Répondre à : ituneshelper.vbe 2016-09-08T13:22:12+00:00
Moussa
Participant
Nombre d'articles : 13

Merci pour votre rapidité, voici le rapport:

Spoiler for 1ucjm5c8

############################## | UsbFix V 7.152 | [Suppression]

Utilisateur: Jiba (Administrateur) # JIBA-PC
Mis à jour le 20/11/2013 par El Desaparecido – Team SosVirus
Lancé à 14:20:46 | 30/11/2013

Site Web : http://www.usbfix.net” onclick=”window.open(this.href);return false;
Forum : https://www.sosvirus.net/” onclick=”window.open(this.href);return false;
Upload Malware : upload_malware.php
Contact : http://www.usbfix.net/contact/” onclick=”window.open(this.href);return false;

PC: TOSHIBA (Portable PC)
CPU: Pentium(R) Dual-Core CPU T4500 @ 2.30GHz
RAM -> [Total : 2940 | Free : 1853]
Bios: INSYDE
Boot: Fail-safe boot

OS: Microsoft Windows 7 Édition Familiale Premium (6.1.7601 64-Bit) Service Pack 1
WB: Windows Internet Explorer : 11.0.9600.16428
WB: Google Chrome : 31.0.1650.57

SC: Security Center Service [Enabled]
WU: Windows Update Service [Enabled]
AV: avast! Antivirus [(!) Disabled | Updated]
AS: Windows Defender : 6.1.7600.16385 (win7_rtm.090713-1255)
AS: Malwarebytes' Anti-Malware : 1.75.0001
FW: Windows FireWall Service [(!) Disabled]

C: (%systemdrive%) -> Disque fixe # 466 Go (408 Go libre(s) – 88%) [] # NTFS
D: -> CD-ROM
F: -> Disque amovible # 7 Go (3 Go libre(s) – 45%) [FLO] # FAT32
G: -> CD-ROM
H: -> Disque amovible # 4 Go (3 Go libre(s) – 73%) [TRAVAUXJF] # FAT32

################## | Processus Stoppés |

Stoppé! C:WindowsExplorer.EXE (ID: 1020 |ParentID: 1012)
Stoppé! C:Windowssystem32ctfmon.exe (ID: 288 |ParentID: 1020)
Stoppé! C:Windowssystem32DllHost.exe (ID: 1092 |ParentID: 576)

################## | Regedit Run |

04 – HKLMSOFTWARE | Run : [tvncontrol] – “C:Program Files (x86)Common FilesCOMODOGeekBuddyRSP.exe” -controlservice -slave
04 – HKLMSOFTWARE | Run : [AvastUI.exe] – “C:Program FilesAVAST SoftwareAvastAvastUI.exe” /nogui
04 – HKLMSOFTWARE | Run : [SunJavaUpdateSched] – “C:Program Files (x86)Common FilesJavaJava Updatejusched.exe”
04 – HKLMSOFTWARE | Run : [Adobe ARM] – “C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe”
04 – HKLMSOFTWARE | Run : [APSDaemon] – “C:Program Files (x86)Common FilesAppleApple Application SupportAPSDaemon.exe”
04 – HKLMSOFTWARE | Run : [iTunesHelper] – “C:Program Files (x86)iTunesiTunesHelper.exe”
04 – HKLMSOFTWARE | Run : [20131121] – C:Program FilesAVAST SoftwareAvastsetupemupdateeb16c699-0587-433b-b922-433f3eb0a70b.exe /check
04 – HKLMSOFTWAREwow6432Node | Run : [tvncontrol] – “C:Program Files (x86)Common FilesCOMODOGeekBuddyRSP.exe” -controlservice -slave
04 – HKLMSOFTWAREwow6432Node | Run : [AvastUI.exe] – “C:Program FilesAVAST SoftwareAvastAvastUI.exe” /nogui
04 – HKLMSOFTWAREwow6432Node | Run : [SunJavaUpdateSched] – “C:Program Files (x86)Common FilesJavaJava Updatejusched.exe”
04 – HKLMSOFTWAREwow6432Node | Run : [Adobe ARM] – “C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe”
04 – HKLMSOFTWAREwow6432Node | Run : [APSDaemon] – “C:Program Files (x86)Common FilesAppleApple Application SupportAPSDaemon.exe”
04 – HKLMSOFTWAREwow6432Node | Run : [iTunesHelper] – “C:Program Files (x86)iTunesiTunesHelper.exe”
04 – HKLMSOFTWAREwow6432Node | Run : [20131121] – C:Program FilesAVAST SoftwareAvastsetupemupdateeb16c699-0587-433b-b922-433f3eb0a70b.exe /check
04 – HKLMSOFTWARE | RunOnce : [] –
04 – HKLMSOFTWAREwow6432Node | RunOnce : [] –
04 – HKUS-1-5-19SOFTWARE | Run : [Sidebar] – %ProgramFiles%Windows SidebarSidebar.exe /autoRun
04 – HKUS-1-5-20SOFTWARE | Run : [Sidebar] – %ProgramFiles%Windows SidebarSidebar.exe /autoRun
04 – HKUS-1-5-19SOFTWARE | RunOnce : [mctadmin] – C:WindowsSystem32mctadmin.exe
04 – HKUS-1-5-20SOFTWARE | RunOnce : [mctadmin] – C:WindowsSystem32mctadmin.exe

################## | Recherche générique |

Supprimé! H:Article Bioch.lnk
Supprimé! H:iTunesHelper.vbe
Supprimé! H:SergeLeLama.vbs

(!) Fichiers temporaires supprimés.

