Infection virus PC + USB + DDE Réparation PC

[Sofia]

Voilà  le rapport de scan kill en mode sans echec avec tout bien branché:

Code: Tout sélectionner

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Pre_Scan | g3n-h@ckm@n | Saachaa | 3.1031.4 ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

~ ¤¤¤¤¤ XP | Vista | 7 | 8 - 32/64 bits ¤¤¤¤¤ - Start 15:58:53

~ Update on 31/10/2013 | 21.30 by g3n-h@ckm@n
~ Evolution : https://security-helpzone.com/gen-hackman/pre_scan-2/changelog/2013-2/
~ Pre_Script Infos : https://security-helpzone.com/gen-hackman/pre_scan-2/les-switchs-pre_script/
~ Pre_scan Feedbacks : https://security-helpzone.com/gen-hackman/pre_scan-2/retours-bugs/

~ [AMB (Administrator)] - [RS]
~ SID = S-1-5-21-3529130228-2139803319-912275503-1001

~ System : Windows 8 Single Language (64 bits) CoreSingleLanguage
~ ProcessorNameString : AMD E-450 APU with Radeon(tm) HD Graphics
~ Identifier : AMD64 Family 20 Model 2 Stepping 0


~ Memory RAM = Total (MB) : 3761 | Free (MB) : 2696
~ Pagefile = Total (MB) : 4417 | Free (MB) : 3169
~ Virtual = Total (MB) : 4194 | Free (MB) : 4061

¤¤¤¤¤¤¤¤¤¤ | Boot's scripts


¤¤¤¤¤¤¤¤¤¤ | Drives

c:\-> [Fixed] | [OS] | Total : 190780 Mo | Free : 61660 Mo -> NTFS
d:\-> [Fixed] | [Data] | Total : 264650 Mo | Free : 264530 Mo -> NTFS
f:\-> [Fixed] | [My Passport] | Total : 305220 Mo | Free : 124560 Mo -> NTFS
g:\-> [Removable] | [ADATA UFD] | Total : 3810 Mo | Free : 1570 Mo -> FAT32

¤¤¤¤¤¤¤¤¤¤ | Windows Updates

No windows updates detected !!!


¤¤¤¤¤¤¤¤¤¤ | Sessions

~ C:\Windows\system32\config\systemprofile
~ C:\Windows\ServiceProfiles\LocalService
~ C:\Windows\ServiceProfiles\NetworkService
~ C:\Users\AMB
~ C:\Users\Administrator

New restorepoint created

Standby deleted !

¤¤¤¤¤¤¤¤¤¤ | stopped Processes


(900) -- atiesrxx.exe
(1264) -- AsLdrSrv.exe
(1352) -- GFNEXSrv.exe
(1428) -- spoolsv.exe
(1636) -- armsvc.exe
(1656) -- InsOnSrv.exe
(2020) -- mbamscheduler.exe
(2156) -- ViakaraokeSrv.exe
(2988) -- SearchIndexer.exe
(4164) -- BatteryLife.exe
(1576) -- taskhostex.exe
(4904) -- HControl.exe
(2748) -- USBChargerPlus.exe
(4912) -- InsOnWMI.exe
(500) -- mbamgui.exe
(4520) -- explorer.exe
(3668) -- atieclxx.exe
(3576) -- KBFiltr.exe
(3904) -- DMedia.exe
(2164) -- ATKOSD2.exe
(5100) -- AsusTPLoader.exe
(4212) -- QuickGesture64.exe
(660) -- QuickGesture.exe
(4000) -- AsusTPCenter.exe
(5024) -- AsusTPHelper.exe
(600) -- VDeck.exe
(408) -- PDVD10Serv.exe
(2960) -- MOM.exe
(880) -- CCC.exe
(684) -- MMLoadDrv.exe

Boot : Normal


¤¤¤¤¤¤¤¤¤¤ | Winlogon User : OK !


