Vous pensez être infecté, des pubs s'affichent quand vous naviguez sur internet ?
Perte de données, ralentissement système, virus USB ?
Réparez votre ordinateur gratuitement sur notre assistance en ligne.
  • Avatar du membre
  • Avatar du membre
Avatar du membre
par jpdunber
#6475
J'ai fait un scan avec usbfix et voici le résultat du scan. On me demande d'aller sur ce forum pour de l'aide et d'attendre le résultat de vos suggestions pour la suite.
Merci
Code: Tout sélectionner
############################## | UsbFix V 7.129 | [Recherche]

Utilisateur: Jpdunber (Administrateur) # ORDIHPI7
Mis à jour le 24/06/2013 par El Desaparecido
Lancé à 21:44:06 | 08/08/2013

Site Web: https://www.sosvirus.net/
Upload Malware: https://www.sosvirus.net/upload-malware-pour-analyse-t489.html
Contact: contact@sosvirus.net

PC: Hewlett-Packard (HP Pavilion dv6 Notebook PC) (x64-based PC)
CPU: Intel(R) Core(TM) i7-3610QM CPU @ 2.30GHz (2301)
RAM -> [Total : 8091 | Free : 4678]
BIOS: InsydeH2O Version 03.71.51F.09
BOOT: Normal boot

OS: Microsoft Windows 7 à‰dition Familiale Premium (6.1.7601 64-Bit) # Service Pack 1
WB: Windows Internet Explorer 10.0.9200.16635

SC: Security Center Service [Enabled]
WU: Windows Update Service [Enabled]
AV: AVG AntiVirus Free Edition 2013 [(!) Disabled | Updated]
FW: Windows FireWall Service [Enabled]

C:\ (%systemdrive%) -> Disque fixe # 903 Go (203 Go libre(s) - 23%) [] # NTFS
D:\ -> Disque fixe # 28 Go (3 Go libre(s) - 11%) [Recovery] # NTFS
E:\ -> CD-ROM
F:\ -> Disque amovible # 4 Go (4 Go libre(s) - 100%) [] # FAT32
G:\ -> CD-ROM
H:\ -> Disque amovible # 30 Go (30 Go libre(s) - 100%) [LEXAR] # FAT32

