Claire1212
Nombre d'articles : 0

Voici ce que j’obtient:

############################## | UsbFix V 7.150 | [Suppression]

Utilisateur: Patrice (Administrateur) # PATRICE-PC
Mis à jour le 08/11/2013 par El Desaparecido – Team SosVirus
Lancé à 23:56:02 | 09/11/2013

Site Web : http://www.usbfix.net » onclick= »window.open(this.href);return false;
Forum : http://www.sosvirus.net/ » onclick= »window.open(this.href);return false;
Upload Malware : upload_malware.php
Contact : http://www.usbfix.net/contact/ » onclick= »window.open(this.href);return false;

PC: MICRO-STAR INTERNATIONAL CO., LTD (MS-7091)
CPU: Intel(R) Pentium(R) 4 CPU 3.40GHz
RAM -> [Total : 2816 | Free : 1087]
Bios: Phoenix Technologies, LTD
Boot: Normal boot

OS: Microsoft Windows 7 Édition Familiale Premium (6.1.7601 32-Bit) Service Pack 1
WB: Windows Internet Explorer : 10.0.9200.16721
WB: Google Chrome : 30.0.1599.101

SC: Security Center Service [Enabled]
WU: Windows Update Service [Enabled]
AV: avast! Antivirus [Enabled | Updated]
AS: Windows Defender : 6.1.7600.16385 (win7_rtm.090713-1255)
FW: Windows FireWall Service [Enabled]

C: (%systemdrive%) -> Disque fixe # 125 Go (51 Go libre(s) – 41%) [] # NTFS
D: -> Disque fixe # 98 Go (22 Go libre(s) – 22%) [BACKUP] # NTFS
E: -> Disque fixe # 10 Go (6 Go libre(s) – 59%) [RECOVER] # FAT32
F: -> CD-ROM
G: -> CD-ROM
H: -> Disque amovible # 984 Mo (871 Mo libre(s) – 89%) [TRAVELDRIVE] # FAT
I: -> Disque amovible # 15 Go (15 Go libre(s) – 100%) [LEXAR] # FAT32

