Sujet Précédent Sujet Suivant

Trop dur pour nous

Fermé
brm - 31 déc. 2008 à 14:20
 broumstick - 2 janv. 2009 à 14:42
Bonjour,

Histoire de bien finir l année, nous nous sommes vu méchamment infectés.
Premiers signes: un explorateur net qui vous redirige à loisir + malwarebytes, spybot, ad aware inopérants (impossibles à lancer)
Après bien des efforts, un passage sous f-prot et elistarA a permis de récupérer les fonctionnalités de malwarebytes et spy bot. ad aware se mets aussi à jour. néanmoins, après désinfection, le pc est extrêmement lent. d'après nos recherches, il semblerait que nous étions infectés par "fakealert" qui se manifeste sous des entrées "tdss".
Tous les fichiers tdss on été éliminés manuellement du système, mais après une ballade dans les clefs de registres, il reste des entrées.

aujourd'hui malwarebyte, spybot, elistarA, f-prot ,avast, bit defender scan online ne trouvent rien (le tout MAJ). seul ad-aware trouve "fakealert" sans pouvoir l éliminer.

Aidez moi, obiwan kenobi, vous êtes notre seul espoir^^
Merci à ceux qui se pencheront sur notre problème, et bonnes fêtes a tous
A voir également:

93 réponses

Réponse 1 / 93
Utilisateur anonyme
31 déc. 2008 à 14:22
Salut,

Ok jeune padawan....

▶ Télécharge hijackthis

▶ Enregistre la cible sous .... "le bureau"

▶ Fais un double-clic sur "HJTInstall.exe" afin de lancer l'installation

▶ Clique sur Install ensuite sur "I Accept"

▶ Clique sur" Do a scan system and save log file"

▶ Le bloc-notes s'ouvrira, fais un copier-coller de tout son contenu ici dans ta prochaine réponse

▶ Tuto hijackthis(Merci à Balltrap34)

Si un rapport ne passe pas faire une alerte à la conciergerie avec le /!\ jaune.
0
Réponse 2 / 93
brm
31 déc. 2008 à 14:26
Merci pour cette réponse aussi rapide :)



Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:24:56, on 31/12/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Archivos de programa\Alwil Software\Avast4\aswUpdSv.exe
C:\Archivos de programa\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\ARCHIV~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Archivos de programa\Google\Google Desktop Search\GoogleDesktop.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Archivos de programa\Messenger\msmsgs.exe
C:\Archivos de programa\Logitech\SetPoint\SetPoint.exe
C:\Archivos de programa\Archivos comunes\Logitech\KhalShared\KHALMNPR.EXE
C:\Archivos de programa\Google\Google Desktop Search\GoogleDesktop.exe
C:\Archivos de programa\Archivos comunes\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Archivos de programa\Bonjour\mDNSResponder.exe
C:\Archivos de programa\FRISK Software\F-PROT Antivirus for Windows\FPAVServer.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Archivos de programa\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\Archivos de programa\Alwil Software\Avast4\ashMaiSv.exe
C:\Archivos de programa\Alwil Software\Avast4\ashWebSv.exe
C:\Archivos de programa\Mozilla Firefox\firefox.exe
C:\Archivos de programa\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.es
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Vínculos
O2 - BHO: (no name) - {568DF331-063E-46AF-BA3D-FEE69B4399A3} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Archivos de programa\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Archivos de programa\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Archivos de programa\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [avast!] C:\ARCHIV~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [EPSON Stylus DX3800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE /P26 "EPSON Stylus DX3800 Series" /O6 "USB002" /M "Stylus DX3800"
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Archivos de programa\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Archivos de programa\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICIO LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Servicio de red')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Archivos de programa\Archivos comunes\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Archivos de programa\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\ARCHIV~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Archivos de programa\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Consola de Sun Java - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Archivos de programa\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARCHIV~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Archivos de programa\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Archivos de programa\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Archivos de programa\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.es/scan_es/scan8/oscan8.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{4CF633FC-A68E-481D-BEFF-4830010AD862}: NameServer = 62.14.63.145,62.14.2.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{4CF633FC-A68E-481D-BEFF-4830010AD862}: NameServer = 62.14.63.145,62.14.2.1
O17 - HKLM\System\CS3\Services\Tcpip\..\{4CF633FC-A68E-481D-BEFF-4830010AD862}: NameServer = 62.14.63.145,62.14.2.1
O20 - AppInit_DLLs: C:\ARCHIV~1\Google\GOOGLE~1\GOEC62~1.DLL wgpfaf.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Archivos de programa\Archivos comunes\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Archivos de programa\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Archivos de programa\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Archivos de programa\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Archivos de programa\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Servicio Bonjour (Bonjour Service) - Apple Inc. - C:\Archivos de programa\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Archivos de programa\Archivos comunes\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: F-PROT Antivirus for Windows system (FPAVServer) - FRISK Software International - C:\Archivos de programa\FRISK Software\F-PROT Antivirus for Windows\FPAVServer.exe
O23 - Service: Administrador de Google Desktop 5.7.802.22438 (GoogleDesktopManager-022208-143751) - Google - C:\Archivos de programa\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Archivos de programa\Archivos comunes\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Servicio del iPod (iPod Service) - Apple Inc. - C:\Archivos de programa\iPod\bin\iPodService.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Archivos de programa\ma-config.com\maconfservice.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Archivos de programa\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
0
Réponse 3 / 93
Utilisateur anonyme
31 déc. 2008 à 14:29
Re,

▶ Télécharge random's system information tool (RSIT) et enregistre le sur ton bureau.

▶ Double clique sur RSIT.exe pour lancer l'outil.

▶ Clique sur ' continue ' à l'écran Disclaimer.

Si l'outil HIjackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera et tu devras accepter la licence.

▶ Une fois le scan fini , 2 rapports vont apparaitre. Poste le contenu des 2 rapports
( log.txt & info.txt )

(CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )

Si un rapport ne passe pas faire une alerte à la conciergerie avec le /!\ jaune.

+

Télécharge Rooter de l'équipe IDN

Sur ton bureau

/!\ Déconnecte toi d'internet et ferme toutes applications en cours /!\

▶ Exécute Rooter et laisse travailler l'outil .

▶ Une fois terminé, poste le rapport obtenu pour analyse

Si un rapport ne passe pas faire une alerte à la conciergerie avec le /!\ jaune.
0
Réponse 4 / 93
brm
31 déc. 2008 à 14:35
log.txt:

