TA TOF FAIT KOI SUR CE SITE?
DIDO
-
Utilisateur anonyme -
Utilisateur anonyme -
Bonjour tout le monde!
svp aidez moi..mon ordinateur est infecté par le virus "ta tof fait koi sur ce site?",il n'arrete pas d'envoyer des msg a tous mes contacts msn en ligne.merci.
voici mon rapport avec HijackThis v2.02:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:25:20, on 05/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
C:\Program Files\Google\Google Talk\googletalk.exe
C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\nutsrv4.exe
C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Java\jre1.5.0_09\bin\jucheck.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\17PHolmes1423.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://fr.yahoo.com/?p=us
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*https://fr.yahoo.com/?p=us
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://home.sweetim.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\DOCUME~1\MOUCHF~1\LOCALS~1\Temp\services.exe
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Program Files\PDFCreator Toolbar\v3.0.0.0\PDFCreator_Toolbar.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: (no name) - {930E4DE1-973D-42D6-BF6E-6788E06BD003} - (no file)
O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.0.0.0\PDFCreator_Toolbar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [AdslTaskBar] rundll32.exe stmctrl.dll,TaskBar
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [NuTCSetupEnviron] C:\PROGRA~1\RATIONAL\RATION~1\NUTCROOT\bin\ncoeenv.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKLM\..\Run: [YSearchProtection] "C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe"
O4 - HKLM\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - HKLM\..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe /autostart
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup
O4 - HKLM\..\Run: [Flash Media] C:\DOCUME~1\MOUCHF~1\LOCALS~1\Temp\services.exe
O4 - HKLM\..\Run: [runner1] C:\WINDOWS\mrofinu1423.exe 61A847B5BBF7281336993B466188719AB689201522886B092CBD44BD8689220221DD3257
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [msnmsgr] ~"C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [IETI] C:\Program Files\Skype\Phone\IEPlugin\unins000.exe /VERYSILENT /SUPPRESSMSGBOXES /NORESTART (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [IETI] C:\Program Files\Skype\Phone\IEPlugin\unins000.exe /VERYSILENT /SUPPRESSMSGBOXES /NORESTART (User 'Default user')
O4 - Startup: IMVU.lnk = C:\Program Files\IMVU\IMVUClient.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Mouch Fatma\Menu Démarrer\Programmes\IMVU\Run IMVU.lnk
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NuTCRACKER Service (NuTCRACKERService) - DataFocus, Inc. - C:\WINDOWS\system32\nutsrv4.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe
svp aidez moi..mon ordinateur est infecté par le virus "ta tof fait koi sur ce site?",il n'arrete pas d'envoyer des msg a tous mes contacts msn en ligne.merci.
voici mon rapport avec HijackThis v2.02:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:25:20, on 05/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
C:\Program Files\Google\Google Talk\googletalk.exe
C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\nutsrv4.exe
C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Java\jre1.5.0_09\bin\jucheck.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\17PHolmes1423.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://fr.yahoo.com/?p=us
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*https://fr.yahoo.com/?p=us
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://home.sweetim.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\DOCUME~1\MOUCHF~1\LOCALS~1\Temp\services.exe
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Program Files\PDFCreator Toolbar\v3.0.0.0\PDFCreator_Toolbar.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: (no name) - {930E4DE1-973D-42D6-BF6E-6788E06BD003} - (no file)
O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.0.0.0\PDFCreator_Toolbar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [AdslTaskBar] rundll32.exe stmctrl.dll,TaskBar
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [NuTCSetupEnviron] C:\PROGRA~1\RATIONAL\RATION~1\NUTCROOT\bin\ncoeenv.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKLM\..\Run: [YSearchProtection] "C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe"
O4 - HKLM\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - HKLM\..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe /autostart
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup
O4 - HKLM\..\Run: [Flash Media] C:\DOCUME~1\MOUCHF~1\LOCALS~1\Temp\services.exe
O4 - HKLM\..\Run: [runner1] C:\WINDOWS\mrofinu1423.exe 61A847B5BBF7281336993B466188719AB689201522886B092CBD44BD8689220221DD3257
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [msnmsgr] ~"C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [IETI] C:\Program Files\Skype\Phone\IEPlugin\unins000.exe /VERYSILENT /SUPPRESSMSGBOXES /NORESTART (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [IETI] C:\Program Files\Skype\Phone\IEPlugin\unins000.exe /VERYSILENT /SUPPRESSMSGBOXES /NORESTART (User 'Default user')
O4 - Startup: IMVU.lnk = C:\Program Files\IMVU\IMVUClient.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Mouch Fatma\Menu Démarrer\Programmes\IMVU\Run IMVU.lnk
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NuTCRACKER Service (NuTCRACKERService) - DataFocus, Inc. - C:\WINDOWS\system32\nutsrv4.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe
A voir également:
- TA TOF FAIT KOI SUR CE SITE?