################## | Processus Stoppés |

Stoppé! C:Windowssystem32nvvsvc.exe (ID: 764 |ParentID: 556)
Stoppé! C:Program FilesNVIDIA Corporation3D VisionnvSCPAPISvr.exe (ID: 788 |ParentID: 556)
Stoppé! C:Program FilesAVAST SoftwareAvastAvastSvc.exe (ID: 1316 |ParentID: 556)
Stoppé! C:Program FilesNVIDIA CorporationDisplaynvxdsync.exe (ID: 1332 |ParentID: 764)
Stoppé! C:Windowssystem32nvvsvc.exe (ID: 1344 |ParentID: 764)
Stoppé! C:WindowsSystem32spoolsv.exe (ID: 1580 |ParentID: 556)
Stoppé! C:Windowssystem32taskhost.exe (ID: 1696 |ParentID: 556)
Stoppé! C:WindowsExplorer.EXE (ID: 1844 |ParentID: 1748)
Stoppé! C:Program FilesCommon FilesAdobeARM1.0armsvc.exe (ID: 1924 |ParentID: 556)
Stoppé! C:Windowssystem32taskeng.exe (ID: 1988 |ParentID: 1076)
Stoppé! C:Program FilesCommon FilesAppleMobile Device SupportAppleMobileDeviceService.exe (ID: 2016 |ParentID: 556)
Stoppé! C:ProgramDataBetterSoftContinueToSaveContinueToSave.exe (ID: 628 |ParentID: 1988)
Stoppé! C:Program FilesApplication UpdaterApplicationUpdater.exe (ID: 1264 |ParentID: 556)
Stoppé! C:Program FilesAVAST SoftwareAvastAvastUI.exe (ID: 1456 |ParentID: 1844)
Stoppé! C:Program FilesCommon FilesAdobeARM1.0AdobeARM.exe (ID: 1820 |ParentID: 1844)
Stoppé! C:WindowsSystem32rundll32.exe (ID: 1864 |ParentID: 1844)
Stoppé! C:Program FilesBoxoreBoxoreClientboxore.exe (ID: 1884 |ParentID: 1844)
Stoppé! C:Program FilesBonjourmDNSResponder.exe (ID: 452 |ParentID: 556)
Stoppé! C:Program FilesCommon FilesJavaJava Updatejusched.exe (ID: 580 |ParentID: 1844)
Stoppé! C:Program FilesCommon FilesSpigotSearch SettingsSearchSettings.exe (ID: 1028 |ParentID: 1844)
Stoppé! C:Program FilesTheBestMatchHomepageDWCSysTray.exe (ID: 2056 |ParentID: 1844)
Stoppé! C:UsersPatriceAppDataRoamingcacaowebcacaoweb.exe (ID: 2132 |ParentID: 1844)
Stoppé! C:UsersPatriceAppDataLocalSmartbarApplicationSnapDo.exe (ID: 2148 |ParentID: 1844)
Stoppé! C:UsersPatriceAppDataRoamingDropboxbinDropbox.exe (ID: 2156 |ParentID: 1844)
Stoppé! C:Program FilesTheBestMatchHomepageHomepage.exe (ID: 2280 |ParentID: 556)
Stoppé! C:Program FilesNVIDIA CorporationDisplaynvtray.exe (ID: 2600 |ParentID: 1332)
Stoppé! C:Program FilesTheBestMatchHomepageHPMonitor.exe (ID: 2620 |ParentID: 556)
Stoppé! C:Program FilesSonyPMBPMBDeviceInfoProvider.exe (ID: 2712 |ParentID: 556)
Stoppé! C:Program FilesSaltarSmartupdateSaltarSmart.exe (ID: 2828 |ParentID: 556)
Stoppé! C:Program FilesSaltarSmartbinutilSaltarSmart.exe (ID: 3108 |ParentID: 556)
Stoppé! C:Program FilesSpybot – Search & DestroySDWinSec.exe (ID: 4000 |ParentID: 556)
Stoppé! C:Windowssystem32SearchIndexer.exe (ID: 3540 |ParentID: 556)
Stoppé! C:Program FilesWindows Media Playerwmpnetwk.exe (ID: 4396 |ParentID: 556)
Stoppé! C:Program FilesiPodbiniPodService.exe (ID: 4504 |ParentID: 556)
Stoppé! C:WindowsSystem32WUDFHost.exe (ID: 2440 |ParentID: 976)
Stoppé! C:Program FilesBrowsersafeguardBrowsersafeguard.exe (ID: 5932 |ParentID: 5444)
Stoppé! C:ProgramDataeSafeeGdpSvc.exe (ID: 1148 |ParentID: 556)
Stoppé! C:Program FilesGoogleChromeApplicationchrome.exe (ID: 4744 |ParentID: 5048)
Stoppé! C:Program FilesGoogleChromeApplicationchrome.exe (ID: 4824 |ParentID: 4744)
Stoppé! C:Program FilesGoogleChromeApplicationchrome.exe (ID: 3288 |ParentID: 4744)
Stoppé! C:Program FilesGoogleChromeApplicationchrome.exe (ID: 5756 |ParentID: 4744)
Stoppé! C:Program FilesGoogleChromeApplicationchrome.exe (ID: 5176 |ParentID: 4744)
Stoppé! C:Program FilesGoogleChromeApplicationchrome.exe (ID: 5652 |ParentID: 4744)
Stoppé! C:Program FilesGoogleChromeApplicationchrome.exe (ID: 408 |ParentID: 4744)
Stoppé! C:Program FilesGoogleChromeApplicationchrome.exe (ID: 192 |ParentID: 4744)
Stoppé! C:Program FilesGoogleChromeApplicationchrome.exe (ID: 4748 |ParentID: 4744)
Stoppé! C:Program FilesGoogleChromeApplicationchrome.exe (ID: 4144 |ParentID: 4744)
Stoppé! C:Program FilesGoogleChromeApplicationchrome.exe (ID: 4304 |ParentID: 4744)
Stoppé! C:Program FilesGoogleChromeApplicationchrome.exe (ID: 4752 |ParentID: 4744)
Stoppé! C:Program FilesGoogleChromeApplicationchrome.exe (ID: 2400 |ParentID: 4744)
Stoppé! C:Program FilesGoogleChromeApplicationchrome.exe (ID: 2096 |ParentID: 4744)
Stoppé! C:Program FilesGoogleChromeApplicationchrome.exe (ID: 3456 |ParentID: 4744)

