2 sujets de 1 à 2 (sur un total de 2)
  • Auteur
    Messages
  • jpdunber
    Participant
    Nombre d'articles : 1

    J’ai fait un scan avec usbfix et voici le résultat du scan. On me demande d’aller sur ce forum pour de l’aide et d’attendre le résultat de vos suggestions pour la suite.
    Merci[spoiler:1wf2rm2h]############################## | UsbFix V 7.129 | [Recherche]

    Utilisateur: Jpdunber (Administrateur) # ORDIHPI7
    Mis à jour le 24/06/2013 par El Desaparecido
    Lancé à 21:44:06 | 08/08/2013

    Site Web: https://www.sosvirus.net/” onclick=”window.open(this.href);return false;
    Upload Malware: upload-malware-pour-analyse-t489.html
    Contact: contact@sosvirus.net

    PC: Hewlett-Packard (HP Pavilion dv6 Notebook PC) (x64-based PC)
    CPU: Intel(R) Core(TM) i7-3610QM CPU @ 2.30GHz (2301)
    RAM -> [Total : 8091 | Free : 4678]
    BIOS: InsydeH2O Version 03.71.51F.09
    BOOT: Normal boot

    OS: Microsoft Windows 7 Édition Familiale Premium (6.1.7601 64-Bit) # Service Pack 1
    WB: Windows Internet Explorer 10.0.9200.16635

    SC: Security Center Service [Enabled]
    WU: Windows Update Service [Enabled]
    AV: AVG AntiVirus Free Edition 2013 [(!) Disabled | Updated]
    FW: Windows FireWall Service [Enabled]

    C: (%systemdrive%) -> Disque fixe # 903 Go (203 Go libre(s) – 23%) [] # NTFS
    D: -> Disque fixe # 28 Go (3 Go libre(s) – 11%) [Recovery] # NTFS
    E: -> CD-ROM
    F: -> Disque amovible # 4 Go (4 Go libre(s) – 100%) [] # FAT32
    G: -> CD-ROM
    H: -> Disque amovible # 30 Go (30 Go libre(s) – 100%) [LEXAR] # FAT32