- Site de telechargement - Accueil - Outils
- Site x - Guide
- Site pour partager des photos - Guide
- Quel site remplace coco - Accueil - Réseaux sociaux
- Ce site est inaccessible - Guide
8 réponses
bonsoir
commence par ça apres on verra :
Télécharge MSNFix.zip (de !aur3n7) sur ton bureau:
http://sosvirus.changelog.fr/MSNFix.zip
Décompresse-le (clic droit >> Extraire ici) et place les fichiers dans C:\MSNFix (très important).
Double cliquer sur le fichier MSNFix.bat.
- Exécutez l'option R.
-- Si l'infection est détectée, un message l'indiquera et il suffira de presser une touche pour lancer le nettoyage
Note :
Si une erreur de suppression est détectée un message s'affichera demandant de redémarrer l'ordinateur afin de terminer les opérations. Dans ce cas il suffit de redémarrer l'ordinateur en mode normal
- Le rapport sera enregistré dans le même dossier que MSNFix sous forme date_heure.txt
poste le rapport stp
bises
commence par ça apres on verra :
Télécharge MSNFix.zip (de !aur3n7) sur ton bureau:
http://sosvirus.changelog.fr/MSNFix.zip
Décompresse-le (clic droit >> Extraire ici) et place les fichiers dans C:\MSNFix (très important).
Double cliquer sur le fichier MSNFix.bat.
- Exécutez l'option R.
-- Si l'infection est détectée, un message l'indiquera et il suffira de presser une touche pour lancer le nettoyage
Note :
Si une erreur de suppression est détectée un message s'affichera demandant de redémarrer l'ordinateur afin de terminer les opérations. Dans ce cas il suffit de redémarrer l'ordinateur en mode normal
- Le rapport sera enregistré dans le même dossier que MSNFix sous forme date_heure.txt
poste le rapport stp
bises
slt,
ta tof fait koi sur ce site?
ta touffe fait quoi sur ce site.
ta touffe m'etouffe.
t'es sérieux là ?
ta tof fait koi sur ce site?
ta touffe fait quoi sur ce site.
ta touffe m'etouffe.
t'es sérieux là ?
salut,je l'ai téléchargé,et g fait extraire (dans bureau)puis g glisser le dossier MSNFix dans C:
ensuite g executé le fichier se trouvant ds ce dossier.ya V un message d'erreur,aparament je n'ai pas decompressé le fichier.comment faire pour le decompressé?merci encore.
ensuite g executé le fichier se trouvant ds ce dossier.ya V un message d'erreur,aparament je n'ai pas decompressé le fichier.comment faire pour le decompressé?merci encore.
