Vous pensez être infecté, des pubs s'affichent quand vous naviguez sur internet ?
Perte de données, ralentissement système, virus USB ?
Désinfectez votre ordinateur gratuitement !
  • Avatar du membre
  • Avatar du membre
Avatar du membre
par Mari-Jane
#16708
Bonjour, depuis hier, j'ai un virus qui crée des raccourcis sur mon ordinateur et cela à  cause d'une clé USB qui avait elle aussi ce virus. Un ami m'a donc conseillé d'utiliser USBFix et de vous confier le rapport.
Je remercie vraiment la personne qui m'aidera, je n'ai jamais vu un virus pareil et je commence à  désespérer :/
Code: Tout sélectionner
############################## | UsbFix V 7.150 | [Suppression]

Utilisateur: Audrey (Administrateur) # AUDREY-PC
Mis à  jour le 08/11/2013 par El Desaparecido - Team SosVirus
Lancé à  17:49:43 | 13/11/2013

Site Web : http://www.usbfix.net" onclick="window.open(this.href);return false;
Forum : http://www.sosvirus.net/" onclick="window.open(this.href);return false;
Upload Malware : http://www.sosvirus.net/upload_malware.php" onclick="window.open(this.href);return false;
Contact : http://www.usbfix.net/contact/" onclick="window.open(this.href);return false;

PC: ASUSTeK Computer Inc. (K54HR)
CPU: Intel(R) Pentium(R) CPU B960 @ 2.20GHz
RAM -> [Total : 4072 | Free : 2298]
Bios: American Megatrends Inc.
Boot: Normal boot

OS: Microsoft Windows 7 à‰dition Familiale Premium (6.1.7601 64-Bit) Service Pack 1
WB: Windows Internet Explorer : 10.0.9200.16721
WB: Google Chrome : 28.0.1500.72
WB: Mozilla Firefox : 25.0

SC: Security Center Service [Enabled]
WU: Windows Update Service [Enabled]
AV: avast! Antivirus [(!) Disabled | Updated]
AS: Windows Defender : 6.1.7600.16385 (win7_rtm.090713-1255)
FW: Windows FireWall Service [Enabled]

C:\ (%systemdrive%) -> Disque fixe # 186 Go (93 Go libre(s) - 50%) [OS] # NTFS
D:\ -> Disque fixe # 254 Go (137 Go libre(s) - 54%) [DATA] # NTFS
E:\ -> CD-ROM
F:\ -> Disque amovible # 15 Go (15 Go libre(s) - 100%) [EASY KEY] # FAT32

