Infection virus PC + USB + DDE

Vous pensez être infecté, des pubs s'affichent quand vous naviguez sur internet ?
Perte de données, ralentissement système, virus USB ?
Désinfectez votre ordinateur gratuitement !
 Répondre
  • Avatar du membre
  • Avatar du membre
Avatar du membre

Re: Infection virus PC + USB + DDE

par Sofia
 sam. 2 nov. 2013 03:35 #13986
Voilà  le rapport de scan kill en mode sans echec avec tout bien branché:
Code: Tout sélectionner
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Pre_Scan | g3n-h@ckm@n | Saachaa | 3.1031.4 ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

~ ¤¤¤¤¤ XP | Vista | 7 | 8 - 32/64 bits ¤¤¤¤¤ - Start 15:58:53

~ Update on 31/10/2013 | 21.30 by g3n-h@ckm@n
~ Evolution : https://security-helpzone.com/gen-hackman/pre_scan-2/changelog/2013-2/
~ Pre_Script Infos : https://security-helpzone.com/gen-hackman/pre_scan-2/les-switchs-pre_script/
~ Pre_scan Feedbacks : https://security-helpzone.com/gen-hackman/pre_scan-2/retours-bugs/

~ [AMB (Administrator)] - [RS]
~ SID = S-1-5-21-3529130228-2139803319-912275503-1001

~ System : Windows 8 Single Language (64 bits) CoreSingleLanguage
~ ProcessorNameString : AMD E-450 APU with Radeon(tm) HD Graphics
~ Identifier : AMD64 Family 20 Model 2 Stepping 0


~ Memory RAM = Total (MB) : 3761 | Free (MB) : 2696
~ Pagefile = Total (MB) : 4417 | Free (MB) : 3169
~ Virtual = Total (MB) : 4194 | Free (MB) : 4061

¤¤¤¤¤¤¤¤¤¤ | Boot's scripts


¤¤¤¤¤¤¤¤¤¤ | Drives

c:\-> [Fixed] | [OS] | Total : 190780 Mo | Free : 61660 Mo -> NTFS
d:\-> [Fixed] | [Data] | Total : 264650 Mo | Free : 264530 Mo -> NTFS
f:\-> [Fixed] | [My Passport] | Total : 305220 Mo | Free : 124560 Mo -> NTFS
g:\-> [Removable] | [ADATA UFD] | Total : 3810 Mo | Free : 1570 Mo -> FAT32

¤¤¤¤¤¤¤¤¤¤ | Windows Updates

No windows updates detected !!!


¤¤¤¤¤¤¤¤¤¤ | Sessions

~ C:\Windows\system32\config\systemprofile
~ C:\Windows\ServiceProfiles\LocalService
~ C:\Windows\ServiceProfiles\NetworkService
~ C:\Users\AMB
~ C:\Users\Administrator

New restorepoint created

Standby deleted !

¤¤¤¤¤¤¤¤¤¤ | stopped Processes


(900) -- atiesrxx.exe
(1264) -- AsLdrSrv.exe
(1352) -- GFNEXSrv.exe
(1428) -- spoolsv.exe
(1636) -- armsvc.exe
(1656) -- InsOnSrv.exe
(2020) -- mbamscheduler.exe
(2156) -- ViakaraokeSrv.exe
(2988) -- SearchIndexer.exe
(4164) -- BatteryLife.exe
(1576) -- taskhostex.exe
(4904) -- HControl.exe
(2748) -- USBChargerPlus.exe
(4912) -- InsOnWMI.exe
(500) -- mbamgui.exe
(4520) -- explorer.exe
(3668) -- atieclxx.exe
(3576) -- KBFiltr.exe
(3904) -- DMedia.exe
(2164) -- ATKOSD2.exe
(5100) -- AsusTPLoader.exe
(4212) -- QuickGesture64.exe
(660) -- QuickGesture.exe
(4000) -- AsusTPCenter.exe
(5024) -- AsusTPHelper.exe
(600) -- VDeck.exe
(408) -- PDVD10Serv.exe
(2960) -- MOM.exe
(880) -- CCC.exe
(684) -- MMLoadDrv.exe

Boot : Normal


¤¤¤¤¤¤¤¤¤¤ | Winlogon User : OK !


