Bonjour,
Voilà, depuis cette après-midi Avira me harcèle pour un fichier ADWARE/bProtect.D et impossible de le supprimer (à chaque fois le message d'alerte revient).. Du coup, j'ai fait mes petites recherches et j'ai téléchargé USBFix..Maintenant afin de pas faire de bêtises, je préfère copier/coller le rapport de recherche ici pour savoir si je peux lancer une suppression à partir du menu principal.
Je vous remercie d'avance pour le temps accordé à mon message et à la concoction d'une réponse !
############################## | UsbFix V 7.134 | [Recherche]
Utilisateur: Little Sheep (Administrateur) # LITTLESHEEP-MSI
Mis à jour le 06/09/2013 par El Desaparecido
Lancé à 18:22:07 | 10/09/2013
Site Web:
https://www.sosvirus.net/
Upload Malware: http://www.sosvirus.net/upload_malware.php
Contact: http://wwww.sosvirus.net/contact_eldesaparecido.php
PC: Micro-Star International (MS-168B) (x64-based PC)
CPU: AMD Athlon(tm) II P340 Dual-Core Processor (2200)
RAM -> [Total : 2815 | Free : 1252]
BIOS: A168BAMR Ver1.0A
BOOT: Normal boot
OS: Microsoft Windows 7 Édition Familiale Premium (6.1.7601 64-Bit) # Service Pack 1
WB: Windows Internet Explorer 10.0.9200.16660
SC: Security Center Service [(!) Disabled]
WU: Windows Update Service [Enabled]
AV: Norton Internet Security [(!) Disabled | (!) Outdated]
FW: Windows FireWall Service [Enabled]
C:\ (%systemdrive%) -> Disque fixe # 272 Go (185 Go libre(s) - 68%) [OS_Install] # NTFS
D:\ -> Disque fixe # 181 Go (4 Mo libre(s) - 0%) [Data] # NTFS
E:\ -> CD-ROM
################## | Processus Actif |
C:\windows\system32\csrss.exe (388)
C:\windows\system32\wininit.exe (448)
C:\windows\system32\csrss.exe (464)
C:\windows\system32\services.exe (512)
C:\windows\system32\lsass.exe (520)
C:\windows\system32\lsm.exe (528)
C:\windows\system32\winlogon.exe (588)
C:\windows\system32\svchost.exe (676)
C:\windows\system32\svchost.exe (764)
C:\windows\System32\svchost.exe (808)
C:\Program Files (x86)\AMD\Fusion Utility for Mobility\FusionSVC.exe (888)
C:\windows\system32\atiesrxx.exe (928)
C:\windows\System32\svchost.exe (960)
C:\windows\System32\svchost.exe (1004)
C:\windows\system32\svchost.exe (108)
C:\windows\system32\svchost.exe (340)
C:\windows\system32\atieclxx.exe (1132)
C:\windows\System32\spoolsv.exe (1300)
C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (1336)
C:\windows\system32\svchost.exe (1356)
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (1460)
C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (1484)
C:\ProgramData\BrowserProtect\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe (1512)
C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe (1616)
C:\Program Files (x86)\System Control Manager\MSIService.exe (1716)
C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ccSvcHst.exe (1760)
C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe (1800)
C:\windows\system32\Dwm.exe (1276)
C:\windows\Explorer.EXE (1648)
C:\ProgramData\BrowserProtect\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe (1600)
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe (2104)
C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ccSvcHst.exe (2340)
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (2392)
C:\Windows\System32\p2phost.exe (2404)
C:\Users\Little Sheep\AppData\Local\Google\Update\GoogleUpdate.exe (2424)
C:\Users\Little Sheep\AppData\Roaming\Anuman Interactive\AnumanLive\AnumanLive.exe (2496)
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (2700)
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe (2748)
C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe (2980)
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin (2988)
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (3016)
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (3068)
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac (2036)
C:\windows\system32\svchost.exe (1868)
C:\Program Files (x86)\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe (1844)
C:\Program Files (x86)\Tor\tor.exe (1820)
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (1520)
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (1312)
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (2736)
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (2540)
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe (2588)
C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (3300)
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (3468)
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe (3620)
C:\windows\system32\wbem\unsecapp.exe (3660)
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (3736)
C:\windows\system32\wbem\wmiprvse.exe (1472)
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE (1916)
C:\windows\system32\DllHost.exe (1644)