Logfile of random's system information tool 1.05 (written by random/random)
Run by principal at 2008-12-31 14:33:17
Microsoft Windows XP Professional Service Pack 3
System drive C: has 78 GB (40%) free of 194 GB
Total RAM: 2047 MB (73% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:33:32, on 31/12/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Archivos de programa\Alwil Software\Avast4\aswUpdSv.exe
C:\Archivos de programa\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\ARCHIV~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Archivos de programa\Google\Google Desktop Search\GoogleDesktop.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Archivos de programa\Messenger\msmsgs.exe
C:\Archivos de programa\Logitech\SetPoint\SetPoint.exe
C:\Archivos de programa\Archivos comunes\Logitech\KhalShared\KHALMNPR.EXE
C:\Archivos de programa\Google\Google Desktop Search\GoogleDesktop.exe
C:\Archivos de programa\Archivos comunes\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Archivos de programa\Bonjour\mDNSResponder.exe
C:\Archivos de programa\FRISK Software\F-PROT Antivirus for Windows\FPAVServer.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Archivos de programa\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\Archivos de programa\Alwil Software\Avast4\ashMaiSv.exe
C:\Archivos de programa\Alwil Software\Avast4\ashWebSv.exe
C:\Archivos de programa\Mozilla Firefox\firefox.exe
C:\Documents and Settings\principal\Escritorio\Tampon\RSIT.exe
C:\Archivos de programa\Trend Micro\HijackThis\principal.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.es
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Vínculos
O2 - BHO: (no name) - {568DF331-063E-46AF-BA3D-FEE69B4399A3} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Archivos de programa\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Archivos de programa\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Archivos de programa\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [avast!] C:\ARCHIV~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [EPSON Stylus DX3800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE /P26 "EPSON Stylus DX3800 Series" /O6 "USB002" /M "Stylus DX3800"
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Archivos de programa\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Archivos de programa\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICIO LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Servicio de red')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Archivos de programa\Archivos comunes\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Archivos de programa\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\ARCHIV~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Archivos de programa\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Consola de Sun Java - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Archivos de programa\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARCHIV~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Archivos de programa\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Archivos de programa\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Archivos de programa\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.es/scan_es/scan8/oscan8.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{4CF633FC-A68E-481D-BEFF-4830010AD862}: NameServer = 62.14.63.145,62.14.2.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{4CF633FC-A68E-481D-BEFF-4830010AD862}: NameServer = 62.14.63.145,62.14.2.1
O17 - HKLM\System\CS3\Services\Tcpip\..\{4CF633FC-A68E-481D-BEFF-4830010AD862}: NameServer = 62.14.63.145,62.14.2.1
O20 - AppInit_DLLs: C:\ARCHIV~1\Google\GOOGLE~1\GOEC62~1.DLL wgpfaf.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Archivos de programa\Archivos comunes\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Archivos de programa\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Archivos de programa\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Archivos de programa\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Archivos de programa\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Servicio Bonjour (Bonjour Service) - Apple Inc. - C:\Archivos de programa\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Archivos de programa\Archivos comunes\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: F-PROT Antivirus for Windows system (FPAVServer) - FRISK Software International - C:\Archivos de programa\FRISK Software\F-PROT Antivirus for Windows\FPAVServer.exe
O23 - Service: Administrador de Google Desktop 5.7.802.22438 (GoogleDesktopManager-022208-143751) - Google - C:\Archivos de programa\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Archivos de programa\Archivos comunes\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Servicio del iPod (iPod Service) - Apple Inc. - C:\Archivos de programa\iPod\bin\iPodService.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Archivos de programa\ma-config.com\maconfservice.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Archivos de programa\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 93
brm
31 déc. 2008 à 14:36
info.txt:

