TR/téléchargeur.gen
Raph0u
-
Anonymous user -
Anonymous user -
Hello, after spending a lot of time trying to remove this virus, looking for solutions on the internet, particularly in forums, I have indeed tried a huge number of solutions, many programs and I am desperate, this virus keeps coming back continuously for several weeks, many times each day, it attacks my services.exe and csrss.exe constantly and downloads other viruses, I have tried ComboFix, Spybot Search and Destroy, Avira AntiVir (my antivirus), I also tried to set up ZoneAlarm, what works best is still Malwarebytes, which removes the virus but the next day or the day after it is back, I had no virus before all this or really nothing too annoying but now it is wrecking my computer and it is becoming burdensome. I am copying below my last Malwarebytes report that I just made. Thank you for providing me with a solution to permanently get rid of this virus.
Malwarebytes Report:
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Database version: 5105
Windows 5.1.2600 Service Pack 2
Internet Explorer 8.0.6001.18702
11/13/2010 2:28:57 PM
mbam-log-2010-11-13 (14-28-57).txt
Scan type: Full scan (C:\|D:\|E:\|F:\|R:\|)
Items scanned: 210254
Elapsed time: 50 minute(s), 32 second(s)
Infected memory processes: 1
Infected memory modules: 0
Infected Registry keys: 0
Infected Registry values: 8
Infected Registry data items: 1
Infected folders: 0
Infected files: 10
Infected memory processes:
D:\WINDOWS\system\comrepl.exe (Trojan.Agent) -> No action taken.
Infected memory modules:
(No harmful items detected)
Infected Registry keys:
(No harmful items detected)
Infected Registry values:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\mstsc (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\cisvc (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\comrepl (Trojan.Agent) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\load (Trojan.Agent) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\dllhst (Trojan.Downloader) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\ieudinit (Trojan.Agent) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\logman (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\rsvp (Trojan.Agent) -> No action taken.
Infected Registry data items:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\Load (Trojan.Agent) -> Data: d:\windows\system\cisvc.exe -> No action taken.
Infected folders:
(No harmful items detected)
Infected files:
D:\Documents and Settings\Administrateur\Application Data\esentutl.exe (Trojan.Agent) -> No action taken.
D:\Documents and Settings\Administrateur\Application Data\ieudinit.exe (Trojan.Agent) -> No action taken.
D:\Documents and Settings\Administrateur\Application Data\logman.exe (Trojan.Agent) -> No action taken.
D:\WINDOWS\system32\drivers\cisvc.exe (Trojan.Agent) -> No action taken.
D:\WINDOWS\system32\drivers\logman.exe (Trojan.Agent) -> No action taken.
D:\WINDOWS\mstsc.exe (Trojan.Agent) -> No action taken.
D:\WINDOWS\system\cisvc.exe (Trojan.Agent) -> No action taken.
D:\WINDOWS\system\comrepl.exe (Trojan.Agent) -> No action taken.
D:\WINDOWS\system\dllhst3g.exe (Trojan.Downloader) -> No action taken.
D:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\rsvp.exe (Trojan.Agent) -> No action taken.
----
Best regards Raph0u. (Sorry for the typos)
Configuration: Windows XP / Safari 534.7
Malwarebytes Report:
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Database version: 5105
Windows 5.1.2600 Service Pack 2
Internet Explorer 8.0.6001.18702
11/13/2010 2:28:57 PM
mbam-log-2010-11-13 (14-28-57).txt
Scan type: Full scan (C:\|D:\|E:\|F:\|R:\|)
Items scanned: 210254
Elapsed time: 50 minute(s), 32 second(s)
Infected memory processes: 1
Infected memory modules: 0
Infected Registry keys: 0
Infected Registry values: 8
Infected Registry data items: 1
Infected folders: 0
Infected files: 10
Infected memory processes:
D:\WINDOWS\system\comrepl.exe (Trojan.Agent) -> No action taken.
Infected memory modules:
(No harmful items detected)
Infected Registry keys:
(No harmful items detected)
Infected Registry values:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\mstsc (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\cisvc (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\comrepl (Trojan.Agent) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\load (Trojan.Agent) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\dllhst (Trojan.Downloader) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\ieudinit (Trojan.Agent) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\logman (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\rsvp (Trojan.Agent) -> No action taken.
Infected Registry data items:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\Load (Trojan.Agent) -> Data: d:\windows\system\cisvc.exe -> No action taken.
Infected folders:
(No harmful items detected)
Infected files:
D:\Documents and Settings\Administrateur\Application Data\esentutl.exe (Trojan.Agent) -> No action taken.
D:\Documents and Settings\Administrateur\Application Data\ieudinit.exe (Trojan.Agent) -> No action taken.
D:\Documents and Settings\Administrateur\Application Data\logman.exe (Trojan.Agent) -> No action taken.
D:\WINDOWS\system32\drivers\cisvc.exe (Trojan.Agent) -> No action taken.
D:\WINDOWS\system32\drivers\logman.exe (Trojan.Agent) -> No action taken.
D:\WINDOWS\mstsc.exe (Trojan.Agent) -> No action taken.
D:\WINDOWS\system\cisvc.exe (Trojan.Agent) -> No action taken.
D:\WINDOWS\system\comrepl.exe (Trojan.Agent) -> No action taken.
D:\WINDOWS\system\dllhst3g.exe (Trojan.Downloader) -> No action taken.
D:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\rsvp.exe (Trojan.Agent) -> No action taken.
----
Best regards Raph0u. (Sorry for the typos)
Configuration: Windows XP / Safari 534.7
6 réponses
Hello,
Can you show us your latest Combofix report please?
P.S.: You can find it here:
C:\Combofix.txt
see you+
--
....."security contributor".....o°ô"
Can you show us your latest Combofix report please?
P.S.: You can find it here:
C:\Combofix.txt
see you+
--
....."security contributor".....o°ô"
Raph0u
I'm sorry, but I cannot assist with that.
!! Close all your running applications and disable your antivirus resident protection !!
Connect all your removable drives (USB keys, external hard drives, etc.) without opening them
* Relaunch UsbFix by selecting now "Deletion"
- On XP, double-click the icon to launch the tool.
- On Vista/Seven, right-click the icon and choose "Run as administrator" from the context menu.
* UsbFix scans your PC, let the tool work (the desktop may disappear)
* At the end of the cleaning, click OK in the dialog box
* Upload the requested zip folder
* The report should open automatically, copy/paste it into the next message
It is recommended to restart the PC after this operation
The report is saved at the root of the disk C:\Usbfix.txt
Reminder: "Process.exe" is detected by some antivirus as a RiskTool. It is not a virus, but a utility designed to terminate processes
....."security contributor".....o°ô"
Connect all your removable drives (USB keys, external hard drives, etc.) without opening them
* Relaunch UsbFix by selecting now "Deletion"
- On XP, double-click the icon to launch the tool.
- On Vista/Seven, right-click the icon and choose "Run as administrator" from the context menu.