################## | Processus Actif |

C:\Windows\system32\csrss.exe (1208)
C:\Windows\system32\wininit.exe (1284)
C:\Windows\system32\csrss.exe (1308)
C:\Windows\system32\services.exe (1352)
C:\Windows\system32\lsass.exe (1376)
C:\Windows\system32\lsm.exe (1384)
C:\Windows\system32\winlogon.exe (1420)
C:\Windows\system32\svchost.exe (1532)
C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe (1596)
C:\Windows\system32\svchost.exe (1656)
C:\Windows\System32\svchost.exe (1776)
C:\Windows\System32\svchost.exe (1808)
C:\Windows\system32\svchost.exe (1844)
C:\Windows\system32\svchost.exe (1884)
C:\Program Files\IDT\WDM\STacSV64.exe (1936)
C:\Windows\system32\Hpservice.exe (1232)
C:\Program Files\Tablet\Wacom\WTabletServicePro.exe (1472)
C:\Windows\system32\WUDFHost.exe (724)
C:\Windows\system32\Dwm.exe (2160)
C:\Windows\Explorer.EXE (2184)
C:\Program Files (x86)\HP SimplePass\TouchControl.exe (2208)
C:\Windows\system32\svchost.exe (2252)
C:\Windows\system32\WLANExt.exe (2348)
C:\Windows\system32\conhost.exe (2356)
C:\Windows\System32\spoolsv.exe (2432)
C:\Windows\system32\taskeng.exe (2452)
C:\Windows\system32\svchost.exe (2576)
C:\Windows\system32\taskhost.exe (2604)
C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe (2724)
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (2756)
C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe (2780)
C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe (2860)
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (2892)
C:\Windows\system32\taskeng.exe (1740)
c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe (2088)
c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe (2096)
C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe (3048)
C:\Program Files\Bonjour\mDNSResponder.exe (1920)
C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe (1752)
C:\Program Files\Intel\WiFi\bin\EvtEng.exe (3076)
C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe (3172)
C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe (3256)
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe (3780)
C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe (4028)
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe (4048)
C:\Program Files\Intel\iCLS Client\HeciServer.exe (3180)
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (3204)
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (3472)
C:\Windows\System32\svchost.exe (2412)
C:\Windows\SysWOW64\nlssrv32.exe (3816)
C:\Windows\System32\svchost.exe (3420)
c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (4120)
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (4144)
C:\Windows\system32\svchost.exe (4208)
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.4.0\ToolbarUpdater.exe (4256)
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (4280)
C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (4324)
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.4.0\loggingserver.exe (4340)
C:\Windows\system32\conhost.exe (4360)
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (4412)
C:\Windows\system32\wbem\unsecapp.exe (4896)
C:\Windows\system32\svchost.exe (5020)
C:\Windows\system32\svchost.exe (5216)
C:\Windows\system32\wbem\wmiprvse.exe (5820)
C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe (5912)
C:\Program Files\Tablet\Wacom\WacomHost.exe (5920)
C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe (6004)
C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe (6056)
C:\Windows\System32\hkcmd.exe (4928)
C:\Windows\System32\igfxpers.exe (5636)
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (5648)
C:\Program Files\ACD Systems\ACDSee Pro\6.0\ACDSeePro6InTouch2.exe (5696)
C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe (3008)
C:\Windows\System32\rundll32.exe (4880)
C:\Program Files\IDT\WDM\sttray64.exe (5496)
C:\Program Files\Logitech\SetPointP\SetPoint.exe (2528)
C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar1.exe (5276)
C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar2.exe (5552)
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE (2532)
C:\Users\Jpdunber\AppData\Local\MétéoMédia\Météoà‰clair\weathereye.exe (3168)
C:\Users\Jpdunber\AppData\Local\Akamai\netsession_win.exe (3496)
C:\Program Files (x86)\Samsung\Kies\Kies.exe (6048)
C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (5232)
C:\Program Files (x86)\Avanquest\PowerDesk\PDHookServer.exe (5628)
C:\Windows\System32\wscript.exe (6160)
C:\Windows\system32\wbem\wmiprvse.exe (6212)
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (6260)
C:\Windows\system32\SearchIndexer.exe (6276)
C:\Users\Jpdunber\AppData\Local\Akamai\netsession_win.exe (6316)
C:\Program Files (x86)\Datacolor\Spyder3Pro\Utility\Spyder3Utility.exe (6324)
C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe (6340)
C:\Users\Jpdunber\AppData\Roaming\Dropbox\bin\Dropbox.exe (6348)
C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe (6376)
C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (6392)
C:\Program Files (x86)\AVG Secure Search\vprot.exe (6464)
C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe (6560)
C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe (6628)
C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE (6656)
C:\Program Files (x86)\AVG\AVG2013\avgui.exe (6696)
C:\Program Files (x86)\Zinio Alert Messenger\Zinio Alert Messenger.exe (6820)
C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (6868)
C:\Program Files (x86)\iTunes\iTunesHelper.exe (6948)
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (7060)
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (7108)
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (1372)
C:\Program Files\iPod\bin\iPodService.exe (7464)
C:\Windows\system32\svchost.exe (7588)
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe (7936)
C:\Windows\system32\wbem\unsecapp.exe (7412)
C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe (7552)
C:\Program Files\Windows Media Player\wmpnetwk.exe (5576)
C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe (6480)
C:\Windows\system32\svchost.exe (8400)
C:\Program Files (x86)\HP SimplePass\IEWebSiteLogon.exe (8484)
C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (8784)
C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe (8860)
C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (5508)
C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe (9160)
C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe (9204)
C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (4920)
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe (7956)
C:\Windows\System32\svchost.exe (5860)
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (10012)
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (10072)
C:\Program Files (x86)\Nero\Update\NASvc.exe (10216)
C:\Windows\system32\svchost.exe (9684)
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (4556)
C:\Windows\system32\DllHost.exe (9472)
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe (9752)
C:\Windows\system32\WUDFHost.exe (6736)
C:\Program Files (x86)\Avanquest\PowerDesk\ContextMenuServer.exe (10192)
C:\Program Files\Internet Explorer\iexplore.exe (5776)
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE (6612)
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE (8228)
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE (3288)
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE (9592)
C:\Program Files (x86)\AVG\AVG2013\avgcfgex.exe (10576)
C:\Windows\system32\SearchProtocolHost.exe (11236)
C:\Windows\system32\SearchFilterHost.exe (1988)
C:\UsbFix\Go.exe (10480)