info.txt logfile of random's system information tool 1.05 2008-12-31 14:33:34

======Uninstall list======

{ARPD} Coop Realism Mod Version 5.2-->C:\Archivos de programa\Sierra\SWAT 4\{ARPD}v5\Uninstall {ARPD}v5.exe
-->C:\Archivos de programa\Nero\Nero 7\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
-->C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
-->C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
-->C:\WINDOWS\UNRecode.exe /UNINSTALL
-->MsiExec /X{EFC1B35C-FFF2-41D8-A70A-CE6037F8040B}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
11-99 Enhancement Mod v1.1-->C:\Archivos de programa\Sierra\SWAT 4\11-99 Enhancement Mod v1.1\Uninstal.exe
11-99 Enhancement Mod-->C:\Archivos de programa\Sierra\SWAT 4\11-99 Enhancement Mod\Uninstal.exe
3DVIA Player 4.1-->MsiExec.exe /X{4E868D3D-6EEB-4273-926C-2287236B5B79}
Actualización de seguridad para el Reproductor de Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Actualización de seguridad para el Reproductor de Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Actualización de seguridad para el Reproductor de Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
Actualización de seguridad para Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB950759)-->"C:\WINDOWS\$NtUninstallKB950759$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB953838)-->"C:\WINDOWS\$NtUninstallKB953838$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB956390)-->"C:\WINDOWS\$NtUninstallKB956390$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB958215)-->"C:\WINDOWS\$NtUninstallKB958215$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB960714)-->"C:\WINDOWS\$NtUninstallKB960714$\spuninst\spuninst.exe"
Actualización para Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Actualización para Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Actualización para Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Ad-Aware-->MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
Adobe Anchor Service CS3-->MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95}
Adobe Asset Services CS3-->MsiExec.exe /I{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}
Adobe Bridge CS3-->MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394}
Adobe Bridge Start Meeting-->MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23}
Adobe Camera Raw 4.0-->MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}
Adobe CMaps-->MsiExec.exe /I{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}
Adobe Color - Photoshop Specific-->MsiExec.exe /I{A2D81E70-2A98-4A08-A628-94388B063C5E}
Adobe Color Common Settings-->MsiExec.exe /I{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}
Adobe Color EU Recommended Settings-->MsiExec.exe /I{73B5D990-04EA-4751-B10F-5534770B91F2}
Adobe Color JA Extra Settings-->MsiExec.exe /I{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}
Adobe Color NA Extra Settings-->MsiExec.exe /I{FF29A7E2-FF40-4D07-B7E4-2093DE59E10A}
Adobe Default Language CS3-->MsiExec.exe /I{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}
Adobe Device Central CS3-->MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}
Adobe ExtendScript Toolkit 2-->MsiExec.exe /I{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Fonts All-->MsiExec.exe /I{6ABE0BEE-D572-4FE8-B434-9E72A289431B}
Adobe Help Viewer CS3-->MsiExec.exe /I{04AF207D-9A77-465A-8B76-991F6AB66245}
Adobe Linguistics CS3-->MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078}
Adobe PDF Library Files-->MsiExec.exe /I{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}
Adobe Photoshop CS-->RunDll32 C:\ARCHIV~1\ARCHIV~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Archivos de programa\InstallShield Installation Information\{EFB21DE7-8C19-4A88-BB28-A766E16493BC}\setup.exe" -l0xa
Adobe Photoshop CS3-->C:\Archivos de programa\Archivos comunes\Adobe\Installers\53a35a181eeb50486a0e091bd67ae62\Setup.exe
Adobe Photoshop CS3-->MsiExec.exe /I{FB124956-B0E3-4D78-AB94-6E53430004B7}
Adobe Reader 8.1.2 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81200000003}
Adobe Setup-->MsiExec.exe /I{ACD238D4-5E74-42E1-8B11-A477BCE70D2F}
Adobe Shockwave Player 11-->C:\WINDOWS\system32\adobe\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Adobe\SHOCKW~1\Install.log
Adobe Stock Photos CS3-->MsiExec.exe /I{29E5EA97-5F74-4A57-B8B2-D4F169117183}
Adobe Type Support-->MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}
Adobe Update Manager CS3-->MsiExec.exe /I{E69AE897-9E0B-485C-8552-7841F48D42D8}
Adobe Version Cue CS3 Client-->MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5}
Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}
Adobe XMP Panels CS3-->MsiExec.exe /I{802771A9-A856-4A41-ACF7-1450E523C923}
AGEIA PhysX v7.07.24-->MsiExec.exe /X{EFC1B35C-FFF2-41D8-A70A-CE6037F8040B}
America's Army-->MsiExec.exe /I{656D5B05-0409-41EE-BBEE-D9C4D6388972}
Apple Mobile Device Support-->MsiExec.exe /I{49C88E44-1B38-4FC6-824E-2BDA3063B0E3}
Apple Software Update-->MsiExec.exe /I{02DFF6B1-1654-411C-8D7B-FD6052EF016F}
aTube Catcher 1.0-->"C:\Archivos de programa\DsNET Corp\aTube Catcher 1.0\unins000.exe"
avast! Antivirus-->C:\Archivos de programa\Alwil Software\Avast4\aswRunDll.exe "C:\Archivos de programa\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
AVIConverter 3.0-->C:\Archivos de programa\AVIConverter\uninst.exe
AviSynth 2.5-->"C:\Archivos de programa\AviSynth 2.5\Uninstall.exe"
Battlefield 2(TM)-->RunDll32 C:\ARCHIV~1\ARCHIV~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Archivos de programa\InstallShield Installation Information\{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}\setup.exe" -l0xa -removeonly
Bonjour-->MsiExec.exe /I{47BF1BD6-DCAC-468F-A0AD-E5DECC2211C3}
CDDRV_Installer-->MsiExec.exe /I{8CC990CD-87C8-475C-AC32-8A7984E2FCFA}
Convert Doc-->"C:\Archivos de programa\Softinterface, Inc\Convert Doc\unins000.exe"
ConvertXtoDVD 2.2.3.258-->"C:\Archivos de programa\VSO\ConvertXtoDVD\unins000.exe"
Dawn of War - Soulstorm-->"C:\Archivos de programa\InstallShield Installation Information\{20533183-D42D-4261-A125-956736FBEA8C}\setup.exe" -runfromtemp -l0x000a -removeonly
Dawn Of War - Winter Assault-->MsiExec.exe /X{DD8408E9-9421-484F-979D-DB6361E3E828}
DawnOfWar-->C:\ARCHIV~1\ARCHIV~1\INSTAL~1\Driver\10\INTEL3~1\IDriver.exe /M{362D5167-9716-44BE-89FD-BF9EB6EF814B}
DDS Thumbnail Viewer-->RunDll32 C:\ARCHIV~1\ARCHIV~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Archivos de programa\InstallShield Installation Information\{2205B8AE-490E-43F2-AB43-C13C2BEC86A7}\Setup.exe" -l0x9
DivX Web Player-->C:\Archivos de programa\DivX\DivXWebPlayerUninstall.exe /PLUGIN
D-Link VGA Webcam-->C:\WINDOWS\CleanDev.exe C:\WINDOWS\ov519.TXT
EPSON Attach To Email-->C:\Archivos de programa\Archivos comunes\InstallShield\Driver\8\Intel 32\IDriver.exe /M{20C45B32-5AB6-46A4-94EF-58950CAF05E5} /l1033 ADDREMOVEDLG
EPSON Copy Utility 3-->RunDll32 C:\ARCHIV~1\ARCHIV~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Archivos de programa\InstallShield Installation Information\{67EDD823-135A-4D59-87BD-950616D6E857}\SETUP.EXE" -l0xa -UnInstall
EPSON Easy Photo Print-->RunDll32 C:\ARCHIV~1\ARCHIV~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Archivos de programa\InstallShield Installation Information\{5DA7BC15-18D3-41A0-9F59-838DA3EAEF17}\SETUP.EXE" -l0xa UNINST
EPSON File Manager-->RunDll32 C:\ARCHIV~1\ARCHIV~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Archivos de programa\InstallShield Installation Information\{E86BC406-944E-41F6-ADE6-2C136734C96B}\Setup.exe" -l0xa UNINST
EPSON Image Clip Palette-->RunDll32 C:\ARCHIV~1\ARCHIV~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Archivos de programa\InstallShield Installation Information\{314F6D08-A8B7-11D8-8446-0050BA1D384D}\Setup.exe" -l0xa -u
EPSON Scan Assistant-->RunDll32 C:\ARCHIV~1\ARCHIV~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Archivos de programa\InstallShield Installation Information\{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}\Setup.exe" -l0xa -u
EPSON Scan-->C:\Archivos de programa\epson\escndv\setup\setup.exe /r
EPSON Web-To-Page-->RunDll32 C:\ARCHIV~1\ARCHIV~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Archivos de programa\InstallShield Installation Information\{7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}\SETUP.EXE" -l0xa -anything
ESDX3800 Manual de usuario-->C:\Archivos de programa\EPSON\TPMANUAL\ESDX3800\USE_G\DOCUNINS.EXE