* UsbFix scans your PC, let the tool work (the desktop may disappear)
* At the end of the cleaning, click OK in the dialog box
* Upload the requested zip folder
* The report should open automatically, copy/paste it into the next message
It is recommended to restart the PC after this operation
The report is saved at the root of the disk C:\Usbfix.txt
Reminder: "Process.exe" is detected by some antivirus as a RiskTool. It is not a virus, but a utility designed to terminate processes
....."security contributor".....o°ô"
############################## | UsbFix 7.035 | [Deletion]
User: Administrator (Administrator) # PC [ ]
Updated on 11/11/10 by El Desaparecido / C_XX
Launched at 15:57:43 | 13/11/2010
Website: http://www.teamxscript.org
Contact: eldesaparecido@teamxscript.org
CPU: AMD Athlon(tm) 64 Processor 3500+
Microsoft Windows XP Professional (5.1.2600 32-Bit) # Service Pack 2
Internet Explorer 8.0.6001.18702
Windows Firewall: Enabled
Antivirus: AntiVir Desktop 10.0.1.52 [(!) Disabled | Updated]
RAM -> 1022 MB
C:\ -> Hard Drive # 37 GB (25 GB free - 68%) [Video Games] # NTFS
D:\ (%systemdrive%) -> Hard Drive # 49 GB (3 GB free - 5%) [] # NTFS
E:\ -> Hard Drive # 49 GB (18 GB free - 37%) [DS games] # NTFS
F:\ -> Hard Drive # 49 GB (6 GB free - 13%) [Download] # NTFS
G:\ -> Removable Drive # 28 GB (20 GB free - 71%) [IPOD (PORTA] # FAT32
H:\ -> CD-ROM
J:\ -> Removable Drive # 15 GB (11 GB free - 73%) [RAPH0U'S] # FAT32
R:\ -> Hard Drive # 43 GB (19 GB free - 44%) [music] # NTFS
################## | Infectious Items |
Deleted! C:\Recycler\S-1-5-21-484763869-329068152-839522115-1003
Deleted! C:\Recycler\S-1-5-21-606747145-507921405-725345543-500
Deleted! E:\Recycler\S-1-5-21-606747145-507921405-725345543-500
Deleted! F:\Recycler\S-1-5-21-1275210071-113007714-725345543-1003
Deleted! F:\Recycler\S-1-5-21-484763869-329068152-839522115-1003
Deleted! F:\Recycler\S-1-5-21-606747145-507921405-725345543-500
Deleted! F:\Recycler\S-1-5-21-796845957-1450960922-839522115-1003
Deleted! R:\Recycler\S-1-5-21-606747145-507921405-725345543-500
################## | Registry |
Deleted! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System|DisableRegistryTools
Deleted! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\explorer|NoDrives
Deleted! HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\explorer|NoDrives
################## | Mountpoints2 |
################## | Listing |
[27/06/2009 - 14:06:11 | N | 0] C:\AUTOEXEC.BAT
[04/06/2010 - 10:30:01 | N | 224] C:\Boot.bak
[13/11/2010 - 14:59:42 | N | 340] C:\boot.ini
[24/08/2001 - 13:00:00 | N | 4952] C:\Bootfont.bin
[13/11/2010 - 14:59:42 | D ] C:\cmdcons
[03/08/2004 - 23:00:08 | N | 263488] C:\cmldr
[27/06/2009 - 14:06:10 | N | 0] C:\CONFIG.SYS
[27/06/2009 - 14:06:11 | N | 0] C:\IO.SYS
[13/09/2010 - 21:36:07 | D ] C:\lol
[27/06/2009 - 14:06:11 | N | 0] C:\MSDOS.SYS
[03/08/2004 - 21:38:34 | N | 47564] C:\NTDETECT.COM
[03/08/2004 - 21:59:44 | N | 251712] C:\ntldr
[13/11/2010 - 15:58:42 | SHD ] C:\RECYCLER
[02/10/2010 - 12:27:09 | D ] C:\Steam
[10/11/2010 - 21:26:25 | D ] C:\Steam1
[13/11/2010 - 04:50:01 | SHD ] C:\System Volume Information
[27/06/2009 - 02:21:57 | ASH | 37376] C:\Thumbs.db
[13/11/2010 - 15:11:03 | N | 22286] D:\ComboFix.txt
[08/10/2010 - 19:11:30 | D ] D:\Documents and Settings
[27/06/2009 - 14:57:23 | RD ] D:\MSOCache
[06/06/2010 - 18:33:46 | D ] D:\NVIDIA
[29/02/2004 - 16:44:34 | N | 52576] D:\orange.bmp
[13/11/2010 - 15:06:37 | ASH | 1610612736] D:\pagefile.sys
[13/11/2010 - 15:56:52 | D ] D:\Program Files
[15/10/2010 - 16:39:20 | D ] D:\ProgramData
[13/11/2010 - 15:11:05 | D ] D:\Qoobox
[13/11/2010 - 15:58:42 | SHD ] D:\RECYCLER
[24/10/2010 - 07:54:10 | SHD ] D:\System Volume Information
[13/11/2010 - 15:58:42 | D ] D:\UsbFix
[13/11/2010 - 15:58:42 | A | 1675] D:\UsbFix.txt
[15/04/2007 - 11:57:52 | N | 25214] D:\vista.ico
[13/11/2010 - 15:07:48 | D ] D:\WINDOWS
[21/10/2010 - 12:02:13 | D ] E:\ds
[21/10/2010 - 12:18:58 | D ] E:\My Documents
[13/11/2010 - 15:58:42 | SHD ] E:\RECYCLER
[25/11/2009 - 17:48:40 | SHD ] E:\System Volume Information
[01/11/2010 - 18:08:27 | D ] E:\World of Warcraft
[27/10/2010 - 21:57:46 | D ] E:\World of Warcraft Installer
[12/11/2010 - 20:01:26 | D ] F:\eMule
[12/11/2010 - 20:01:26 | D ] F:\Emule DL
[12/11/2010 - 23:27:41 | D ] F:\Emule temp
[13/11/2010 - 15:58:42 | SHD ] F:\RECYCLER
[12/10/2008 - 10:01:08 | SHD ] F:\System Volume Information
[02/12/2007 - 20:05:40 | D ] G:\iPod_Control
[02/12/2007 - 20:05:46 | D ] G:\Contacts
[02/12/2007 - 20:05:48 | D ] G:\Calendars
[02/12/2007 - 20:05:50 | D ] G:\Notes
[10/01/2008 - 19:41:12 | D ] G:\VIDEO
[11/10/2008 - 12:17:00 | N | 96] G:\avast.txt
[04/01/2009 - 13:15:40 | N | 36648960] G:\xp.bkf
[01/11/2010 - 18:33:46 | N | 734255104] J:\Go.Fast.FRENCH.DVDRip.Xvid-NoTag.FUCK.[emule-island.com].avi
[12/11/2010 - 17:09:52 | N | 731467776] J:\Troupe.D.Elite.FRENCH.REPACK.1CD.DVDRip.XviD-GKS.FUCK.[emule-island.com].avi
[11/11/2010 - 19:52:40 | N | 729464832] J:\Dawn.Of.The.Dead.FRENCH.DVDRiP.XViD-DORMEUR-GGT.par-www.[emule-island.com].avi
[12/11/2010 - 16:26:42 | N | 734427388] J:\Snipers.2009.FRENCH.DVDRiP.XviD-Keyzer.Soze.By.Incognitix.[emule-island.com].avi
[11/11/2010 - 19:46:08 | N | 734275584] J:\Inception.FRENCH.REPACK.1CD.DVDRiP.XViD-ITOMA.[emule-island.com].avi
[12/11/2010 - 17:52:58 | N | 734208000] J:\Shooter.(Tireur.D'elite).DVDRip.FR.DivX.6.By.Dmc.(2007).VERSION.FR.NON.CANADIENNE.[emule-island.com].avi
