Sujet Précédent Sujet Suivant

Rapport FindyKill

Fermé
antoinegrandemange - 18 janv. 2009 à 00:39
 Utilisateur anonyme - 18 janv. 2009 à 04:26
----------------- FindyKill V4.713 ------------------

* User : user - USER-37B2B88C92
* Executed from : C:\Program Files\FindyKill
* Update on 17/01/09 by Chiquitine29
* Start at 0:18:05 the 18/01/2009
* Windows XP - Internet Explorer 7.0.5730.11


((((((((((((((( *** deleting *** ))))))))))))))))))


--------------- [ Active Processes ] ----------------


C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LogonUI.EXE
C:\WINDOWS\system32\userinit.exe

--------------- [ Infected files / folders ] ----------------


»»»» Supression files in C:

Deleted ! - "C:\Muestras"

»»»» Supression files in C:\WINDOWS


»»»» Supression files in C:\WINDOWS\Prefetch

Deleted ! - C:\WINDOWS\prefetch\116703.EXE-01409100.pf
Deleted ! - C:\WINDOWS\prefetch\116843.EXE-0A1BC974.pf
Deleted ! - C:\WINDOWS\prefetch\117265.EXE-38DB2326.pf
Deleted ! - C:\WINDOWS\prefetch\127343.EXE-25E21381.pf
Deleted ! - C:\WINDOWS\prefetch\193968.EXE-05A951E1.pf
Deleted ! - C:\WINDOWS\prefetch\207603734.EXE-07A16F4B.pf
Deleted ! - C:\WINDOWS\prefetch\213187.EXE-23C05E15.pf
Deleted ! - C:\WINDOWS\prefetch\236656.EXE-36DB6F01.pf
Deleted ! - C:\WINDOWS\prefetch\269734.EXE-02DD085C.pf
Deleted ! - C:\WINDOWS\prefetch\273593.EXE-1E346992.pf
Deleted ! - C:\WINDOWS\prefetch\277062.EXE-0F3CC216.pf
Deleted ! - C:\WINDOWS\prefetch\580515.EXE-08E3BF1B.pf
Deleted ! - C:\WINDOWS\prefetch\60968.EXE-1AD23FBF.pf
Deleted ! - C:\WINDOWS\prefetch\65140.EXE-385AFDC6.pf
Deleted ! - C:\WINDOWS\prefetch\699796.EXE-16FAA88B.pf
Deleted ! - C:\WINDOWS\prefetch\821625.EXE-01FC249D.pf
Deleted ! - C:\WINDOWS\prefetch\837656.EXE-368C9461.pf
Deleted ! - C:\WINDOWS\prefetch\95031.EXE-029D2D22.pf
Deleted ! - C:\WINDOWS\prefetch\95843.EXE-033D99D4.pf
Deleted ! - C:\WINDOWS\prefetch\99937.EXE-124EDEA2.pf
Deleted ! - C:\WINDOWS\prefetch\CRAC.EXE-2335BC12.pf
Deleted ! - C:\WINDOWS\prefetch\FLEC006.EXE-256EDED2.pf
Deleted ! - C:\WINDOWS\prefetch\MDELK.EXE-1D176F91.pf
Deleted ! - C:\WINDOWS\prefetch\SERIAL.EXE-040E8F54.pf
Deleted ! - C:\WINDOWS\prefetch\SERIAL.EXE-07F27B5E.pf
Deleted ! - C:\WINDOWS\prefetch\WINTEMS.EXE-2A563F9B.pf
Deleted ! - C:\WINDOWS\prefetch\WINUPGRO.EXE-010F3F1E.pf
Deleted ! - C:\WINDOWS\prefetch\WINUPGRO.EXE-101AF362.pf