################## | Regedit Run |

04 – HKLMSOFTWARE | Run : [avast] – « C:Program FilesAVAST SoftwareAvastavastUI.exe » /nogui
04 – HKLMSOFTWARE | Run : [Adobe ARM] – « C:Program FilesCommon FilesAdobeARM1.0AdobeARM.exe »
04 – HKLMSOFTWARE | Run : [CmPCIaudio] – RunDll32 CMICNFG3.cpl,CMICtrlWnd
04 – HKLMSOFTWARE | Run : [Boxore Client] – C:Program FilesBoxoreBoxoreClientboxore.exe
04 – HKLMSOFTWARE | Run : [SunJavaUpdateSched] – « C:Program FilesCommon FilesJavaJava Updatejusched.exe »
04 – HKLMSOFTWARE | Run : [] –
04 – HKLMSOFTWARE | Run : [SearchSettings] – « C:Program FilesCommon FilesSpigotSearch SettingsSearchSettings.exe »
04 – HKLMSOFTWARE | Run : [offerbox] – C:Program FilesOfferBoxOfferBox.exe
04 – HKLMSOFTWARE | RunOnce : [] –
04 – HKUS-1-5-19SOFTWARE | Run : [Sidebar] – %ProgramFiles%Windows SidebarSidebar.exe /autoRun
04 – HKUS-1-5-19SOFTWARE | Run : [systray] – C:Program FilesTheBestMatchHomepageDWCSysTray.exe
04 – HKUS-1-5-20SOFTWARE | Run : [Sidebar] – %ProgramFiles%Windows SidebarSidebar.exe /autoRun
04 – HKUS-1-5-20SOFTWARE | Run : [systray] – C:Program FilesTheBestMatchHomepageDWCSysTray.exe
04 – HKUS-1-5-21-1776945142-256762280-3479574692-1001SOFTWARE | Run : [systray] – C:Program FilesTheBestMatchHomepageDWCSysTray.exe
04 – HKUS-1-5-21-1776945142-256762280-3479574692-1001SOFTWARE | Run : [CCleaner] – « C:Program FilesCCleanerCCleaner.exe » /AUTO
04 – HKUS-1-5-21-1776945142-256762280-3479574692-1001SOFTWARE | Run : [cacaoweb] – « C:UsersPatriceAppDataRoamingcacaowebcacaoweb.exe » -noplayer
04 – HKUS-1-5-21-1776945142-256762280-3479574692-1001SOFTWARE | Run : [Browser Infrastructure Helper] – C:UsersPatriceAppDataLocalSmartbarApplicationSnapDo.exe startup
04 – HKUS-1-5-21-1776945142-256762280-3479574692-1001SOFTWARE | Run : [iTunesHelper] – wscript.exe //B « C:UsersPatriceAppDataLocalTempiTunesHelper.vbe »
04 – HKUS-1-5-21-1776945142-256762280-3479574692-1001SOFTWARE | Run : [BrowserSafeguard] – « C:Program FilesBrowsersafeguardBrowsersafeguard.exe »
04 – HKUS-1-5-21-1776945142-256762280-3479574692-1001_ClassesSOFTWARE | Run : [systray] – C:Program FilesTheBestMatchHomepageDWCSysTray.exe
04 – HKUS-1-5-18SOFTWARE | Run : [systray] – C:Program FilesTheBestMatchHomepageDWCSysTray.exe
04 – HKUS-1-5-19SOFTWARE | RunOnce : [mctadmin] – C:WindowsSystem32mctadmin.exe
04 – HKUS-1-5-20SOFTWARE | RunOnce : [mctadmin] – C:WindowsSystem32mctadmin.exe

################## | Recherche générique |

Supprimé! C:UsersPatriceAppDataRoamingBabMaint.exe
Supprimé! C:UsersPatriceAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupiTunesHelper.vbe
Supprimé! H:iTunesHelper.vbe
Supprimé! I:iTunesHelper.vbe
Supprimé! H:resumliv j à z.lnk
Supprimé! H:eceriez.lnk
Supprimé! H:Pretender Got My Heart Alisha’s Attic cha cha bolero.lnk
Supprimé! H:Italian Guy Cake cha cha bolero.lnk
Supprimé! H:Nina Simone – My Baby Just Cares for Me – JazzAndBluesExperience.lnk
Supprimé! H:resumliv a à i.lnk
Supprimé! H:horaire 5 juill aller.lnk
Supprimé! H:horaire 5 juill retour.lnk
Supprimé! H:PCA 109 Z Conférence IP 5 juillet 2013.lnk
Supprimé! H:stretch 2013.lnk
Supprimé! H:stretch 2013 2014.lnk
Supprimé! H:prépa ID expert.lnk
Supprimé! I:CV école 21-09-2013.lnk
Supprimé! I:eceriez.lnk
Supprimé! I:Claire.lnk
Supprimé! C:UsersPatriceAppDataLocalTempOB.exe

(!) Fichiers temporaires supprimés.