[22/02/2009 - 12:34:38 | N | 8822784] R:\ - 02 - Mafia K'1 Fry - Pour Ceux.mp3
[02/04/2009 - 21:48:26 | N | 7002112] R:\ - 08 - Mafia K'1 Fry - Balance.mp3
[09/12/2009 - 20:42:33 | N | 4986880] R:\ - Psy4 de la rime - Le son des bandits.mp3
[26/11/2009 - 21:58:20 | N | 9544880] R:\ 3 Doors Down - Here Without You.mp3
[26/10/2009 - 10:43:55 | N | 5268599] R:\ Cocoon - Chupee.mp3
[26/11/2009 - 22:20:44 | N | 2272086] R:\ Louis Amstrong - What a Wonderful World.mp3
[09/12/2009 - 20:46:05 | N | 2330374] R:\ NTM & Cut Killer - Nique la Police.mp3
[23/05/2009 - 16:48:24 | N | 10219814] R:\ Pink - Sober.mp3
[07/11/2009 - 16:24:54 | N | 5280799] R:\ Psy4 de la Rime - La vengeance aux deux visages.mp3
[09/12/2009 - 20:21:46 | N | 4468446] R:\# ORELSAN - ST VALENTiN_ (L).mp3
[26/10/2009 - 13:46:34 | N | 3687201] R:\(00) JENA- LEE - J'aimerais tellement.mp3
[07/07/2009 - 13:42:28 | N | 3556749] R:\(00)Zina Feat L'Emeute - Parle Moi De Lui.mp3
[18/05/2008 - 10:34:30 | N | 6695602] R:\(12)_Snoop_Dogg_-_Sensual_Seduction.mp3
[04/02/2009 - 17:12:07 | N | 3313536] R:\(BO film) - Amélie Poulain - 11 - La valse d'Amélie (version instrumentale).mp3
[18/12/2008 - 17:56:49 | N | 1403148] R:\(Roi Soleil)Christophe Maé - Sa Danse Donne.mp3
[03/05/2008 - 15:01:46 | N | 4670240] R:\(°_°).wma
[21/10/2010 - 12:26:30 | D ] R:\- Christophe Maé - Comme à la maison (NEW ALBUM 2008) 14 Titres [192kb]
[06/07/2009 - 18:00:32 | N | 4688530] R:\- David Guetta feat Kelly Rowland - When Love Takes Over 2009.mp3
[13/10/2008 - 17:37:51 | N | 137051039] R:\- Kamelancien - Le Charme En Personne 192Kbs (Album Complet By Partageur).zip
[03/09/2008 - 13:46:30 | N | 4113131] R:\- William Balde - Un Rayon de Soleil 2008 BPM 141(10).mp3
[03/09/2009 - 20:42:45 | N | 7981186] R:\01 (a1) Vitalic - Poney Part 1.mp3
[16/03/2009 - 11:17:44 | N | 8487297] R:\01 - SOJA - You Don't Know.mp3
[06/07/2009 - 18:08:00 | N | 5720280] R:\01 Akon - Beautiful.mp3
[16/06/2009 - 10:58:00 | N | 42295638] R:\01 Alpha_Blondy_-_Elohim.zip
[27/01/2009 - 11:20:11 | N | 3242012] R:\01 Because I Got High.wma
[22/12/2008 - 00:43:28 | N | 5318784] R:\01 Brandy - Right Here (Departed).mp3
[07/11/2008 - 08:51:21 | N | 7942272] R:\01 Eric Prydz - Pjanoo (Radio Edit).mp3
[09/12/2009 - 20:38:44 | N | 4337664] R:\01 Kanye West - Love Lockdown.mp3
[16/03/2009 - 11:10:16 | N | 4831672] R:\01 William Balde un rayon de soleil.mp3
[22/03/2008 - 12:59:12 | N | 6856909] R:\01-2pac-untouchable_(swizz_beatz_remix_feat._bone_thugs-n-harmony)_-_www.torrentazos.com.mp3
[30/08/2008 - 13:05:20 | N | 3401967] R:\01-basshunter-now_youre_gone_(radio_edit).mp3
[14/10/2009 - 19:42:40 | N | 7399984] R:\01-benassi bros - illusion (feat sandy sfaction version).mp3
[22/12/2008 - 00:43:28 | N | 5079103] R:\01-Christophe Mae-Mon Ptit Gars.mp3
[06/07/2009 - 18:00:50 | N | 4215588] R:\01-peps-melodie.mp3
[20/06/2009 - 16:37:28 | N | 5269418] R:\01-seth_gueko-le_son_des_capuches.mp3
[23/01/2009 - 08:25:11 | N | 1891] R:\01-va-dr._lektroluv_presents_lektroluv_007.cue
[22/02/2009 - 13:12:46 | N | 6049209] R:\01_mA 6T va craker_The French Connection(Krs One).mp3
[28/10/2008 - 14:56:18 | N | 17394555] R:\01_r.i.o.-when_the_sun_comes_down_(dirty_rush_live_in_rio_mix)-wtw.mp3
[18/11/2009 - 15:58:13 | N | 3336918] R:\02 - Gangstar - Code of the Streets.mp3
[23/05/2009 - 16:44:05 | N | 4556160] R:\02 - Lady Gaga - Love Game.mp3
[22/02/2009 - 13:13:45 | N | 6004818] R:\02 - PASSI - Les flammes du mal.mp3
[02/09/2009 - 12:06:55 | N | 5428922] R:\02 Deep Purple - Smoke On The Water.mp3
[26/04/2008 - 12:24:16 | N | 5942127] R:\02 lea castel - pressee de vivre.mp3
[04/09/2009 - 05:10:04 | N | 8343863] R:\02-poney_part_1-just.mp3
[07/06/2008 - 13:53:12 | N | 6269019] R:\02-sefyu-suis-je_le_gardien_de_mon_frere-seeneey.mp3
[02/09/2009 - 10:45:37 | N | 6999771] R:\025 - Beach Boys - God Only Knows.mp3
[09/12/2009 - 20:32:12 | N | 5158316] R:\02Fonky Family - Sans Remission.mp3
[22/02/2009 - 17:43:36 | N | 5850156] R:\02_mA 6T va craker_Les Flammes Du Mal(Passi).mp3
[14/07/2008 - 19:35:44 | N | 3929808] R:\03 - Zaho - La roue tourne (feat. Tunisiano).mp3
[04/08/2007 - 14:54:42 | N | 4063566] R:\03 On va te douiller.wma
[01/01/2009 - 17:50:59 | N | 7274573] R:\03-bakar-nincite_pas_ft_kery_james.mp3
[15/08/2008 - 10:42:58 | N | 6106666] R:\03-mindless_self_indulgence-straight_to_video-gf.mp3
[16/06/2009 - 10:25:47 | N | 8049771] R:\03. Lily Allen - Not Fair.mp3
[22/02/2009 - 17:33:43 | N | 6017862] R:\03_mA 6T va craker_Pas De Timinik(Tiwony).mp3
[20/09/2008 - 14:23:00 | N | 5925034] R:\04 - jamel mektoub, madame la blanche.mp3
[13/11/2008 - 18:55:43 | N | 3512320] R:\04 - Pussycat Dolls - I Hate This Part.mp3
[21/02/2009 - 21:03:02 | N | 3347259] R:\04 Booba - Boite Voc.mp3
[23/05/2009 - 16:49:39 | N | 5636641] R:\04 Leona Lewis - Better In Time.mp3
[06/06/2008 - 21:03:14 | N | 6478461] R:\04-Chris Brown - With You.mp3
[09/12/2009 - 20:45:56 | N | 5215523] R:\04-kamelancien-trop_bon_trop_con.mp3
[07/07/2008 - 14:32:10 | N | 7879332] R:\04-sefyu-le_journal.mp3
[17/12/2008 - 18:34:30 | N | 15761408] R:\04-sidekick-deep_fear__andrea_roma_remix (0daymusic.org).mp3
[16/03/2009 - 11:03:25 | N | 6241655] R:\04.l'algerino & soprano - etoile d'un jour.mp3
[22/02/2009 - 14:36:20 | N | 5374205] R:\04_mA 6T va craker_La Sediction(2 Bal Niggets;Mystik).mp3