################## | Processus Stoppés |

Stoppé! C:\Windows\system32\atiesrxx.exe (ID: 948 |ParentID: 652)
Stoppé! C:\Windows\system32\atieclxx.exe (ID: 1200 |ParentID: 948)
Stoppé! C:\Windows\system32\FBAgent.exe (ID: 1452 |ParentID: 652)
Stoppé! C:\Windows\system32\WLANExt.exe (ID: 1460 |ParentID: 512)
Stoppé! C:\Windows\system32\conhost.exe (ID: 1468 |ParentID: 508)
Stoppé! C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe (ID: 1532 |ParentID: 652)
Stoppé! C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ID: 1568 |ParentID: 652)
Stoppé! C:\Program Files\AVAST Software\Avast\AvastSvc.exe (ID: 1596 |ParentID: 652)
Stoppé! C:\Windows\System32\spoolsv.exe (ID: 1776 |ParentID: 652)
Stoppé! C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe (ID: 2032 |ParentID: 652)
Stoppé! C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BBSvc.exe (ID: 1840 |ParentID: 652)
Stoppé! C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe (ID: 1344 |ParentID: 652)
Stoppé! C:\Windows\system32\taskhost.exe (ID: 1400 |ParentID: 652)
Stoppé! C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnWMI.exe (ID: 2124 |ParentID: 2032)
Stoppé! C:\Windows\Explorer.EXE (ID: 2212 |ParentID: 1036)
Stoppé! C:\Windows\system32\taskeng.exe (ID: 2284 |ParentID: 768)
Stoppé! C:\Windows\system32\taskeng.exe (ID: 2320 |ParentID: 768)
Stoppé! C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (ID: 2428 |ParentID: 2284)
Stoppé! C:\Windows\system32\taskeng.exe (ID: 2440 |ParentID: 768)
Stoppé! C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe (ID: 2472 |ParentID: 652)
Stoppé! C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (ID: 2872 |ParentID: 652)
Stoppé! C:\Program Files\ASUS\P4G\BatteryLife.exe (ID: 3000 |ParentID: 2320)
Stoppé! C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (ID: 2076 |ParentID: 652)
Stoppé! C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ID: 1964 |ParentID: 2440)
Stoppé! C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (ID: 3256 |ParentID: 652)
Stoppé! C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (ID: 3484 |ParentID: 2076)
Stoppé! C:\Windows\AsScrPro.exe (ID: 3948 |ParentID: 1452)
Stoppé! C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (ID: 4068 |ParentID: 1452)
Stoppé! C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE (ID: 4084 |ParentID: 652)
Stoppé! C:\Program Files\Trend Micro\Titanium\TiMiniService.exe (ID: 1280 |ParentID: 652)
Stoppé! C:\Program Files\Trend Micro\Titanium\TiResumeSrv.exe (ID: 3984 |ParentID: 1280)
Stoppé! C:\Program Files\Elantech\ETDCtrl.exe (ID: 4264 |ParentID: 2212)
Stoppé! C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (ID: 4276 |ParentID: 2212)
Stoppé! C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (ID: 4288 |ParentID: 2212)
Stoppé! C:\Program Files\Windows Sidebar\sidebar.exe (ID: 4336 |ParentID: 2212)
Stoppé! C:\Windows\system32\SearchIndexer.exe (ID: 4912 |ParentID: 652)
Stoppé! C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (ID: 5116 |ParentID: 1452)
Stoppé! C:\Users\Audrey\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (ID: 4028 |ParentID: 2212)
Stoppé! C:\Windows\system32\SearchProtocolHost.exe (ID: 4368 |ParentID: 4912)
Stoppé! C:\Program Files (x86)\Samsung\Kies\Kies.exe (ID: 4248 |ParentID: 2212)
Stoppé! C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe (ID: 4720 |ParentID: 2212)
Stoppé! C:\Program Files\Elantech\ETDCtrlHelper.exe (ID: 4772 |ParentID: 4264)
Stoppé! C:\Program Files (x86)\Skype\Phone\Skype.exe (ID: 4996 |ParentID: 2212)
Stoppé! C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe (ID: 1952 |ParentID: 4720)
Stoppé! C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (ID: 4724 |ParentID: 2212)
Stoppé! C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe (ID: 3636 |ParentID: 4992)
Stoppé! C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe (ID: 2768 |ParentID: 4992)
Stoppé! C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe (ID: 4872 |ParentID: 2212)
Stoppé! C:\Users\Audrey\AppData\Roaming\Microsoft\Outil de notification de cadeaux MSN\msnotif.exe (ID: 4588 |ParentID: 2212)
Stoppé! C:\Program Files\AVAST Software\Avast\AvastUI.exe (ID: 3504 |ParentID: 4992)
Stoppé! C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ID: 4648 |ParentID: 4992)
Stoppé! C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ID: 5112 |ParentID: 4992)
Stoppé! C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe (ID: 3032 |ParentID: 4992)
Stoppé! C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (ID: 4428 |ParentID: 4992)
Stoppé! C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (ID: 804 |ParentID: 4992)
Stoppé! C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe (ID: 1816 |ParentID: 4724)
Stoppé! C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe (ID: 3536 |ParentID: 808)
Stoppé! C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe (ID: 4484 |ParentID: 808)
Stoppé! C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSService.exe (ID: 4472 |ParentID: 3636)
Stoppé! C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (ID: 5348 |ParentID: 652)
Stoppé! C:\Windows\system32\sppsvc.exe (ID: 5492 |ParentID: 652)
Stoppé! C:\Program Files\Windows Media Player\wmpnetwk.exe (ID: 5148 |ParentID: 652)
Stoppé! C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (ID: 5880 |ParentID: 652)
Stoppé! \\?\C:\Windows\system32\wbem\WMIADAP.EXE (ID: 5400 |ParentID: 768)
Stoppé! C:\Windows\System32\WUDFHost.exe (ID: 5248 |ParentID: 512)
Stoppé! C:\Windows\servicing\TrustedInstaller.exe (ID: 4148 |ParentID: 652)
Stoppé! C:\Windows\system32\wuauclt.exe (ID: 5604 |ParentID: 768)
Stoppé! C:\Windows\system32\sdclt.exe (ID: 148 |ParentID: 652)