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
salut,je l'ai téléchargé,et g fait extraire (dans bureau)puis g glisser le dossier MSNFix dans C:
ensuite g executé le fichier se trouvant ds ce dossier.ya V un message d'erreur,aparament je n'ai pas decompressé le fichier.comment faire pour le decompressé?merci encore
ensuite g executé le fichier se trouvant ds ce dossier.ya V un message d'erreur,aparament je n'ai pas decompressé le fichier.comment faire pour le decompressé?merci encore
ok,ca y est,g glissé le ficher du dossier obtenu dans c: ensuite losrque g fait ouvrir,je recoi le meme msg d'erreur(ms-dos est desactivé mais j n c pa comment l'activer),alors g clické sur "modifer" et g recu ce msg dans un ficher txt :
@echo off
rem Thanks for translation help / Merci pour l'aide apportée à la traduction
rem ÁcÅ餤¤å ... Credits ...¥§§J² nickjian@taiwan
rem Dutch ... Credits ...Luuk Bom
rem English ... Credits ...Jintan
rem Deutsch ... Credits ...Ruby
rem Italiano ... Credits ...LadyHawke
rem Svenska ... Credits ...Jonatan
rem Turkce ... Credits ...Alvin
rem Español ... Credits ...Christian D
rem Dane ... Credits ...?
rem ............................................................incl............................................................
rem ..............................................................................................................................
rem ...........................................................Process.exe
rem Process.exe by Craig.Peacock (http://www.beyondlogic.org)
rem ........................................................... swreg.exe
rem SteelWerX Registry Console Tool 2.0 (https://fstaal01.home.xs4all.nl/
rem Written by Bobbi Flekman 2006 (C)
rem ........................................................... zip.exe
rem http://infozip.sourceforge.net/
rem ........................................................... msnchk.exe
rem Malware Analysis & Diagnostic (http://secubox.aldria.com)
rem ..............................................................................................................................
rem ............................................................incl............................................................
title MSNFix
cd %~dp0
set winsys=%windir%\system32
incl\process.exe -k Strad.exe >NUL
incl\process.exe -k Zser.exe >NUL
incl\process.exe -k Xeyu.exe >NUL
incl\process.exe -k Xsfr.exe >NUL
incl\process.exe -k Cfreer.exe >NUL
incl\process.exe -k Nzil.exe >NUL
incl\process.exe -k Negdo.exe >NUL
incl\process.exe -k Juegs.exe >NUL
incl\process.exe -k Ttt.exe >NUL
incl\process.exe -k Avconsol.exe >NUL
incl\process.exe -k Zap.exe >NUL
incl\process.exe -k Hide32.exe >NUL
incl\process.exe -k avp.exe >NUL
incl\process.exe -k mgrs.exe >NUL
incl\process.exe -k Icon010.exe >NUL
incl\process.exe -k IEXPLORER.exe >NUL
incl\process.exe -k IEXPLORE.exe >NUL
incl\process.exe -k nvscvse.exe >NUL
incl\process.exe -k te32.exe >NUL
incl\process.exe -k FF.exe >NUL
incl\process.exe -k mssq.exe >NUL
incl\process.exe -k %temp%\*.exe >NUL
incl\process.exe -k %userprofile%\*.exe >NUL
incl\process.exe -k syst.exe >NUL
incl\process.exe -k Mwsx.exe >NUL
incl\process.exe -k server.exe >NUL
incl\process.exe -k serverivy.exe >NUL
incl\process.exe -k %Temp%\svchost.exe >NUL
incl\process.exe -k %temp%\services.exe >NUL
incl\process.exe -k %temp%\direct3d.exe >NUL
incl\process.exe -k msnworm.exe >NUL
incl\process.exe -k oddysee.exe >NUL
incl\process.exe -k tsorfib.exe >NUL
incl\process.exe -k BRISA.exe >NUL
incl\process.exe -k orgut.scr >NUL
incl\process.exe -k korn.scr >NUL
incl\process.exe -k directxd.exe >NUL
incl\process.exe -k dwwin.exe >NUL
