zouheir
Nombre d'articles : 0

############################## | UsbFix V 7.155 | [Suppression]

Utilisateur: batoul (Administrateur) # BATOUL-B92AE5D1
Mis à jour le 16/12/2013 par El Desaparecido – Team SosVirus
Lancé à 10:25:22 | 22/12/2013

Site Web : http://www.usbfix.net » onclick= »window.open(this.href);return false;
Forum : http://www.sosvirus.net/ » onclick= »window.open(this.href);return false;
Upload Malware : upload_malware.php
Contact : http://www.usbfix.net/contact/ » onclick= »window.open(this.href);return false;

PC: IBM (1872Y7M)
CPU: Intel(R) Pentium(R) M processor 1.73GHz
RAM -> [Total : 1014 | Free : 287]
Bios: IBM
Boot: Normal boot

OS: Microsoft Windows XP Professionnel (5.1.2600 32-Bit) Service Pack 3
WB: Windows Internet Explorer : 8.0.6001.18702
WB: Mozilla Firefox : 26.0

SC: Security Center Service [Enabled]
WU: Windows Update Service [Enabled]
FW: Windows FireWall Service [Enabled]

C: (%systemdrive%) -> Disque fixe # 29 Go (1 Go libre(s) – 4%) [] # NTFS
D: -> Disque fixe # 27 Go (1 Go libre(s) – 6%) [ZIZO] # FAT32
E: -> Disque amovible # 8 Go (7 Go libre(s) – 98%) [] # FAT32
G: -> CD-ROM

################## | Processus Stoppés |

Stoppé! C:WINXPsystem32ibmpmsvc.exe (ID: 1180 |ParentID: 996)
Stoppé! C:WINXPExplorer.EXE (ID: 2016 |ParentID: 1996)
Stoppé! C:WINXPsystem32spoolsv.exe (ID: 216 |ParentID: 996)
Stoppé! C:Program FilesAviraAntiVir Desktopsched.exe (ID: 256 |ParentID: 996)
Stoppé! C:Program FilesAviraAntiVir Desktopavgnt.exe (ID: 360 |ParentID: 2016)
Stoppé! C:program filesrealrealplayerupdaterealsched.exe (ID: 380 |ParentID: 2016)
Stoppé! C:Program FilesAskPartnerNetworkToolbarUpdaterTBNotifier.exe (ID: 388 |ParentID: 2016)
Stoppé! C:WINXPsystem32ctfmon.exe (ID: 396 |ParentID: 2016)
Stoppé! C:Program FilesSkypePhoneSkype.exe (ID: 404 |ParentID: 2016)
Stoppé! C:Program FilesooVoooovoo.exe (ID: 432 |ParentID: 2016)
Stoppé! C:Program FilesYourFileDownloaderYourFileUpdater.exe (ID: 916 |ParentID: 1424)
Stoppé! C:Program FilesAviraAntiVir Desktopavguard.exe (ID: 260 |ParentID: 996)
Stoppé! C:Program FilesAskPartnerNetworkToolbarapnmcp.exe (ID: 1620 |ParentID: 996)
Stoppé! C:Program FilesFichiers communsAppleMobile Device SupportAppleMobileDeviceService.exe (ID: 332 |ParentID: 996)
Stoppé! C:Program FilesBonjourmDNSResponder.exe (ID: 488 |ParentID: 996)
Stoppé! C:Program FilesOracleJavaFX 2.1 Runtimebinjqs.exe (ID: 808 |ParentID: 996)
Stoppé! C:Documents and SettingsAll UsersApplication DataModem HDM EC156OnlineUpdateouc.exe (ID: 2540 |ParentID: 1212)
Stoppé! C:Program FilesRealNetworksRealDownloaderrndlresolversvc.exe (ID: 2580 |ParentID: 996)
Stoppé! C:Program FilesMovdapWBDesktop.Updater.exe (ID: 2760 |ParentID: 996)
Stoppé! C:WINXPsystem32wscntfy.exe (ID: 3044 |ParentID: 1424)
Stoppé! C:Program FilesAviraAntiVir Desktopavshadow.exe (ID: 1232 |ParentID: 260)
Stoppé! C:Program FilesMozilla Firefoxfirefox.exe (ID: 208 |ParentID: 2016)
Stoppé! C:Program FilesMozilla Firefoxplugin-container.exe (ID: 2132 |ParentID: 208)
Stoppé! C:WINXPSystem32vssvc.exe (ID: 1324 |ParentID: 996)
Stoppé! C:WINXPsystem32dllhost.exe (ID: 4012 |ParentID: 996)
Stoppé! C:WINXPsystem32dllhost.exe (ID: 2920 |ParentID: 996)

