[El Desaparecido]

Bonjour Lou,

Tu peux m'envoyer des captures de ce qui est posté sur ton FB par ce "virus" ?

Nettoie avec la dernière version de UsbFix , ensuite regarde si t'as toujours le soucis sur Facebook

• Télécharge UsbFix sur ton Bureau.
• Si ton antivirus affiche une alerte, ignore-la et désactive l'antivirus temporairement.
• Branche toutes test sources de données externes à  ton PC (clé USB, disque dur externe, etc...) sans les ouvrir.

• Double clique sur UsbFix.exe.
• Clique sur Suppression

• 

• Laisse travailler l'outil.
• à€ la fin du scan, un rapport va s'afficher, poste-le dans ta prochaine réponse sur le forum.
• Le rapport est aussi sauvegardé à  la racine du disque système ( C:\UsbFix [Clean ?] Nom de l'ordinateur.txt ).
• Tutoriel en images

[g3n-h@ckm@n]

et mon diag ?

[g3n-h@ckm@n]

j'ai demandé un diag et El Desaparecido a demandé l'utilisation d'usbfix , tu lis ce qu on ecrit ?

[El Desaparecido]

j'ai demandé un diag et El Desaparecido a demandé l'utilisation d'usbfix , tu lis ce qu on ecrit ?

Déjà  tu commences par me parler autrement , lis la charte Helper ...

UsbFix dans sa dernière version intègre cette infection.

[Lou12345]

Je n'arrive pas a envoier la capture d'écran ..

[El Desaparecido]

envoi la ici stp : http://upload.sosvirus.org/index.html" onclick="window.open(this.href);return false;

[Lou12345]

Voici le dernier raport:

############################## | UsbFix V 7.118 | [Deletion]

User: Kendirgi (Administrator) # KENDIRGI-PC
Updated 24/03/2013 by El Desaparecido
Started at 12:18:23 | 24/03/2013

Website: http://sosvirus.org/" onclick="window.open(this.href);return false;
Upload Malware: http://upload.sosvirus.org/" onclick="window.open(this.href);return false;
Contact: contact@sosvirus.org

PC: ASUSTeK Computer Inc. (F6V ) (x64-based PC)
CPU: Intel(R) Core(TM)2 Duo CPU T5800 @ 2.00GHz (2000)
RAM -> [Total : 3071 | Free : 1853]
BIOS: Default System BIOS
BOOT: Normal boot

OS: Microsoft Windows 7 à‰dition Intégrale (6.1.7600 64-Bit) #
WB: Windows Internet Explorer 8.0.7600.16385

SC: Security Center Service [Enabled]
WU: Windows Update Service [Enabled]
AV: avast! Antivirus [(!) Disabled | Updated]
FW: Windows FireWall Service [Enabled]

C:\ (%systemdrive%) -> Fixed drive # 195 Gb (67 Mb free - 34%) [] # NTFS

[Lou12345]