Euro Truck Simulator 1.00-->C:\Archivos de programa\Euro Truck Simulator\uninst.exe
Eve Of Destruction 0.1-->C:\Archivos de programa\EA Games\Battlefield Vietnam\Mods\uninst.exe
Far Cry 2-->"C:\Archivos de programa\InstallShield Installation Information\{F2835483-37F2-4123-B4FE-0E77D58447F2}\setup.exe" -runfromtemp -l0x000a -removeonly
F-PROT Antivirus for Windows-->MsiExec.exe /I{E58B329B-FB28-4874-90DE-0D7CB2709267}
F-PROT Antivirus Updater Fix-->MsiExec.exe /I{F8A3A6BC-D68F-445B-B1BA-6F03A4352865}
Freez FLV to AVI/MPEG/WMV Converter-->"C:\Archivos de programa\Smallvideosoft\Freez FLV to AVI MPEG WMV Converter\unins000.exe"
Game Cam-->RunDll32 C:\ARCHIV~1\ARCHIV~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Archivos de programa\InstallShield Installation Information\{DB52432E-3AD8-41A5-A586-0F065FB6A31E}\setup.exe"
Google Desktop-->C:\Archivos de programa\Google\Google Desktop Search\GoogleDesktopSetup.exe -uninstall
Hamachi 1.0.3.0-->C:\Archivos de programa\Hamachi\uninstall.exe
HijackThis 2.0.2-->"C:\Archivos de programa\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Imperial Glory-->RunDll32 C:\ARCHIV~1\ARCHIV~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Archivos de programa\InstallShield Installation Information\{1FCC8C70-66B9-420D-942C-2C2A8441C744}\setup.exe" -l0xa -removeonly
iTunes-->MsiExec.exe /I{3DE0053C-FD9A-483E-B7C9-B06E4392206E}
IZArc 3.81-->"C:\Archivos de programa\IZArc\unins000.exe"
Java(TM) 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Kaspersky Online Scanner-->C:\WINDOWS\system32\KASPER~1\KASPER~1\kavuninstall.exe
KhalInstallWrapper-->MsiExec.exe /I{56918C0C-0D87-4CA6-92BF-4975A43AC719}
K-Lite Codec Pack 3.9.0 Full-->"C:\Archivos de programa\K-Lite Codec Pack\unins000.exe"
Lecteur Windows Media 11-->"C:\Archivos de programa\Windows Media Player\Setup_wm.exe" /Uninstall
Logitech Registration-->MsiExec.exe /I{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}
Logitech SetPoint-->C:\Archivos de programa\InstallShield Installation Information\{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}\setup.exe -runfromtemp -l0x040c -removeonly
Lphant v3.51-->"C:\Archivos de programa\Lphant\unins000.exe"
Ma-Config.com-->MsiExec.exe /X{1C02A760-1682-49AE-BB54-FA7D63BD3504}
Malwarebytes' Anti-Malware-->"C:\Archivos de programa\Malwarebytes' Anti-Malware\unins000.exe"
Marvell Miniport Driver-->MsiExec.exe /X{C950420B-4182-49EA-850A-A6A2ABF06C6B}
Media Library Management Wizard-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\mplibwiz.inf,DefaultUninstall
Messenger Plus! Live-->"C:\Archivos de programa\Messenger Plus! Live\Uninstall.exe"
Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5-->"C:\WINDOWS\$NtUninstallWdf01005$\spuninst\spuninst.exe"
Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE}
Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (French) 2007-->MsiExec.exe /X{90120000-0044-040C-0000-0000000FF1CE}
Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
Microsoft Office Professional Plus 2007-->"C:\Archivos de programa\Archivos comunes\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL
Microsoft Office Professional Plus 2007-->MsiExec.exe /X{90120000-0011-0000-0000-0000000FF1CE}
Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE}
Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
MKVtoolnix 2.1.0-->C:\Archivos de programa\MKVtoolnix\uninst.exe
MoreJongg 7.00-->"C:\Archivos de programa\Moraff\Morejongg\Uninstal.exe"
Movie Maker Background Music Files-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\mmmusic.inf,DefaultUninstall
Movie Maker Sound Effects-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\mmsounds.inf,DefaultUninstall
Movie Maker Title Images-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\mmtitle.inf,DefaultUninstall
Mozilla Firefox (2.0.0.20)-->C:\Archivos de programa\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 Parser and SDK-->MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC}
Nero 7 Demo-->MsiExec.exe /I{A66B369B-2927-8B02-ADF7-5BC0FE941034}
NET Installation Assistance for VB6 App (Runtime Only)-->MsiExec.exe /I{66333C41-085E-4DA1-8273-E2BCA382D766}
Notepad++-->C:\Archivos de programa\Notepad++\uninstall.exe
NVIDIA Drivers-->C:\WINDOWS\system32\nvuninst.exe UninstallGUI
NVIDIA Photoshop Plug-ins-->RunDll32 C:\ARCHIV~1\ARCHIV~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Archivos de programa\InstallShield Installation Information\{23F79416-CAD1-41BF-99A3-040F6C814AAA}\setup.exe" -l0x9
OpenAL-->"C:\Archivos de programa\OpenAL\OpenALwEAX.exe" /U
Pack PSP - Ri4m - v1.0a-->C:\Archivos de programa\Ripp-it_AM\dlls\Uninstal.exe
Panda ActiveScan 2.0-->C:\Archivos de programa\Panda Security\ActiveScan 2.0\as2uninst.exe
PDF Settings-->MsiExec.exe /I{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}
PDFCreator-->C:\Archivos de programa\PDFCreator\unins000.exe
PIF DESIGNER-->RunDll32 C:\ARCHIV~1\ARCHIV~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Archivos de programa\InstallShield Installation Information\{B90450DF-E781-46FD-B1F1-0C86DA40E443}\SETUP.EXE" -l0xa anything
Pirates of the Burning Sea-->"C:\Archivos de programa\InstallShield Installation Information\{5541F601-F327-4739-B7E8-560EDEE1301E}\setup.exe" -runfromtemp -l0x040c -removeonly
PlayNC Launcher-->C:\Archivos de programa\InstallShield Installation Information\{5F8E2CBB-949D-4175-AC98-5ADE7F6C9697}\setup.exe -runfromtemp -l0x0009 -removeonly
Project Torque-->C:\Archivos de programa\AeriaGames\Project Torque\uninstall.exe
QuickTime-->MsiExec.exe /I{08CA9554-B5FE-4313-938F-D4A417B81175}
Revisión para el Reproductor de Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Revisión para Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Ri4m v5.0.1d-->C:\Archivos de programa\Ripp-it_AM\Ri4m_Uninstal.exe
RisingSun 1.00 -->C:\WINDOWS\uninstall\RisingSun\setup.exe
ServiWin-->C:\WINDOWS\zipinst.exe /uninst "C:\Archivos de programa\ServiWin\uninst1~.nsu"
Software de impresora EPSON-->C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /R
SopCast 3.0.1-->C:\Archivos de programa\SopCast\uninst.exe
SoundMAX-->RunDll32 C:\ARCHIV~1\ARCHIV~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Archivos de programa\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\Setup.exe"
SPORE™-->"C:\Archivos de programa\InstallShield Installation Information\{9DF0196F-B6B8-4C3A-8790-DE42AA530101}\SPORESetup.exe" -runfromtemp -l0x040c -removeonly
Spybot - Search & Destroy-->"C:\Archivos de programa\Spybot - Search & Destroy\unins000.exe"
Star Wars Galaxies: Complete Online Adventures-->RunDll32 C:\ARCHIV~1\ARCHIV~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Archivos de programa\InstallShield Installation Information\{19F59AB5-B1F6-4276-A40B-09472318BCFF}\setup.exe" -l0x9 -removeonly
SWAT 4-->C:\ARCHIV~1\ARCHIV~1\INSTAL~1\Driver\10\INTEL3~1\IDriver.exe /M{8E1CCF20-9E12-4824-BD59-7AD9E0486DD8} uninstall
System Requirements Lab-->C:\Archivos de programa\SystemRequirementsLab\Uninstall.exe
TeamSpeak 2 RC2-->"C:\Archivos de programa\Teamspeak2_RC2\unins000.exe"
TuneUp Utilities 2008-->MsiExec.exe /I{5888428E-699C-4E71-BF71-94EE06B497DA}
Twin Digital GamePad-->RunDll32 C:\ARCHIV~1\ARCHIV~1\INSTAL~1\PROFES~1\RunTime\0700\Intel32\Ctor.dll,LaunchSetup "C:\Archivos de programa\InstallShield Installation Information\{06204E2A-6369-43ED-A9CF-49B5F49915FA}\setup.exe" -l0x9
VDMSound 2.0.4-->MsiExec.exe /I{8ECBE643-8230-11D5-9D6B-00A024112F81}
VeohTV BETA-->C:\Archivos de programa\InstallShield Installation Information\{0405E51E-9582-4207-8F38-AC44201D3808}\setup.exe -runfromtemp -l0x0409
Vietcong-->C:\Program Files\Vietcong\Uninstall.exe
Winamp-->"C:\Archivos de programa\Winamp\UninstWA.exe"
Windows Live Messenger-->MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65}
Windows Media Format 11 runtime-->"C:\Archivos de programa\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows Media Player Skin Importer-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\wa2wmp.inf,DefaultUninstall
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
X-07 MAPPACK [LAN] Battlefield 2-->C:\Archivos de programa\EA GAMES\Battlefield 2\x07mappack_Uninstal.exe
Yahoo! Install Manager-->C:\WINDOWS\system32\regsvr32 /u C:\ARCHIV~1\Yahoo!\Common\YINSTH~1.DLL
Yahoo! Widgets-->C:\ARCHIV~1\Yahoo!\Widgets\uninstall.exe