################## | Regedit Run |

04 – HKLMSOFTWARE | Run : [avgnt] – « C:Program FilesAviraAntiVir Desktopavgnt.exe » /min
04 – HKLMSOFTWARE | Run : [TkBellExe] – « C:program filesrealrealplayerupdaterealsched.exe » -osboot
04 – HKLMSOFTWARE | Run : [ApnTBMon] – « C:Program FilesAskPartnerNetworkToolbarUpdaterTBNotifier.exe »
04 – HKLMSOFTWARE | RunOnce : [] –
04 – HKUS-1-5-19SOFTWARE | Run : [CTFMON.EXE] – C:WINXPsystem32CTFMON.EXE
04 – HKUS-1-5-20SOFTWARE | Run : [CTFMON.EXE] – C:WINXPsystem32CTFMON.EXE
04 – HKUS-1-5-21-602162358-1935655697-1417001333-1003SOFTWARE | Run : [ctfmon.exe] – C:WINXPsystem32ctfmon.exe
04 – HKUS-1-5-21-602162358-1935655697-1417001333-1003SOFTWARE | Run : [SDP] – C:Documents and SettingsbatoulLocal SettingsApplication DataFilesFrog Update Checkerupdate_checker.exe /auto
04 – HKUS-1-5-21-602162358-1935655697-1417001333-1003SOFTWARE | Run : [AppsHat] – C:Documents and SettingsbatoulLocal SettingsApplication DataWebPlayerAppsHatWebPlayer.exe
04 – HKUS-1-5-21-602162358-1935655697-1417001333-1003SOFTWARE | Run : [Skype] – « C:Program FilesSkypePhoneSkype.exe » /minimized /regrun
04 – HKUS-1-5-21-602162358-1935655697-1417001333-1003SOFTWARE | Run : [ooVoo.exe] – C:Program FilesooVoooovoo.exe /minimized
04 – HKUS-1-5-21-602162358-1935655697-1417001333-1003SOFTWARE | Run : [WINZIPDUDriverUpdater] – C:Program FilesWinZip Driver Updaterwinzipdu.exe -rem
04 – HKUS-1-5-18SOFTWARE | Run : [CTFMON.EXE] – C:WINXPsystem32CTFMON.EXE

################## | Recherche générique |

Supprimé! C:Documents and SettingsbatoulApplication DataIDM.vbs
Supprimé! C:DOCUME~1batoulLOCALS~1Tempavgnt.exe
Supprimé! E:IDM.vbs
Supprimé! C:install.exe
Supprimé! E:SysAnti.lnk
Supprimé! E:AutoRun.lnk
Supprimé! E:avira_free_antivirus_fr.lnk
Supprimé! C:DOCUME~1batoulLOCALS~1TempWinWord_Kill.exe
Supprimé! D:1.taz
Supprimé! D:MSN

(!) Fichiers temporaires supprimés. (6 Ko)

################## | Référence de comparaison MD5 |

Md5 : FE8EFD9674DD9B2D63D3CC1C918A75AF -> C:Documents and SettingsbatoulApplication DataIDM.vbs
Md5 : FE8EFD9674DD9B2D63D3CC1C918A75AF -> E:IDM.vbs

