Vous pensez être infecté, des pubs s'affichent quand vous naviguez sur internet ?
Perte de données, ralentissement système, virus USB ?
Désinfectez votre ordinateur gratuitement !
  • Avatar du membre
Avatar du membre
par Auriane
#20013
J'ai un virus qui transforme les fichiers de mes clefs USB en raccourcis.

Rapport USBfix Recherche: QUE FAIRE?

############################## | UsbFix V 7.152 | [Recherche]

Utilisateur: aurianep (Administrateur) # AURIANE
Mis à  jour le 20/11/2013 par El Desaparecido - Team SosVirus
Lancé à  20:42:57 | 01/12/2013

Site Web : http://www.usbfix.net" onclick="window.open(this.href);return false;
Forum : http://www.sosvirus.net/" onclick="window.open(this.href);return false;
Upload Malware : http://www.sosvirus.net/upload_malware.php" onclick="window.open(this.href);return false;
Contact : http://www.usbfix.net/contact/" onclick="window.open(this.href);return false;

PC: ASUSTeK COMPUTER INC. (X200CA)
CPU: Intel(R) Celeron(R) CPU 1007U @ 1.50GHz
RAM -> [Total : 3982 | Free : 1946]
Bios: American Megatrends Inc.
Boot: Normal boot

OS: Microsoft Windows 8 (6.2.9200 64-Bit)
WB: Windows Internet Explorer : 10.0.9200.16736
WB: Google Chrome : 31.0.1650.57

SC: Security Center Service [Enabled]
WU: Windows Update Service [(!) Disabled]
AV: McAfee Anti-Virus et Anti-Spyware [(!) Disabled | Updated]
AS: Windows Defender : 4.3.0215.0
FW: Windows FireWall Service [Enabled]

C:\ (%systemdrive%) -> Disque fixe # 186 Go (131 Go libre(s) - 70%) [OS] # NTFS
D:\ -> Disque fixe # 258 Go (173 Go libre(s) - 67%) [Data] # NTFS
E:\ -> Disque amovible # 8 Go (8 Go libre(s) - 99%) [NOLIMIT] # FAT32

