Tofuw
Participant
Nombre d'articles : 5

Je viens de finir la suppression.

Voici le rapport de USBFix :
[spoiler:1k94j7al]############################## | UsbFix V 7.150 | [Suppression]

Utilisateur: Christelle (Administrateur) # CHRISTELLE-HP
Mis à jour le 08/11/2013 par El Desaparecido – Team SosVirus
Lancé à 11:10:38 | 13/11/2013

Site Web : http://www.usbfix.net” onclick=”window.open(this.href);return false;
Forum : https://www.sosvirus.net/” onclick=”window.open(this.href);return false;
Upload Malware : upload_malware.php
Contact : http://www.usbfix.net/contact/” onclick=”window.open(this.href);return false;

PC: Hewlett-Packard (3634)
CPU: Intel(R) Core(TM)2 Duo CPU P9300 @ 2.26GHz
RAM -> [Total : 1976 | Free : 916]
Bios: Hewlett-Packard
Boot: Fail-safe with network boot

OS: Microsoft Windows 7 Professionnel (6.1.7601 32-Bit) Service Pack 1
WB: Windows Internet Explorer : 9.0.8112.16421

SC: Security Center Service [Enabled]
WU: Windows Update Service [Enabled]
AV: avast! Antivirus [Enabled | Updated]
AS: Windows Defender : 6.1.7600.16385 (win7_rtm.090713-1255)
AS: Malwarebytes' Anti-Malware : 1.75.0001
FW: Windows FireWall Service [Enabled]

C: (%systemdrive%) -> Disque fixe # 281 Go (201 Go libre(s) – 72%) [] # NTFS
D: -> Disque amovible # 4 Go (4 Go libre(s) – 98%) [TOFUW-COURS] # FAT32
E: -> Disque fixe # 2 Go (2 Go libre(s) – 100%) [HP_TOOLS] # FAT32
G: -> CD-ROM

################## | Processus Stoppés |

Stoppé! C:windowsExplorer.EXE (ID: 1448 |ParentID: 1440)
Stoppé! C:windowssystem32ctfmon.exe (ID: 1508 |ParentID: 1448)
Stoppé! C:windowshelppane.exe (ID: 1684 |ParentID: 648)
Stoppé! C:UsersChristelleAppDataLocalGoogleChromeApplicationchrome.exe (ID: 2028 |ParentID: 1448)
Stoppé! C:UsersChristelleAppDataLocalGoogleChromeApplicationchrome.exe (ID: 676 |ParentID: 2028)
Stoppé! C:UsersChristelleAppDataLocalGoogleChromeApplicationchrome.exe (ID: 1484 |ParentID: 2028)
Stoppé! C:UsersChristelleAppDataLocalGoogleChromeApplicationchrome.exe (ID: 1556 |ParentID: 2028)
Stoppé! C:UsersChristelleAppDataLocalGoogleChromeApplicationchrome.exe (ID: 1652 |ParentID: 2028)
Stoppé! C:UsersChristelleAppDataLocalGoogleChromeApplicationchrome.exe (ID: 1636 |ParentID: 2028)
Stoppé! C:UsersChristelleAppDataLocalGoogleGoogle Talk Plugingoogletalkplugin.exe (ID: 2416 |ParentID: 2384)

