Virus ITunesHelp 2014-05-14T19:01:34+00:00
6 sujets de 1 à 6 (sur un total de 6)
  • Auteur
    Messages
  • Loubene
    Participant
    Nombre d'articles : 7

    Bonsoir j’ai un virus et voici le rapport :
    ############################# | UsbFix V 7.170 | [Recherche]

    Utilisateur: oless (Administrateur) # TOSHIBA
    Mis à jour le 13/05/2014 par El Desaparecido – SosVirus
    Lancé à 20:27:41 | 14/05/2014

    Site Web : http://www.usbfix.net/” onclick=”window.open(this.href);return false;
    Changelog : http://www.usbfix.net/maj/” onclick=”window.open(this.href);return false;
    Assistance : forum-virus-securite.html
    Upload Malware : upload_malware.php
    Contact : http://www.usbfix.net/contact/” onclick=”window.open(this.href);return false;

    PC: TOSHIBA (PWWAA)
    CPU: Intel(R) Pentium(R) CPU P6100 @ 2.00GHz
    RAM -> [Total : 3891 Mo| Free : 1442 Mo]
    Bios: TOSHIBA
    Boot: Normal boot

    OS: Microsoft Windows 7 Édition Familiale Premium (6.1.7601 64-Bit) Service Pack 1
    WB: Windows Internet Explorer : 11.0.9600.17105
    WB: Google Chrome : 34.0.1847.131

    SC: Security Center [Enabled]
    WU: Windows Update [Enabled]
    AV: avast! Antivirus [(!) Disabled | Updated]
    AS: Windows Defender [Enabled | Updated]
    AS: avast! Antivirus [(!) Disabled | Updated]
    FW: Windows FireWall [(!) Disabled]

    C: (%SystemDrive%) -> Disque fixe # 350 Go (302 Go libre(s) – 86%) [WINDOWS] # NTFS
    D: -> Disque fixe # 349 Go (340 Go libre(s) – 98%) [Data] # NTFS
    E: -> CD-ROM
    F: -> Disque amovible # 947 Mo (0 Mo libre(s) – 0%) [] # FAT
    G: -> Disque amovible # 2 Go (454 Mo libre(s) – 24%) [KINGSTON] # FAT

    ################## | Processus Actif |

    C:WindowsSystem32smss.exe (ID: 332|ParentID: 4|Système)
    C:WindowsSystem32wininit.exe (ID: 556|ParentID: 416)
    C:WindowsSystem32services.exe (ID: 612|ParentID: 556)
    C:WindowsSystem32lsass.exe (ID: 628|ParentID: 556)
    C:WindowsSystem32lsm.exe (ID: 636|ParentID: 556)
    C:WindowsSystem32svchost.exe (ID: 768|ParentID: 612)
    C:WindowsSystem32winlogon.exe (ID: 792|ParentID: 564)
    C:WindowsSystem32svchost.exe (ID: 892|ParentID: 612)
    C:WindowsSystem32svchost.exe (ID: 944|ParentID: 612)
    C:WindowsSystem32svchost.exe (ID: 1016|ParentID: 612)
    C:WindowsSystem32svchost.exe (ID: 348|ParentID: 612)
    C:WindowsSystem32svchost.exe (ID: 536|ParentID: 612)
    C:WindowsSystem32svchost.exe (ID: 1096|ParentID: 612)
    C:Program FilesAVAST SoftwareAvastAvastSvc.exe (ID: 1296|ParentID: 612)
    C:WindowsSystem32spoolsv.exe (ID: 1460|ParentID: 612)
    C:WindowsSystem32svchost.exe (ID: 1488|ParentID: 612)
    C:Program Files (x86)RealtekRealtek USB 2.0 Card ReaderRIconMan.exe (ID: 1596|ParentID: 612)
    C:Program Files (x86)IntelIntel(R) Management Engine ComponentsLMSLMS.exe (ID: 1652|ParentID: 612)
    C:Program Files (x86)Microsoft Application Virtualization Clientsftvsa.exe (ID: 1912|ParentID: 612)
    C:WindowsSystem32svchost.exe (ID: 1976|ParentID: 612)
    C:WindowsSystem32TODDSrv.exe (ID: 2012|ParentID: 612)
    C:Program FilesTOSHIBAPower SaverTosCoSrv.exe (ID: 2032|ParentID: 612)
    C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSVC.EXE (ID: 1312|ParentID: 612)
    C:Program Files (x86)Microsoft Application Virtualization Clientsftlist.exe (ID: 2072|ParentID: 612)
    C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSVCM.EXE (ID: 2332|ParentID: 1312)
    C:Program Files (x86)Common Filesmicrosoft sharedVirtualization HandlerCVHSVC.EXE (ID: 2368|ParentID: 612)
    C:WindowsMicrosoft.NETFramework64v3.0WPFPresentationFontCache.exe (ID: 2444|ParentID: 612)
    C:WindowsSystem32svchost.exe (ID: 2500|ParentID: 612)
    C:WindowsSystem32svchost.exe (ID: 3020|ParentID: 612)
    C:Program Files (x86)TOSHIBAConfigFreeCFIWmxSvcs64.exe (ID: 620|ParentID: 612)
    C:Program Files (x86)TOSHIBAConfigFreeCFSvcs.exe (ID: 2428|ParentID: 612)
    C:Program Files (x86)NeroUpdateNASvc.exe (ID: 2640|ParentID: 612)
    C:Program Files (x86)IntelIntel(R) Management Engine ComponentsUNSUNS.exe (ID: 1928|ParentID: 612)
    C:WindowsSystem32svchost.exe (ID: 1228|ParentID: 612)
    C:Program FilesWindows Media Playerwmpnetwk.exe (ID: 1812|ParentID: 612)
    C:WindowsSystem32SearchIndexer.exe (ID: 1568|ParentID: 612)
    C:WindowsSystem32taskhost.exe (ID: 3280|ParentID: 612|oless)
    C:WindowsSystem32dwm.exe (ID: 3364|ParentID: 1016|oless)
    C:Windowsexplorer.exe (ID: 3376|ParentID: 3340|oless)
    C:Program FilesTOSHIBABulletinBoardTosNcCore.exe (ID: 3640|ParentID: 3376|oless)
    C:Program FilesTOSHIBAReelTimeTosReelTimeMonitor.exe (ID: 3648|ParentID: 3376|oless)
    C:Program Files (x86)Toshiba TEMPROTemproTray.exe (ID: 3656|ParentID: 3376|oless)
    C:WindowsSystem32igfxtray.exe (ID: 3664|ParentID: 3376|oless)
    C:WindowsSystem32hkcmd.exe (ID: 3680|ParentID: 3376|oless)
    C:WindowsSystem32igfxpers.exe (ID: 3692|ParentID: 3376|oless)
    C:Program FilesRealtekAudioHDARAVCpl64.exe (ID: 3700|ParentID: 3376|oless)
    C:Program FilesRealtekAudioHDARAVBg64.exe (ID: 3708|ParentID: 3376|oless)
    C:Program FilesTOSHIBAPower SaverTPwrMain.exe (ID: 3720|ParentID: 3376|oless)
    C:Program FilesTOSHIBASmoothViewSmoothView.exe (ID: 3760|ParentID: 3376|oless)
    C:Program FilesTOSHIBAFlashCardsTCrdMain.exe (ID: 3776|ParentID: 3376|oless)
    C:WindowsSystem32igfxsrvc.exe (ID: 3792|ParentID: 768|oless)
    C:Program FilesSynapticsSynTPSynTPEnh.exe (ID: 3804|ParentID: 3376|oless)
    C:Program Files (x86)TOSHIBATOSHIBA Online Product InformationTOPI.exe (ID: 3924|ParentID: 3376|oless)
    C:WindowsSystem32wscript.exe (ID: 4076|ParentID: 3376|oless)
    C:Program FilesTOSHIBATOSHIBA Places Icon UtilityTosDIMonitor.exe (ID: 1824|ParentID: 3376|oless)
    C:UsersolessAppDataRoamingDropboxbinDropbox.exe (ID: 3224|ParentID: 3376|oless)
    C:Program Files (x86)Common FilesAdobeOOBEPDAppUWAAAM Updates Notifier.exe (ID: 3544|ParentID: 3916|oless)
    C:Program Files (x86)TOSHIBAUtilitiesKeNotify.exe (ID: 2656|ParentID: 4088|oless)
    C:Program Files (x86)TOSHIBATOSHIBA Service StationToshibaServiceStation.exe (ID: 3616|ParentID: 4088|oless)
    C:Program Files (x86)AdobeAdobe Creative CloudACCCreative Cloud.exe (ID: 3988|ParentID: 4088|oless)
    C:Program FilesAVAST SoftwareAvastavastui.exe (ID: 3320|ParentID: 4088|oless)
    C:Program Files (x86)Common FilesAdobeOOBEPDAppIPCAdobeIPCBroker.exe (ID: 4164|ParentID: 3988|oless)
    C:Program FilesSynapticsSynTPSynTPHelper.exe (ID: 4368|ParentID: 3804|oless)
    C:WindowsSystem32igfxext.exe (ID: 4632|ParentID: 768|oless)
    C:WindowsSystem32taskeng.exe (ID: 4308|ParentID: 536|oless)
    C:Program Files (x86)TOSHIBAConfigFreeNDSTray.exe (ID: 1672|ParentID: 4308|oless)
    C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID: 4396|ParentID: 3376|oless)
    C:WindowsSystem32wuauclt.exe (ID: 3340|ParentID: 536|oless)
    C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID: 1368|ParentID: 4396|oless)
    C:Program Files (x86)AdobeAdobe Creative CloudHEXAdobe CEF Helper.exe (ID: 3252|ParentID: 3988|oless)
    C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID: 5164|ParentID: 4396|oless)
    C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID: 5352|ParentID: 4396|oless)
    C:Program Files (x86)TOSHIBATOSHIBA Service StationTMachInfo.exe (ID: 5484|ParentID: 612)
    C:Program Files (x86)TOSHIBAConfigFreeCFSwMgr.exe (ID: 6140|ParentID: 1672|oless)
    C:Program FilesTOSHIBATOSHIBA HDD SSD AlertTosSmartSrv.exe (ID: 5556|ParentID: 612)
    C:Program FilesTOSHIBATOSHIBA HDD SSD AlertTosSENotify.exe (ID: 5576|ParentID: 3840|oless)
    C:Program Files (x86)AdobeAdobe Creative CloudCoreSyncV1CoreSync.exe (ID: 5424|ParentID: 3988|oless)
    C:WindowsSystem32wbemunsecapp.exe (ID: 5020|ParentID: 768|oless)
    C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID: 4832|ParentID: 4396|oless)
    C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID: 884|ParentID: 4396|oless)
    C:WindowsSystem32audiodg.exe (ID: 4356|ParentID: 944)
    C:UsbFixUsbFix.exe (ID: 4892|ParentID: 5860|oless)