    ################## | Processus Actif |

    C:Windowssystem32csrss.exe (1208)
    C:Windowssystem32wininit.exe (1284)
    C:Windowssystem32csrss.exe (1308)
    C:Windowssystem32services.exe (1352)
    C:Windowssystem32lsass.exe (1376)
    C:Windowssystem32lsm.exe (1384)
    C:Windowssystem32winlogon.exe (1420)
    C:Windowssystem32svchost.exe (1532)
    C:Program Files (x86)HP SimplePassTrueSuiteService.exe (1596)
    C:Windowssystem32svchost.exe (1656)
    C:WindowsSystem32svchost.exe (1776)
    C:WindowsSystem32svchost.exe (1808)
    C:Windowssystem32svchost.exe (1844)
    C:Windowssystem32svchost.exe (1884)
    C:Program FilesIDTWDMSTacSV64.exe (1936)
    C:Windowssystem32Hpservice.exe (1232)
    C:Program FilesTabletWacomWTabletServicePro.exe (1472)
    C:Windowssystem32WUDFHost.exe (724)
    C:Windowssystem32Dwm.exe (2160)
    C:WindowsExplorer.EXE (2184)
    C:Program Files (x86)HP SimplePassTouchControl.exe (2208)
    C:Windowssystem32svchost.exe (2252)
    C:Windowssystem32WLANExt.exe (2348)
    C:Windowssystem32conhost.exe (2356)
    C:WindowsSystem32spoolsv.exe (2432)
    C:Windowssystem32taskeng.exe (2452)
    C:Windowssystem32svchost.exe (2576)
    C:Windowssystem32taskhost.exe (2604)
    C:Program Files (x86)Common FilesAcronisSchedule2schedul2.exe (2724)
    C:Program Files (x86)Common FilesAdobeARM1.0armsvc.exe (2756)
    C:Program Files (x86)Common FilesAcronisSchedule2schedhlp.exe (2780)
    C:Program Files (x86)Common FilesAcronisCDPafcdpsrv.exe (2860)
    C:Program Files (x86)Common FilesAppleMobile Device SupportAppleMobileDeviceService.exe (2892)
    C:Windowssystem32taskeng.exe (1740)
    c:Program FilesMicrosoft Mouse and Keyboard Centeripoint.exe (2088)
    c:Program FilesMicrosoft Mouse and Keyboard Centeritype.exe (2096)
    C:Program Files (x86)AVGAVG2013avgwdsvc.exe (3048)
    C:Program FilesBonjourmDNSResponder.exe (1920)
    C:ProgramDataBrowserDefender2.6.1519.190{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}BrowserDefender.exe (1752)
    C:Program FilesIntelWiFibinEvtEng.exe (3076)
    C:Program Files (x86)GarminCore Update ServiceGarmin.Cartography.MapUpdate.CoreService.exe (3172)
    C:ProgramDataBrowserDefender2.6.1519.190{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}BrowserDefender.exe (3256)
    C:Program Files (x86)CyberLinkYouCamYCMMirage.exe (3780)
    C:Program FilesHewlett-PackardHP Client ServicesHPClientServices.exe (4028)
    C:Program Files (x86)Hewlett-PackardHP Quick LaunchHPWMISVC.exe (4048)
    C:Program FilesInteliCLS ClientHeciServer.exe (3180)
    C:Program Files (x86)IntelIntel(R) Management Engine ComponentsFWServiceIntelMeFWService.exe (3204)
    C:Program Files (x86)IntelIntel(R) Management Engine ComponentsDALjhi_service.exe (3472)
    C:WindowsSystem32svchost.exe (2412)
    C:WindowsSysWOW64nlssrv32.exe (3816)
    C:WindowsSystem32svchost.exe (3420)
    c:Program Files (x86)Common FilesProtexisLicense ServicePsiService_2.exe (4120)
    C:Program FilesCommon FilesIntelWirelessCommonRegSrvc.exe (4144)
    C:Windowssystem32svchost.exe (4208)
    C:Program Files (x86)Common FilesAVG Secure SearchvToolbarUpdater15.4.0ToolbarUpdater.exe (4256)
    C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSVC.EXE (4280)
    C:Program FilesIntelWiFibinZeroConfigService.exe (4324)
    C:Program Files (x86)Common FilesAVG Secure SearchvToolbarUpdater15.4.0loggingserver.exe (4340)
    C:Windowssystem32conhost.exe (4360)
    C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSvcM.exe (4412)
    C:Windowssystem32wbemunsecapp.exe (4896)
    C:Windowssystem32svchost.exe (5020)
    C:Windowssystem32svchost.exe (5216)
    C:Windowssystem32wbemwmiprvse.exe (5820)
    C:Program FilesTabletWacomWacom_TabletUser.exe (5912)
    C:Program FilesTabletWacomWacomHost.exe (5920)
    C:Program FilesTabletWacomWacom_Tablet.exe (6004)
    C:Program FilesTabletWacomWacom_TouchUser.exe (6056)
    C:WindowsSystem32hkcmd.exe (4928)
    C:WindowsSystem32igfxpers.exe (5636)
    C:Program FilesSynapticsSynTPSynTPEnh.exe (5648)
    C:Program FilesACD SystemsACDSee Pro6.0ACDSeePro6InTouch2.exe (5696)
    C:Program Files (x86)IntelBluetoothBleServicesCtrl.exe (3008)
