sylvie
Participant
Nombre d'articles : 11

Voici ce que j’ai obtenu !
[spoiler:2yn27a49]############################## | UsbFix V 7.146 | [Suppression]

Utilisateur: Sylvie Inspiron (Administrateur) # SYLVIEINSPIRON
Mis à jour le 28/10/2013 par El Desaparecido – Team SosVirus
Lancé à 18:51:33 | 30/10/2013

Site Web: http://www.usbfix.net/” onclick=”window.open(this.href);return false;
Forum : https://www.sosvirus.net/” onclick=”window.open(this.href);return false;
Upload Malware: upload_malware.php
Contact: http://www.usbfix.net/contact/” onclick=”window.open(this.href);return false;

PC: Dell Inc. (0UK437)
CPU: Intel(R) Core(TM)2 Duo CPU T7250 @ 2.00GHz
RAM -> [Total : 3070 | Free : 1613]
Bios: Dell Inc.
Boot: Normal boot

OS: Microsoft Windows 7 Édition Familiale Premium (6.1.7601 64-Bit) Service Pack 1
WB: Windows Internet Explorer : 10.0.9200.16721
WB: Google Chrome : 30.0.1599.101
WB: Mozilla Firefox : 24.0

SC: Security Center Service [Enabled]
WU: Windows Update Service [Enabled]
AV: avast! Antivirus [Enabled | Updated]
AS: Windows Defender : 6.1.7600.16385 (win7_rtm.090713-1255)
FW: Windows FireWall Service [Enabled]

C: (%systemdrive%) -> Disque fixe # 466 Go (427 Go libre(s) – 92%) [] # NTFS
D: -> Disque fixe # 233 Go (229 Go libre(s) – 99%) [Sylvie] # NTFS
E: -> Disque amovible # 15 Go (14 Go libre(s) – 99%) [] # FAT32
F: -> CD-ROM
G: -> Disque fixe # 466 Go (206 Go libre(s) – 44%) [Elements] # FAT32

################## | Processus Stoppés |

Stoppé! C:Windowssystem32nvvsvc.exe (ID: 800 |ParentID: 556)
Stoppé! C:Program FilesAVAST SoftwareAvastAvastSvc.exe (ID: 1156 |ParentID: 556)
Stoppé! C:ProgramDataeSafeeGdpSvc.exe (ID: 1316 |ParentID: 556)
Stoppé! C:Program FilesNVIDIA CorporationDisplaynvxdsync.exe (ID: 1368 |ParentID: 800)
Stoppé! C:Windowssystem32nvvsvc.exe (ID: 1376 |ParentID: 800)
Stoppé! C:Windowssystem32taskhost.exe (ID: 1992 |ParentID: 556)
Stoppé! C:WindowsExplorer.EXE (ID: 1204 |ParentID: 2040)
Stoppé! C:WindowsSystem32wscript.exe (ID: 1952 |ParentID: 1204)
Stoppé! C:Program FilesAVAST SoftwareAvastavastui.exe (ID: 2124 |ParentID: 2068)
Stoppé! C:Program Files (x86)Mozilla Firefoxfirefox.exe (ID: 2524 |ParentID: 1204)
Stoppé! C:WindowsSystem32spoolsv.exe (ID: 2664 |ParentID: 556)
Stoppé! C:Program Files (x86)TuneUp Utilities 2011TuneUpUtilitiesService64.exe (ID: 2416 |ParentID: 556)
Stoppé! C:Program Files (x86)WhilokiiupdateWhilokii.exe (ID: 2440 |ParentID: 556)
Stoppé! C:Program Files (x86)TuneUp Utilities 2011TuneUpUtilitiesApp64.exe (ID: 2620 |ParentID: 2416)
Stoppé! C:Program FilesWindows Media Playerwmpnetwk.exe (ID: 3468 |ParentID: 556)
Stoppé! C:WindowsSystem32WUDFHost.exe (ID: 3904 |ParentID: 968)
Stoppé! C:WindowsSystem32WUDFHost.exe (ID: 4888 |ParentID: 968)
Stoppé! C:Windowssystem32taskeng.exe (ID: 3784 |ParentID: 1020)