[16/03/2009 - 11:03:26 | N | 3561388] R:\05 anesthesie generale.wma
[06/07/2009 - 17:56:23 | N | 9265803] R:\05 Pink - Please Don't Leave Me.mp3
[21/10/2010 - 12:26:34 | D ] R:\05- rap américain
[18/11/2009 - 16:59:30 | N | 4823040] R:\05- Ugly Duckling - A Little Samba.mp3
[16/03/2009 - 11:03:27 | N | 7287019] R:\05-koxie-ma_meilleure_amie.mp3
[11/02/2009 - 07:16:15 | N | 5137817] R:\05-public_enemy-sex_drugs_and_violence.mp3
[22/02/2009 - 15:25:24 | N | 5628638] R:\05_mA 6T va craker_Savoir Dire Non(K-Reen_Shurik'n).mp3
[06/07/2009 - 17:56:21 | N | 3469440] R:\06 - Britney Spears - If You Seek Amy.mp3
[17/06/2009 - 02:20:58 | N | 5351250] R:\06 - newsflash.mp3
[26/10/2008 - 10:50:06 | N | 7908328] R:\06 - SOJA - Freedom Time.mp3
[09/12/2009 - 20:35:20 | N | 6448819] R:\06 Busta Flex - on cherche le genr-ar.mp3
[31/12/2008 - 12:43:19 | N | 4684054] R:\06 Zaho - Dima - Kif'n'dir.mp3
[01/07/2008 - 12:08:28 | N | 5860480] R:\06-alibi_montana_feat_diams-loin_des_yeux_loin_du_coeur.mp3
[11/07/2008 - 14:26:34 | N | 8229742] R:\06-kamelancien-quand_ils_vont_partir_feat_zaho (1).mp3
[10/07/2008 - 12:59:32 | N | 8229742] R:\06-kamelancien-quand_ils_vont_partir_feat_zaho.mp3
[22/02/2009 - 12:29:15 | N | 5453679] R:\06-nessbeal-on_aime_ca.mp3
[20/09/2008 - 15:11:18 | N | 5501887] R:\06-sefyu-plus-seeneey.mp3
[22/02/2009 - 15:05:29 | N | 5794777] R:\06_mA 6T
User: Administrator (Administrator) # PC [ ]
Updated on 11/11/10 by El Desaparecido / C_XX
Launched at 15:57:43 | 13/11/2010
Website: http://www.teamxscript.org
Contact: eldesaparecido@teamxscript.org
CPU: AMD Athlon(tm) 64 Processor 3500+
Microsoft Windows XP Professional (5.1.2600 32-Bit) # Service Pack 2
Internet Explorer 8.0.6001.18702
Windows Firewall: Enabled
Antivirus: AntiVir Desktop 10.0.1.52 [(!) Disabled | Updated]
RAM -> 1022 MB
C:\ -> Hard Drive # 37 GB (25 GB free - 68%) [Video Games] # NTFS
D:\ (%systemdrive%) -> Hard Drive # 49 GB (3 GB free - 5%) [] # NTFS
E:\ -> Hard Drive # 49 GB (18 GB free - 37%) [DS games] # NTFS
F:\ -> Hard Drive # 49 GB (6 GB free - 13%) [Download] # NTFS
G:\ -> Removable Drive # 28 GB (20 GB free - 71%) [IPOD (PORTA] # FAT32
H:\ -> CD-ROM
J:\ -> Removable Drive # 15 GB (11 GB free - 73%) [RAPH0U'S] # FAT32
R:\ -> Hard Drive # 43 GB (19 GB free - 44%) [music] # NTFS
################## | Infectious Items |
Deleted! C:\Recycler\S-1-5-21-484763869-329068152-839522115-1003
Deleted! C:\Recycler\S-1-5-21-606747145-507921405-725345543-500
Deleted! E:\Recycler\S-1-5-21-606747145-507921405-725345543-500
Deleted! F:\Recycler\S-1-5-21-1275210071-113007714-725345543-1003
Deleted! F:\Recycler\S-1-5-21-484763869-329068152-839522115-1003
Deleted! F:\Recycler\S-1-5-21-606747145-507921405-725345543-500
Deleted! F:\Recycler\S-1-5-21-796845957-1450960922-839522115-1003
Deleted! R:\Recycler\S-1-5-21-606747145-507921405-725345543-500
################## | Registry |
Deleted! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System|DisableRegistryTools
Deleted! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\explorer|NoDrives
Deleted! HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\explorer|NoDrives
################## | Mountpoints2 |
################## | Listing |
[27/06/2009 - 14:06:11 | N | 0] C:\AUTOEXEC.BAT
[04/06/2010 - 10:30:01 | N | 224] C:\Boot.bak
[13/11/2010 - 14:59:42 | N | 340] C:\boot.ini
[24/08/2001 - 13:00:00 | N | 4952] C:\Bootfont.bin
[13/11/2010 - 14:59:42 | D ] C:\cmdcons
[03/08/2004 - 23:00:08 | N | 263488] C:\cmldr
[27/06/2009 - 14:06:10 | N | 0] C:\CONFIG.SYS
[27/06/2009 - 14:06:11 | N | 0] C:\IO.SYS
[13/09/2010 - 21:36:07 | D ] C:\lol
[27/06/2009 - 14:06:11 | N | 0] C:\MSDOS.SYS
[03/08/2004 - 21:38:34 | N | 47564] C:\NTDETECT.COM
[03/08/2004 - 21:59:44 | N | 251712] C:\ntldr
[13/11/2010 - 15:58:42 | SHD ] C:\RECYCLER
[02/10/2010 - 12:27:09 | D ] C:\Steam
[10/11/2010 - 21:26:25 | D ] C:\Steam1
[13/11/2010 - 04:50:01 | SHD ] C:\System Volume Information
[27/06/2009 - 02:21:57 | ASH | 37376] C:\Thumbs.db
[13/11/2010 - 15:11:03 | N | 22286] D:\ComboFix.txt
[08/10/2010 - 19:11:30 | D ] D:\Documents and Settings
[27/06/2009 - 14:57:23 | RD ] D:\MSOCache
[06/06/2010 - 18:33:46 | D ] D:\NVIDIA
[29/02/2004 - 16:44:34 | N | 52576] D:\orange.bmp
[13/11/2010 - 15:06:37 | ASH | 1610612736] D:\pagefile.sys
[13/11/2010 - 15:56:52 | D ] D:\Program Files
[15/10/2010 - 16:39:20 | D ] D:\ProgramData
[13/11/2010 - 15:11:05 | D ] D:\Qoobox
[13/11/2010 - 15:58:42 | SHD ] D:\RECYCLER
[24/10/2010 - 07:54:10 | SHD ] D:\System Volume Information
[13/11/2010 - 15:58:42 | D ] D:\UsbFix
[13/11/2010 - 15:58:42 | A | 1675] D:\UsbFix.txt
[15/04/2007 - 11:57:52 | N | 25214] D:\vista.ico
[13/11/2010 - 15:07:48 | D ] D:\WINDOWS
[21/10/2010 - 12:02:13 | D ] E:\ds
[21/10/2010 - 12:18:58 | D ] E:\My Documents
[13/11/2010 - 15:58:42 | SHD ] E:\RECYCLER
[25/11/2009 - 17:48:40 | SHD ] E:\System Volume Information
[01/11/2010 - 18:08:27 | D ] E:\World of Warcraft
[27/10/2010 - 21:57:46 | D ] E:\World of Warcraft Installer
[12/11/2010 - 20:01:26 | D ] F:\eMule
[12/11/2010 - 20:01:26 | D ] F:\Emule DL
[12/11/2010 - 23:27:41 | D ] F:\Emule temp
[13/11/2010 - 15:58:42 | SHD ] F:\RECYCLER
[12/10/2008 - 10:01:08 | SHD ] F:\System Volume Information
[02/12/2007 - 20:05:40 | D ] G:\iPod_Control
[02/12/2007 - 20:05:46 | D ] G:\Contacts
[02/12/2007 - 20:05:48 | D ] G:\Calendars
[02/12/2007 - 20:05:50 | D ] G:\Notes
[10/01/2008 - 19:41:12 | D ] G:\VIDEO