D:\ -> CD-ROM
E:\ -> CD-ROM

################## | El Desaparecido Section |

HKLM\SOFTWARE | Run : [avast] - "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
HKLM\SOFTWARE | Run : [GrooveMonitor] - "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
HKLM\SOFTWARE | Run : [Adobe Reader Speed Launcher] - "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
HKLM\SOFTWARE | Run : [Adobe ARM] - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
HKLM\SOFTWARE | Run : [SunJavaUpdateSched] - "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
HKLM\SOFTWARE | Run : [UnlockerAssistant] - "C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe"
HKLM\SOFTWARE | Run : [APSDaemon] - "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
HKLM\SOFTWARE | Run : [EEventManager] - "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
HKLM\SOFTWARE | Run : [QuickTime Task] - "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
HKLM\SOFTWARE | Run : [iTunesHelper] - "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
HKLM\SOFTWARE\wow6432Node | Run : [avast] - "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
HKLM\SOFTWARE\wow6432Node | Run : [GrooveMonitor] - "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
HKLM\SOFTWARE\wow6432Node | Run : [Adobe Reader Speed Launcher] - "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
HKLM\SOFTWARE\wow6432Node | Run : [Adobe ARM] - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
HKLM\SOFTWARE\wow6432Node | Run : [SunJavaUpdateSched] - "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
HKLM\SOFTWARE\wow6432Node | Run : [UnlockerAssistant] - "C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe"
HKLM\SOFTWARE\wow6432Node | Run : [APSDaemon] - "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
HKLM\SOFTWARE\wow6432Node | Run : [EEventManager] - "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
HKLM\SOFTWARE\wow6432Node | Run : [QuickTime Task] - "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
HKLM\SOFTWARE\wow6432Node | Run : [iTunesHelper] - "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
HKLM\SOFTWARE | RunOnce : [] -
HKLM\SOFTWARE\wow6432Node | RunOnce : [] -
HKU\S-1-5-19\SOFTWARE | Run : [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-20\SOFTWARE | Run : [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-21-82401753-827500433-2952092644-1000\SOFTWARE | Run : [DAEMON Tools Lite] - "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
HKU\S-1-5-21-82401753-827500433-2952092644-1000\SOFTWARE | Run : [Google Update] - "C:\Users\Kendirgi\AppData\Local\Google\Update\GoogleUpdate.exe" /c
HKU\S-1-5-21-82401753-827500433-2952092644-1000\SOFTWARE | Run : [EA Core] - "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent
HKU\S-1-5-19\SOFTWARE | RunOnce : [mctadmin] - C:\Windows\System32\mctadmin.exe
HKU\S-1-5-20\SOFTWARE | RunOnce : [mctadmin] - C:\Windows\System32\mctadmin.exe

################## | Stopped processes |

Stopped! C:\Windows\system32\atiesrxx.exe (760)
Stopped! C:\Windows\system32\atieclxx.exe (1200)
Stopped! C:\Program Files\AVAST Software\Avast\AvastSvc.exe (1276)
Stopped! C:\Windows\System32\spoolsv.exe (1400)
Stopped! C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe (1572)
Stopped! C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (1608)
Stopped! C:\Program Files\Bonjour\mDNSResponder.exe (1716)
Stopped! C:\Windows\system32\sppsvc.exe (1832)
Stopped! C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (1436)
Stopped! C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (1432)
Stopped! C:\Windows\system32\taskhost.exe (2524)
Stopped! C:\Program Files\Microsoft IntelliPoint\ipoint.exe (2360)
Stopped! C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (2468)
Stopped! C:\Program Files (x86)\McAfee Security Scan\3.0.285\SSScheduler.exe (2628)
Stopped! C:\Users\Kendirgi\AppData\Local\Facebook\Messenger\2.1.4651.0\FacebookMessenger.exe (2600)
Stopped! C:\Users\Kendirgi\AppData\Local\Google\Update\1.3.21.135\GoogleCrashHandler.exe (2636)
Stopped! C:\Users\Kendirgi\AppData\Local\Google\Update\1.3.21.135\GoogleCrashHandler64.exe (2756)
Stopped! C:\Windows\system32\SearchIndexer.exe (3044)
Stopped! C:\Program Files\AVAST Software\Avast\AvastUI.exe (2160)
Stopped! C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (2616)
Stopped! C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (1188)
Stopped! C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe (2436)
Stopped! C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe (900)
Stopped! C:\Program Files (x86)\iTunes\iTunesHelper.exe (2764)
Stopped! C:\Program Files\iPod\bin\iPodService.exe (3400)
Stopped! C:\Program Files\Windows Media Player\wmpnetwk.exe (604)
Stopped! C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe (1816)
Stopped! C:\Program Files (x86)\Mozilla Firefox\firefox.exe (596)
Stopped! C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe (3984)
Stopped! C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe (3668)
Stopped! C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe (3596)
Stopped! C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe (2488)
Stopped! C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe (3412)
Stopped! C:\Windows\system32\taskeng.exe (4808)

################## | Files # Infected Folders |

Deleted ! C:\Program Files (x86)\Windows Service

(!) Temporary files deleted.