======Hosts File======

127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com

======Security center information======

AV: avast! antivirus 4.8.1296 [VPS 081230-0]
AV: F-PROT Antivirus for Windows

System event log

Computer Name: HOME-E0D3044181
Event Code: 26
Message: Aplicación emergente: Proxy Desktop: Explorer.EXE - Error de aplicación : Se ha producido la excepción excepción inesperada del programa (0xc06d007e) en la dirección 0x7c812aeb.


Record Number: 31704
Source Name: Application Popup
Time Written: 20081109011953.000000+060
Event Type: Información
User:

Computer Name: HOME-E0D3044181
Event Code: 26
Message: Aplicación emergente: Proxy Desktop: Explorer.EXE - Error de aplicación : Se ha producido la excepción excepción inesperada del programa (0xc06d007e) en la dirección 0x7c812aeb.


Record Number: 31703
Source Name: Application Popup
Time Written: 20081109011950.000000+060
Event Type: Información
User:

Computer Name: HOME-E0D3044181
Event Code: 7036
Message: El servicio Servicio COM de grabación de CD de IMAPI entró en estado detenido.

Record Number: 31702
Source Name: Service Control Manager
Time Written: 20081109011924.000000+060
Event Type: Información
User:

Computer Name: HOME-E0D3044181
Event Code: 7036
Message: El servicio Servicio COM de grabación de CD de IMAPI entró en estado Activo.

Record Number: 31701
Source Name: Service Control Manager
Time Written: 20081109011918.000000+060
Event Type: Información
User:

Computer Name: HOME-E0D3044181
Event Code: 7035
Message: Se ha enviado satisfactoriamente un control iniciar al servicio Servicio COM de grabación de CD de IMAPI.

Record Number: 31700
Source Name: Service Control Manager
Time Written: 20081109011918.000000+060
Event Type: Información
User: NT AUTHORITY\SYSTEM

Application event log

Computer Name: HOME-E0D3044181
Event Code: 1
Message:
Record Number: 4030
Source Name: Bonjour Service
Time Written: 20080419220214.000000+120
Event Type: Información
User:

Computer Name: HOME-E0D3044181
Event Code: 1517
Message: Windows guardó el Registro de usuario HOME-E0D3044181\principal mientras una aplicación o servicio todavía estaba usando el Registro durante el cierre de sesión. No se ha liberado la memoria usada por el Registro de usuario. Se descargará el Registro cuando ya no esté en uso.


Esto es debido a menudo por los servicios ejecutándose como cuentas de usuario. Intente configurar los servicios para ejecutarse en la cuenta ServicioLocal o ServicioRed.
Record Number: 4029
Source Name: Userenv
Time Written: 20080419184419.000000+120
Event Type: Advertencia
User: NT AUTHORITY\SYSTEM

Computer Name: HOME-E0D3044181
Event Code: 101
Message: msnmsgr (3532) Se detuvo el motor de base de datos.

Record Number: 4028
Source Name: ESENT
Time Written: 20080419184403.000000+120
Event Type: Información
User:

Computer Name: HOME-E0D3044181
Event Code: 103
Message: msnmsgr (3532) \\.\C:\Documents and Settings\principal\Configuración local\Datos de programa\Microsoft\Messenger\broumstick@yahoo.fr\SharingMetadata\Working\database_12F0_9195_F091_7FA1\dfsr.db: El motor de base de datos detuvo la instancia (0).

Record Number: 4027
Source Name: ESENT
Time Written: 20080419184403.000000+120
Event Type: Información
User:

Computer Name: HOME-E0D3044181
Event Code: 302
Message: msnmsgr (3532) \\.\C:\Documents and Settings\principal\Configuración local\Datos de programa\Microsoft\Messenger\broumstick@yahoo.fr\SharingMetadata\Working\database_12F0_9195_F091_7FA1\dfsr.db: El motor de base de datos completó correctamente los pasos de recuperación.

Record Number: 4026
Source Name: ESENT
Time Written: 20080419143729.000000+120
Event Type: Información
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%systemroot%\system32;%systemroot%;%systemroot%\system32\wbem;C:\Archivos de programa\ATI Technologies\ATI.ACE\Core-Static;%VDMSPath%;C:\Archivos de programa\QuickTime\QTSystem
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 12 Stepping 0, AuthenticAMD
"PROCESSOR_REVISION"=0c00
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"VDMSPath"=C:\Archivos de programa\VDMSound\
"CLASSPATH"=.;C:\Archivos de programa\Java\jre1.6.0_03\lib\ext\QTJava.zip
"QTJAVA"=C:\Archivos de programa\Java\jre1.6.0_03\lib\ext\QTJava.zip

-----------------EOF-----------------
0
Réponse 6 / 93
brm
31 déc. 2008 à 14:38
pour rooter, je desactive l antivirus aussi?
0
Réponse 7 / 93
Utilisateur anonyme
31 déc. 2008 à 14:39
Re,

Oui.

Tu as télécharger un crack ?
0
Réponse 8 / 93
brm
31 déc. 2008 à 14:42
ok pour l antivir.
pour le crack.....oui, ça nous arrive "shame"
0
Réponse 9 / 93
Utilisateur anonyme
31 déc. 2008 à 14:44
Re,

Ben voilà un bagle.

Tu passe rooter et te donne la suite.
0
Réponse 10 / 93
brm
31 déc. 2008 à 14:50
Microsoft (R) Windows Script Host versi¢n 5.7
Copyright (C) Microsoft Corporation 1996-2006. Reservados todos los derechos.

Microsoft Windows XP Professional ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : AMD Athlon(tm) 64 Processor 3400+ )
BIOS : Rev 2.00
USER : principal ( Administrator )
BOOT : Normal boot

Antivirus : F-PROT Antivirus for Windows 6.0 (Activated)


A:\ (USB)
C:\ (Local Disk) - NTFS - Total:189 Go (Free:76 Go)
D:\ (CD or DVD)
E:\ (CD or DVD)
F:\ (CD or DVD)

31/12/2008|14:44

----------------------\\ Search..

----------------------\\ ROOTKIT !!

Rootkit TDSS ! .. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_TDSSSERV.SYS]
Rootkit TDSS ! .. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_TDSSSERV.SYS]
Rootkit TDSS ! .. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_TDSSSERV.SYS]
Rootkit TDSS ! .. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\TDSSserv.sys]
Rootkit TDSS ! .. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\TDSSserv.sys]
Rootkit TDSS ! .. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TDSSserv.sys]

----------------------\\ Cracks & Keygens..

C:\DOCUME~1\PRINCI~1\Escritorio\audio-video\Data\Fruity Loops Studio XXL v.8 CRACK-BY ToRR3NTPYTHoN.rar
C:\DOCUME~1\PRINCI~1\Escritorio\audio-video\Data\Nero 7.0.1.2 Premium Edition (EspaÇñol-Spanish) Con Keygen, GuÇðas De Usuario Y.zip
C:\DOCUME~1\PRINCI~1\Escritorio\audio-video\Data\VSO.ConvertXtoDVD.v2.2.3.258.Multilangages.Incl-Keygen.rar
C:\DOCUME~1\PRINCI~1\Mis documentos\Mis im genes\photoshop\Akvis Filtres Crack.rar


1 - "C:\Rooter$\Rooter_1.txt" - 31/12/2008|14:44

----------------------\\ Scan completed at 14:44




bagle??
0
Réponse 11 / 93
Utilisateur anonyme
31 déc. 2008 à 14:52
Re,


C:\DOCUME~1\PRINCI~1\Escritorio\audio-video\Data\Fruity Loops Studio XXL v.8 CRACK-BY ToRR3NTPYTHoN.rar
C:\DOCUME~1\PRINCI~1\Escritorio\audio-video\Data\Nero 7.0.1.2 Premium Edition (EspaÇñol-Spanish) Con Keygen, GuÇðas De Usuario Y.zip
C:\DOCUME~1\PRINCI~1\Escritorio\audio-video\Data\VSO.ConvertXtoDVD.v2.2.3.258.Multilangages.Incl-Keygen.rar
C:\DOCUME~1\PRINCI~1\Mis documentos\Mis im genes\photoshop\Akvis Filtres Crack.rar

Vire tout sa et fait ce qui suit:

FindyKill de Chiquitine29

▶ Fais un clique droit sur le lien et choisis ( "enregistrer la cible sous ...." )( , destination le bureau .