################## | Comparaison MD5 |

Supprimé! Md5 : FE8EFD9674DD9B2D63D3CC1C918A75AF -> C:Documents and SettingsbatoulLocal SettingsTemptempFilmSetup.vbs
Supprimé! Md5 : FE8EFD9674DD9B2D63D3CC1C918A75AF -> C:Documents and SettingsbatoulLocal SettingsTemptempGamesSetup.vbs
Supprimé! Md5 : FE8EFD9674DD9B2D63D3CC1C918A75AF -> C:Documents and SettingsbatoulLocal SettingsTemptempImagesSetup.vbs
Supprimé! Md5 : FE8EFD9674DD9B2D63D3CC1C918A75AF -> C:Documents and SettingsbatoulLocal SettingsTemptempJeuxSetup.vbs
Supprimé! Md5 : FE8EFD9674DD9B2D63D3CC1C918A75AF -> C:Documents and SettingsbatoulLocal SettingsTemptempMusicSetup.vbs
Supprimé! Md5 : FE8EFD9674DD9B2D63D3CC1C918A75AF -> C:Documents and SettingsbatoulLocal SettingsTemptempPES2014Setup.vbs
Supprimé! Md5 : FE8EFD9674DD9B2D63D3CC1C918A75AF -> C:Documents and SettingsbatoulLocal SettingsTemptempProgramsSetup.vbs
Supprimé! Md5 : FE8EFD9674DD9B2D63D3CC1C918A75AF -> C:Documents and SettingsbatoulLocal SettingsTemptempTorrentSetup.vbs
Supprimé! Md5 : FE8EFD9674DD9B2D63D3CC1C918A75AF -> C:Documents and SettingsbatoulLocal SettingsTemptempVideoSetup.vbs
Supprimé! Md5 : FE8EFD9674DD9B2D63D3CC1C918A75AF -> C:Documents and SettingsbatoulLocal SettingsTemptempVideo PornoSetup.vbs
Supprimé! Md5 : FE8EFD9674DD9B2D63D3CC1C918A75AF -> C:Documents and SettingsbatoulLocal SettingsTemptempXNXXSetup.vbs
Supprimé! Md5 : FE8EFD9674DD9B2D63D3CC1C918A75AF -> C:System Volume Information_restore{2DFC5000-E617-4CF7-B5DE-E8A275908F32}RP503A0657325.vbs