    C:WindowsSystem32rundll32.exe (4880)
    C:Program FilesIDTWDMsttray64.exe (5496)
    C:Program FilesLogitechSetPointPSetPoint.exe (2528)
    C:Program FilesHewlett-PackardHP LaunchBoxHPTaskBar1.exe (5276)
    C:Program FilesHewlett-PackardHP LaunchBoxHPTaskBar2.exe (5552)
    C:PROGRAM FILESSYNAPTICSSYNTPSYNTPHELPER.EXE (2532)
    C:UsersJpdunberAppDataLocalMétéoMédiaMétéoÉclairweathereye.exe (3168)
    C:UsersJpdunberAppDataLocalAkamainetsession_win.exe (3496)
    C:Program Files (x86)SamsungKiesKies.exe (6048)
    C:Program Files (x86)SamsungKiesExternalFirmwareUpdateKiesPDLR.exe (5232)
    C:Program Files (x86)AvanquestPowerDeskPDHookServer.exe (5628)
    C:WindowsSystem32wscript.exe (6160)
    C:Windowssystem32wbemwmiprvse.exe (6212)
    C:Program Files (x86)IntelIntel(R) USB 3.0 eXtensible Host Controller DriverApplicationiusb3mon.exe (6260)
    C:Windowssystem32SearchIndexer.exe (6276)
    C:UsersJpdunberAppDataLocalAkamainetsession_win.exe (6316)
    C:Program Files (x86)DatacolorSpyder3ProUtilitySpyder3Utility.exe (6324)
    C:Program Files (x86)Hewlett-PackardHP On Screen DisplayHPOSD.exe (6340)
    C:UsersJpdunberAppDataRoamingDropboxbinDropbox.exe (6348)
    C:Program Files (x86)Hewlett-PackardHP CoolSenseCoolSense.exe (6376)
    C:Program Files (x86)EvernoteEvernoteEvernoteClipper.exe (6392)
    C:Program Files (x86)AVG Secure Searchvprot.exe (6464)
    C:Program Files (x86)AdobeAcrobat 10.0Acrobatacrotray.exe (6560)
    C:Program Files (x86)AcronisTrueImageHomeTrueImageMonitor.exe (6628)
    C:Program FilesCommon FilesLogiShrdKHAL3KHALMNPR.EXE (6656)
    C:Program Files (x86)AVGAVG2013avgui.exe (6696)
    C:Program Files (x86)Zinio Alert MessengerZinio Alert Messenger.exe (6820)
    C:Program Files (x86)Epson SoftwareEvent ManagerEEventManager.exe (6868)
    C:Program Files (x86)iTunesiTunesHelper.exe (6948)
    C:Program Files (x86)Common FilesJavaJava Updatejusched.exe (7060)
    C:Program Files (x86)Hewlett-PackardHP Quick LaunchHPMSGSVC.exe (7108)
    C:Program Files (x86)SamsungKiesKiesTrayAgent.exe (1372)
    C:Program FilesiPodbiniPodService.exe (7464)
    C:Windowssystem32svchost.exe (7588)
    C:Program Files (x86)Hewlett-PackardSharedhpqWmiEx.exe (7936)
    C:Windowssystem32wbemunsecapp.exe (7412)
    C:Program Files (x86)AdobeElements 10 OrganizerPhotoshopElementsFileAgent.exe (7552)
    C:Program FilesWindows Media Playerwmpnetwk.exe (5576)
    C:Program FilesIntelBluetoothHSBTHSAmpPalService.exe (6480)
    C:Windowssystem32svchost.exe (8400)
    C:Program Files (x86)HP SimplePassIEWebSiteLogon.exe (8484)
    C:Program Files (x86)IntelBluetoothdevmonsrv.exe (8784)
    C:Program Files (x86)IntelBluetoothmediasrv.exe (8860)
    C:Program Files (x86)IntelBluetoothobexsrv.exe (5508)
    C:Program FilesIntelBluetoothHSBTHSSecurityMgr.exe (9160)
    C:Program Files (x86)IntelBluetoothBTPlayerCtrl.exe (9204)
    C:Program Files (x86)GoogleUpdateGoogleUpdate.exe (4920)
    C:Program Files (x86)Hewlett-PackardHP Support Frameworkhpsa_service.exe (7956)
    C:WindowsSystem32svchost.exe (5860)
    C:Program Files (x86)IntelIntel(R) Rapid Storage TechnologyIAStorDataMgrSvc.exe (10012)
    C:Program Files (x86)IntelIntel(R) Management Engine ComponentsLMSLMS.exe (10072)
    C:Program Files (x86)NeroUpdateNASvc.exe (10216)
    C:Windowssystem32svchost.exe (9684)
    C:Program Files (x86)IntelIntel(R) Management Engine ComponentsUNSUNS.exe (4556)
    C:Windowssystem32DllHost.exe (9472)
    C:Program Files (x86)Common FilesAdobeOOBEPDAppUWAAAM Updates Notifier.exe (9752)
    C:Windowssystem32WUDFHost.exe (6736)
    C:Program Files (x86)AvanquestPowerDeskContextMenuServer.exe (10192)
    C:Program FilesInternet Exploreriexplore.exe (5776)
    C:Program Files (x86)Internet ExplorerIEXPLORE.EXE (6612)
    C:Program Files (x86)Internet ExplorerIEXPLORE.EXE (8228)
    C:Program Files (x86)Internet ExplorerIEXPLORE.EXE (3288)
    C:Program Files (x86)Internet ExplorerIEXPLORE.EXE (9592)
    C:Program Files (x86)AVGAVG2013avgcfgex.exe (10576)
    C:Windowssystem32SearchProtocolHost.exe (11236)
    C:Windowssystem32SearchFilterHost.exe (1988)
    C:UsbFixGo.exe (10480)