################## | Processus Actif |

C:\Windows\system32\csrss.exe (ID: 600 |ParentID: 592)
C:\Windows\system32\wininit.exe (ID: 672 |ParentID: 592)
C:\Windows\system32\services.exe (ID: 768 |ParentID: 672)
C:\Windows\system32\lsass.exe (ID: 776 |ParentID: 672)
C:\Windows\system32\svchost.exe (ID: 864 |ParentID: 768)
C:\Windows\system32\svchost.exe (ID: 940 |ParentID: 768)
C:\Windows\System32\svchost.exe (ID: 992 |ParentID: 768)
C:\Windows\system32\svchost.exe (ID: 1020 |ParentID: 768)
C:\Windows\system32\svchost.exe (ID: 524 |ParentID: 768)
C:\Windows\System32\svchost.exe (ID: 884 |ParentID: 768)
C:\Program Files\Classic Shell\ClassicShellService.exe (ID: 1080 |ParentID: 768)
C:\Windows\system32\svchost.exe (ID: 1168 |ParentID: 768)
C:\Program Files\AVAST Software\Avast\AvastSvc.exe (ID: 1348 |ParentID: 768)
C:\Windows\System32\spoolsv.exe (ID: 1568 |ParentID: 768)
C:\Windows\system32\svchost.exe (ID: 1600 |ParentID: 768)
C:\Windows\system32\svchost.exe (ID: 1620 |ParentID: 768)
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (ID: 1748 |ParentID: 768)
C:\Windows\system32\dashost.exe (ID: 2168 |ParentID: 884)
C:\Program Files\McAfee\MSC\McAPExe.exe (ID: 428 |ParentID: 768)
C:\windows\system32\mfevtps.exe (ID: 2492 |ParentID: 768)
C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe (ID: 1148 |ParentID: 768)
C:\Program Files (x86)\Common Files\Umbrella\umbrella.exe (ID: 2864 |ParentID: 768)
C:\Program Files (x86)\SoftwareUpdater\UpdaterService.exe (ID: 2088 |ParentID: 768)
C:\Program Files (x86)\Wajam\Updater\WajamUpdaterV2.exe (ID: 2284 |ParentID: 768)
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe (ID: 1420 |ParentID: 768)
C:\Windows\system32\SearchIndexer.exe (ID: 3368 |ParentID: 768)
C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe (ID: 3860 |ParentID: 768)
C:\Windows\system32\svchost.exe (ID: 4028 |ParentID: 768)
C:\Windows\System32\svchost.exe (ID: 3624 |ParentID: 768)
C:\Windows\system32\DllHost.exe (ID: 4684 |ParentID: 864)
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe (ID: 5152 |ParentID: 768)
C:\Program Files\ASUS\P4G\InsOnSrv.exe (ID: 5440 |ParentID: 768)
C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe (ID: 5580 |ParentID: 768)
C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ID: 5732 |ParentID: 768)
C:\Program Files\Intel\iCLS Client\HeciServer.exe (ID: 5980 |ParentID: 768)
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (ID: 6072 |ParentID: 768)
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (ID: 4984 |ParentID: 768)
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (ID: 5124 |ParentID: 768)
C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe (ID: 3204 |ParentID: 768)
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (ID: 2248 |ParentID: 768)
C:\Program Files\Windows Media Player\wmpnetwk.exe (ID: 6816 |ParentID: 768)
C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe (ID: 2436 |ParentID: 768)
c:\PROGRA~1\mcafee.com\agent\McUpdate.exe (ID: 980 |ParentID: 3860)
c:\PROGRA~1\mcafee\msc\mcupdmgr.exe (ID: 3120 |ParentID: 864)
c:\PROGRA~1\mcafee\mqs\qcshm.exe (ID: 3536 |ParentID: 864)
C:\PROGRA~1\McAfee\MSC\McInfo.exe (ID: 3728 |ParentID: 3860)
C:\Windows\system32\csrss.exe (ID: 7560 |ParentID: 7192)
C:\Windows\System32\WinLogon.exe (ID: 2532 |ParentID: 7192)
C:\Windows\System32\dwm.exe (ID: 2348 |ParentID: 2532)
C:\Windows\system32\FBAgent.exe (ID: 6312 |ParentID: 768)
C:\Windows\system32\taskhostex.exe (ID: 6228 |ParentID: 768)
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (ID: 724 |ParentID: 5152)
C:\Windows\Explorer.EXE (ID: 5636 |ParentID: 3776)
C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe (ID: 4040 |ParentID: 768)
C:\Program Files\ASUS\P4G\InsOnWMI.exe (ID: 6484 |ParentID: 5440)
C:\Program Files\Classic Shell\ClassicStartMenu.exe (ID: 3288 |ParentID: 1080)
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe (ID: 6060 |ParentID: 724)
C:\Windows\system32\wbem\wmiprvse.exe (ID: 408 |ParentID: 864)
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ID: 4588 |ParentID: 4424)
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ID: 5264 |ParentID: 6180)
C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4406.1205_x64__8wekyb3d8bbwe\LiveComm.exe (ID: 6844 |ParentID: 864)
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe (ID: 4344 |ParentID: 884)
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe (ID: 1976 |ParentID: 4344)
C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe (ID: 7588 |ParentID: 2800)
C:\Windows\System32\wscript.exe (ID: 3148 |ParentID: 5636)
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (ID: 5240 |ParentID: 5864)
C:\Program Files\AVAST Software\Avast\AvastUI.exe (ID: 6632 |ParentID: 5864)
C:\Program Files (x86)\Iminent\Iminent.exe (ID: 200 |ParentID: 5864)
C:\Program Files (x86)\Iminent\Iminent.Messengers.exe (ID: 1412 |ParentID: 5864)
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe (ID: 4648 |ParentID: 5864)
C:\Windows\system32\wbem\wmiprvse.exe (ID: 5056 |ParentID: 864)
C:\Windows\System32\RuntimeBroker.exe (ID: 6120 |ParentID: 864)
C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe (ID: 4196 |ParentID: 6312)
C:\Windows\system32\hkcmd.exe (ID: 6640 |ParentID: 6312)
C:\Windows\system32\igfxtray.exe (ID: 4992 |ParentID: 6312)
C:\Program Files\Conexant\SAII\SmartAudio.exe (ID: 2764 |ParentID: 8176)
C:\Program Files\ASUS\P4G\BatteryLife.exe (ID: 5376 |ParentID: 768)
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe (ID: 5620 |ParentID: 768)
C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe (ID: 4744 |ParentID: 7500)
C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe (ID: 6092 |ParentID: 768)
C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe (ID: 7084 |ParentID: 4744)
C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe (ID: 840 |ParentID: 768)
C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe (ID: 4592 |ParentID: 4744)
C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe (ID: 1428 |ParentID: 4744)
C:\Windows\system32\igfxpers.exe (ID: 4244 |ParentID: 7188)
C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe (ID: 2020 |ParentID: 1428)
C:\Windows\System32\WUDFHost.exe (ID: 244 |ParentID: 884)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 4204 |ParentID: 2364)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 3240 |ParentID: 4204)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 4836 |ParentID: 4204)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 6216 |ParentID: 4204)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 5048 |ParentID: 4204)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 3704 |ParentID: 4204)
C:\Windows\system32\SearchProtocolHost.exe (ID: 452 |ParentID: 3368)
C:\Windows\system32\SearchFilterHost.exe (ID: 7076 |ParentID: 3368)
C:\UsbFix\Go.exe (ID: 2672 |ParentID: 3600)
C:\Windows\system32\taskhost.exe (ID: 1304 |ParentID: 768)

