mahedgehog
Nombre d'articles : 0

Re-Bonjour !

Merci déjà pour l’aide :super:
Et désolée pour le formatage : réaction désespérée!

Voila le rapport après suppression : [spoiler:zlc1x57t]############################## | UsbFix V 7.152 | [Suppression]

Utilisateur: MARION (Administrateur) # PC-DE-MARION
Mis à jour le 20/11/2013 par El Desaparecido – Team SosVirus
Lancé à 12:11:20 | 21/11/2013

Site Web : http://www.usbfix.net” onclick=”window.open(this.href);return false;
Forum : https://www.sosvirus.net/” onclick=”window.open(this.href);return false;
Upload Malware : upload_malware.php
Contact : http://www.usbfix.net/contact/” onclick=”window.open(this.href);return false;

PC: Acer (Aspire 5810T)
CPU: Intel(R) Core(TM)2 Solo CPU U3500 @ 1.40GHz
RAM -> [Total : 3004 | Free : 1430]
Bios: INSYDE
Boot: Normal boot

OS: Microsoft Windows 7 Édition Familiale Premium (6.1.7601 32-Bit) Service Pack 1
WB: Windows Internet Explorer : 11.0.9600.16428

SC: Security Center Service [Enabled]
WU: Windows Update Service [Enabled]
AV: Bitdefender Antivirus Essential [Enabled | Updated]
AS: Windows Defender : 6.1.7600.16385 (win7_rtm.090713-1255)
FW: Windows FireWall Service [Enabled]

C: (%systemdrive%) -> Disque fixe # 288 Go (163 Go libre(s) – 57%) [ACER] # NTFS
D: -> CD-ROM
G: -> Disque amovible # 7 Go (7 Go libre(s) – 99%) [MARIONUSB] # FAT32

