Trop dur pour nous

brm -  
 broumstick -
Bonjour,

Histoire de bien finir l année, nous nous sommes vu méchamment infectés.
Premiers signes: un explorateur net qui vous redirige à loisir + malwarebytes, spybot, ad aware inopérants (impossibles à lancer)
Après bien des efforts, un passage sous f-prot et elistarA a permis de récupérer les fonctionnalités de malwarebytes et spy bot. ad aware se mets aussi à jour. néanmoins, après désinfection, le pc est extrêmement lent. d'après nos recherches, il semblerait que nous étions infectés par "fakealert" qui se manifeste sous des entrées "tdss".
Tous les fichiers tdss on été éliminés manuellement du système, mais après une ballade dans les clefs de registres, il reste des entrées.

aujourd'hui malwarebyte, spybot, elistarA, f-prot ,avast, bit defender scan online ne trouvent rien (le tout MAJ). seul ad-aware trouve "fakealert" sans pouvoir l éliminer.

Aidez moi, obiwan kenobi, vous êtes notre seul espoir^^
Merci à ceux qui se pencheront sur notre problème, et bonnes fêtes a tous
Configuration: Windows XP
Firefox 2.0.0.20

93 réponses

  • 1
  • 2
  • 3
  • 4
  • 5
Résumé de la discussion

Infection complexe sous Windows XP mêlant FakeAlert et traces TDSS, qui persiste après des tentatives de désinfection et se manifeste par un ordinateur lent malgré les antivirus et outils de sécurité.
Plusieurs pages de réponses décrivent une panoplie d’outils (Malwarebytes, Spybot, Ad-Aware) qui se révèlent limités après mise à jour, et la détection reste ponctuelle pour FakeAlert lié à TDSS.
Des pistes pratiques évoquent FindyKill pour la suppression, la désinstallation d’antivirus conflictuels comme Avast, l’usage d’Antivir et le mode sans échec pour les scans, puis l’éradication des éléments résiduels dans le registre.
En 02/01/2009, un rapport de diagnostic indiquait un fichier TDSSserv.sys et des vérifications complètes du registre sans entrées détectées, ajoutant une nuance sur l’évolution du problème.

Généré automatiquement par IA
sur la base des meilleures réponses
  1. V-X
     
    Salut,

    Ok jeune padawan....

    ▶ Télécharge hijackthis

    ▶ Enregistre la cible sous .... "le bureau"

    ▶ Fais un double-clic sur "HJTInstall.exe" afin de lancer l'installation

    ▶ Clique sur Install ensuite sur "I Accept"

    ▶ Clique sur" Do a scan system and save log file"

    ▶ Le bloc-notes s'ouvrira, fais un copier-coller de tout son contenu ici dans ta prochaine réponse

    ▶ Tuto hijackthis(Merci à Balltrap34)

    Si un rapport ne passe pas faire une alerte à la conciergerie avec le /!\ jaune.
    0
  2. brm
     
    Merci pour cette réponse aussi rapide :)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 14:24:56, on 31/12/2008
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Archivos de programa\Alwil Software\Avast4\aswUpdSv.exe
    C:\Archivos de programa\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\ARCHIV~1\ALWILS~1\Avast4\ashDisp.exe
    C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\Archivos de programa\Google\Google Desktop Search\GoogleDesktop.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Archivos de programa\Messenger\msmsgs.exe
    C:\Archivos de programa\Logitech\SetPoint\SetPoint.exe
    C:\Archivos de programa\Archivos comunes\Logitech\KhalShared\KHALMNPR.EXE
    C:\Archivos de programa\Google\Google Desktop Search\GoogleDesktop.exe
    C:\Archivos de programa\Archivos comunes\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Archivos de programa\Bonjour\mDNSResponder.exe
    C:\Archivos de programa\FRISK Software\F-PROT Antivirus for Windows\FPAVServer.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\PnkBstrA.exe
    C:\Archivos de programa\Analog Devices\SoundMAX\SMAgent.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Archivos de programa\Alwil Software\Avast4\ashMaiSv.exe
    C:\Archivos de programa\Alwil Software\Avast4\ashWebSv.exe
    C:\Archivos de programa\Mozilla Firefox\firefox.exe
    C:\Archivos de programa\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.es
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Vínculos
    O2 - BHO: (no name) - {568DF331-063E-46AF-BA3D-FEE69B4399A3} - (no file)
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Archivos de programa\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Archivos de programa\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Archivos de programa\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O4 - HKLM\..\Run: [avast!] C:\ARCHIV~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
    O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
    O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
    O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
    O4 - HKLM\..\Run: [EPSON Stylus DX3800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE /P26 "EPSON Stylus DX3800 Series" /O6 "USB002" /M "Stylus DX3800"
    O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [Google Desktop Search] "C:\Archivos de programa\Google\Google Desktop Search\GoogleDesktop.exe" /startup
    O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MSMSGS] "C:\Archivos de programa\Messenger\msmsgs.exe" /background
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICIO LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Servicio de red')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Archivos de programa\Archivos comunes\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: Logitech SetPoint.lnk = C:\Archivos de programa\Logitech\SetPoint\SetPoint.exe
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\ARCHIV~1\MICROS~2\Office12\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Archivos de programa\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Consola de Sun Java - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Archivos de programa\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARCHIV~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Archivos de programa\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Archivos de programa\Messenger\msmsgs.exe
    O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Archivos de programa\Yahoo!\Common\Yinsthelper.dll
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.es/scan_es/scan8/oscan8.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{4CF633FC-A68E-481D-BEFF-4830010AD862}: NameServer = 62.14.63.145,62.14.2.1
    O17 - HKLM\System\CS1\Services\Tcpip\..\{4CF633FC-A68E-481D-BEFF-4830010AD862}: NameServer = 62.14.63.145,62.14.2.1
    O17 - HKLM\System\CS3\Services\Tcpip\..\{4CF633FC-A68E-481D-BEFF-4830010AD862}: NameServer = 62.14.63.145,62.14.2.1
    O20 - AppInit_DLLs: C:\ARCHIV~1\Google\GOOGLE~1\GOEC62~1.DLL wgpfaf.dll
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Archivos de programa\Archivos comunes\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Archivos de programa\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Archivos de programa\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Archivos de programa\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Archivos de programa\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: Servicio Bonjour (Bonjour Service) - Apple Inc. - C:\Archivos de programa\Bonjour\mDNSResponder.exe
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Archivos de programa\Archivos comunes\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: F-PROT Antivirus for Windows system (FPAVServer) - FRISK Software International - C:\Archivos de programa\FRISK Software\F-PROT Antivirus for Windows\FPAVServer.exe
    O23 - Service: Administrador de Google Desktop 5.7.802.22438 (GoogleDesktopManager-022208-143751) - Google - C:\Archivos de programa\Google\Google Desktop Search\GoogleDesktop.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Archivos de programa\Archivos comunes\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Servicio del iPod (iPod Service) - Apple Inc. - C:\Archivos de programa\iPod\bin\iPodService.exe
    O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Archivos de programa\ma-config.com\maconfservice.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
    O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Archivos de programa\Analog Devices\SoundMAX\SMAgent.exe
    O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
    0
  3. V-X
     
    Re,

    ▶ Télécharge random's system information tool (RSIT) et enregistre le sur ton bureau.

    ▶ Double clique sur RSIT.exe pour lancer l'outil.

    ▶ Clique sur ' continue ' à l'écran Disclaimer.

    Si l'outil HIjackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera et tu devras accepter la licence.

    ▶ Une fois le scan fini , 2 rapports vont apparaitre. Poste le contenu des 2 rapports
    ( log.txt & info.txt )

    (CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )

    Si un rapport ne passe pas faire une alerte à la conciergerie avec le /!\ jaune.

    +

    Télécharge Rooter de l'équipe IDN

    Sur ton bureau

    /!\ Déconnecte toi d'internet et ferme toutes applications en cours /!\

    ▶ Exécute Rooter et laisse travailler l'outil .

