Vous pensez être infecté, des pubs s'affichent quand vous naviguez sur internet ?
Perte de données, ralentissement système, virus USB ?
Réparez votre ordinateur gratuitement sur notre assistance en ligne.
  • Avatar du membre
Avatar du membre
par Badreddine Rida
#3847
############################## | UsbFix V 7.126 | [Suppression]

Utilisateur: Administrateur (Administrateur) # BMS-E0A6580879C
Mis à jour le 13/05/2013 par El Desaparecido
Lancé à 17:07:42 | 15/05/2013

Site Web: https://www.sosvirus.net/
Upload Malware: https://upload.sosvirus.net/
Contact: contact@sosvirus.net

PC: FUJITSU SIEMENS (AMILO Pro V2060) (X86-based PC)
CPU: Intel(R) Pentium(R) M processor 1.70GHz (1695)
RAM -> [Total : 1014 | Free : 107]
BIOS: PhoenixBIOS 4.0 Release 6.1
BOOT: Normal boot

OS: Microsoft Windows XP Professionnel (5.1.2600 32-Bit) # Service Pack 3
WB: Windows Internet Explorer 7.0.5730.13

SC: Security Center Service [(!) Disabled]
WU: Windows Update Service [Enabled]
FW: Windows FireWall Service [Enabled]

C:\ (%systemdrive%) -> Disque fixe # 298 Go (288 Go libre(s) - 97%) [] # NTFS
D:\ -> CD-ROM
E:\ -> CD-ROM
G:\ -> Disque amovible # 4 Go (877 Mo libre(s) - 23%) [RIDHA] # FAT32

################## | El Desaparecido Section |

HKLM\SOFTWARE | Run : [IgfxTray] - C:\WINDOWS\system32\igfxtray.exe
HKLM\SOFTWARE | Run : [HotKeysCmds] - C:\WINDOWS\system32\hkcmd.exe
HKLM\SOFTWARE | Run : [Persistence] - C:\WINDOWS\system32\igfxpers.exe
HKLM\SOFTWARE | Run : [SoundMAXPnP] - C:\Program Files\Analog Devices\Core\smax4pnp.exe
HKLM\SOFTWARE | Run : [VistaDrive] - C:\WINDOWS\VistaDrive\VistaDrive.exe
HKLM\SOFTWARE | Run : [avast] - "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
HKLM\SOFTWARE | Run : [Adobe ARM] - "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
HKLM\SOFTWARE | Run : [GrooveMonitor] - "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
HKLM\SOFTWARE | RunOnce : [] -
HKU\S-1-5-19\SOFTWARE | Run : [CTFMON.EXE] - C:\WINDOWS\system32\CTFMON.EXE
HKU\S-1-5-19\SOFTWARE | Run : [RocketDock] - "C:\Program Files\RocketDock\RocketDock.exe"
HKU\S-1-5-19\SOFTWARE | Run : [VisualTaskTip] - \Program Files\VisualTaskTips\VisualTaskTips.exe
HKU\S-1-5-20\SOFTWARE | Run : [CTFMON.EXE] - C:\WINDOWS\system32\CTFMON.EXE
HKU\S-1-5-20\SOFTWARE | Run : [RocketDock] - "C:\Program Files\RocketDock\RocketDock.exe"
HKU\S-1-5-20\SOFTWARE | Run : [VisualTaskTip] - \Program Files\VisualTaskTips\VisualTaskTips.exe
HKU\S-1-5-21-1715567821-1004336348-1417001333-500\SOFTWARE | Run : [CTFMON.EXE] - C:\WINDOWS\system32\ctfmon.exe
HKU\S-1-5-21-1715567821-1004336348-1417001333-500\SOFTWARE | Run : [RocketDock] - "C:\Program Files\RocketDock\RocketDock.exe"
HKU\S-1-5-21-1715567821-1004336348-1417001333-500\SOFTWARE | Run : [VisualTaskTip] - \Program Files\VisualTaskTips\VisualTaskTips.exe
HKU\S-1-5-21-1715567821-1004336348-1417001333-500\SOFTWARE | Run : [Sidebar] - C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
HKU\S-1-5-21-1715567821-1004336348-1417001333-500\SOFTWARE | Run : [IDMan] - C:\Program Files\Internet Download Manager\IDMan.exe /onboot
HKU\S-1-5-21-1715567821-1004336348-1417001333-500\SOFTWARE | Run : [swg] - "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
HKU\S-1-5-18\SOFTWARE | Run : [CTFMON.EXE] - C:\WINDOWS\system32\CTFMON.EXE
HKU\S-1-5-18\SOFTWARE | Run : [RocketDock] - "C:\Program Files\RocketDock\RocketDock.exe"
HKU\S-1-5-18\SOFTWARE | Run : [VisualTaskTip] - \Program Files\VisualTaskTips\VisualTaskTips.exe
HKU\S-1-5-19\SOFTWARE | RunOnce : [nltide_2] - regsvr32 /s /n /i:U shell32
HKU\S-1-5-19\SOFTWARE | RunOnce : [nltide_3] - rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
HKU\S-1-5-19\SOFTWARE | RunOnce : [_nltide_3] - rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
HKU\S-1-5-20\SOFTWARE | RunOnce : [nltide_2] - regsvr32 /s /n /i:U shell32
HKU\S-1-5-20\SOFTWARE | RunOnce : [nltide_3] - rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
HKU\S-1-5-20\SOFTWARE | RunOnce : [_nltide_3] - rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
HKU\S-1-5-18\SOFTWARE | RunOnce : [nltide_2] - regsvr32 /s /n /i:U shell32
HKU\S-1-5-18\SOFTWARE | RunOnce : [nltide_3] - rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
HKU\S-1-5-18\SOFTWARE | RunOnce : [_nltide_3] - rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N