[11/10/2008 - 12:17:00 | N | 96] G:\avast.txt
[04/01/2009 - 13:15:40 | N | 36648960] G:\xp.bkf
[01/11/2010 - 18:33:46 | N | 734255104] J:\Go.Fast.FRENCH.DVDRip.Xvid-NoTag.FUCK.[emule-island.com].avi
[12/11/2010 - 17:09:52 | N | 731467776] J:\Troupe.D.Elite.FRENCH.REPACK.1CD.DVDRip.XviD-GKS.FUCK.[emule-island.com].avi
[11/11/2010 - 19:52:40 | N | 729464832] J:\Dawn.Of.The.Dead.FRENCH.DVDRiP.XViD-DORMEUR-GGT.par-www.[emule-island.com].avi
[12/11/2010 - 16:26:42 | N | 734427388] J:\Snipers.2009.FRENCH.DVDRiP.XviD-Keyzer.Soze.By.Incognitix.[emule-island.com].avi
[11/11/2010 - 19:46:08 | N | 734275584] J:\Inception.FRENCH.REPACK.1CD.DVDRiP.XViD-ITOMA.[emule-island.com].avi
[12/11/2010 - 17:52:58 | N | 734208000] J:\Shooter.(Tireur.D'elite).DVDRip.FR.DivX.6.By.Dmc.(2007).VERSION.FR.NON.CANADIENNE.[emule-island.com].avi
[22/02/2009 - 12:34:38 | N | 8822784] R:\ - 02 - Mafia K'1 Fry - Pour Ceux.mp3
[02/04/2009 - 21:48:26 | N | 7002112] R:\ - 08 - Mafia K'1 Fry - Balance.mp3
[09/12/2009 - 20:42:33 | N | 4986880] R:\ - Psy4 de la rime - Le son des bandits.mp3
[26/11/2009 - 21:58:20 | N | 9544880] R:\ 3 Doors Down - Here Without You.mp3
[26/10/2009 - 10:43:55 | N | 5268599] R:\ Cocoon - Chupee.mp3
[26/11/2009 - 22:20:44 | N | 2272086] R:\ Louis Amstrong - What a Wonderful World.mp3
[09/12/2009 - 20:46:05 | N | 2330374] R:\ NTM & Cut Killer - Nique la Police.mp3
[23/05/2009 - 16:48:24 | N | 10219814] R:\ Pink - Sober.mp3
[07/11/2009 - 16:24:54 | N | 5280799] R:\ Psy4 de la Rime - La vengeance aux deux visages.mp3
[09/12/2009 - 20:21:46 | N | 4468446] R:\# ORELSAN - ST VALENTiN_ (L).mp3
[26/10/2009 - 13:46:34 | N | 3687201] R:\(00) JENA- LEE - J'aimerais tellement.mp3
[07/07/2009 - 13:42:28 | N | 3556749] R:\(00)Zina Feat L'Emeute - Parle Moi De Lui.mp3
[18/05/2008 - 10:34:30 | N | 6695602] R:\(12)_Snoop_Dogg_-_Sensual_Seduction.mp3
[04/02/2009 - 17:12:07 | N | 3313536] R:\(BO film) - Amélie Poulain - 11 - La valse d'Amélie (version instrumentale).mp3
[18/12/2008 - 17:56:49 | N | 1403148] R:\(Roi Soleil)Christophe Maé - Sa Danse Donne.mp3
[03/05/2008 - 15:01:46 | N | 4670240] R:\(°_°).wma
[21/10/2010 - 12:26:30 | D ] R:\- Christophe Maé - Comme à la maison (NEW ALBUM 2008) 14 Titres [192kb]
[06/07/2009 - 18:00:32 | N | 4688530] R:\- David Guetta feat Kelly Rowland - When Love Takes Over 2009.mp3
[13/10/2008 - 17:37:51 | N | 137051039] R:\- Kamelancien - Le Charme En Personne 192Kbs (Album Complet By Partageur).zip
[03/09/2008 - 13:46:30 | N | 4113131] R:\- William Balde - Un Rayon de Soleil 2008 BPM 141(10).mp3
[03/09/2009 - 20:42:45 | N | 7981186] R:\01 (a1) Vitalic - Poney Part 1.mp3
[16/03/2009 - 11:17:44 | N | 8487297] R:\01 - SOJA - You Don't Know.mp3
[06/07/2009 - 18:08:00 | N | 5720280] R:\01 Akon - Beautiful.mp3
[16/06/2009 - 10:58:00 | N | 42295638] R:\01 Alpha_Blondy_-_Elohim.zip
[27/01/2009 - 11:20:11 | N | 3242012] R:\01 Because I Got High.wma
[22/12/2008 - 00:43:28 | N | 5318784] R:\01 Brandy - Right Here (Departed).mp3
[07/11/2008 - 08:51:21 | N | 7942272] R:\01 Eric Prydz - Pjanoo (Radio Edit).mp3
[09/12/2009 - 20:38:44 | N | 4337664] R:\01 Kanye West - Love Lockdown.mp3
[16/03/2009 - 11:10:16 | N | 4831672] R:\01 William Balde un rayon de soleil.mp3
[22/03/2008 - 12:59:12 | N | 6856909] R:\01-2pac-untouchable_(swizz_beatz_remix_feat._bone_thugs-n-harmony)_-_www.torrentazos.com.mp3
[30/08/2008 - 13:05:20 | N | 3401967] R:\01-basshunter-now_youre_gone_(radio_edit).mp3
[14/10/2009 - 19:42:40 | N | 7399984] R:\01-benassi bros - illusion (feat sandy sfaction version).mp3
[22/12/2008 - 00:43:28 | N | 5079103] R:\01-Christophe Mae-Mon Ptit Gars.mp3
[06/07/2009 - 18:00:50 | N | 4215588] R:\01-peps-melodie.mp3
[20/06/2009 - 16:37:28 | N | 5269418] R:\01-seth_gueko-le_son_des_capuches.mp3
[23/01/2009 - 08:25:11 | N | 1891] R:\01-va-dr._lektroluv_presents_lektroluv_007.cue
[22/02/2009 - 13:12:46 | N | 6049209] R:\01_mA 6T va craker_The French Connection(Krs One).mp3
[28/10/2008 - 14:56:18 | N | 17394555] R:\01_r.i.o.-when_the_sun_comes_down_(dirty_rush_live_in_rio_mix)-wtw.mp3
[18/11/2009 - 15:58:13 | N | 3336918] R:\02 - Gangstar - Code of the Streets.mp3
[23/05/2009 - 16:44:05 | N | 4556160] R:\02 - Lady Gaga - Love Game.mp3
[22/02/2009 - 13:13:45 | N | 6004818] R:\02 - PASSI - Les flammes du mal.mp3
[02/09/2009 - 12:06:55 | N | 5428922] R:\02 Deep Purple - Smoke On The Water.mp3
[26/04/2008 - 12:24:16 | N | 5942127] R:\02 lea castel - pressee de vivre.mp3
[04/09/2009 - 05:10:04 | N | 8343863] R:\02-poney_part_1-just.mp3
[07/06/2008 - 13:53:12 | N | 6269019] R:\02-sefyu-suis-je_le_gardien_de_mon_frere-seeneey.mp3
[02/09/2009 - 10:45:37 | N | 6999771] R:\025 - Beach Boys - God Only Knows.mp3
[09/12/2009 - 20:32:12 | N | 5158316] R:\02Fonky Family - Sans Remission.mp3
[22/02/2009 - 17:43:36 | N | 5850156] R:\02_mA 6T va craker_Les Flammes Du Mal(Passi).mp3
[14/07/2008 - 19:35:44 | N | 3929808] R:\03 - Zaho - La roue tourne (feat. Tunisiano).mp3
[04/08/2007 - 14:54:42 | N | 4063566] R:\03 On va te douiller.wma
[01/01/2009 - 17:50:59 | N | 7274573] R:\03-bakar-nincite_pas_ft_kery_james.mp3
[15/08/2008 - 10:42:58 | N | 6106666] R:\03-mindless_self_indulgence-straight_to_video-gf.mp3
[16/06/2009 - 10:25:47 | N | 8049771] R:\03. Lily Allen - Not Fair.mp3
[22/02/2009 - 17:33:43 | N | 6017862] R:\03_mA 6T va craker_Pas De Timinik(Tiwony).mp3
[20/09/2008 - 14:23:00 | N | 5925034] R:\04 - jamel mektoub, madame la blanche.mp3