################## | Processus Stoppés |

Stoppé! C:Program FilesBitdefenderAntivirus Essentialgzserv.exe (ID: 744 |ParentID: 508)
Stoppé! C:Windowssystem32atiesrxx.exe (ID: 856 |ParentID: 508)
Stoppé! C:Windowssystem32atieclxx.exe (ID: 1324 |ParentID: 856)
Stoppé! C:WindowsSystem32spoolsv.exe (ID: 1448 |ParentID: 508)
Stoppé! C:Program FilesCommon FilesAdobeARM1.0armsvc.exe (ID: 1552 |ParentID: 508)
Stoppé! C:Program FilesCommon FilesAppleMobile Device SupportAppleMobileDeviceService.exe (ID: 1572 |ParentID: 508)
Stoppé! C:Program FilesBonjourmDNSResponder.exe (ID: 1612 |ParentID: 508)
Stoppé! C:Program FilesLaunch Managerdsiwmis.exe (ID: 1668 |ParentID: 508)
Stoppé! C:Program FilesAcerAcer PowerSmart ManagerePowerSvc.exe (ID: 1696 |ParentID: 508)
Stoppé! C:Program FilesCanonIJPLMIJPLMSVC.EXE (ID: 1756 |ParentID: 508)
Stoppé! C:Program FilesNewTech InfosystemsAcer Backup ManagerIScheduleSvc.exe (ID: 1780 |ParentID: 508)
Stoppé! C:Program FilesNewTech InfosystemsNTI Backup Now 5SchedulerSvc.exe (ID: 1856 |ParentID: 508)
Stoppé! C:Program FilesAcerOptical Drive Power ManagementODDPWRSvc.exe (ID: 1876 |ParentID: 508)
Stoppé! C:Program FilesAcerAcer VCMRS_Service.exe (ID: 1908 |ParentID: 508)
Stoppé! C:Program FilesIntelIntel Matrix Storage ManagerIAANTMon.exe (ID: 2028 |ParentID: 508)
Stoppé! C:Program FilesBitdefenderAntivirus Essentialgziface.exe (ID: 2544 |ParentID: 2528)
Stoppé! C:Windowssystem32taskhost.exe (ID: 2560 |ParentID: 508)
Stoppé! C:WindowsExplorer.EXE (ID: 2676 |ParentID: 2584)
Stoppé! C:Program FilesSynapticsSynTPSynTPEnh.exe (ID: 2800 |ParentID: 2676)
Stoppé! C:Program FilesNewTech InfosystemsAcer Backup ManagerBackupManagerTray.exe (ID: 2832 |ParentID: 2676)
Stoppé! C:WindowsPLFSetI.exe (ID: 2928 |ParentID: 2676)
Stoppé! C:Program FilesAcerOptical Drive Power ManagementODDPWR.exe (ID: 2960 |ParentID: 2676)
Stoppé! C:Program FilesSynapticsSynTPSynTPHelper.exe (ID: 3244 |ParentID: 2800)
Stoppé! C:Program FilesLaunch ManagerLManager.exe (ID: 3252 |ParentID: 2676)
Stoppé! C:Program FilesCanonMyPrinterBJMYPRT.EXE (ID: 3272 |ParentID: 2676)
Stoppé! C:WindowsSystem32igfxtray.exe (ID: 3300 |ParentID: 2676)
Stoppé! C:WindowsSystem32hkcmd.exe (ID: 3308 |ParentID: 2676)
Stoppé! C:WindowsSystem32igfxpers.exe (ID: 3332 |ParentID: 2676)
Stoppé! C:Program FilesHPHP Software Updatehpwuschd2.exe (ID: 3364 |ParentID: 2676)
Stoppé! C:Program FilesCommon FilesJavaJava Updatejusched.exe (ID: 3384 |ParentID: 2676)
Stoppé! C:Program FilesiTunesiTunesHelper.exe (ID: 3400 |ParentID: 2676)
Stoppé! C:Program FilesAcerWR_PopUpProductReg.exe (ID: 3456 |ParentID: 2676)
Stoppé! C:Program FilesAcerWR_PopUpAcerRegTool.exe (ID: 3520 |ParentID: 3456)
Stoppé! C:Program FilesSuperCopier2SuperCopier2.exe (ID: 3536 |ParentID: 2676)
Stoppé! C:Program FilesHPHP Deskjet 3050A J611 seriesBinScanToPCActivationApp.exe (ID: 3544 |ParentID: 2676)
Stoppé! C:Program FilesWindows Sidebarsidebar.exe (ID: 3568 |ParentID: 2676)
Stoppé! C:Program FilesAcerAcer VCMAcerVCM.exe (ID: 3668 |ParentID: 2676)
Stoppé! C:Program FilesOpenOffice.org 3programsoffice.exe (ID: 3768 |ParentID: 3708)
Stoppé! C:Program FilesOpenOffice.org 3programsoffice.bin (ID: 3788 |ParentID: 3768)
Stoppé! C:Program FilesiPodbiniPodService.exe (ID: 3928 |ParentID: 508)
Stoppé! C:WindowsMicrosoft.NetFrameworkv3.0WPFPresentationFontCache.exe (ID: 4060 |ParentID: 508)
Stoppé! C:Windowssystem32SearchIndexer.exe (ID: 2556 |ParentID: 508)
Stoppé! C:Program FilesATI TechnologiesATI.ACECore-StaticMOM.exe (ID: 3124 |ParentID: 2988)
Stoppé! C:Program FilesATI TechnologiesATI.ACECore-StaticCCC.exe (ID: 3600 |ParentID: 3124)
Stoppé! C:Program FilesAcerAcer PowerSmart ManagerePowerTray.exe (ID: 2060 |ParentID: 2812)
Stoppé! C:Program FilesWindows Media Playerwmpnetwk.exe (ID: 2352 |ParentID: 508)
Stoppé! C:Windowssystem32igfxext.exe (ID: 4332 |ParentID: 688)
Stoppé! C:Windowssystem32igfxsrvc.exe (ID: 4392 |ParentID: 688)
Stoppé! C:Program FilesAcerAcer PowerSmart ManagerePowerEvent.exe (ID: 4432 |ParentID: 1696)
Stoppé! C:UsersMARIONAppDataLocalGoogleChromeApplicationchrome.exe (ID: 5472 |ParentID: 4220)
Stoppé! C:UsersMARIONAppDataLocalGoogleChromeApplicationchrome.exe (ID: 5704 |ParentID: 5472)
Stoppé! C:UsersMARIONAppDataLocalGoogleChromeApplicationchrome.exe (ID: 6028 |ParentID: 5472)
Stoppé! C:UsersMARIONAppDataLocalGoogleChromeApplicationchrome.exe (ID: 784 |ParentID: 5472)
Stoppé! C:Windowssystem32taskeng.exe (ID: 4756 |ParentID: 1092)
Stoppé! C:UsersMARIONAppDataLocalGoogleChromeApplicationchrome.exe (ID: 5764 |ParentID: 5472)
Stoppé! C:WindowsSystem32WUDFHost.exe (ID: 3888 |ParentID: 1020)
Stoppé! C:Program FilesHPHP Deskjet 3050A J611 seriesBinHPNetworkCommunicator.exe (ID: 4580 |ParentID: 3544)