################## | Registre |

Supprimé! HKUS-1-5-21-602162358-1935655697-1417001333-1003Software….Mountpoints2{04173b00-882b-11e2-986e-001641135674}
Supprimé! HKUS-1-5-21-602162358-1935655697-1417001333-1003Software….Mountpoints2{08d0e3ad-bac1-11e1-970c-001641135674}
Supprimé! HKUS-1-5-21-602162358-1935655697-1417001333-1003Software….Mountpoints2{0af58fdc-e6cd-11e1-976b-00166f0c3c00}
Supprimé! HKUS-1-5-21-602162358-1935655697-1417001333-1003Software….Mountpoints2{10f80207-618d-11e3-99ba-001641135674}
Supprimé! HKUS-1-5-21-602162358-1935655697-1417001333-1003Software….Mountpoints2{1d667fc3-e6fb-11e2-98de-001641135674}
Supprimé! HKUS-1-5-21-602162358-1935655697-1417001333-1003Software….Mountpoints2{1f44f6c2-1a2d-11e2-97c4-001641135674}
Supprimé! HKUS-1-5-21-602162358-1935655697-1417001333-1003Software….Mountpoints2{2596cbfd-e886-11e2-98e0-001641135674}
Supprimé! HKUS-1-5-21-602162358-1935655697-1417001333-1003Software….Mountpoints2{4ed717f6-f75e-11e1-978b-001641135674}
Supprimé! HKUS-1-5-21-602162358-1935655697-1417001333-1003Software….Mountpoints2{512c7e17-aefc-11e1-96fd-001641135674}
Supprimé! HKUS-1-5-21-602162358-1935655697-1417001333-1003Software….Mountpoints2{56bf5862-4f83-11e3-9992-001641135674}
Supprimé! HKUS-1-5-21-602162358-1935655697-1417001333-1003Software….Mountpoints2{5bdbd44f-7cbb-11e1-96ae-00166f0c3c00}
Supprimé! HKUS-1-5-21-602162358-1935655697-1417001333-1003Software….Mountpoints2{5bdbd452-7cbb-11e1-96ae-00166f0c3c00}
Supprimé! HKUS-1-5-21-602162358-1935655697-1417001333-1003Software….Mountpoints2{601bddb7-d1d2-11e2-98be-001641135674}
Supprimé! HKUS-1-5-21-602162358-1935655697-1417001333-1003Software….Mountpoints2{6157bbc2-cd12-11e2-98b6-001641135674}
Supprimé! HKUS-1-5-21-602162358-1935655697-1417001333-1003Software….Mountpoints2{63cb7f8c-3d9d-11e3-9972-00166f0c3c00}
Supprimé! HKUS-1-5-21-602162358-1935655697-1417001333-1003Software….Mountpoints2{6da2615e-ddb7-11e1-974b-00166f0c3c00}
Supprimé! HKUS-1-5-21-602162358-1935655697-1417001333-1003Software….Mountpoints2{7666760f-c5b8-11e1-971a-00166f0c3c00}
Supprimé! HKUS-1-5-21-602162358-1935655697-1417001333-1003Software….Mountpoints2{7f45b69a-e212-11e1-9759-00166f0c3c00}
Supprimé! HKUS-1-5-21-602162358-1935655697-1417001333-1003Software….Mountpoints2{80824295-049a-11e2-97a1-001641135674}
Supprimé! HKUS-1-5-21-602162358-1935655697-1417001333-1003Software….Mountpoints2{81e48f87-a35c-11e1-96ec-00166f0c3c00}
Supprimé! HKUS-1-5-21-602162358-1935655697-1417001333-1003Software….Mountpoints2{81e48f8a-a35c-11e1-96ec-00166f0c3c00}
Supprimé! HKUS-1-5-21-602162358-1935655697-1417001333-1003Software….Mountpoints2{844a4a16-92da-11e1-96cd-00166f0c3c00}
Supprimé! HKUS-1-5-21-602162358-1935655697-1417001333-1003Software….Mountpoints2{8a521d51-d68d-11e2-98c6-001641135674}