    ################## | El Desaparecido Section |

    HKLMSOFTWARE | Run : [USB3MON] – “C:Program Files (x86)IntelIntel(R) USB 3.0 eXtensible Host Controller DriverApplicationiusb3mon.exe”
    HKLMSOFTWARE | Run : [Adobe ARM] – “C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe”
    HKLMSOFTWARE | Run : [HPOSD] – C:Program Files (x86)Hewlett-PackardHP On Screen DisplayHPOSD.exe
    HKLMSOFTWARE | Run : [HP CoolSense] – C:Program Files (x86)Hewlett-PackardHP CoolSenseCoolSense.exe -byrunkey
    HKLMSOFTWARE | Run : [vProt] – “C:Program Files (x86)AVG Secure Searchvprot.exe”
    HKLMSOFTWARE | Run : [SwitchBoard] – C:Program Files (x86)Common FilesAdobeSwitchBoardSwitchBoard.exe
    HKLMSOFTWARE | Run : [AdobeCS6ServiceManager] – “C:Program Files (x86)Common FilesAdobeCS6ServiceManagerCS6ServiceManager.exe” -launchedbylogin
    HKLMSOFTWARE | Run : [Adobe Acrobat Speed Launcher] – “C:Program Files (x86)AdobeAcrobat 10.0AcrobatAcrobat_sl.exe”
    HKLMSOFTWARE | Run : [Acrobat Assistant 8.0] – “C:Program Files (x86)AdobeAcrobat 10.0AcrobatAcrotray.exe”
    HKLMSOFTWARE | Run : [APSDaemon] – “C:Program Files (x86)Common FilesAppleApple Application SupportAPSDaemon.exe”
    HKLMSOFTWARE | Run : [TrueImageMonitor.exe] – “C:Program Files (x86)AcronisTrueImageHomeTrueImageMonitor.exe”
    HKLMSOFTWARE | Run : [AVG_UI] – “C:Program Files (x86)AVGAVG2013avgui.exe” /TRAYONLY
    HKLMSOFTWARE | Run : [jkaulppddpbnqd] – C:WindowsSystem32regsvr32.exe /s “C:Windowssystem32xfwtyeypcxj.dll”
    HKLMSOFTWARE | Run : [EEventManager] – C:PROGRA~2EPSONS~1EVENTM~1EEventManager.exe
    HKLMSOFTWARE | Run : [iTunesHelper] – “C:Program Files (x86)iTunesiTunesHelper.exe”
    HKLMSOFTWARE | Run : [SunJavaUpdateSched] – “C:Program Files (x86)Common FilesJavaJava Updatejusched.exe”
    HKLMSOFTWARE | Run : [HP Quick Launch] – C:Program Files (x86)Hewlett-PackardHP Quick LaunchHPMSGSVC.exe
    HKLMSOFTWARE | Run : [] –
    HKLMSOFTWARE | Run : [KiesTrayAgent] – C:Program Files (x86)SamsungKiesKiesTrayAgent.exe
    HKLMSOFTWAREwow6432Node | Run : [USB3MON] – “C:Program Files (x86)IntelIntel(R) USB 3.0 eXtensible Host Controller DriverApplicationiusb3mon.exe”
    HKLMSOFTWAREwow6432Node | Run : [Adobe ARM] – “C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe”
    HKLMSOFTWAREwow6432Node | Run : [HPOSD] – C:Program Files (x86)Hewlett-PackardHP On Screen DisplayHPOSD.exe
    HKLMSOFTWAREwow6432Node | Run : [HP CoolSense] – C:Program Files (x86)Hewlett-PackardHP CoolSenseCoolSense.exe -byrunkey
    HKLMSOFTWAREwow6432Node | Run : [vProt] – “C:Program Files (x86)AVG Secure Searchvprot.exe”
    HKLMSOFTWAREwow6432Node | Run : [SwitchBoard] – C:Program Files (x86)Common FilesAdobeSwitchBoardSwitchBoard.exe
    HKLMSOFTWAREwow6432Node | Run : [AdobeCS6ServiceManager] – “C:Program Files (x86)Common FilesAdobeCS6ServiceManagerCS6ServiceManager.exe” -launchedbylogin
    HKLMSOFTWAREwow6432Node | Run : [Adobe Acrobat Speed Launcher] – “C:Program Files (x86)AdobeAcrobat 10.0AcrobatAcrobat_sl.exe”