¤¤¤¤¤¤¤¤¤¤ | Winlogon Machine

Repaired : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon]|[userinit] : C:\Windows\SysWOW64\Userinit.exe, -> C:\Windows\System32\userinit.exe,

¤¤¤¤¤¤¤¤¤¤ | Associations

Repaired : [HKCR\Application.Manifest\shell\open\command] : "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\dfshim.dll",ShOpenVerbApplication %1 -> rundll32.exe dfshim.dll,ShOpenVerbApplication %1
Repaired : [HKCR\Application.Reference\shell\open\command] : "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\dfshim.dll",ShOpenVerbShortcut %1|%2 -> rundll32.exe dfshim.dll,ShOpenVerbShortcut %1|%2
Repaired : [HKCR\Folder\shell\open\command] : C:\Windows\Explorer.exe -> C:\Windows\Explorer.exe


¤

Repaired : [HKLM\Software\Clients\StartMenuInternet\IExplore.exe\shell\open\command] : C:\Program Files\Internet Explorer\iexplore.exe -> "C:\Program Files (x86)\Internet Explorer\iexplore.exe"

¤¤¤¤¤¤¤¤¤¤ | Registry

Repaired : [HKLM\software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel]|[{9343812e-1c37-4a49-a12e-4b2d810d956b}] : 1 -> 0
Repaired : [HKLM\software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel]|[{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}] : 1 -> 0
Repaired : [HKLM\software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel]|[{20D04FE0-3AEA-1069-A2D8-08002B30309D}] : 1 -> 0
Repaired : [HKLM\software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel]|[{208D2C60-3AEA-1069-A2D7-08002B30309D}] : 1 -> 0
Repaired : [HKLM\software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel]|[{871C5380-42A0-1069-A2EA-08002B30309D}] : 1 -> 0
Repaired : [HKLM\software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel]|[{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}] : 1 -> 0
Repaired : [HKLM\software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel]|[{59031a47-3f72-44a7-89c5-5595fe6b30ee}] : 1 -> 0
Repaired : [HKLM\software\Microsoft\Windows\CurrentVersion\policies\Explorer]|[NoDriveTypeAutoRun] : 0 -> 145
Repaired : [HKU\S-1-5-21-3529130228-2139803319-912275503-1001\software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]|[Hidden] : 2 -> 0
Repaired : [HKU\S-1-5-21-3529130228-2139803319-912275503-1001\software\Microsoft\Windows\CurrentVersion\Policies\Explorer]|[NoDriveTypeAutoRun] : 0 -> 145

¤¤¤¤¤¤¤¤¤¤ | Taskmgr and Registry Access



¤¤¤¤¤¤¤¤¤¤ | SafeBoot | Control | Repair

Safeboot Keys are O.K

Alternate shell is OK !

¤

Cannot repair ! [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicDisplay.sys] : Driver
Cannot repair ! [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicRender.sys] : Driver
Cannot repair ! [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dxgkrnl.sys] : Driver
Cannot repair ! [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\FsDepends.sys] : Driver
Repaired : [HKLM | Minimal\vga.sys] : -> Driver
Repaired : [HKLM | Minimal\vgasave.sys] : -> Driver

¤

Cannot repair ! [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VirtualSmartcardReader] : Driver
Cannot repair ! [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BasicDisplay.sys] : Driver
Cannot repair ! [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BasicRender.sys] : Driver
Repaired : [HKLM | Network\vga.sys] : -> Driver
Repaired : [HKLM | Network\vgasave.sys] : -> Driver

¤¤¤¤¤¤¤¤¤¤ | IFEO


¤¤¤¤¤¤¤¤¤¤ | Mountpoints2



¤¤¤¤¤¤¤¤¤¤ | Windows

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\Autorun.inf]|[] : @SYS:DoesNotExist
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot]|[Shell] : SYS:Microsoft\Windows NT\CurrentVersion\Winlogon

Winsrv : OK !


[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]|[AppInit_DLLS] :
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]|[LoadAppInit_DLLs] : 0

[HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Windows]|[AppInit_DLLS] :
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Windows]|[LoadAppInit_DLLs] : 0

¤¤¤¤¤¤¤¤¤¤ | Security Center



[HKLM\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKLM\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]|[DisableMonitoring] : 1




¤¤¤¤¤¤¤¤¤¤ | Services Corrections


Repaired : [HKLM | Services\PlugPlay] : 3 -> 2
Repaired : [HKLM | Services\agp440] : 0 -> 2
Repaired : [HKLM | Services\Bits] : 3 -> 2
Repaired : [HKLM | Services\EapHost] : 3 -> 2
Repaired : [HKLM | Services\SharedAccess] : 4 -> 2
Repaired : [HKLM | Services\windefend] : 3 -> 2
Repaired : [HKLM | Services\wuauserv] : 3 -> 2
Repaired : [HKLM | Services\wudfsvc] : 3 -> 2
Repaired : [HKLM | Services\WerSvc] : 3 -> 2