################## | Regedit Run |

04 - HKLM\SOFTWARE | Run : [Nuance PDF Reader-reminder] - "C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini"
04 - HKLM\SOFTWARE | Run : [ASUSPRP] - "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
04 - HKLM\SOFTWARE | Run : [ASUSWebStorage] - C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe /S
04 - HKLM\SOFTWARE | Run : [SonicMasterTray] - C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
04 - HKLM\SOFTWARE | Run : [UpdateLBPShortCut] - "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
04 - HKLM\SOFTWARE | Run : [UpdateP2GoShortCut] - "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
04 - HKLM\SOFTWARE | Run : [avast] - "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
04 - HKLM\SOFTWARE | Run : [ATKOSD2] - C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
04 - HKLM\SOFTWARE | Run : [ATKMEDIA] - C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
04 - HKLM\SOFTWARE | Run : [HControlUser] - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
04 - HKLM\SOFTWARE | Run : [Wireless Console 3] - C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
04 - HKLM\SOFTWARE | Run : [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
04 - HKLM\SOFTWARE | Run : [AdobeCS6ServiceManager] - "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
04 - HKLM\SOFTWARE | Run : [KiesTrayAgent] - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
04 - HKLM\SOFTWARE | Run : [SunJavaUpdateSched] - "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
04 - HKLM\SOFTWARE\wow6432Node | Run : [Nuance PDF Reader-reminder] - "C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini"
04 - HKLM\SOFTWARE\wow6432Node | Run : [ASUSPRP] - "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
04 - HKLM\SOFTWARE\wow6432Node | Run : [ASUSWebStorage] - C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe /S
04 - HKLM\SOFTWARE\wow6432Node | Run : [SonicMasterTray] - C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
04 - HKLM\SOFTWARE\wow6432Node | Run : [UpdateLBPShortCut] - "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
04 - HKLM\SOFTWARE\wow6432Node | Run : [UpdateP2GoShortCut] - "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
04 - HKLM\SOFTWARE\wow6432Node | Run : [avast] - "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
04 - HKLM\SOFTWARE\wow6432Node | Run : [ATKOSD2] - C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
04 - HKLM\SOFTWARE\wow6432Node | Run : [ATKMEDIA] - C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
04 - HKLM\SOFTWARE\wow6432Node | Run : [HControlUser] - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
04 - HKLM\SOFTWARE\wow6432Node | Run : [Wireless Console 3] - C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
04 - HKLM\SOFTWARE\wow6432Node | Run : [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
04 - HKLM\SOFTWARE\wow6432Node | Run : [AdobeCS6ServiceManager] - "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
04 - HKLM\SOFTWARE\wow6432Node | Run : [KiesTrayAgent] - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
04 - HKLM\SOFTWARE\wow6432Node | Run : [SunJavaUpdateSched] - "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
04 - HKLM\SOFTWARE | RunOnce : [] -
04 - HKLM\SOFTWARE\wow6432Node | RunOnce : [] -
04 - HKU\S-1-5-19\SOFTWARE | Run : [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-20\SOFTWARE | Run : [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-21-1869673205-3978405616-3870108736-1000\SOFTWARE | Run : [Sidebar] - C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
04 - HKU\S-1-5-21-1869673205-3978405616-3870108736-1000\SOFTWARE | Run : [AdobeBridge] -
04 - HKU\S-1-5-21-1869673205-3978405616-3870108736-1000\SOFTWARE | Run : [Spotify] - "C:\Users\Audrey\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
04 - HKU\S-1-5-21-1869673205-3978405616-3870108736-1000\SOFTWARE | Run : [Spotify Web Helper] - "C:\Users\Audrey\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
04 - HKU\S-1-5-21-1869673205-3978405616-3870108736-1000\SOFTWARE | Run : [KiesPreload] - C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
04 - HKU\S-1-5-21-1869673205-3978405616-3870108736-1000\SOFTWARE | Run : [KiesAirMessage] - C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
04 - HKU\S-1-5-21-1869673205-3978405616-3870108736-1000\SOFTWARE | Run : [KiesPDLR] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
04 - HKU\S-1-5-21-1869673205-3978405616-3870108736-1000\SOFTWARE | Run : [Facebook Update] - "C:\Users\Audrey\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
04 - HKU\S-1-5-21-1869673205-3978405616-3870108736-1000\SOFTWARE | Run : [msnmsgr] - "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
04 - HKU\S-1-5-21-1869673205-3978405616-3870108736-1000\SOFTWARE | Run : [Sony PC Companion] - "C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background
04 - HKU\S-1-5-21-1869673205-3978405616-3870108736-1000\SOFTWARE | Run : [Skype] - "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
04 - HKU\S-1-5-21-1869673205-3978405616-3870108736-1000\SOFTWARE | Run : [EA Core] - "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent
04 - HKU\S-1-5-21-1869673205-3978405616-3870108736-1000\SOFTWARE | Run : [Omiga Plus] - "C:\Program Files (x86)\Omiga Plus\omigaplus.exe" /autorun
04 - HKU\S-1-5-19\SOFTWARE | RunOnce : [mctadmin] - C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-20\SOFTWARE | RunOnce : [mctadmin] - C:\Windows\System32\mctadmin.exe