incl\process.exe -k drwtsn32.exe >NUL
incl\process.exe -k win.scr >NUL
incl\process.exe -k winfp.exe >NUL
incl\process.exe -k svhostt32.exe >NUL
incl\process.exe -k WormList.exe >NUL
incl\process.exe -k Windows32.exe >NUL
incl\process.exe -k msnmsnr.scr >NUL
incl\process.exe -k bsyys.scr >NUL
incl\process.exe -k svhost.exe >NUL
incl\process.exe -k spoolms.exe >NUL
incl\process.exe -k wlivemsgs.exe >NUL
incl\process.exe -k mrofinu1148.exe >NUL
incl\process.exe -k MsnMsgr.Exe >NUL
incl\process.exe -k Dot1XCfg.exe >NUL
incl\process.exe -k usnsvc.exe >NUL
incl\process.exe -k 7PHolmes1148.exe >NUL
incl\process.exe -k wnbsvc.exe >NUL
incl\process.exe -k %winsys%\vservice32.exe >NUL
incl\process.exe -k %Temp%\winlogon.exe >NUL
incl\process.exe -k %Temp%\*.exe >NUL
set fix=MSNFix
set vers=1.676
rem ******************************************************** part 2 **************************************************************
set contact=contact@changelog.fr
set urlupload=http://upload.changelog.fr
VER|find "Windows 95">NUL
IF NOT ERRORLEVEL 1 set verwin=9x
VER|find "Windows 98">NUL
IF NOT ERRORLEVEL 1 set verwin=9x
VER|find "Windows Millennium">NUL
IF NOT ERRORLEVEL 1 set verwin=9x
ver|find "Windows XP">nul
IF NOT ERRORLEVEL 1 set verwin=NT
ver|find "Windows 2000">nul
IF NOT ERRORLEVEL 1 set verwin=NT
if %OS%==Windows_NT set verwin=NT
if not exist incl\MD5File.exe goto erroruse
if not exist incl\swreg.exe goto erroruse
if not exist incl\Process.exe goto erroruse
if not exist incl\zip.exe goto erroruse
if not exist incl\banker.reg goto erroruse
goto :testlang
:erroruse
color 1F
TITLE %fix% - erreur
cls
echo.
echo.
echo %fix% %vers%
echo.
echo Error ... Error .... Error .... Error
echo.
echo.
if not exist "%userprofile%\Bureau" (
echo Please Unzip MSNFix.zip
echo in recommended location %systemdrive%\MSNFix
echo before beginning
)
echo.
if exist "%userprofile%\Bureau" (
echo SVP Veuillez decompresser MSNFix.zip avant de commencer
echo il est recommende de le placer dans le dossier %systemdrive%\MSNFix
)
echo.
echo. ------------------------------------------------------------------------
echo. %auteur% Contact: %contact%
echo. ------------------------------------------------------------------------
echo.
echo %touchquitt%
pause >nul
goto fin
:testlang
if exist "%userprofile%\Bureau" goto fran
goto langue
:langue
TITLE %fix% - Language
color 1F
cls
echo %fix% %vers%
echo.
echo Choose language
echo.
echo.
echo A. ÁcÅ餤¤å
echo B. Dane
echo C. Espa¤ol
echo D. Dutch
echo E. English
echo F. Francais
echo G. Deutsch
echo I. Italiano
echo S. Svenska
echo T. Turkce
echo P. Portugues (Brasil)
echo.
echo.
echo.
echo If you want translate in other language, please contact me
echo contact@changelog.fr
echo.
echo.
set menu=''
set /p menu=%sChoice% Choose your language and press enter
if "%menu%"=="f" goto fran
if "%menu%"=="F" goto fran
if "%menu%"=="e" goto eng
if "%menu%"=="E" goto eng
if "%menu%"=="i" goto itali
if "%menu%"=="I" goto itali
if "%menu%"=="d" goto dutch
if "%menu%"=="D" goto dutch
if "%menu%"=="t" goto turkce
if "%menu%"=="T" goto turkce
if "%menu%"=="A" goto chinese
if "%menu%"=="a" goto chinese
if "%menu%"=="s" goto swe
if "%menu%"=="S" goto swe
if "%menu%"=="g" goto german
if "%menu%"=="G" goto german
if "%menu%"=="b" goto danish
if "%menu%"=="B" goto danish
if "%menu%"=="c" goto spa
if "%menu%"=="C" goto spa
if "%menu%"=="P" goto port
if "%menu%"=="p" goto port
goto langue
:fran
set chx=Choisissez une action:
set forcnetreg=Nettoyer le registre et quitter
set prenet= Pressez une touche pour lancer le nettoyage
set rech=Rechercher
set quitt=Quitter
set avert=L'utilisation se fait … vos risques et p‚rils.
