Répondre à : bonjour 2016-09-08T13:18:02+00:00
maestro100
Participant
Nombre d'articles : 31

bonjour :bravo1:
je crois que c est la bonne je joint le rapport
############################## | UsbFix V 7.150 | [Suppression]

Utilisateur: ACER (Administrateur) # ACER-PC
Mis à jour le 08/11/2013 par El Desaparecido – Team SosVirus
Lancé à 10:21:55 | 15/11/2013

Site Web : http://www.usbfix.net” onclick=”window.open(this.href);return false;
Forum : https://www.sosvirus.net/” onclick=”window.open(this.href);return false;
Upload Malware : upload_malware.php
Contact : http://www.usbfix.net/contact/” onclick=”window.open(this.href);return false;

PC: Acer (MRS600M)
CPU: Intel(R) Core(TM)2 Quad CPU Q6600 @ 2.40GHz
RAM -> [Total : 3328 | Free : 2085]
Bios: Phoenix Technologies, LTD
Boot: Normal boot

OS: Microsoft Windows 7 Édition Intégrale (6.1.7601 32-Bit) Service Pack 1
WB: Windows Internet Explorer : 10.0.9200.16736
WB: Mozilla Firefox : 25.0

SC: Security Center Service [Enabled]
WU: Windows Update Service [Enabled]
AV: avast! Antivirus [Enabled | Updated]
AS: Windows Defender : 6.1.7600.16385 (win7_rtm.090713-1255)
FW: Windows FireWall Service [Enabled]

C: (%systemdrive%) -> Disque fixe # 466 Go (68 Go libre(s) – 14%) [] # NTFS
D: -> CD-ROM
E: -> Disque fixe # 456 Go (455 Go libre(s) – 100%) [ACER] # NTFS
I: -> Disque fixe # 298 Go (11 Go libre(s) – 4%) [stock] # NTFS
J: -> CD-ROM
K: -> CD-ROM