¤¤¤¤¤¤¤¤¤¤ | Winlogon Machine

Repaired : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon]|[userinit] : C:\Windows\SysWOW64\Userinit.exe, -> C:\Windows\System32\userinit.exe,

¤¤¤¤¤¤¤¤¤¤ | Associations

Repaired : [HKCR\Application.Manifest\shell\open\command] : "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\dfshim.dll",ShOpenVerbApplication %1 -> rundll32.exe dfshim.dll,ShOpenVerbApplication %1
Repaired : [HKCR\Application.Reference\shell\open\command] : "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\dfshim.dll",ShOpenVerbShortcut %1|%2 -> rundll32.exe dfshim.dll,ShOpenVerbShortcut %1|%2
Repaired : [HKCR\Folder\shell\open\command] : C:\Windows\Explorer.exe -> C:\Windows\Explorer.exe


¤

Repaired : [HKLM\Software\Clients\StartMenuInternet\IExplore.exe\shell\open\command] : C:\Program Files\Internet Explorer\iexplore.exe -> "C:\Program Files (x86)\Internet Explorer\iexplore.exe"

¤¤¤¤¤¤¤¤¤¤ | Registry

Repaired : [HKLM\software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel]|[{9343812e-1c37-4a49-a12e-4b2d810d956b}] : 1 -> 0
Repaired : [HKLM\software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel]|[{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}] : 1 -> 0
Repaired : [HKLM\software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel]|[{20D04FE0-3AEA-1069-A2D8-08002B30309D}] : 1 -> 0
Repaired : [HKLM\software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel]|[{208D2C60-3AEA-1069-A2D7-08002B30309D}] : 1 -> 0
Repaired : [HKLM\software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel]|[{871C5380-42A0-1069-A2EA-08002B30309D}] : 1 -> 0
Repaired : [HKLM\software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel]|[{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}] : 1 -> 0
Repaired : [HKLM\software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel]|[{59031a47-3f72-44a7-89c5-5595fe6b30ee}] : 1 -> 0
Repaired : [HKLM\software\Microsoft\Windows\CurrentVersion\policies\Explorer]|[NoDriveTypeAutoRun] : 0 -> 145
Repaired : [HKU\S-1-5-21-3529130228-2139803319-912275503-1001\software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]|[Hidden] : 2 -> 0
Repaired : [HKU\S-1-5-21-3529130228-2139803319-912275503-1001\software\Microsoft\Windows\CurrentVersion\Policies\Explorer]|[NoDriveTypeAutoRun] : 0 -> 145

¤¤¤¤¤¤¤¤¤¤ | Taskmgr and Registry Access



¤¤¤¤¤¤¤¤¤¤ | SafeBoot | Control | Repair

Safeboot Keys are O.K

Alternate shell is OK !

¤

Cannot repair ! [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicDisplay.sys] : Driver
Cannot repair ! [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicRender.sys] : Driver
Cannot repair ! [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dxgkrnl.sys] : Driver
Cannot repair ! [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\FsDepends.sys] : Driver
Repaired : [HKLM | Minimal\vga.sys] : -> Driver
Repaired : [HKLM | Minimal\vgasave.sys] : -> Driver

¤

Cannot repair ! [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VirtualSmartcardReader] : Driver
Cannot repair ! [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BasicDisplay.sys] : Driver
Cannot repair ! [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BasicRender.sys] : Driver
Repaired : [HKLM | Network\vga.sys] : -> Driver
Repaired : [HKLM | Network\vgasave.sys] : -> Driver

¤¤¤¤¤¤¤¤¤¤ | IFEO


¤¤¤¤¤¤¤¤¤¤ | Mountpoints2



¤¤¤¤¤¤¤¤¤¤ | Windows

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\Autorun.inf]|[] : @SYS:DoesNotExist
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot]|[Shell] : SYS:Microsoft\Windows NT\CurrentVersion\Winlogon

Winsrv : OK !


[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]|[AppInit_DLLS] :
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]|[LoadAppInit_DLLs] : 0

[HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Windows]|[AppInit_DLLS] :
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Windows]|[LoadAppInit_DLLs] : 0

¤¤¤¤¤¤¤¤¤¤ | Security Center



[HKLM\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKLM\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]|[DisableMonitoring] : 1




¤¤¤¤¤¤¤¤¤¤ | Services Corrections


Repaired : [HKLM | Services\PlugPlay] : 3 -> 2
Repaired : [HKLM | Services\agp440] : 0 -> 2
Repaired : [HKLM | Services\Bits] : 3 -> 2
Repaired : [HKLM | Services\EapHost] : 3 -> 2
Repaired : [HKLM | Services\SharedAccess] : 4 -> 2
Repaired : [HKLM | Services\windefend] : 3 -> 2
Repaired : [HKLM | Services\wuauserv] : 3 -> 2
Repaired : [HKLM | Services\wudfsvc] : 3 -> 2
Repaired : [HKLM | Services\WerSvc] : 3 -> 2