( Note importante : si tu as le prg Elibagla sur ton PC , supprimes le ( risque de conflit entre les deux outils )( .

▶ Entre dans le dossier " FindyKill "

▶ Double clic sur " FindyKill.bat " (et pas sur autre chose!) pour lancer l'outil .

▶ Choisis ( l'option 1( . Puis laisses travailler ...

▶ Une fois terminé, postes le rapport FindyKill.txt qui est généré ...

( Note : le rapport est sauvegardé à la racine du disque -> C:\FindyKill.txt )

Les-risques-securitaires-du-peer-to-peer

Si un rapport ne passe pas faire une alerte à la conciergerie avec le /!\ jaune.
0
Réponse 12 / 93
brm
31 déc. 2008 à 14:59
ok. A noter que certains fichiers a éliminer n'ont plus les progs associés depuis perpet. les tdss par contre nous inquiètes plus. je lance la manip recommandée et je poste.
encore merci pour l aide :)
0
Réponse 13 / 93
brm
31 déc. 2008 à 15:09
je ne trouve pas findkill.bat après l install
J'ai DL via le lien un findkill.exe, qui a installé un prog. aucun bat dans le rep d installation
0
Réponse 14 / 93
Utilisateur anonyme
31 déc. 2008 à 15:11
Re,

OKI.

Tu as l'icone sur ton bureau double clic dessus et choisit ta langue et fait l'option 1 recherche.
0
Réponse 15 / 93
brm
31 déc. 2008 à 15:15
j ai une fenetre DOS. je lance une recherche en fr de "fichiers infectieux"
0
Réponse 16 / 93
Utilisateur anonyme
31 déc. 2008 à 15:15
Re,

OUI
0
brm
31 déc. 2008 à 15:45
----------------- FindyKill V4.710 ------------------

* User : principal - HOME-E0D3044181
* executed from : C:\Archivos de programa\FindyKill
* Update on 21/12/08 par Chiquitine29
* Start at 15:35:06 the 31/12/2008
* Windows XP - Internet Explorer 6.0.2900.5512


((((((((((((((( *** deleting *** ))))))))))))))))))


--------------- [ Active Processes ] ----------------


C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\logonui.exe
C:\WINDOWS\system32\svchost.exe
C:\Archivos de programa\Alwil Software\Avast4\aswUpdSv.exe
C:\Archivos de programa\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\userinit.exe

--------------- [ Infected files / folders ] ----------------


»»»» Supression files in C:

Deleted ! - C:\InfoSat.txt

»»»» Supression files in C:\WINDOWS


»»»» Supression files in C:\WINDOWS\Prefetch


»»»» Supression files in C:\WINDOWS\system32


»»»» Supression files in C:\WINDOWS\system32\config\systemprofile\AppData\Roaming


»»»» Supression files in C:\WINDOWS\system32\drivers


»»»» Supression files in C:\Documents and Settings\principal\Datos de programa

Deleted ! - "C:\Documents and Settings\principal\Datos de programa\inst.exe"

»»»» Supression files in C:\DOCUME~1\PRINCI~1\CONFIG~1\Temp


»»»» Supression files in C:\Documents and Settings\principal\Local Settings\Temporary Internet Files\Content.IE5


--------------- [ Registry / Infected keys ] ----------------

Deleted ! - HKEY_CURRENT_CONFIG\System\CurrentControlSet\Enum\ROOT\LEGACY_SROSA
Deleted ! - HKEY_USERS\S-1-5-21-839522115-1229272821-2147125571-1003\Software\Ubisoft

--------------- [ States / Restarting of services ] ----------------



+- Services : [ Auto=2 / Request=3 / Disable=4 ]

Ndisuio - Type of startup = 3

EapHost - Type of startup = 2

Ip6Fw - Type of startup = 2

SharedAccess - Type of startup = 2

wuauserv - Type of startup = 2

wscsvc - Type of startup = 2


--------------- [ Cleaning removable drives ] ----------------

+- Informations :

C: - Unidad fija

G: - Unidad extra¡ble


+- deleting files :


--------------- [ Registry / Mountpoint2 ] ----------------


-> Not found !


--------------- [ Searching Cracks / Keygen ] ----------------

C:\Documents and Settings\principal\Escritorio\Jeux\GameCam.v1.2.0.16.Cracked.WinALL-iND
C:\Documents and Settings\principal\Escritorio\Jeux\battlefield2\Battlefield 2 Keygen.rar
C:\Documents and Settings\principal\Escritorio\Jeux\GameCam.v1.2.0.16.Cracked.WinALL-iND\Crack.exe
C:\Documents and Settings\principal\Escritorio\Jeux\GameCam.v1.2.0.16.Cracked.WinALL-iND\GameCamSetup.exe
C:\Documents and Settings\principal\Escritorio\Jeux\GameCam.v1.2.0.16.Cracked.WinALL-iND\GC-iND.nfo
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetailcrack.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetailcrackalphatest.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetailcrackalphatestlightmap.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetailcrackalphatestlightmapshadow.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetailcrackalphatestpointlight.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetailcrackalphatestshadow.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetailcracklightmap.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetailcracklightmapshadow.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetailcrackndetailncrack.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetailcrackndetailncrackalphatest.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetailcrackndetailncrackalphatestlightmap.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetailcrackndetailncrackalphatestlightmapshadow.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetailcrackndetailncrackalphatestpointlight.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetailcrackndetailncrackalphatestshadow.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetailcrackndetailncracklightmap.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetailcrackndetailncracklightmapshadow.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetailcrackndetailncrackpointlight.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetailcrackndetailncrackshadow.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetailcrackpointlight.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetailcrackshadow.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetaildirtcrack.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetaildirtcrackalphatest.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetaildirtcrackalphatestlightmap.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetaildirtcrackalphatestlightmapshadow.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetaildirtcrackalphatestpointlight.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetaildirtcrackalphatestshadow.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetaildirtcracklightmap.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetaildirtcracklightmapshadow.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetaildirtcrackndetailncrack.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetaildirtcrackndetailncrackalphatest.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetaildirtcrackndetailncrackalphatestlightmap.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetaildirtcrackndetailncrackalphatestlightmapshadow.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetaildirtcrackndetailncrackalphatestpointlight.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetaildirtcrackndetailncrackalphatestshadow.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetaildirtcrackndetailncracklightmap.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetaildirtcrackndetailncracklightmapshadow.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetaildirtcrackndetailncrackpointlight.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetaildirtcrackndetailncrackshadow.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetaildirtcrackpointlight.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetaildirtcrackshadow.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetailcrack.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetailcrackalphatest.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetailcrackalphatestlightmap.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetailcrackalphatestlightmapshadow.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetailcrackalphatestpointlight.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetailcrackalphatestshadow.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetailcracklightmap.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetailcracklightmapshadow.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetailcrackndetailncrack.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetailcrackndetailncrackalphatest.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetailcrackndetailncrackalphatestlightmap.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetailcrackndetailncrackalphatestlightmapshadow.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetailcrackndetailncrackalphatestpointlight.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetailcrackndetailncrackalphatestshadow.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetailcrackndetailncracklightmap.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetailcrackndetailncracklightmapshadow.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetailcrackndetailncrackpointlight.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetailcrackndetailncrackshadow.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetailcrackpointlight.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetailcrackshadow.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetaildirtcrack.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetaildirtcrackalphatest.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetaildirtcrackalphatestlightmap.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetaildirtcrackalphatestlightmapshadow.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetaildirtcrackalphatestpointlight.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetaildirtcrackalphatestshadow.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetaildirtcracklightmap.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetaildirtcracklightmapshadow.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetaildirtcrackndetailncrack.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetaildirtcrackndetailncrackalphatest.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetaildirtcrackndetailncrackalphatestlightmap.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetaildirtcrackndetailncrackalphatestlightmapshadow.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetaildirtcrackndetailncrackalphatestpointlight.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetaildirtcrackndetailncrackalphatestshadow.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetaildirtcrackndetailncracklightmap.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetaildirtcrackndetailncracklightmapshadow.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetaildirtcrackndetailncrackpointlight.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetaildirtcrackndetailncrackshadow.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetaildirtcrackpointlight.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetaildirtcrackshadow.cfx
C:\Documents and Settings\principal\Mis documentos\Mi m£sica\mp3\Drain STH - Horror Wrestling\08 - Crack The Liars Smile.mp3


