection_-_25_HQ_JPEG_Stock_Photo.part1.rar1358348448.tmp
    [17/06/2013 – 06:17:00 | D ] E:doc belle enchanteresse
    [17/07/2013 – 23:16:12 | D ] E:doc clé
    [10/04/2013 – 07:22:46 | N | 1619798] E:DSC06270.JPG
    [19/07/2013 – 09:54:34 | D ] E:eps
    [15/04/2013 – 08:05:53 | N | 41254988] E:EXE.BEKY LINGERIE – 200 CM X 50 CM.pdf
    [08/08/2013 – 19:40:42 | D ] E:FeminineSuperSizePhotos.rar Folder
    [10/04/2013 – 20:37:23 | D ] E:Fresh bread in the basket
    [26/07/2013 – 17:19:34 | D ] E:Images bank HD
    [13/05/2013 – 00:48:09 | D ] E:interativ’co doc
    [23/07/2013 – 00:03:04 | N | 12176] E:Marcel KOUME-lettre de motivation.docx
    [19/07/2013 – 09:51:38 | D ] E:new
    [12/04/2013 – 21:38:12 | D ] E:polices
    [20/06/2013 – 06:42:12 | D ] E:PSD
    [19/07/2013 – 19:18:14 | N | 14708] E:PV DU 14 JUILLET 2013.docx
    [18/04/2013 – 07:30:15 | D ] E:site c4d
    [27/03/2013 – 14:51:37 | SHD ] E:System Volume Information
    [23/09/2013 – 21:37:19 | D ] E:taffs
    [20/06/2013 – 20:08:17 | N | 62464] E:Team Excell_v1.doc
    [13/07/2013 – 15:44:38 | D ] E:TEAMEXCELL
    [03/10/2013 – 16:11:59 | D ] E:to take?
    [17/10/2013 – 11:14:16 | D ] E:tutos
    [26/07/2013 – 16:24:57 | D ] E:Vector MG
    [26/07/2013 – 16:14:17 | D ] E:vectors
    [27/03/2013 – 14:51:36 | SHD ] F:$RECYCLE.BIN
    [05/08/2013 – 08:48:13 | N | 0] F:1092_914431_MVM_2.tmp
    [05/08/2013 – 08:48:13 | N | 0] F:1092_914431_MVM_5.tmp
    [28/07/2013 – 17:32:07 | N | 0] F:4212_11488974_MVM_2.tmp
    [28/07/2013 – 17:32:07 | N | 0] F:4212_11488974_MVM_5.tmp
    [29/07/2013 – 09:56:11 | N | 0] F:4480_8128400_MVM_2.tmp
    [29/07/2013 – 09:56:11 | N | 0] F:4480_8128400_MVM_5.tmp
    [02/08/2013 – 15:17:39 | N | 25236] F:710638021237.png
    [02/08/2013 – 15:22:42 | N | 76102] F:950721679823.png
    [16/04/2013 – 06:34:14 | D ] F:Amazing Lingerie p.28
    [25/05/2013 – 16:27:11 | N | 2353391] F:belle enchanteresse.docx
    [12/10/2013 – 10:47:21 | D ] F:big
    [01/08/2013 – 18:49:47 | D ] F:CCDO
    [03/10/2013 – 15:55:12 | D ] F:clé 16g
    [26/04/2013 – 07:36:21 | D ] F:contenu clé
    [17/10/2013 – 16:44:54 | D ] F:dessin ecole
    [17/10/2013 – 21:24:55 | D ] F:fimls
    [20/05/2013 – 15:51:33 | D ] F:Food&Dishes
    [31/07/2013 – 09:00:43 | D ] F:fredy
    [16/04/2013 – 06:45:45 | D ] F:freemium_tropical_party_flyer_by_ultimateboss-d4dswxb
    [14/07/2013 – 15:41:55 | D ] F:Hearts_3_Vectors
    [25/04/2013 – 22:20:01 | D ] F:Image 01
    [23/06/2013 – 07:24:36 | D ] F:image HD
    [25/04/2013 – 22:20:31 | D ] F:Images
    [27/07/2013 – 19:49:06 | N | 5573] F:images.jpg
    [25/07/2013 – 10:48:57 | D ] F:LOGOS DE TOUS SOCIETES
    [02/08/2013 – 13:45:07 | D ] F:mes vectors
    [06/08/2013 – 02:14:43 | D ] F:mes vectors 111111
    [22/07/2013 – 01:16:21 | N | 8905] F:mon pressbook copie-01.png
    [14/10/2013 – 09:47:26 | D ] F:new doc important
    [17/08/2011 – 17:12:54 | N | 27768766] F:REVOLUTIONPARTYFLYER by ultimateboss.psd
    [30/07/2013 – 11:38:40 | N | 27465] F:stock-vector-bookmarks-icon-set-63755776.jpg
    [30/07/2013 – 11:34:40 | N | 36638] F:stock-vector-modern-spiral-infographics-options-banner-vector-illustration-can-be-used-for-workflow-layout-129229757.jpg
    [27/03/2013 – 14:51:36 | SHD ] F:System Volume Information

    ################## | Vaccin |

    C:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
    E:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
    F:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
    J:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)

    ################## | E.O.F | http://www.usbfix.net » onclick= »window.open(this.href);return false; – http://www.sosvirus.net » onclick= »window.open(this.href);return false; |

    H.A.W.X
    Participant
    Nombre d'articles : 1809

    Bonjour ?

    Sans explications, aunes aide ne sera apportées.

2 sujets de 1 à 2 (sur un total de 2)

Vous devez être connecté pour répondre à ce sujet.