################## | Processus Stoppés |

Stoppé! C:\WINDOWS\system32\spoolsv.exe (1320)
Stoppé! C:\WINDOWS\system32\igfxtray.exe (1352)
Stoppé! C:\WINDOWS\system32\hkcmd.exe (1392)
Stoppé! C:\WINDOWS\system32\igfxpers.exe (1376)
Stoppé! C:\Program Files\Analog Devices\Core\smax4pnp.exe (1472)
Stoppé! C:\WINDOWS\system32\igfxsrvc.exe (1464)
Stoppé! C:\WINDOWS\VistaDrive\VistaDrive.exe (1596)
Stoppé! C:\WINDOWS\system32\CTFMON.EXE (1628)
Stoppé! C:\Program Files\RocketDock\RocketDock.exe (1260)
Stoppé! C:\Program Files\Windows Sidebar\sidebar.exe (1716)
Stoppé! C:\Program Files\Windows Sidebar\sidebar.exe (1996)
Stoppé! C:\Documents and Settings\All Users\Application Data\DatacardService\HWDeviceService.exe (944)
Stoppé! C:\Documents and Settings\All Users\Application Data\Dim@net\OnlineUpdate\ouc.exe (1420)
Stoppé! C:\Program Files\Dim@net\Dim@net.exe (1164)
Stoppé! C:\Program Files\Internet Download Manager\IDMan.exe (3836)
Stoppé! C:\Program Files\Internet Download Manager\IEMonitor.exe (3876)
Stoppé! C:\Program Files\AVAST Software\Avast\AvastSvc.exe (4020)
Stoppé! C:\Program Files\AVAST Software\Avast\AvastUI.exe (1028)
Stoppé! C:\Program Files\Google\Chrome\Application\chrome.exe (3388)
Stoppé! C:\Program Files\Google\Chrome\Application\chrome.exe (2688)
Stoppé! C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (2648)
Stoppé! C:\Program Files\Google\Chrome\Application\chrome.exe (3480)
Stoppé! C:\Program Files\Google\Chrome\Application\chrome.exe (2960)
Stoppé! C:\Program Files\Google\Chrome\Application\chrome.exe (2856)
Stoppé! C:\Program Files\Google\Chrome\Application\chrome.exe (2340)
Stoppé! C:\Program Files\Google\Chrome\Application\chrome.exe (1768)
Stoppé! C:\Program Files\Google\Chrome\Application\chrome.exe (2684)
Stoppé! C:\Program Files\Google\Chrome\Application\chrome.exe (2880)
Stoppé! C:\Documents and Settings\Administrateur\Mes documents\Downloads\Programs\Open-config.exe (1228)
Stoppé! C:\WINDOWS\system32\mshta.exe (3516)
Stoppé! C:\Program Files\Google\Chrome\Application\chrome.exe (3732)
Stoppé! C:\WINDOWS\system32\NOTEPAD.EXE (1512)

################## | à‰léments infectieux |

Non supprimé ! E:\AutoRun.exe
Non supprimé ! E:\AUTORUN.INF
Non supprimé ! E:\SysConfig.dat

(!) Fichiers temporaires supprimés.

