nanoushka
Nombre d'articles : 0

Si si j’ai connecté mes périphériques USB sans les ouvrir .
Voici le rapport de suppression :
############################## | UsbFix V 7.155 | [Suppression]

Utilisateur: acer (Administrateur) # PC-DE-ACER
Mis à jour le 16/12/2013 par El Desaparecido – Team SosVirus
Lancé à 18:49:29 | 19/12/2013

Site Web : http://www.usbfix.net” onclick=”window.open(this.href);return false;
Forum : https://www.sosvirus.net/” onclick=”window.open(this.href);return false;
Upload Malware : upload_malware.php
Contact : http://www.usbfix.net/contact/” onclick=”window.open(this.href);return false;

PC: Acer, Inc. (Makalu )
CPU: Intel(R) Core(TM)2 Duo CPU T5800 @ 2.00GHz
RAM -> [Total : 3066 | Free : 1882]
Bios: Acer
Boot: Normal boot

OS: Microsoft® Windows Vista™ Édition Familiale Premium (6.0.6002 32-Bit) Service Pack 2
WB: Windows Internet Explorer : 9.0.8112.16421
WB: Mozilla Firefox : 25.0.1

SC: Security Center Service [Enabled]
WU: Windows Update Service [Enabled]
AV: AVG Internet Security [Enabled | Updated]
AS: Windows Defender : 1.1.1600.0
FW: Windows FireWall Service [Enabled]

C: (%systemdrive%) -> Disque fixe # 144 Go (24 Go libre(s) – 17%) [ACER] # NTFS
D: -> Disque fixe # 140 Go (120 Go libre(s) – 85%) [DATA] # NTFS
E: -> Disque fixe # 932 Go (588 Go libre(s) – 63%) [] # NTFS
F: -> CD-ROM
G: -> Disque amovible # 8 Go (8 Go libre(s) – 99%) [] # NTFS

################## | Processus Stoppés |

Stoppé! C:Program FilesAVGAVG9Identity ProtectionAgentBinAVGIDSAgent.exe (ID: 996 |ParentID: 696)
Stoppé! C:Program FilesAVGAVG9avgwdsvc.exe (ID: 2636 |ParentID: 696)
Stoppé! C:Program FilesAVGAVG9avgam.exe (ID: 2984 |ParentID: 2636)
Stoppé! C:Program FilesAVGAVG9avgtray.exe (ID: 4700 |ParentID: 232)
Stoppé! C:Program FilesAVGAVG9avgchsvx.exe (ID: 1396 |ParentID: 2636)
Stoppé! C:Program FilesAVGAVG9avgemc.exe (ID: 5560 |ParentID: 696)
Stoppé! C:Program FilesAVGAVG9avgcsrvx.exe (ID: 4592 |ParentID: 5560)
Stoppé! C:Program FilesAVGAVG9avgnsx.exe (ID: 5304 |ParentID: 2636)
Stoppé! C:Program FilesAVGAVG9avgrsx.exe (ID: 4100 |ParentID: 2636)
Stoppé! C:Program FilesAVGAVG9avgcsrvx.exe (ID: 2248 |ParentID: 4100)
Stoppé! C:Program FilesAVGAVG9avgcsrvx.exe (ID: 952 |ParentID: 5304)
Stoppé! C:Program FilesAVGAVG9Identity Protectionagentbinavgidsmonitor.exe (ID: 4216 |ParentID: 4700)
Stoppé! C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSVC.EXE (ID: 4816 |ParentID: 696)
Stoppé! C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSvcM.exe (ID: 3268 |ParentID: 4816)
Stoppé! C:Windowssystem32SearchIndexer.exe (ID: 2616 |ParentID: 696)
Stoppé! C:Program FilesWindows Media Playerwmpnetwk.exe (ID: 664 |ParentID: 696)
Stoppé! C:WindowsSystem32spoolsv.exe (ID: 4276 |ParentID: 696)
Stoppé! C:Program FilesAcerEmpowering TechnologyServiceETService.exe (ID: 3084 |ParentID: 696)
Stoppé! C:Windowssystem32SLsvc.exe (ID: 1880 |ParentID: 696)
Stoppé! C:WindowsSystem32WUDFHost.exe (ID: 5096 |ParentID: 1228)
Stoppé! C:Program FilesWindows Media Playerwmpnscfg.exe (ID: 2888 |ParentID: 2060)
Stoppé! C:Windowssystem32taskeng.exe (ID: 5316 |ParentID: 1240)