    ################## | Autorun |

    G:Capture d’écran 2014-05-07 12.lnk -> G:iTunesHelper.vbe – VirusTotal – (17/49)
    G:System Volume Information.lnk -> G:iTunesHelper.vbe – VirusTotal – (17/49)
    G:Homefront 2013 FRENCH BRRiP XviD-CARPEDIEM.lnk -> G:iTunesHelper.vbe – VirusTotal – (17/49)
    G:Al-Air.lnk -> G:iTunesHelper.vbe – VirusTotal – (17/49)
    G:2.lnk -> G:iTunesHelper.vbe – VirusTotal – (17/49)
    G:9052014_COMMANDE_C1842E52791O1599.lnk -> G:iTunesHelper.vbe – VirusTotal – (17/49)

    ################## | Regedit Run |

    F2 – HKLM..Winlogon : [Shell] explorer.exe
    F2 – [x64] HKLM..Winlogon : [Shell] explorer.exe
    F2 – HKLM..Winlogon : [Userinit] userinit.exe
    F2 – [x64] HKLM..Winlogon : [Userinit] C:Windowssystem32userinit.exe,
    04 – HKCU..Run : [TOPI.EXE] C:Program Files (x86)TOSHIBATOSHIBA Online Product Informationtopi.exe /STAR
    04 – HKCU..Run : [Facebook Update] “C:UsersolessAppDataLocalFacebookUpdateFacebookUpdate.exe” /c /nocrashserver
    04 – HKCU..Run : [swg] “C:Program Files (x86)GoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe”
    04 – HKCU..Run : [iTunesHelper] wscript.exe //B “C:UsersolessAppDataLocalTempiTunesHelper.vbe”
    04 – HKLM..Run : [NBAgent] “c:Program Files (x86)NeroNero 10Nero BackItUpNBAgent.exe” /WinStart
    04 – HKLM..Run : [HWSetup] C:Program FilesTOSHIBAUtilitiesHWSetup.exe hwSetUP
    04 – HKLM..Run : [SVPWUTIL] C:Program Files (x86)TOSHIBAUtilitiesSVPWUTIL.exe SVPwUTIL
    04 – HKLM..Run : [KeNotify] “C:Program Files (x86)TOSHIBAUtilitiesKeNotify.exe” LPCM
    04 – HKLM..Run : [ToshibaServiceStation] C:Program Files (x86)TOSHIBATOSHIBA Service StationToshibaServiceStation.exe /hide:60
    04 – HKLM..Run : [Adobe Reader Speed Launcher] “C:Program Files (x86)AdobeReader 9.0ReaderReader_sl.exe”
    04 – HKLM..Run : [Adobe ARM] “C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe”
    04 – HKLM..Run : [Adobe Creative Cloud] “C:Program Files (x86)AdobeAdobe Creative CloudACCCreative Cloud.exe” –showwindow=false –onOSstartup=true
    04 – HKLM..Run : [AvastUI.exe] “C:Program FilesAVAST SoftwareAvastAvastUI.exe” /nogui
    04 – [x64] HKLM..Run : [TosNC] %ProgramFiles%ToshibaBulletinBoardTosNcCore.exe
    04 – [x64] HKLM..Run : [TosReelTimeMonitor] %ProgramFiles%TOSHIBAReelTimeTosReelTimeMonitor.exe
    04 – [x64] HKLM..Run : [Toshiba TEMPRO] C:Program Files (x86)Toshiba TEMPROTemproTray.exe
    04 – [x64] HKLM..Run : [IgfxTray] C:Windowssystem32igfxtray.exe
    04 – [x64] HKLM..Run : [HotKeysCmds] C:Windowssystem32hkcmd.exe
    04 – [x64] HKLM..Run : [Persistence] C:Windowssystem32igfxpers.exe
    04 – [x64] HKLM..Run : [RtHDVCpl] C:Program FilesRealtekAudioHDARAVCpl64.exe -s
    04 – [x64] HKLM..Run : [RtHDVBg] C:Program FilesRealtekAudioHDARAVBg64.exe /FORPCEE3
    04 – [x64] HKLM..Run : [TPwrMain] %ProgramFiles%TOSHIBAPower SaverTPwrMain.EXE
    04 – [x64] HKLM..Run : [SmoothView] %ProgramFiles%ToshibaSmoothViewSmoothView.exe
    04 – [x64] HKLM..Run : [00TCrdMain] %ProgramFiles%TOSHIBAFlashCardsTCrdMain.exe
    04 – [x64] HKLM..Run : [SynTPEnh] %ProgramFiles%SynapticsSynTPSynTPEnh.exe
    04 – [x64] HKLM..Run : [SmartFaceVWatcher] %ProgramFiles%ToshibaSmartFaceVSmartFaceVWatcher.exe
    04 – [x64] HKLM..Run : [TosSENotify] C:Program FilesTOSHIBATOSHIBA HDD SSD AlertTosWaitSrv.exe
    04 – [x64] HKLM..Run : [TosVolRegulator] C:Program FilesTOSHIBATosVolRegulatorTosVolRegulator.exe
    04 – [x64] HKLM..Run : [Toshiba Registration] C:Program FilesTOSHIBARegistrationToshibaReminder.exe
    04 – [x64] HKLM..Run : [AdobeAAMUpdater-1.0] “C:Program Files (x86)Common FilesAdobeOOBEPDAppUWAUpdaterStartupUtility.exe”
    04 – HKUS-1-5-19..Run : [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /autoRun
    04 – HKUS-1-5-19..Run : [TOPI.EXE] C:Program Files (x86)TOSHIBATOSHIBA Online Product Informationtopi.exe /STARTUP
    04 – HKUS-1-5-20..Run : [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /autoRun
    04 – HKUS-1-5-20..Run : [TOPI.EXE] C:Program Files (x86)TOSHIBATOSHIBA Online Product Informationtopi.exe /STARTUP
    04 – HKUS-1-5-21-4192795423-3154527359-3879142809-1000..Run : [TOPI.EXE] C:Program Files (x86)TOSHIBATOSHIBA Online Product Informationtopi.exe /STAR
    04 – HKUS-1-5-21-4192795423-3154527359-3879142809-1000..Run : [Facebook Update] “C:UsersolessAppDataLocalFacebookUpdateFacebookUpdate.exe” /c /nocrashserver
    04 – HKUS-1-5-21-4192795423-3154527359-3879142809-1000..Run : [swg] “C:Program Files (x86)GoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe”
    04 – HKUS-1-5-21-4192795423-3154527359-3879142809-1000..Run : [iTunesHelper] wscript.exe //B “C:UsersolessAppDataLocalTempiTunesHelper.vbe”
    04 – HKUS-1-5-18..Run : [TOPI.EXE] C:Program Files (x86)TOSHIBATOSHIBA Online Product Informationtopi.exe /STARTUP
    04 – HKUS-1-5-19..RunOnce : [mctadmin] C:WindowsSystem32mctadmin.exe
    04 – HKUS-1-5-20..RunOnce : [mctadmin] C:WindowsSystem32mctadmin.exe