¤¤¤¤¤¤¤¤¤¤ | Internet Explorer

Repaired : [HKU\S-1-5-21-3529130228-2139803319-912275503-1001\Software\Microsoft\Internet Explorer\Main]|[Start Page] : https://asus13.msn.com -> https://www.google.com/
Repaired : [HKU\S-1-5-21-3529130228-2139803319-912275503-1001\Software\Microsoft\Internet Explorer\Main]|[Local Page] : C:\Windows\system32\blank.htm -> C:\Windows\SysWOW64\blank.htm
Repaired : [HKU\S-1-5-21-3529130228-2139803319-912275503-1001\Software\Microsoft\Internet Explorer\Main]|[Search Page] : https://go.microsoft.com/fwlink/?LinkId=54896 -> https://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Repaired : [HKLM\Software\Microsoft\Internet Explorer\Main]|[Start Page] : https://go.microsoft.com/fwlink/p/?LinkId=255141 -> https://go.microsoft.com/fwlink/?LinkId=69157
Repaired : [HKLM\Software\Microsoft\Internet Explorer\Main]|[Default_Page_URL] : https://go.microsoft.com/fwlink/p/?LinkId=255141 -> https://go.microsoft.com/fwlink/?LinkId=69157

¤

Repaired : [HKU\S-1-5-21-3529130228-2139803319-912275503-1001\Software\Microsoft\Windows\CurrentVersion\Internet settings]|[WarnonZoneCrossing] : 0 -> 1

¤¤¤¤¤¤¤¤¤¤ | Hosts

C:\Windows\System32\Drivers\etc\hosts : Cleaned

¤¤¤¤¤¤¤¤¤¤ | reparsepoint



¤¤¤¤¤¤¤¤¤¤ | Offsets detection


¤¤¤¤¤¤¤¤¤¤ | Files | Folders | Registry



Removed : C:\$Recycle.bin\S-1-5-21-3529130228-2139803319-912275503-1001

Moved to quarantine successfully : C:\Users\All Users\SetStretch.cmd
Moved to quarantine successfully : C:\Users\All Users\SetStretch.exe
Moved to quarantine successfully : C:\Users\Administrator\AppData\Local\IconCache.db
Moved to quarantine successfully : C:\Users\AMB\AppData\Local\IconCache.db
Moved to quarantine successfully : C:\Users\AMB\Downloads\Setup.X86.es-ES_O365HomePremRetail_932cffbd-27f5-46f1-9e33-db10ac905fbe_TX_PR_.exe
Moved to quarantine successfully : C:\Users\AMB\Downloads\CreativeCloudSet-Up.exe
Moved to quarantine successfully : C:\Users\AMB\Downloads\MCPR.exe
Moved to quarantine successfully : C:\Users\AMB\Downloads\Firefox Setup 24.0.exe
Moved to quarantine successfully : C:\Users\AMB\Downloads\Apache_OpenOffice_4.0.1_Win_x86_install_es.exe
Moved to quarantine successfully : C:\Users\AMB\Downloads\PDFCreatorWebSetup.exe
Moved to quarantine successfully : C:\Users\AMB\Downloads\Thunderbird Setup 24.0.1.exe
Moved to quarantine successfully : C:\Users\AMB\Downloads\vlc-2.1.0-win32.exe
Moved to quarantine successfully : C:\Users\AMB\Downloads\mbam-setup-1.75.0.1300.exe
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Pre_Scan | g3n-h@ckm@n | Saachaa | 3.1031.4 ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

~ ¤¤¤¤¤ XP | Vista | 7 | 8 - 32/64 bits ¤¤¤¤¤ - Start 18:28:38

~ Update on 31/10/2013 | 21.30 by g3n-h@ckm@n
~ Evolution : https://security-helpzone.com/gen-hackman/pre_scan-2/changelog/2013-2/
~ Pre_Script Infos : https://security-helpzone.com/gen-hackman/pre_scan-2/les-switchs-pre_script/
~ Pre_scan Feedbacks : https://security-helpzone.com/gen-hackman/pre_scan-2/retours-bugs/

~ [AMB (Administrator)] - [RS]
~ SID = S-1-5-21-3529130228-2139803319-912275503-1001

