fsoo
Participant
Nombre d'articles : 7

bonjour,
merci pour ta repense buckhulk. J ai effectué le nettoyage et voila son rapport:
############################## | UsbFix V 7.171 | [Nettoyage]

Utilisateur: Fsoofiane-zgr (Administrateur) # FSOOFIANE
Mis à jour le 18/05/2014 par El Desaparecido – SosVirus
Lancé à 01:33:55 | 09/06/2014

Site Web : http://www.usbfix.net/
Changelog : http://www.usbfix.net/maj/
Assistance : https://www.sosvirus.net/aide-nettoyage-pc/
Upload Malware : https://www.sosvirus.net/upload_malware.php
Contact : http://www.usbfix.net/contact/

PC: Acer (VA50_HC_CR)
CPU: Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz
RAM -> [Total : 2462 Mo| Free : 1136 Mo]
Bios: Acer
Boot: Normal boot

OS: Microsoft Windows 8 Professionnel N (6.2.9200 32-Bit)
WB: Windows Internet Explorer : 10.0.9200.16384
WB: Mozilla Firefox : 29.0.1

SC: Security Center [Enabled]
WU: Windows Update [Enabled]
AV: Windows Defender [(!) Disabled | (!) Outdated]
AV: avast! Antivirus [Enabled | Updated]
AS: Windows Defender [(!) Disabled | (!) Outdated]
AS: avast! Antivirus [Enabled | Updated]
FW: avast! Antivirus [Enabled]
FW: Windows FireWall [(!) Disabled]

C: (%SystemDrive%) -> Disque fixe # 298 Go (197 Go libre(s) – 66%) [] # NTFS
D: -> Disque fixe # 400 Go (316 Go libre(s) – 79%) [Nouveau nom] # NTFS
E: -> CD-ROM
F: -> CD-ROM
H: -> Disque amovible # 4 Go (559 Mo libre(s) – 15%) [Lexar] # FAT32