################## | Recherche générique |

Supprimé! F:\Les reconstructions monarchiques.lnk
Supprimé! C:\Users\Audrey\AppData\Local\Temp\Audrey7
Supprimé! C:\Users\Audrey\AppData\Local\Temp\Audrey8
Supprimé! C:\Users\Audrey\AppData\Local\Temp\utt2A06.tmp.exe
Supprimé! C:\Users\Audrey\AppData\Local\Temp\utt8620.tmp.exe
Supprimé! C:\Users\Audrey\AppData\Local\Temp\uttF5C7.tmp.exe
Supprimé! C:\Users\Audrey\AppData\Local\Temp\7za.exe
Supprimé! C:\Users\Audrey\AppData\Local\Temp\OB.exe
Supprimé! C:\Users\Audrey\AppData\Local\Temp\UuU.uUu
Supprimé! C:\Users\Audrey\AppData\Local\Temp\XxX.xXx
Supprimé! F:\SergeLeLama.vbs

(!) Fichiers temporaires supprimés.

################## | Référence de comparaison MD5 |

Md5 : 4992EBB15E383B09448B167EA51E1B48 -> C:\Users\Audrey\AppData\Local\Temp\Jour de Pluie.scr
Md5 : E92604E043F51C604B6D1AC3BCD3A202 -> C:\Users\Audrey\AppData\Local\Temp\7za.exe
Md5 : 16E4D2661BC0E7D08E51875D2BE0BB04 -> C:\Users\Audrey\AppData\Local\Temp\OB.exe
Md5 : 225FA10C4EB5B8C5ACF697A18809C69B -> F:\SergeLeLama.vbs
Md5 : 4992EBB15E383B09448B167EA51E1B48 -> C:\Users\Audrey\AppData\Local\Temp\Jour de Pluie.scr
Md5 : E92604E043F51C604B6D1AC3BCD3A202 -> C:\Users\Audrey\AppData\Local\Temp\7za.exe
Md5 : 16E4D2661BC0E7D08E51875D2BE0BB04 -> C:\Users\Audrey\AppData\Local\Temp\OB.exe
Md5 : 225FA10C4EB5B8C5ACF697A18809C69B -> F:\SergeLeLama.vbs
Md5 : 4992EBB15E383B09448B167EA51E1B48 -> C:\Users\Audrey\AppData\Local\Temp\Jour de Pluie.scr
Md5 : E92604E043F51C604B6D1AC3BCD3A202 -> C:\Users\Audrey\AppData\Local\Temp\7za.exe
Md5 : 16E4D2661BC0E7D08E51875D2BE0BB04 -> C:\Users\Audrey\AppData\Local\Temp\OB.exe
Md5 : 225FA10C4EB5B8C5ACF697A18809C69B -> F:\SergeLeLama.vbs
Md5 : 4992EBB15E383B09448B167EA51E1B48 -> C:\Users\Audrey\AppData\Local\Temp\Jour de Pluie.scr
Md5 : E92604E043F51C604B6D1AC3BCD3A202 -> C:\Users\Audrey\AppData\Local\Temp\7za.exe
Md5 : 16E4D2661BC0E7D08E51875D2BE0BB04 -> C:\Users\Audrey\AppData\Local\Temp\OB.exe
Md5 : 225FA10C4EB5B8C5ACF697A18809C69B -> F:\SergeLeLama.vbs
Md5 : 4992EBB15E383B09448B167EA51E1B48 -> C:\Users\Audrey\AppData\Local\Temp\Jour de Pluie.scr
Md5 : E92604E043F51C604B6D1AC3BCD3A202 -> C:\Users\Audrey\AppData\Local\Temp\7za.exe
Md5 : 16E4D2661BC0E7D08E51875D2BE0BB04 -> C:\Users\Audrey\AppData\Local\Temp\OB.exe
Md5 : 225FA10C4EB5B8C5ACF697A18809C69B -> F:\SergeLeLama.vbs

################## | Comparaison MD5 |

Supprimé! Md5 : 4992EBB15E383B09448B167EA51E1B48 -> C:\Windows\System32\Jour de Pluie.scr

################## | Registre |

Supprimé! HKU\S-1-5-21-1869673205-3978405616-3870108736-1000\Software\.\.\.\.\Mountpoints2\{90f40b0e-4b6c-11e2-84d1-5404a645e99f}