    ▶ Une fois terminé, poste le rapport obtenu pour analyse

    Si un rapport ne passe pas faire une alerte à la conciergerie avec le /!\ jaune.
    0
  4. brm
     
    log.txt:

    Logfile of random's system information tool 1.05 (written by random/random)
    Run by principal at 2008-12-31 14:33:17
    Microsoft Windows XP Professional Service Pack 3
    System drive C: has 78 GB (40%) free of 194 GB
    Total RAM: 2047 MB (73% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 14:33:32, on 31/12/2008
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Archivos de programa\Alwil Software\Avast4\aswUpdSv.exe
    C:\Archivos de programa\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\ARCHIV~1\ALWILS~1\Avast4\ashDisp.exe
    C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\Archivos de programa\Google\Google Desktop Search\GoogleDesktop.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Archivos de programa\Messenger\msmsgs.exe
    C:\Archivos de programa\Logitech\SetPoint\SetPoint.exe
    C:\Archivos de programa\Archivos comunes\Logitech\KhalShared\KHALMNPR.EXE
    C:\Archivos de programa\Google\Google Desktop Search\GoogleDesktop.exe
    C:\Archivos de programa\Archivos comunes\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Archivos de programa\Bonjour\mDNSResponder.exe
    C:\Archivos de programa\FRISK Software\F-PROT Antivirus for Windows\FPAVServer.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\PnkBstrA.exe
    C:\Archivos de programa\Analog Devices\SoundMAX\SMAgent.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Archivos de programa\Alwil Software\Avast4\ashMaiSv.exe
    C:\Archivos de programa\Alwil Software\Avast4\ashWebSv.exe
    C:\Archivos de programa\Mozilla Firefox\firefox.exe
    C:\Documents and Settings\principal\Escritorio\Tampon\RSIT.exe
    C:\Archivos de programa\Trend Micro\HijackThis\principal.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.es
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Vínculos
    O2 - BHO: (no name) - {568DF331-063E-46AF-BA3D-FEE69B4399A3} - (no file)
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Archivos de programa\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Archivos de programa\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Archivos de programa\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O4 - HKLM\..\Run: [avast!] C:\ARCHIV~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
    O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
    O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
    O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
    O4 - HKLM\..\Run: [EPSON Stylus DX3800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE /P26 "EPSON Stylus DX3800 Series" /O6 "USB002" /M "Stylus DX3800"
    O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [Google Desktop Search] "C:\Archivos de programa\Google\Google Desktop Search\GoogleDesktop.exe" /startup
    O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MSMSGS] "C:\Archivos de programa\Messenger\msmsgs.exe" /background
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICIO LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Servicio de red')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Archivos de programa\Archivos comunes\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: Logitech SetPoint.lnk = C:\Archivos de programa\Logitech\SetPoint\SetPoint.exe
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\ARCHIV~1\MICROS~2\Office12\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Archivos de programa\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Consola de Sun Java - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Archivos de programa\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARCHIV~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Archivos de programa\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Archivos de programa\Messenger\msmsgs.exe
    O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Archivos de programa\Yahoo!\Common\Yinsthelper.dll
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.es/scan_es/scan8/oscan8.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{4CF633FC-A68E-481D-BEFF-4830010AD862}: NameServer = 62.14.63.145,62.14.2.1
    O17 - HKLM\System\CS1\Services\Tcpip\..\{4CF633FC-A68E-481D-BEFF-4830010AD862}: NameServer = 62.14.63.145,62.14.2.1
    O17 - HKLM\System\CS3\Services\Tcpip\..\{4CF633FC-A68E-481D-BEFF-4830010AD862}: NameServer = 62.14.63.145,62.14.2.1
    O20 - AppInit_DLLs: C:\ARCHIV~1\Google\GOOGLE~1\GOEC62~1.DLL wgpfaf.dll
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Archivos de programa\Archivos comunes\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Archivos de programa\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Archivos de programa\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Archivos de programa\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Archivos de programa\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: Servicio Bonjour (Bonjour Service) - Apple Inc. - C:\Archivos de programa\Bonjour\mDNSResponder.exe
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Archivos de programa\Archivos comunes\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: F-PROT Antivirus for Windows system (FPAVServer) - FRISK Software International - C:\Archivos de programa\FRISK Software\F-PROT Antivirus for Windows\FPAVServer.exe
    O23 - Service: Administrador de Google Desktop 5.7.802.22438 (GoogleDesktopManager-022208-143751) - Google - C:\Archivos de programa\Google\Google Desktop Search\GoogleDesktop.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Archivos de programa\Archivos comunes\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Servicio del iPod (iPod Service) - Apple Inc. - C:\Archivos de programa\iPod\bin\iPodService.exe
    O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Archivos de programa\ma-config.com\maconfservice.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
    O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Archivos de programa\Analog Devices\SoundMAX\SMAgent.exe
    O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. brm
     
    info.txt:

