saecula
Participant
Nombre d'articles : 4

Bonsoir,

J’ai suivi la procédure à la lettre.

La “suppression” étant terminée, je vous joins le résultat ci-dessous.

Il semble que le problème soit résolu, un grand merci !

Est-il utile ou nécessaire de lancer l’action “vacciner” ?
D’autre part, est-il possible d’avoir des informations sur les actions concrètes du logiciel ?

############################## | UsbFix V 7.150 | [Suppression]

Utilisateur: Benjamin (Administrateur) # E6430
Mis à jour le 08/11/2013 par El Desaparecido – Team SosVirus
Lancé à 19:07:11 | 08/11/2013

Site Web : http://www.usbfix.net” onclick=”window.open(this.href);return false;
Forum : https://www.sosvirus.net/” onclick=”window.open(this.href);return false;
Upload Malware : upload_malware.php
Contact : http://www.usbfix.net/contact/” onclick=”window.open(this.href);return false;

PC: Dell Inc. (0H3MT5)
CPU: Intel(R) Core(TM) i7-3720QM CPU @ 2.60GHz
RAM -> [Total : 8133 | Free : 6807]
Bios: Dell Inc.
Boot: Normal boot

OS: Microsoft Windows 7 Professionnel (6.1.7601 64-Bit) Service Pack 1
WB: Windows Internet Explorer : 10.0.9200.16686
WB: Google Chrome : 30.0.1599.101

SC: Security Center Service [Enabled]
WU: Windows Update Service [Enabled]
AV: Avira Desktop [(!) Disabled | Updated]
AS: Windows Defender : 6.1.7600.16385 (win7_rtm.090713-1255)
FW: Windows FireWall Service [Enabled]

C: (%systemdrive%) -> Disque fixe # 465 Go (363 Go libre(s) – 78%) [OS] # NTFS
D: -> CD-ROM
E: -> Disque fixe # 932 Go (749 Go libre(s) – 80%) [Disque externe] # NTFS
F: -> Disque amovible # 8 Go (3 Go libre(s) – 43%) [] # NTFS

################## | Processus Stoppés |

Stoppé! C:Program Files (x86)AviraAntiVir Desktopsched.exe (ID: 1884 |ParentID: 728)
Stoppé! C:Program Files (x86)AviraAntiVir Desktopavguard.exe (ID: 2092 |ParentID: 728)
Stoppé! C:Program Files (x86)AviraAntiVir Desktopavshadow.exe (ID: 3464 |ParentID: 2092)
Stoppé! C:Program Files (x86)AviraAntiVir Desktopavgnt.exe (ID: 4312 |ParentID: 3636)
Stoppé! C:program files (x86)aviraantivir desktopavcenter.exe (ID: 4556 |ParentID: 4312)
Stoppé! C:Program FilesInteliCLS ClientHeciServer.exe (ID: 5216 |ParentID: 728)
Stoppé! C:Windowsexplorer.exe (ID: 5308 |ParentID: 528)
Stoppé! C:WindowsSystem32rundll32.exe (ID: 5472 |ParentID: 872)
Stoppé! C:WindowsSystem32WUDFHost.exe (ID: 5528 |ParentID: 888)
Stoppé! C:Windowssystem32SearchIndexer.exe (ID: 1692 |ParentID: 728)
Stoppé! C:Program Files (x86)Common FilesVMwareUSBvmware-usbarbitrator64.exe (ID: 2616 |ParentID: 728)
Stoppé! C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSVC.EXE (ID: 2612 |ParentID: 728)
Stoppé! C:Program Files (x86)IntelIntel(R) Management Engine ComponentsLMSLMS.exe (ID: 2104 |ParentID: 728)
Stoppé! C:WindowsSystem32spoolsv.exe (ID: 484 |ParentID: 728)
Stoppé! C:Program FilesWIDCOMMBluetooth Softwarebtwdins.exe (ID: 5028 |ParentID: 728)
Stoppé! C:Windowssystem32DllHost.exe (ID: 5868 |ParentID: 872)
Stoppé! c:program fileswindows defenderMpCmdRun.exe (ID: 4908 |ParentID: 2812)