    HKLMSOFTWAREwow6432Node | Run : [Acrobat Assistant 8.0] – “C:Program Files (x86)AdobeAcrobat 10.0AcrobatAcrotray.exe”
    HKLMSOFTWAREwow6432Node | Run : [APSDaemon] – “C:Program Files (x86)Common FilesAppleApple Application SupportAPSDaemon.exe”
    HKLMSOFTWAREwow6432Node | Run : [TrueImageMonitor.exe] – “C:Program Files (x86)AcronisTrueImageHomeTrueImageMonitor.exe”
    HKLMSOFTWAREwow6432Node | Run : [AVG_UI] – “C:Program Files (x86)AVGAVG2013avgui.exe” /TRAYONLY
    HKLMSOFTWAREwow6432Node | Run : [jkaulppddpbnqd] – C:WindowsSystem32regsvr32.exe /s “C:Windowssystem32xfwtyeypcxj.dll”
    HKLMSOFTWAREwow6432Node | Run : [EEventManager] – C:PROGRA~2EPSONS~1EVENTM~1EEventManager.exe
    HKLMSOFTWAREwow6432Node | Run : [iTunesHelper] – “C:Program Files (x86)iTunesiTunesHelper.exe”
    HKLMSOFTWAREwow6432Node | Run : [SunJavaUpdateSched] – “C:Program Files (x86)Common FilesJavaJava Updatejusched.exe”
    HKLMSOFTWAREwow6432Node | Run : [HP Quick Launch] – C:Program Files (x86)Hewlett-PackardHP Quick LaunchHPMSGSVC.exe
    HKLMSOFTWAREwow6432Node | Run : [] –
    HKLMSOFTWAREwow6432Node | Run : [KiesTrayAgent] – C:Program Files (x86)SamsungKiesKiesTrayAgent.exe
    HKLMSOFTWARE | RunOnce : [] –
    HKLMSOFTWAREwow6432Node | RunOnce : [] –
    HKUS-1-5-19SOFTWARE | Run : [Sidebar] – %ProgramFiles%Windows SidebarSidebar.exe /autoRun
    HKUS-1-5-20SOFTWARE | Run : [Sidebar] – %ProgramFiles%Windows SidebarSidebar.exe /autoRun
    HKUS-1-5-21-221260327-831789430-1867440863-1000SOFTWARE | Run : [AdobeBridge] –
    HKUS-1-5-21-221260327-831789430-1867440863-1000SOFTWARE | Run : [CAHeadless] – C:Program Files (x86)AdobeElements 10 OrganizerCAHeadlessElementsAutoAnalyzer.exe
    HKUS-1-5-21-221260327-831789430-1867440863-1000SOFTWARE | Run : [WeatherEye] – C:UsersJpdunberAppDataLocalMétéoMédiaMétéoÉclairweathereye.exe
    HKUS-1-5-21-221260327-831789430-1867440863-1000SOFTWARE | Run : [Akamai NetSession Interface] – “C:UsersJpdunberAppDataLocalAkamainetsession_win.exe”
    HKUS-1-5-21-221260327-831789430-1867440863-1000SOFTWARE | Run : [KiesPreload] – C:Program Files (x86)SamsungKiesKies.exe /preload
    HKUS-1-5-21-221260327-831789430-1867440863-1000SOFTWARE | Run : [] – C:Program Files (x86)SamsungKiesExternalFirmwareUpdateKiesPDLR.exe
    HKUS-1-5-21-221260327-831789430-1867440863-1000SOFTWARE | Run : [PDHookServer] – C:Program Files (x86)AvanquestPowerDeskPDHookServer.exe
    HKUS-1-5-21-221260327-831789430-1867440863-1000SOFTWARE | Run : [WindowsStart] – %AppData%Microsofttaskhost.exe
    HKUS-1-5-21-221260327-831789430-1867440863-1000SOFTWARE | Run : [halak] – wscript.exe //B “C:ProgramDatahalak.vbs_crypted.vbs”
    HKUS-1-5-19SOFTWARE | RunOnce : [mctadmin] – C:WindowsSystem32mctadmin.exe
    HKUS-1-5-20SOFTWARE | RunOnce : [mctadmin] – C:WindowsSystem32mctadmin.exe
    HKUS-1-5-21-221260327-831789430-1867440863-1000SOFTWARE | PoliciesExplorerrun : [WindowsStart] – %Temp%Microsofttaskhost.exe

