Répondre à : recherche avec USBFix 2016-09-08T13:13:42+00:00
beckychou
Nombre d'articles : 0

bonjour, voici le rapport après la suppression

############################## | UsbFix V 7.149 | [Suppression]

Utilisateur: proprietaire (Administrateur) # PC-DE-PROPRIETA
Mis à jour le 03/11/2013 par El Desaparecido – Team SosVirus
Lancé à 07:39:51 | 04/11/2013

Site Web: http://www.usbfix.net/” onclick=”window.open(this.href);return false;
Forum : https://www.sosvirus.net/” onclick=”window.open(this.href);return false;
Upload Malware: upload_malware.php
Contact: http://www.usbfix.net/contact/” onclick=”window.open(this.href);return false;

PC: Acer (Navarro)
CPU: Mobile AMD Sempron(tm) Processor 3500+
RAM -> [Total : 1789 | Free : 280]
Bios: Acer
Boot: Normal boot

OS: Microsoft® Windows Vista™ Édition Familiale Basique (6.0.6002 32-Bit) Service Pack 2
WB: Windows Internet Explorer : 9.0.8112.16421
WB: Google Chrome : 30.0.1599.101

SC: Security Center Service [Enabled]
WU: Windows Update Service [Enabled]
AV: avast! Antivirus [Enabled | Updated]
AS: Windows Defender : 1.1.1600.0
FW: Windows FireWall Service [Enabled]

C: (%systemdrive%) -> Disque fixe # 298 Go (186 Go libre(s) – 62%) [] # NTFS
D: -> CD-ROM
E: -> Disque amovible # 4 Go (3 Go libre(s) – 90%) [BECKY] # FAT32
F: -> Disque amovible # 4 Go (4 Go libre(s) – 98%) [LEXAR] # FAT32

################## | Référence de comparaison MD5 |

Md5 : 32bef3bb4b558ade6cf41113628fc86d -> C:UsersproprietaireAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupiTunesHelper.vbe
Md5 : DENIED -> C:UsersPROPRI~1AppDataLocalTempiTunesHelper.vbe
Md5 : 32bef3bb4b558ade6cf41113628fc86d -> E:iTunesHelper.vbe
Md5 : 32bef3bb4b558ade6cf41113628fc86d -> F:iTunesHelper.vbe

