Répondre à : ituneshelper.vbe le retour 2016-09-08T13:44:41+00:00
dante
Participant
Post count: 37

Et voici!

############################## | UsbFix V 7.171 | [Recherche]

Utilisateur: HP_Administrateur (Administrateur) # THIBAUT
Mis à jour le 18/05/2014 par El Desaparecido – SosVirus
Lancé à 17:53:30 | 08/06/2014

Site Web : http://www.usbfix.net/
Changelog : http://www.usbfix.net/maj/
Assistance : https://www.sosvirus.net/aide-nettoyage-pc/
Upload Malware : https://www.sosvirus.net/upload_malware.php
Contact : http://www.usbfix.net/contact/

PC: ASUSTeK Computer INC. (Bailey)
CPU: Intel(R) Pentium(R) 4 CPU 3.00GHz
CPU: Intel(R) Pentium(R) 4 CPU 3.00GHz
RAM -> [Total : 1023 Mo| Free : 168 Mo]
Bios: American Megatrends Inc.
Boot: Normal boot

OS: Microsoft Windows XP Professionnel (5.1.2600 32-Bit) Service Pack 2
WB: Windows Internet Explorer : 6.0.2900.2180
WB: Mozilla Firefox : 16.0.1
WB: Safari : 534.57.2

SC: Security Center [Enabled]
WU: Windows Update [Enabled]
FW: Windows FireWall [Enabled]
AS: Malwarebytes’ Anti-Malware : 1.75.0001

C: (%SystemDrive%) -> Disque fixe # 186 Go (14 Go libre(s) – 8%) [HP_PAVILION] # NTFS
D: -> CD-ROM
E: -> CD-ROM
F: -> Disque amovible # 7 Go (27 Mo libre(s) – 0%) [THIBAUT LEM] # FAT32
I: -> CD-ROM

################## | Processus Actif |

C:WINDOWSsystem32smss.exe (ID: 680|ParentID: 4|SYSTEM)
C:WINDOWSsystem32csrss.exe (ID: 788|ParentID: 680|SYSTEM)
C:WINDOWSsystem32winlogon.exe (ID: 812|ParentID: 680|SYSTEM)
C:WINDOWSsystem32services.exe (ID: 860|ParentID: 812|SYSTEM)
C:WINDOWSsystem32lsass.exe (ID: 872|ParentID: 812|SYSTEM)
C:WINDOWSsystem32ati2evxx.exe (ID: 1048|ParentID: 860|SYSTEM)
C:WINDOWSsystem32svchost.exe (ID: 1064|ParentID: 860|SYSTEM)
C:WINDOWSsystem32svchost.exe (ID: 1140|ParentID: 860|SERVICE RÉSEAU)
C:WINDOWSsystem32svchost.exe (ID: 1236|ParentID: 860|SYSTEM)
C:WINDOWSsystem32svchost.exe (ID: 1304|ParentID: 860|SERVICE RÉSEAU)
C:WINDOWSsystem32svchost.exe (ID: 1436|ParentID: 860|SERVICE LOCAL)
C:WINDOWSsystem32spoolsv.exe (ID: 1648|ParentID: 860|SYSTEM)
C:Program FilesAviraAntiVir Desktopsched.exe (ID: 1724|ParentID: 860|SYSTEM)
C:WINDOWSsystem32svchost.exe (ID: 1768|ParentID: 860|SERVICE LOCAL)
C:WINDOWSsystem32ati2evxx.exe (ID: 212|ParentID: 812|HP_Administrateur)
C:WINDOWSexplorer.exe (ID: 296|ParentID: 252|HP_Administrateur)
C:Program FilesFichiers communsAcronisSchedule2schedul2.exe (ID: 364|ParentID: 860|SYSTEM)
C:Program FilesAviraAntiVir Desktopavguard.exe (ID: 400|ParentID: 860|SYSTEM)
C:Program FilesFichiers communsAppleMobile Device SupportAppleMobileDeviceService.exe (ID: 500|ParentID: 860|SYSTEM)
C:Program FilesBonjourmDNSResponder.exe (ID: 552|ParentID: 860|SYSTEM)
C:Program FilesAviraAntiVir Desktopavshadow.exe (ID: 652|ParentID: 400|SYSTEM)
C:Program FilesExecutive SoftwareDiskeeperDkService.exe (ID: 772|ParentID: 860|SYSTEM)
C:Program FilesAviraAntiVir Desktopavgnt.exe (ID: 1264|ParentID: 296|HP_Administrateur)
C:WINDOWSehomeehRecvr.exe (ID: 1284|ParentID: 860|SYSTEM)
C:Program FilesKaspersky LabKaspersky Security Scan 2.0kss.exe (ID: 1288|ParentID: 296|HP_Administrateur)
C:WINDOWSehomeehSched.exe (ID: 1544|ParentID: 860|SYSTEM)
C:Program FilesJavajre7binjqs.exe (ID: 2040|ParentID: 860|SYSTEM)
C:Program FilesKaspersky LabKaspersky Security Scan 2.0kss.exe (ID: 1604|ParentID: 860|SYSTEM)
C:Program FilesFichiers communsLightScribeLSSrvc.exe (ID: 776|ParentID: 860|SYSTEM)
C:Program FilesMicrosoftSearch Enhancement PackSeaPortSeaPort.exe (ID: 1468|ParentID: 860|SYSTEM)
C:Program FilesSFRGestionnaire de ConnexionSFR.DashBoard.Service.exe (ID: 2304|ParentID: 860|SYSTEM)
C:WINDOWSsystem32svchost.exe (ID: 2500|ParentID: 860|SYSTEM)
C:Program FilesThreatFireTFService.exe (ID: 2712|ParentID: 860|SYSTEM)
C:WINDOWSsystem32WTSVC.exe (ID: 2920|ParentID: 860|SYSTEM)
C:WINDOWSsystem32alg.exe (ID: 672|ParentID: 860|SERVICE LOCAL)
C:WINDOWSsystem32wbemwmiprvse.exe (ID: 360|ParentID: 1064|SYSTEM)
C:Documents and SettingsHP_AdministrateurLocal SettingsApplication DataGoogleChromeApplicationchrome.exe (ID: 3048|ParentID: 296|HP_Administrateur)
C:Documents and SettingsHP_AdministrateurLocal SettingsApplication DataGoogleChromeApplicationchrome.exe (ID: 3596|ParentID: 3048|HP_Administrateur)
C:Documents and SettingsHP_AdministrateurLocal SettingsApplication DataGoogleChromeApplicationchrome.exe (ID: 404|ParentID: 3048|HP_Administrateur)
C:Documents and SettingsHP_AdministrateurLocal SettingsApplication DataGoogleChromeApplicationchrome.exe (ID: 3964|ParentID: 3048|HP_Administrateur)
C:Documents and SettingsHP_AdministrateurLocal SettingsApplication DataGoogleChromeApplicationchrome.exe (ID: 3348|ParentID: 3048|HP_Administrateur)
C:Documents and SettingsHP_AdministrateurLocal SettingsApplication DataGoogleChromeApplicationchrome.exe (ID: 456|ParentID: 3048|HP_Administrateur)
C:UsbFixUsbFix.exe (ID: 2228|ParentID: 296|HP_Administrateur)
C:WINDOWSsystem32wscntfy.exe (ID: 1900|ParentID: 1236|HP_Administrateur)
C:WINDOWSsystem32wbemwmiprvse.exe (ID: 3612|ParentID: 1064|SERVICE RÉSEAU)