    info.txt logfile of random's system information tool 1.05 2008-12-31 14:33:34

    ======Uninstall list======

    {ARPD} Coop Realism Mod Version 5.2-->C:\Archivos de programa\Sierra\SWAT 4\{ARPD}v5\Uninstall {ARPD}v5.exe
    -->C:\Archivos de programa\Nero\Nero 7\nero\uninstall\UNNERO.exe /UNINSTALL
    -->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
    -->C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
    -->C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
    -->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
    -->C:\WINDOWS\UNRecode.exe /UNINSTALL
    -->MsiExec /X{EFC1B35C-FFF2-41D8-A70A-CE6037F8040B}
    -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
    11-99 Enhancement Mod v1.1-->C:\Archivos de programa\Sierra\SWAT 4\11-99 Enhancement Mod v1.1\Uninstal.exe
    11-99 Enhancement Mod-->C:\Archivos de programa\Sierra\SWAT 4\11-99 Enhancement Mod\Uninstal.exe
    3DVIA Player 4.1-->MsiExec.exe /X{4E868D3D-6EEB-4273-926C-2287236B5B79}
    Actualización de seguridad para el Reproductor de Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
    Actualización de seguridad para el Reproductor de Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
    Actualización de seguridad para el Reproductor de Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
    Actualización de seguridad para Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
    Actualización de seguridad para Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
    Actualización de seguridad para Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
    Actualización de seguridad para Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
    Actualización de seguridad para Windows XP (KB950759)-->"C:\WINDOWS\$NtUninstallKB950759$\spuninst\spuninst.exe"
    Actualización de seguridad para Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
    Actualización de seguridad para Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
    Actualización de seguridad para Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
    Actualización de seguridad para Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
    Actualización de seguridad para Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
    Actualización de seguridad para Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
    Actualización de seguridad para Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
    Actualización de seguridad para Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
    Actualización de seguridad para Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
    Actualización de seguridad para Windows XP (KB953838)-->"C:\WINDOWS\$NtUninstallKB953838$\spuninst\spuninst.exe"
    Actualización de seguridad para Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
    Actualización de seguridad para Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
    Actualización de seguridad para Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
    Actualización de seguridad para Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
    Actualización de seguridad para Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
    Actualización de seguridad para Windows XP (KB956390)-->"C:\WINDOWS\$NtUninstallKB956390$\spuninst\spuninst.exe"
    Actualización de seguridad para Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
    Actualización de seguridad para Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
    Actualización de seguridad para Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
    Actualización de seguridad para Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
    Actualización de seguridad para Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
    Actualización de seguridad para Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
    Actualización de seguridad para Windows XP (KB958215)-->"C:\WINDOWS\$NtUninstallKB958215$\spuninst\spuninst.exe"
    Actualización de seguridad para Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
    Actualización de seguridad para Windows XP (KB960714)-->"C:\WINDOWS\$NtUninstallKB960714$\spuninst\spuninst.exe"
    Actualización para Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
    Actualización para Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
    Actualización para Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
    Ad-Aware-->MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
    Adobe Anchor Service CS3-->MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95}
    Adobe Asset Services CS3-->MsiExec.exe /I{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}
    Adobe Bridge CS3-->MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394}
    Adobe Bridge Start Meeting-->MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23}
    Adobe Camera Raw 4.0-->MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}
    Adobe CMaps-->MsiExec.exe /I{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}
    Adobe Color - Photoshop Specific-->MsiExec.exe /I{A2D81E70-2A98-4A08-A628-94388B063C5E}
    Adobe Color Common Settings-->MsiExec.exe /I{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}
    Adobe Color EU Recommended Settings-->MsiExec.exe /I{73B5D990-04EA-4751-B10F-5534770B91F2}
    Adobe Color JA Extra Settings-->MsiExec.exe /I{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}
    Adobe Color NA Extra Settings-->MsiExec.exe /I{FF29A7E2-FF40-4D07-B7E4-2093DE59E10A}
    Adobe Default Language CS3-->MsiExec.exe /I{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}
    Adobe Device Central CS3-->MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}
    Adobe ExtendScript Toolkit 2-->MsiExec.exe /I{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}
    Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
    Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
    Adobe Fonts All-->MsiExec.exe /I{6ABE0BEE-D572-4FE8-B434-9E72A289431B}
    Adobe Help Viewer CS3-->MsiExec.exe /I{04AF207D-9A77-465A-8B76-991F6AB66245}
    Adobe Linguistics CS3-->MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078}
    Adobe PDF Library Files-->MsiExec.exe /I{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}
    Adobe Photoshop CS-->RunDll32 C:\ARCHIV~1\ARCHIV~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Archivos de programa\InstallShield Installation Information\{EFB21DE7-8C19-4A88-BB28-A766E16493BC}\setup.exe" -l0xa
    Adobe Photoshop CS3-->C:\Archivos de programa\Archivos comunes\Adobe\Installers\53a35a181eeb50486a0e091bd67ae62\Setup.exe
    Adobe Photoshop CS3-->MsiExec.exe /I{FB124956-B0E3-4D78-AB94-6E53430004B7}
    Adobe Reader 8.1.2 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81200000003}
    Adobe Setup-->MsiExec.exe /I{ACD238D4-5E74-42E1-8B11-A477BCE70D2F}
    Adobe Shockwave Player 11-->C:\WINDOWS\system32\adobe\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Adobe\SHOCKW~1\Install.log
    Adobe Stock Photos CS3-->MsiExec.exe /I{29E5EA97-5F74-4A57-B8B2-D4F169117183}
    Adobe Type Support-->MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}
    Adobe Update Manager CS3-->MsiExec.exe /I{E69AE897-9E0B-485C-8552-7841F48D42D8}
    Adobe Version Cue CS3 Client-->MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5}
    Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}
    Adobe XMP Panels CS3-->MsiExec.exe /I{802771A9-A856-4A41-ACF7-1450E523C923}
    AGEIA PhysX v7.07.24-->MsiExec.exe /X{EFC1B35C-FFF2-41D8-A70A-CE6037F8040B}
    America's Army-->MsiExec.exe /I{656D5B05-0409-41EE-BBEE-D9C4D6388972}
    Apple Mobile Device Support-->MsiExec.exe /I{49C88E44-1B38-4FC6-824E-2BDA3063B0E3}
    Apple Software Update-->MsiExec.exe /I{02DFF6B1-1654-411C-8D7B-FD6052EF016F}
    aTube Catcher 1.0-->"C:\Archivos de programa\DsNET Corp\aTube Catcher 1.0\unins000.exe"
    avast! Antivirus-->C:\Archivos de programa\Alwil Software\Avast4\aswRunDll.exe "C:\Archivos de programa\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
    AVIConverter 3.0-->C:\Archivos de programa\AVIConverter\uninst.exe
    AviSynth 2.5-->"C:\Archivos de programa\AviSynth 2.5\Uninstall.exe"
    Battlefield 2(TM)-->RunDll32 C:\ARCHIV~1\ARCHIV~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Archivos de programa\InstallShield Installation Information\{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}\setup.exe" -l0xa -removeonly
    Bonjour-->MsiExec.exe /I{47BF1BD6-DCAC-468F-A0AD-E5DECC2211C3}
    CDDRV_Installer-->MsiExec.exe /I{8CC990CD-87C8-475C-AC32-8A7984E2FCFA}
    Convert Doc-->"C:\Archivos de programa\Softinterface, Inc\Convert Doc\unins000.exe"
    ConvertXtoDVD 2.2.3.258-->"C:\Archivos de programa\VSO\ConvertXtoDVD\unins000.exe"
    Dawn of War - Soulstorm-->"C:\Archivos de programa\InstallShield Installation Information\{20533183-D42D-4261-A125-956736FBEA8C}\setup.exe" -runfromtemp -l0x000a -removeonly
    Dawn Of War - Winter Assault-->MsiExec.exe /X{DD8408E9-9421-484F-979D-DB6361E3E828}
    DawnOfWar-->C:\ARCHIV~1\ARCHIV~1\INSTAL~1\Driver\10\INTEL3~1\IDriver.exe /M{362D5167-9716-44BE-89FD-BF9EB6EF814B}
    DDS Thumbnail Viewer-->RunDll32 C:\ARCHIV~1\ARCHIV~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Archivos de programa\InstallShield Installation Information\{2205B8AE-490E-43F2-AB43-C13C2BEC86A7}\Setup.exe" -l0x9
    DivX Web Player-->C:\Archivos de programa\DivX\DivXWebPlayerUninstall.exe /PLUGIN
    D-Link VGA Webcam-->C:\WINDOWS\CleanDev.exe C:\WINDOWS\ov519.TXT
    EPSON Attach To Email-->C:\Archivos de programa\Archivos comunes\InstallShield\Driver\8\Intel 32\IDriver.exe /M{20C45B32-5AB6-46A4-94EF-58950CAF05E5} /l1033 ADDREMOVEDLG
    EPSON Copy Utility 3-->RunDll32 C:\ARCHIV~1\ARCHIV~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Archivos de programa\InstallShield Installation Information\{67EDD823-135A-4D59-87BD-950616D6E857}\SETUP.EXE" -l0xa -UnInstall
    EPSON Easy Photo Print-->RunDll32 C:\ARCHIV~1\ARCHIV~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Archivos de programa\InstallShield Installation Information\{5DA7BC15-18D3-41A0-9F59-838DA3EAEF17}\SETUP.EXE" -l0xa UNINST
    EPSON File Manager-->RunDll32 C:\ARCHIV~1\ARCHIV~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Archivos de programa\InstallShield Installation Information\{E86BC406-944E-41F6-ADE6-2C136734C96B}\Setup.exe" -l0xa UNINST
    EPSON Image Clip Palette-->RunDll32 C:\ARCHIV~1\ARCHIV~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Archivos de programa\InstallShield Installation Information\{314F6D08-A8B7-11D8-8446-0050BA1D384D}\Setup.exe" -l0xa -u