¤¤¤¤¤¤¤¤¤¤ | Internet Explorer

Repaired : [HKU\S-1-5-21-3529130228-2139803319-912275503-1001\Software\Microsoft\Internet Explorer\Main]|[Start Page] : https://asus13.msn.com -> https://www.google.com/
Repaired : [HKU\S-1-5-21-3529130228-2139803319-912275503-1001\Software\Microsoft\Internet Explorer\Main]|[Local Page] : C:\Windows\system32\blank.htm -> C:\Windows\SysWOW64\blank.htm
Repaired : [HKU\S-1-5-21-3529130228-2139803319-912275503-1001\Software\Microsoft\Internet Explorer\Main]|[Search Page] : https://go.microsoft.com/fwlink/?LinkId=54896 -> https://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Repaired : [HKLM\Software\Microsoft\Internet Explorer\Main]|[Start Page] : https://go.microsoft.com/fwlink/p/?LinkId=255141 -> https://go.microsoft.com/fwlink/?LinkId=69157
Repaired : [HKLM\Software\Microsoft\Internet Explorer\Main]|[Default_Page_URL] : https://go.microsoft.com/fwlink/p/?LinkId=255141 -> https://go.microsoft.com/fwlink/?LinkId=69157

¤

Repaired : [HKU\S-1-5-21-3529130228-2139803319-912275503-1001\Software\Microsoft\Windows\CurrentVersion\Internet settings]|[WarnonZoneCrossing] : 0 -> 1

¤¤¤¤¤¤¤¤¤¤ | Hosts

C:\Windows\System32\Drivers\etc\hosts : Cleaned

¤¤¤¤¤¤¤¤¤¤ | reparsepoint



¤¤¤¤¤¤¤¤¤¤ | Offsets detection


¤¤¤¤¤¤¤¤¤¤ | Files | Folders | Registry



Removed : C:\$Recycle.bin\S-1-5-21-3529130228-2139803319-912275503-1001

Moved to quarantine successfully : C:\Users\All Users\SetStretch.cmd
Moved to quarantine successfully : C:\Users\All Users\SetStretch.exe
Moved to quarantine successfully : C:\Users\Administrator\AppData\Local\IconCache.db
Moved to quarantine successfully : C:\Users\AMB\AppData\Local\IconCache.db
Moved to quarantine successfully : C:\Users\AMB\Downloads\Setup.X86.es-ES_O365HomePremRetail_932cffbd-27f5-46f1-9e33-db10ac905fbe_TX_PR_.exe
Moved to quarantine successfully : C:\Users\AMB\Downloads\CreativeCloudSet-Up.exe
Moved to quarantine successfully : C:\Users\AMB\Downloads\MCPR.exe
Moved to quarantine successfully : C:\Users\AMB\Downloads\Firefox Setup 24.0.exe
Moved to quarantine successfully : C:\Users\AMB\Downloads\Apache_OpenOffice_4.0.1_Win_x86_install_es.exe
Moved to quarantine successfully : C:\Users\AMB\Downloads\PDFCreatorWebSetup.exe
Moved to quarantine successfully : C:\Users\AMB\Downloads\Thunderbird Setup 24.0.1.exe
Moved to quarantine successfully : C:\Users\AMB\Downloads\vlc-2.1.0-win32.exe
Moved to quarantine successfully : C:\Users\AMB\Downloads\mbam-setup-1.75.0.1300.exe
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Pre_Scan | g3n-h@ckm@n | Saachaa | 3.1031.4 ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

~ ¤¤¤¤¤ XP | Vista | 7 | 8 - 32/64 bits ¤¤¤¤¤ - Start 18:28:38

~ Update on 31/10/2013 | 21.30 by g3n-h@ckm@n
~ Evolution : https://security-helpzone.com/gen-hackman/pre_scan-2/changelog/2013-2/
~ Pre_Script Infos : https://security-helpzone.com/gen-hackman/pre_scan-2/les-switchs-pre_script/
~ Pre_scan Feedbacks : https://security-helpzone.com/gen-hackman/pre_scan-2/retours-bugs/