    ################## | Recherche générique |

    Présent! C:UsersolessAppDataLocalTempiTunesHelper.vbe
    Présent! C:UsersolessAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupiTunesHelper.vbe
    Présent! G:iTunesHelper.vbe
    Présent! F:Videos.lnk
    Présent! F:imgcache.lnk
    Présent! F:Clips vidéo.lnk
    Présent! F:predeftemp.lnk
    Présent! F:nokia_unprocessed_images_.lnk
    Présent! F:Playlists.lnk
    Présent! F:BlackBerry.lnk
    Présent! F:RECYCLER.lnk
    Présent! F:System Volume Information.lnk
    Présent! F:353760047528445WMLicense.lnk
    Présent! F:WMLicense.lnk
    Présent! F:WMPInfo.lnk
    Présent! F:_disk_id.lnk
    Présent! F:Photos.lnk
    Présent! G:2.lnk
    Présent! G:Homefront 2013 FRENCH BRRiP XviD-CARPEDIEM.lnk
    Présent! G:Al-Air.lnk
    Présent! G:9052014_COMMANDE_C1842E52791O1599.lnk
    Présent! G:Capture d’écran 2014-05-07 12.lnk
    Présent! G:System Volume Information.lnk
    Présent! F:RecyclerS-5-3-42-2819952290-8240758988-879315005-3665

    ################## | Registre |

    Présent! HKUS-1-5-21-4192795423-3154527359-3879142809-1000SoftwareMicrosoftWindowsCurrentVersionRun|iTunesHelper
    Présent! HKCUSoftwareMicrosoftWindowsCurrentVersionRun|iTunesHelper

    ################## | E.O.F | https://www.sosvirus.net/” onclick=”window.open(this.href);return false; | http://www.usbfix.net/” onclick=”window.open(this.href);return false; |

    Loubene
    Participant
    Nombre d'articles : 7

    Et voila la jolie suite sur USB :Re: Ituneshelper.vbe infection USB
    Messagepar Loubene » 14 Mai 2014 20:51

    ############################## | UsbFix V 7.170 | [Recherche]

    Utilisateur: oless (Administrateur) # TOSHIBA
    Mis à jour le 13/05/2014 par El Desaparecido – SosVirus
    Lancé à 20:47:30 | 14/05/2014

    Site Web : http://www.usbfix.net/” onclick=”window.open(this.href);return false;
    Changelog : http://www.usbfix.net/maj/” onclick=”window.open(this.href);return false;
    Assistance : forum-virus-securite.html
    Upload Malware : upload_malware.php
    Contact : http://www.usbfix.net/contact/” onclick=”window.open(this.href);return false;

    PC: TOSHIBA (PWWAA)
    CPU: Intel(R) Pentium(R) CPU P6100 @ 2.00GHz
    RAM -> [Total : 3891 Mo| Free : 1219 Mo]
    Bios: TOSHIBA
    Boot: Normal boot

    OS: Microsoft Windows 7 Édition Familiale Premium (6.1.7601 64-Bit) Service Pack 1
    WB: Windows Internet Explorer : 11.0.9600.17105
    WB: Google Chrome : 34.0.1847.131

    SC: Security Center [Enabled]
    WU: Windows Update [Enabled]
    AV: avast! Antivirus [(!) Disabled | Updated]
    AS: Windows Defender [Enabled | Updated]
    AS: avast! Antivirus [(!) Disabled | Updated]
    FW: Windows FireWall [(!) Disabled]

    C: (%SystemDrive%) -> Disque fixe # 350 Go (302 Go libre(s) – 86%) [WINDOWS] # NTFS
    D: -> Disque fixe # 349 Go (340 Go libre(s) – 98%) [Data] # NTFS
    E: -> CD-ROM
    F: -> Disque amovible # 947 Mo (0 Mo libre(s) – 0%) [] # FAT
    G: -> Disque amovible # 2 Go (454 Mo libre(s) – 24%) [KINGSTON] # FAT