    ################## | Éléments infectieux |

    Présent! C:UsersJpdunberAppDataRoaminginst.exe
    Présent! F:Incroyable citron congelé.lnk
    Présent! H:La Mitaine.lnk
    Présent! H:Autorun.inf.lnk
    Présent! C:ProgramDatahalak.vbs_crypted.vbs
    Présent! C:UsersJpdunberAppDataRoamingsystem
    Présent! C:Program Files (x86)GUMA5A5.tmp
    Présent! C:UsersJpdunberAppDataRoamingMicrosoftWindowsStart MenuProgramsStartuphalak.vbs_crypted.vbs
    Présent! C:UsersJpdunberAppDataLocalTemphalak.vbs_crypted.vbs
    Présent! D:desktop.ini
    Présent! C:Documents and SettingsAll UsersApplication DataApplication DataApplication DataApplication DataApplication DataApplication DataApplication DataApplication DataApplication DataApplication DataApplication Datahalak.vbs_crypted.vbs
    Présent! C:Documents and SettingsAll UsersApplication DataApplication DataApplication DataApplication DataApplication DataApplication DataApplication DataApplication DataApplication DataApplication Datahalak.vbs_crypted.vbs
    Présent! C:Documents and SettingsAll UsersApplication DataApplication DataApplication DataApplication DataApplication DataApplication DataApplication DataApplication DataApplication Datahalak.vbs_crypted.vbs
    Présent! C:Documents and SettingsAll UsersApplication DataApplication DataApplication DataApplication DataApplication DataApplication DataApplication DataApplication Datahalak.vbs_crypted.vbs
    Présent! C:Documents and SettingsAll UsersApplication DataApplication DataApplication DataApplication DataApplication DataApplication DataApplication Datahalak.vbs_crypted.vbs
    Présent! C:Documents and SettingsAll UsersApplication DataApplication DataApplication DataApplication DataApplication DataApplication Datahalak.vbs_crypted.vbs
    Présent! C:Documents and SettingsAll UsersApplication DataApplication DataApplication DataApplication DataApplication Datahalak.vbs_crypted.vbs
    Présent! C:Documents and SettingsAll UsersApplication DataApplication DataApplication DataApplication Datahalak.vbs_crypted.vbs
    Présent! C:Documents and SettingsAll UsersApplication DataApplication DataApplication Datahalak.vbs_crypted.vbs
    Présent! C:Documents and SettingsAll UsersApplication DataApplication Datahalak.vbs_crypted.vbs
    Présent! C:Documents and SettingsAll UsersApplication Datahalak.vbs_crypted.vbs
    Présent! C:Documents and SettingsAll Usershalak.vbs_crypted.vbs
    Présent! C:Documents and SettingsJpdunberAppDataLocalTemphalak.vbs_crypted.vbs
    Présent! C:Documents and SettingsJpdunberAppDataRoamingMicrosoftWindowsStart MenuProgramsStartuphalak.vbs_crypted.vbs
    Présent! C:ProgramDataApplication DataApplication DataApplication DataApplication DataApplication DataApplication DataApplication DataApplication DataApplication DataApplication DataApplication DataApplication DataApplication Datahalak.vbs_crypted.vbs
    Présent! C:ProgramDataApplication DataApplication DataApplication DataApplication DataApplication DataApplication DataApplication DataApplication DataApplication DataApplication DataApplication DataApplication Datahalak.vbs_crypted.vbs
    Présent! C:ProgramDataApplication DataApplication DataApplication DataApplication DataApplication DataApplication DataApplication DataApplication DataApplication DataApplication DataApplication Datahalak.vbs_crypted.vbs
    Présent! C:ProgramDataApplication DataApplication DataApplication DataApplication DataApplication DataApplication DataApplication DataApplication DataApplication DataApplication Datahalak.vbs_crypted.vbs
    Présent! C:ProgramDataApplication DataApplication DataApplication DataApplication DataApplication DataApplication DataApplication DataApplication DataApplication Datahalak.vbs_crypted.vbs