################## | Regedit Run |

HKLMSOFTWARE | Run : [] –
HKLMSOFTWARE | Run : [AvastUI.exe] – “C:Program FilesAVAST SoftwareAvastAvastUI.exe” /nogui
HKLMSOFTWAREwow6432Node | Run : [] –
HKLMSOFTWAREwow6432Node | Run : [AvastUI.exe] – “C:Program FilesAVAST SoftwareAvastAvastUI.exe” /nogui
HKLMSOFTWARE | RunOnce : [] –
HKLMSOFTWAREwow6432Node | RunOnce : [] –
HKUS-1-5-19SOFTWARE | Run : [Sidebar] – %ProgramFiles%Windows SidebarSidebar.exe /autoRun
HKUS-1-5-20SOFTWARE | Run : [Sidebar] – %ProgramFiles%Windows SidebarSidebar.exe /autoRun
HKUS-1-5-21-4179471080-3057627911-3978757454-1000SOFTWARE | Run : [iTunesHelper] – wscript.exe //B “C:UsersSYLVIE~1AppDataLocalTempiTunesHelper.vbe”
HKUS-1-5-19SOFTWARE | RunOnce : [mctadmin] – C:WindowsSystem32mctadmin.exe
HKUS-1-5-20SOFTWARE | RunOnce : [mctadmin] – C:WindowsSystem32mctadmin.exe

################## | Référence de comparaison MD5 |

Md5 : aed4faf279abf7d7605e81707be3ce64 -> C:UsersSylvie InspironAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupiTunesHelper.vbe
Md5 : aed4faf279abf7d7605e81707be3ce64 -> C:UsersSYLVIE~1AppDataLocalTempiTunesHelper.vbe
Md5 : aed4faf279abf7d7605e81707be3ce64 -> E:iTunesHelper.vbe

################## | Recherche générique |

Supprimé! E:iTunesHelper.vbe
Supprimé! C:UsersSYLVIE~1AppDataLocalTempiTunesHelper.vbe
Supprimé! C:UsersSylvie InspironAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupiTunesHelper.vbe
Supprimé! E:Badge étudiant.lnk
Supprimé! E:CARL.lnk
Supprimé! E:Vaccino.lnk
Supprimé! E:Wifi Jerem.lnk
Supprimé! E:Autorun.inf.lnk
Supprimé! G:$RECYCLE.BIN$RPP6GHO.exe
Supprimé! G:$RECYCLE.BIN$RGX9FGL.exe
Supprimé! G:$RECYCLE.BIN$RC3EFUY.exe
Supprimé! G:$RECYCLE.BIN$R3UKACZ.exe
Supprimé! G:$RECYCLE.BIN$RFG4B1S.exe
Supprimé! G:$RECYCLE.BIN$R33ADC6.exe
Supprimé! G:$RECYCLE.BIN$RQRG82L.exe
Supprimé! G:$RECYCLE.BIN$RW1N2JM.exe
Supprimé! C:WindowsTasksUpdaterEX.job
Supprimé! G:autorun.inf

(!) Fichiers temporaires supprimés.

################## | Comparaison MD5 |

################## | Registre |

Réparé ! HKLMSoftwareMicrosoftWindowsCurrentVersionPoliciesExplorer|NoActiveDesktop -> 0
Réparé ! HKLMSoftwareMicrosoftWindowsCurrentVersionPoliciesExplorer|NoActiveDesktopChanges -> 0
Supprimé! HKUS-1-5-21-4179471080-3057627911-3978757454-1000SoftwareMicrosoftWindowsCurrentVersionRun|iTunesHelper
Supprimé! HKUS-1-5-21-4179471080-3057627911-3978757454-1000Software….Mountpoints2{7614e0b0-34fe-11e3-b735-806e6f6e6963}