~ [AMB (Administrator)] - [RS]
~ SID = S-1-5-21-3529130228-2139803319-912275503-1001

~ System : Windows 8 Single Language (64 bits) CoreSingleLanguage
~ ProcessorNameString : AMD E-450 APU with Radeon(tm) HD Graphics
~ Identifier : AMD64 Family 20 Model 2 Stepping 0


~ Memory RAM = Total (MB) : 3761 | Free (MB) : 3253
~ Pagefile = Total (MB) : 7563 | Free (MB) : 7088
~ Virtual = Total (MB) : 4194 | Free (MB) : 4061

¤¤¤¤¤¤¤¤¤¤ | Boot's scripts


¤¤¤¤¤¤¤¤¤¤ | Drives

c:\-> [Fixed] | [OS] | Total : 190780 Mo | Free : 52070 Mo -> NTFS
d:\-> [Fixed] | [Data] | Total : 264650 Mo | Free : 264530 Mo -> NTFS
f:\-> [Fixed] | [My Passport] | Total : 305220 Mo | Free : 124570 Mo -> NTFS
g:\-> [Removable] | [ADATA UFD] | Total : 3810 Mo | Free : 1580 Mo -> FAT32

¤¤¤¤¤¤¤¤¤¤ | Windows Updates

No windows updates detected !!!


¤¤¤¤¤¤¤¤¤¤ | Sessions

~ C:\Windows\system32\config\systemprofile
~ C:\Windows\ServiceProfiles\LocalService
~ C:\Windows\ServiceProfiles\NetworkService
~ C:\Users\AMB
~ C:\Users\Administrator

New restorepoint created

Standby deleted !

¤¤¤¤¤¤¤¤¤¤ | stopped Processes


(376) -- explorer.exe
(340) -- ctfmon.exe

Boot : Safemode


¤¤¤¤¤¤¤¤¤¤ | Winlogon User : OK !


¤¤¤¤¤¤¤¤¤¤ | Winlogon Machine

Repaired : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon]|[userinit] : C:\Windows\SysWOW64\Userinit.exe, -> C:\Windows\System32\userinit.exe,

¤¤¤¤¤¤¤¤¤¤ | Associations



¤


¤¤¤¤¤¤¤¤¤¤ | Registry

Repaired : [HKLM\software\Microsoft\Windows\CurrentVersion\policies\Explorer]|[NoDriveTypeAutoRun] : 0 -> 145
Repaired : [HKU\S-1-5-21-3529130228-2139803319-912275503-1001\software\Microsoft\Windows\CurrentVersion\Policies\Explorer]|[NoDriveTypeAutoRun] : 0 -> 145

¤¤¤¤¤¤¤¤¤¤ | Taskmgr and Registry Access



¤¤¤¤¤¤¤¤¤¤ | SafeBoot | Control | Repair

Safeboot Keys are O.K

Alternate shell is OK !

¤

Cannot repair ! [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicDisplay.sys] : Driver
Cannot repair ! [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicRender.sys] : Driver
Cannot repair ! [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dxgkrnl.sys] : Driver
Cannot repair ! [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\FsDepends.sys] : Driver

¤

Cannot repair ! [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VirtualSmartcardReader] : Driver
Cannot repair ! [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BasicDisplay.sys] : Driver
Cannot repair ! [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BasicRender.sys] : Driver

¤¤¤¤¤¤¤¤¤¤ | IFEO


¤¤¤¤¤¤¤¤¤¤ | Mountpoints2



¤¤¤¤¤¤¤¤¤¤ | Windows

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\Autorun.inf]|[] : @SYS:DoesNotExist
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot]|[Shell] : SYS:Microsoft\Windows NT\CurrentVersion\Winlogon

Winsrv : OK !