    EPSON Scan Assistant-->RunDll32 C:\ARCHIV~1\ARCHIV~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Archivos de programa\InstallShield Installation Information\{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}\Setup.exe" -l0xa -u
    EPSON Scan-->C:\Archivos de programa\epson\escndv\setup\setup.exe /r
    EPSON Web-To-Page-->RunDll32 C:\ARCHIV~1\ARCHIV~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Archivos de programa\InstallShield Installation Information\{7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}\SETUP.EXE" -l0xa -anything
    ESDX3800 Manual de usuario-->C:\Archivos de programa\EPSON\TPMANUAL\ESDX3800\USE_G\DOCUNINS.EXE
    Euro Truck Simulator 1.00-->C:\Archivos de programa\Euro Truck Simulator\uninst.exe
    Eve Of Destruction 0.1-->C:\Archivos de programa\EA Games\Battlefield Vietnam\Mods\uninst.exe
    Far Cry 2-->"C:\Archivos de programa\InstallShield Installation Information\{F2835483-37F2-4123-B4FE-0E77D58447F2}\setup.exe" -runfromtemp -l0x000a -removeonly
    F-PROT Antivirus for Windows-->MsiExec.exe /I{E58B329B-FB28-4874-90DE-0D7CB2709267}
    F-PROT Antivirus Updater Fix-->MsiExec.exe /I{F8A3A6BC-D68F-445B-B1BA-6F03A4352865}
    Freez FLV to AVI/MPEG/WMV Converter-->"C:\Archivos de programa\Smallvideosoft\Freez FLV to AVI MPEG WMV Converter\unins000.exe"
    Game Cam-->RunDll32 C:\ARCHIV~1\ARCHIV~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Archivos de programa\InstallShield Installation Information\{DB52432E-3AD8-41A5-A586-0F065FB6A31E}\setup.exe"
    Google Desktop-->C:\Archivos de programa\Google\Google Desktop Search\GoogleDesktopSetup.exe -uninstall
    Hamachi 1.0.3.0-->C:\Archivos de programa\Hamachi\uninstall.exe
    HijackThis 2.0.2-->"C:\Archivos de programa\Trend Micro\HijackThis\HijackThis.exe" /uninstall
    Imperial Glory-->RunDll32 C:\ARCHIV~1\ARCHIV~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Archivos de programa\InstallShield Installation Information\{1FCC8C70-66B9-420D-942C-2C2A8441C744}\setup.exe" -l0xa -removeonly
    iTunes-->MsiExec.exe /I{3DE0053C-FD9A-483E-B7C9-B06E4392206E}
    IZArc 3.81-->"C:\Archivos de programa\IZArc\unins000.exe"
    Java(TM) 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
    Kaspersky Online Scanner-->C:\WINDOWS\system32\KASPER~1\KASPER~1\kavuninstall.exe
    KhalInstallWrapper-->MsiExec.exe /I{56918C0C-0D87-4CA6-92BF-4975A43AC719}
    K-Lite Codec Pack 3.9.0 Full-->"C:\Archivos de programa\K-Lite Codec Pack\unins000.exe"
    Lecteur Windows Media 11-->"C:\Archivos de programa\Windows Media Player\Setup_wm.exe" /Uninstall
    Logitech Registration-->MsiExec.exe /I{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}
    Logitech SetPoint-->C:\Archivos de programa\InstallShield Installation Information\{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}\setup.exe -runfromtemp -l0x040c -removeonly
    Lphant v3.51-->"C:\Archivos de programa\Lphant\unins000.exe"
    Ma-Config.com-->MsiExec.exe /X{1C02A760-1682-49AE-BB54-FA7D63BD3504}
    Malwarebytes' Anti-Malware-->"C:\Archivos de programa\Malwarebytes' Anti-Malware\unins000.exe"
    Marvell Miniport Driver-->MsiExec.exe /X{C950420B-4182-49EA-850A-A6A2ABF06C6B}
    Media Library Management Wizard-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\mplibwiz.inf,DefaultUninstall
    Messenger Plus! Live-->"C:\Archivos de programa\Messenger Plus! Live\Uninstall.exe"
    Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
    Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
    Microsoft Kernel-Mode Driver Framework Feature Pack 1.5-->"C:\WINDOWS\$NtUninstallWdf01005$\spuninst\spuninst.exe"
    Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE}
    Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
    Microsoft Office InfoPath MUI (French) 2007-->MsiExec.exe /X{90120000-0044-040C-0000-0000000FF1CE}
    Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE}
    Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
    Microsoft Office Professional Plus 2007-->"C:\Archivos de programa\Archivos comunes\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL
    Microsoft Office Professional Plus 2007-->MsiExec.exe /X{90120000-0011-0000-0000-0000000FF1CE}
    Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
    Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
    Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
    Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
    Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
    Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
    Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
    Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE}
    Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
    Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
    Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
    Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
    Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
    MKVtoolnix 2.1.0-->C:\Archivos de programa\MKVtoolnix\uninst.exe
    MoreJongg 7.00-->"C:\Archivos de programa\Moraff\Morejongg\Uninstal.exe"
    Movie Maker Background Music Files-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\mmmusic.inf,DefaultUninstall
    Movie Maker Sound Effects-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\mmsounds.inf,DefaultUninstall
    Movie Maker Title Images-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\mmtitle.inf,DefaultUninstall
    Mozilla Firefox (2.0.0.20)-->C:\Archivos de programa\Mozilla Firefox\uninstall\helper.exe
    MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
    MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
    MSXML 4.0 SP2 Parser and SDK-->MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC}
    Nero 7 Demo-->MsiExec.exe /I{A66B369B-2927-8B02-ADF7-5BC0FE941034}
    NET Installation Assistance for VB6 App (Runtime Only)-->MsiExec.exe /I{66333C41-085E-4DA1-8273-E2BCA382D766}
    Notepad++-->C:\Archivos de programa\Notepad++\uninstall.exe
    NVIDIA Drivers-->C:\WINDOWS\system32\nvuninst.exe UninstallGUI
    NVIDIA Photoshop Plug-ins-->RunDll32 C:\ARCHIV~1\ARCHIV~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Archivos de programa\InstallShield Installation Information\{23F79416-CAD1-41BF-99A3-040F6C814AAA}\setup.exe" -l0x9
    OpenAL-->"C:\Archivos de programa\OpenAL\OpenALwEAX.exe" /U
    Pack PSP - Ri4m - v1.0a-->C:\Archivos de programa\Ripp-it_AM\dlls\Uninstal.exe
    Panda ActiveScan 2.0-->C:\Archivos de programa\Panda Security\ActiveScan 2.0\as2uninst.exe
    PDF Settings-->MsiExec.exe /I{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}
    PDFCreator-->C:\Archivos de programa\PDFCreator\unins000.exe
    PIF DESIGNER-->RunDll32 C:\ARCHIV~1\ARCHIV~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Archivos de programa\InstallShield Installation Information\{B90450DF-E781-46FD-B1F1-0C86DA40E443}\SETUP.EXE" -l0xa anything
    Pirates of the Burning Sea-->"C:\Archivos de programa\InstallShield Installation Information\{5541F601-F327-4739-B7E8-560EDEE1301E}\setup.exe" -runfromtemp -l0x040c -removeonly
    PlayNC Launcher-->C:\Archivos de programa\InstallShield Installation Information\{5F8E2CBB-949D-4175-AC98-5ADE7F6C9697}\setup.exe -runfromtemp -l0x0009 -removeonly
    Project Torque-->C:\Archivos de programa\AeriaGames\Project Torque\uninstall.exe
    QuickTime-->MsiExec.exe /I{08CA9554-B5FE-4313-938F-D4A417B81175}
    Revisión para el Reproductor de Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
    Revisión para Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
    Ri4m v5.0.1d-->C:\Archivos de programa\Ripp-it_AM\Ri4m_Uninstal.exe
    RisingSun 1.00 -->C:\WINDOWS\uninstall\RisingSun\setup.exe
    ServiWin-->C:\WINDOWS\zipinst.exe /uninst "C:\Archivos de programa\ServiWin\uninst1~.nsu"
    Software de impresora EPSON-->C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /R
    SopCast 3.0.1-->C:\Archivos de programa\SopCast\uninst.exe
    SoundMAX-->RunDll32 C:\ARCHIV~1\ARCHIV~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Archivos de programa\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\Setup.exe"
    SPORE™-->"C:\Archivos de programa\InstallShield Installation Information\{9DF0196F-B6B8-4C3A-8790-DE42AA530101}\SPORESetup.exe" -runfromtemp -l0x040c -removeonly
    Spybot - Search & Destroy-->"C:\Archivos de programa\Spybot - Search & Destroy\unins000.exe"
    Star Wars Galaxies: Complete Online Adventures-->RunDll32 C:\ARCHIV~1\ARCHIV~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Archivos de programa\InstallShield Installation Information\{19F59AB5-B1F6-4276-A40B-09472318BCFF}\setup.exe" -l0x9 -removeonly
    SWAT 4-->C:\ARCHIV~1\ARCHIV~1\INSTAL~1\Driver\10\INTEL3~1\IDriver.exe /M{8E1CCF20-9E12-4824-BD59-7AD9E0486DD8} uninstall
    System Requirements Lab-->C:\Archivos de programa\SystemRequirementsLab\Uninstall.exe
    TeamSpeak 2 RC2-->"C:\Archivos de programa\Teamspeak2_RC2\unins000.exe"
    TuneUp Utilities 2008-->MsiExec.exe /I{5888428E-699C-4E71-BF71-94EE06B497DA}
    Twin Digital GamePad-->RunDll32 C:\ARCHIV~1\ARCHIV~1\INSTAL~1\PROFES~1\RunTime\0700\Intel32\Ctor.dll,LaunchSetup "C:\Archivos de programa\InstallShield Installation Information\{06204E2A-6369-43ED-A9CF-49B5F49915FA}\setup.exe" -l0x9
    VDMSound 2.0.4-->MsiExec.exe /I{8ECBE643-8230-11D5-9D6B-00A024112F81}
    VeohTV BETA-->C:\Archivos de programa\InstallShield Installation Information\{0405E51E-9582-4207-8F38-AC44201D3808}\setup.exe -runfromtemp -l0x0409
    Vietcong-->C:\Program Files\Vietcong\Uninstall.exe
    Winamp-->"C:\Archivos de programa\Winamp\UninstWA.exe"
    Windows Live Messenger-->MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65}
    Windows Media Format 11 runtime-->"C:\Archivos de programa\Windows Media Player\wmsetsdk.exe" /UninstallAll
    Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
    Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
    Windows Media Player Skin Importer-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\wa2wmp.inf,DefaultUninstall
    Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
    X-07 MAPPACK [LAN] Battlefield 2-->C:\Archivos de programa\EA GAMES\Battlefield 2\x07mappack_Uninstal.exe
    Yahoo! Install Manager-->C:\WINDOWS\system32\regsvr32 /u C:\ARCHIV~1\Yahoo!\Common\YINSTH~1.DLL
    Yahoo! Widgets-->C:\ARCHIV~1\Yahoo!\Widgets\uninstall.exe