set scandate=Fix exécuté le
set mse=mode sans échec
set nommode=mode normal
set chfichpres=Recherche les fichiers présents
set nofich=Aucun Fichier trouvé
set chdospres=Recherche les dossiers présents
set nodoss=Aucun dossier trouvé
set infepres=Infection Pr‚sente
set nett=Nettoyage en cours
set aff=Afficher le rapport et Quitter
set infnopres=Infection Absente
set infnodetect=L'infection n'a pas ‚t‚ d‚tect‚e
set fichaprrede=Les fichiers encore présents seront supprimés au prochain redémarrage
set suppfich=Suppression des fichiers
set suppdoss=Suppression des dossiers
set netreg=Nettoyage du registre
set suspectfile=Fichiers suspects
set netpref=Nettoyage du dossier
set execdans=Executable dans le dossier
set avertcursor=ces fichiers nécessitent un avis expérimenté avant toute intervention
set infosauv=Les fichiers et clés de registre supprimés ont été sauvegardés dans le fichier
set verwinnosupp=Version de Windows non prise en charge
set signalhel=Veuillez le signaler … la personne vous ayant propos‚ ce fix
set touchquitt=Appuyez sur une touche pour quitter
set fichdossencpres=Des fichiers sont encore pr‚sents
set redemfin=Veuillez Red‚marrer votre ordinateur pour terminer le nettoyage
set auteur=Auteur : !aur3n7
set upload=SVP merci d'envoyer le fichier
set upload2=sur %urlupload%
goto crea
:spa
set chx=Elija una acci¢n:
set prenet=Pulse cualquier tecla para empezar la limpieza
set forcnetreg=Limpiar el registro y cerrar
set rech=Buscar
set quitt=Salir
set avert=Usa esta herramienta bajo tu propio riesgo.
set scandate=Escaneo finalizado el
set mse=Modo Seguro
set nommode=Modo Normal
set chfichpres=Comprobando Archivos
set nofich=No se ha encontrado ningún archivo
set chdospres=Comprobando carpetas
set nodoss=No se ha encontrado ninguna carpeta
set infepres=Programa malintencionado encontrado
set nett=Limpieza en progreso
set aff=Ver archivo log y cerrar
set infnopres=No encontrado
set infnodetect=No se ha encontrado ningún programa malintencionado
set fichaprrede=Algunos archivos se borrarán despues de reiniciar en el modo normal
set suppfich=Borrando archivos del programa malintencionado
set suppdoss=Borrando carpetas del programa malintencionado
set netreg=Limpiando el registro
set suspectfile=Archivos Sospechosos
set netpref=Limpiando Carpetas
set execdans=Se han encontrado archivos ejecutables en la carpeta
set avertcursor=Los archivos detectados deberían ser posteados en foros especializados antes de que los cambios se puedan hacer
set infosauv=Los archivos borrados y las modificaciones del registro se han guardado en el archivo
set verwinnosupp=No soporta esta versión de Windows
set signalhel=Por favor informa de esto a la persona que te sugirió esta herramienta
set touchquitt=Pulsa cualquier tecla para salir
set fichdossencpres=Algunos archivos aún son detectados
set redemfin=Por favor reinicia tu sistema en el modo normal para finalizar la limpieza
set auteur=Autor : !aur3n7
set upload=Por favor sube el archivo
set upload2= a %urlupload%
goto crea
:danish
set chx= Vælg en funktion :
set prenet= Tryk på en vilkårlig knap for at starte rengøringen
set forcnetreg= Tøm registeret og luk
set rech= Søg
set quitt= Exit
set avert= Brug af dette værktøj er på eget ansvar
set scandate= Scannet den
set mse= Sikker tilstand
set nommode= normal tilstand
set chfichpres= Checker filer
set nofich= Ingen filer fundet
set chdospres= Checker Mapper
set nodoss= Ingen Mapper fundet
set infepres= Malware Fundet
set nett= Rengøring igang
set aff= Vis logfil og luk
set infnopres= Ikke fundet
set infnodetect= Malware ikke fundet
set fichaprrede= Andre filer vil blive slettet efter genstart i normal tilstand
set suppfich= Sletter malware filer
set suppdoss= Sletter malware mapper
set netreg= Register rengøring
set suspectfile= Mistænkelige filer
set netpref= Mappe rengøring
set execdans= .exe filer fundet i mappe
set avertcursor= De fundne filer skal kontrolleres af en hjælper før andre handlinger udføres
set infosauv= De slettede Filer og Register er blevet gemt i
set verwinnosupp= Understøtter ikke denne Version af Windows
set signalhel= Informer det venligst til personen der foreslog dette værktøj til dig.