~ System : Windows 8 Single Language (64 bits) CoreSingleLanguage
~ ProcessorNameString : AMD E-450 APU with Radeon(tm) HD Graphics
~ Identifier : AMD64 Family 20 Model 2 Stepping 0


~ Memory RAM = Total (MB) : 3761 | Free (MB) : 3253
~ Pagefile = Total (MB) : 7563 | Free (MB) : 7088
~ Virtual = Total (MB) : 4194 | Free (MB) : 4061

¤¤¤¤¤¤¤¤¤¤ | Boot's scripts


¤¤¤¤¤¤¤¤¤¤ | Drives

c:\-> [Fixed] | [OS] | Total : 190780 Mo | Free : 52070 Mo -> NTFS
d:\-> [Fixed] | [Data] | Total : 264650 Mo | Free : 264530 Mo -> NTFS
f:\-> [Fixed] | [My Passport] | Total : 305220 Mo | Free : 124570 Mo -> NTFS
g:\-> [Removable] | [ADATA UFD] | Total : 3810 Mo | Free : 1580 Mo -> FAT32

¤¤¤¤¤¤¤¤¤¤ | Windows Updates

No windows updates detected !!!


¤¤¤¤¤¤¤¤¤¤ | Sessions

~ C:\Windows\system32\config\systemprofile
~ C:\Windows\ServiceProfiles\LocalService
~ C:\Windows\ServiceProfiles\NetworkService
~ C:\Users\AMB
~ C:\Users\Administrator

New restorepoint created

Standby deleted !

¤¤¤¤¤¤¤¤¤¤ | stopped Processes


(376) -- explorer.exe
(340) -- ctfmon.exe

Boot : Safemode


¤¤¤¤¤¤¤¤¤¤ | Winlogon User : OK !


¤¤¤¤¤¤¤¤¤¤ | Winlogon Machine

Repaired : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon]|[userinit] : C:\Windows\SysWOW64\Userinit.exe, -> C:\Windows\System32\userinit.exe,

¤¤¤¤¤¤¤¤¤¤ | Associations



¤


¤¤¤¤¤¤¤¤¤¤ | Registry

Repaired : [HKLM\software\Microsoft\Windows\CurrentVersion\policies\Explorer]|[NoDriveTypeAutoRun] : 0 -> 145
Repaired : [HKU\S-1-5-21-3529130228-2139803319-912275503-1001\software\Microsoft\Windows\CurrentVersion\Policies\Explorer]|[NoDriveTypeAutoRun] : 0 -> 145

¤¤¤¤¤¤¤¤¤¤ | Taskmgr and Registry Access



¤¤¤¤¤¤¤¤¤¤ | SafeBoot | Control | Repair

Safeboot Keys are O.K

Alternate shell is OK !

¤

Cannot repair ! [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicDisplay.sys] : Driver
Cannot repair ! [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicRender.sys] : Driver
Cannot repair ! [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dxgkrnl.sys] : Driver
Cannot repair ! [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\FsDepends.sys] : Driver

¤

Cannot repair ! [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VirtualSmartcardReader] : Driver
Cannot repair ! [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BasicDisplay.sys] : Driver
Cannot repair ! [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BasicRender.sys] : Driver

¤¤¤¤¤¤¤¤¤¤ | IFEO


¤¤¤¤¤¤¤¤¤¤ | Mountpoints2



¤¤¤¤¤¤¤¤¤¤ | Windows

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\Autorun.inf]|[] : @SYS:DoesNotExist
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot]|[Shell] : SYS:Microsoft\Windows NT\CurrentVersion\Winlogon

Winsrv : OK !


[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]|[AppInit_DLLS] :
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]|[LoadAppInit_DLLs] : 0

[HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Windows]|[AppInit_DLLS] :
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Windows]|[LoadAppInit_DLLs] : 0

¤¤¤¤¤¤¤¤¤¤ | Security Center



[HKLM\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKLM\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]|[DisableMonitoring] : 1




¤¤¤¤¤¤¤¤¤¤ | Services Corrections


Repaired : [HKLM | Services\PlugPlay] : 3 -> 2
Repaired : [HKLM | Services\agp440] : 0 -> 2
Repaired : [HKLM | Services\Bits] : 3 -> 2
Repaired : [HKLM | Services\EapHost] : 3 -> 2
Repaired : [HKLM | Services\SharedAccess] : 4 -> 2
Repaired : [HKLM | Services\windefend] : 3 -> 2
Repaired : [HKLM | Services\wuauserv] : 3 -> 2
Repaired : [HKLM | Services\wudfsvc] : 3 -> 2
Repaired : [HKLM | Services\WerSvc] : 3 -> 2