[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]|[AppInit_DLLS] :
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]|[LoadAppInit_DLLs] : 0

[HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Windows]|[AppInit_DLLS] :
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Windows]|[LoadAppInit_DLLs] : 0

¤¤¤¤¤¤¤¤¤¤ | Security Center



[HKLM\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKLM\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]|[DisableMonitoring] : 1




¤¤¤¤¤¤¤¤¤¤ | Services Corrections


Repaired : [HKLM | Services\PlugPlay] : 3 -> 2
Repaired : [HKLM | Services\agp440] : 0 -> 2
Repaired : [HKLM | Services\Bits] : 3 -> 2
Repaired : [HKLM | Services\EapHost] : 3 -> 2
Repaired : [HKLM | Services\SharedAccess] : 4 -> 2
Repaired : [HKLM | Services\windefend] : 3 -> 2
Repaired : [HKLM | Services\wuauserv] : 3 -> 2
Repaired : [HKLM | Services\wudfsvc] : 3 -> 2
Repaired : [HKLM | Services\WerSvc] : 3 -> 2

¤¤¤¤¤¤¤¤¤¤ | Internet Explorer


Browsers settings for Users : OK


Browsers settings for Machine : OK

¤


Hijack.Internet : OK

¤¤¤¤¤¤¤¤¤¤ | Hosts

C:\Windows\System32\Drivers\etc\hosts : Cleaned

¤¤¤¤¤¤¤¤¤¤ | reparsepoint



¤¤¤¤¤¤¤¤¤¤ | Offsets detection


¤¤¤¤¤¤¤¤¤¤ | Files | Folders | Registry



Removed : C:\$Recycle.bin\S-1-5-21-3529130228-2139803319-912275503-1001

Moved to quarantine successfully : C:\Users\AMB\AppData\Local\Temp\SDIAG_be17edce-fbc5-4b0b-8eca-1176d871556e\NetworkDiagnosticSnapIn.dll
Moved to quarantine successfully : C:\Users\AMB\AppData\Local\IconCache.db

Moved to quarantine successfully : C:\Windows\assembly\tmp\

Prefetch -> Emptied

Disinfected : C:\Users\AMB\Desktop\UsbFix Ayudar el autor.lnk : C:\Program Files (x86)\Internet Explorer\iexplore.exe (hxxp://www.usbfix.net/es/ayudar-el-autor/)

Suspect : C:\Windows\MEMORY.DMP

D:\ : Vaccinated (Vaccin created by Pre_Scan)
F:\ : Vaccinated (Vaccin created by Pre_Scan)
G:\ : Vaccinated (Vaccin created by Usbfix)

¤¤¤¤¤¤¤¤¤¤ | Hidden files

~ [Drive F:] : Hidden : 1248 | Restored : 1248
~ [Drive G:] : Hidden : 5 | Restored : 5
~ [Program Files] : Hidden : 4 | Restored : 4
~ [Users] : Hidden : 2 | Restored : 2
~ [Documents] : Hidden : 7 | Restored : 7
~ [Searches] : Hidden : 2 | Restored : 2
~ [Windows] : Hidden : 80 | Restored : 78
~ [Start Menu | Programs | Startup] : Hidden : 1 | Restored : 1
~ [AppData] : Hidden : 9 | Restored : 9


¤¤¤¤¤¤¤¤¤¤ | Listing Partition(s)

Disk: 0 Size=477G
Pos MBRndx Type/Name Size Active Hide Start Sector Sectors
--- ------ ---------- ---- ------ ---- ------------ ------------
0 0 EE-UNKNWN 477G No No 1 976,773,167

¤¤¤¤¤¤¤¤¤¤

[HKLM64 | Winlogon]|[AutoRestartShell] : 1

End : 19:24:47


Standby Restored !
¤¤¤¤¤¤¤¤¤¤( EOF )¤¤¤¤¤¤¤¤¤¤ - 446

Alors, il en reste encore?
Bonne nuit!
:dodo10:

[g3n-h@ckm@n]

hello , good !

refais un diag stp (heberge le rapport sur sosupload et donne le lien)

[Sofia]

Hola, désolée pour le retard, je n'étais pas chez moi aujourd'hui...

Voilà  le rapport de diag de Pre scan, en mode sans echec, avec tout bien branché

https://cjoint.com/13nv/CKdhqcVTTeV.htm

Y'a encore des virus bien accrochés ou c'est tout bon?

[g3n-h@ckm@n]

hello

nan c'est bon tu peux faire le ménage

https://www.security-helpzone.com/gen-ha ... infection/

[Sofia]

Voilà  le rapport de Del fix:

Code: Tout sélectionner

# DelFix v10.4 - Logfile created 03/11/2013 at 11:08:40
# Updated 19/07/2013 by Xplode
# Username : AMB - RS
# Operating System : Windows 8 Single Language (64 bits)

~ Activating UAC ... OK

~ Removing disinfection tools ...