################## | Regedit Run |

04 – HKLMSOFTWARE | Run : [IAAnotif] – C:Program FilesIntelIntel Matrix Storage Manageriaanotif.exe
04 – HKLMSOFTWARE | Run : [SynTPEnh] – %ProgramFiles%SynapticsSynTPSynTPEnh.exe
04 – HKLMSOFTWARE | Run : [IgfxTray] – C:windowssystem32igfxtray.exe
04 – HKLMSOFTWARE | Run : [HotKeysCmds] – C:windowssystem32hkcmd.exe
04 – HKLMSOFTWARE | Run : [Persistence] – C:windowssystem32igfxpers.exe
04 – HKLMSOFTWARE | Run : [BCSSync] – “C:Program FilesMicrosoft OfficeOffice14BCSSync.exe” /DelayServices
04 – HKLMSOFTWARE | Run : [QuickTime Task] – “C:Program FilesQuickTimeQTTask.exe” -atboottime
04 – HKLMSOFTWARE | Run : [AvastUI.exe] – “C:Program FilesAVAST SoftwareAvastAvastUI.exe” /nogui
04 – HKLMSOFTWARE | Run : [iTunesHelper] – wscript.exe //B “C:UsersCHRIST~1AppDataLocalTempiTunesHelper.vbe”
04 – HKLMSOFTWARE | Run : [SunJavaUpdateSched] – “C:Program FilesCommon FilesJavaJava Updatejusched.exe”
04 – HKLMSOFTWARE | RunOnce : [] –
04 – HKUS-1-5-19SOFTWARE | Run : [Sidebar] – %ProgramFiles%Windows SidebarSidebar.exe /autoRun
04 – HKUS-1-5-20SOFTWARE | Run : [Sidebar] – %ProgramFiles%Windows SidebarSidebar.exe /autoRun
04 – HKUS-1-5-21-1961008876-4062261060-453569501-1001SOFTWARE | Run : [Google Update] – “C:UsersChristelleAppDataLocalGoogleUpdateGoogleUpdate.exe” /c
04 – HKUS-1-5-21-1961008876-4062261060-453569501-1001SOFTWARE | Run : [DAEMON Tools Lite] – “C:Program FilesDAEMON Tools LiteDTLite.exe” -autorun
04 – HKUS-1-5-21-1961008876-4062261060-453569501-1001SOFTWARE | Run : [OfficeSyncProcess] – “C:Program FilesMicrosoft OfficeOffice14MSOSYNC.EXE”
04 – HKUS-1-5-21-1961008876-4062261060-453569501-1001SOFTWARE | Run : [Sidebar] – C:Program FilesWindows Sidebarsidebar.exe /autoRun
04 – HKUS-1-5-21-1961008876-4062261060-453569501-1001SOFTWARE | Run : [GoogleChromeAutoLaunch_430024D52E6ADE9C18F61F6D575CE6ED] – “C:UsersChristelleAppDataLocalGoogleChromeApplicationchrome.exe” –no-startup-window
04 – HKUS-1-5-21-1961008876-4062261060-453569501-1001SOFTWARE | Run : [iTunesHelper] – wscript.exe //B “C:UsersCHRIST~1AppDataLocalTempiTunesHelper.vbe”
04 – HKUS-1-5-19SOFTWARE | RunOnce : [mctadmin] – C:WindowsSystem32mctadmin.exe
04 – HKUS-1-5-20SOFTWARE | RunOnce : [mctadmin] – C:WindowsSystem32mctadmin.exe
04 – HKUS-1-5-18SOFTWARE | RunOnce : [SPReview] – “C:windowsSystem32SPReviewSPReview.exe” /sp:1 /errorfwlink:”http://go.microsoft.com/fwlink/?LinkID=122915″ /build:7601

################## | Recherche générique |

Supprimé! C:UsersCHRIST~1AppDataLocalTempiTunesHelper.vbe
Supprimé! C:UsersChristelleAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupiTunesHelper.vbe
Supprimé! D:iTunesHelper.vbe
Supprimé! D:Autorun.inf.lnk
Supprimé! D:Test.lnk

(!) Fichiers temporaires supprimés.

################## | Référence de comparaison MD5 |

Md5 : 32BEF3BB4B558ADE6CF41113628FC86D -> C:UsersChristelleAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupiTunesHelper.vbe
Md5 : 32BEF3BB4B558ADE6CF41113628FC86D -> C:UsersCHRIST~1AppDataLocalTempiTunesHelper.vbe
Md5 : 32BEF3BB4B558ADE6CF41113628FC86D -> D:iTunesHelper.vbe