################## | Listing |

[11/05/2012 - 23:33:40 | SHD ] C:\$Recycle.Bin
[11/05/2012 - 19:10:32 | N | 112] C:\086FAADC3603
[11/05/2012 - 19:10:32 | N | 40] C:\33E43B8C12F9
[12/11/2013 - 22:31:24 | D ] C:\AdwCleaner
[20/04/2013 - 18:03:10 | N | 4246] C:\AdwCleaner[R10].txt
[31/05/2013 - 17:24:21 | N | 5216] C:\AdwCleaner[R11].txt
[15/07/2013 - 16:24:45 | N | 16157] C:\AdwCleaner[R12].txt
[09/08/2013 - 10:00:02 | N | 4778] C:\AdwCleaner[R13].txt
[01/12/2012 - 12:22:21 | N | 68360] C:\AdwCleaner[R1].txt
[01/12/2012 - 12:52:15 | N | 2943] C:\AdwCleaner[R2].txt
[23/01/2013 - 15:59:59 | N | 1352] C:\AdwCleaner[R6].txt
[23/01/2013 - 16:00:57 | N | 1412] C:\AdwCleaner[R7].txt
[31/03/2013 - 11:01:25 | N | 20836] C:\AdwCleaner[R8].txt
[04/04/2013 - 17:03:06 | N | 15261] C:\AdwCleaner[R9].txt
[09/08/2013 - 10:01:13 | N | 4859] C:\AdwCleaner[S10].txt
[01/12/2012 - 12:23:31 | N | 68348] C:\AdwCleaner[S1].txt
[01/12/2012 - 12:53:03 | N | 2901] C:\AdwCleaner[S2].txt
[23/01/2013 - 16:01:36 | N | 1474] C:\AdwCleaner[S4].txt
[31/03/2013 - 11:02:42 | N | 20858] C:\AdwCleaner[S5].txt
[04/04/2013 - 17:03:59 | N | 15598] C:\AdwCleaner[S6].txt
[20/04/2013 - 18:03:46 | N | 4347] C:\AdwCleaner[S7].txt
[31/05/2013 - 17:24:55 | N | 5319] C:\AdwCleaner[S8].txt
[15/07/2013 - 16:25:35 | N | 14913] C:\AdwCleaner[S9].txt
[13/11/2013 - 17:46:26 | D ] C:\ASUS.DAT
[18/08/2013 - 21:48:29 | D ] C:\AsusVibeData
[29/08/2012 - 10:20:54 | D ] C:\aws
[29/07/2009 - 07:03:34 | SHD ] C:\Boot
[14/07/2009 - 02:38:58 | RASH | 383562] C:\bootmgr
[29/07/2009 - 07:03:37 | RASH | 8192] C:\BOOTSECT.BAK
[12/11/2013 - 22:48:13 | SHD ] C:\Config.Msi
[03/12/2011 - 04:39:21 | N | 13393] C:\devlist.txt
[14/07/2009 - 06:08:56 | SHD ] C:\Documents and Settings
[03/12/2011 - 04:28:20 | D ] C:\eSupport
[07/11/2007 - 08:00:40 | N | 17734] C:\eula.1028.txt
[07/11/2007 - 08:00:40 | N | 17734] C:\eula.1031.txt
[07/11/2007 - 08:00:40 | N | 10134] C:\eula.1033.txt
[07/11/2007 - 08:00:40 | N | 17734] C:\eula.1036.txt
[07/11/2007 - 08:00:40 | N | 17734] C:\eula.1040.txt
[07/11/2007 - 08:00:40 | N | 118] C:\eula.1041.txt
[07/11/2007 - 08:00:40 | N | 17734] C:\eula.1042.txt
[07/11/2007 - 08:00:40 | N | 17734] C:\eula.2052.txt
[07/11/2007 - 08:00:40 | N | 17734] C:\eula.3082.txt
[03/12/2011 - 04:39:21 | N | 9] C:\Finish.log
[07/11/2007 - 08:00:40 | N | 1110] C:\globdata.ini