################## | Processus Stoppés |

C:WindowsSystem32nvvsvc.exe (ID: 876|ParentID: 712)
C:WindowsSystem32igfxCUIService.exe (ID: 1136|ParentID: 712)
C:Program FilesAVAST SoftwareAvastAvastSvc.exe (ID: 1500|ParentID: 712)
C:WindowsSystem32spoolsv.exe (ID: 1968|ParentID: 712|Système)
C:Program FilesAVAST SoftwareAvastafwServ.exe (ID: 2044|ParentID: 712|Système)
C:Program FilesCommon FilesAppleMobile Device SupportAppleMobileDeviceService.exe (ID: 1624|ParentID: 712|Système)
C:Program FilesBonjourmDNSResponder.exe (ID: 2132|ParentID: 712|Système)
C:WindowsSystem32srvany.exe (ID: 2180|ParentID: 712|Système)
C:WindowsKMService.exe (ID: 2200|ParentID: 2180|Système)
C:Program Filesma-config.comMaConfigAgent.exe (ID: 2248|ParentID: 712|Système)
C:Program FilesNVIDIA CorporationNetServiceNvNetworkService.exe (ID: 2480|ParentID: 712|Système)
C:Program FilesNVIDIA CorporationNvStreamSrvnvstreamsvc.exe (ID: 2600|ParentID: 712|Système)
C:Windowsslsvc.exe (ID: 2740|ParentID: 712|Système)
C:WindowsPersonalizeEnabler.exe (ID: 2840|ParentID: 2740|Système)
C:WindowsSystem32SearchIndexer.exe (ID: 3452|ParentID: 712|Système)
C:WindowsMicrosoft.NETFrameworkv3.0WPFPresentationFontCache.exe (ID: 3784|ParentID: 712|SERVICE LOCAL)
C:Program FilesNVIDIA CorporationDisplaynvxdsync.exe (ID: 5516|ParentID: 876|Système)
C:WindowsSystem32nvvsvc.exe (ID: 5544|ParentID: 876|Système)
C:WindowsSystem32dasHost.exe (ID: 5980|ParentID: 1164|SERVICE LOCAL)
C:Program FilesNVIDIA CorporationNvStreamSrvnvstreamsvc.exe (ID: 4324|ParentID: 2600|Système)
C:WindowsSystem32conhost.exe (ID: 3632|ParentID: 4324|Système)
C:WindowsSystem32taskhostex.exe (ID: 2896|ParentID: 712|Fsoofiane-zgr)
C:WindowsSystem32igfxEM.exe (ID: 1512|ParentID: 2588|Fsoofiane-zgr)
C:WindowsSystem32igfxHK.exe (ID: 4972|ParentID: 2588|Fsoofiane-zgr)
C:WindowsSystem32igfxTray.exe (ID: 4960|ParentID: 2588|Fsoofiane-zgr)
C:Windowsexplorer.exe (ID: 1824|ParentID: 2772|Fsoofiane-zgr)
C:Program FilesNVIDIA CorporationUpdate CoreNvBackend.exe (ID: 2388|ParentID: 2088|Fsoofiane-zgr)
C:WindowsSystem32WUDFHost.exe (ID: 5040|ParentID: 1164|SERVICE LOCAL)
C:Program FilesNVIDIA CorporationDisplaynvtray.exe (ID: 5444|ParentID: 5516|Fsoofiane-zgr)
C:Program FilesRealtekAudioHDARtHDVCpl.exe (ID: 5744|ParentID: 1824|Fsoofiane-zgr)
C:Program FilesRealtekAudioHDARtHDVBg.exe (ID: 5844|ParentID: 1824|Fsoofiane-zgr)
C:Program FilesAVAST SoftwareAvastavastui.exe (ID: 6008|ParentID: 1824|Fsoofiane-zgr)
C:WindowsSystem32wscript.exe (ID: 5756|ParentID: 1824|Fsoofiane-zgr)
C:WindowsSystem32wbemunsecapp.exe (ID: 4840|ParentID: 828|Fsoofiane-zgr)
C:Program FilesIntelIntel(R) Rapid Storage TechnologyIAStorDataMgrSvc.exe (ID: 4140|ParentID: 712|Système)
C:Program FilesIntelIntel(R) Rapid Storage TechnologyIAStorIcon.exe (ID: 3760|ParentID: 4884|Fsoofiane-zgr)
C:UsersFsoofiane-zgrAppDataLocalGoogleChromeApplicationchrome.exe (ID: 4488|ParentID: 6140|Fsoofiane-zgr)
C:Program FilesInternet Download ManagerIDMan.exe (ID: 4144|ParentID: 828|Fsoofiane-zgr)
C:Program FilesInternet Download ManagerIEMonitor.exe (ID: 4640|ParentID: 4144|Fsoofiane-zgr)
C:WindowsSystem32notepad.exe (ID: 3040|ParentID: 4808|Aucun)
C:WindowsSystem32WUDFHost.exe (ID: 4920|ParentID: 1164|SERVICE LOCAL)

################## | Autorun |

H:Recapitulatif parcours.lnk -> H:SysBackUp.vbs – VirusTotal – (11/53)
H:editerConvocRdvFr.lnk -> H:SysBackUp.vbs – VirusTotal – (11/53)
H:Z.lnk -> H:SysBackUp.vbs – VirusTotal – (11/53)
H:Addons.lnk -> H:SysBackUp.vbs – VirusTotal – (11/53)
H:System Volume Information.lnk -> H:SysBackUp.vbs – VirusTotal – (11/53)
H:Docs.lnk -> H:SysBackUp.vbs – VirusTotal – (11/53)
H:Medicv1.lnk -> H:SysBackUp.vbs – VirusTotal – (11/53)
H:Doc111.lnk -> H:SysBackUp.vbs – VirusTotal – (11/53)
H:cours mea.lnk -> H:SysBackUp.vbs – VirusTotal – (11/53)
H:Aircraft Visit Project_3D.lnk -> H:SysBackUp.vbs – VirusTotal – (11/53)
H:tell me more.lnk -> H:SysBackUp.vbs – VirusTotal – (11/53)
H:engagement_rgph2014.lnk -> H:SysBackUp.vbs – VirusTotal – (11/53)
H:DemandeInscriptionConcoursCRMEF.lnk -> H:SysBackUp.vbs – VirusTotal – (11/53)
H:Photo 008.lnk -> H:SysBackUp.vbs – VirusTotal – (11/53)
H:monfichier.lnk -> H:SysBackUp.vbs – VirusTotal – (11/53)
H:UnknownAstral.lnk -> H:SysBackUp.vbs – VirusTotal – (11/53)
H:RDV_912052f0e6f6cc346 .lnk -> H:SysBackUp.vbs – VirusTotal – (11/53)
H:soufianeCV.lnk -> H:SysBackUp.vbs – VirusTotal – (11/53)
H:Docs Soufiane.lnk -> H:SysBackUp.vbs – VirusTotal – (11/53)
H:Programs.lnk -> H:SysBackUp.vbs – VirusTotal – (11/53)
H:Personal.lnk -> H:SysBackUp.vbs – VirusTotal – (11/53)