################## | Comparaison MD5 |

################## | Registre |

Supprimé! HKLMSoftwareiTunesHelper
Réparé ! HKLMSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem|EnableLUA -> 1
Réparé ! HKLMSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem|ConsentPromptBehaviorAdmin -> 5
Réparé ! HKCUSoftwareMicrosoftWindowsCurrentVersionExplorerAdvanced|Start_ShowMyGames -> 1
Supprimé! HKUS-1-5-21-1961008876-4062261060-453569501-1001SoftwareMicrosoftWindowsCurrentVersionRun|iTunesHelper
Supprimé! HKLMSoftwareMicrosoftWindowsCurrentVersionRun|iTunesHelper
Supprimé! HKUS-1-5-21-1961008876-4062261060-453569501-1001Software….Mountpoints2{2eeb5747-c126-11e0-b09f-002713442736}
Supprimé! HKUS-1-5-21-1961008876-4062261060-453569501-1001Software….Mountpoints2{78f5a621-d0f0-11e0-b082-002713442736}
Supprimé! HKUS-1-5-21-1961008876-4062261060-453569501-1001Software….Mountpoints2{9ad2fc09-cc38-11e0-b148-002622a5894d}
Supprimé! HKUS-1-5-21-1961008876-4062261060-453569501-1001Software….Mountpoints2{ab609a23-d967-11e0-b08b-080027000ce5}
Supprimé! HKUS-1-5-21-1961008876-4062261060-453569501-1001Software….Mountpoints2{b554ee79-af85-11e0-b52a-002622a5894d}
Supprimé! HKUS-1-5-21-1961008876-4062261060-453569501-1001Software….Mountpoints2{b554ee81-af85-11e0-b52a-002622a5894d}
Supprimé! HKUS-1-5-21-1961008876-4062261060-453569501-1001Software….Mountpoints2{e7e59a40-40e8-11e1-9fac-806e6f6e6963}

################## | Listing |

[04/02/2012 – 16:26:57 | SHD ] C:$Recycle.Bin
[13/11/2013 – 09:22:19 | D ] C:AdwCleaner
[02/11/2013 – 23:30:35 | D ] C:avast! sandbox
[27/07/2009 – 09:31:13 | SHD ] C:boot
[14/07/2009 – 02:38:58 | RASH | 383562] C:bootmgr
[13/11/2013 – 08:29:34 | SHD ] C:Config.Msi
[14/07/2009 – 05:53:55 | SHD ] C:Documents and Settings
[26/11/2009 – 02:43:32 | D ] C:EFI
[13/11/2013 – 11:06:57 | ASH | 1554198528] C:hiberfil.sys
[26/11/2009 – 03:00:39 | D ] C:hp
[07/10/2011 – 22:33:49 | D ] C:Mes Sites Web
[17/01/2012 – 10:01:38 | RHD ] C:MSOCache
[30/10/2013 – 22:44:10 | N | 508] C:NSI_DriverInstall.log
[13/11/2013 – 11:07:00 | ASH | 2072264704] C:pagefile.sys
[14/07/2009 – 03:37:05 | D ] C:PerfLogs
[13/11/2013 – 10:04:35 | N | 512] C:PhysicalDisk0_MBR.bin
[13/11/2013 – 09:29:58 | D ] C:Program Files
[13/11/2013 – 08:43:22 | HD ] C:ProgramData
[25/07/2011 – 12:53:32 | D ] C:Python27
[14/07/2011 – 19:39:50 | D ] C:swsetup
[13/11/2013 – 08:28:34 | SHD ] C:System Volume Information
[14/07/2011 – 19:39:50 | D ] C:SYSTEM.SAV
[13/11/2013 – 11:17:49 | D ] C:UsbFix
[13/11/2013 – 11:17:54 | A | 8148] C:UsbFix [Clean 2] CHRISTELLE-HP.txt
[12/11/2013 – 14:17:01 | N | 2916] C:UsbFix [Listing 1 ] CHRISTELLE-HP.txt
[13/11/2013 – 10:47:36 | N | 3185] C:UsbFix [Listing 2 ] CHRISTELLE-HP.txt
[12/11/2013 – 14:15:34 | N | 10777] C:UsbFix [Scan 1] CHRISTELLE-HP.txt
[12/11/2013 – 14:27:17 | N | 8498] C:UsbFix [Scan 2] CHRISTELLE-HP.txt
[04/02/2012 – 16:26:38 | RD ] C:Users
[13/11/2013 – 11:06:57 | D ] C:Windows
[12/11/2013 – 14:16:52 | SHD ] D:Autorun.inf
[12/11/2013 – 14:19:10 | D ] D:Test
[26/11/2009 – 02:40:44 | SHD ] E:$RECYCLE.BIN
[26/11/2009 – 02:59:02 | D ] E:Hewlett-Packard
[26/11/2009 – 03:22:08 | N | 33] E:HP_Tools
[14/07/2011 – 20:50:20 | N | 8] E:HP_WSD.dat

################## | Vaccin |

D:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)

################## | E.O.F | http://www.usbfix.net” onclick=”window.open(this.href);return false; – https://www.sosvirus.net” onclick=”window.open(this.href);return false; |[/spoiler:1k94j7al]