[13/11/2013 - 17:44:26 | ASH | 3202449408] C:\hiberfil.sys
[07/11/2007 - 08:03:18 | N | 562688] C:\install.exe
[07/11/2007 - 08:00:40 | N | 843] C:\install.ini
[07/11/2007 - 08:03:18 | N | 76304] C:\install.res.1028.dll
[07/11/2007 - 08:03:18 | N | 96272] C:\install.res.1031.dll
[07/11/2007 - 08:03:18 | N | 91152] C:\install.res.1033.dll
[07/11/2007 - 08:03:18 | N | 97296] C:\install.res.1036.dll
[07/11/2007 - 08:03:18 | N | 95248] C:\install.res.1040.dll
[07/11/2007 - 08:03:18 | N | 81424] C:\install.res.1041.dll
[07/11/2007 - 08:03:18 | N | 79888] C:\install.res.1042.dll
[07/11/2007 - 08:03:18 | N | 75792] C:\install.res.2052.dll
[07/11/2007 - 08:03:18 | N | 96272] C:\install.res.3082.dll
[03/12/2011 - 04:19:56 | D ] C:\Intel
[13/09/2011 - 09:21:56 | N | 2621440] C:\K54HR.BIN
[13/10/2011 - 05:50:42 | N | 19] C:\K54HR_WIN7.20
[12/11/2013 - 13:00:36 | RHD ] C:\MSOCache
[13/11/2013 - 17:44:27 | ASH | 4269932544] C:\pagefile.sys
[03/12/2011 - 04:40:30 | N | 303] C:\Pass.txt
[14/07/2009 - 04:20:08 | D ] C:\PerfLogs
[21/10/2013 - 11:35:50 | D ] C:\Program Files
[13/11/2013 - 17:59:10 | D ] C:\Program Files (x86)
[27/09/2013 - 12:56:11 | HD ] C:\ProgramData
[17/04/2012 - 13:19:58 | SHD ] C:\Recovery
[13/10/2011 - 05:50:42 | N | 7] C:\RECOVERY.DAT
[03/12/2011 - 04:26:52 | N | 2500] C:\RHDSetup.log
[13/11/2013 - 18:00:10 | D ] C:\rsit
[30/08/2011 - 12:00:22 | N | 1083] C:\setup.iss
[13/11/2013 - 17:18:23 | SHD ] C:\System Volume Information
[15/07/2012 - 13:08:04 | D ] C:\Temp
[13/11/2013 - 18:14:35 | D ] C:\UsbFix
[13/11/2013 - 17:15:51 | N | 9308] C:\UsbFix [Clean 2] AUDREY-PC.txt
[13/11/2013 - 17:24:29 | N | 8985] C:\UsbFix [Clean 3] AUDREY-PC.txt
[13/11/2013 - 17:37:20 | N | 8767] C:\UsbFix [Clean 4] AUDREY-PC.txt
[13/11/2013 - 18:15:19 | A | 20724] C:\UsbFix [Clean 5] AUDREY-PC.txt
[13/11/2013 - 17:02:29 | N | 14928] C:\UsbFix [Scan 1] AUDREY-PC.txt
[17/04/2012 - 13:21:19 | RD ] C:\Users
[07/11/2007 - 08:00:40 | N | 5686] C:\vcredist.bmp
[07/11/2007 - 08:09:22 | N | 1442522] C:\VC_RED.cab
[07/11/2007 - 08:12:28 | N | 232960] C:\VC_RED.MSI
[12/11/2013 - 13:01:35 | D ] C:\Windows
[17/04/2012 - 13:22:26 | SHD ] D:\$RECYCLE.BIN
[03/11/2013 - 19:11:32 | D ] D:\AUDREY-PC
[15/02/2013 - 16:07:53 | N | 528] D:\MediaID.bin
[10/11/2013 - 21:44:56 | SHD ] D:\System Volume Information
[11/11/2013 - 20:53:34 | N | 44810] F:\Les reconstructions monarchiques.docx