set touchquitt= Tryk på en vilkårlig knap for at lukke
set fichdossencpres= Filer stadig opdaget
set redemfin= Genstart venligst systemet i normal tilstand for at gøre rengøringen færdig
set auteur= Lavet af : !aur3n7
set upload= Upload venligst filen
set upload2= på http://upload.changelog.fr
goto crea
:german
set chx=Wähle eine Tätigkeit !
set prenet= Drücke auf irgendeine Taste, um die Reinigung zu beginnen
set forcnetreg=reinige die Registrierung und verlasse sie
set rech=Suche
set quitt= Exit
set avert=verwende dieses Programm auf eigenes Risiko
set scandate=Scan ausgeführt
set mse=abgesicherter Modus
set nommode=normaler Modus
set chfichpres=Datei Prüfung
set nofich=Keine Dateien gefunden
set chdospres=Verzeichnis Kontrolle
set nodoss=keine Verzeichnisse gefunden
set infepres=gefundene Malware
set nett=Reinigung läuft
set aff=Schau dir das Logfile an und exit
set infnopres=nicht gefunden
set infnodetect=Malware nicht gefunden
set fichaprrede=die anderen Dateien werden gelöscht, wenn der Rechner in den normalen Modus gestartet wird
set suppfich=die Malware Dateien werden gelöscht
set suppdoss=die Malware Verzeichnisse werden gelöscht
set netreg=Reinigung der Registrierung
set suspectfile=Verdächtige Dateien
set netpref=Reinigung der Verzeichnisse
set execdans=*.exe Dateien gefunden, im Ordner
set avertcursor=Die angegebenen Dateien müssen von einem Forums Mitarbeiter kontrolliert werden, bevor Änderungen durchgenommen werden dürfen.
set infosauv=Die gelöschten Dateien und Registrierungseinträge wurden gespeichert in
set verwinnosupp=unterstützt diese Version von Windows nicht
set signalhel=Bitte informiere den Helfer, der dir dieses Tool empfohlen hat.
set touchquitt=Drücke auf irgendeine Taste zum exit
set fichdossencpres=Es werden noch Dateien entdeckt
set redemfin=starte deinen Rechner in den normalen Modus, um die Reinigung zu beenden
set auteur=Hersteller : !aur3n7
set upload=Lade bitte die Datei hoch
set upload2= zu %urlupload%
goto crea
:swe
set chx=Valj funktion :
set prenet=Tryck valfri knapp for att borja sokningen
set forcnetreg=Rensa datorn och Avsluta
set rech=Ta bort
set quitt=Avsluta
set avert=Anvand pa egen risk.