################## | Référence de comparaison MD5 |

Md5 : AED4FAF279ABF7D7605E81707BE3CE64 -> H:iTunesHelper.vbe
Md5 : 304439A2E8278F31E4E42DD145C65B48 -> H:SergeLeLama.vbs

################## | Comparaison MD5 |

Supprimé! Md5 : AED4FAF279ABF7D7605E81707BE3CE64 -> C:VTRootHarddiskVolume2UsersJibaAppDataLocalTempiTunesHelper.vbe
Supprimé! Md5 : AED4FAF279ABF7D7605E81707BE3CE64 -> C:VTRootHarddiskVolume2UsersJibaAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupiTunesHelper.vbe

################## | Registre |

Réparé ! HKLMSOFTWAREMicrosoftWindowsCurrentVersionPoliciesExplorer|NoActiveDesktop -> 0
Réparé ! HKLMSOFTWAREMicrosoftWindowsCurrentVersionPoliciesExplorer|NoActiveDesktopChanges -> 0

################## | Listing |

[12/11/2013 – 22:04:05 | SHD ] C:$Recycle.Bin
[30/11/2013 – 12:40:07 | D ] C:AdwCleaner
[09/11/2013 – 15:58:18 | D ] C:Brother
[19/11/2013 – 17:39:04 | SHD ] C:Config.Msi
[14/07/2009 – 06:08:56 | SHD ] C:Documents and Settings
[12/11/2013 – 23:54:09 | D ] C:first_launch
[30/11/2013 – 14:19:36 | ASH | 2312089600] C:hiberfil.sys
[03/11/2013 – 13:18:18 | D ] C:Intel
[11/11/2013 – 20:05:39 | RHD ] C:MSOCache
[30/11/2013 – 14:19:39 | ASH | 3082788864] C:pagefile.sys
[14/07/2009 – 04:20:08 | D ] C:PerfLogs
[30/11/2013 – 12:50:12 | N | 512] C:PhysicalDisk0_MBR.bin
[17/11/2013 – 21:38:43 | D ] C:Program Files
[30/11/2013 – 12:18:59 | D ] C:Program Files (x86)
[30/11/2013 – 12:14:01 | HD ] C:ProgramData
[02/11/2013 – 20:33:21 | SHD ] C:Recovery
[26/11/2013 – 23:24:58 | SHD ] C:System Volume Information
[30/11/2013 – 14:24:58 | D ] C:UsbFix
[30/11/2013 – 12:57:05 | N | 781] C:UsbFix [Clean 2] JIBA-PC.txt
[30/11/2013 – 13:58:22 | N | 6547] C:UsbFix [Clean 4] JIBA-PC.txt
[30/11/2013 – 14:25:04 | A | 5699] C:UsbFix [Clean 6] JIBA-PC.txt
[30/11/2013 – 12:00:35 | N | 8698] C:UsbFix [Scan 1] JIBA-PC.txt
[02/11/2013 – 20:33:28 | RD ] C:Users
[11/11/2013 – 20:00:03 | D ] C:VTRoot
[30/11/2013 – 14:13:31 | D ] C:Windows
[06/10/2012 – 12:39:24 | RASH | 28160] F:Thumbs.db
[19/08/2011 – 12:46:52 | D ] F:Zik
[11/10/2012 – 20:35:24 | D ] F:Ipod (Jibi)
[29/11/2013 – 20:49:00 | D ] F:installation
[11/10/2012 – 20:35:24 | D ] F:dossier gaël
[01/12/2011 – 14:02:54 | SHD ] F:.Spotlight-V100
[14/05/2012 – 15:42:48 | D ] F:.fseventsd
[26/07/2012 – 11:42:54 | D ] H:Travaux scolaires
[09/11/2013 – 15:54:56 | N | 11738] H:Le Jeu, le jouet et le jouer.odt
[12/03/2013 – 18:40:06 | D ] H:Article Bioch

################## | Vaccin |

F:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
H:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)

################## | E.O.F | http://www.usbfix.net” onclick=”window.open(this.href);return false; – https://www.sosvirus.net” onclick=”window.open(this.href);return false; |[/spoiler:1ucjm5c8]