################## | Listing |

[14/10/2013 – 18:04:06 | SHD ] C:$Recycle.Bin
[22/10/2013 – 21:21:06 | SHD ] C:Config.Msi
[14/07/2009 – 06:08:56 | SHD ] C:Documents and Settings
[30/10/2013 – 17:41:51 | ASH | 2414379008] C:hiberfil.sys
[17/10/2013 – 18:21:05 | RHD ] C:MSOCache
[30/10/2013 – 17:41:53 | ASH | 3219173376] C:pagefile.sys
[14/07/2009 – 04:20:08 | D ] C:PerfLogs
[22/10/2013 – 21:16:28 | D ] C:Program Files
[22/10/2013 – 21:02:31 | D ] C:Program Files (x86)
[20/10/2013 – 22:47:37 | HD ] C:ProgramData
[14/10/2013 – 18:03:43 | SHD ] C:Recovery
[29/10/2013 – 20:53:12 | SHD ] C:System Volume Information
[30/10/2013 – 18:53:02 | D ] C:UsbFix
[30/10/2013 – 18:55:04 | A | 6050] C:UsbFix [Clean 2] SYLVIEINSPIRON.txt
[30/10/2013 – 18:39:01 | N | 6367] C:UsbFix [Scan 1] SYLVIEINSPIRON.txt
[14/10/2013 – 18:03:51 | RD ] C:Users
[29/10/2013 – 20:53:53 | D ] C:Windows
[17/10/2013 – 21:24:57 | SHD ] D:$RECYCLE.BIN
[17/10/2013 – 21:27:35 | D ] D:epmpro_6511
[17/10/2013 – 21:27:57 | D ] D:off-pro-2013-64Bits
[17/10/2013 – 21:28:19 | D ] D:Roxio Easy CD Créator-Original-2010
[17/10/2013 – 21:24:44 | SHD ] D:System Volume Information
[17/10/2013 – 21:39:48 | D ] D:Tune up Utilities FR 2011 + Keygen 2009-2010-2011
[28/10/2013 – 20:32:24 | SHD ] E:Autorun.inf
[20/10/2013 – 18:45:46 | N | 157184] E:Badge étudiant.pub
[25/10/2013 – 15:36:34 | N | 53012546] E:CARL.m4a
[25/10/2013 – 15:36:34 | N | 28240042] E:Vaccino.m4a
[19/10/2013 – 12:48:44 | N | 11325] E:Wifi Jerem.docx
[09/02/2006 – 14:59:36 | D ] G:autorun
[02/10/2008 – 13:04:54 | SHD ] G:System Volume Information
[02/10/2008 – 19:09:08 | D ] G:Recycled
[01/11/2008 – 08:40:46 | D ] G:VProRecovery
[18/11/2010 – 19:26:52 | SHD ] G:$RECYCLE.BIN
[23/09/2010 – 22:25:36 | D ] G:Photos
[03/04/2010 – 20:14:58 | D ] G:Sms Iphone sauvegarde 2010
[05/03/2011 – 22:36:28 | D ] G:Musique + photos
[11/04/2011 – 20:51:12 | D ] G:Films
[11/04/2011 – 20:52:56 | D ] G:Musiques
[12/02/2011 – 17:50:44 | N | 3458] G:TET001.gif
[26/04/2010 – 07:59:20 | D ] G:Documents
[07/10/2008 – 17:29:16 | D ] G:My Web Sites on MSN
[15/09/2012 – 20:04:14 | D ] G:Jerem
[13/09/2012 – 16:42:44 | D ] G:Dinant+espagne février 2012
[18/07/2012 – 09:12:24 | N | 13893] G:Jerem 18-07-12.docx
[22/11/2012 – 21:33:08 | D ] G:PUB soirée CLV
[22/11/2012 – 00:36:52 | D ] G:Copie clé usb
[05/11/2011 – 11:23:58 | D ] G:Diaporama 18 ans Céline
[24/11/2012 – 14:06:14 | D ] G:Cours VT
[16/08/2012 – 15:22:12 | D ] G:Fond d'écran
[02/01/2013 – 12:13:16 | D ] G:Film 2012
[06/10/2013 – 22:53:48 | D ] G:Planckendael 2013
[05/03/2013 – 16:55:54 | D ] G:1.03.13 soirée déguisée
[28/03/2013 – 14:11:28 | D ] G:Anniversaire Agathe
[03/10/2013 – 07:41:26 | D ] G:Pile-Poil
[13/10/2013 – 11:50:28 | D ] G:Backup E Pc 2013(13 octobre)
[13/10/2013 – 12:33:56 | D ] G:Backup Dell 2013 (13 octobre)

################## | Vaccin |

E:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)

################## | E.O.F | http://www.usbfix.net” onclick=”window.open(this.href);return false; – https://www.sosvirus.net” onclick=”window.open(this.href);return false; |[/spoiler:2yn27a49]