    ################## | Processus Actif |

    C:WindowsSystem32smss.exe (ID: 332|ParentID: 4|Système)
    C:WindowsSystem32wininit.exe (ID: 556|ParentID: 416)
    C:WindowsSystem32services.exe (ID: 612|ParentID: 556)
    C:WindowsSystem32lsass.exe (ID: 628|ParentID: 556)
    C:WindowsSystem32lsm.exe (ID: 636|ParentID: 556)
    C:WindowsSystem32svchost.exe (ID: 768|ParentID: 612)
    C:WindowsSystem32winlogon.exe (ID: 792|ParentID: 564)
    C:WindowsSystem32svchost.exe (ID: 892|ParentID: 612)
    C:WindowsSystem32svchost.exe (ID: 944|ParentID: 612)
    C:WindowsSystem32svchost.exe (ID: 1016|ParentID: 612)
    C:WindowsSystem32svchost.exe (ID: 348|ParentID: 612)
    C:WindowsSystem32svchost.exe (ID: 536|ParentID: 612)
    C:WindowsSystem32svchost.exe (ID: 1096|ParentID: 612)
    C:Program FilesAVAST SoftwareAvastAvastSvc.exe (ID: 1296|ParentID: 612)
    C:WindowsSystem32spoolsv.exe (ID: 1460|ParentID: 612)
    C:WindowsSystem32svchost.exe (ID: 1488|ParentID: 612)
    C:Program Files (x86)RealtekRealtek USB 2.0 Card ReaderRIconMan.exe (ID: 1596|ParentID: 612)
    C:Program Files (x86)IntelIntel(R) Management Engine ComponentsLMSLMS.exe (ID: 1652|ParentID: 612)
    C:Program Files (x86)Microsoft Application Virtualization Clientsftvsa.exe (ID: 1912|ParentID: 612)
    C:WindowsSystem32svchost.exe (ID: 1976|ParentID: 612)
    C:WindowsSystem32TODDSrv.exe (ID: 2012|ParentID: 612)
    C:Program FilesTOSHIBAPower SaverTosCoSrv.exe (ID: 2032|ParentID: 612)
    C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSVC.EXE (ID: 1312|ParentID: 612)
    C:Program Files (x86)Microsoft Application Virtualization Clientsftlist.exe (ID: 2072|ParentID: 612)
    C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSVCM.EXE (ID: 2332|ParentID: 1312)
    C:Program Files (x86)Common Filesmicrosoft sharedVirtualization HandlerCVHSVC.EXE (ID: 2368|ParentID: 612)
    C:WindowsMicrosoft.NETFramework64v3.0WPFPresentationFontCache.exe (ID: 2444|ParentID: 612)
    C:WindowsSystem32svchost.exe (ID: 2500|ParentID: 612)
    C:WindowsSystem32svchost.exe (ID: 3020|ParentID: 612)
    C:Program Files (x86)TOSHIBAConfigFreeCFIWmxSvcs64.exe (ID: 620|ParentID: 612)
    C:Program Files (x86)TOSHIBAConfigFreeCFSvcs.exe (ID: 2428|ParentID: 612)
    C:Program Files (x86)NeroUpdateNASvc.exe (ID: 2640|ParentID: 612)
    C:Program Files (x86)IntelIntel(R) Management Engine ComponentsUNSUNS.exe (ID: 1928|ParentID: 612)
    C:WindowsSystem32svchost.exe (ID: 1228|ParentID: 612)
    C:Program FilesWindows Media Playerwmpnetwk.exe (ID: 1812|ParentID: 612)
    C:WindowsSystem32SearchIndexer.exe (ID: 1568|ParentID: 612)
    C:WindowsSystem32taskhost.exe (ID: 3280|ParentID: 612|oless)
    C:WindowsSystem32dwm.exe (ID: 3364|ParentID: 1016|oless)
    C:Windowsexplorer.exe (ID: 3376|ParentID: 3340|oless)
    C:Program FilesTOSHIBABulletinBoardTosNcCore.exe (ID: 3640|ParentID: 3376|oless)
    C:Program FilesTOSHIBAReelTimeTosReelTimeMonitor.exe (ID: 3648|ParentID: 3376|oless)
    C:Program Files (x86)Toshiba TEMPROTemproTray.exe (ID: 3656|ParentID: 3376|oless)
    C:WindowsSystem32igfxtray.exe (ID: 3664|ParentID: 3376|oless)
    C:WindowsSystem32hkcmd.exe (ID: 3680|ParentID: 3376|oless)
    C:WindowsSystem32igfxpers.exe (ID: 3692|ParentID: 3376|oless)
    C:Program FilesRealtekAudioHDARAVCpl64.exe (ID: 3700|ParentID: 3376|oless)
    C:Program FilesRealtekAudioHDARAVBg64.exe (ID: 3708|ParentID: 3376|oless)
    C:Program FilesTOSHIBAPower SaverTPwrMain.exe (ID: 3720|ParentID: 3376|oless)
    C:Program FilesTOSHIBASmoothViewSmoothView.exe (ID: 3760|ParentID: 3376|oless)
    C:Program FilesTOSHIBAFlashCardsTCrdMain.exe (ID: 3776|ParentID: 3376|oless)
    C:WindowsSystem32igfxsrvc.exe (ID: 3792|ParentID: 768|oless)
    C:Program FilesSynapticsSynTPSynTPEnh.exe (ID: 3804|ParentID: 3376|oless)
    C:Program Files (x86)TOSHIBATOSHIBA Online Product InformationTOPI.exe (ID: 3924|ParentID: 3376|oless)
    C:WindowsSystem32wscript.exe (ID: 4076|ParentID: 3376|oless)
    C:Program FilesTOSHIBATOSHIBA Places Icon UtilityTosDIMonitor.exe (ID: 1824|ParentID: 3376|oless)
    C:UsersolessAppDataRoamingDropboxbinDropbox.exe (ID: 3224|ParentID: 3376|oless)
    C:Program Files (x86)Common FilesAdobeOOBEPDAppUWAAAM Updates Notifier.exe (ID: 3544|ParentID: 3916|oless)
    C:Program Files (x86)TOSHIBAUtilitiesKeNotify.exe (ID: 2656|ParentID: 4088|oless)
    C:Program Files (x86)TOSHIBATOSHIBA Service StationToshibaServiceStation.exe (ID: 3616|ParentID: 4088|oless)
    C:Program Files (x86)AdobeAdobe Creative CloudACCCreative Cloud.exe (ID: 3988|ParentID: 4088|oless)
    C:Program FilesAVAST SoftwareAvastavastui.exe (ID: 3320|ParentID: 4088|oless)
    C:Program Files (x86)Common FilesAdobeOOBEPDAppIPCAdobeIPCBroker.exe (ID: 4164|ParentID: 3988|oless)
    C:Program FilesSynapticsSynTPSynTPHelper.exe (ID: 4368|ParentID: 3804|oless)
    C:WindowsSystem32igfxext.exe (ID: 4632|ParentID: 768|oless)
    C:WindowsSystem32taskeng.exe (ID: 4308|ParentID: 536|oless)
    C:Program Files (x86)TOSHIBAConfigFreeNDSTray.exe (ID: 1672|ParentID: 4308|oless)
    C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID: 4396|ParentID: 3376|oless)
    C:WindowsSystem32wuauclt.exe (ID: 3340|ParentID: 536|oless)
    C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID: 1368|ParentID: 4396|oless)
    C:Program Files (x86)AdobeAdobe Creative CloudHEXAdobe CEF Helper.exe (ID: 3252|ParentID: 3988|oless)
    C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID: 5164|ParentID: 4396|oless)
    C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID: 5352|ParentID: 4396|oless)
    C:Program Files (x86)TOSHIBATOSHIBA Service StationTMachInfo.exe (ID: 5484|ParentID: 612)
    C:Program Files (x86)TOSHIBAConfigFreeCFSwMgr.exe (ID: 6140|ParentID: 1672|oless)
    C:Program FilesTOSHIBATOSHIBA HDD SSD AlertTosSmartSrv.exe (ID: 5556|ParentID: 612)
    C:Program FilesTOSHIBATOSHIBA HDD SSD AlertTosSENotify.exe (ID: 5576|ParentID: 3840|oless)
    C:Program Files (x86)AdobeAdobe Creative CloudCoreSyncV1CoreSync.exe (ID: 5424|ParentID: 3988|oless)
    C:WindowsSystem32wbemunsecapp.exe (ID: 5020|ParentID: 768|oless)
    C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID: 3424|ParentID: 4396|oless)
    C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID: 5476|ParentID: 4396|oless)
    C:WindowsSystem32audiodg.exe (ID: 5452|ParentID: 944)
    C:UsbFixUsbFix.exe (ID: 4804|ParentID: 3376|oless)