»»»» Supression files in C:\WINDOWS\system32


»»»» Supression files in C:\WINDOWS\system32\drivers


»»»» Supression files in C:\Documents and Settings\user\Application Data

Deleted ! - "C:\Documents and Settings\user\Application Data\m\flec006.exe"
Deleted ! - "C:\Documents and Settings\user\Application Data\m\list.oct"
Deleted ! - "C:\Documents and Settings\user\Application Data\m\data.oct"
Deleted ! - "C:\Documents and Settings\user\Application Data\m\srvlist.oct"
Deleted ! - C:\Documents and Settings\user\Application Data\m\shared\3D Grapher 1.21.zip
Deleted ! - C:\Documents and Settings\user\Application Data\m\shared\3D Tropical Island Screen Saver 1.0b.zip
Deleted ! - C:\Documents and Settings\user\Application Data\m\shared\Actualizacion.Mcafee.De.Por.Vida.updated-fixed.01-2007.zip
Deleted ! - C:\Documents and Settings\user\Application Data\m\shared\Alice DVD to H.264 MP4 Converter 5.38.zip
Deleted ! - C:\Documents and Settings\user\Application Data\m\shared\Ambages 001.000.zip
Deleted ! - C:\Documents and Settings\user\Application Data\m\shared\AMORTSC 1.0.zip
Deleted ! - C:\Documents and Settings\user\Application Data\m\shared\AnimatedCamero ScreenMate 1.0.zip
Deleted ! - C:\Documents and Settings\user\Application Data\m\shared\Australian Landscapes 09 Screensaver 1.0.zip
Deleted ! - C:\Documents and Settings\user\Application Data\m\shared\AWT Font Shower 2.7 Build 9228.zip
Deleted ! - C:\Documents and Settings\user\Application Data\m\shared\Background Buddy Pro 3.05.zip
Deleted ! - C:\Documents and Settings\user\Application Data\m\shared\Big Clock 1.2.zip
Deleted ! - C:\Documents and Settings\user\Application Data\m\shared\Black Steel 1.2.1.zip
Deleted ! - C:\Documents and Settings\user\Application Data\m\shared\BMW E39 Screensaver 1.zip
Deleted ! - C:\Documents and Settings\user\Application Data\m\shared\Chilkat Zip C++ Library -.zip
Deleted ! - C:\Documents and Settings\user\Application Data\m\shared\Classic Menu for Excel 3.5.0.113.zip
Deleted ! - C:\Documents and Settings\user\Application Data\m\shared\COM Explorer 2.0.zip
Deleted ! - C:\Documents and Settings\user\Application Data\m\shared\CopyShell 1.0.zip
Deleted ! - C:\Documents and Settings\user\Application Data\m\shared\CPU Led Indicator 1.0.zip
Deleted ! - C:\Documents and Settings\user\Application Data\m\shared\Crack.Panda.Platinum.Internet.Security.2005.v9.0.zip
Deleted ! - C:\Documents and Settings\user\Application Data\m\shared\Delete FXP Files 1.0.zip
Deleted ! - C:\Documents and Settings\user\Application Data\m\shared\Directory Synchronizer 0.3 Build 226.zip
Deleted ! - C:\Documents and Settings\user\Application Data\m\shared\Easy Text To HTML Converter 3.0.0.057.zip
Deleted ! - C:\Documents and Settings\user\Application Data\m\shared\icecream 1.2.zip
Deleted ! - C:\Documents and Settings\user\Application Data\m\shared\ID AntiPopup 1.2.zip
Deleted ! - C:\Documents and Settings\user\Application Data\m\shared\iMiser Web Organizer 3.1 SR1 Build 1075.zip
Deleted ! - C:\Documents and Settings\user\Application Data\m\shared\Ivan Video to 3GP + DVD to 3GP 1.11.1.zip
Deleted ! - C:\Documents and Settings\user\Application Data\m\shared\IWEB Dashboard 1.0.0.40.zip
Deleted ! - C:\Documents and Settings\user\Application Data\m\shared\Java HTTP Client 2.5.0.zip
Deleted ! - C:\Documents and Settings\user\Application Data\m\shared\Jovem Pan AM 1.0.zip
Deleted ! - C:\Documents and Settings\user\Application Data\m\shared\Kaufman Launch Cleaner 1.0.zip
Deleted ! - C:\Documents and Settings\user\Application Data\m\shared\KingConvert For Coby PMP-3522 4.0.0.zip
Deleted ! - C:\Documents and Settings\user\Application Data\m\shared\LingvoSoft FlashCards English German 1.5.07.zip