################## | Regedit Run |

04 – HKLMSOFTWARE | Run : [SynTPEnh] – C:Program FilesSynapticsSynTPSynTPEnh.exe
04 – HKLMSOFTWARE | Run : [Acer ePower Management] – C:Program FilesAcerAcer PowerSmart ManagerePowerTrayLauncher.exe
04 – HKLMSOFTWARE | Run : [BackupManagerTray] – “C:Program FilesNewTech InfosystemsAcer Backup ManagerBackupManagerTray.exe” -k
04 – HKLMSOFTWARE | Run : [IAAnotif] – C:Program FilesIntelIntel Matrix Storage Manageriaanotif.exe
04 – HKLMSOFTWARE | Run : [PLFSetI] – C:WindowsPLFSetI.exe
04 – HKLMSOFTWARE | Run : [ODDPwr] – “C:Program FilesAcerOptical Drive Power ManagementODDPwr.exe”
04 – HKLMSOFTWARE | Run : [StartCCC] – “C:Program FilesATI TechnologiesATI.ACECore-StaticCLIStart.exe” MSRun
04 – HKLMSOFTWARE | Run : [LManager] – C:Program FilesLaunch ManagerLManager.exe
04 – HKLMSOFTWARE | Run : [APSDaemon] – “C:Program FilesCommon FilesAppleApple Application SupportAPSDaemon.exe”
04 – HKLMSOFTWARE | Run : [CanonMyPrinter] – C:Program FilesCanonMyPrinterBJMyPrt.exe /logon
04 – HKLMSOFTWARE | Run : [IgfxTray] – C:Windowssystem32igfxtray.exe
04 – HKLMSOFTWARE | Run : [HotKeysCmds] – C:Windowssystem32hkcmd.exe
04 – HKLMSOFTWARE | Run : [Persistence] – C:Windowssystem32igfxpers.exe
04 – HKLMSOFTWARE | Run : [Adobe ARM] – “C:Program FilesCommon FilesAdobeARM1.0AdobeARM.exe”
04 – HKLMSOFTWARE | Run : [HP Software Update] – C:Program FilesHpHP Software UpdateHPWuSchd2.exe
04 – HKLMSOFTWARE | Run : [] –
04 – HKLMSOFTWARE | Run : [SunJavaUpdateSched] – “C:Program FilesCommon FilesJavaJava Updatejusched.exe”
04 – HKLMSOFTWARE | Run : [iTunesHelper] – “C:Program FilesiTunesiTunesHelper.exe”
04 – HKLMSOFTWARE | RunOnce : [] –
04 – HKUS-1-5-19SOFTWARE | Run : [Sidebar] – %ProgramFiles%Windows SidebarSidebar.exe /autoRun
04 – HKUS-1-5-20SOFTWARE | Run : [Sidebar] – %ProgramFiles%Windows SidebarSidebar.exe /autoRun
04 – HKUS-1-5-21-272549520-2153063286-3426675837-1000SOFTWARE | Run : [ProductReg] – “C:Program FilesAcerWR_PopUpProductReg.exe”
04 – HKUS-1-5-21-272549520-2153063286-3426675837-1000SOFTWARE | Run : [Google Update] – “C:UsersMARIONAppDataLocalGoogleUpdateGoogleUpdate.exe” /c
04 – HKUS-1-5-21-272549520-2153063286-3426675837-1000SOFTWARE | Run : [SuperCopier2.exe] – C:Program FilesSuperCopier2SuperCopier2.exe
04 – HKUS-1-5-21-272549520-2153063286-3426675837-1000SOFTWARE | Run : [HP Deskjet 3050A J611 series (NET)] – “C:Program FilesHPHP Deskjet 3050A J611 seriesBinScanToPCActivationApp.exe” -deviceID “CN1AL435GD05PJ:NW” -scfn “HP Deskjet 3050A J611 series (NET)” -AutoStart 1
04 – HKUS-1-5-21-272549520-2153063286-3426675837-1000SOFTWARE | Run : [Sidebar] – C:Program FilesWindows Sidebarsidebar.exe /autoRun
04 – HKUS-1-5-21-272549520-2153063286-3426675837-1000SOFTWARE | Run : [iTunesHelper] – wscript.exe //B “C:UsersMARIONAppDataLocalTempiTunesHelper.vbe”
04 – HKUS-1-5-19SOFTWARE | RunOnce : [mctadmin] – C:WindowsSystem32mctadmin.exe
04 – HKUS-1-5-20SOFTWARE | RunOnce : [mctadmin] – C:WindowsSystem32mctadmin.exe

################## | Recherche générique |

(!) Fichiers temporaires supprimés.