################## | Processus Stoppés |

Stoppé! C:Windowssystem32Ati2evxx.exe (ID: 1008 |ParentID: 640)
Stoppé! C:Windowssystem32SLsvc.exe (ID: 1256 |ParentID: 640)
Stoppé! C:Program FilesAlwil SoftwareAvast5AvastSvc.exe (ID: 1628 |ParentID: 640)
Stoppé! C:Windowssystem32Ati2evxx.exe (ID: 1696 |ParentID: 1008)
Stoppé! C:WindowsExplorer.EXE (ID: 1744 |ParentID: 1684)
Stoppé! C:WindowsSystem32spoolsv.exe (ID: 300 |ParentID: 640)
Stoppé! C:Windowssystem32taskeng.exe (ID: 308 |ParentID: 1136)
Stoppé! C:Windowssystem32taskeng.exe (ID: 1456 |ParentID: 1136)
Stoppé! C:Program FilesCommon FilesAOLACSAOLAcsd.exe (ID: 1328 |ParentID: 640)
Stoppé! C:PROGRA~1COMMON~1France TelecomShared ModulesFTRTSVCFTRTSVC.exe (ID: 504 |ParentID: 640)
Stoppé! C:Program FilesCommon FilesLogishrdLVMVFMLVPrcSrv.exe (ID: 1872 |ParentID: 640)
Stoppé! C:Program FilesWajamUpdaterWajamUpdater.exe (ID: 2220 |ParentID: 640)
Stoppé! C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSVC.EXE (ID: 2324 |ParentID: 640)
Stoppé! C:Windowssystem32SearchIndexer.exe (ID: 2392 |ParentID: 640)
Stoppé! C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSvcM.exe (ID: 2476 |ParentID: 2324)
Stoppé! C:Program FilesWindows DefenderMSASCui.exe (ID: 2968 |ParentID: 1744)
Stoppé! C:Program FilesRealtekAudioHDARtHDVCpl.exe (ID: 3044 |ParentID: 1744)
Stoppé! C:Program FilesQuickTimeqttask.exe (ID: 3092 |ParentID: 1744)
Stoppé! C:Program FilesCommon FilesAOL1293395001eeaolsoftware.exe (ID: 3132 |ParentID: 1744)
Stoppé! C:Program FilesAlwil SoftwareAvast5AvastUI.exe (ID: 3144 |ParentID: 1744)
Stoppé! C:Program FilesLogitechLWSWebcam SoftwareLWS.exe (ID: 3164 |ParentID: 1744)
Stoppé! C:Program FilesCommon FilesJavaJava Updatejusched.exe (ID: 3188 |ParentID: 1744)
Stoppé! C:Program FilesAsk.comUpdaterUpdater.exe (ID: 3204 |ParentID: 1744)
Stoppé! C:Program FilesCardDetectorHUAWEICardDetector.exe (ID: 3224 |ParentID: 1744)
Stoppé! C:Program FilesWindows Sidebarsidebar.exe (ID: 3256 |ParentID: 1744)
Stoppé! C:Program FilesLogitechVidVid.exe (ID: 3268 |ParentID: 1744)
Stoppé! C:Program FilesWindows Media Playerwmpnscfg.exe (ID: 3308 |ParentID: 1744)
Stoppé! C:WindowsSystem32wscript.exe (ID: 3320 |ParentID: 1744)
Stoppé! C:Program FilesMicro ApplicationLauncherMA.exe (ID: 3356 |ParentID: 1744)
Stoppé! C:Program FilesATI TechnologiesATI.ACECore-StaticMOM.exe (ID: 3416 |ParentID: 3060)
Stoppé! C:Program FilesAOL 9.0 VRwaol.exe (ID: 3632 |ParentID: 3336)
Stoppé! C:Program FilesOpenOffice.org 3programsoffice.exe (ID: 3692 |ParentID: 3376)
Stoppé! C:Program FilesLogitechLWSWebcam SoftwareCameraHelperShell.exe (ID: 3712 |ParentID: 3164)
Stoppé! C:Program FilesOpenOffice.org 3programsoffice.bin (ID: 3844 |ParentID: 3692)
Stoppé! C:Program FilesWindows Media Playerwmpnetwk.exe (ID: 3880 |ParentID: 640)
Stoppé! C:Program FilesCommon FilesLogishrdLQCVFXCOCIManager.exe (ID: 3900 |ParentID: 836)
Stoppé! C:Program FilesATI TechnologiesATI.ACECore-StaticCCC.exe (ID: 1768 |ParentID: 3416)
Stoppé! C:Program FilesGoogleChromeApplicationchrome.exe (ID: 3172 |ParentID: 1744)
Stoppé! C:Program FilesGoogleChromeApplicationchrome.exe (ID: 3532 |ParentID: 3172)
Stoppé! C:Program FilesGoogleChromeApplicationchrome.exe (ID: 2252 |ParentID: 3172)
Stoppé! C:Program FilesGoogleChromeApplicationchrome.exe (ID: 4264 |ParentID: 3172)
Stoppé! C:Program FilesAOL 9.0 VRshellmon.exe (ID: 4552 |ParentID: 3632)
Stoppé! C:Program FilesLogitechLWSLULULnchr.exe (ID: 4684 |ParentID: 3164)
Stoppé! C:Program FilesLogitechLWSLULogitechUpdate.exe (ID: 4776 |ParentID: 4684)
Stoppé! C:Program FilesGoogleChromeApplicationchrome.exe (ID: 4888 |ParentID: 3172)
Stoppé! C:Windowssystem32SearchProtocolHost.exe (ID: 5104 |ParentID: 2392)
Stoppé! C:Program FilesGoogleChromeApplicationchrome.exe (ID: 5380 |ParentID: 3172)
Stoppé! C:Windowssystem32WUDFHost.exe (ID: 4912 |ParentID: 1124)
Stoppé! C:Windowssystem32taskeng.exe (ID: 6076 |ParentID: 1136)
Stoppé! C:Windowssystem32conime.exe (ID: 5136 |ParentID: 1360)
Stoppé! C:Windowssystem32SearchFilterHost.exe (ID: 2768 |ParentID: 2392)