################## | Recherche générique |

Supprimé! C:UsersFsoofiane-zgrAppDataRoamingSysBackUp.vbs
Supprimé! C:UsersFsoofiane-zgrAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupSysBackUp.vbs
Supprimé! H:SysBackUp.vbs
Supprimé! H:Z.lnk
Supprimé! H:DemandeInscriptionConcoursCRMEF.lnk
Supprimé! H:Photo 008.lnk
Supprimé! H:monfichier.lnk
Supprimé! H:Doc111.lnk
Supprimé! H:UnknownAstral.lnk
Supprimé! H:Recapitulatif parcours.lnk
Supprimé! H:editerConvocRdvFr.lnk
Supprimé! H:Medicv1.lnk
Supprimé! H:soufianeCV.lnk
Supprimé! H:RDV_912052f0e6f6cc346 .lnk
Supprimé! H:engagement_rgph2014.lnk
Supprimé! H:tell me more.lnk
Supprimé! H:Aircraft Visit Project_3D.lnk
Supprimé! H:cours mea.lnk
Supprimé! H:System Volume Information.lnk
Supprimé! H:Addons.lnk
Supprimé! H:Docs.lnk
Supprimé! H:Personal.lnk
Supprimé! H:Programs.lnk
Supprimé! H:Docs Soufiane.lnk
Supprimé! C:UsersFsoofiane-zgrAppDataRoamingFlashPlayerSkin.exe.tmp
Supprimé! C:UsersFsoofiane-zgrAppDataRoamingdll-files.com
Supprimé! C:UsersFsoofiane-zgrAppDataRoamingFlashPlayer Install

(!) Fichiers temporaires supprimés.

################## | Registre |

Supprimé! HKUS-1-5-21-1822728439-1334204995-2597841746-1001SoftwareMicrosoftWindowsCurrentVersionRun|SysBackUp