################## | El Desaparecido Section |

HKLM\SOFTWARE | Run : [USB3MON] - "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
HKLM\SOFTWARE | Run : [Adobe ARM] - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
HKLM\SOFTWARE | Run : [HPOSD] - C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
HKLM\SOFTWARE | Run : [HP CoolSense] - C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe -byrunkey
HKLM\SOFTWARE | Run : [vProt] - "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
HKLM\SOFTWARE | Run : [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
HKLM\SOFTWARE | Run : [AdobeCS6ServiceManager] - "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
HKLM\SOFTWARE | Run : [Adobe Acrobat Speed Launcher] - "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
HKLM\SOFTWARE | Run : [Acrobat Assistant 8.0] - "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
HKLM\SOFTWARE | Run : [APSDaemon] - "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
HKLM\SOFTWARE | Run : [TrueImageMonitor.exe] - "C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe"
HKLM\SOFTWARE | Run : [AVG_UI] - "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
HKLM\SOFTWARE | Run : [jkaulppddpbnqd] - C:\Windows\System32\regsvr32.exe /s "C:\Windows\system32\xfwtyeypcxj.dll"
HKLM\SOFTWARE | Run : [EEventManager] - C:\PROGRA~2\EPSONS~1\EVENTM~1\EEventManager.exe
HKLM\SOFTWARE | Run : [iTunesHelper] - "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
HKLM\SOFTWARE | Run : [SunJavaUpdateSched] - "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
HKLM\SOFTWARE | Run : [HP Quick Launch] - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
HKLM\SOFTWARE | Run : [] -
HKLM\SOFTWARE | Run : [KiesTrayAgent] - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
HKLM\SOFTWARE\wow6432Node | Run : [USB3MON] - "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
HKLM\SOFTWARE\wow6432Node | Run : [Adobe ARM] - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
HKLM\SOFTWARE\wow6432Node | Run : [HPOSD] - C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
HKLM\SOFTWARE\wow6432Node | Run : [HP CoolSense] - C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe -byrunkey
HKLM\SOFTWARE\wow6432Node | Run : [vProt] - "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
HKLM\SOFTWARE\wow6432Node | Run : [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
HKLM\SOFTWARE\wow6432Node | Run : [AdobeCS6ServiceManager] - "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
HKLM\SOFTWARE\wow6432Node | Run : [Adobe Acrobat Speed Launcher] - "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
HKLM\SOFTWARE\wow6432Node | Run : [Acrobat Assistant 8.0] - "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
HKLM\SOFTWARE\wow6432Node | Run : [APSDaemon] - "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
HKLM\SOFTWARE\wow6432Node | Run : [TrueImageMonitor.exe] - "C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe"
HKLM\SOFTWARE\wow6432Node | Run : [AVG_UI] - "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
HKLM\SOFTWARE\wow6432Node | Run : [jkaulppddpbnqd] - C:\Windows\System32\regsvr32.exe /s "C:\Windows\system32\xfwtyeypcxj.dll"
HKLM\SOFTWARE\wow6432Node | Run : [EEventManager] - C:\PROGRA~2\EPSONS~1\EVENTM~1\EEventManager.exe
HKLM\SOFTWARE\wow6432Node | Run : [iTunesHelper] - "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
HKLM\SOFTWARE\wow6432Node | Run : [SunJavaUpdateSched] - "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
HKLM\SOFTWARE\wow6432Node | Run : [HP Quick Launch] - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
HKLM\SOFTWARE\wow6432Node | Run : [] -
HKLM\SOFTWARE\wow6432Node | Run : [KiesTrayAgent] - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
HKLM\SOFTWARE | RunOnce : [] -
HKLM\SOFTWARE\wow6432Node | RunOnce : [] -
HKU\S-1-5-19\SOFTWARE | Run : [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-20\SOFTWARE | Run : [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-21-221260327-831789430-1867440863-1000\SOFTWARE | Run : [AdobeBridge] -
HKU\S-1-5-21-221260327-831789430-1867440863-1000\SOFTWARE | Run : [CAHeadless] - C:\Program Files (x86)\Adobe\Elements 10 Organizer\CAHeadless\ElementsAutoAnalyzer.exe
HKU\S-1-5-21-221260327-831789430-1867440863-1000\SOFTWARE | Run : [WeatherEye] - C:\Users\Jpdunber\AppData\Local\MétéoMédia\Météoà‰clair\weathereye.exe
HKU\S-1-5-21-221260327-831789430-1867440863-1000\SOFTWARE | Run : [Akamai NetSession Interface] - "C:\Users\Jpdunber\AppData\Local\Akamai\netsession_win.exe"
HKU\S-1-5-21-221260327-831789430-1867440863-1000\SOFTWARE | Run : [KiesPreload] - C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
HKU\S-1-5-21-221260327-831789430-1867440863-1000\SOFTWARE | Run : [] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
HKU\S-1-5-21-221260327-831789430-1867440863-1000\SOFTWARE | Run : [PDHookServer] - C:\Program Files (x86)\Avanquest\PowerDesk\PDHookServer.exe
HKU\S-1-5-21-221260327-831789430-1867440863-1000\SOFTWARE | Run : [WindowsStart] - %AppData%\Microsoft\taskhost.exe
HKU\S-1-5-21-221260327-831789430-1867440863-1000\SOFTWARE | Run : [halak] - wscript.exe //B "C:\ProgramData\halak.vbs_crypted.vbs"
HKU\S-1-5-19\SOFTWARE | RunOnce : [mctadmin] - C:\Windows\System32\mctadmin.exe
HKU\S-1-5-20\SOFTWARE | RunOnce : [mctadmin] - C:\Windows\System32\mctadmin.exe
HKU\S-1-5-21-221260327-831789430-1867440863-1000\SOFTWARE | Policies\Explorer\run : [WindowsStart] - %Temp%\Microsoft\taskhost.exe