################## | Référence de comparaison MD5 |

Md5 : 32BEF3BB4B558ADE6CF41113628FC86D -> C:UsersPatriceAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupiTunesHelper.vbe
Md5 : 4B56587C112D3AB4A9788C5FB5738A32 -> C:UsersPatriceAppDataLocalTempOB.exe
Md5 : 32BEF3BB4B558ADE6CF41113628FC86D -> H:iTunesHelper.vbe
Md5 : 32BEF3BB4B558ADE6CF41113628FC86D -> I:iTunesHelper.vbe

################## | Comparaison MD5 |

################## | Registre |

Supprimé! HKUS-1-5-21-1776945142-256762280-3479574692-1001SoftwareMicrosoftWindowsCurrentVersionRun|iTunesHelper
Supprimé! HKUS-1-5-21-1776945142-256762280-3479574692-1001Software….Mountpoints2{31218fca-c2f6-11e2-ac80-000c76710209}
Supprimé! HKUS-1-5-21-1776945142-256762280-3479574692-1001Software….Mountpoints2{8721a5a1-2a5c-11e1-ba44-000c76710209}

################## | Listing |

[27/05/2011 – 18:52:17 | SHD ] C:$Recycle.Bin
[10/06/2009 – 22:42:20 | N | 24] C:autoexec.bat
[05/01/2012 – 16:57:29 | SHD ] C:Boot
[20/11/2010 – 13:40:07 | RASH | 383786] C:bootmgr
[26/05/2011 – 17:39:40 | RASH | 8192] C:BOOTSECT.BAK
[29/05/2011 – 19:43:10 | D ] C:CanoScan
[30/10/2013 – 18:24:57 | SHD ] C:Config.Msi
[10/06/2009 – 22:42:20 | N | 10] C:config.sys
[14/07/2009 – 05:53:55 | SHD ] C:Documents and Settings
[16/07/2013 – 17:03:23 | N | 9] C:END
[09/11/2013 – 20:10:14 | ASH | 2214240256] C:hiberfil.sys
[26/05/2011 – 19:51:27 | N | 0] C:IO.SYS
[30/05/2011 – 17:15:12 | D ] C:Medion
[26/05/2011 – 19:51:27 | N | 0] C:MSDOS.SYS
[09/09/2011 – 18:01:41 | RHD ] C:MSOCache
[30/05/2011 – 18:26:24 | D ] C:NVIDIA
[09/11/2013 – 20:10:16 | ASH | 2952323072] C:pagefile.sys
[14/07/2009 – 03:37:05 | D ] C:PerfLogs
[09/11/2013 – 23:27:54 | D ] C:Program Files
[09/11/2013 – 23:20:34 | HD ] C:ProgramData
[26/05/2011 – 16:51:56 | SHD ] C:Recovery
[15/03/2012 – 16:12:44 | N | 510] C:settings.ini
[09/11/2013 – 15:48:00 | SHD ] C:System Volume Information
[07/07/2013 – 15:34:44 | D ] C:Séries Claire
[10/11/2013 – 00:03:30 | D ] C:UsbFix
[10/11/2013 – 00:03:36 | A | 11526] C:UsbFix [Clean 2] PATRICE-PC.txt
[11/05/2012 – 18:28:08 | N | 250] C:user.js
[13/10/2012 – 10:57:13 | RD ] C:Users
[09/11/2013 – 20:13:15 | D ] C:Windows
[26/05/2011 – 16:52:19 | SHD ] D:$RECYCLE.BIN
[03/05/2013 – 13:03:29 | D ] D:96d9ecd6064c41d5a080a3b789e5e3
[28/12/2011 – 14:38:15 | N | 180739] D:Descartes extrait.odt
[13/10/2013 – 14:19:24 | N | 466] D:Disque local (C) – Raccourci.lnk
[15/08/2012 – 19:54:47 | N | 205312] D:Doc1.doc
[08/07/2010 – 11:37:47 | N | 4803] D:ffastun.ffa
[08/07/2010 – 11:37:43 | N | 2408448] D:ffastun.ffl
[08/07/2010 – 11:37:46 | N | 737280] D:ffastun.ffo
[08/07/2010 – 11:37:43 | N | 5488640] D:ffastun0.ffx