    ################## | Autorun |

    G:Capture d’écran 2014-05-07 12.lnk -> G:iTunesHelper.vbe – (SHA1: D59C8B0AE7DD7799A48FC9EEAAC0833F009A5DD7)
    G:System Volume Information.lnk -> G:iTunesHelper.vbe – (SHA1: D59C8B0AE7DD7799A48FC9EEAAC0833F009A5DD7)
    G:Homefront 2013 FRENCH BRRiP XviD-CARPEDIEM.lnk -> G:iTunesHelper.vbe – (SHA1: D59C8B0AE7DD7799A48FC9EEAAC0833F009A5DD7)
    G:Al-Air.lnk -> G:iTunesHelper.vbe – (SHA1: D59C8B0AE7DD7799A48FC9EEAAC0833F009A5DD7)
    G:2.lnk -> G:iTunesHelper.vbe – (SHA1: D59C8B0AE7DD7799A48FC9EEAAC0833F009A5DD7)
    G:9052014_COMMANDE_C1842E52791O1599.lnk -> G:iTunesHelper.vbe – VirusTotal – (17/49)

    ################## | Regedit Run |

    F2 – HKLM..Winlogon : [Shell] explorer.exe
    F2 – [x64] HKLM..Winlogon : [Shell] explorer.exe
    F2 – HKLM..Winlogon : [Userinit] userinit.exe
    F2 – [x64] HKLM..Winlogon : [Userinit] C:Windowssystem32userinit.exe,
    04 – HKCU..Run : [TOPI.EXE] C:Program Files (x86)TOSHIBATOSHIBA Online Product Informationtopi.exe /STAR
    04 – HKCU..Run : [Facebook Update] “C:UsersolessAppDataLocalFacebookUpdateFacebookUpdate.exe” /c /nocrashserver
    04 – HKCU..Run : [swg] “C:Program Files (x86)GoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe”
    04 – HKCU..Run : [iTunesHelper] wscript.exe //B “C:UsersolessAppDataLocalTempiTunesHelper.vbe”
    04 – HKLM..Run : [NBAgent] “c:Program Files (x86)NeroNero 10Nero BackItUpNBAgent.exe” /WinStart
    04 – HKLM..Run : [HWSetup] C:Program FilesTOSHIBAUtilitiesHWSetup.exe hwSetUP
    04 – HKLM..Run : [SVPWUTIL] C:Program Files (x86)TOSHIBAUtilitiesSVPWUTIL.exe SVPwUTIL
    04 – HKLM..Run : [KeNotify] “C:Program Files (x86)TOSHIBAUtilitiesKeNotify.exe” LPCM
    04 – HKLM..Run : [ToshibaServiceStation] C:Program Files (x86)TOSHIBATOSHIBA Service StationToshibaServiceStation.exe /hide:60
    04 – HKLM..Run : [Adobe Reader Speed Launcher] “C:Program Files (x86)AdobeReader 9.0ReaderReader_sl.exe”
    04 – HKLM..Run : [Adobe ARM] “C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe”
    04 – HKLM..Run : [Adobe Creative Cloud] “C:Program Files (x86)AdobeAdobe Creative CloudACCCreative Cloud.exe” –showwindow=false –onOSstartup=true
    04 – HKLM..Run : [AvastUI.exe] “C:Program FilesAVAST SoftwareAvastAvastUI.exe” /nogui
    04 – [x64] HKLM..Run : [TosNC] %ProgramFiles%ToshibaBulletinBoardTosNcCore.exe
    04 – [x64] HKLM..Run : [TosReelTimeMonitor] %ProgramFiles%TOSHIBAReelTimeTosReelTimeMonitor.exe
    04 – [x64] HKLM..Run : [Toshiba TEMPRO] C:Program Files (x86)Toshiba TEMPROTemproTray.exe
    04 – [x64] HKLM..Run : [IgfxTray] C:Windowssystem32igfxtray.exe
    04 – [x64] HKLM..Run : [HotKeysCmds] C:Windowssystem32hkcmd.exe
    04 – [x64] HKLM..Run : [Persistence] C:Windowssystem32igfxpers.exe
    04 – [x64] HKLM..Run : [RtHDVCpl] C:Program FilesRealtekAudioHDARAVCpl64.exe -s
    04 – [x64] HKLM..Run : [RtHDVBg] C:Program FilesRealtekAudioHDARAVBg64.exe /FORPCEE3
    04 – [x64] HKLM..Run : [TPwrMain] %ProgramFiles%TOSHIBAPower SaverTPwrMain.EXE
    04 – [x64] HKLM..Run : [SmoothView] %ProgramFiles%ToshibaSmoothViewSmoothView.exe
    04 – [x64] HKLM..Run : [00TCrdMain] %ProgramFiles%TOSHIBAFlashCardsTCrdMain.exe
    04 – [x64] HKLM..Run : [SynTPEnh] %ProgramFiles%SynapticsSynTPSynTPEnh.exe
    04 – [x64] HKLM..Run : [SmartFaceVWatcher] %ProgramFiles%ToshibaSmartFaceVSmartFaceVWatcher.exe
    04 – [x64] HKLM..Run : [TosSENotify] C:Program FilesTOSHIBATOSHIBA HDD SSD AlertTosWaitSrv.exe
    04 – [x64] HKLM..Run : [TosVolRegulator] C:Program FilesTOSHIBATosVolRegulatorTosVolRegulator.exe
    04 – [x64] HKLM..Run : [Toshiba Registration] C:Program FilesTOSHIBARegistrationToshibaReminder.exe
    04 – [x64] HKLM..Run : [AdobeAAMUpdater-1.0] “C:Program Files (x86)Common FilesAdobeOOBEPDAppUWAUpdaterStartupUtility.exe”
    04 – HKUS-1-5-19..Run : [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /autoRun
    04 – HKUS-1-5-19..Run : [TOPI.EXE] C:Program Files (x86)TOSHIBATOSHIBA Online Product Informationtopi.exe /STARTUP
    04 – HKUS-1-5-20..Run : [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /autoRun
    04 – HKUS-1-5-20..Run : [TOPI.EXE] C:Program Files (x86)TOSHIBATOSHIBA Online Product Informationtopi.exe /STARTUP
    04 – HKUS-1-5-21-4192795423-3154527359-3879142809-1000..Run : [TOPI.EXE] C:Program Files (x86)TOSHIBATOSHIBA Online Product Informationtopi.exe /STAR
    04 – HKUS-1-5-21-4192795423-3154527359-3879142809-1000..Run : [Facebook Update] “C:UsersolessAppDataLocalFacebookUpdateFacebookUpdate.exe” /c /nocrashserver
    04 – HKUS-1-5-21-4192795423-3154527359-3879142809-1000..Run : [swg] “C:Program Files (x86)GoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe”
    04 – HKUS-1-5-21-4192795423-3154527359-3879142809-1000..Run : [iTunesHelper] wscript.exe //B “C:UsersolessAppDataLocalTempiTunesHelper.vbe”
    04 – HKUS-1-5-18..Run : [TOPI.EXE] C:Program Files (x86)TOSHIBATOSHIBA Online Product Informationtopi.exe /STARTUP
    04 – HKUS-1-5-19..RunOnce : [mctadmin] C:WindowsSystem32mctadmin.exe
    04 – HKUS-1-5-20..RunOnce : [mctadmin] C:WindowsSystem32mctadmin.exe