Deleted ! - C:\Documents and Settings\user\Application Data\m\shared\LvG Spellcheck 1.0.zip
Deleted ! - C:\Documents and Settings\user\Application Data\m\shared\Maximus CD Player 3.4.zip
Deleted ! - C:\Documents and Settings\user\Application Data\m\shared\Microsoft Agent Network Chat 1.0.zip
Deleted ! - C:\Documents and Settings\user\Application Data\m\shared\Morning Glory 1.0.14.zip
Deleted ! - C:\Documents and Settings\user\Application Data\m\shared\MouseaWay 1.1.zip
Deleted ! - C:\Documents and Settings\user\Application Data\m\shared\Movie to GIF Converter 2.20.zip
Deleted ! - C:\Documents and Settings\user\Application Data\m\shared\MySQL Delete (Remove) Duplicate Entries Software 7.0.zip
Deleted ! - C:\Documents and Settings\user\Application Data\m\shared\NetFilter SDK 1.0.zip
Deleted ! - C:\Documents and Settings\user\Application Data\m\shared\NetMac 1.1.zip
Deleted ! - C:\Documents and Settings\user\Application Data\m\shared\New Chronicles Of Rebecca 1.0.zip
Deleted ! - C:\Documents and Settings\user\Application Data\m\shared\Nod32_2.51.30_ita.zip
Deleted ! - C:\Documents and Settings\user\Application Data\m\shared\Nod32_by_soft-best.net.czip
Deleted ! - C:\Documents and Settings\user\Application Data\m\shared\Nod32_by_soft-best.net.zip
Deleted ! - C:\Documents and Settings\user\Application Data\m\shared\Nokia Gps Route 66 Mobile 2007 [Mapas de España y Portugal].zip
Deleted ! - C:\Documents and Settings\user\Application Data\m\shared\Omniquad Surfwall - Enterprise Manager 2.882.zip
Deleted ! - C:\Documents and Settings\user\Application Data\m\shared\pdf2picture 6.5.zip
Deleted ! - C:\Documents and Settings\user\Application Data\m\shared\Phoebus 1.0.zip
Deleted ! - C:\Documents and Settings\user\Application Data\m\shared\Privacy Inspector 2.00.zip
Deleted ! - C:\Documents and Settings\user\Application Data\m\shared\QDQ Search 1.1.zip
Deleted ! - C:\Documents and Settings\user\Application Data\m\shared\QRCode 2D Barcode ActiveX 3.0.1.zip
Deleted ! - C:\Documents and Settings\user\Application Data\m\shared\RE
Deleted ! - C:\Documents and Settings\user\Application Data\m\shared\Reverb Rack R-ii 2.6.zip
Deleted ! - C:\Documents and Settings\user\Application Data\m\shared\Sam's Interactive Reader 1.10.zip
Deleted ! - C:\Documents and Settings\user\Application Data\m\shared\SharePoint Vista Sidebar Gadget Preview 0.1.zip
Deleted ! - C:\Documents and Settings\user\Application Data\m\shared\soul cage screensaver 01.zip
Deleted ! - C:\Documents and Settings\user\Application Data\m\shared\Super MIDI Scripter 0.830.zip
Deleted ! - C:\Documents and Settings\user\Application Data\m\shared\Trojan.Lodear Removal Tool 1.3.0.zip
Deleted ! - C:\Documents and Settings\user\Application Data\m\shared\TurboFTP 6.00 Build 712.zip
Deleted ! - C:\Documents and Settings\user\Application Data\m\shared\Twins File Merger 3.86.zip
Deleted ! - C:\Documents and Settings\user\Application Data\m\shared\Video and Music to iPod Converter 4.0.zip
Deleted ! - C:\Documents and Settings\user\Application Data\m\shared\VisualHash 1.0.zip
Deleted ! - C:\Documents and Settings\user\Application Data\m\shared\Web Pictures Downloader 2.0 SR 100.zip
Deleted ! - C:\Documents and Settings\user\Application Data\m\shared\Winguard Popup Remover 1.17.zip
Deleted ! - C:\Documents and Settings\user\Application Data\m\shared\xSync File Synchronizer 2.0.26.zip
Deleted ! - C:\Documents and Settings\user\Application Data\m\shared\Zero-X BeatQuantizer 1.52.zip
Deleted ! - "C:\Documents and Settings\user\Application Data\m\shared"
Deleted ! - "C:\Documents and Settings\user\Application Data\m"
Deleted ! - "C:\Documents and Settings\user\Application Data\drivers\wfsintwq.sys"
Deleted ! - "C:\Documents and Settings\user\Application Data\drivers"