################## | Vaccin |

F:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
#16718
salut
  • Seuls ces liens sont officiels ne pas télécharger l'outil sur d'autres liens !

    Note : Pendant le scan le bureau peu disparaître à  plusieurs reprises
  • Désactive toutes tes protections si possible, antivirus, sandbox, pare-feux ... ( >> Aide << )
  • Télécharge Pre_Scan sur ton bureau !
  • Si le lien n'est pas fonctionnel :
    • #ICI (renommé winlogon)
  • Note : Si l'outil est relancé plusieurs fois, clique sur Scan|Kill

    Image
  • Si l'outil est bloqué par l'infection essaye avec d'autres exetensions :
  • Si des Proxy sont détectés et que tu n'en as pas installé :
    • Clique sur Supprimer le Proxy
  • A la fin du scan, rends toi à  la racine de ton disque dur ( C:\ )
  • Héberge le rapport Pre_Scan¤¤¤¤¤¤¤¤¤.txt sur SosUpload
#16839
hello c:\pre_scan_xx_xx_xx_xx_xx_xx.txt (les "x" étant des chiffres)
#16865
Pre Scan ne marche pas chez moi, j'ai essayé avec winlogin, mais je ne trouve aucun scan nulle part, pourtant, ce n'est pas défaut de ne pas chercher :/ J'ai fouillé tous les dossiers en plus et rien ne correspond à  ce que vous avez noté :/
#16868
demarrer/ordinateur/disque local C

y'a pas le rapport là  dedans ? ?
#16899
tu as eu des mesages d'erreur ?
#16962
alors tu dois avoir un rapport à  la racine de ton disque dur c'est pas possible.....

bonsoir oki pour la fermeture je m'en charge car[…]

how to clean junk files

Hello don't use this program , it's a bullshit :)

Bonjour https://www.aht.li/3213847/AdsFix.exe b[…]

De rien Bon WE :)