[13/11/2008 - 18:55:43 | N | 3512320] R:\04 - Pussycat Dolls - I Hate This Part.mp3
[21/02/2009 - 21:03:02 | N | 3347259] R:\04 Booba - Boite Voc.mp3
[23/05/2009 - 16:49:39 | N | 5636641] R:\04 Leona Lewis - Better In Time.mp3
[06/06/2008 - 21:03:14 | N | 6478461] R:\04-Chris Brown - With You.mp3
[09/12/2009 - 20:45:56 | N | 5215523] R:\04-kamelancien-trop_bon_trop_con.mp3
[07/07/2008 - 14:32:10 | N | 7879332] R:\04-sefyu-le_journal.mp3
[17/12/2008 - 18:34:30 | N | 15761408] R:\04-sidekick-deep_fear__andrea_roma_remix (0daymusic.org).mp3
[16/03/2009 - 11:03:25 | N | 6241655] R:\04.l'algerino & soprano - etoile d'un jour.mp3
[22/02/2009 - 14:36:20 | N | 5374205] R:\04_mA 6T va craker_La Sediction(2 Bal Niggets;Mystik).mp3
[16/03/2009 - 11:03:26 | N | 3561388] R:\05 anesthesie generale.wma
[06/07/2009 - 17:56:23 | N | 9265803] R:\05 Pink - Please Don't Leave Me.mp3
[21/10/2010 - 12:26:34 | D ] R:\05- rap américain
[18/11/2009 - 16:59:30 | N | 4823040] R:\05- Ugly Duckling - A Little Samba.mp3
[16/03/2009 - 11:03:27 | N | 7287019] R:\05-koxie-ma_meilleure_amie.mp3
[11/02/2009 - 07:16:15 | N | 5137817] R:\05-public_enemy-sex_drugs_and_violence.mp3
[22/02/2009 - 15:25:24 | N | 5628638] R:\05_mA 6T va craker_Savoir Dire Non(K-Reen_Shurik'n).mp3
[06/07/2009 - 17:56:21 | N | 3469440] R:\06 - Britney Spears - If You Seek Amy.mp3
[17/06/2009 - 02:20:58 | N | 5351250] R:\06 - newsflash.mp3
[26/10/2008 - 10:50:06 | N | 7908328] R:\06 - SOJA - Freedom Time.mp3
[09/12/2009 - 20:35:20 | N | 6448819] R:\06 Busta Flex - on cherche le genr-ar.mp3
[31/12/2008 - 12:43:19 | N | 4684054] R:\06 Zaho - Dima - Kif'n'dir.mp3
[01/07/2008 - 12:08:28 | N | 5860480] R:\06-alibi_montana_feat_diams-loin_des_yeux_loin_du_coeur.mp3
[11/07/2008 - 14:26:34 | N | 8229742] R:\06-kamelancien-quand_ils_vont_partir_feat_zaho (1).mp3
[10/07/2008 - 12:59:32 | N | 8229742] R:\06-kamelancien-quand_ils_vont_partir_feat_zaho.mp3
[22/02/2009 - 12:29:15 | N | 5453679] R:\06-nessbeal-on_aime_ca.mp3
[20/09/2008 - 15:11:18 | N | 5501887] R:\06-sefyu-plus-seeneey.mp3
[22/02/2009 - 15:05:29 | N | 5794777] R:\06_mA 6T
[03/09/2009 - 20:47:10 | N | 9378760] R:\Vitalic - No Fun (DJ-Arno Elektro Clash Mix).mp3
[03/09/2009 - 23:43:51 | N | 83821122] R:\Vitalic - Ok Cowboy (Advanced 2005).rar
[03/09/2009 - 20:41:31 | N | 8511448] R:\Vitalic - Poney Part 2.mp3
[03/09/2009 - 21:15:12 | N | 80225989] R:\Vitalic - V Live [2007].rar
[03/09/2009 - 20:41:21 | N | 6873297] R:\Vitalic - You are my high.mp3
[03/09/2009 - 20:40:42 | N | 11070234] R:\Vitalic - Your Disco Song (Extended).mp3
[03/09/2009 - 21:31:04 | N | 8582836] R:\Vitalic - Your Disco Song.mp3
[03/09/2009 - 20:51:05 | N | 5265785] R:\vitalic-my_friend_dario.mp3
[16/03/2009 - 11:17:19 | N | 21579776] R:\Wally Lopez ft. Hadley & Dani-Vi - Burning Inside (Albert Neve Strings Remix).mp3
[28/10/2008 - 14:48:59 | N | 15380480] R:\Wally Lopez, Rene Amesz & Peter Gelderblom - Strike Me Down (Dj Pedro & Stephan M Remix) [www.worldofhouse.es].mp3
[06/09/2008 - 23:16:26 | N | 4062111] R:\Waren G-Looking at me.mp3
[24/07/2008 - 12:11:32 | N | 3688749] R:\Will Smith - Gettin Jiggy With It.mp3
[22/02/2009 - 12:23:29 | N | 3323904] R:\Will Smith, Dr Dre & Snoop Dogg - Still In Black (Feat Eminem).mp3
[17/11/2009 - 09:05:41 | N | 510826335] R:\Within Temptation - Discographie (7 Albums incl. Silent Force).rar
[16/03/2009 - 11:09:47 | N | 5337269] R:\Wwe - Kane Theme.mp3
[04/02/2009 - 17:03:28 | N | 3182473] R:\Yann Tiersen - BO - Le fabuleux destin d'Amelie Poulain - - la valse d'amelie (piano).mp3
[17/06/2009 - 12:58:34 | N | 5704143] R:\Yodelice - Sunday With A Flu.mp3
[09/01/2009 - 17:56:51 | N | 4447822] R:\Young Jeezy Ft. Jim Jones && Juelz.mp3
[25/12/2008 - 19:52:34 | N | 6059989] R:\Zaho - C'est chelou.mp3
[07/11/2009 - 16:09:00 | N | 4136950] R:\Zaho - Je te promet.mp3
[06/07/2009 - 17:56:41 | N | 4136950] R:\zaho-14-je te promets.mp3
[16/03/2009 - 11:17:30 | N | 2693477] R:\[0] Pascale Picard - Gate 22.mp3
[06/07/2009 - 18:07:46 | N | 9778966] R:\[0] Pitbull - I Know You Want Me Calle Ocho.mp3
[29/12/2008 - 18:16:13 | N | 3934288] R:\[0] Zaho - La Roue Tourne.mp3
[17/12/2008 - 12:01:28 | N | 96260930] R:\[Album] Boys Noize - Oi Oi Oi 2007 Boys Noize Records.rar
[15/10/2009 - 03:34:21 | N | 89488450] R:\[Complette CD - Full Album] Benny Benassi - Hypnotica.zip
[07/03/2007 - 20:32:12 | N | 2310552] R:\[Divers]%20Basshunter%20-%20Bot%20Anna[1].mp3
[14/10/2009 - 19:42:00 | N | 8816410] R:\[HOUSE] Benassi Bros ft. Violeta - Rumenian (Benny Benassy Remix).mp3
[28/10/2008 - 15:02:39 | N | 58570709] R:\[Mp3] (Serate live) Gianni Parrini & Riki Leroy - Voice Principe Maurice - Live @ Torquemada Club (FI) - Inverno 1994-95.mp3
################## | Vaccine |
C:\Autorun.inf -> Folder created by UsbFix (El Desaparecido & C_XX)
D:\Autorun.inf -> Folder created by UsbFix (El Desaparecido & C_XX)
E:\Autorun.inf -> Folder created by UsbFix (El Desaparecido & C_XX)
F:\Autorun.inf -> Folder created by UsbFix (El Desaparecido & C_XX)
G:\Autorun.inf -> Folder created by UsbFix (El Desaparecido & C_XX)
J:\Autorun.inf -> Folder created by UsbFix (El Desaparecido & C_XX)
R:\Autorun.inf -> Folder created by UsbFix (El Desaparecido & C_XX)
################## | Upload |
Please send the file: D:\UsbFix_Upload_Me_PC.zip
http://www.teamxscript.org/Sample/Upload.php
Thank you for your contribution.