################## | Registre |


################## | Mountpoints2 |

Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\E
Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{8c4b02c3-bc83-11e2-a220-bda38d0b81a1}

################## | Listing |

[14/05/2013 - 11:28:16 | N | 0] C:\AUTOEXEC.BAT
[14/05/2013 - 11:06:56 | N | 212] C:\boot.ini
[12/01/2010 - 07:24:34 | N | 4952] C:\Bootfont.bin
[15/05/2013 - 16:51:20 | D ] C:\Config.Msi
[14/05/2013 - 11:28:16 | N | 0] C:\CONFIG.SYS
[29/01/2008 - 12:26:32 | D ] C:\D
[27/01/2009 - 10:17:19 | N | 55808] C:\devcon.exe
[14/05/2013 - 11:36:14 | D ] C:\Documents and Settings
[11/06/2009 - 01:00:33 | N | 323167] C:\DPsFnshr.exe
[12/01/2010 - 07:24:34 | N | 630] C:\DPSFNSHR.INI
[06/02/2009 - 05:05:08 | | 1350] C:\DriverPack_Chipset_wnt5_x86-32.ini
[12/12/2009 - 00:23:00 | N | 459] C:\DriverPack_CPU_wnt5_x86-32.ini
[16/12/2009 - 18:20:32 | N | 7862] C:\DriverPack_Graphics_A_wnt5_x86-32.ini
[11/12/2009 - 00:33:14 | N | 4917] C:\DriverPack_Graphics_B_wnt5_x86-32.ini
[11/12/2009 - 23:45:27 | N | 7487] C:\DriverPack_Graphics_C_wnt5_x86-32.ini
[28/12/2008 - 20:46:35 | N | 776] C:\DriverPack_LAN_wnt5_x86-32.ini
[07/01/2009 - 23:44:38 | | 112242] C:\DriverPack_MassStorage_wnt5_x86-32.ini
[01/04/2008 - 17:37:53 | N | 4214] C:\DriverPack_Sound_A_wnt5_x86-32.ini
[12/04/2008 - 11:47:12 | | 3525] C:\DriverPack_Sound_B_wnt5_x86-32.ini
[11/06/2009 - 01:00:36 | N | 279577] C:\DSPdsblr.exe
[14/05/2013 - 11:36:06 | ASH | 1063440384] C:\hiberfil.sys
[14/05/2013 - 11:28:16 | N | 0] C:\IO.SYS
[27/01/2009 - 10:17:19 | N | 20992] C:\makePNF.exe
[14/05/2013 - 11:28:16 | N | 0] C:\MSDOS.SYS
[15/05/2013 - 16:27:34 | RHD ] C:\MSOCache
[27/01/2009 - 10:17:19 | N | 137728] C:\mute.exe
[12/01/2010 - 07:24:34 | N | 47564] C:\NTDETECT.COM
[12/01/2010 - 07:24:34 | N | 252240] C:\ntldr
[14/05/2013 - 11:35:54 | ASH | 1598029824] C:\pagefile.sys
[11/06/2009 - 01:00:40 | N | 269947] C:\pmtimer.exe
[15/05/2013 - 16:34:05 | D ] C:\Program Files
[14/05/2013 - 11:36:48 | SHD ] C:\RECYCLER
[15/05/2013 - 14:44:49 | SHD ] C:\System Volume Information
[15/05/2013 - 17:11:32 | D ] C:\UsbFix
[15/05/2013 - 17:12:02 | A | 8693] C:\UsbFix [Clean 1] BMS-E0A6580879C.txt
[15/05/2013 - 17:03:09 | N | 7007] C:\UsbFix [Scan 3] BMS-E0A6580879C.txt
[15/05/2013 - 16:28:12 | D ] C:\WINDOWS
[03/07/2008 - 20:33:02 | RD ] D:\BOOT
[03/07/2008 - 23:08:24 | RD ] D:\OEM
[03/07/2008 - 20:32:56 | RD ] D:\SATA
[03/07/2008 - 10:59:54 | R | 2048] D:\SATA.DAT
[03/07/2008 - 20:32:24 | RD ] D:\SETUP
[03/07/2008 - 20:31:55 | RD ] D:\STDR
[03/07/2008 - 11:00:57 | R | 2048] D:\STDR.DAT
[25/06/2008 - 19:32:07 | R | 10] D:\WIN51
[25/06/2008 - 19:32:07 | R | 10] D:\WIN51IP
[25/06/2008 - 19:32:07 | R | 10] D:\WIN51IP.SP3
[03/07/2008 - 20:31:55 | RD ] D:\WPI
[19/03/2011 - 01:27:22 | R | 148320] E:\AutoRun.exe
[20/10/2008 - 19:12:34 | R | 45] E:\AUTORUN.INF
[06/01/2012 - 10:07:22 | RD ] E:\Dim@net
[21/01/2011 - 11:34:16 | R | 25214] E:\Startup.ico
[30/12/2011 - 14:23:16 | R | 1579] E:\SysConfig.dat

################## | Vaccin |

C:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)

################## | E.O.F | https://sosvirus.net |

    Coucou, :) Avant de tout réinstaller en […]

    Suspicion de virus crypto

    Ok bonne route :)

    Problème avec Adsfix

    bonsoir ok , à te lire prochainement :)

    suspicion de contamination

    ok très bien, merci