################## | Regedit Run |

04 - HKLM\SOFTWARE | Run : [mcpltui_exe] - "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
04 - HKLM\SOFTWARE | Run : [Adobe ARM] - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
04 - HKLM\SOFTWARE | Run : [SunJavaUpdateSched] - "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
04 - HKLM\SOFTWARE | Run : [avast] - "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
04 - HKLM\SOFTWARE | Run : [Iminent] - C:\Program Files (x86)\Iminent\Iminent.exe /warmup "F77F87E5-A6BD-4922-A530-EDF63D7E9F8C"
04 - HKLM\SOFTWARE | Run : [IminentMessenger] - C:\Program Files (x86)\Iminent\Iminent.Messengers.exe
04 - HKLM\SOFTWARE | Run : [DivXMediaServer] - C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
04 - HKLM\SOFTWARE | Run : [DivXUpdate] - "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
04 - HKLM\SOFTWARE\wow6432Node | Run : [mcpltui_exe] - "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
04 - HKLM\SOFTWARE\wow6432Node | Run : [Adobe ARM] - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
04 - HKLM\SOFTWARE\wow6432Node | Run : [SunJavaUpdateSched] - "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
04 - HKLM\SOFTWARE\wow6432Node | Run : [avast] - "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
04 - HKLM\SOFTWARE\wow6432Node | Run : [Iminent] - C:\Program Files (x86)\Iminent\Iminent.exe /warmup "F77F87E5-A6BD-4922-A530-EDF63D7E9F8C"
04 - HKLM\SOFTWARE\wow6432Node | Run : [IminentMessenger] - C:\Program Files (x86)\Iminent\Iminent.Messengers.exe
04 - HKLM\SOFTWARE\wow6432Node | Run : [DivXMediaServer] - C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
04 - HKLM\SOFTWARE\wow6432Node | Run : [DivXUpdate] - "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
04 - HKLM\SOFTWARE | RunOnce : [] -
04 - HKLM\SOFTWARE\wow6432Node | RunOnce : [] -
04 - HKU\S-1-5-21-28175745-856189450-3141033118-1001\SOFTWARE | Run : [iTunesHelper] - wscript.exe //B "C:\Users\aurianep\AppData\Local\Temp\iTunesHelper.vbe"

################## | Recherche générique |

Présent! C:\Users\aurianep\AppData\Local\Temp\iTunesHelper.vbe
Présent! C:\Users\aurianep\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\iTunesHelper.vbe
Présent! E:\iTunesHelper.vbe
Présent! C:\ProgramData\SetStretch.VBS

################## | Référence de comparaison MD5 |

Md5 : E1E37E7138B0593E29B2F92A453749CB -> C:\Users\All Users\SetStretch.VBS
Md5 : E1E37E7138B0593E29B2F92A453749CB -> C:\ProgramData\SetStretch.VBS
Md5 : E4332D4E396A69533553966AD2836584 -> C:\Users\aurianep\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\iTunesHelper.vbe
Md5 : E4332D4E396A69533553966AD2836584 -> C:\Users\aurianep\AppData\Local\Temp\iTunesHelper.vbe
Md5 : E4332D4E396A69533553966AD2836584 -> E:\iTunesHelper.vbe
Md5 : E4332D4E396A69533553966AD2836584 -> C:\Users\aurianep\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\iTunesHelper.vbe