    ======Hosts File======

    127.0.0.1 www.007guard.com
    127.0.0.1 007guard.com
    127.0.0.1 008i.com
    127.0.0.1 www.008k.com
    127.0.0.1 008k.com
    127.0.0.1 www.00hq.com
    127.0.0.1 00hq.com
    127.0.0.1 010402.com
    127.0.0.1 www.032439.com
    127.0.0.1 032439.com

    ======Security center information======

    AV: avast! antivirus 4.8.1296 [VPS 081230-0]
    AV: F-PROT Antivirus for Windows

    System event log

    Computer Name: HOME-E0D3044181
    Event Code: 26
    Message: Aplicación emergente: Proxy Desktop: Explorer.EXE - Error de aplicación : Se ha producido la excepción excepción inesperada del programa (0xc06d007e) en la dirección 0x7c812aeb.

    Record Number: 31704
    Source Name: Application Popup
    Time Written: 20081109011953.000000+060
    Event Type: Información
    User:

    Computer Name: HOME-E0D3044181
    Event Code: 26
    Message: Aplicación emergente: Proxy Desktop: Explorer.EXE - Error de aplicación : Se ha producido la excepción excepción inesperada del programa (0xc06d007e) en la dirección 0x7c812aeb.

    Record Number: 31703
    Source Name: Application Popup
    Time Written: 20081109011950.000000+060
    Event Type: Información
    User:

    Computer Name: HOME-E0D3044181
    Event Code: 7036
    Message: El servicio Servicio COM de grabación de CD de IMAPI entró en estado detenido.

    Record Number: 31702
    Source Name: Service Control Manager
    Time Written: 20081109011924.000000+060
    Event Type: Información
    User:

    Computer Name: HOME-E0D3044181
    Event Code: 7036
    Message: El servicio Servicio COM de grabación de CD de IMAPI entró en estado Activo.

    Record Number: 31701
    Source Name: Service Control Manager
    Time Written: 20081109011918.000000+060
    Event Type: Información
    User:

    Computer Name: HOME-E0D3044181
    Event Code: 7035
    Message: Se ha enviado satisfactoriamente un control iniciar al servicio Servicio COM de grabación de CD de IMAPI.

    Record Number: 31700
    Source Name: Service Control Manager
    Time Written: 20081109011918.000000+060
    Event Type: Información
    User: NT AUTHORITY\SYSTEM

    Application event log

    Computer Name: HOME-E0D3044181
    Event Code: 1
    Message:
    Record Number: 4030
    Source Name: Bonjour Service
    Time Written: 20080419220214.000000+120
    Event Type: Información
    User:

    Computer Name: HOME-E0D3044181
    Event Code: 1517
    Message: Windows guardó el Registro de usuario HOME-E0D3044181\principal mientras una aplicación o servicio todavía estaba usando el Registro durante el cierre de sesión. No se ha liberado la memoria usada por el Registro de usuario. Se descargará el Registro cuando ya no esté en uso.

    Esto es debido a menudo por los servicios ejecutándose como cuentas de usuario. Intente configurar los servicios para ejecutarse en la cuenta ServicioLocal o ServicioRed.
    Record Number: 4029
    Source Name: Userenv
    Time Written: 20080419184419.000000+120
    Event Type: Advertencia
    User: NT AUTHORITY\SYSTEM

    Computer Name: HOME-E0D3044181
    Event Code: 101
    Message: msnmsgr (3532) Se detuvo el motor de base de datos.

    Record Number: 4028
    Source Name: ESENT
    Time Written: 20080419184403.000000+120
    Event Type: Información
    User:

    Computer Name: HOME-E0D3044181
    Event Code: 103
    Message: msnmsgr (3532) \\.\C:\Documents and Settings\principal\Configuración local\Datos de programa\Microsoft\Messenger\broumstick@yahoo.fr\SharingMetadata\Working\database_12F0_9195_F091_7FA1\dfsr.db: El motor de base de datos detuvo la instancia (0).

    Record Number: 4027
    Source Name: ESENT
    Time Written: 20080419184403.000000+120
    Event Type: Información
    User:

    Computer Name: HOME-E0D3044181
    Event Code: 302
    Message: msnmsgr (3532) \\.\C:\Documents and Settings\principal\Configuración local\Datos de programa\Microsoft\Messenger\broumstick@yahoo.fr\SharingMetadata\Working\database_12F0_9195_F091_7FA1\dfsr.db: El motor de base de datos completó correctamente los pasos de recuperación.

    Record Number: 4026
    Source Name: ESENT
    Time Written: 20080419143729.000000+120
    Event Type: Información
    User:

    ======Environment variables======

    "ComSpec"=%SystemRoot%\system32\cmd.exe
    "Path"=%systemroot%\system32;%systemroot%;%systemroot%\system32\wbem;C:\Archivos de programa\ATI Technologies\ATI.ACE\Core-Static;%VDMSPath%;C:\Archivos de programa\QuickTime\QTSystem
    "windir"=%SystemRoot%
    "FP_NO_HOST_CHECK"=NO
    "OS"=Windows_NT
    "PROCESSOR_ARCHITECTURE"=x86
    "PROCESSOR_LEVEL"=15
    "PROCESSOR_IDENTIFIER"=x86 Family 15 Model 12 Stepping 0, AuthenticAMD
    "PROCESSOR_REVISION"=0c00
    "NUMBER_OF_PROCESSORS"=1
    "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
    "TEMP"=%SystemRoot%\TEMP
    "TMP"=%SystemRoot%\TEMP
    "VDMSPath"=C:\Archivos de programa\VDMSound\
    "CLASSPATH"=.;C:\Archivos de programa\Java\jre1.6.0_03\lib\ext\QTJava.zip
    "QTJAVA"=C:\Archivos de programa\Java\jre1.6.0_03\lib\ext\QTJava.zip

    -----------------EOF-----------------
    0
  7. brm
     
    pour rooter, je desactive l antivirus aussi?
    0
  8. brm
     
    ok pour l antivir.
    pour le crack.....oui, ça nous arrive "shame"
    0
  9. V-X
     
    Re,

    Ben voilà un bagle.

    Tu passe rooter et te donne la suite.
    0
  10. brm
     
    Microsoft (R) Windows Script Host versi¢n 5.7
    Copyright (C) Microsoft Corporation 1996-2006. Reservados todos los derechos.

    Microsoft Windows XP Professional ( v5.1.2600 ) Service Pack 3
    X86-based PC ( Uniprocessor Free : AMD Athlon(tm) 64 Processor 3400+ )
    BIOS : Rev 2.00
    USER : principal ( Administrator )
    BOOT : Normal boot

    Antivirus : F-PROT Antivirus for Windows 6.0 (Activated)

    A:\ (USB)
    C:\ (Local Disk) - NTFS - Total:189 Go (Free:76 Go)
    D:\ (CD or DVD)
    E:\ (CD or DVD)
    F:\ (CD or DVD)

    31/12/2008|14:44

    ----------------------\\ Search..

    ----------------------\\ ROOTKIT !!

    Rootkit TDSS ! .. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_TDSSSERV.SYS]
    Rootkit TDSS ! .. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_TDSSSERV.SYS]
    Rootkit TDSS ! .. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_TDSSSERV.SYS]
    Rootkit TDSS ! .. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\TDSSserv.sys]
    Rootkit TDSS ! .. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\TDSSserv.sys]
    Rootkit TDSS ! .. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TDSSserv.sys]

    ----------------------\\ Cracks & Keygens..

