FixAll 0.2 By Killer_Virus
Début le 06/04/2014 à 17:31:35
OS : Windows XP Professionnel X86
RAM : 3.7 Go Physique totale dont 3.5 Go libre (95%)
Memoire Virtuelle (Swap) Totale : 2.1 Go.
Utilisateur : Killer_VirusFr
Lieu de lancement : C:\Documents and Settings\Killer_VirusFr\Bureau\FixAll.exe
Fail-safe boot

~ Processus...nettoyés ! ~

~ Sécurité :
[HKCU] Shell : explorer.exe C:\WINDOWS\WIN 7\HACKO.exe --> explorer.exe
[HKCU] EnableLUA : 0 --> 1
[HKCU] DisableRegistryTools : 1 --> 0
[HKCU] DisableTaskMgr : 1 --> 0
[HKLM] ConsentPromptBehaviorAdmin : 0 --> 2
[HKCU] NoFolderOptions : 1 --> 0
[HKLM] UpdatesDisableNotify : 1 --> 0
[HKLM] AntiVirusDisableNotify : 1 --> 0
[HKLM] Shell : explorer.exe C:\WINDOWS\WIN 7\HACKO.exe --> explorer.exe
[HKLM] TaskMan : C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-839714475\asaba3tsh.exe --> 
[X] C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-839714475\asaba3tsh.exe
[HKLM] Load : C:\WINDOWS\WIN 7\HACKO.exe --> 
[X] C:\WINDOWS\WIN 7\HACKO.exe
[HKCU] Load : C:\WINDOWS\WIN 7\HACKO.exe --> 

~ Associations :

~ IFEO :