################## | Registry |


################## | Mountpoints2 |


################## | Listing |

[22/03/2013 - 19:47:59 | SHD ] C:\$Recycle.Bin
[24/09/2011 - 22:36:51 | D ] C:\b5007b2f251377ef16669bb86103
[24/02/2013 - 21:59:09 | N | 647] C:\DelFix.txt
[14/07/2009 - 06:08:56 | SHD ] C:\Documents and Settings
[07/11/2007 - 07:00:40 | N | 17734] C:\eula.1028.txt
[07/11/2007 - 07:00:40 | N | 17734] C:\eula.1031.txt
[07/11/2007 - 07:00:40 | N | 10134] C:\eula.1033.txt
[07/11/2007 - 07:00:40 | N | 17734] C:\eula.1036.txt
[07/11/2007 - 07:00:40 | N | 17734] C:\eula.1040.txt
[07/11/2007 - 07:00:40 | N | 118] C:\eula.1041.txt
[07/11/2007 - 07:00:40 | N | 17734] C:\eula.1042.txt
[07/11/2007 - 07:00:40 | N | 17734] C:\eula.2052.txt
[07/11/2007 - 07:00:40 | N | 17734] C:\eula.3082.txt
[22/03/2012 - 17:43:25 | D ] C:\found.000
[27/06/2012 - 17:58:54 | D ] C:\found.001
[30/11/2011 - 22:43:17 | D ] C:\Fraps
[07/11/2007 - 07:00:40 | N | 1110] C:\globdata.ini
[24/03/2013 - 11:45:48 | ASH | 2415218688] C:\hiberfil.sys
[07/11/2007 - 07:00:40 | N | 843] C:\install.ini
[29/02/2012 - 14:07:37 | D ] C:\Mes Documents
[28/11/2011 - 21:30:14 | D ] C:\MinGW
[05/04/2011 - 22:26:41 | RHD ] C:\MSOCache
[24/03/2013 - 11:45:50 | ASH | 3220295680] C:\pagefile.sys
[14/07/2009 - 04:20:08 | D ] C:\PerfLogs
[21/02/2013 - 20:14:42 | N | 512] C:\PhysicalMBR.bin
[23/03/2013 - 11:16:21 | D ] C:\Pre_Scan
[22/03/2013 - 19:32:16 | N | 51207] C:\Pre_Scan_22_03_2013_18_03_28.txt
[08/12/2012 - 20:18:41 | D ] C:\Program Files
[23/03/2013 - 19:07:58 | D ] C:\Program Files (x86)
[23/03/2013 - 19:08:01 | HD ] C:\ProgramData
[03/04/2011 - 12:05:19 | SHD ] C:\Recovery
[18/06/2011 - 19:33:38 | D ] C:\Riot Games
[22/03/2013 - 12:14:37 | SHD ] C:\System Volume Information
[24/03/2013 - 12:24:46 | D ] C:\UsbFix
[24/03/2013 - 11:37:22 | N | 7494] C:\UsbFix [Clean 1] KENDIRGI-PC.txt
[24/03/2013 - 12:25:01 | A | 8723] C:\UsbFix [Clean 2] KENDIRGI-PC.txt
[15/02/2013 - 18:21:54 | D ] C:\Users
[07/11/2007 - 07:00:40 | N | 5686] C:\vcredist.bmp
[07/11/2007 - 07:09:22 | N | 1442522] C:\VC_RED.cab
[07/11/2007 - 07:12:28 | N | 232960] C:\VC_RED.MSI
[03/04/2010 - 19:33:31 | N | 2088501] C:\VS_EXPBSLN_x64_fra.CAB
[03/04/2010 - 19:35:56 | N | 555008] C:\VS_EXPBSLN_x64_fra.MSI
[24/03/2013 - 08:49:21 | D ] C:\Windows

################## | Vaccin |

C:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)

################## | E.O.F | http://sosvirus.org" onclick="window.open(this.href);return false; |

[El Desaparecido]

Fais ceci maintenant : http://sosvirus.org/viewtopic.php?f=6&t ... t=20#p2125" onclick="window.open(this.href);return false;

[Lou12345]

http://cjoint.com/?CDDk2XEdlu6" onclick="window.open(this.href);return false; Voila, j‚espère que je ne me suis pas trompée.