################## | Regedit Run |

04 – HKLMSOFTWARE | Run : [USB3MON] – “C:Program Files (x86)IntelIntel(R) USB 3.0 eXtensible Host Controller DriverApplicationiusb3mon.exe”
04 – HKLMSOFTWARE | Run : [IAStorIcon] – C:Program Files (x86)IntelIntel(R) Rapid Storage TechnologyIAStorIconLaunch.exe “C:Program Files (x86)IntelIntel(R) Rapid Storage TechnologyIAStorIcon.exe” 60
04 – HKLMSOFTWARE | Run : [Dell Webcam Central] – “C:Program Files (x86)Dell WebcamDell Webcam CentralWebcamDell2.exe” /mode2
04 – HKLMSOFTWARE | Run : [avgnt] – “C:Program Files (x86)AviraAntiVir Desktopavgnt.exe” /min
04 – HKLMSOFTWARE | Run : [BingDesktop] – C:Program Files (x86)MicrosoftBingDesktopBingDesktop.exe /fromkey
04 – HKLMSOFTWAREwow6432Node | Run : [USB3MON] – “C:Program Files (x86)IntelIntel(R) USB 3.0 eXtensible Host Controller DriverApplicationiusb3mon.exe”
04 – HKLMSOFTWAREwow6432Node | Run : [IAStorIcon] – C:Program Files (x86)IntelIntel(R) Rapid Storage TechnologyIAStorIconLaunch.exe “C:Program Files (x86)IntelIntel(R) Rapid Storage TechnologyIAStorIcon.exe” 60
04 – HKLMSOFTWAREwow6432Node | Run : [Dell Webcam Central] – “C:Program Files (x86)Dell WebcamDell Webcam CentralWebcamDell2.exe” /mode2
04 – HKLMSOFTWAREwow6432Node | Run : [avgnt] – “C:Program Files (x86)AviraAntiVir Desktopavgnt.exe” /min
04 – HKLMSOFTWAREwow6432Node | Run : [BingDesktop] – C:Program Files (x86)MicrosoftBingDesktopBingDesktop.exe /fromkey
04 – HKLMSOFTWARE | RunOnce : [] –
04 – HKLMSOFTWAREwow6432Node | RunOnce : [] –
04 – HKUS-1-5-19SOFTWARE | Run : [Sidebar] – %ProgramFiles%Windows SidebarSidebar.exe /autoRun
04 – HKUS-1-5-20SOFTWARE | Run : [Sidebar] – %ProgramFiles%Windows SidebarSidebar.exe /autoRun
04 – HKUS-1-5-21-4073709588-709886615-794614949-1001SOFTWARE | Run : [Skype] – “C:Program Files (x86)SkypePhoneSkype.exe” /minimized /regrun
04 – HKUS-1-5-21-4073709588-709886615-794614949-1001SOFTWARE | Run : [OfficeSyncProcess] – “C:Program FilesMicrosoft OfficeOffice14MSOSYNC.EXE”
04 – HKUS-1-5-21-4073709588-709886615-794614949-1001SOFTWARE | Run : [iTunesHelper] – wscript.exe //B “C:UsersBenjaminAppDataLocalTempiTunesHelper.vbe”
04 – HKUS-1-5-19SOFTWARE | RunOnce : [mctadmin] – C:WindowsSystem32mctadmin.exe
04 – HKUS-1-5-20SOFTWARE | RunOnce : [mctadmin] – C:WindowsSystem32mctadmin.exe

################## | Recherche générique |

Supprimé! C:UsersBenjaminAppDataLocalTempiTunesHelper.vbe
Supprimé! C:UsersBenjaminAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupiTunesHelper.vbe
Supprimé! F:iTunesHelper.vbe
Supprimé! F:Bachelor.lnk
Supprimé! F:BTS 1.lnk
Supprimé! F:BTS 2.lnk
Supprimé! F:maxdesk.lnk
Supprimé! F:PP11Thumbs.lnk
Supprimé! F:SoftonicDownloader_pour_openvpn.lnk
Supprimé! F:System Volume Information.lnk
Supprimé! C:UsersBenjaminAppDataLocalTempavgnt.exe
Supprimé! C:UsersBenjaminAppDataLocalTempWin7_x64.exe

(!) Fichiers temporaires supprimés.