################## | Autorun |

F:Calendars.lnk -> F:iTunesHelper.vbe – (SHA1: 05D02240EE6DE3A289CB848382D83B65882BD8A6)
F:Contacts.lnk -> F:iTunesHelper.vbe – (SHA1: 05D02240EE6DE3A289CB848382D83B65882BD8A6)
F:iPod_Control.lnk -> F:iTunesHelper.vbe – (SHA1: 05D02240EE6DE3A289CB848382D83B65882BD8A6)
F:Notes.lnk -> F:iTunesHelper.vbe – (SHA1: 05D02240EE6DE3A289CB848382D83B65882BD8A6)

################## | Regedit Run |

F2 – HKLM..Winlogon : [Shell] Explorer.exe
F2 – HKLM..Winlogon : [Userinit] C:WINDOWSsystem32Userinit.exe,
04 – HKCU..Run : [KSS] “C:Program FilesKaspersky LabKaspersky Security Scan 2.0kss.exe” /autorun
04 – HKCU..Run : [Google Update] “C:Documents and SettingsHP_AdministrateurLocal SettingsApplication DataGoogleUpdateGoogleUpdate.exe” /c
04 – HKLM..Run : [avgnt] “C:Program FilesAviraAntiVir Desktopavgnt.exe” /min
04 – HKUS-1-5-19..Run : [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE
04 – HKUS-1-5-20..Run : [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE
04 – HKUS-1-5-21-1288898127-691218808-1042232729-1006..Run : [KSS] “C:Program FilesKaspersky LabKaspersky Security Scan 2.0kss.exe” /autorun
04 – HKUS-1-5-21-1288898127-691218808-1042232729-1006..Run : [Google Update] “C:Documents and SettingsHP_AdministrateurLocal SettingsApplication DataGoogleUpdateGoogleUpdate.exe” /c

################## | Recherche générique |

Présent! F:iTunesHelper.vbe
Présent! F:iPod_Control.lnk
Présent! F:Contacts.lnk
Présent! F:Calendars.lnk
Présent! F:Notes.lnk

################## | Registre |

################## | E.O.F | https://www.sosvirus.net/ | http://www.usbfix.net/ |