################## | Regedit Run |

04 – HKLMSOFTWARE | Run : [Windows Defender] – %ProgramFiles%Windows DefenderMSASCui.exe -hide
04 – HKLMSOFTWARE | Run : [IAAnotif] – C:Program FilesIntelIntel Matrix Storage Manageriaanotif.exe
04 – HKLMSOFTWARE | Run : [RtHDVCpl] – RtHDVCpl.exe
04 – HKLMSOFTWARE | Run : [SynTPEnh] – C:Program FilesSynapticsSynTPSynTPEnh.exe
04 – HKLMSOFTWARE | Run : [eDataSecurity Loader] – C:Program FilesAcerEmpowering TechnologyeDataSecurityx86eDSloader.exe
04 – HKLMSOFTWARE | Run : [eAudio] – “C:Program FilesAcerEmpowering TechnologyeAudioeAudio.exe”
04 – HKLMSOFTWARE | Run : [BkupTray] – “C:Program FilesNewTech InfosystemsNTI Backup Now 5BkupTray.exe”
04 – HKLMSOFTWARE | Run : [NvCplDaemon] – RUNDLL32.EXE C:Windowssystem32NvCpl.dll,NvStartup
04 – HKLMSOFTWARE | Run : [NvMediaCenter] – RUNDLL32.EXE C:Windowssystem32NvMcTray.dll,NvTaskbarInit
04 – HKLMSOFTWARE | Run : [PLFSetI] – C:WindowsPLFSetI.exe
04 – HKLMSOFTWARE | Run : [LManager] – C:PROGRA~1LAUNCH~1QtZgAcer.EXE
04 – HKLMSOFTWARE | Run : [ePower_DMC] – C:Program FilesAcerEmpowering TechnologyePowerePower_DMC.exe
04 – HKLMSOFTWARE | Run : [ZPdtWzdVitaKey MC3000] – “C:Program FilesAcerAcer Bio ProtectionPdtWzd.exe” show
04 – HKLMSOFTWARE | Run : [ArcadeDeluxeAgent] – “C:Program FilesAcer Arcade DeluxeAcer Arcade DeluxeArcadeDeluxeAgent.exe”
04 – HKLMSOFTWARE | Run : [CLMLServer] – “C:Program FilesAcer Arcade DeluxeAcer Arcade DeluxeKernelCLMLCLMLSvc.exe”
04 – HKLMSOFTWARE | Run : [PlayMovie] – “C:Program FilesAcer Arcade DeluxePlayMoviePMVService.exe”
04 – HKLMSOFTWARE | Run : [WarReg_PopUp] – C:Program FilesAcerWR_PopUpWarReg_PopUp.exe
04 – HKLMSOFTWARE | Run : [Skytel] – Skytel.exe
04 – HKLMSOFTWARE | Run : [AVG9_TRAY] – C:PROGRA~1AVGAVG9avgtray.exe
04 – HKLMSOFTWARE | Run : [Adobe ARM] – “C:Program FilesCommon FilesAdobeARM1.0AdobeARM.exe”
04 – HKLMSOFTWARE | Run : [vProt] – “C:Program FilesAVG Secure Searchvprot.exe”
04 – HKLMSOFTWARE | Run : [BCSSync] – “C:Program FilesMicrosoft OfficeOffice14BCSSync.exe” /DelayServices
04 – HKLMSOFTWARE | Run : [SunJavaUpdateSched] – “C:Program FilesCommon FilesJavaJava Updatejusched.exe”
04 – HKLMSOFTWARE | RunOnce : [] –
04 – HKUS-1-5-19SOFTWARE | Run : [Sidebar] – %ProgramFiles%Windows SidebarSidebar.exe /detectMem
04 – HKUS-1-5-19SOFTWARE | Run : [WindowsWelcomeCenter] – rundll32.exe oobefldr.dll,ShowWelcomeCenter
04 – HKUS-1-5-20SOFTWARE | Run : [Sidebar] – %ProgramFiles%Windows SidebarSidebar.exe /detectMem
04 – HKUS-1-5-20SOFTWARE | Run : [WindowsWelcomeCenter] – rundll32.exe oobefldr.dll,ShowWelcomeCenter
04 – HKUS-1-5-21-1101297403-149900660-2789787620-1000SOFTWARE | Run : [ehTray.exe] – C:WindowsehomeehTray.exe
04 – HKUS-1-5-21-1101297403-149900660-2789787620-1000SOFTWARE | Run : [IDMan] – C:Program FilesInternet Download ManagerIDMan.exe /onboot
04 – HKUS-1-5-21-1101297403-149900660-2789787620-1000SOFTWARE | Run : [Updater] – wscript.exe //B “C:UsersacerAppDataRoamingUpdater.vbe”
04 – HKUS-1-5-21-1101297403-149900660-2789787620-1000SOFTWARE | Run : [Sidebar] – C:Program FilesWindows Sidebarsidebar.exe /autoRun
04 – HKUS-1-5-21-1101297403-149900660-2789787620-1000SOFTWARE | Run : [WMPNSCFG] – C:Program FilesWindows Media PlayerWMPNSCFG.exe