################## | Comparaison MD5 |

Présent! Md5 : E1E37E7138B0593E29B2F92A453749CB -> C:\ProgramData\SetStretch.VBS
Présent! Md5 : E1E37E7138B0593E29B2F92A453749CB -> C:\Users\All Users\SetStretch.VBS
Présent! Md5 : E4332D4E396A69533553966AD2836584 -> C:\Users\aurianep\AppData\Local\Temp\iTunesHelper.vbe
Présent! Md5 : E4332D4E396A69533553966AD2836584 -> C:\Users\aurianep\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\iTunesHelper.vbe
Présent! Md5 : E4332D4E396A69533553966AD2836584 -> E:\iTunesHelper.vbe

################## | Registre |

Présent! HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer|NoActiveDesktop -> 1
Présent! HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer|NoActiveDesktopChanges -> 1
Présent! HKU\S-1-5-21-28175745-856189450-3141033118-1001\Software\Microsoft\Windows\CurrentVersion\Run|iTunesHelper
Présent! HKCU\Software\Microsoft\Windows\CurrentVersion\Run|iTunesHelper

################## | Vaccin |

(!) Cet ordinateur n'est pas vacciné!

################## | E.O.F | http://www.usbfix.net" onclick="window.open(this.href);return false; - http://www.sosvirus.net" onclick="window.open(this.href);return false; |
Avatar du membre
par g3n-h@ckm@n
#20014
hello , relance usbfix , clique sur suppression puis poste le rapport en découlant

ensuite change tes mots de passe ils ont été volés par l'infection :)
Avatar du membre
par Auriane
#20017
Voila le rapport. Je vais aller changer mes mots de passe


############################## | UsbFix V 7.152 | [Suppression]

Utilisateur: aurianep (Administrateur) # AURIANE
Mis à  jour le 20/11/2013 par El Desaparecido - Team SosVirus
Lancé à  21:07:11 | 01/12/2013

Site Web : http://www.usbfix.net" onclick="window.open(this.href);return false;
Forum : http://www.sosvirus.net/" onclick="window.open(this.href);return false;
Upload Malware : http://www.sosvirus.net/upload_malware.php" onclick="window.open(this.href);return false;
Contact : http://www.usbfix.net/contact/" onclick="window.open(this.href);return false;

PC: ASUSTeK COMPUTER INC. (X200CA)
CPU: Intel(R) Celeron(R) CPU 1007U @ 1.50GHz
RAM -> [Total : 3982 | Free : 1943]
Bios: American Megatrends Inc.
Boot: Normal boot

OS: Microsoft Windows 8 (6.2.9200 64-Bit)
WB: Windows Internet Explorer : 10.0.9200.16736
WB: Google Chrome : 31.0.1650.57

SC: Security Center Service [Enabled]
WU: Windows Update Service [(!) Disabled]
AV: McAfee Anti-Virus et Anti-Spyware [(!) Disabled | Updated]
AS: Windows Defender : 4.3.0215.0
FW: Windows FireWall Service [Enabled]

C:\ (%systemdrive%) -> Disque fixe # 186 Go (131 Go libre(s) - 70%) [OS] # NTFS
D:\ -> Disque fixe # 258 Go (173 Go libre(s) - 67%) [Data] # NTFS
E:\ -> Disque amovible # 8 Go (8 Go libre(s) - 99%) [NOLIMIT] # FAT32