set scandate=Sokningen var klar pa
set mse=Felsakert lage
set nommode=normalt lage
set chfichpres=Kollar filer
set nofich=Inga Filer Funna
set chdospres=Kollar mappar
set nodoss=Inga Mappar Funna
set infepres=Virus Hittat
set nett=Tar bort virus
set aff=Granska loggen och Avsluta
set infnopres=Kunde inte hitta nagot
set infnodetect=Kunde inte hitta nagot virus
set fichaprrede=Resten av filerna tas bort efter omstart
set suppfich=Tar bort virus filer
set suppdoss=Tar bort virus mappar
set netreg=Rensar registret
set suspectfile=Misstankta Filer
set netpref=Rensar Mappar
set execdans=.exe Filer funna i mappen
set avertcursor=Dem funna filerna maste kontrolleras innan borttagning
set infosauv=Filerna och Registernycklarna har sparats i karantan
set verwinnosupp=Programmet fungerar ej med denna Windowsversion
set signalhel=Var snall och tala om det for personen du fick detta program av
set touchquitt=Tryck pa valfri knapp for att Avsluta
set fichdossencpres=Filer hittas fortfarande
set redemfin=Var snall och starta om datorn for att ta bort rester av viruset.
set auteur=Gjord av : !aur3n7
set upload=Var snall och ladda upp filen
set upload2= on %urlupload%
goto crea
:turkce
set chx=Bir islem Secin :
set prenet=Temizlemeye baslamak icin herhangi bir tusa basin
set forcnetreg=Registry yi temizle ve cik
set rech=Dosyalari Ara ve Temizle
set quitt=Cikis
set avert=Bu programi kullanmak kendi insiyatifinizdedir.
set scandate=Temizleme tamamlandý
set mse=Güvenli mod
set nommode=Normal mode
set chfichpres=Dosyalar araniyor
set nofich=Dosya bulunamadi
set chdospres=Dizin kontrol ediliyor
set nodoss=Dizin bulunamadi
set infepres=Virus bulundu
set nett=Temizleniyor
set aff=Sonuclara bak ve cik
set infnopres=Bulunamadi
set infnodetect=Virus bulunamadi
set fichaprrede=Diger dosyalar bilgisayar yeniden basladiktan sonra silinecek.
set suppfich=Virus dosyalari siliniyor
set suppdoss=Virus dizinleri siliniyor
set netreg=Kayit defteri temizleniyor
set suspectfile=Supheli dosyalar
set netpref=Dizin temizleniyor
set execdans=.exe dosyalari bulundu. Dizin :
set avertcursor=Bulunanan dosyalar kontrol edilmeli
set infosauv=Dosyalar ve Kayýt duzenleyicinde silinen kayitlar asagidaki dizine kaydedildi
set verwinnosupp=Bu Windows versiyonu desteklenmiyor
set signalhel=Bu programi arkadaslariniza da önerin
set touchquitt=Cikmak icin bir tusa basin
set fichdossencpres=Viruslu dosyalar halen var
set redemfin=Lutfen temizlemeyi bitirmek icin bilgisayarinizi yeniden baslatin
set auteur=Autor : !aur3n7
set upload=Lutfen dosyayi upload edin
set upload2= on %urlupload%
goto crea
:Eng
set chx=Choose an action :
set prenet=Press any key to start cleaning
set forcnetreg=Clean the registry and quit
set rech=Search
set quitt=Exit
set avert=Use this tool at your own risk.