################## | Recherche générique |

Supprimé! C:UsersacerAppDataRoamingUpdater.vbe
Supprimé! C:UsersacerAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupUpdater.vbe
Supprimé! C:Windowssystem32acer.exe
Supprimé! C:Windowssystem32acer.scr
Supprimé! G:Updater.vbe
Supprimé! C:UsersacerAppDataLocalTempRtkBtMnt.exe

(!) Fichiers temporaires supprimés. (12 Ko)

################## | Référence de comparaison MD5 |

Md5 : 2C939780378C39AD990C7A2F7D76A55D -> C:UsersacerAppDataRoamingUpdater.vbe
Md5 : 2C939780378C39AD990C7A2F7D76A55D -> C:UsersacerAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupUpdater.vbe
Md5 : D5F8193EE7BC39A443039A956A4BCD53 -> C:Windowssystem32acer.exe
Md5 : 6FA7D775C16782A7AAE9CA9AE0F458CE -> C:Windowssystem32acer.scr
Md5 : 2C939780378C39AD990C7A2F7D76A55D -> G:Updater.vbe

################## | Comparaison MD5 |

-> Pas de valeur Md5 identique trouvée.

################## | Registre |

Supprimé! HKUS-1-5-21-1101297403-149900660-2789787620-1000SoftwareMicrosoftWindowsCurrentVersionRun|Updater
Supprimé! HKUS-1-5-21-1101297403-149900660-2789787620-1000Software….Mountpoints2{75554f84-2189-11e0-9299-db2fca7586f3}
Supprimé! HKUS-1-5-21-1101297403-149900660-2789787620-1000Software….Mountpoints2{d0485c13-be69-11de-b0b1-001e68f777df}