Supprimé! HKUS-1-5-21-602162358-1935655697-1417001333-1003Software….Mountpoints2{8a521d55-d68d-11e2-98c6-001641135674}
Supprimé! HKUS-1-5-21-602162358-1935655697-1417001333-1003Software….Mountpoints2{8d939021-9c21-11e1-96e0-00166f0c3c00}
Supprimé! HKUS-1-5-21-602162358-1935655697-1417001333-1003Software….Mountpoints2{90682b91-54cc-11e2-981e-001641135674}
Supprimé! HKUS-1-5-21-602162358-1935655697-1417001333-1003Software….Mountpoints2{9682a41e-37ba-11e2-97f0-001641135674}
Supprimé! HKUS-1-5-21-602162358-1935655697-1417001333-1003Software….Mountpoints2{9d0c05c4-7d8b-11e1-96ae-00166f0c3c00}
Supprimé! HKUS-1-5-21-602162358-1935655697-1417001333-1003Software….Mountpoints2{9f7d9065-17b6-11e2-97c0-001641135674}
Supprimé! HKUS-1-5-21-602162358-1935655697-1417001333-1003Software….Mountpoints2{a03c398c-5100-11e2-9819-001641135674}
Supprimé! HKUS-1-5-21-602162358-1935655697-1417001333-1003Software….Mountpoints2{a42c9303-8afc-11e2-9874-001641135674}
Supprimé! HKUS-1-5-21-602162358-1935655697-1417001333-1003Software….Mountpoints2{ab6a5bb2-ab4d-11e1-96f9-00166f0c3c00}
Supprimé! HKUS-1-5-21-602162358-1935655697-1417001333-1003Software….Mountpoints2{b3555aef-4931-11e3-9986-001641135674}
Supprimé! HKUS-1-5-21-602162358-1935655697-1417001333-1003Software….Mountpoints2{b7623864-2a85-11e3-9955-001641135674}
Supprimé! HKUS-1-5-21-602162358-1935655697-1417001333-1003Software….Mountpoints2{bf177af0-ffe5-11e1-979a-001641135674}
Supprimé! HKUS-1-5-21-602162358-1935655697-1417001333-1003Software….Mountpoints2{cde3b6ea-4543-11e3-9981-001641135674}
Supprimé! HKUS-1-5-21-602162358-1935655697-1417001333-1003Software….Mountpoints2{cde3b6ec-4543-11e3-9981-001641135674}
Supprimé! HKUS-1-5-21-602162358-1935655697-1417001333-1003Software….Mountpoints2{da2936a1-06ec-11e2-97a5-001641135674}
Supprimé! HKUS-1-5-21-602162358-1935655697-1417001333-1003Software….Mountpoints2{e6854938-30cd-11e2-97e6-001641135674}
Supprimé! HKUS-1-5-21-602162358-1935655697-1417001333-1003Software….Mountpoints2{e8996efa-d519-11e1-9736-00166f0c3c00}
Supprimé! HKUS-1-5-21-602162358-1935655697-1417001333-1003Software….Mountpoints2{e941d633-8876-11e1-96bb-00166f0c3c00}
Supprimé! HKUS-1-5-21-602162358-1935655697-1417001333-1003Software….Mountpoints2{e9559909-3a10-11e2-97f3-001641135674}
Supprimé! HKUS-1-5-21-602162358-1935655697-1417001333-1003Software….Mountpoints2{e97bfeb9-4836-11e2-980c-001641135674}
Supprimé! HKUS-1-5-21-602162358-1935655697-1417001333-1003Software….Mountpoints2{f254c5c0-de5f-11e2-98d0-001641135674}
Supprimé! HKUS-1-5-21-602162358-1935655697-1417001333-1003Software….Mountpoints2{f2dc9dda-91fc-11e1-96cc-00166f0c3c00}
Supprimé! HKUS-1-5-21-602162358-1935655697-1417001333-1003Software….Mountpoints2{fb1d125c-5368-11e3-9999-001641135674}