################## | Processus Stoppés |

Stoppé! C:\Program Files\AVAST Software\Avast\AvastSvc.exe (ID: 1348 |ParentID: 768)
Stoppé! C:\Program Files\McAfee\MSC\McAPExe.exe (ID: 428 |ParentID: 768)
Stoppé! C:\windows\system32\mfevtps.exe (ID: 2492 |ParentID: 768)
Stoppé! C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe (ID: 1420 |ParentID: 768)
Stoppé! C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe (ID: 3860 |ParentID: 768)
Stoppé! C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe (ID: 3204 |ParentID: 768)
Stoppé! c:\PROGRA~1\mcafee.com\agent\McUpdate.exe (ID: 980 |ParentID: 3860)
Stoppé! c:\PROGRA~1\mcafee\msc\mcupdmgr.exe (ID: 3120 |ParentID: 864)
Stoppé! c:\PROGRA~1\mcafee\mqs\qcshm.exe (ID: 3536 |ParentID: 864)
Stoppé! C:\PROGRA~1\McAfee\MSC\McInfo.exe (ID: 3728 |ParentID: 3860)
Stoppé! C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe (ID: 7588 |ParentID: 2800)
Stoppé! C:\Program Files\AVAST Software\Avast\AvastUI.exe (ID: 6632 |ParentID: 5864)
Stoppé! C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe (ID: 6416 |ParentID: 768)
Stoppé! C:\Windows\explorer.exe (ID: 8116 |ParentID: 2532)
Stoppé! C:\Program Files\Intel\iCLS Client\HeciServer.exe (ID: 1796 |ParentID: 768)
Stoppé! C:\Windows\System32\spoolsv.exe (ID: 2200 |ParentID: 768)
Stoppé! C:\Windows\System32\WUDFHost.exe (ID: 7900 |ParentID: 884)
Stoppé! C:\Windows\system32\DllHost.exe (ID: 3600 |ParentID: 864)
Stoppé! C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (ID: 8084 |ParentID: 768)
Stoppé! C:\Windows\system32\FBAgent.exe (ID: 1636 |ParentID: 768)
Stoppé! C:\Windows\system32\SearchIndexer.exe (ID: 5624 |ParentID: 768)
Stoppé! C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 5732 |ParentID: 7292)
Stoppé! C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 6352 |ParentID: 5732)
Stoppé! C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 2508 |ParentID: 5732)
Stoppé! C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 7032 |ParentID: 5732)
Stoppé! C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 6316 |ParentID: 5732)
Stoppé! C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 7208 |ParentID: 5732)
Stoppé! C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4406.1205_x64__8wekyb3d8bbwe\LiveComm.exe (ID: 6388 |ParentID: 864)
Stoppé! C:\Windows\System32\RuntimeBroker.exe (ID: 6976 |ParentID: 864)
Stoppé! C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 7864 |ParentID: 5732)

################## | Regedit Run |

04 - HKLM\SOFTWARE | Run : [mcpltui_exe] - "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
04 - HKLM\SOFTWARE | Run : [Adobe ARM] - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
04 - HKLM\SOFTWARE | Run : [SunJavaUpdateSched] - "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
04 - HKLM\SOFTWARE | Run : [avast] - "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
04 - HKLM\SOFTWARE | Run : [Iminent] - C:\Program Files (x86)\Iminent\Iminent.exe /warmup "F77F87E5-A6BD-4922-A530-EDF63D7E9F8C"
04 - HKLM\SOFTWARE | Run : [IminentMessenger] - C:\Program Files (x86)\Iminent\Iminent.Messengers.exe
04 - HKLM\SOFTWARE | Run : [DivXMediaServer] - C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
04 - HKLM\SOFTWARE | Run : [DivXUpdate] - "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
04 - HKLM\SOFTWARE\wow6432Node | Run : [mcpltui_exe] - "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
04 - HKLM\SOFTWARE\wow6432Node | Run : [Adobe ARM] - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
04 - HKLM\SOFTWARE\wow6432Node | Run : [SunJavaUpdateSched] - "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
04 - HKLM\SOFTWARE\wow6432Node | Run : [avast] - "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
04 - HKLM\SOFTWARE\wow6432Node | Run : [Iminent] - C:\Program Files (x86)\Iminent\Iminent.exe /warmup "F77F87E5-A6BD-4922-A530-EDF63D7E9F8C"
04 - HKLM\SOFTWARE\wow6432Node | Run : [IminentMessenger] - C:\Program Files (x86)\Iminent\Iminent.Messengers.exe
04 - HKLM\SOFTWARE\wow6432Node | Run : [DivXMediaServer] - C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
04 - HKLM\SOFTWARE\wow6432Node | Run : [DivXUpdate] - "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
04 - HKLM\SOFTWARE | RunOnce : [] -
04 - HKLM\SOFTWARE\wow6432Node | RunOnce : [] -
04 - HKU\S-1-5-21-28175745-856189450-3141033118-1001\SOFTWARE | Run : [iTunesHelper] - wscript.exe //B "C:\Users\aurianep\AppData\Local\Temp\iTunesHelper.vbe"

################## | Recherche générique |

Supprimé! C:\Users\aurianep\AppData\Local\Temp\iTunesHelper.vbe
Supprimé! C:\Users\aurianep\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\iTunesHelper.vbe
Supprimé! E:\iTunesHelper.vbe
Supprimé! C:\ProgramData\SetStretch.VBS

(!) Fichiers temporaires supprimés.