~ Infections :
[X] HKCU\Software\Microsoft\Windows\CurrentVersion\Run | HKCU : C:\WINDOWS\WIN 7\HACKO.exe
[X] HKCU\Software\Microsoft\Windows\CurrentVersion\Run | MicroUpdate : C:\WINDOWS\system32\MSDCSC\msdcsc.exe
[X] C:\WINDOWS\system32\MSDCSC\msdcsc.exe
[X] HKCU\Software\Microsoft\Windows\CurrentVersion\Run | b1e1pr00 : C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-11820146\b12pr100.exe
[!] C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-11820146\b12pr100.exe
[X] HKCU\Software\Microsoft\Windows\CurrentVersion\Run | SkypeMS : 
[X] HKCU\Software\Microsoft\Windows\CurrentVersion\Run | IntelService : "C:\Documents and Settings\Killer_VirusFr\Local Settings\Application Data\IntelService\IntelService.exe"
[X] C:\Documents and Settings\Killer_VirusFr\Local Settings\Application Data\IntelService\IntelService.exe
[X] HKCU\Software\Microsoft\Windows\CurrentVersion\Run | VanToM : C:\Documents and Settings\Killer_VirusFr\Application Data\VanToM Folder\VanToM.exe
[X] C:\Documents and Settings\Killer_VirusFr\Application Data\VanToM Folder\VanToM.exe
[X] HKCU\Software\Microsoft\Windows\CurrentVersion\Run | Facebook Update : %APPDATA%\Microsoft\update.exe
[X] HKCU\Software\Microsoft\Windows\CurrentVersion\Run | 5cd8f17f4086744065eb0992a09e05a2 : "C:\Documents and Settings\Killer_VirusFr\Local Settings\Temp\Trojan.exe" ..
[X] C:\Documents and Settings\Killer_VirusFr\Local Settings\Temp\Trojan.exe 
[X] HKCU\Software\Microsoft\Windows\CurrentVersion\Run | Ipaxp : "C:\Documents and Settings\Killer_VirusFr\Application Data\Ziak\ipaxp.exe"
[X] C:\Documents and Settings\Killer_VirusFr\Application Data\Ziak\ipaxp.exe
[X] HKCU\Software\Microsoft\Windows\CurrentVersion\Run | loh : C:\DOCUME~1\KILLER~1\LOCALS~1\Temp\loh.exe
[X] C:\DOCUME~1\KILLER~1\LOCALS~1\Temp\loh.exe
[X] HKCU\Software\Microsoft\Windows\CurrentVersion\Run | 33a02ce3a6dc322bc7e588c3c6d40f38 : "C:\Documents and Settings\Killer_VirusFr\Application Data\svchost.exe" ..
[X] C:\Documents and Settings\Killer_VirusFr\Application Data\svchost.exe 
[X] HKLM\Software\Microsoft\Windows\CurrentVersion\Run | HKLM : C:\WINDOWS\WIN 7\HACKO.exe
[X] HKLM\Software\Microsoft\Windows\CurrentVersion\Run | f7a74ce8d62a827374f896562655303d : "C:\Documents and Settings\Killer_VirusFr\Local Settings\Temp\intrnet.exe" ..
[X] C:\Documents and Settings\Killer_VirusFr\Local Settings\Temp\intrnet.exe 
[X] HKLM\Software\Microsoft\Windows\CurrentVersion\Run | b6b14442eb327de390e5ed1e983e5ab0 : "C:\Documents and Settings\Killer_VirusFr\Local Settings\Temp\Svchost.exe" ..
[X] C:\Documents and Settings\Killer_VirusFr\Local Settings\Temp\Svchost.exe 
[X] HKLM64\Software\Microsoft\Windows\CurrentVersion\Run | 5cd8f17f4086744065eb0992a09e05a2 : "C:\Documents and Settings\Killer_VirusFr\Local Settings\Temp\Trojan.exe" ..
[X] HKLM64\Software\Microsoft\Windows\CurrentVersion\Run | 378d21732268e1971ca57e15bd4a5ad9 : "C:\Documents and Settings\Killer_VirusFr\Local Settings\Temp\server.exe" ..
[X] C:\Documents and Settings\Killer_VirusFr\Local Settings\Temp\server.exe 
[X] HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run | svchost : C:\WINDOWS\WIN 7\HACKO.exe
[X] HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run | svchost : C:\WINDOWS\WIN 7\HACKO.exe
[X] HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce | svchost : C:\WINDOWS\WIN 7\HACKO.exe
[X] HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce | svchost : C:\WINDOWS\WIN 7\HACKO.exe
[X] HKCU\Software\Microsoft\Windows\CurrentVersion\Run | antaw4r19 : C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-5681\atnxwa1.exe
[!] C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-5681\atnxwa1.exe
[X] HKCU\Software\Microsoft\Windows\CurrentVersion\Run | GVideo : 
[X] HKCU\Software\Microsoft\Windows\CurrentVersion\Run | Kydixirina : "C:\Documents and Settings\Killer_VirusFr\Application Data\Hoduaw\lauz.exe"
[X] C:\Documents and Settings\Killer_VirusFr\Application Data\Hoduaw\lauz.exe
[X] HKCU\Software\Microsoft\Windows\CurrentVersion\Run | f7a74ce8d62a827374f896562655303d : "C:\Documents and Settings\Killer_VirusFr\Local Settings\Temp\intrnet.exe" ..
[X] HKCU\Software\Microsoft\Windows\CurrentVersion\Run | 378d21732268e1971ca57e15bd4a5ad9 : "C:\Documents and Settings\Killer_VirusFr\Local Settings\Temp\server.exe" ..
[X] HKLM\Software\Microsoft\Windows\CurrentVersion\Run | 33a02ce3a6dc322bc7e588c3c6d40f38 : "C:\Documents and Settings\Killer_VirusFr\Application Data\svchost.exe" ..
[X] HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run | Facebook Update : %APPDATA%\Microsoft\update.exe
[X] HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce | 4gr75b2k2 : C:\DOCUME~1\KILLER~1\4gr75b2k2\54402.vbs
[!] C:\DOCUME~1\KILLER~1\4gr75b2k2\54402.vbs
[X] HKCU\Software\Microsoft\Windows\CurrentVersion\Run | asaba3tsh : C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-839714475\asaba3tsh.exe
[X] HKCU\Software\Microsoft\Windows\CurrentVersion\Run | b6b14442eb327de390e5ed1e983e5ab0 : "C:\Documents and Settings\Killer_VirusFr\Local Settings\Temp\Svchost.exe" ..
[X] HKCU\Software\Microsoft\Windows\CurrentVersion\Run | ewewew : C:\Documents and Settings\Killer_VirusFr\Application Data\Stub.exe
[X] C:\Documents and Settings\Killer_VirusFr\Application Data\Stub.exe
[X] HKCU\Software\Microsoft\Windows\CurrentVersion\Run | LoftWare : 
[X] C:\Documents and Settings\Killer_VirusFr\Application Data\Microsoft\update.exe
[X] C:\Documents and Settings\Killer_VirusFr\Menu Démarrer\Programmes\Démarrage\Facebook.lnk : C:\Documents and Settings\Killer_VirusFr\Application Data\Microsoft\update.exe
[X] C:\Documents and Settings\Killer_VirusFr\4gr75b2k2\54402.vbs
[X] C:\Documents and Settings\Killer_VirusFr\Menu Démarrer\Programmes\Démarrage\start.lnk : C:\Documents and Settings\Killer_VirusFr\4gr75b2k2\54402.vbs
[X] C:\Documents and Settings\Killer_VirusFr\Menu Démarrer\Programmes\Démarrage\1.exe
[X] C:\Documents and Settings\Killer_VirusFr\Menu Démarrer\Programmes\Démarrage\33a02ce3a6dc322bc7e588c3c6d40f38.exe
[X] C:\Documents and Settings\Killer_VirusFr\Menu Démarrer\Programmes\Démarrage\378d21732268e1971ca57e15bd4a5ad9.exe
[X] C:\Documents and Settings\Killer_VirusFr\Menu Démarrer\Programmes\Démarrage\5cd8f17f4086744065eb0992a09e05a2.exe
[X] C:\Documents and Settings\Killer_VirusFr\Menu Démarrer\Programmes\Démarrage\b6b14442eb327de390e5ed1e983e5ab0.exe
[X] C:\Documents and Settings\Killer_VirusFr\Local Settings\Application Data\65604959882.exe
[X] C:\Documents and Settings\Killer_VirusFr\Local Settings\Application Data\UpdateFlash.exe

~ EOF : C:\FixAll[1].txt ~