---------------- ! End of report ! ------------------
0
brm
31 déc. 2008 à 15:47
----------------- FindyKill V4.710 ------------------

* User : principal - HOME-E0D3044181
* executed from : C:\Archivos de programa\FindyKill
* Update on 21/12/08 par Chiquitine29
* Start at 15:35:06 the 31/12/2008
* Windows XP - Internet Explorer 6.0.2900.5512


((((((((((((((( *** deleting *** ))))))))))))))))))


--------------- [ Active Processes ] ----------------


C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\logonui.exe
C:\WINDOWS\system32\svchost.exe
C:\Archivos de programa\Alwil Software\Avast4\aswUpdSv.exe
C:\Archivos de programa\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\userinit.exe

--------------- [ Infected files / folders ] ----------------


»»»» Supression files in C:

Deleted ! - C:\InfoSat.txt

»»»» Supression files in C:\WINDOWS


»»»» Supression files in C:\WINDOWS\Prefetch


»»»» Supression files in C:\WINDOWS\system32


»»»» Supression files in C:\WINDOWS\system32\config\systemprofile\AppData\Roaming


»»»» Supression files in C:\WINDOWS\system32\drivers


»»»» Supression files in C:\Documents and Settings\principal\Datos de programa

Deleted ! - "C:\Documents and Settings\principal\Datos de programa\inst.exe"

»»»» Supression files in C:\DOCUME~1\PRINCI~1\CONFIG~1\Temp


»»»» Supression files in C:\Documents and Settings\principal\Local Settings\Temporary Internet Files\Content.IE5


--------------- [ Registry / Infected keys ] ----------------

Deleted ! - HKEY_CURRENT_CONFIG\System\CurrentControlSet\Enum\ROOT\LEGACY_SROSA
Deleted ! - HKEY_USERS\S-1-5-21-839522115-1229272821-2147125571-1003\Software\Ubisoft

--------------- [ States / Restarting of services ] ----------------



+- Services : [ Auto=2 / Request=3 / Disable=4 ]

Ndisuio - Type of startup = 3

EapHost - Type of startup = 2

Ip6Fw - Type of startup = 2

SharedAccess - Type of startup = 2

wuauserv - Type of startup = 2

wscsvc - Type of startup = 2


--------------- [ Cleaning removable drives ] ----------------

+- Informations :

C: - Unidad fija

G: - Unidad extra¡ble


+- deleting files :


--------------- [ Registry / Mountpoint2 ] ----------------


-> Not found !


--------------- [ Searching Cracks / Keygen ] ----------------

C:\Documents and Settings\principal\Escritorio\Jeux\GameCam.v1.2.0.16.Cracked.WinALL-iND
C:\Documents and Settings\principal\Escritorio\Jeux\battlefield2\Battlefield 2 Keygen.rar
C:\Documents and Settings\principal\Escritorio\Jeux\GameCam.v1.2.0.16.Cracked.WinALL-iND\Crack.exe
C:\Documents and Settings\principal\Escritorio\Jeux\GameCam.v1.2.0.16.Cracked.WinALL-iND\GameCamSetup.exe
C:\Documents and Settings\principal\Escritorio\Jeux\GameCam.v1.2.0.16.Cracked.WinALL-iND\GC-iND.nfo
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetailcrack.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetailcrackalphatest.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetailcrackalphatestlightmap.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetailcrackalphatestlightmapshadow.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetailcrackalphatestpointlight.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetailcrackalphatestshadow.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetailcracklightmap.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetailcracklightmapshadow.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetailcrackndetailncrack.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetailcrackndetailncrackalphatest.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetailcrackndetailncrackalphatestlightmap.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetailcrackndetailncrackalphatestlightmapshadow.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetailcrackndetailncrackalphatestpointlight.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetailcrackndetailncrackalphatestshadow.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetailcrackndetailncracklightmap.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetailcrackndetailncracklightmapshadow.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetailcrackndetailncrackpointlight.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetailcrackndetailncrackshadow.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetailcrackpointlight.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetailcrackshadow.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetaildirtcrack.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetaildirtcrackalphatest.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetaildirtcrackalphatestlightmap.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetaildirtcrackalphatestlightmapshadow.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetaildirtcrackalphatestpointlight.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetaildirtcrackalphatestshadow.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetaildirtcracklightmap.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetaildirtcracklightmapshadow.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetaildirtcrackndetailncrack.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetaildirtcrackndetailncrackalphatest.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetaildirtcrackndetailncrackalphatestlightmap.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetaildirtcrackndetailncrackalphatestlightmapshadow.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetaildirtcrackndetailncrackalphatestpointlight.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetaildirtcrackndetailncrackalphatestshadow.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetaildirtcrackndetailncracklightmap.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetaildirtcrackndetailncracklightmapshadow.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetaildirtcrackndetailncrackpointlight.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetaildirtcrackndetailncrackshadow.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetaildirtcrackpointlight.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetaildirtcrackshadow.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetailcrack.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetailcrackalphatest.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetailcrackalphatestlightmap.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetailcrackalphatestlightmapshadow.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetailcrackalphatestpointlight.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetailcrackalphatestshadow.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetailcracklightmap.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetailcracklightmapshadow.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetailcrackndetailncrack.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetailcrackndetailncrackalphatest.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetailcrackndetailncrackalphatestlightmap.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetailcrackndetailncrackalphatestlightmapshadow.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetailcrackndetailncrackalphatestpointlight.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetailcrackndetailncrackalphatestshadow.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetailcrackndetailncracklightmap.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetailcrackndetailncracklightmapshadow.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetailcrackndetailncrackpointlight.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetailcrackndetailncrackshadow.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetailcrackpointlight.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetailcrackshadow.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetaildirtcrack.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetaildirtcrackalphatest.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetaildirtcrackalphatestlightmap.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetaildirtcrackalphatestlightmapshadow.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetaildirtcrackalphatestpointlight.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetaildirtcrackalphatestshadow.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetaildirtcracklightmap.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetaildirtcracklightmapshadow.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetaildirtcrackndetailncrack.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetaildirtcrackndetailncrackalphatest.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetaildirtcrackndetailncrackalphatestlightmap.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetaildirtcrackndetailncrackalphatestlightmapshadow.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetaildirtcrackndetailncrackalphatestpointlight.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetaildirtcrackndetailncrackalphatestshadow.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetaildirtcrackndetailncracklightmap.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetaildirtcrackndetailncracklightmapshadow.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetaildirtcrackndetailncrackpointlight.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetaildirtcrackndetailncrackshadow.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetaildirtcrackpointlight.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetaildirtcrackshadow.cfx
C:\Documents and Settings\principal\Mis documentos\Mi m£sica\mp3\Drain STH - Horror Wrestling\08 - Crack The Liars Smile.mp3