Deleted : C:\USBFix
Deleted : C:\pre_scan
Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
Deleted : C:\Program Files (x86)\ZHPDiag
Deleted : C:\PhysicalDisk0_MBR.bin
Deleted : C:\Pre_Diag_03_11_2013_00_01_44.txt
Deleted : C:\Pre_Diag_31_10_2013_18_20_05.txt
Deleted : C:\Pre_Scan_01_11_2013_19_24_49.txt
Deleted : C:\UsbFix [Clean 1] RS.txt
Deleted : C:\UsbFix [Clean 2] RS.txt
Deleted : C:\UsbFix [Clean 3] RS.txt
Deleted : C:\Users\AMB\Desktop\adwcleaner.exe
Deleted : C:\Users\AMB\Desktop\AdwCleaner[S0].txt
Deleted : C:\Users\AMB\Desktop\logiciel1.txt
Deleted : C:\Users\AMB\Desktop\Pre_Diag_31_10_2013_18_20_05.txt
Deleted : C:\Users\AMB\Desktop\Pre_Scan.exe
Deleted : C:\Users\AMB\Desktop\UsbFix Ayudar el autor.lnk
Deleted : C:\Users\AMB\Desktop\UsbFix [Clean 2] RS.txt
Deleted : C:\Users\AMB\Desktop\UsbFix [Clean 3] RS.txt
Deleted : C:\Users\AMB\Desktop\UsbFix.exe
Deleted : C:\Users\AMB\Desktop\ZHPDiag.lnk
Deleted : C:\Users\AMB\Desktop\ZHPDiag.txt
Deleted : C:\Users\AMB\Desktop\ZHPDiag2.exe
Deleted : C:\Users\AMB\Desktop\ZHPFix.lnk
Deleted : HKCU\Software\g3n-h@ckm@n
Deleted : HKCU\Software\USBFix
Deleted : HKLM\SOFTWARE\AdwCleaner
Deleted : HKLM\SOFTWARE\g3n-h@ckm@n
Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\USBFix
Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ZHPDiag_is1

~ Creating registry backup ... OK

~ Cleaning system restore ...

Deleted : RP #4 [Punto de control programado | 10/30/2013 01:24:17]
Deleted : RP #5 [Windows Update | 10/30/2013 01:24:47]
Deleted : RP #6 [Eliminacià³n del paquete de idioma | 10/31/2013 15:41:53]
Deleted : RP #7 [Eliminacià³n del paquete de idioma | 11/01/2013 22:01:49]
Deleted : RP #8 [Installed Java 7 Update 45 | 11/03/2013 16:58:38]

New restore point created !

~ Resetting system settings ... OK

########## - EOF - ##########

Dernières petites questions: il me semble que certains dossiers/fichiers ont étés créés sur ma clef USB et DDE... Sont-ils importants? Puis-je les effacer?

-Sur USB: ".Trashes" (dossier), ".Spotlight-V100" (dossier), ".fseventsd" (dossier), "BOOTEX.LOG" (fichier), "._.Trashes" (fichier), "_disk_id.pod" (fichier)

-Sur DDE: "$AVG" (dossier), "Autorun.inf" (dossier), "buda_vfs.img" (fichier), "Thumbs.db" (fichier)

Sinon un énorme MERCI à  toi et à  tous les contributeurs de ce site!! Longue vie à  SOS virus!!
:bravo1:

[g3n-h@ckm@n]

pour ceux sur usb tu peux les supprimer mais ils reviendront dès que tu brancheras la clé sur un Mac

==

mais normalement tu devrais pas les voir ce sont des fichiers/dossiers cachés.

faut que tu remettes les dossiers/fichiers cachés en caché

[Sofia]

Ok!...

Et bien merci pour tout, j'essairai de suivre les conseils de sécurité, je recommenderai le site et dès que je peux je ferai un don parceque c'est quand même bien cool ce que vous faites!

Un abrazo desde México!


Ps: comentkonfait pour mettre le sujet en résolu?

[g3n-h@ckm@n]

je m'en occupe

bises de (Valence) france