################## | Regedit Run |

04 – HKLMSOFTWARE | Run : [Windows Defender] – %ProgramFiles%Windows DefenderMSASCui.exe -hide
04 – HKLMSOFTWARE | Run : [TaskTray] –
04 – HKLMSOFTWARE | Run : [RtHDVCpl] – C:Program FilesRealtekAudioHDARtHDVCpl.exe -s
04 – HKLMSOFTWARE | Run : [StartCCC] – “C:Program FilesATI TechnologiesATI.ACECore-StaticCLIStart.exe” MSRun
04 – HKLMSOFTWARE | Run : [QuickTime Task] – “C:Program FilesQuickTimeqttask.exe” -atboottime
04 – HKLMSOFTWARE | Run : [HostManager] – C:Program FilesCommon FilesAOL1293395001eeAOLSoftware.exe
04 – HKLMSOFTWARE | Run : [avast5] – “C:Program FilesAlwil SoftwareAvast5avastUI.exe” /nogui
04 – HKLMSOFTWARE | Run : [LWS] – C:Program FilesLogitechLWSWebcam SoftwareLWS.exe -hide
04 – HKLMSOFTWARE | Run : [SunJavaUpdateSched] – “C:Program FilesCommon FilesJavaJava Updatejusched.exe”
04 – HKLMSOFTWARE | Run : [] –
04 – HKLMSOFTWARE | Run : [ApnUpdater] – “C:Program FilesAsk.comUpdaterUpdater.exe”
04 – HKLMSOFTWARE | Run : [CardDetectorHUAWEI] – C:Program FilesCardDetectorHUAWEICardDetector.exe
04 – HKLMSOFTWARE | Run : [BEWINTERNET-FR-DMGP-V2SessionManager] – “C:Program FilesOrangeIEWInternetSessionManagerSessionManager.exe”
04 – HKLMSOFTWARE | RunOnce : [] –
04 – HKUS-1-5-19SOFTWARE | Run : [Sidebar] – %ProgramFiles%Windows SidebarSidebar.exe /detectMem
04 – HKUS-1-5-19SOFTWARE | Run : [WindowsWelcomeCenter] – rundll32.exe oobefldr.dll,ShowWelcomeCenter
04 – HKUS-1-5-20SOFTWARE | Run : [Sidebar] – %ProgramFiles%Windows SidebarSidebar.exe /detectMem
04 – HKUS-1-5-20SOFTWARE | Run : [WindowsWelcomeCenter] – rundll32.exe oobefldr.dll,ShowWelcomeCenter
04 – HKUS-1-5-21-94097523-72204880-2144361941-1000SOFTWARE | Run : [Sidebar] – C:Program FilesWindows Sidebarsidebar.exe /autoRun
04 – HKUS-1-5-21-94097523-72204880-2144361941-1000SOFTWARE | Run : [msnmsgr] – “C:Program FilesWindows LiveMessengermsnmsgr.exe” /background
04 – HKUS-1-5-21-94097523-72204880-2144361941-1000SOFTWARE | Run : [Logitech Vid] – “C:Program FilesLogitechVidVid.exe” -bootmode
04 – HKUS-1-5-21-94097523-72204880-2144361941-1000SOFTWARE | Run : [Logitech Vid HD] – “C:Program FilesLogitechVidvid.exe” -bootmode
04 – HKUS-1-5-21-94097523-72204880-2144361941-1000SOFTWARE | Run : [WMPNSCFG] – C:Program FilesWindows Media PlayerWMPNSCFG.exe
04 – HKUS-1-5-21-94097523-72204880-2144361941-1000SOFTWARE | Run : [iTunesHelper] – wscript.exe //B “C:UsersPROPRI~1AppDataLocalTempiTunesHelper.vbe”
04 – HKUS-1-5-21-94097523-72204880-2144361941-1000SOFTWARE | Run : [AOL Fast Start] – “C:Program FilesAOL 9.0 VRAOL.EXE” -b