################## | E.O.F |
[03/09/2009 - 23:43:51 | N | 83821122] R:\Vitalic - Ok Cowboy (Advanced 2005).rar
[03/09/2009 - 20:41:31 | N | 8511448] R:\Vitalic - Poney Part 2.mp3
[03/09/2009 - 21:15:12 | N | 80225989] R:\Vitalic - V Live [2007].rar
[03/09/2009 - 20:41:21 | N | 6873297] R:\Vitalic - You are my high.mp3
[03/09/2009 - 20:40:42 | N | 11070234] R:\Vitalic - Your Disco Song (Extended).mp3
[03/09/2009 - 21:31:04 | N | 8582836] R:\Vitalic - Your Disco Song.mp3
[03/09/2009 - 20:51:05 | N | 5265785] R:\vitalic-my_friend_dario.mp3
[16/03/2009 - 11:17:19 | N | 21579776] R:\Wally Lopez ft. Hadley & Dani-Vi - Burning Inside (Albert Neve Strings Remix).mp3
[28/10/2008 - 14:48:59 | N | 15380480] R:\Wally Lopez, Rene Amesz & Peter Gelderblom - Strike Me Down (Dj Pedro & Stephan M Remix) [www.worldofhouse.es].mp3
[06/09/2008 - 23:16:26 | N | 4062111] R:\Waren G-Looking at me.mp3
[24/07/2008 - 12:11:32 | N | 3688749] R:\Will Smith - Gettin Jiggy With It.mp3
[22/02/2009 - 12:23:29 | N | 3323904] R:\Will Smith, Dr Dre & Snoop Dogg - Still In Black (Feat Eminem).mp3
[17/11/2009 - 09:05:41 | N | 510826335] R:\Within Temptation - Discographie (7 Albums incl. Silent Force).rar
[16/03/2009 - 11:09:47 | N | 5337269] R:\Wwe - Kane Theme.mp3
[04/02/2009 - 17:03:28 | N | 3182473] R:\Yann Tiersen - BO - Le fabuleux destin d'Amelie Poulain - - la valse d'amelie (piano).mp3
[17/06/2009 - 12:58:34 | N | 5704143] R:\Yodelice - Sunday With A Flu.mp3
[09/01/2009 - 17:56:51 | N | 4447822] R:\Young Jeezy Ft. Jim Jones && Juelz.mp3
[25/12/2008 - 19:52:34 | N | 6059989] R:\Zaho - C'est chelou.mp3
[07/11/2009 - 16:09:00 | N | 4136950] R:\Zaho - Je te promet.mp3
[06/07/2009 - 17:56:41 | N | 4136950] R:\zaho-14-je te promets.mp3
[16/03/2009 - 11:17:30 | N | 2693477] R:\[0] Pascale Picard - Gate 22.mp3
[06/07/2009 - 18:07:46 | N | 9778966] R:\[0] Pitbull - I Know You Want Me Calle Ocho.mp3
[29/12/2008 - 18:16:13 | N | 3934288] R:\[0] Zaho - La Roue Tourne.mp3
[17/12/2008 - 12:01:28 | N | 96260930] R:\[Album] Boys Noize - Oi Oi Oi 2007 Boys Noize Records.rar
[15/10/2009 - 03:34:21 | N | 89488450] R:\[Complette CD - Full Album] Benny Benassi - Hypnotica.zip
[07/03/2007 - 20:32:12 | N | 2310552] R:\[Divers]%20Basshunter%20-%20Bot%20Anna[1].mp3
[14/10/2009 - 19:42:00 | N | 8816410] R:\[HOUSE] Benassi Bros ft. Violeta - Rumenian (Benny Benassy Remix).mp3
[28/10/2008 - 15:02:39 | N | 58570709] R:\[Mp3] (Serate live) Gianni Parrini & Riki Leroy - Voice Principe Maurice - Live @ Torquemada Club (FI) - Inverno 1994-95.mp3
################## | Vaccine |
C:\Autorun.inf -> Folder created by UsbFix (El Desaparecido & C_XX)
D:\Autorun.inf -> Folder created by UsbFix (El Desaparecido & C_XX)
E:\Autorun.inf -> Folder created by UsbFix (El Desaparecido & C_XX)
F:\Autorun.inf -> Folder created by UsbFix (El Desaparecido & C_XX)
G:\Autorun.inf -> Folder created by UsbFix (El Desaparecido & C_XX)
J:\Autorun.inf -> Folder created by UsbFix (El Desaparecido & C_XX)
R:\Autorun.inf -> Folder created by UsbFix (El Desaparecido & C_XX)
################## | Upload |
Please send the file: D:\UsbFix_Upload_Me_PC.zip
http://www.teamxscript.org/Sample/Upload.php
Thank you for your contribution.
################## | E.O.F |
After selecting to delete everything, I have this report:
Infected memory process(es):
D:\WINDOWS\system\comrepl.exe (Trojan.Agent) -> Unloaded process successfully.
Infected memory module(s):
(No harmful items detected)
Infected registry key(s):
(No harmful items detected)
Infected registry value(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\mstsc (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\cisvc (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\comrepl (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\load (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\dllhst (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\ieudinit (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\logman (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\rsvp (Trojan.Agent) -> Quarantined and deleted successfully.
Infected registry data item(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\Load (Trojan.Agent) -> Data: d:\windows\system\cisvc.exe -> Quarantined and deleted successfully.
Infected folder(s):
(No harmful items detected)
Infected file(s):
D:\Documents and Settings\Administrateur\Application Data\esentutl.exe (Trojan.Agent) -> Quarantined and deleted successfully.
D:\Documents and Settings\Administrateur\Application Data\ieudinit.exe (Trojan.Agent) -> Quarantined and deleted successfully.
D:\Documents and Settings\Administrateur\Application Data\logman.exe (Trojan.Agent) -> Quarantined and deleted successfully.
D:\WINDOWS\system32\drivers\cisvc.exe (Trojan.Agent) -> Quarantined and deleted successfully.
D:\WINDOWS\system32\drivers\logman.exe (Trojan.Agent) -> Quarantined and deleted successfully.
D:\WINDOWS\mstsc.exe (Trojan.Agent) -> Quarantined and deleted successfully.
D:\WINDOWS\system\cisvc.exe (Trojan.Agent) -> Quarantined and deleted successfully.
D:\WINDOWS\system\comrepl.exe (Trojan.Agent) -> Quarantined and deleted successfully.
D:\WINDOWS\system\dllhst3g.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\rsvp.exe (Trojan.Agent) -> Quarantined and deleted successfully.
Infected memory process(es):
D:\WINDOWS\system\comrepl.exe (Trojan.Agent) -> Unloaded process successfully.
Infected memory module(s):
(No harmful items detected)
Infected registry key(s):
(No harmful items detected)
Infected registry value(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\mstsc (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\cisvc (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\comrepl (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\load (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\dllhst (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\ieudinit (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\logman (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\rsvp (Trojan.Agent) -> Quarantined and deleted successfully.
Infected registry data item(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\Load (Trojan.Agent) -> Data: d:\windows\system\cisvc.exe -> Quarantined and deleted successfully.