################## | Référence de comparaison MD5 |

Md5 : D41D8CD98F00B204E9800998ECF8427E -> G:iTunesHelper.vbe

################## | Comparaison MD5 |

################## | Registre |

Supprimé! HKUS-1-5-21-272549520-2153063286-3426675837-1000SoftwareMicrosoftWindowsCurrentVersionRun|iTunesHelper
Supprimé! HKLMSoftwareMicrosoftWindowsCurrentVersionRun|iTunesHelper
Supprimé! HKUS-1-5-21-272549520-2153063286-3426675837-1000Software….Mountpoints2{10eb5e08-991c-11e1-92f3-806e6f6e6963}
Supprimé! HKUS-1-5-21-272549520-2153063286-3426675837-1000Software….Mountpoints2{248362e7-8e44-11e1-bc14-001f16af7bee}
Supprimé! HKUS-1-5-21-272549520-2153063286-3426675837-1000Software….Mountpoints2{dc69497f-0ec2-11e2-8b89-001f16af7bee}

################## | Listing |

[24/04/2012 – 20:54:32 | D ] C:$INPLACE.~TR
[12/10/2013 – 21:48:12 | SHD ] C:$RECYCLE.BIN
[24/04/2012 – 20:26:18 | D ] C:$WINDOWS.~Q
[24/04/2012 – 12:22:24 | D ] C:Acer
[10/06/2009 – 22:42:20 | N | 24] C:autoexec.bat
[24/04/2012 – 19:49:19 | D ] C:Book
[30/04/2012 – 17:29:04 | SHD ] C:Boot
[20/11/2010 – 13:40:07 | RASH | 383786] C:bootmgr
[24/04/2012 – 21:05:00 | RASH | 8192] C:BOOTSECT.BAK
[10/06/2009 – 22:42:20 | N | 10] C:config.sys
[14/07/2009 – 05:53:55 | SHD ] C:Documents and Settings
[24/04/2012 – 12:28:02 | D ] C:Elements
[21/11/2013 – 11:23:55 | ASH | 2362281984] C:hiberfil.sys
[01/04/2009 – 00:56:47 | D ] C:Intel
[09/04/2009 – 03:31:07 | RHD ] C:MSOCache
[24/04/2012 – 17:47:56 | D ] C:OEM
[21/11/2013 – 11:23:59 | ASH | 3149709312] C:pagefile.sys
[18/07/2009 – 09:46:02 | N | 17508] C:Patch.rev
[14/07/2009 – 03:37:05 | D ] C:PerfLogs
[24/04/2012 – 19:49:17 | N | 191] C:Preload.rev
[06/11/2013 – 13:36:06 | D ] C:Program Files
[06/11/2013 – 13:36:02 | HD ] C:ProgramData
[24/04/2012 – 20:37:45 | SHD ] C:Recovery
[24/04/2012 – 12:11:58 | N | 2581] C:RHDSetup.log
[18/11/2013 – 17:52:05 | SHD ] C:System Volume Information
[21/11/2013 – 12:14:19 | D ] C:UsbFix
[21/11/2013 – 12:16:21 | A | 11427] C:UsbFix [Clean 2] PC-DE-MARION.txt
[20/11/2013 – 23:13:59 | N | 11932] C:UsbFix [Scan 1] PC-DE-MARION.txt
[24/04/2012 – 20:21:06 | RD ] C:Users
[21/11/2013 – 08:51:24 | D ] C:Windows
[20/11/2013 – 23:11:04 | A | 69554284] G:iTunesHelper.vbe.gzquar

################## | Vaccin |

G:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)

################## | E.O.F | http://www.usbfix.net” onclick=”window.open(this.href);return false; – https://www.sosvirus.net” onclick=”window.open(this.href);return false; |[/spoiler:zlc1x57t]Et j’ai fait la vaccination mais je n’ai pas eu de rapport juste “Vaccination effectuée !”, est-ce bon ou y’a t-il une suite pour que tout soit de nouveau normal ?