################## | à‰léments infectieux |

Présent! C:\Users\Jpdunber\AppData\Roaming\inst.exe
Présent! F:\Incroyable citron congelé.lnk
Présent! H:\La Mitaine.lnk
Présent! H:\Autorun.inf.lnk
Présent! C:\ProgramData\halak.vbs_crypted.vbs
Présent! C:\Users\Jpdunber\AppData\Roaming\system
Présent! C:\Program Files (x86)\GUMA5A5.tmp
Présent! C:\Users\Jpdunber\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\halak.vbs_crypted.vbs
Présent! C:\Users\Jpdunber\AppData\Local\Temp\halak.vbs_crypted.vbs
Présent! D:\desktop.ini
Présent! C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\halak.vbs_crypted.vbs
Présent! C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\halak.vbs_crypted.vbs
Présent! C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\halak.vbs_crypted.vbs
Présent! C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\halak.vbs_crypted.vbs
Présent! C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\halak.vbs_crypted.vbs
Présent! C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\halak.vbs_crypted.vbs
Présent! C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\halak.vbs_crypted.vbs
Présent! C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\halak.vbs_crypted.vbs
Présent! C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\halak.vbs_crypted.vbs
Présent! C:\Documents and Settings\All Users\Application Data\Application Data\halak.vbs_crypted.vbs
Présent! C:\Documents and Settings\All Users\Application Data\halak.vbs_crypted.vbs
Présent! C:\Documents and Settings\All Users\halak.vbs_crypted.vbs
Présent! C:\Documents and Settings\Jpdunber\AppData\Local\Temp\halak.vbs_crypted.vbs
Présent! C:\Documents and Settings\Jpdunber\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\halak.vbs_crypted.vbs
Présent! C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\halak.vbs_crypted.vbs
Présent! C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\halak.vbs_crypted.vbs
Présent! C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\halak.vbs_crypted.vbs
Présent! C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\halak.vbs_crypted.vbs
Présent! C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\halak.vbs_crypted.vbs
Présent! C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\halak.vbs_crypted.vbs
Présent! C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\halak.vbs_crypted.vbs
Présent! C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\halak.vbs_crypted.vbs
Présent! C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\halak.vbs_crypted.vbs
Présent! C:\ProgramData\Application Data\Application Data\Application Data\Application Data\halak.vbs_crypted.vbs
Présent! C:\ProgramData\Application Data\Application Data\Application Data\halak.vbs_crypted.vbs
Présent! C:\ProgramData\Application Data\Application Data\halak.vbs_crypted.vbs
Présent! C:\ProgramData\Application Data\halak.vbs_crypted.vbs
Présent! C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\halak.vbs_crypted.vbs
Présent! C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\halak.vbs_crypted.vbs
Présent! C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\halak.vbs_crypted.vbs
Présent! C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\halak.vbs_crypted.vbs
Présent! C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\halak.vbs_crypted.vbs
Présent! C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\halak.vbs_crypted.vbs
Présent! C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\halak.vbs_crypted.vbs
Présent! C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\halak.vbs_crypted.vbs
Présent! C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\halak.vbs_crypted.vbs
Présent! C:\Users\All Users\Application Data\Application Data\Application Data\halak.vbs_crypted.vbs
Présent! C:\Users\All Users\Application Data\Application Data\halak.vbs_crypted.vbs
Présent! C:\Users\All Users\Application Data\halak.vbs_crypted.vbs
Présent! C:\Users\All Users\halak.vbs_crypted.vbs
Présent! F:\halak.vbs_crypted.vbs
Présent! H:\halak.vbs_crypted.vbs

################## | Registre |

Présent! HKCU\Software\DC3_FEXEC

################## | Mountpoints2 |



################## | Vaccin |

C:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
D:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
H:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)

################## | E.O.F | https://sosvirus.net |
#6476
:hello: Bonjour & bienvenue sur SoSVirus

Je vais te prendre en charge

Relance USBFix
Clique sur le bouton " Suppression "
Poste son rapport

/!\ Si blocage lors de la suppression
Désactiver l'antivirus
ou
Le faire en mode sans échec avec prise en charge du réseau

A te lire avec son rapport ;)

    Salut, :D Je l'ai installé sur mon PC, j[…]

    Suspicion de virus crypto

    Ok bonne route :)

    Problème avec Adsfix

    bonsoir ok , à te lire prochainement :)

    suspicion de contamination

    ok très bien, merci