---------------- ! End of report ! ------------------
0
Réponse 17 / 93
brm
31 déc. 2008 à 15:17
----------------- FindyKill V4.710 ------------------

* User : principal - HOME-E0D3044181
* Emplacement : C:\Archivos de programa\FindyKill
* Outils Mis a jours le 21/12/08 par Chiquitine29
* Recherche effectuée à 15:15:53 le 31/12/2008
* Windows XP - Internet Explorer 6.0.2900.5512

((((((((((((((((( *** Recherche *** ))))))))))))))))))


--------------- [ Processus actifs ] ----------------


C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Archivos de programa\Alwil Software\Avast4\aswUpdSv.exe
C:\Archivos de programa\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\ARCHIV~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Archivos de programa\Messenger\msmsgs.exe
C:\Archivos de programa\Logitech\SetPoint\SetPoint.exe
C:\Archivos de programa\Archivos comunes\Logitech\KhalShared\KHALMNPR.EXE
C:\Archivos de programa\Archivos comunes\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Archivos de programa\Bonjour\mDNSResponder.exe
C:\Archivos de programa\FRISK Software\F-PROT Antivirus for Windows\FPAVServer.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Archivos de programa\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\Notepad.exe
C:\Archivos de programa\Alwil Software\Avast4\ashMaiSv.exe
C:\Archivos de programa\Alwil Software\Avast4\ashWebSv.exe
C:\Archivos de programa\Mozilla Firefox\firefox.exe
C:\WINDOWS\Explorer.EXE

--------------- [ Fichiers/Dossiers infectieux ] ----------------


»»»» Presence des fichiers dans C:

Found ! [31/12/2008 03:00] - C:\InfoSat.txt

»»»» Presence des fichiers dans C:\WINDOWS


»»»» Presence des fichiers dans C:\WINDOWS\Prefetch


»»»» Presence des fichiers dans C:\WINDOWS\system32


»»»» Presence des fichiers dans C:\WINDOWS\system32\config\systemprofile\AppData\Roaming


»»»» Presence des fichiers dans C:\WINDOWS\system32\drivers


»»»» Presence des fichiers dans C:\Documents and Settings\principal\Datos de programa


»»»» Presence des fichiers dans C:\DOCUME~1\PRINCI~1\CONFIG~1\Temp


»»»» Presence des fichiers dans C:\Documents and Settings\principal\Local Settings\Temporary Internet Files\Content.IE5


--------------- [ Registre / Startup ] ----------------

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\run]
ctfmon.exe=C:\WINDOWS\system32\ctfmon.exe
MSMSGS="C:\Archivos de programa\Messenger\msmsgs.exe" /background
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run\AdobeUpdater=
<NO NAME>=

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run]
avast!=C:\ARCHIV~1\ALWILS~1\Avast4\ashDisp.exe
IMJPMIG8.1="C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
MSPY2002=C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
PHIME2002ASync=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
PHIME2002A=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
EPSON Stylus DX3800 Series=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE /P26 "EPSON Stylus DX3800 Series" /O6 "USB002" /M "Stylus DX3800"
Logitech Hardware Abstraction Layer=KHALMNPR.EXE
NvCplDaemon=RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
nwiz=nwiz.exe /install
NvMediaCenter=RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
Google Desktop Search="C:\Archivos de programa\Google\Google Desktop Search\GoogleDesktop.exe" /startup
MSConfig=C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents=
<NO NAME>=
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL=
Installed=1
<NO NAME>=
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI=
NoChange=1
Installed=1
<NO NAME>=
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS=
Installed=1
<NO NAME>=

[HKEY_CURRENT_USER\software\local appwizard-generated applications\DocUnins]

--------------- [ Registre / Clés infectieuses ] ----------------


Found ! - HKEY_USERS\S-1-5-21-839522115-1229272821-2147125571-1003\Software\Ubisoft

--------------- [ Etat / Services ] ----------------



+- Services : [ Auto=2 / Demande=3 / Désactivé=4 ]

Ndisuio - Type de démarrage = 3

EapHost - Type de démarrage = 3

Ip6Fw - Type de démarrage = 3

SharedAccess - Type de démarrage = 2

wuauserv - Type de démarrage = 2

wscsvc - Type de démarrage = 2



--------------- [ Recherche dans supports amovibles] ----------------


+- Informations :

C: - Unidad fija


+- presence des fichiers :



--------------- [ Registre / Mountpoint2 ] ----------------


-> Not found !


------------------- ! Fin du rapport ! --------------------
0
Réponse 18 / 93
Utilisateur anonyme
31 déc. 2008 à 15:19
Re,

Findykill de chiquitine29 option 2:

▶ Branche tes disques amovibles à ton PC ( (clefs USB, disque dur externe, etc...) sans les ouvrir

▶ Double-clique sur le raccourci FindyKill sur ton bureau

▶ Au menu principal, choisisl'option 2 (Suppression)

/!\ Il y aura 2 redémarrages, laisse travailler l'outil jusqu'à l'apparition du message "nettoyage effectué" /!\

𥭮nsuite, poste le rapport FindyKill.txt

Note : le rapport FindyKill.txt est sauvegardé à la racine du disque.

Si un rapport ne passe pas faire une alerte à la conciergerie avec le /!\ jaune.

Found ! [31/12/2008 03:00] - C:\InfoSat.txt ==>Pas bien sa!!
0
Réponse 19 / 93
brm
31 déc. 2008 à 15:24
je commence a avoir des soucis d'affichage du fo. te serait t'il possible de me contacter via msn? harkiogovi@yahoo.fr

d'avance merci
0
Réponse 20 / 93
Utilisateur anonyme
31 déc. 2008 à 15:29
Re,

Je ne fait pas de désinfection sur msn ou autres!!

Sinon passe sa:

Combofix. Attention, ce logiciel est très puissant, une mauvaise utilisation peut faire des dégâts...

Fais exactement ce qui suit :

Télécharge ComboFix (de sUBs) sur ton Bureau (et pas ailleurs !) :
Fais un clic droit sur ce lien et choisis "enregistrer la cible sous ... " : dans la fenêtre qui s'ouvre tape C-Fix, choisis le bureau comme destination et valide :

--------------------------------------------- [ ! ATTENTION ! ] ----------------------------------------------------------
!! déconnecte toi, ferme toutes tes applications en cours et DESACTIVE TOUTES TES DEFENCES (anti-virus, antispyware, pare-feu) le temps de la manipulation (si jamais tu en as et que je ne les ai pas vu sur le rapport hijackthis....)

---> Surtout, si tu rencontres des difficultés à ce niveau là, dis le moi avant de poursuivre...

--->Je te conseil d'installer la console de récupération.(Voir le tutoriel).

Tuto ici : TUTO
---------------------------------------------------------------------------------------------------------------------------------

Ensuite :

Double-clique sur C-Fix.exe (= combofix.exe ) .

Appuie sur une touche pour démarrer le scan .

Attention : n'utilise pas ta souris ni ton clavier pendant que le programme tourne. Cela pourrait figer l'ordi ---> si un message d'erreur windows apparait à un moment : clique sur la croix rouge en haut à droite de la fenêtre pour la fermer

Le rapport sera crée dans: C:\Combofix.txt , poste le ici stp

Si un rapport ne passe pas faire une alerte à la conciergerie avec le /!\ jaune.
0