¤¤¤¤¤¤¤¤¤¤ | Internet Explorer


Browsers settings for Users : OK


Browsers settings for Machine : OK

¤


Hijack.Internet : OK

¤¤¤¤¤¤¤¤¤¤ | Hosts

C:\Windows\System32\Drivers\etc\hosts : Cleaned

¤¤¤¤¤¤¤¤¤¤ | reparsepoint



¤¤¤¤¤¤¤¤¤¤ | Offsets detection


¤¤¤¤¤¤¤¤¤¤ | Files | Folders | Registry



Removed : C:\$Recycle.bin\S-1-5-21-3529130228-2139803319-912275503-1001

Moved to quarantine successfully : C:\Users\AMB\AppData\Local\Temp\SDIAG_be17edce-fbc5-4b0b-8eca-1176d871556e\NetworkDiagnosticSnapIn.dll
Moved to quarantine successfully : C:\Users\AMB\AppData\Local\IconCache.db

Moved to quarantine successfully : C:\Windows\assembly\tmp\

Prefetch -> Emptied

Disinfected : C:\Users\AMB\Desktop\UsbFix Ayudar el autor.lnk : C:\Program Files (x86)\Internet Explorer\iexplore.exe (hxxp://www.usbfix.net/es/ayudar-el-autor/)

Suspect : C:\Windows\MEMORY.DMP

D:\ : Vaccinated (Vaccin created by Pre_Scan)
F:\ : Vaccinated (Vaccin created by Pre_Scan)
G:\ : Vaccinated (Vaccin created by Usbfix)

¤¤¤¤¤¤¤¤¤¤ | Hidden files

~ [Drive F:] : Hidden : 1248 | Restored : 1248
~ [Drive G:] : Hidden : 5 | Restored : 5
~ [Program Files] : Hidden : 4 | Restored : 4
~ [Users] : Hidden : 2 | Restored : 2
~ [Documents] : Hidden : 7 | Restored : 7
~ [Searches] : Hidden : 2 | Restored : 2
~ [Windows] : Hidden : 80 | Restored : 78
~ [Start Menu | Programs | Startup] : Hidden : 1 | Restored : 1
~ [AppData] : Hidden : 9 | Restored : 9


¤¤¤¤¤¤¤¤¤¤ | Listing Partition(s)

Disk: 0 Size=477G
Pos MBRndx Type/Name Size Active Hide Start Sector Sectors
--- ------ ---------- ---- ------ ---- ------------ ------------
0 0 EE-UNKNWN 477G No No 1 976,773,167

¤¤¤¤¤¤¤¤¤¤

[HKLM64 | Winlogon]|[AutoRestartShell] : 1

End : 19:24:47


Standby Restored !
¤¤¤¤¤¤¤¤¤¤( EOF )¤¤¤¤¤¤¤¤¤¤ - 446
Alors, il en reste encore?
Bonne nuit!
:dodo10:
Avatar du membre

Re: Infection virus PC + USB + DDE

par g3n-h@ckm@n
 sam. 2 nov. 2013 08:42 #13988
hello , good !

refais un diag stp (heberge le rapport sur sosupload et donne le lien)
Avatar du membre

Re: Infection virus PC + USB + DDE

par Sofia
 dim. 3 nov. 2013 18:48 #14246
Voilà  le rapport de Del fix:
Code: Tout sélectionner
# DelFix v10.4 - Logfile created 03/11/2013 at 11:08:40
# Updated 19/07/2013 by Xplode
# Username : AMB - RS
# Operating System : Windows 8 Single Language (64 bits)

~ Activating UAC ... OK

~ Removing disinfection tools ...