################## | Processus Stoppés |

Stoppé! C:Windowssystem32nvvsvc.exe (ID: 812 |ParentID: 552)
Stoppé! C:Program FilesNVIDIA Corporation3D VisionnvSCPAPISvr.exe (ID: 836 |ParentID: 552)
Stoppé! C:Program FilesNVIDIA CorporationDisplaynvxdsync.exe (ID: 1452 |ParentID: 812)
Stoppé! C:Windowssystem32nvvsvc.exe (ID: 1460 |ParentID: 812)
Stoppé! C:Program FilesAVAST SoftwareAvastAvastSvc.exe (ID: 1680 |ParentID: 552)
Stoppé! C:WindowsExplorer.EXE (ID: 1756 |ParentID: 1700)
Stoppé! C:WindowsSystem32spoolsv.exe (ID: 1880 |ParentID: 552)
Stoppé! C:Windowssystem32taskhost.exe (ID: 2012 |ParentID: 552)
Stoppé! C:Program FilesBonjourmDNSResponder.exe (ID: 356 |ParentID: 552)
Stoppé! C:Program FilesCommon FilesMicrosoft SharedVS7DEBUGMDM.EXE (ID: 896 |ParentID: 552)
Stoppé! C:Program FilesSpybot – Search & Destroy 2SDFSSvc.exe (ID: 1776 |ParentID: 552)
Stoppé! C:Windowssystem32taskeng.exe (ID: 2332 |ParentID: 1088)
Stoppé! C:Program FilesNVIDIA CorporationDisplaynvtray.exe (ID: 2860 |ParentID: 1452)
Stoppé! C:Program FilesTRENDnetTEW-649UBWlanWpsSvc.exe (ID: 2908 |ParentID: 552)
Stoppé! C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSVC.EXE (ID: 2944 |ParentID: 552)
Stoppé! C:Program FilesSpybot – Search & Destroy 2SDUpdSvc.exe (ID: 3040 |ParentID: 552)
Stoppé! C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSvcM.exe (ID: 3104 |ParentID: 2944)
Stoppé! C:Program FilesSpybot – Search & Destroy 2SDWSCSvc.exe (ID: 3220 |ParentID: 552)
Stoppé! C:WindowsSystem32WUDFHost.exe (ID: 3872 |ParentID: 1008)
Stoppé! C:Program FilesAVAST SoftwareAvastavastui.exe (ID: 1612 |ParentID: 1756)
Stoppé! C:Program FilesHPHP Software UpdatehpwuSchd2.exe (ID: 404 |ParentID: 1756)
Stoppé! C:Program FilesHPDigital Imagingbinhpqtra08.exe (ID: 2592 |ParentID: 1756)
Stoppé! C:Windowssystem32SearchIndexer.exe (ID: 4000 |ParentID: 552)
Stoppé! C:Program FilesWindows Media Playerwmpnetwk.exe (ID: 2632 |ParentID: 552)
Stoppé! C:Program FilesHPDigital ImagingbinhpqSTE08.exe (ID: 4316 |ParentID: 2592)
Stoppé! C:Program FilesHPDigital Imagingbinhpqbam08.exe (ID: 4408 |ParentID: 728)
Stoppé! C:Program FilesHPDigital Imagingbinhpqgpc01.exe (ID: 4440 |ParentID: 728)
Stoppé! C:Windowssystem32DllHost.exe (ID: 4704 |ParentID: 728)
Stoppé! C:WindowsservicingTrustedInstaller.exe (ID: 3140 |ParentID: 552)
Stoppé! C:Program FilesHPHP Software UpdateHPWUCli.exe (ID: 3428 |ParentID: 404)
Stoppé! C:Program FilesMozilla Thunderbirdthunderbird.exe (ID: 1276 |ParentID: 1756)
Stoppé! C:Program FilesMozilla Firefoxfirefox.exe (ID: 5796 |ParentID: 1276)
Stoppé! C:Program FilesMozilla Firefoxplugin-container.exe (ID: 4196 |ParentID: 5796)
Stoppé! C:Windowssystem32MacromedFlashFlashPlayerPlugin_11_9_900_117.exe (ID: 4740 |ParentID: 4196)
Stoppé! C:Windowssystem32MacromedFlashFlashPlayerPlugin_11_9_900_117.exe (ID: 4768 |ParentID: 4740)

################## | Regedit Run |

04 – HKLMSOFTWARE | Run : [AvastUI.exe] – “C:Program FilesAVAST SoftwareAvastAvastUI.exe” /nogui
04 – HKLMSOFTWARE | Run : [hpqSRMon] – C:Program FilesHPDigital ImagingbinhpqSRMon.exe
04 – HKLMSOFTWARE | Run : [HP Software Update] – C:Program FilesHPHP Software UpdateHPWuSchd2.exe
04 – HKLMSOFTWARE | RunOnce : [] –
04 – HKUS-1-5-19SOFTWARE | Run : [Sidebar] – %ProgramFiles%Windows SidebarSidebar.exe /autoRun
04 – HKUS-1-5-20SOFTWARE | Run : [Sidebar] – %ProgramFiles%Windows SidebarSidebar.exe /autoRun
04 – HKUS-1-5-21-2971247320-2505455980-644888479-1000SOFTWARE | Run : [Spybot-S&D Cleaning] – “C:Program FilesSpybot – Search & Destroy 2SDCleaner.exe” /autoclean
04 – HKUS-1-5-19SOFTWARE | RunOnce : [mctadmin] – C:WindowsSystem32mctadmin.exe
04 – HKUS-1-5-20SOFTWARE | RunOnce : [mctadmin] – C:WindowsSystem32mctadmin.exe

################## | Recherche générique |

Supprimé! C:UsersACERAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupiTunesHelper.vbe
Supprimé! C:UsersACERAppDataLocalTempiTunesHelper.vbe

(!) Fichiers temporaires supprimés.

