Répondre à : Redirection des brozsers sur des sites pub 2016-09-08T13:38:54+00:00
belarbi
Participant
Post count: 5

Désolé!!!! Voici le rapport Nettoyage.

############################## | UsbFix V 7.170 | [Nettoyage]

Utilisateur: IBM (Administrateur) # IBM-PC
Mis à jour le 04/05/2014 par El Desaparecido – SosVirus
Lancé à 17:09:47 | 06/05/2014

Site Web : http://www.usbfix.net/” onclick=”window.open(this.href);return false;
Changelog : http://www.usbfix.net/maj/” onclick=”window.open(this.href);return false;
Assistance : forum-virus-securite.html
Upload Malware : upload_malware.php
Contact : http://www.usbfix.net/contact/” onclick=”window.open(this.href);return false;

PC: LENOVO (LENOVO)
CPU: Intel(R) Core(TM)2 CPU 4300 @ 1.80GHz
RAM -> [Total : 2038 Mo| Free : 1128 Mo]
Bios: LENOVO
Boot: Normal boot

OS: Microsoft Windows 7 Professionnel (6.1.7600 32-Bit)
WB: Windows Internet Explorer : 8.0.7600.16385
WB: Google Chrome : 34.0.1847.131
WB: Mozilla Firefox : 29.0

SC: Security Center [Enabled]
WU: Windows Update [Enabled]
AV: avast! Antivirus [(!) Disabled | Updated]
AS: Windows Defender [Enabled | (!) Outdated]
AS: avast! Antivirus [(!) Disabled | Updated]
FW: Windows FireWall [(!) Disabled]

C: (%systemdrive%) -> Disque fixe # 44 Go (21 Go libre(s) – 47%) [] # NTFS
D: -> Disque fixe # 30 Go (20 Go libre(s) – 68%) [] # NTFS
E: -> Disque amovible # 14 Go (5 Go libre(s) – 35%) [KINGSTON] # FAT32
F: -> CD-ROM
G: -> Disque amovible # 4 Go (4 Go libre(s) – 100%) [] # FAT32

################## | Processus Stoppés |

C:WindowsSystem32spoolsv.exe (ID: 1456|ParentID: 496|Système)
C:WindowsSystem32taskhost.exe (ID: 1756|ParentID: 496|IBM)
C:Windowsexplorer.exe (ID: 1780|ParentID: 1688|IBM)
C:Program FilesGoogleUpdate1.3.23.9GoogleCrashHandler.exe (ID: 448|ParentID: 324|Système)
C:Program FilesCommon FilesAdobeARM1.0armsvc.exe (ID: 1220|ParentID: 496|Système)
C:Program FilesCommon FilesJavaJava Updatejusched.exe (ID: 2216|ParentID: 1780|IBM)
C:WindowsSystem32wscript.exe (ID: 2324|ParentID: 2240|IBM)
C:WindowsSystem32wscript.exe (ID: 2424|ParentID: 2240|IBM)
C:Program FilesNeroToolsInCDNBHRegInCDSrv.exe (ID: 2604|ParentID: 496|Système)
C:Program FilesTeamViewerVersion9TeamViewer_Service.exe (ID: 2756|ParentID: 496|Système)
C:WindowsSystem32SearchIndexer.exe (ID: 3248|ParentID: 496|Système)
C:WindowsSystem32WUDFHost.exe (ID: 3480|ParentID: 892|SERVICE LOCAL)
C:Program FilesTeamViewerVersion9TeamViewer.exe (ID: 4064|ParentID: 2756|IBM)
C:Program FilesTeamViewerVersion9tv_w32.exe (ID: 3288|ParentID: 2756|Système)
C:Program FilesAdobeElements 12 OrganizerPhotoshopElementsFileAgent.exe (ID: 2952|ParentID: 496|Système)
C:Program FilesGoogleChromeApplicationchrome.exe (ID: 1140|ParentID: 1780|IBM)
C:Program FilesGoogleChromeApplicationchrome.exe (ID: 3212|ParentID: 1140|IBM)
C:WindowsSystem32taskhost.exe (ID: 1576|ParentID: 496|SERVICE LOCAL)

################## | Autorun |

################## | Recherche générique |

Supprimé! D:IBM.lnk
Supprimé! D:Music.lnk
Supprimé! D:Nouveau Dossier.lnk
Supprimé! E:Nouveau Dossier.lnk
Supprimé! E:IBM.lnk
Supprimé! G:Nouveau Dossier.lnk
Supprimé! G:IBM.lnk
Supprimé! D:bin.doc
Supprimé! D:bizo.doc
Supprimé! D:img.jpg
Supprimé! E:bin.doc
Supprimé! E:bizo.doc
Supprimé! E:img.jpg
Supprimé! G:bin.doc
Supprimé! G:bizo.doc
Supprimé! G:img.jpg

(!) Fichiers temporaires supprimés.