    ################## | Recherche générique |

    Présent! C:UsersolessAppDataLocalTempiTunesHelper.vbe
    Présent! C:UsersolessAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupiTunesHelper.vbe
    Présent! G:iTunesHelper.vbe
    Présent! F:Videos.lnk
    Présent! F:imgcache.lnk
    Présent! F:Clips vidéo.lnk
    Présent! F:predeftemp.lnk
    Présent! F:nokia_unprocessed_images_.lnk
    Présent! F:Playlists.lnk
    Présent! F:BlackBerry.lnk
    Présent! F:RECYCLER.lnk
    Présent! F:System Volume Information.lnk
    Présent! F:353760047528445WMLicense.lnk
    Présent! F:WMLicense.lnk
    Présent! F:WMPInfo.lnk
    Présent! F:_disk_id.lnk
    Présent! F:Photos.lnk
    Présent! G:2.lnk
    Présent! G:Homefront 2013 FRENCH BRRiP XviD-CARPEDIEM.lnk
    Présent! G:Al-Air.lnk
    Présent! G:9052014_COMMANDE_C1842E52791O1599.lnk
    Présent! G:Capture d’écran 2014-05-07 12.lnk
    Présent! G:System Volume Information.lnk
    Présent! F:RecyclerS-5-3-42-2819952290-8240758988-879315005-3665

    ################## | Registre |

    Présent! HKUS-1-5-21-4192795423-3154527359-3879142809-1000SoftwareMicrosoftWindowsCurrentVersionRun|iTunesHelper
    Présent! HKCUSoftwareMicrosoftWindowsCurrentVersionRun|iTunesHelper

    ################## | E.O.F | https://www.sosvirus.net/” onclick=”window.open(this.href);return false; | http://www.usbfix.net/” onclick=”window.open(this.href);return false; |

    Loubene
    Participant
    Nombre d'articles : 7

    Celui qui le résoud je prette ma femme!!

    Anonyme
    Nombre d'articles : 0

    Hello :hello: ,

    Bienvenue sur SosVirus :welcome:

    Celui qui le résoud je prette ma femme!!

    Garde la, j’en ai assez d’une à la maison ..

    • Lance UsbFix.
    • Connecte les supports USB Susceptibles d’être infectés.
    • Choisis l’option Nettoyage

    • Copie et Colle le contenu du rapport qui apparaît à la fin du scan dans ta prochaine réponse.
    • Tutoriel : http://www.usbfix.net/tutoriels/” onclick=”window.open(this.href);return false;
    Loubene
    Participant
    Nombre d'articles : 7

    ############################## | UsbFix V 7.170 | [Nettoyage]

    Utilisateur: oless (Administrateur) # TOSHIBA
    Mis à jour le 13/05/2014 par El Desaparecido – SosVirus
    Lancé à 22:13:09 | 18/05/2014

    Site Web : http://www.usbfix.net/
    Changelog : http://www.usbfix.net/maj/
    Assistance : https://www.sosvirus.net/aide-nettoyage-pc/
    Upload Malware : https://www.sosvirus.net/upload_malware.php
    Contact : http://www.usbfix.net/contact/

    PC: TOSHIBA (PWWAA)
    CPU: Intel(R) Pentium(R) CPU P6100 @ 2.00GHz
    RAM -> [Total : 3891 Mo| Free : 2710 Mo]
    Bios: TOSHIBA
    Boot: Normal boot

    OS: Microsoft Windows 7 Édition Familiale Premium (6.1.7601 64-Bit) Service Pack 1
    WB: Windows Internet Explorer : 11.0.9600.17107
    WB: Google Chrome : 34.0.1847.137

    SC: Security Center [Enabled]
    WU: Windows Update [Enabled]
    AV: avast! Antivirus [(!) Disabled | Updated]
    AS: Windows Defender [Enabled | Updated]
    AS: avast! Antivirus [(!) Disabled | Updated]
    FW: Windows FireWall [(!) Disabled]

    C: (%SystemDrive%) -> Disque fixe # 350 Go (302 Go libre(s) – 86%) [WINDOWS] # NTFS
    D: -> Disque fixe # 349 Go (340 Go libre(s) – 98%) [Data] # NTFS
    E: -> CD-ROM
    F: -> Disque amovible # 947 Mo (0 Mo libre(s) – 0%) [] # FAT
    G: -> Disque amovible # 2 Go (454 Mo libre(s) – 24%) [KINGSTON] # FAT

    ################## | Processus Stoppés |

    C:Program FilesTOSHIBAFlashCardsTCrdMain.exe (ID: 3404|ParentID: 1316|oless)
    C:WindowsMicrosoft.NETFramework64v3.0WPFPresentationFontCache.exe (ID: 5212|ParentID: 580|SERVICE LOCAL)
    C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSVC.EXE (ID: 4484|ParentID: 580|Système)
    C:Program Files (x86)IntelIntel(R) Management Engine ComponentsLMSLMS.exe (ID: 6048|ParentID: 580|Système)
    C:WindowsSystem32WUDFHost.exe (ID: 2956|ParentID: 996|SERVICE LOCAL)
    C:WindowsSystem32SearchIndexer.exe (ID: 2008|ParentID: 580|Système)
    C:Program FilesWindows Media Playerwmpnetwk.exe (ID: 2032|ParentID: 580|SERVICE RÉSEAU)
    C:WindowsSystem32SearchProtocolHost.exe (ID: 1324|ParentID: 2008|Système)
    C:WindowsSystem32SearchFilterHost.exe (ID: 3052|ParentID: 2008|Système)
    C:Windowsexplorer.exe (ID: 3248|ParentID: 4124|oless)
    C:WindowsSystem32spoolsv.exe (ID: 684|ParentID: 580|Système)

    ################## | Autorun |

    G:Capture d’écran 2014-05-07 12.lnk -> G:iTunesHelper.vbe – VirusTotal – (17/49)
    G:Homefront 2013 FRENCH BRRiP XviD-CARPEDIEM.lnk -> G:iTunesHelper.vbe – VirusTotal – (17/49)
    G:2.lnk -> G:iTunesHelper.vbe – VirusTotal – (17/49)
    G:9052014_COMMANDE_C1842E52791O1599.lnk -> G:iTunesHelper.vbe – VirusTotal – (17/49)
    G:Al-Air.lnk -> G:iTunesHelper.vbe – VirusTotal – (17/49)
    G:System Volume Information.lnk -> G:iTunesHelper.vbe – VirusTotal – (17/49)

    ################## | Recherche générique |

    Supprimé! F:Videos.lnk
    Supprimé! F:imgcache.lnk
    Supprimé! F:Clips vidéo.lnk
    Supprimé! F:predeftemp.lnk
    Supprimé! F:nokia_unprocessed_images_.lnk
    Supprimé! F:Playlists.lnk
    Supprimé! F:BlackBerry.lnk
    Supprimé! F:RECYCLER.lnk
    Supprimé! F:System Volume Information.lnk
    Supprimé! F:353760047528445WMLicense.lnk
    Supprimé! F:WMLicense.lnk
    Supprimé! F:WMPInfo.lnk
    Supprimé! F:_disk_id.lnk
    Supprimé! F:Photos.lnk
    Supprimé! G:2.lnk
    Supprimé! G:Homefront 2013 FRENCH BRRiP XviD-CARPEDIEM.lnk
    Supprimé! G:Al-Air.lnk
    Supprimé! G:9052014_COMMANDE_C1842E52791O1599.lnk
    Supprimé! G:Capture d’écran 2014-05-07 12.lnk
    Supprimé! G:System Volume Information.lnk
    Supprimé! F:RecyclerS-5-3-42-2819952290-8240758988-879315005-3665
    Supprimé! G:iTunesHelper.vbe

    (!) Fichiers temporaires supprimés.