Deleted : C:\USBFix
Deleted : C:\pre_scan
Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
Deleted : C:\Program Files (x86)\ZHPDiag
Deleted : C:\PhysicalDisk0_MBR.bin
Deleted : C:\Pre_Diag_03_11_2013_00_01_44.txt
Deleted : C:\Pre_Diag_31_10_2013_18_20_05.txt
Deleted : C:\Pre_Scan_01_11_2013_19_24_49.txt
Deleted : C:\UsbFix [Clean 1] RS.txt
Deleted : C:\UsbFix [Clean 2] RS.txt
Deleted : C:\UsbFix [Clean 3] RS.txt
Deleted : C:\Users\AMB\Desktop\adwcleaner.exe
Deleted : C:\Users\AMB\Desktop\AdwCleaner[S0].txt
Deleted : C:\Users\AMB\Desktop\logiciel1.txt
Deleted : C:\Users\AMB\Desktop\Pre_Diag_31_10_2013_18_20_05.txt
Deleted : C:\Users\AMB\Desktop\Pre_Scan.exe
Deleted : C:\Users\AMB\Desktop\UsbFix Ayudar el autor.lnk
Deleted : C:\Users\AMB\Desktop\UsbFix [Clean 2] RS.txt
Deleted : C:\Users\AMB\Desktop\UsbFix [Clean 3] RS.txt
Deleted : C:\Users\AMB\Desktop\UsbFix.exe
Deleted : C:\Users\AMB\Desktop\ZHPDiag.lnk
Deleted : C:\Users\AMB\Desktop\ZHPDiag.txt
Deleted : C:\Users\AMB\Desktop\ZHPDiag2.exe
Deleted : C:\Users\AMB\Desktop\ZHPFix.lnk
Deleted : HKCU\Software\g3n-h@ckm@n
Deleted : HKCU\Software\USBFix
Deleted : HKLM\SOFTWARE\AdwCleaner
Deleted : HKLM\SOFTWARE\g3n-h@ckm@n
Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\USBFix
Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ZHPDiag_is1

~ Creating registry backup ... OK

~ Cleaning system restore ...

Deleted : RP #4 [Punto de control programado | 10/30/2013 01:24:17]
Deleted : RP #5 [Windows Update | 10/30/2013 01:24:47]
Deleted : RP #6 [Eliminacià³n del paquete de idioma | 10/31/2013 15:41:53]
Deleted : RP #7 [Eliminacià³n del paquete de idioma | 11/01/2013 22:01:49]
Deleted : RP #8 [Installed Java 7 Update 45 | 11/03/2013 16:58:38]

New restore point created !

~ Resetting system settings ... OK

########## - EOF - ##########
Dernières petites questions: il me semble que certains dossiers/fichiers ont étés créés sur ma clef USB et DDE... Sont-ils importants? Puis-je les effacer?

-Sur USB: ".Trashes" (dossier), ".Spotlight-V100" (dossier), ".fseventsd" (dossier), "BOOTEX.LOG" (fichier), "._.Trashes" (fichier), "_disk_id.pod" (fichier)

-Sur DDE: "$AVG" (dossier), "Autorun.inf" (dossier), "buda_vfs.img" (fichier), "Thumbs.db" (fichier)

Sinon un énorme MERCI à  toi et à  tous les contributeurs de ce site!! Longue vie à  SOS virus!!
:bravo1: :alcool:
Avatar du membre

Re: Infection virus PC + USB + DDE

par g3n-h@ckm@n
 dim. 3 nov. 2013 18:52 #14248
pour ceux sur usb tu peux les supprimer mais ils reviendront dès que tu brancheras la clé sur un Mac

==

mais normalement tu devrais pas les voir ce sont des fichiers/dossiers cachés.

faut que tu remettes les dossiers/fichiers cachés en caché ^^
Avatar du membre

Re: Infection virus PC + USB + DDE

par Sofia
 dim. 3 nov. 2013 19:34 #14259
Ok!...

Et bien merci pour tout, j'essairai de suivre les conseils de sécurité, je recommenderai le site et dès que je peux je ferai un don parceque c'est quand même bien cool ce que vous faites!

Un abrazo desde México!
:bye:

Ps: comentkonfait pour mettre le sujet en résolu?
Avatar du membre

Re: Infection virus PC + USB + DDE

par g3n-h@ckm@n
 dim. 3 nov. 2013 20:29 #14276
je m'en occupe :)

bises de (Valence) france :)
 Répondre
 Retourner vers « Aide à  la désinfection - Forum Virus Sécurité »
navigateur qui plante

Bonjour, Pour commencer, nous allons éta[…]

LIRE LA SUITE
PC bloqué sur une image

salut à vous peut-être tester avec u[…]

LIRE LA SUITE
[RESOLU] Virus sur pc

Merci à vous pour l'aide :)

LIRE LA SUITE
[RESOLU] PC qui lag et beaucoup de pubs

Mimisuitou N' installez pas de cracks sur votre […]

LIRE LA SUITE
VOIR PLUS DE SUJETS