»»»» Supression files in C:\DOCUME~1\user\LOCALS~1\Temp


»»»» Supression files in C:\Documents and Settings\user\Local Settings\Temporary Internet Files\Content.IE5


--------------- [ Registry / Infected keys ] ----------------

Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA
Deleted ! - HKEY_USERS\S-1-5-21-1343024091-1220945662-839522115-1004\Software\Local AppWizard-Generated Applications\serial
Deleted ! - HKEY_USERS\S-1-5-21-1343024091-1220945662-839522115-1004\Software\Local AppWizard-Generated Applications\winupgro
Deleted ! - HKEY_USERS\S-1-5-21-1343024091-1220945662-839522115-1004\Software\MuleAppData

--------------- [ States / Restarting of services ] ----------------



+- Services : [ Auto=2 / Request=3 / Disable=4 ]

Ndisuio - Type of startup = 3

EapHost - Type of startup = 2

Ip6Fw - Type of startup = 2

SharedAccess - Type of startup = 2

wuauserv - Type of startup = 2

wscsvc - Type of startup = 2


--------------- [ Cleaning removable drives ] ----------------

+- Informations :

C: - Lecteur fixe

D: - Lecteur fixe


+- deleting files :


--------------- [ Registry / Mountpoint2 ] ----------------


-> Not found !


--------------- [ Searching Other Infections ] ----------------


Références de comparaison Bagle MD5 :

33401e357ca50bb899eb290e996ea1bb C:\Qoobox\Quarantine\C\Documents and Settings\user\Application Data\drivers\winupgro.exe.vir
b5d7c5e1a5972023e0089d2b88c434ed C:\Qoobox\Quarantine\C\Documents and Settings\user\Application Data\drivers\_winupgro_.exe.zip
5d641d5e744ad9aca087e8dae68e7822 C:\Qoobox\Quarantine\C\WINDOWS\system32\mdelk.exe.vir
5d641d5e744ad9aca087e8dae68e7822 C:\Qoobox\Quarantine\C\WINDOWS\system32\wintems.exe.vir
5b5879b8507eaf99b4dc1da11c13840d C:\Qoobox\Quarantine\C\WINDOWS\system32\_mdelk_.exe.zip
06bb2258a946c226f6eaca26dc5449b5 C:\Qoobox\Quarantine\C\WINDOWS\system32\_wintems_.exe.zip
23759c3885093ce20351c89bf7d7c792 C:\Muestras\WINUPGRO.EXE.Muestra EliBagle v12.11b


--------------- [ Searching Cracks / Keygen ] ----------------

C:\Documents and Settings\user\Bureau\Mon bordel\DVD-Musique v4\Fichiers MIDI classés\01. Chanson internationale\02.Anglais\D\Diamond Neil\crackiln.mid
C:\Documents and Settings\user\Bureau\Mon bordel\DVD-Musique v4\Fichiers MIDI classés\01. Chanson internationale\02.Anglais\D\Diamond Neil\CRACKLIN.MID
C:\Documents and Settings\user\Bureau\Mon bordel\DVD-Musique v4\Fichiers MIDI classés\01. Chanson internationale\02.Anglais\H\Harrison George\Crackerbox palace - George Harrison.mid
C:\Documents and Settings\user\Bureau\Mon bordel\DVD-Musique v4\Fichiers MIDI classés\07. Films, télé, jeux vidéos\Films et séries pour enfants\_Disney\Fantasia\Fantasia (The Nutcracker) - Cinema.mid
C:\Documents and Settings\user\Bureau\Mon bordel\DVD-Musique v4\Logiciel pour la capture vidéo de l'écran\Camtasia\Crack
C:\Documents and Settings\user\Bureau\Mon bordel\DVD-Musique v4\Logiciel pour la capture vidéo de l'écran\Camtasia\Crack\keygen.exe
C:\Documents and Settings\user\Bureau\Mon bordel\DVD-Musique v4\Logiciel pour la capture vidéo de l'écran\Camtasia\Crack\Techsmith.Camtasia.Studio.v3.1.2.Incl.Keymaker-ZWT.rar
C:\Documents and Settings\user\Bureau\Mon bordel\DVD-Musique v4\Logiciels utilitaires\WinRar (compression) français\Crack.exe
C:\Documents and Settings\user\Recent\Microsoft Money 2005 Fr + Crack ( marche OK).rar.lnk
C:\Documents and Settings\user\Recent\Microsoft Money 2006 Crack For All Versions.rar.lnk