    C:\DOCUME~1\PRINCI~1\Escritorio\audio-video\Data\Fruity Loops Studio XXL v.8 CRACK-BY ToRR3NTPYTHoN.rar
    C:\DOCUME~1\PRINCI~1\Escritorio\audio-video\Data\Nero 7.0.1.2 Premium Edition (EspaÇñol-Spanish) Con Keygen, GuÇðas De Usuario Y.zip
    C:\DOCUME~1\PRINCI~1\Escritorio\audio-video\Data\VSO.ConvertXtoDVD.v2.2.3.258.Multilangages.Incl-Keygen.rar
    C:\DOCUME~1\PRINCI~1\Mis documentos\Mis im genes\photoshop\Akvis Filtres Crack.rar

    1 - "C:\Rooter$\Rooter_1.txt" - 31/12/2008|14:44

    ----------------------\\ Scan completed at 14:44

    bagle??
    0
  11. V-X
     
    Re,


    C:\DOCUME~1\PRINCI~1\Escritorio\audio-video\Data\Fruity Loops Studio XXL v.8 CRACK-BY ToRR3NTPYTHoN.rar
    C:\DOCUME~1\PRINCI~1\Escritorio\audio-video\Data\Nero 7.0.1.2 Premium Edition (EspaÇñol-Spanish) Con Keygen, GuÇðas De Usuario Y.zip
    C:\DOCUME~1\PRINCI~1\Escritorio\audio-video\Data\VSO.ConvertXtoDVD.v2.2.3.258.Multilangages.Incl-Keygen.rar
    C:\DOCUME~1\PRINCI~1\Mis documentos\Mis im genes\photoshop\Akvis Filtres Crack.rar


    Vire tout sa et fait ce qui suit:

    FindyKill de Chiquitine29

    ▶ Fais un clique droit sur le lien et choisis ( "enregistrer la cible sous ...." )( , destination le bureau .

    ( Note importante : si tu as le prg Elibagla sur ton PC , supprimes le ( risque de conflit entre les deux outils )( .

    ▶ Entre dans le dossier " FindyKill "

    ▶ Double clic sur " FindyKill.bat " (et pas sur autre chose!) pour lancer l'outil .

    ▶ Choisis ( l'option 1( . Puis laisses travailler ...

    ▶ Une fois terminé, postes le rapport FindyKill.txt qui est généré ...

    ( Note : le rapport est sauvegardé à la racine du disque -> C:\FindyKill.txt )

    Les-risques-securitaires-du-peer-to-peer

    Si un rapport ne passe pas faire une alerte à la conciergerie avec le /!\ jaune.
    0
  12. brm
     
    ok. A noter que certains fichiers a éliminer n'ont plus les progs associés depuis perpet. les tdss par contre nous inquiètes plus. je lance la manip recommandée et je poste.
    encore merci pour l aide :)
    0
  13. brm
     
    je ne trouve pas findkill.bat après l install
    J'ai DL via le lien un findkill.exe, qui a installé un prog. aucun bat dans le rep d installation
    0
  14. V-X
     
    Re,

    OKI.

    Tu as l'icone sur ton bureau double clic dessus et choisit ta langue et fait l'option 1 recherche.
    0
  15. brm
     
    j ai une fenetre DOS. je lance une recherche en fr de "fichiers infectieux"
    0
  16. V-X
     
    Re,

    OUI
    0
    1. brm
       
      ----------------- FindyKill V4.710 ------------------

      * User : principal - HOME-E0D3044181
      * executed from : C:\Archivos de programa\FindyKill
      * Update on 21/12/08 par Chiquitine29
      * Start at 15:35:06 the 31/12/2008
      * Windows XP - Internet Explorer 6.0.2900.5512


      ((((((((((((((( *** deleting *** ))))))))))))))))))


      --------------- [ Active Processes ] ----------------


      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\system32\csrss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\system32\logonui.exe
      C:\WINDOWS\system32\svchost.exe
      C:\Archivos de programa\Alwil Software\Avast4\aswUpdSv.exe
      C:\Archivos de programa\Alwil Software\Avast4\ashServ.exe
      C:\WINDOWS\system32\spoolsv.exe
      C:\WINDOWS\system32\userinit.exe

      --------------- [ Infected files / folders ] ----------------


      »»»» Supression files in C:

      Deleted ! - C:\InfoSat.txt

      »»»» Supression files in C:\WINDOWS


      »»»» Supression files in C:\WINDOWS\Prefetch


      »»»» Supression files in C:\WINDOWS\system32


      »»»» Supression files in C:\WINDOWS\system32\config\systemprofile\AppData\Roaming


      »»»» Supression files in C:\WINDOWS\system32\drivers


      »»»» Supression files in C:\Documents and Settings\principal\Datos de programa

      Deleted ! - "C:\Documents and Settings\principal\Datos de programa\inst.exe"

      »»»» Supression files in C:\DOCUME~1\PRINCI~1\CONFIG~1\Temp


      »»»» Supression files in C:\Documents and Settings\principal\Local Settings\Temporary Internet Files\Content.IE5


      --------------- [ Registry / Infected keys ] ----------------

      Deleted ! - HKEY_CURRENT_CONFIG\System\CurrentControlSet\Enum\ROOT\LEGACY_SROSA
      Deleted ! - HKEY_USERS\S-1-5-21-839522115-1229272821-2147125571-1003\Software\Ubisoft

      --------------- [ States / Restarting of services ] ----------------



      +- Services : [ Auto=2 / Request=3 / Disable=4 ]

      Ndisuio - Type of startup = 3

      EapHost - Type of startup = 2

      Ip6Fw - Type of startup = 2

      SharedAccess - Type of startup = 2

      wuauserv - Type of startup = 2

      wscsvc - Type of startup = 2


      --------------- [ Cleaning removable drives ] ----------------

      +- Informations :

      C: - Unidad fija

      G: - Unidad extra¡ble


      +- deleting files :


      --------------- [ Registry / Mountpoint2 ] ----------------


      -> Not found !


      --------------- [ Searching Cracks / Keygen ] ----------------

      C:\Documents and Settings\principal\Escritorio\Jeux\GameCam.v1.2.0.16.Cracked.WinALL-iND
      C:\Documents and Settings\principal\Escritorio\Jeux\battlefield2\Battlefield 2 Keygen.rar
      C:\Documents and Settings\principal\Escritorio\Jeux\GameCam.v1.2.0.16.Cracked.WinALL-iND\Crack.exe
      C:\Documents and Settings\principal\Escritorio\Jeux\GameCam.v1.2.0.16.Cracked.WinALL-iND\GameCamSetup.exe
      C:\Documents and Settings\principal\Escritorio\Jeux\GameCam.v1.2.0.16.Cracked.WinALL-iND\GC-iND.nfo
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetailcrack.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetailcrackalphatest.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetailcrackalphatestlightmap.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetailcrackalphatestlightmapshadow.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetailcrackalphatestpointlight.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetailcrackalphatestshadow.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetailcracklightmap.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetailcracklightmapshadow.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetailcrackndetailncrack.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetailcrackndetailncrackalphatest.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetailcrackndetailncrackalphatestlightmap.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetailcrackndetailncrackalphatestlightmapshadow.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetailcrackndetailncrackalphatestpointlight.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetailcrackndetailncrackalphatestshadow.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetailcrackndetailncracklightmap.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetailcrackndetailncracklightmapshadow.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetailcrackndetailncrackpointlight.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetailcrackndetailncrackshadow.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetailcrackpointlight.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetailcrackshadow.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetaildirtcrack.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetaildirtcrackalphatest.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetaildirtcrackalphatestlightmap.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetaildirtcrackalphatestlightmapshadow.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetaildirtcrackalphatestpointlight.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetaildirtcrackalphatestshadow.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetaildirtcracklightmap.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetaildirtcracklightmapshadow.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetaildirtcrackndetailncrack.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetaildirtcrackndetailncrackalphatest.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetaildirtcrackndetailncrackalphatestlightmap.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetaildirtcrackndetailncrackalphatestlightmapshadow.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetaildirtcrackndetailncrackalphatestpointlight.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetaildirtcrackndetailncrackalphatestshadow.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetaildirtcrackndetailncracklightmap.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetaildirtcrackndetailncracklightmapshadow.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetaildirtcrackndetailncrackpointlight.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetaildirtcrackndetailncrackshadow.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetaildirtcrackpointlight.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetaildirtcrackshadow.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetailcrack.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetailcrackalphatest.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetailcrackalphatestlightmap.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetailcrackalphatestlightmapshadow.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetailcrackalphatestpointlight.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetailcrackalphatestshadow.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetailcracklightmap.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetailcracklightmapshadow.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetailcrackndetailncrack.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetailcrackndetailncrackalphatest.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetailcrackndetailncrackalphatestlightmap.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetailcrackndetailncrackalphatestlightmapshadow.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetailcrackndetailncrackalphatestpointlight.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetailcrackndetailncrackalphatestshadow.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetailcrackndetailncracklightmap.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetailcrackndetailncracklightmapshadow.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetailcrackndetailncrackpointlight.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetailcrackndetailncrackshadow.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetailcrackpointlight.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetailcrackshadow.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetaildirtcrack.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetaildirtcrackalphatest.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetaildirtcrackalphatestlightmap.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetaildirtcrackalphatestlightmapshadow.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetaildirtcrackalphatestpointlight.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetaildirtcrackalphatestshadow.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetaildirtcracklightmap.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetaildirtcracklightmapshadow.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetaildirtcrackndetailncrack.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetaildirtcrackndetailncrackalphatest.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetaildirtcrackndetailncrackalphatestlightmap.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetaildirtcrackndetailncrackalphatestlightmapshadow.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetaildirtcrackndetailncrackalphatestpointlight.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetaildirtcrackndetailncrackalphatestshadow.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetaildirtcrackndetailncracklightmap.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetaildirtcrackndetailncracklightmapshadow.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetaildirtcrackndetailncrackpointlight.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetaildirtcrackndetailncrackshadow.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetaildirtcrackpointlight.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetaildirtcrackshadow.cfx
      C:\Documents and Settings\principal\Mis documentos\Mi m£sica\mp3\Drain STH - Horror Wrestling\08 - Crack The Liars Smile.mp3