################## | Référence de comparaison MD5 |

Md5 : 32BEF3BB4B558ADE6CF41113628FC86D -> C:UsersACERAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupiTunesHelper.vbe
Md5 : 32BEF3BB4B558ADE6CF41113628FC86D -> C:UsersACERAppDataLocalTempiTunesHelper.vbe

################## | Comparaison MD5 |

################## | Registre |

Supprimé! HKUS-1-5-21-2971247320-2505455980-644888479-1000Software….Mountpoints2{8e6edbdc-eab6-11e0-96c8-806e6f6e6963}
Supprimé! HKUS-1-5-21-2971247320-2505455980-644888479-1000Software….Mountpoints2{cd72cf67-8983-11e1-a49b-001d9205e1a4}
Supprimé! HKUS-1-5-21-2971247320-2505455980-644888479-1000Software….Mountpoints2{e91e2756-0dd5-11e1-a8b1-001d9205e1a4}

################## | Listing |

[22/01/2012 – 09:47:02 | SHD ] C:$Recycle.Bin
[10/06/2009 – 22:42:20 | N | 24] C:autoexec.bat
[14/11/2013 – 09:21:13 | HD ] C:Config.Msi
[10/06/2009 – 22:42:20 | N | 10] C:config.sys
[14/07/2009 – 05:53:55 | SHD ] C:Documents and Settings
[15/11/2013 – 10:09:02 | ASH | 2616893440] C:hiberfil.sys
[06/10/2011 – 09:44:05 | RHD ] C:MSOCache
[29/09/2011 – 18:47:51 | D ] C:NVIDIA
[15/11/2013 – 10:09:02 | ASH | 3489193984] C:pagefile.sys
[14/07/2009 – 03:37:05 | D ] C:PerfLogs
[07/11/2013 – 11:02:10 | D ] C:Program Files
[07/11/2013 – 10:17:06 | HD ] C:ProgramData
[29/09/2011 – 17:27:48 | SHD ] C:Recovery
[25/07/2013 – 15:11:13 | D ] C:Riot Games
[09/08/2013 – 09:20:04 | D ] C:sn0wbreeze
[14/11/2013 – 09:16:57 | SHD ] C:System Volume Information
[14/04/2013 – 16:40:13 | D ] C:Temp
[15/11/2013 – 10:24:39 | D ] C:UsbFix
[15/11/2013 – 10:24:40 | A | 7042] C:UsbFix [Clean 1] ACER-PC.txt
[29/09/2011 – 18:49:41 | RD ] C:Users
[14/11/2013 – 16:35:38 | D ] C:Windows
[03/11/2013 – 21:05:46 | SHD ] E:$RECYCLE.BIN
[03/11/2013 – 20:53:36 | SHD ] E:System Volume Information
[24/10/2011 – 15:41:47 | SHD ] I:$RECYCLE.BIN
[12/02/2010 – 16:38:51 | D ] I:jeux ds
[13/05/2013 – 10:08:22 | D ] I:jeux pc
[17/02/2013 – 20:18:45 | D ] I:MUSICS
[13/05/2013 – 10:07:37 | D ] I:photos
[02/08/2009 – 15:59:33 | D ] I:psp
[28/09/2008 – 21:46:35 | SHD ] I:RECYCLER
[24/10/2012 – 19:13:00 | D ] I:sospc
[28/09/2008 – 18:32:56 | SHD ] I:System Volume Information
[11/11/2012 – 17:12:26 | D ] I:wii
[11/11/2012 – 17:15:09 | D ] I:xbox360

################## | Vaccin |

(!) Cet ordinateur n’est pas vacciné!

################## | E.O.F | http://www.usbfix.net” onclick=”window.open(this.href);return false; – https://www.sosvirus.net” onclick=”window.open(this.href);return false; |