---------------- ! End of report ! ------------------

4 réponses

Réponse 1 / 4
Le Vagabande Messages postés 1517 Date d'inscription mercredi 3 décembre 2008 Statut Membre Dernière intervention 3 avril 2022 63
18 janv. 2009 à 00:41
cool on vas pouvoir te pirater
0
Réponse 2 / 4
totobetourne Messages postés 5592 Date d'inscription dimanche 23 mars 2008 Statut Membre Dernière intervention 6 juin 2012 65
18 janv. 2009 à 01:16
vire les cracks de ton ordi, cela n est pas negociable si tu veux continuer.

apres passe cela
pour voir télécharge combofix (par sUBs) ici :

http://download.bleepingcomputer.com/sUBs/ComboFix.exe

et enregistre le sur le bureau.fait un clic droit et renomme comme tu veux, a faire absolument si tu veux qu il fonctionne.


déconnecte toi d'internet et ferme toutes tes applications.

désactive tes protections (antivirus, parefeu, garde en temps réel de l'antispyware)


double-clique sur combofix.exe et suis les instructions

à la fin, il va produire un rapport C:\ComboFix.txt

réactive ton parefeu, ton antivirus, la garde de ton antispyware

copie/colle le rapport C:\ComboFix.txt dans ta prochaine réponse.

Attention, n'utilise pas ta souris ni ton clavier (ni un autre système de pointage) pendant que le programme tourne. Cela pourrait figer l'ordi.

Tu as un tutoriel complet ici :

https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix
0
Réponse 3 / 4
totobetourne Messages postés 5592 Date d'inscription dimanche 23 mars 2008 Statut Membre Dernière intervention 6 juin 2012 65
18 janv. 2009 à 01:17
voila la liste de tout les cracks

C:\Documents and Settings\user\Bureau\Mon bordel\DVD-Musique v4\Fichiers MIDI classés\01. Chanson internationale\02.Anglais\D\Diamond Neil\crackiln.mid
C:\Documents and Settings\user\Bureau\Mon bordel\DVD-Musique v4\Fichiers MIDI classés\01. Chanson internationale\02.Anglais\D\Diamond Neil\CRACKLIN.MID
C:\Documents and Settings\user\Bureau\Mon bordel\DVD-Musique v4\Fichiers MIDI classés\01. Chanson internationale\02.Anglais\H\Harrison George\Crackerbox palace - George Harrison.mid
C:\Documents and Settings\user\Bureau\Mon bordel\DVD-Musique v4\Fichiers MIDI classés\07. Films, télé, jeux vidéos\Films et séries pour enfants\_Disney\Fantasia\Fantasia (The Nutcracker) - Cinema.mid
C:\Documents and Settings\user\Bureau\Mon bordel\DVD-Musique v4\Logiciel pour la capture vidéo de l'écran\Camtasia\Crack
C:\Documents and Settings\user\Bureau\Mon bordel\DVD-Musique v4\Logiciel pour la capture vidéo de l'écran\Camtasia\Crack\keygen.exe
C:\Documents and Settings\user\Bureau\Mon bordel\DVD-Musique v4\Logiciel pour la capture vidéo de l'écran\Camtasia\Crack\Techsmith.Camtasia.Studio.v3.1.2.Incl.Keymaker-ZWT.rar
C:\Documents and Settings\user\Bureau\Mon bordel\DVD-Musique v4\Logiciels utilitaires\WinRar (compression) français\Crack.exe
C:\Documents and Settings\user\Recent\Microsoft Money 2005 Fr + Crack ( marche OK).rar.lnk
C:\Documents and Settings\user\Recent\Microsoft Money 2006 Crack For All Versions.rar.lnk
0
Réponse 4 / 4
Utilisateur anonyme
18 janv. 2009 à 04:26
salut c est un crack ca ??? :-)

C:\Documents and Settings\user\Bureau\Mon bordel\DVD-Musique v4\Fichiers MIDI classés\07. Films, télé, jeux vidéos\Films et séries pour enfants\_Disney\Fantasia\Fantasia (The Nutcracker) - Cinema.mid
0

Discussions similaires

Impossible d'afficher le rapport de tableau croisé dynamique sur un rapport
Utilisateur anonyme -
TomH. -

13 réponses
écrire un rapport de travail
asi -
REGINALD -

3 réponses
impossible d'afficher le tableau dynamique sur un rapport existant
Pierre -
Adrien71 -

3 réponses
1fichier.com et bloqueur de pub
anthea1309 -
Patoche12 -

60 réponses
Probleme bogue
Ines -
Pimmer -

1 réponse