################## | Référence de comparaison MD5 |

Md5 : E1E37E7138B0593E29B2F92A453749CB -> C:\Users\All Users\SetStretch.VBS
Md5 : E1E37E7138B0593E29B2F92A453749CB -> C:\ProgramData\SetStretch.VBS
Md5 : E4332D4E396A69533553966AD2836584 -> C:\Users\aurianep\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\iTunesHelper.vbe
Md5 : E4332D4E396A69533553966AD2836584 -> C:\Users\aurianep\AppData\Local\Temp\iTunesHelper.vbe
Md5 : E4332D4E396A69533553966AD2836584 -> E:\iTunesHelper.vbe
Md5 : E4332D4E396A69533553966AD2836584 -> C:\Users\aurianep\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\iTunesHelper.vbe

################## | Comparaison MD5 |


################## | Registre |

Réparé ! HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer|NoActiveDesktop -> 0
Réparé ! HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer|NoActiveDesktopChanges -> 0
Supprimé! HKU\S-1-5-21-28175745-856189450-3141033118-1001\Software\Microsoft\Windows\CurrentVersion\Run|iTunesHelper

################## | Listing |

[05/10/2013 - 14:43:33 | SHD ] C:\$Recycle.Bin
[08/08/2013 - 10:36:55 | D ] C:\AsusVibeData
[26/04/2013 - 09:05:33 | SD ] C:\Boot
[26/07/2012 - 04:44:30 | RAS | 398156] C:\bootmgr
[02/06/2012 - 15:30:55 | N | 1] C:\BOOTNXT
[26/07/2012 - 08:22:08 | SHD ] C:\Documents and Settings
[14/11/2013 - 13:24:04 | N | 0] C:\END
[08/08/2013 - 10:36:42 | D ] C:\eSupport
[26/11/2013 - 21:15:20 | ASH | 3340218368] C:\hiberfil.sys
[08/08/2013 - 10:23:07 | D ] C:\Intel
[26/11/2013 - 21:15:23 | ASH | 4294967296] C:\pagefile.sys
[26/07/2012 - 08:33:46 | D ] C:\PerfLogs
[29/11/2013 - 19:03:52 | D ] C:\Program Files
[29/11/2013 - 19:03:52 | D ] C:\Program Files (x86)
[01/12/2013 - 21:09:08 | D ] C:\ProgramData
[06/10/2013 - 20:45:00 | D ] C:\sources
[26/11/2013 - 21:15:23 | ASH | 268435456] C:\swapfile.sys
[28/11/2013 - 11:12:55 | SHD ] C:\System Volume Information
[01/12/2013 - 21:08:55 | D ] C:\UsbFix
[01/12/2013 - 21:09:12 | A | 8243] C:\UsbFix [Clean 3] AURIANE.txt
[01/12/2013 - 20:48:07 | N | 12866] C:\UsbFix [Scan 1] AURIANE.txt
[30/09/2013 - 08:45:54 | RD ] C:\Users
[01/12/2013 - 20:39:43 | D ] C:\Windows
[17/06/2013 - 02:10:18 | N | 6293504] C:\X200CA.BIN
[06/06/2013 - 03:09:25 | N | 6293504] C:\X200CAP.BIN
[02/10/2013 - 19:34:41 | SHD ] D:\$RECYCLE.BIN
[09/10/2013 - 07:34:11 | D ] D:\18fd397672e019d53a
[14/10/2013 - 16:13:53 | D ] D:\Documents
[19/11/2013 - 12:50:53 | D ] D:\Films
[08/08/2013 - 10:16:22 | SHD ] D:\System Volume Information
[19/11/2013 - 12:51:30 | D ] D:\Séries

################## | Vaccin |

E:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)

################## | E.O.F | http://www.usbfix.net" onclick="window.open(this.href);return false; - http://www.sosvirus.net" onclick="window.open(this.href);return false; |
Avatar du membre
par g3n-h@ckm@n
#20023
ok je vois en plus que tes navigateurs sont infectés
  • Télécharge Adwcleaner (de Xplode) sur ton Bureau !
  • Fais clic droit dessus, exécuter en tant qu'administrateur sous Windows : 7/8 et Vista
    1. Choisis l'option Scanner
    2. Choisis l'option Nettoyer
  • Accepte l'avertissement en cliquant sur OK

    Image
  • Accepte les avertissements/informations en cliquant sur OK
  • Copie et Colle le contenu du rapport qui apparaît au redémarrage du PC

bonsoir oki pour la fermeture je m'en charge car[…]

how to clean junk files

Hello don't use this program , it's a bullshit :)

Bonjour https://www.aht.li/3213847/AdsFix.exe b[…]

De rien Bon WE :)