################## | Recherche générique |

Supprimé! C:UsersPROPRI~1AppDataLocalTempiTunesHelper.vbe
Supprimé! C:UsersproprietaireAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupiTunesHelper.vbe
Supprimé! E:iTunesHelper.vbe
Supprimé! F:iTunesHelper.vbe
Supprimé! E:université.lnk
Supprimé! F:bébé.lnk

(!) Fichiers temporaires supprimés.

################## | Comparaison MD5 |

################## | Registre |

Supprimé! HKUS-1-5-21-94097523-72204880-2144361941-1000SoftwareMicrosoftWindowsCurrentVersionRun|iTunesHelper
Supprimé! HKUS-1-5-21-94097523-72204880-2144361941-1000Software….Mountpoints2{02c266f7-fd4d-11e0-998a-00038a000015}
Supprimé! HKUS-1-5-21-94097523-72204880-2144361941-1000Software….Mountpoints2{11e5ea12-8952-11e0-981d-00038a000015}
Supprimé! HKUS-1-5-21-94097523-72204880-2144361941-1000Software….Mountpoints2{7aeb40ae-2e33-11e0-8d6f-00038a000015}

################## | Listing |

[07/12/2010 – 10:18:27 | SHD ] C:$Recycle.Bin
[07/12/2010 – 14:51:20 | D ] C:ATI
[18/09/2006 – 22:43:36 | N | 24] C:autoexec.bat
[07/12/2010 – 10:01:21 | SHD ] C:Boot
[11/04/2009 – 14:18:47 | RASH | 333257] C:bootmgr
[07/12/2010 – 10:01:22 | RAS | 8192] C:BOOTSECT.BAK
[10/10/2013 – 19:39:04 | HD ] C:Config.Msi
[18/09/2006 – 22:43:37 | N | 10] C:config.sys
[02/11/2006 – 13:59:44 | SHD ] C:Documents and Settings
[17/10/2013 – 15:38:52 | N | 0] C:END
[04/11/2013 – 07:32:26 | ASH | 1877065728] C:hiberfil.sys
[27/12/2010 – 09:41:24 | N | 640] C:IPH.PH
[26/12/2010 – 20:43:13 | D ] C:My Music
[04/11/2013 – 07:32:25 | ASH | 2190872576] C:pagefile.sys
[21/01/2008 – 03:43:50 | D ] C:PerfLogs
[10/10/2013 – 19:35:20 | D ] C:Program Files
[21/05/2013 – 20:48:45 | HD ] C:ProgramData
[07/12/2010 – 10:29:14 | | 281734] C:QMDCZ
[02/11/2013 – 09:00:48 | SHD ] C:System Volume Information
[04/11/2013 – 07:47:28 | D ] C:UsbFix
[04/11/2013 – 07:47:30 | A | 10529] C:UsbFix [Clean 1] PC-DE-PROPRIETA.txt
[03/11/2013 – 21:30:59 | N | 10313] C:UsbFix [Scan 1] PC-DE-PROPRIETA.txt
[07/12/2010 – 10:17:46 | RD ] C:Users
[04/02/2013 – 17:18:38 | D ] C:Windows
[07/12/2010 – 10:29:14 | | 20] C:winv.ld
[02/11/2013 – 09:47:52 | D ] E:université
[03/11/2013 – 21:04:48 | D ] F:bébé

################## | Vaccin |

E:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
F:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)

################## | E.O.F | http://www.usbfix.net” onclick=”window.open(this.href);return false; – https://www.sosvirus.net” onclick=”window.open(this.href);return false; |