################## | Regedit Run |

F2 – HKLM..Winlogon : [Shell] explorer.exe
F2 – HKLM..Winlogon : [Userinit] C:Windowssystem32userinit.exe,
04 – HKCU..Run : [Google Update] “C:UsersFsoofiane-zgrAppDataLocalGoogleUpdateGoogleUpdate.exe” /c
04 – HKCU..Run : [IDMan] C:Program FilesInternet Download ManagerIDMan.exe /onboot
04 – HKCU..Run : [MyComGames] “C:UsersFsoofiane-zgrAppDataLocalMyComGamesMyComGames.exe” -autostart
04 – HKCU..Run : [DAEMON Tools Lite] “C:Program FilesDAEMON Tools LiteDTLite.exe” -autorun
04 – HKCU..Run : [KiesPreload] C:Program FilesSamsungKiesKies.exe /preload
04 – HKCU..Run : [uTorrent] “C:UsersFsoofiane-zgrAppDataRoaminguTorrentuTorrent.exe” /MINIMIZED
04 – HKLM..Run : [NvBackend] “C:Program FilesNVIDIA CorporationUpdate CoreNvBackend.exe”
04 – HKLM..Run : [ShadowPlay] C:Windowssystem32rundll32.exe C:Windowssystem32nvspcap.dll,ShadowPlayOnSystemStart
04 – HKLM..Run : [RtHDVCpl] C:Program FilesRealtekAudioHDARtHDVCpl.exe -s
04 – HKLM..Run : [RtHDVBg_Dolby] “C:Program FilesRealtekAudioHDARtHDVBg.exe” /FORPCEE4
04 – HKLM..Run : [IAStorIcon] “C:Program FilesIntelIntel(R) Rapid Storage TechnologyIAStorIconLaunch.exe” “C:Program FilesIntelIntel(R) Rapid Storage TechnologyIAStorIcon.exe” 60
04 – HKLM..Run : [BCSSync] “C:Program FilesMicrosoft OfficeOffice14BCSSync.exe” /DelayServices
04 – HKLM..Run : [iTunesHelper] “C:Program FilesiTunesiTunesHelper.exe”
04 – HKLM..Run : [KiesTrayAgent] C:Program FilesSamsungKiesKiesTrayAgent.exe
04 – HKLM..Run : [AvastUI.exe] “C:Program FilesAVAST SoftwareAvastAvastUI.exe” /nogui
04 – HKUS-1-5-21-1822728439-1334204995-2597841746-1001..Run : [Google Update] “C:UsersFsoofiane-zgrAppDataLocalGoogleUpdateGoogleUpdate.exe” /c
04 – HKUS-1-5-21-1822728439-1334204995-2597841746-1001..Run : [IDMan] C:Program FilesInternet Download ManagerIDMan.exe /onboot
04 – HKUS-1-5-21-1822728439-1334204995-2597841746-1001..Run : [MyComGames] “C:UsersFsoofiane-zgrAppDataLocalMyComGamesMyComGames.exe” -autostart
04 – HKUS-1-5-21-1822728439-1334204995-2597841746-1001..Run : [DAEMON Tools Lite] “C:Program FilesDAEMON Tools LiteDTLite.exe” -autorun
04 – HKUS-1-5-21-1822728439-1334204995-2597841746-1001..Run : [KiesPreload] C:Program FilesSamsungKiesKies.exe /preload
04 – HKUS-1-5-21-1822728439-1334204995-2597841746-1001..Run : [uTorrent] “C:UsersFsoofiane-zgrAppDataRoaminguTorrentuTorrent.exe” /MINIMIZED

################## | C: %SystemDrive% – Disque Fixe (NTFS) |

[26/07/2012 – 07:51:57 | N | 0 Ko] – C:config.sys
[08/06/2014 – 22:16:29 | ASH | 2017156 Ko] – C:hiberfil.sys
[08/06/2014 – 22:16:32 | ASH | 1245184 Ko] – C:pagefile.sys
[08/06/2014 – 22:16:34 | ASH | 262144 Ko] – C:swapfile.sys
[02/06/2014 – 22:22:19 | D] – C:Config.Msi
[01/05/2014 – 12:37:24 | SHD] – C:$Recycle.Bin
[26/07/2012 – 07:51:57 | A | 0 Ko] – C:autoexec.bat
[02/06/2012 – 15:30:55 | N | 0 Ko] – C:BOOTNXT
[26/07/2012 – 04:44:30 | RASH | 389 Ko] – C:bootmgr
[26/07/2012 – 07:03:51 | SHD] – C:Documents and Settings
[26/07/2012 – 07:29:28 | D] – C:PerfLogs
[09/04/2014 – 23:41:12 | SHD] – C:Recovery
[09/04/2014 – 23:48:27 | D] – C:Windows Activation Technologies
[10/04/2014 – 00:37:16 | SHD] – C:Boot
[10/04/2014 – 13:47:24 | D] – C:Intel
[10/04/2014 – 22:49:23 | RHD] – C:MSOCache
[23/04/2014 – 02:33:13 | D] – C:Ubisoft
[23/05/2014 – 00:05:45 | D] – C:Users
[01/06/2014 – 15:19:02 | SHD] – C:System Volume Information
[01/06/2014 – 22:19:02 | N | 0 Ko] – C:END
[04/06/2014 – 21:48:52 | D] – C:Program Files
[04/06/2014 – 21:48:52 | HD] – C:ProgramData
[05/06/2014 – 15:44:36 | D] – C:NVIDIA Corporation
[06/06/2014 – 00:38:34 | D] – C:Windows
[09/06/2014 – 01:06:27 | D] – C:UsbFix