Infected folder(s):
(No harmful items detected)
Infected file(s):
D:\Documents and Settings\Administrateur\Application Data\esentutl.exe (Trojan.Agent) -> Quarantined and deleted successfully.
D:\Documents and Settings\Administrateur\Application Data\ieudinit.exe (Trojan.Agent) -> Quarantined and deleted successfully.
D:\Documents and Settings\Administrateur\Application Data\logman.exe (Trojan.Agent) -> Quarantined and deleted successfully.
D:\WINDOWS\system32\drivers\cisvc.exe (Trojan.Agent) -> Quarantined and deleted successfully.
D:\WINDOWS\system32\drivers\logman.exe (Trojan.Agent) -> Quarantined and deleted successfully.
D:\WINDOWS\mstsc.exe (Trojan.Agent) -> Quarantined and deleted successfully.
D:\WINDOWS\system\cisvc.exe (Trojan.Agent) -> Quarantined and deleted successfully.
D:\WINDOWS\system\comrepl.exe (Trojan.Agent) -> Quarantined and deleted successfully.
D:\WINDOWS\system\dllhst3g.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\rsvp.exe (Trojan.Agent) -> Quarantined and deleted successfully.
Download UsbFix (by C_XX & El Desaparecido) to the Desktop
http://www.teamxscript.org/usbfixTelechargement.html
! ! Connect all your removable devices (USB keys, external HDDs, etc...) without opening them !! * launch UsbFix
- On XP double-click the icon to launch the tool.
- On Vista/Seven right-click the icon and select "Run as administrator" from the context menu.
* Click on the "Search" button
* Wait for the scan to complete, which may take several minutes
* The report should open automatically at the end of the scan
* Copy/paste the report into the next message
The report is saved at the root of drive C:\Usbfix.txt
"Process.exe" is detected by some antivirus programs as a RiskTool. It is not a virus, but a utility designed to terminate processes. It's best to temporarily disable your antivirus
--
....."security contributor".....o°ô"
http://www.teamxscript.org/usbfixTelechargement.html
! ! Connect all your removable devices (USB keys, external HDDs, etc...) without opening them !! * launch UsbFix
- On XP double-click the icon to launch the tool.
- On Vista/Seven right-click the icon and select "Run as administrator" from the context menu.
* Click on the "Search" button
* Wait for the scan to complete, which may take several minutes
* The report should open automatically at the end of the scan
* Copy/paste the report into the next message
The report is saved at the root of drive C:\Usbfix.txt
"Process.exe" is detected by some antivirus programs as a RiskTool. It is not a virus, but a utility designed to terminate processes. It's best to temporarily disable your antivirus
--
....."security contributor".....o°ô"
I would like to thank you for your help and for taking some time to assist me in solving my problems. Here is the UsbFix report:
############################## | UsbFix 7.035 | [Search]
User: Administrator (Administrator) # PC [ ]
Updated on 11/11/10 by El Desaparecido / C_XX
Launched at 15:35:09 | 13/11/2010
Website: http://www.teamxscript.org
Contact: eldesaparecido@teamxscript.org
CPU: AMD Athlon(tm) 64 Processor 3500+
Microsoft Windows XP Professional (5.1.2600 32-Bit) # Service Pack 2
Internet Explorer 8.0.6001.18702
Windows Firewall: Enabled
Antivirus: AntiVir Desktop 10.0.1.52 [(!) Disabled | Updated]
RAM -> 1022 MB
C:\ -> Fixed disk # 37 Go (25 Go free - 68%) [Video games] # NTFS
D:\ (%systemdrive%) -> Fixed disk # 49 Go (3 Go free - 5%) [] # NTFS
E:\ -> Fixed disk # 49 Go (18 Go free - 37%) [DS games] # NTFS
F:\ -> Fixed disk # 49 Go (6 Go free - 13%) [Download] # NTFS
G:\ -> Removable disk # 28 Go (20 Go free - 71%) [IPOD (PORTA] # FAT32
H:\ -> CD-ROM
J:\ -> Removable disk # 15 Go (11 Go free - 73%) [RAPH0U'S] # FAT32
R:\ -> Fixed disk # 43 Go (19 Go free - 44%) [music] # NTFS
################## | Infectious items |
################## | Registry |
Present! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System|DisableRegistryTools
Present! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\explorer|NoDrives
Present! HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\explorer|NoDrives
################## | Mountpoints2 |
################## | Vaccine |
(!) This computer is not vaccinated!
################## | E.O.F |
############################## | UsbFix 7.035 | [Search]
User: Administrator (Administrator) # PC [ ]
Updated on 11/11/10 by El Desaparecido / C_XX
Launched at 15:35:09 | 13/11/2010
Website: http://www.teamxscript.org
Contact: eldesaparecido@teamxscript.org
CPU: AMD Athlon(tm) 64 Processor 3500+
Microsoft Windows XP Professional (5.1.2600 32-Bit) # Service Pack 2
Internet Explorer 8.0.6001.18702
Windows Firewall: Enabled
Antivirus: AntiVir Desktop 10.0.1.52 [(!) Disabled | Updated]
RAM -> 1022 MB
C:\ -> Fixed disk # 37 Go (25 Go free - 68%) [Video games] # NTFS
D:\ (%systemdrive%) -> Fixed disk # 49 Go (3 Go free - 5%) [] # NTFS
E:\ -> Fixed disk # 49 Go (18 Go free - 37%) [DS games] # NTFS
F:\ -> Fixed disk # 49 Go (6 Go free - 13%) [Download] # NTFS
G:\ -> Removable disk # 28 Go (20 Go free - 71%) [IPOD (PORTA] # FAT32
H:\ -> CD-ROM
J:\ -> Removable disk # 15 Go (11 Go free - 73%) [RAPH0U'S] # FAT32
R:\ -> Fixed disk # 43 Go (19 Go free - 44%) [music] # NTFS
################## | Infectious items |
################## | Registry |
Present! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System|DisableRegistryTools
Present! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\explorer|NoDrives
Present! HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\explorer|NoDrives
################## | Mountpoints2 |
################## | Vaccine |
(!) This computer is not vaccinated!
################## | E.O.F |
> Close all your browsers (so copy or print the instructions beforehand)
- Create a new text document: right-click on the desktop > New > Text Document,
Save this file on your Desktop (and nowhere else!) under the name CFScript.txt
and copy/paste the following lines into it:
KillAll::
Rootkit::
npggsvc
(Click on the CFScript file, hold down your finger, and drag the mouse so that the CFScript icon covers the Combofix icon. Release the mouse.)
http://img.photobucket.com/albums/v666/sUBs/CFScript.gif
Combofix will start.
- A blue window will appear: in the message that appears ( Type 1 to continue, or 2 to abort), type 1 and then press Enter.
- Wait for the scan to finish. The desktop will disappear several times: this is normal!
- Do not touch anything until the scan is complete, or the PC may crash!
- Once the scan is finished, a report will display: post its contents.
Note: If the file does not open, it is located here > C:\ComboFix.txt
....."security contributor".....o°ô"
- Create a new text document: right-click on the desktop > New > Text Document,
Save this file on your Desktop (and nowhere else!) under the name CFScript.txt
and copy/paste the following lines into it:
KillAll::
Rootkit::
npggsvc
(Click on the CFScript file, hold down your finger, and drag the mouse so that the CFScript icon covers the Combofix icon. Release the mouse.)
http://img.photobucket.com/albums/v666/sUBs/CFScript.gif
Combofix will start.
- A blue window will appear: in the message that appears ( Type 1 to continue, or 2 to abort), type 1 and then press Enter.
- Wait for the scan to finish. The desktop will disappear several times: this is normal!
- Do not touch anything until the scan is complete, or the PC may crash!
- Once the scan is finished, a report will display: post its contents.
Note: If the file does not open, it is located here > C:\ComboFix.txt
....."security contributor".....o°ô"