################## | Listing |

[12/08/2012 – 19:07:30 | N | 40 Ko] – C:NbLettre.xla
[07/11/2007 – 07:00:40 | N | 17 Ko] – C:eula.1040.txt
[07/11/2007 – 07:00:40 | N | 17 Ko] – C:eula.2052.txt
[07/11/2007 – 07:00:40 | N | 17 Ko] – C:eula.1036.txt
[07/11/2007 – 07:00:40 | N | 10 Ko] – C:eula.1033.txt
[07/11/2007 – 07:00:40 | N | 17 Ko] – C:eula.1031.txt
[07/11/2007 – 07:00:40 | N | 17 Ko] – C:eula.1028.txt
[07/11/2007 – 07:00:40 | N | 17 Ko] – C:eula.1042.txt
[07/11/2007 – 07:00:40 | N | 17 Ko] – C:eula.3082.txt
[07/11/2007 – 07:00:40 | N | 0 Ko] – C:eula.1041.txt
[03/02/2013 – 18:29:26 | N | 0 Ko] – C:SetSearchAndHomepageInBrowserLog.txt
[09/11/2013 – 12:46:05 | N | 9 Ko] – C:debug1214.txt
[22/12/2013 – 10:31:29 | A | 13 Ko] – C:UsbFix [Clean 2] BATOUL-B92AE5D1.txt
[29/03/2012 – 22:31:29 | N | 0 Ko] – C:IO.SYS
[29/03/2012 – 22:31:29 | N | 0 Ko] – C:MSDOS.SYS
[29/03/2012 – 22:31:29 | N | 0 Ko] – C:CONFIG.SYS
[22/12/2013 – 09:22:33 | ASH | 1560576 Ko] – C:pagefile.sys
[20/09/2012 – 14:56:31 | N | 13 Ko] – C:PDOXUSRS.NET
[07/11/2007 – 07:12:28 | N | 228 Ko] – C:VC_RED.MSI
[21/12/2013 – 09:28:25 | D] – C:Config.Msi
[16/08/2013 – 20:20:20 | N | 14 Ko] – C:mpsetup.log
[17/05/2012 – 17:18:43 | N | 0 Ko] – C:user.js
[07/11/2007 – 07:00:40 | N | 1 Ko] – C:install.ini
[07/11/2007 – 07:00:40 | N | 1 Ko] – C:globdata.ini
[01/05/2012 – 13:59:18 | N | 0 Ko] – C:ProgDVB.ini
[06/09/2013 – 16:40:54 | SH | 0 Ko] – C:boot.ini
[07/11/2007 – 07:03:18 | N | 95 Ko] – C:install.res.1036.dll
[07/11/2007 – 07:03:18 | N | 93 Ko] – C:install.res.1040.dll
[07/11/2007 – 07:03:18 | N | 94 Ko] – C:install.res.1031.dll
[07/11/2007 – 07:03:18 | N | 75 Ko] – C:install.res.1028.dll
[07/11/2007 – 07:03:18 | N | 78 Ko] – C:install.res.1042.dll
[07/11/2007 – 07:03:18 | N | 74 Ko] – C:install.res.2052.dll
[07/11/2007 – 07:03:18 | N | 94 Ko] – C:install.res.3082.dll
[07/11/2007 – 07:03:18 | N | 89 Ko] – C:install.res.1033.dll
[07/11/2007 – 07:03:18 | N | 80 Ko] – C:install.res.1041.dll
[19/12/2013 – 16:59:22 | N | 21 Ko] – C:log.dat
[14/04/2008 – 13:00:00 | N | 46 Ko | B2DE3452DE03674C6CEC68B8C8CE7C78] – C:NTDETECT.COM
[07/11/2007 – 07:09:22 | N | 1409 Ko] – C:VC_RED.cab
[07/11/2007 – 07:00:40 | N | 6 Ko] – C:vcredist.bmp
[14/04/2008 – 13:00:00 | N | 5 Ko] – C:Bootfont.bin
[29/03/2012 – 22:31:29 | A | 0 Ko] – C:AUTOEXEC.BAT
[14/04/2008 – 13:00:00 | RASH | 246 Ko] – C:ntldr
[29/03/2012 – 22:54:58 | RHD] – C:MSOCache
[29/03/2012 – 23:19:27 | SHD] – C:RECYCLER
[30/05/2012 – 11:10:47 | D] – C:cb84cec2db58c817bb90854e3
[14/08/2012 – 14:04:02 | N | 0 Ko] – C:END
[24/09/2012 – 21:18:11 | D] – C:Documents and Settings
[05/10/2012 – 17:44:17 | D] – C:Hotspot Shield
[03/11/2012 – 18:01:42 | N | 40 Ko] – C:Documents
[08/01/2013 – 20:28:52 | D] – C:DriveKey
[12/01/2013 – 21:57:55 | D] – C:Drivers
[03/02/2013 – 18:31:56 | D] – C:Kreapixel
[10/02/2013 – 14:43:25 | D] – C:LG Electronics
[06/08/2013 – 00:41:28 | D] – C:temp
[15/12/2013 – 15:04:57 | D] – C:WINXP
[21/12/2013 – 09:32:38 | D] – C:Program Files
[22/12/2013 – 10:17:07 | SHD] – C:System Volume Information
[22/12/2013 – 10:30:25 | D] – C:UsbFix
[10/12/2012 – 22:03:24 | N | 0 Ko] – D:MSTK_PRO.IND
[29/03/2012 – 23:52:56 | ASH | 7 Ko] – D:Thumbs.db
[26/08/2012 – 21:29:10 | D] – D:Internet Download Manage v6.07 Build 16 Final
[25/01/2012 – 15:23:20 | D] – D:Nouveau dossier
[25/01/2012 – 15:23:20 | SHD] – D:System Volume Information
[25/01/2012 – 19:06:12 | D] – D:Recycled
[05/02/2012 – 15:26:58 | D] – D:Al Ala Al-Andalusiyya
[05/02/2012 – 15:27:06 | D] – D:office 2007
[05/02/2012 – 15:53:04 | D] – D:WLM
[17/06/2012 – 12:00:54 | D] – D:deep freez et serial
[06/09/2012 – 12:57:20 | D] – D:ZOUHEIR
[10/12/2012 – 21:50:52 | D] – D:JEUX PSP
[05/11/2013 – 11:59:34 | D] – D:Nouveau dossier (2)
[20/12/2013 – 21:59:36 | N | 126828 Ko | D41D8CD98F00B204E9800998ECF8427E] – E:avira_free_antivirus_fr.exe

################## | Vaccin |

D:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
E:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)

################## | E.O.F | http://www.usbfix.net » onclick= »window.open(this.href);return false; – http://www.sosvirus.net » onclick= »window.open(this.href);return false; |