    ################## | Registre |

    ################## | Regedit Run |

    F2 – HKLM..Winlogon : [Shell] explorer.exe
    F2 – [x64] HKLM..Winlogon : [Shell] explorer.exe
    F2 – HKLM..Winlogon : [Userinit] userinit.exe
    F2 – [x64] HKLM..Winlogon : [Userinit] C:Windowssystem32userinit.exe,
    04 – HKCU..Run : [TOPI.EXE] C:Program Files (x86)TOSHIBATOSHIBA Online Product Informationtopi.exe /STAR
    04 – HKCU..Run : [Facebook Update] “C:UsersolessAppDataLocalFacebookUpdateFacebookUpdate.exe” /c /nocrashserver
    04 – HKCU..Run : [swg] “C:Program Files (x86)GoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe”
    04 – HKLM..Run : [NBAgent] “c:Program Files (x86)NeroNero 10Nero BackItUpNBAgent.exe” /WinStart
    04 – HKLM..Run : [HWSetup] C:Program FilesTOSHIBAUtilitiesHWSetup.exe hwSetUP
    04 – HKLM..Run : [SVPWUTIL] C:Program Files (x86)TOSHIBAUtilitiesSVPWUTIL.exe SVPwUTIL
    04 – HKLM..Run : [KeNotify] “C:Program Files (x86)TOSHIBAUtilitiesKeNotify.exe” LPCM
    04 – HKLM..Run : [ToshibaServiceStation] C:Program Files (x86)TOSHIBATOSHIBA Service StationToshibaServiceStation.exe /hide:60
    04 – HKLM..Run : [Adobe Reader Speed Launcher] “C:Program Files (x86)AdobeReader 9.0ReaderReader_sl.exe”
    04 – HKLM..Run : [Adobe ARM] “C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe”
    04 – HKLM..Run : [Adobe Creative Cloud] “C:Program Files (x86)AdobeAdobe Creative CloudACCCreative Cloud.exe” –showwindow=false –onOSstartup=true
    04 – HKLM..Run : [AvastUI.exe] “C:Program FilesAVAST SoftwareAvastAvastUI.exe” /nogui
    04 – [x64] HKLM..Run : [TosNC] %ProgramFiles%ToshibaBulletinBoardTosNcCore.exe
    04 – [x64] HKLM..Run : [TosReelTimeMonitor] %ProgramFiles%TOSHIBAReelTimeTosReelTimeMonitor.exe
    04 – [x64] HKLM..Run : [Toshiba TEMPRO] C:Program Files (x86)Toshiba TEMPROTemproTray.exe
    04 – [x64] HKLM..Run : [IgfxTray] C:Windowssystem32igfxtray.exe
    04 – [x64] HKLM..Run : [HotKeysCmds] C:Windowssystem32hkcmd.exe
    04 – [x64] HKLM..Run : [Persistence] C:Windowssystem32igfxpers.exe
    04 – [x64] HKLM..Run : [RtHDVCpl] C:Program FilesRealtekAudioHDARAVCpl64.exe -s
    04 – [x64] HKLM..Run : [RtHDVBg] C:Program FilesRealtekAudioHDARAVBg64.exe /FORPCEE3
    04 – [x64] HKLM..Run : [TPwrMain] %ProgramFiles%TOSHIBAPower SaverTPwrMain.EXE
    04 – [x64] HKLM..Run : [SmoothView] %ProgramFiles%ToshibaSmoothViewSmoothView.exe
    04 – [x64] HKLM..Run : [00TCrdMain] %ProgramFiles%TOSHIBAFlashCardsTCrdMain.exe
    04 – [x64] HKLM..Run : [SynTPEnh] %ProgramFiles%SynapticsSynTPSynTPEnh.exe
    04 – [x64] HKLM..Run : [SmartFaceVWatcher] %ProgramFiles%ToshibaSmartFaceVSmartFaceVWatcher.exe
    04 – [x64] HKLM..Run : [TosSENotify] C:Program FilesTOSHIBATOSHIBA HDD SSD AlertTosWaitSrv.exe
    04 – [x64] HKLM..Run : [TosVolRegulator] C:Program FilesTOSHIBATosVolRegulatorTosVolRegulator.exe
    04 – [x64] HKLM..Run : [Toshiba Registration] C:Program FilesTOSHIBARegistrationToshibaReminder.exe
    04 – [x64] HKLM..Run : [AdobeAAMUpdater-1.0] “C:Program Files (x86)Common FilesAdobeOOBEPDAppUWAUpdaterStartupUtility.exe”
    04 – HKUS-1-5-19..Run : [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /autoRun
    04 – HKUS-1-5-19..Run : [TOPI.EXE] C:Program Files (x86)TOSHIBATOSHIBA Online Product Informationtopi.exe /STARTUP
    04 – HKUS-1-5-20..Run : [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /autoRun
    04 – HKUS-1-5-20..Run : [TOPI.EXE] C:Program Files (x86)TOSHIBATOSHIBA Online Product Informationtopi.exe /STARTUP
    04 – HKUS-1-5-21-4192795423-3154527359-3879142809-1000..Run : [TOPI.EXE] C:Program Files (x86)TOSHIBATOSHIBA Online Product Informationtopi.exe /STAR
    04 – HKUS-1-5-21-4192795423-3154527359-3879142809-1000..Run : [Facebook Update] “C:UsersolessAppDataLocalFacebookUpdateFacebookUpdate.exe” /c /nocrashserver
    04 – HKUS-1-5-21-4192795423-3154527359-3879142809-1000..Run : [swg] “C:Program Files (x86)GoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe”
    04 – HKUS-1-5-18..Run : [TOPI.EXE] C:Program Files (x86)TOSHIBATOSHIBA Online Product Informationtopi.exe /STARTUP
    04 – HKUS-1-5-19..RunOnce : [mctadmin] C:WindowsSystem32mctadmin.exe
    04 – HKUS-1-5-20..RunOnce : [mctadmin] C:WindowsSystem32mctadmin.exe