    Présent! C:ProgramDataApplication DataApplication DataApplication DataApplication DataApplication DataApplication DataApplication DataApplication Datahalak.vbs_crypted.vbs
    Présent! C:ProgramDataApplication DataApplication DataApplication DataApplication DataApplication DataApplication DataApplication Datahalak.vbs_crypted.vbs
    Présent! C:ProgramDataApplication DataApplication DataApplication DataApplication DataApplication DataApplication Datahalak.vbs_crypted.vbs
    Présent! C:ProgramDataApplication DataApplication DataApplication DataApplication DataApplication Datahalak.vbs_crypted.vbs
    Présent! C:ProgramDataApplication DataApplication DataApplication DataApplication Datahalak.vbs_crypted.vbs
    Présent! C:ProgramDataApplication DataApplication DataApplication Datahalak.vbs_crypted.vbs
    Présent! C:ProgramDataApplication DataApplication Datahalak.vbs_crypted.vbs
    Présent! C:ProgramDataApplication Datahalak.vbs_crypted.vbs
    Présent! C:UsersAll UsersApplication DataApplication DataApplication DataApplication DataApplication DataApplication DataApplication DataApplication DataApplication DataApplication DataApplication DataApplication Datahalak.vbs_crypted.vbs
    Présent! C:UsersAll UsersApplication DataApplication DataApplication DataApplication DataApplication DataApplication DataApplication DataApplication DataApplication DataApplication DataApplication Datahalak.vbs_crypted.vbs
    Présent! C:UsersAll UsersApplication DataApplication DataApplication DataApplication DataApplication DataApplication DataApplication DataApplication DataApplication DataApplication Datahalak.vbs_crypted.vbs
    Présent! C:UsersAll UsersApplication DataApplication DataApplication DataApplication DataApplication DataApplication DataApplication DataApplication DataApplication Datahalak.vbs_crypted.vbs
    Présent! C:UsersAll UsersApplication DataApplication DataApplication DataApplication DataApplication DataApplication DataApplication DataApplication Datahalak.vbs_crypted.vbs
    Présent! C:UsersAll UsersApplication DataApplication DataApplication DataApplication DataApplication DataApplication DataApplication Datahalak.vbs_crypted.vbs
    Présent! C:UsersAll UsersApplication DataApplication DataApplication DataApplication DataApplication DataApplication Datahalak.vbs_crypted.vbs
    Présent! C:UsersAll UsersApplication DataApplication DataApplication DataApplication DataApplication Datahalak.vbs_crypted.vbs
    Présent! C:UsersAll UsersApplication DataApplication DataApplication DataApplication Datahalak.vbs_crypted.vbs
    Présent! C:UsersAll UsersApplication DataApplication DataApplication Datahalak.vbs_crypted.vbs
    Présent! C:UsersAll UsersApplication DataApplication Datahalak.vbs_crypted.vbs
    Présent! C:UsersAll UsersApplication Datahalak.vbs_crypted.vbs
    Présent! C:UsersAll Usershalak.vbs_crypted.vbs
    Présent! F:halak.vbs_crypted.vbs
    Présent! H:halak.vbs_crypted.vbs

    ################## | Registre |

    Présent! HKCUSoftwareDC3_FEXEC

    ################## | Mountpoints2 |

    ################## | Vaccin |

    C:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
    D:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
    H:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)

    ################## | E.O.F | https://www.sosvirus.net” onclick=”window.open(this.href);return false; |[/spoiler:1wf2rm2h]

    Evasion60
    Participant
    Nombre d'articles : 1559

    :hello: Bonjour & bienvenue sur SoSVirus

    Je vais te prendre en charge

    Relance USBFix
    Clique sur le bouton ” Suppression
    Poste son rapport

    /! Si blocage lors de la suppression
    Désactiver l’antivirus
    ou
    Le faire en mode sans échec avec prise en charge du réseau

    A te lire avec son rapport ;)

2 sujets de 1 à 2 (sur un total de 2)
  • Vous devez être connecté pour répondre à ce sujet.