C:\windows\System32\svchost.exe (1100)
C:\windows\system32\svchost.exe (1092)
C:\windows\system32\SearchIndexer.exe (4124)
C:\Users\Little Sheep\AppData\Local\Google\Chrome\Application\chrome.exe (4192)
C:\Users\Little Sheep\AppData\Local\Google\Chrome\Application\chrome.exe (3960)
C:\Program Files\Windows Media Player\wmpnetwk.exe (3880)
C:\Users\Little Sheep\AppData\Local\Google\Chrome\Application\chrome.exe (4496)
C:\Users\Little Sheep\AppData\Local\Google\Chrome\Application\chrome.exe (3412)
C:\Users\Little Sheep\AppData\Local\Google\Chrome\Application\chrome.exe (4880)
C:\Users\Little Sheep\AppData\Local\Google\Chrome\Application\chrome.exe (4872)
C:\Users\Little Sheep\AppData\Local\Google\Chrome\Application\chrome.exe (4868)
C:\windows\system32\svchost.exe (5076)
C:\Users\Little Sheep\AppData\Local\Google\Chrome\Application\chrome.exe (5708)
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe (2916)
C:\Program Files (x86)\Common Files\Teleca Shared\Generic.exe (2728)
C:\windows\System32\svchost.exe (4372)
C:\Users\Little Sheep\AppData\Local\Google\Chrome\Application\chrome.exe (4764)
C:\windows\system32\DllHost.exe (6040)
C:\windows\system32\wbem\wmiprvse.exe (4484)
C:\Users\Little Sheep\AppData\Local\Google\Chrome\Application\chrome.exe (5524)
C:\UsbFix\Go.exe (2192)
C:\Users\Little Sheep\AppData\Local\Google\Chrome\Application\chrome.exe (4480)
################## | El Desaparecido Section |
HKLM\SOFTWARE | Run : [StartCCC] - "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
HKLM\SOFTWARE | Run : [MGSysCtrl] - C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe
HKLM\SOFTWARE | Run : [NortonOnlineBackup] - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
HKLM\SOFTWARE | Run : [ArcSoft Connection Service] - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
HKLM\SOFTWARE | Run : [Adobe Reader Speed Launcher] - "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
HKLM\SOFTWARE | Run : [Sony Ericsson PC Suite] - "C:\Program Files (x86)\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
HKLM\SOFTWARE | Run : [SDTray] - "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
HKLM\SOFTWARE | Run : [SunJavaUpdateSched] - "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
HKLM\SOFTWARE | Run : [avgnt] - "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
HKLM\SOFTWARE\wow6432Node | Run : [StartCCC] - "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
HKLM\SOFTWARE\wow6432Node | Run : [MGSysCtrl] - C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe
HKLM\SOFTWARE\wow6432Node | Run : [NortonOnlineBackup] - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
HKLM\SOFTWARE\wow6432Node | Run : [ArcSoft Connection Service] - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
HKLM\SOFTWARE\wow6432Node | Run : [Adobe Reader Speed Launcher] - "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
HKLM\SOFTWARE\wow6432Node | Run : [Sony Ericsson PC Suite] - "C:\Program Files (x86)\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
HKLM\SOFTWARE\wow6432Node | Run : [SDTray] - "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
HKLM\SOFTWARE\wow6432Node | Run : [SunJavaUpdateSched] - "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
HKLM\SOFTWARE\wow6432Node | Run : [avgnt] - "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
HKLM\SOFTWARE | RunOnce : [] -
HKLM\SOFTWARE\wow6432Node | RunOnce : [] -
HKU\S-1-5-19\SOFTWARE | Run : [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-20\SOFTWARE | Run : [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-21-3526853064-3588749697-3793937013-1000\SOFTWARE | Run : [CollaborationHost] - C:\windows\system32\p2phost.exe -s
HKU\S-1-5-21-3526853064-3588749697-3793937013-1000\SOFTWARE | Run : [Google Update] - "C:\Users\Little Sheep\AppData\Local\Google\Update\GoogleUpdate.exe" /c
HKU\S-1-5-21-3526853064-3588749697-3793937013-1000\SOFTWARE | Run : [AnumanLive] - C:\Users\Little Sheep\AppData\Roaming\Anuman Interactive\AnumanLive\AnumanLive.exe
HKU\S-1-5-21-3526853064-3588749697-3793937013-1000\SOFTWARE | Run : [BitTorrent] - "C:\Program Files (x86)\BitTorrent\BitTorrent.exe" /MINIMIZED
HKU\S-1-5-19\SOFTWARE | RunOnce : [mctadmin] - C:\Windows\System32\mctadmin.exe
HKU\S-1-5-20\SOFTWARE | RunOnce : [mctadmin] - C:\Windows\System32\mctadmin.exe
################## | Éléments infectieux |
Présent! C:\Users\Little Sheep\AppData\Roaming\BabMaint.exe
################## | Registre |
################## | Mountpoints2 |
HKCU\.\.\.\.\Explorer\MountPoints2\{870db745-99b7-11e0-bb31-406186b8d63e}
Shell\AutoRun\Command = F:\laucher.exe
################## | Vaccin |
(!) Cet ordinateur n'est pas vacciné!
################## | E.O.F |
https://www.sosvirus.net/ |
Afficher la suite