################## | Listing |

[29/09/2008 – 16:38:51 | N | 0 Ko] – C:Partition.txt
[19/12/2013 – 18:41:28 | N | 14 Ko] – C:UsbFix [Scan 1] PC-DE-ACER.txt
[19/12/2013 – 18:56:28 | A | 8 Ko] – C:UsbFix [Clean 1] PC-DE-ACER.txt
[18/09/2006 – 22:43:37 | N | 0 Ko] – C:config.sys
[19/12/2013 – 16:32:14 | ASH | 3446720 Ko] – C:pagefile.sys
[19/12/2013 – 16:32:16 | ASH | 3140476 Ko] – C:hiberfil.sys
[25/07/2008 – 13:41:28 | N | 0 Ko] – C:RHDSetup.log
[29/09/2008 – 16:45:49 | N | 0 Ko] – C:Medion.ini
[11/07/2009 – 10:21:18 | SHD] – C:$RECYCLE.BIN
[18/09/2006 – 22:43:36 | A | 0 Ko] – C:autoexec.bat
[25/07/2008 – 22:59:46 | N | 8 Ko] – C:BOOTSECT.BAK
[02/11/2006 – 14:02:03 | SHD] – C:Documents and Settings
[21/01/2008 – 03:32:31 | D] – C:PerfLogs
[11/06/2008 – 06:55:48 | D] – C:TEMP
[25/07/2008 – 14:36:49 | D] – C:book
[29/09/2008 – 16:45:49 | D] – C:CLSetup
[11/04/2009 – 07:36:36 | RASH | 325 Ko] – C:bootmgr
[11/07/2009 – 10:19:06 | D] – C:Users
[11/07/2009 – 10:19:17 | D] – C:ACERSW
[08/11/2009 – 18:07:26 | D] – C:ACER
[03/12/2009 – 17:21:31 | D] – C:Intel
[04/03/2010 – 17:33:21 | D] – C:$AVG
[17/09/2011 – 05:49:41 | D] – C:78976931587a278776
[22/10/2011 – 17:27:22 | D] – C:Downloads
[13/12/2011 – 17:02:18 | RHD] – C:MSOCache
[20/11/2012 – 17:03:51 | SHD] – C:Boot
[12/03/2013 – 22:09:11 | D] – C:GSFNOTE
[22/07/2013 – 18:57:31 | D] – C:HSF
[11/12/2013 – 16:51:31 | D] – C:Program Files
[13/12/2013 – 09:47:03 | D] – C:Windows
[13/12/2013 – 17:14:11 | HD] – C:ProgramData
[15/12/2013 – 16:16:29 | SHD] – C:System Volume Information
[19/12/2013 – 18:56:13 | D] – C:UsbFix
[08/01/2010 – 11:08:45 | N | 0 Ko] – D:.~lock.Hépatites viralze.ppt#
[19/12/2013 – 18:41:27 | RASHD] – D:Autorun.inf
[29/09/2008 – 16:25:28 | SHD] – D:$RECYCLE.BIN
[22/05/2010 – 16:40:06 | D] – D:$AVG
[01/07/2011 – 19:55:53 | SHD] – D:System Volume Information
[03/08/2013 – 10:00:39 | D] – D:Cuisine
[03/08/2013 – 10:00:46 | D] – D:Divers
[31/08/2013 – 18:29:10 | D] – D:Bleach
[28/09/2013 – 17:05:49 | D] – D:Apprendre le japonais
[05/10/2013 – 17:06:49 | D] – D:Bibliothèque calibre
[03/12/2013 – 17:15:10 | D] – D:Sémiologie
[06/12/2013 – 20:40:00 | D] – D:Pédiatrie
[08/12/2013 – 15:32:43 | D] – D:dossier papa
[12/12/2013 – 20:40:29 | D] – D:51a34fdb6da1c6605841
[19/12/2013 – 18:41:27 | RASHD] – E:Autorun.inf
[21/10/2011 – 18:37:50 | SHD] – E:$RECYCLE.BIN
[11/11/2011 – 18:52:36 | SHD] – E:RECYCLER
[15/07/2012 – 00:20:54 | SHD] – E:System Volume Information
[03/12/2012 – 15:40:11 | D] – E:Médecine
[08/01/2013 – 15:25:48 | D] – E:Livres Epub
[04/05/2013 – 10:58:07 | D] – E:Mangas
[25/07/2013 – 00:08:06 | D] – E:Romans
[25/07/2013 – 00:14:41 | D] – E:Séries
[03/09/2013 – 18:31:51 | D] – E:Films
[08/12/2013 – 09:00:39 | D] – E:med vrac
[19/12/2013 – 18:41:28 | RASHD] – G:Autorun.inf

################## | Vaccin |

D:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
E:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
G:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)

################## | E.O.F | http://www.usbfix.net” onclick=”window.open(this.href);return false; – https://www.sosvirus.net” onclick=”window.open(this.href);return false; |

Mon antivirus AVG ( identity protection) a détecté le fichier C:USBFIXGO.EXE comme un code malicieux et me demande de le mettre en quarantaine , que faire ??