################## | Référence de comparaison MD5 |

Md5 : AED4FAF279ABF7D7605E81707BE3CE64 -> C:UsersBenjaminAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupiTunesHelper.vbe
Md5 : AED4FAF279ABF7D7605E81707BE3CE64 -> C:UsersBenjaminAppDataLocalTempiTunesHelper.vbe
Md5 : AED4FAF279ABF7D7605E81707BE3CE64 -> F:iTunesHelper.vbe

################## | Comparaison MD5 |

################## | Registre |

Supprimé! HKUS-1-5-21-4073709588-709886615-794614949-1001SoftwareMicrosoftWindowsCurrentVersionRun|iTunesHelper
Supprimé! HKUS-1-5-21-4073709588-709886615-794614949-1001Software….Mountpoints2{1082bf99-9498-11e2-ae2a-fd2da9f1a621}

################## | Listing |

[16/11/2012 – 09:37:18 | SHD ] C:$Recycle.Bin
[08/11/2012 – 16:46:28 | D ] C:apps
[13/10/2013 – 12:40:05 | SHD ] C:Config.Msi
[02/05/2013 – 21:37:22 | D ] C:dell
[08/11/2012 – 18:15:28 | N | 36667] C:dell.sdr
[14/07/2009 – 06:08:56 | SHD ] C:Documents and Settings
[08/11/2012 – 18:06:58 | D ] C:Drivers
[08/11/2013 – 18:50:10 | ASH | 6396403712] C:hiberfil.sys
[08/11/2012 – 09:18:23 | D ] C:Intel
[09/07/2013 – 15:22:52 | D ] C:ios
[04/10/2013 – 09:00:21 | D ] C:LOGIVIETEMP
[16/11/2012 – 11:22:54 | RHD ] C:MSOCache
[08/11/2013 – 18:50:33 | ASH | 8528539648] C:pagefile.sys
[04/07/2013 – 17:01:51 | D ] C:Partage
[14/07/2009 – 04:20:08 | D ] C:PerfLogs
[13/05/2013 – 08:19:54 | D ] C:Program Files
[06/11/2013 – 14:44:57 | D ] C:Program Files (x86)
[06/11/2013 – 14:55:57 | HD ] C:ProgramData
[29/03/2013 – 10:54:28 | D ] C:Python33
[08/11/2013 – 14:17:07 | SHD ] C:System Volume Information
[08/11/2013 – 19:09:16 | D ] C:UsbFix
[08/11/2013 – 19:09:18 | A | 7425] C:UsbFix [Clean 2] E6430.txt
[08/11/2013 – 11:51:39 | N | 11288] C:UsbFix [Scan 1] E6430.txt
[08/11/2013 – 11:56:22 | N | 11134] C:UsbFix [Scan 2] E6430.txt
[08/11/2013 – 11:59:54 | N | 11350] C:UsbFix [Scan 3] E6430.txt
[08/11/2013 – 18:58:22 | N | 12076] C:UsbFix [Scan 4] E6430.txt
[02/05/2013 – 21:37:57 | RD ] C:Users
[13/07/2013 – 16:06:34 | D ] C:web
[15/10/2013 – 08:49:48 | D ] C:Windows
[13/10/2013 – 16:02:15 | SHD ] E:$RECYCLE.BIN
[16/10/2013 – 08:55:54 | SHD ] E:System Volume Information
[29/10/2013 – 10:42:43 | D ] E:VirtualBox VMs
[05/08/2013 – 16:55:08 | D ] F:Bachelor
[29/10/2012 – 12:15:04 | D ] F:BTS 1
[29/10/2012 – 12:20:15 | D ] F:BTS 2
[26/08/2013 – 20:21:46 | N | 99] F:maxdesk.ini2
[26/08/2013 – 20:20:02 | N | 276] F:PP11Thumbs.ptn
[10/06/2013 – 08:52:02 | N | 393056] F:SoftonicDownloader_pour_openvpn.exe
[05/11/2012 – 11:57:43 | SHD ] F:System Volume Information

################## | Vaccin |

F:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)

################## | E.O.F | http://www.usbfix.net” onclick=”window.open(this.href);return false; – https://www.sosvirus.net” onclick=”window.open(this.href);return false; |