      ---------------- ! End of report ! ------------------
      0
    2. brm
       
      ----------------- FindyKill V4.710 ------------------

      * User : principal - HOME-E0D3044181
      * executed from : C:\Archivos de programa\FindyKill
      * Update on 21/12/08 par Chiquitine29
      * Start at 15:35:06 the 31/12/2008
      * Windows XP - Internet Explorer 6.0.2900.5512


      ((((((((((((((( *** deleting *** ))))))))))))))))))


      --------------- [ Active Processes ] ----------------


      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\system32\csrss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\system32\logonui.exe
      C:\WINDOWS\system32\svchost.exe
      C:\Archivos de programa\Alwil Software\Avast4\aswUpdSv.exe
      C:\Archivos de programa\Alwil Software\Avast4\ashServ.exe
      C:\WINDOWS\system32\spoolsv.exe
      C:\WINDOWS\system32\userinit.exe

      --------------- [ Infected files / folders ] ----------------


      »»»» Supression files in C:

      Deleted ! - C:\InfoSat.txt

      »»»» Supression files in C:\WINDOWS


      »»»» Supression files in C:\WINDOWS\Prefetch


      »»»» Supression files in C:\WINDOWS\system32


      »»»» Supression files in C:\WINDOWS\system32\config\systemprofile\AppData\Roaming


      »»»» Supression files in C:\WINDOWS\system32\drivers


      »»»» Supression files in C:\Documents and Settings\principal\Datos de programa

      Deleted ! - "C:\Documents and Settings\principal\Datos de programa\inst.exe"

      »»»» Supression files in C:\DOCUME~1\PRINCI~1\CONFIG~1\Temp


      »»»» Supression files in C:\Documents and Settings\principal\Local Settings\Temporary Internet Files\Content.IE5


      --------------- [ Registry / Infected keys ] ----------------

      Deleted ! - HKEY_CURRENT_CONFIG\System\CurrentControlSet\Enum\ROOT\LEGACY_SROSA
      Deleted ! - HKEY_USERS\S-1-5-21-839522115-1229272821-2147125571-1003\Software\Ubisoft

      --------------- [ States / Restarting of services ] ----------------



      +- Services : [ Auto=2 / Request=3 / Disable=4 ]

      Ndisuio - Type of startup = 3

      EapHost - Type of startup = 2

      Ip6Fw - Type of startup = 2

      SharedAccess - Type of startup = 2

      wuauserv - Type of startup = 2

      wscsvc - Type of startup = 2


      --------------- [ Cleaning removable drives ] ----------------

      +- Informations :

      C: - Unidad fija

      G: - Unidad extra¡ble


      +- deleting files :


      --------------- [ Registry / Mountpoint2 ] ----------------


      -> Not found !


      --------------- [ Searching Cracks / Keygen ] ----------------

      C:\Documents and Settings\principal\Escritorio\Jeux\GameCam.v1.2.0.16.Cracked.WinALL-iND
      C:\Documents and Settings\principal\Escritorio\Jeux\battlefield2\Battlefield 2 Keygen.rar
      C:\Documents and Settings\principal\Escritorio\Jeux\GameCam.v1.2.0.16.Cracked.WinALL-iND\Crack.exe
      C:\Documents and Settings\principal\Escritorio\Jeux\GameCam.v1.2.0.16.Cracked.WinALL-iND\GameCamSetup.exe
      C:\Documents and Settings\principal\Escritorio\Jeux\GameCam.v1.2.0.16.Cracked.WinALL-iND\GC-iND.nfo
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetailcrack.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetailcrackalphatest.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetailcrackalphatestlightmap.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetailcrackalphatestlightmapshadow.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetailcrackalphatestpointlight.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetailcrackalphatestshadow.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetailcracklightmap.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetailcracklightmapshadow.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetailcrackndetailncrack.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetailcrackndetailncrackalphatest.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetailcrackndetailncrackalphatestlightmap.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetailcrackndetailncrackalphatestlightmapshadow.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetailcrackndetailncrackalphatestpointlight.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetailcrackndetailncrackalphatestshadow.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetailcrackndetailncracklightmap.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetailcrackndetailncracklightmapshadow.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetailcrackndetailncrackpointlight.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetailcrackndetailncrackshadow.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetailcrackpointlight.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetailcrackshadow.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetaildirtcrack.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetaildirtcrackalphatest.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetaildirtcrackalphatestlightmap.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetaildirtcrackalphatestlightmapshadow.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetaildirtcrackalphatestpointlight.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetaildirtcrackalphatestshadow.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetaildirtcracklightmap.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetaildirtcracklightmapshadow.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetaildirtcrackndetailncrack.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetaildirtcrackndetailncrackalphatest.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetaildirtcrackndetailncrackalphatestlightmap.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetaildirtcrackndetailncrackalphatestlightmapshadow.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetaildirtcrackndetailncrackalphatestpointlight.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetaildirtcrackndetailncrackalphatestshadow.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetaildirtcrackndetailncracklightmap.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetaildirtcrackndetailncracklightmapshadow.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetaildirtcrackndetailncrackpointlight.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetaildirtcrackndetailncrackshadow.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetaildirtcrackpointlight.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetaildirtcrackshadow.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetailcrack.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetailcrackalphatest.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetailcrackalphatestlightmap.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetailcrackalphatestlightmapshadow.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetailcrackalphatestpointlight.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetailcrackalphatestshadow.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetailcracklightmap.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetailcracklightmapshadow.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetailcrackndetailncrack.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetailcrackndetailncrackalphatest.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetailcrackndetailncrackalphatestlightmap.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetailcrackndetailncrackalphatestlightmapshadow.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetailcrackndetailncrackalphatestpointlight.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetailcrackndetailncrackalphatestshadow.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetailcrackndetailncracklightmap.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetailcrackndetailncracklightmapshadow.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetailcrackndetailncrackpointlight.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetailcrackndetailncrackshadow.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetailcrackpointlight.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetailcrackshadow.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetaildirtcrack.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetaildirtcrackalphatest.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetaildirtcrackalphatestlightmap.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetaildirtcrackalphatestlightmapshadow.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetaildirtcrackalphatestpointlight.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetaildirtcrackalphatestshadow.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetaildirtcracklightmap.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetaildirtcracklightmapshadow.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetaildirtcrackndetailncrack.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetaildirtcrackndetailncrackalphatest.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetaildirtcrackndetailncrackalphatestlightmap.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetaildirtcrackndetailncrackalphatestlightmapshadow.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetaildirtcrackndetailncrackalphatestpointlight.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetaildirtcrackndetailncrackalphatestshadow.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetaildirtcrackndetailncracklightmap.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetaildirtcrackndetailncracklightmapshadow.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetaildirtcrackndetailncrackpointlight.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetaildirtcrackndetailncrackshadow.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetaildirtcrackpointlight.cfx
      C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetaildirtcrackshadow.cfx
      C:\Documents and Settings\principal\Mis documentos\Mi m£sica\mp3\Drain STH - Horror Wrestling\08 - Crack The Liars Smile.mp3