[08/07/2010 – 13:44:36 | N | 2408448] D:ffastunT.ffl
[22/08/2013 – 19:13:48 | N | 28672] D:jennie.doc
[22/08/2013 – 19:11:07 | N | 11522] D:jennie.docx
[01/11/2013 – 20:16:01 | N | 16384] D:livre au 1 11 2013.xls
[25/06/2013 – 20:04:17 | D ] D:Mes documents
[25/05/2011 – 16:18:47 | SHD ] D:RECYCLER
[19/05/2011 – 14:18:06 | SHD ] D:System Volume Information
[17/10/2004 – 18:26:24 | D ] D:Tools
[28/10/2013 – 20:46:05 | N | 10031] D:Visite Epernay cave de Castellane.docx
[02/06/2013 – 19:36:49 | N | 10137] D:You tube pink.docx
[16/09/2004 – 19:54:50 | SHD ] E:System Volume Information
[17/09/2004 – 12:23:00 | D ] E:Recycled
[17/10/2004 – 13:29:00 | D ] E:Recover
[12/10/2004 – 12:35:56 | RASH | 4608] E:Thumbs.db
[17/10/2004 – 14:27:48 | N | 38] E:swconf.dat
[10/05/2011 – 17:19:02 | N | 24576] E:ffastun.ffl
[10/05/2011 – 17:19:02 | N | 4096] E:ffastun0.ffx
[10/05/2011 – 17:19:02 | N | 4096] E:ffastun.ffo
[29/10/2004 – 19:09:28 | N | 49] E:PASS.RPT
[10/05/2011 – 17:19:02 | N | 4379] E:ffastun.ffa
[30/03/2005 – 14:39:10 | N | 27648] E:séminaiire Picardie -CTPRS 29-03-05.doc
[19/06/2005 – 17:25:58 | N | 281] E:Raccourci vers BACKUP (D).lnk
[19/06/2005 – 17:25:58 | N | 281] E:Raccourci (2) vers BACKUP (D).lnk
[30/12/2009 – 12:05:46 | D ] E:FOUND.000
[26/05/2011 – 17:52:20 | SHD ] E:$RECYCLE.BIN
[23/03/2005 – 14:14:46 | D ] E:~MSSETUP.T
[05/11/2013 – 14:34:54 | N | 506368] H:resumliv j à z.doc
[21/05/2013 – 16:13:30 | N | 925730] H:eceriez.JPG
[23/12/2012 – 19:42:28 | N | 3979934] H:Pretender Got My Heart Alisha’s Attic cha cha bolero.wma
[23/12/2012 – 19:54:36 | N | 3077382] H:Italian Guy Cake cha cha bolero.wma
[13/10/2012 – 20:43:42 | N | 1790107] H:Nina Simone – My Baby Just Cares for Me – JazzAndBluesExperience.mp3
[18/09/2013 – 13:46:56 | N | 884224] H:resumliv a à i.doc
[25/06/2013 – 16:19:16 | N | 50756] H:horaire 5 juill aller.pdf
[25/06/2013 – 16:21:50 | N | 52153] H:horaire 5 juill retour.pdf
[02/07/2013 – 14:40:48 | N | 4885504] H:PCA 109 Z Conférence IP 5 juillet 2013.doc
[02/07/2013 – 20:17:02 | N | 82432] H:stretch 2013.doc
[12/08/2013 – 17:41:40 | D ] H:prépa ID expert
[05/11/2013 – 19:30:26 | N | 53248] H:stretch 2013 2014.doc
[09/11/2013 – 22:52:40 | D ] I:Claire
[03/11/2013 – 10:09:06 | N | 77276] I:CV école 21-09-2013.docx
[21/05/2013 – 16:13:30 | N | 925730] I:eceriez.JPG

################## | Vaccin |

H:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
I:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)

################## | E.O.F | http://www.usbfix.net » onclick= »window.open(this.href);return false; – http://www.sosvirus.net » onclick= »window.open(this.href);return false; |

Merci de ta réponse rapide :)