    ################## | C: %SystemDrive% – Disque Fixe (NTFS) |

    [27/05/2011 – 15:00:51 | N | 0 Ko] – C:SWSTAMP.TXT
    [18/05/2014 – 18:35:43 | ASH | 2988036 Ko] – C:hiberfil.sys
    [18/05/2014 – 18:35:45 | ASH | 3984048 Ko] – C:pagefile.sys
    [20/06/2013 – 16:28:39 | N | 2 Ko] – C:RHDSetup.log
    [13/03/2014 – 22:17:39 | SHD] – C:$RECYCLE.BIN
    [14/07/2009 – 05:20:08 | D] – C:PerfLogs
    [14/07/2009 – 07:08:56 | SHD] – C:Documents and Settings
    [20/06/2013 – 16:23:17 | D] – C:Intel
    [20/06/2013 – 16:53:28 | D] – C:Users
    [21/06/2013 – 09:32:10 | D] – C:Toshiba
    [21/06/2013 – 15:08:52 | RHD] – C:MSOCache
    [17/02/2014 – 13:12:16 | HD] – C:ProgramData
    [02/03/2014 – 21:39:03 | D] – C:Program Files
    [13/05/2014 – 09:35:59 | D] – C:Windows
    [13/05/2014 – 20:10:56 | D] – C:Program Files (x86)
    [17/05/2014 – 03:00:40 | SHD] – C:System Volume Information
    [18/05/2014 – 22:12:56 | D] – C:UsbFix

    ################## | D: – Disque Fixe (NTFS) |

    [11/04/2008 – 10:07:18 | N | 6 Ko] – D:eula.1042.txt
    [11/04/2008 – 10:07:18 | N | 4 Ko] – D:eula.2052.txt
    [11/04/2008 – 10:07:18 | N | 4 Ko] – D:eula.1028.txt
    [11/04/2008 – 10:07:18 | N | 15 Ko] – D:eula.1031.txt
    [11/04/2008 – 10:07:18 | N | 10 Ko] – D:eula.1033.txt
    [11/04/2008 – 10:07:18 | N | 12 Ko] – D:eula.1036.txt
    [11/04/2008 – 10:07:18 | N | 14 Ko] – D:eula.1040.txt
    [11/04/2008 – 10:07:18 | N | 6 Ko] – D:eula.1041.txt
    [11/04/2008 – 10:07:18 | N | 10 Ko] – D:eula.1049.txt
    [11/04/2008 – 10:07:18 | N | 13 Ko] – D:eula.3082.txt
    [13/04/2012 – 13:26:54 | N | 5274 Ko] – D:44.pdf
    [11/04/2008 – 10:11:40 | N | 228 Ko] – D:VC_RED.MSI
    [11/04/2008 – 10:07:18 | N | 1 Ko] – D:install.ini
    [11/04/2008 – 10:07:18 | N | 1 Ko] – D:globdata.ini
    [11/04/2008 – 08:03:48 | N | 550 Ko | VirusTotal – (0/53)] – D:install.exe
    [14/04/2012 – 02:40:00 | N | 43 Ko] – D:Pierre et Marie Curie.docx
    [24/05/2012 – 14:00:08 | N | 233 Ko] – D:Marie Sklodowska.docx
    [24/05/2012 – 14:41:02 | N | 358 Ko] – D:oless.docx
    [11/04/2008 – 08:03:48 | N | 95 Ko | VirusTotal – (0/51)] – D:install.res.1036.dll
    [11/04/2008 – 08:03:48 | N | 93 Ko | VirusTotal – (0/50)] – D:install.res.1040.dll
    [11/04/2008 – 08:03:48 | N | 80 Ko | VirusTotal – (0/50)] – D:install.res.1041.dll
    [11/04/2008 – 08:03:48 | N | 78 Ko | VirusTotal – (0/50)] – D:install.res.1042.dll
    [11/04/2008 – 08:03:48 | N | 89 Ko | VirusTotal – (0/51)] – D:install.res.1033.dll
    [11/04/2008 – 08:03:48 | N | 94 Ko | VirusTotal – (0/51)] – D:install.res.1031.dll
    [11/04/2008 – 08:03:48 | N | 74 Ko | VirusTotal – (0/50)] – D:install.res.2052.dll
    [11/04/2008 – 08:03:48 | N | 94 Ko | VirusTotal – (0/51)] – D:install.res.3082.dll
    [11/04/2008 – 08:03:48 | N | 75 Ko | VirusTotal – (0/50)] – D:install.res.1028.dll
    [11/04/2008 – 10:09:24 | N | 91 Ko | VirusTotal – (0/49)] – D:install.res.1049.dll
    [11/04/2008 – 10:09:38 | N | 3708 Ko] – D:VC_RED.cab
    [11/04/2008 – 10:07:18 | N | 6 Ko] – D:vcredist.bmp
    [20/06/2013 – 16:55:06 | SHD] – D:$RECYCLE.BIN
    [21/03/2012 – 09:12:02 | SHD] – D:System Volume Information
    [21/03/2012 – 18:34:42 | D] – D:HDDRecovery

    ################## | F: – Disque USB (FAT) |

    [25/05/2009 – 22:47:00 | N | 0 Ko] – F:WMPInfo.xml
    [19/02/2013 – 13:44:58 | N | 0 Ko] – F:_disk_id.pod
    [31/08/2008 – 17:34:06 | N | 132 Ko] – F:WMLicense.dat
    [11/07/2012 – 17:24:42 | N | 132 Ko] – F:353760047528445WMLicense.dat
    [01/01/2007 – 00:00:00 | D] – F:predeftemp
    [01/01/2008 – 09:16:28 | D] – F:????
    [01/01/2008 – 09:16:28 | D] – F:??????
    [13/03/2009 – 18:23:50 | D] – F:Videos
    [01/01/2008 – 09:16:28 | D] – F:?????
    [04/09/2010 – 11:34:20 | SHD] – F:RECYCLER
    [08/09/2010 – 15:02:18 | D] – F:Photos
    [08/09/2010 – 15:33:06 | D] – F:Clips vidéo
    [09/09/2010 – 07:34:12 | D] – F:nokia_unprocessed_images_
    [21/02/2012 – 18:02:12 | D] – F:imgcache
    [27/03/2012 – 14:03:36 | D] – F:Playlists
    [10/07/2012 – 22:02:14 | D] – F:BlackBerry
    [28/04/2014 – 22:32:28 | SHD] – F:System Volume Information

    ################## | G: – Disque USB (FAT) |

    [07/05/2014 – 12:08:02 | N | 191 Ko] – G:Capture d’écran 2014-05-07 12.08.02.png
    [09/05/2014 – 11:10:54 | N | 161 Ko] – G:9052014_COMMANDE_C1842E52791O1599.pdf
    [13/05/2014 – 23:01:32 | N | 679 Ko] – G:Al-Air.odp
    [19/11/2013 – 01:59:38 | N | 724830 Ko] – G:2.Guns.2013.FRENCH.DVDRip.XviD-RELiC.[emule-island.ru].avi
    [28/04/2014 – 22:02:14 | N | 719874 Ko] – G:Homefront 2013 FRENCH BRRiP XviD-CARPEDIEM.avi
    [28/04/2014 – 22:36:08 | SHD] – G:System Volume Information

    ################## | Vaccin |

    D:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
    F:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
    G:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)

    ################## | E.O.F | https://www.sosvirus.net/ | http://www.usbfix.net/ |

    Anonyme
    Nombre d'articles : 0

    :hello: ,

    • Télécharge Adwcleaner (de Xplode) sur ton Bureau !
    • Fais clic droit dessus, exécuter en tant qu’administrateur sous Windows : 7/8 et Vista,sinon double-clique pour XP.
      1. Choisis l’option Scanner
      2. Choisis l’option Nettoyer
    • Accepte l’avertissement en cliquant sur OK

    • Accepte les avertissements/informations en cliquant sur OK
    • Copie et Colle le contenu du rapport qui apparaît au redémarrage du PC.
6 sujets de 1 à 6 (sur un total de 6)
  • Vous devez être connecté pour répondre à ce sujet.