      ---------------- ! End of report ! ------------------
      0
  17. brm
     
    ----------------- FindyKill V4.710 ------------------

    * User : principal - HOME-E0D3044181
    * Emplacement : C:\Archivos de programa\FindyKill
    * Outils Mis a jours le 21/12/08 par Chiquitine29
    * Recherche effectuée à 15:15:53 le 31/12/2008
    * Windows XP - Internet Explorer 6.0.2900.5512

    ((((((((((((((((( *** Recherche *** ))))))))))))))))))

    --------------- [ Processus actifs ] ----------------

    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Archivos de programa\Alwil Software\Avast4\aswUpdSv.exe
    C:\Archivos de programa\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\ARCHIV~1\ALWILS~1\Avast4\ashDisp.exe
    C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\WINDOWS\system32\ctfmon.exe
    C:\Archivos de programa\Messenger\msmsgs.exe
    C:\Archivos de programa\Logitech\SetPoint\SetPoint.exe
    C:\Archivos de programa\Archivos comunes\Logitech\KhalShared\KHALMNPR.EXE
    C:\Archivos de programa\Archivos comunes\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Archivos de programa\Bonjour\mDNSResponder.exe
    C:\Archivos de programa\FRISK Software\F-PROT Antivirus for Windows\FPAVServer.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\PnkBstrA.exe
    C:\Archivos de programa\Analog Devices\SoundMAX\SMAgent.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\alg.exe
    C:\WINDOWS\system32\Notepad.exe
    C:\Archivos de programa\Alwil Software\Avast4\ashMaiSv.exe
    C:\Archivos de programa\Alwil Software\Avast4\ashWebSv.exe
    C:\Archivos de programa\Mozilla Firefox\firefox.exe
    C:\WINDOWS\Explorer.EXE

    --------------- [ Fichiers/Dossiers infectieux ] ----------------

    »»»» Presence des fichiers dans C:

    Found ! [31/12/2008 03:00] - C:\InfoSat.txt

    »»»» Presence des fichiers dans C:\WINDOWS

    »»»» Presence des fichiers dans C:\WINDOWS\Prefetch

    »»»» Presence des fichiers dans C:\WINDOWS\system32

    »»»» Presence des fichiers dans C:\WINDOWS\system32\config\systemprofile\AppData\Roaming

    »»»» Presence des fichiers dans C:\WINDOWS\system32\drivers

    »»»» Presence des fichiers dans C:\Documents and Settings\principal\Datos de programa

    »»»» Presence des fichiers dans C:\DOCUME~1\PRINCI~1\CONFIG~1\Temp

    »»»» Presence des fichiers dans C:\Documents and Settings\principal\Local Settings\Temporary Internet Files\Content.IE5

    --------------- [ Registre / Startup ] ----------------

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\run]
    ctfmon.exe=C:\WINDOWS\system32\ctfmon.exe
    MSMSGS="C:\Archivos de programa\Messenger\msmsgs.exe" /background
    HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run\AdobeUpdater=
    <NO NAME>=

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run]
    avast!=C:\ARCHIV~1\ALWILS~1\Avast4\ashDisp.exe
    IMJPMIG8.1="C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
    MSPY2002=C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
    PHIME2002ASync=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
    PHIME2002A=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
    EPSON Stylus DX3800 Series=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE /P26 "EPSON Stylus DX3800 Series" /O6 "USB002" /M "Stylus DX3800"
    Logitech Hardware Abstraction Layer=KHALMNPR.EXE
    NvCplDaemon=RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    nwiz=nwiz.exe /install
    NvMediaCenter=RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    Google Desktop Search="C:\Archivos de programa\Google\Google Desktop Search\GoogleDesktop.exe" /startup
    MSConfig=C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
    HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents=
    <NO NAME>=
    HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL=
    Installed=1
    <NO NAME>=
    HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI=
    NoChange=1
    Installed=1
    <NO NAME>=
    HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS=
    Installed=1
    <NO NAME>=

    [HKEY_CURRENT_USER\software\local appwizard-generated applications\DocUnins]

    --------------- [ Registre / Clés infectieuses ] ----------------

    Found ! - HKEY_USERS\S-1-5-21-839522115-1229272821-2147125571-1003\Software\Ubisoft

    --------------- [ Etat / Services ] ----------------

    +- Services : [ Auto=2 / Demande=3 / Désactivé=4 ]

    Ndisuio - Type de démarrage = 3

    EapHost - Type de démarrage = 3

    Ip6Fw - Type de démarrage = 3

    SharedAccess - Type de démarrage = 2

    wuauserv - Type de démarrage = 2

    wscsvc - Type de démarrage = 2

    --------------- [ Recherche dans supports amovibles] ----------------

    +- Informations :

    C: - Unidad fija

    +- presence des fichiers :

    --------------- [ Registre / Mountpoint2 ] ----------------

    -> Not found !

    ------------------- ! Fin du rapport ! --------------------
    0
  18. V-X
     
    Re,

    Findykill de chiquitine29 option 2:

    ▶ Branche tes disques amovibles à ton PC ( (clefs USB, disque dur externe, etc...) sans les ouvrir

    ▶ Double-clique sur le raccourci FindyKill sur ton bureau

    ▶ Au menu principal, choisisl'option 2 (Suppression)

    /!\ Il y aura 2 redémarrages, laisse travailler l'outil jusqu'à l'apparition du message "nettoyage effectué" /!\

    𥭮nsuite, poste le rapport FindyKill.txt

    Note : le rapport FindyKill.txt est sauvegardé à la racine du disque.

    Si un rapport ne passe pas faire une alerte à la conciergerie avec le /!\ jaune.

    Found ! [31/12/2008 03:00] - C:\InfoSat.txt ==>Pas bien sa!!
    0
  19. brm
     
    je commence a avoir des soucis d'affichage du fo. te serait t'il possible de me contacter via msn? harkiogovi@yahoo.fr

    d'avance merci
    0
  20. V-X
     
    Re,

    Je ne fait pas de désinfection sur msn ou autres!!

    Sinon passe sa:

    Combofix. Attention, ce logiciel est très puissant, une mauvaise utilisation peut faire des dégâts...

    Fais exactement ce qui suit :

    Télécharge ComboFix (de sUBs) sur ton Bureau (et pas ailleurs !) :
    Fais un clic droit sur ce lien et choisis "enregistrer la cible sous ... " : dans la fenêtre qui s'ouvre tape C-Fix, choisis le bureau comme destination et valide :

    --------------------------------------------- [ ! ATTENTION ! ] ----------------------------------------------------------
    !! déconnecte toi, ferme toutes tes applications en cours et DESACTIVE TOUTES TES DEFENCES (anti-virus, antispyware, pare-feu) le temps de la manipulation (si jamais tu en as et que je ne les ai pas vu sur le rapport hijackthis....)

    ---> Surtout, si tu rencontres des difficultés à ce niveau là, dis le moi avant de poursuivre...

    --->Je te conseil d'installer la console de récupération.(Voir le tutoriel).

    Tuto ici : TUTO
    ---------------------------------------------------------------------------------------------------------------------------------

    Ensuite :

    Double-clique sur C-Fix.exe (= combofix.exe ) .

    Appuie sur une touche pour démarrer le scan .

    Attention : n'utilise pas ta souris ni ton clavier pendant que le programme tourne. Cela pourrait figer l'ordi ---> si un message d'erreur windows apparait à un moment : clique sur la croix rouge en haut à droite de la fenêtre pour la fermer

    Le rapport sera crée dans: C:\Combofix.txt , poste le ici stp

    Si un rapport ne passe pas faire une alerte à la conciergerie avec le /!\ jaune.
    0
  • 1
  • 2
  • 3
  • 4
  • 5