################## | D: – Disque Fixe (NTFS) |

[25/05/2014 – 23:25:15 | D] – D:msdownld.tmp
[15/05/2014 – 18:18:08 | N | 308 Ko] – D:Bulletin_Salaire_008334_2014_4.pdf
[01/05/2014 – 12:22:59 | N | 227 Ko] – D:Z.soufiane-CV2.doc.docx
[01/05/2014 – 12:30:45 | N | 227 Ko] – D:Z.soufiane-CV3.docx
[02/04/2014 – 12:11:20 | SHD] – D:$RECYCLE.BIN
[28/01/2014 – 12:27:25 | D] – D:IDM 2014 – M-ASRAR
[02/04/2014 – 12:15:12 | SHD] – D:System Volume Information
[03/04/2014 – 11:16:26 | D] – D:Addons
[03/04/2014 – 20:27:27 | D] – D:FILMS
[03/04/2014 – 20:30:44 | D] – D:Tell Me More English 10
[10/04/2014 – 00:50:13 | D] – D:Drivers
[10/04/2014 – 14:26:56 | D] – D:GamesMailRu
[04/05/2014 – 00:51:32 | D] – D:Programs
[04/05/2014 – 00:54:29 | D] – D:myMusic
[18/05/2014 – 11:28:46 | D] – D:MyGames
[19/05/2014 – 23:53:42 | D] – D:toph été 2011
[28/05/2014 – 00:38:11 | D] – D:Mangas
[06/06/2014 – 23:13:24 | D] – D:Docs

################## | H: – Disque USB (FAT32) |

[13/08/2013 – 23:15:34 | N | 19 Ko] – H:monfichier.pdf
[26/09/2013 – 19:59:16 | N | 278 Ko] – H:DemandeInscriptionConcoursCRMEF.pdf
[07/03/2014 – 23:25:48 | N | 565 Ko] – H:RDV_912052f0e6f6cc346 .pdf
[24/03/2014 – 21:46:38 | N | 54 Ko] – H:editerConvocRdvFr.pdf
[28/05/2014 – 10:45:56 | N | 65 Ko] – H:engagement_rgph2014.pdf
[29/01/2014 – 00:33:16 | N | 2253 Ko] – H:UnknownAstral.pak
[20/01/2014 – 19:06:28 | N | 160 Ko] – H:Photo 008.jpg
[01/12/2012 – 16:14:46 | N | 24 Ko] – H:Medicv1.docx
[08/02/2014 – 15:30:44 | N | 14 Ko] – H:Recapitulatif parcours.docx
[03/04/2014 – 15:15:20 | N | 279 Ko] – H:Z.soufiane-CV2.doc.docx
[01/05/2014 – 12:30:46 | N | 227 Ko] – H:Z.soufiane-CV3.docx
[14/07/2013 – 13:17:02 | N | 77 Ko] – H:Doc111.doc
[26/10/2013 – 00:18:04 | N | 61 Ko] – H:soufianeCV.doc
[22/01/2014 – 12:35:28 | N | 61 Ko] – H:Z.soufiane-CV.doc
[03/06/2013 – 20:36:50 | D] – H:tell me more
[05/07/2013 – 23:02:46 | D] – H:Docs Soufiane
[08/11/2013 – 13:17:56 | D] – H:Aircraft Visit Project_3D
[19/11/2013 – 00:35:42 | D] – H:cours mea
[07/01/2014 – 23:18:46 | SHD] – H:System Volume Information
[01/02/2014 – 19:50:06 | D] – H:Addons
[31/03/2014 – 04:46:28 | D] – H:Personal
[02/04/2014 – 03:16:40 | D] – H:Docs
[02/04/2014 – 03:34:52 | D] – H:Programs

################## | Vaccin |

D:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
H:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)

################## | E.O.F | https://www.sosvirus.net/ | http://www.usbfix.net/ |

Et ceci et le lien SosUpload pour le ZHPdiag:
https://antimalware.top/www/?a=d&i=5UxQjaxPIc” onclick=”window.open(this.href);return false;

je souhaite juste s”avoir si mon problème et résolue ou pas, sachant que Avast n’as pas détecté le logiciel malveillant la derniere fois que j’ai démarré mon ordi :)
merci encore une fois