################## | Registre |

################## | Regedit Run |

F2 – HKLM..Winlogon : [Shell] explorer.exe
F2 – HKLM..Winlogon : [Userinit] C:Windowssystem32userinit.exe,
04 – HKLM..Run : [AvastUI.exe] “C:Program FilesAVAST SoftwareAvastAvastUI.exe” /nogui
04 – HKLM..Run : [SunJavaUpdateSched] “C:Program FilesCommon FilesJavaJava Updatejusched.exe”
04 – HKUS-1-5-19..Run : [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /autoRun
04 – HKUS-1-5-20..Run : [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /autoRun
04 – HKUS-1-5-19..RunOnce : [mctadmin] C:WindowsSystem32mctadmin.exe
04 – HKUS-1-5-20..RunOnce : [mctadmin] C:WindowsSystem32mctadmin.exe

################## | Listing |

[05/02/2014 – 16:34:26 | SHD] – C:$Recycle.Bin
[06/05/2014 – 00:34:41 | D] – C:AdwCleaner
[09/02/2014 – 14:16:53 | N | 1 Ko] – C:AMTAG.BIN
[10/06/2009 – 22:42:20 | A | 0 Ko] – C:autoexec.bat
[06/05/2014 – 14:12:03 | D] – C:Config.Msi
[10/06/2009 – 22:42:20 | N | 0 Ko] – C:config.sys
[14/07/2009 – 05:53:55 | SHD] – C:Documents and Settings
[06/05/2014 – 16:27:04 | ASH | 1565412 Ko] – C:hiberfil.sys
[03/05/2014 – 22:42:26 | RHD] – C:MSOCache
[06/05/2014 – 16:27:03 | ASH | 2087216 Ko] – C:pagefile.sys
[14/07/2009 – 03:37:05 | D] – C:PerfLogs
[23/04/2014 – 18:39:16 | N | 1 Ko] – C:PhysicalDisk0_MBR.bin
[06/05/2014 – 13:05:41 | D] – C:Program Files
[06/05/2014 – 13:05:42 | HD] – C:ProgramData
[05/02/2014 – 16:33:26 | SHD] – C:Recovery
[16/02/2014 – 14:27:10 | SHD] – C:System Volume Information
[06/05/2014 – 17:09:14 | D] – C:UsbFix
[21/04/2014 – 14:45:22 | D] – C:Users
[06/05/2014 – 14:14:10 | D] – C:Windows
[09/02/2014 – 15:22:23 | SHD] – D:$RECYCLE.BIN
[23/03/2014 – 18:00:37 | D] – D:Archives zineb
[22/09/2013 – 23:39:48 | N | 14 Ko] – D:AUTOEXE
[18/01/2014 – 14:51:42 | N | 41 Ko] – D:bookmarks_1_18_14.html
[22/09/2013 – 23:39:22 | N | 1 Ko] – D:boot
[04/05/2014 – 22:45:18 | D] – D:BUREAU
[16/03/2014 – 18:59:48 | N | 471 Ko] – D:decl_honneur.jpg
[23/02/2014 – 13:58:30 | D] – D:driver hp
[17/04/2014 – 17:30:17 | N | 12 Ko] – D:décl perte.docx
[28/02/2014 – 21:06:21 | N | 44 Ko] – D:favoris_28_02_14.html
[04/05/2014 – 22:44:38 | D] – D:Host
[06/05/2014 – 09:25:50 | D] – D:LOGICIELS
[04/05/2014 – 17:50:02 | D] – D:Nouveau dossier
[22/09/2013 – 23:39:34 | N | 3 Ko] – D:NTDETE
[22/09/2013 – 23:39:34 | N | 3 Ko] – D:Photo0.jpg
[22/09/2013 – 23:39:22 | N | 1 Ko] – D:pict.jpg
[08/09/2013 – 16:47:30 | N | 0 Ko] – D:system
[09/02/2014 – 14:37:54 | SHD] – D:System Volume Information
[16/08/2013 – 18:19:32 | N | 1 Ko] – D:Zain
[03/10/2013 – 08:08:02 | D] – E:ARCHIVES
[04/12/2013 – 12:56:24 | D] – E:Logiciels
[22/09/2013 – 23:39:34 | N | 3 Ko] – E:Photo0.jpg
[22/09/2013 – 23:39:22 | N | 1 Ko] – E:pict.jpg
[16/08/2013 – 18:19:32 | N | 1 Ko] – E:Zain
[22/09/2013 – 23:39:34 | N | 3 Ko] – G:Photo0.jpg
[22/09/2013 – 23:39:22 | N | 1 Ko] – G:pict.jpg
[16/08/2013 – 18:19:32 | N | 1 Ko] – G:Zain
[06/05/2014 – 15:36:22 | N | 1771 Ko] – G:Mur10000.jpg

################## | Vaccin |

D:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
E:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
G:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)

################## | E.O.F | https://www.sosvirus.net/” onclick=”window.open(this.href);return false; | http://www.usbfix.net/” onclick=”window.open(this.href);return false; |