set scandate=Scan done at
set mse=Safe mode
set nommode=normal mode
set chfichpres=Checking Files
set nofich=No files found
set chdospres=Checking Folders
set nodoss=No Folders Found
set infepres=Malware Found
set nett=Cleaning in progress
set aff=View logfile and Exit
set infnopres=Not found
set infnodetect=Malware Not found
set fichaprrede=Others Files will be deleted after a reboot to normal mode
set suppfich=Deleting malware Files
set suppdoss=Deleting malware Folders
set netreg=Registry Cleaning
set suspectfile=Suspect Files
set netpref=Folder Cleaning
set execdans=.exe Files found in folder
set avertcursor=The detected files must be reviewed by a forum Helper before changes can be made
set infosauv=The File and Registry deletions have been saved in
set verwinnosupp=Doesn't support this Windows Version
set signalhel=Please tell this to the Helper who suggested this tool
set touchquitt=Press any key to Exit
set fichdossencpres=Files are still detected
set redemfin=Please reboot your system to normal mode to finish cleaning
set auteur=Author : !aur3n7
set upload=Please upload the file
set upload2= to %urlupload%
goto crea
:dutch
set chx=Kies een actie:
set prenet=Druk op een toets om het opschonen te starten
set forcnetreg=Schoon het register op en sluit af
set rech=Zoek
set quitt=Afsluiten
set avert=Gebruik van dit programma is voor eigen risico
set scandate=Scan voltooid op
set mse=Veilige modus
set nommode=Normale modus
set chfichpres=Controleren van bestanden
set nofich=Geen bestanden gevonden
set chdospres=Controleren van mappen
set nodoss=Geen map gevonden
set infepres=Malware gevonden
set nett=Bezig met opschonen
set aff=Bekijk logbestand en sluit af
set infnopres=Niet gevonden
set infnodetect=Malware niet gevonden
set fichaprrede=De resterende bestanden zullen worden verwijderd na
set herstarten in de normale modus
set suppfich=Verwijderen van malware bestanden
set suppdoss=Verwijderen van malware map
set netreg=Register Opschonen
set suspectfile=Verdachte bestanden
set netpref=Map Opschonen
set execdans=.exe-bestanden gevonden in map
set avertcursor=De gevonden bestanden moeten gecontroleerd worden door een
set helper voor er actie wordt ondernomen
set infosauv=De verwijderde bestanden en registersleutels zijn opgeslagen in
set verwinnosupp=Deze Windows-versie wordt niet ondersteund
set signalhel=Geef het door aan de persoon die dit programma aan u
set voorstelde
set touchquitt=Druk op een toets om af te sluiten
set fichdossencpres=Bestanden zijn nog steeds beschadigd
set redemfin=Herstart alstublieft de pc in normale modus
set auteur=Maker : !aur3n7
set upload=Upload het bestand alstublieft
set upload2=op http://upload.changelog.fr
goto crea
:itali
set chx=Scegliere una azione:
set forcnetreg=Ripulire il Registro e uscire
set prenet= Premere un tasto per lanciare la rimozione
set rech=Cercare
set quitt=Uscire
set avert=L'uso è fatto … vostro rischio e pericolo.
set scandate=Fix effettuato il
set mse=modalità sicura
set nommode=modalità normale
set chfichpres=Cercare i files presenti
set nofich=Nessun files trovato
set chdospres=Ricerca le cartelle presenti
set nodoss=Nessuna cartella trovata
set infepres=Infezione Presente
set nett=Rimozione in corso
set aff=Visualizzare il rapporto e uscire
set infnopres=Infezione non presente
set infnodetect=L'infezione non è stata trovata
set fichaprrede=I files ancora presenti saranno eliminati al prossimo riavvio
set suppfich=Eliminazione dei files
set suppdoss=Eliminazione delle cartelle
set netreg=Pulizia del Registro
set suspectfile=Files sospetti
set netpref=Pulizia delle cartelle
set execdans=Eseguibili nelle cartelle
set avertcursor=questi files necessitano di un parere esperto prima di qualsiasi intervento
set infosauv=I files e le chiavi di registro eliminati sono stati salvati nel file
set touchquitt=Premere un tasto per uscire
set fichdossencpres=Alcuni files sono ancora presenti
set redemfin=Riavviate il vostro computer per terminare la rimozione
set auteur=Auteur : !aur3n7
set upload=Vi saremo grati se vorrete inviare il file
set upload2= su %urlupload%
goto crea
:chinese
set chx=½Ð¿ï¾Ü°Ê§@ :
set prenet=½Ð«ö¥ô·NÁä¶}©l§R°£¯f¬r
set forcnetreg=²M°£µù¥UÀɤÎÂ÷¶}
set rech=´M§ä
set quitt=Â÷¶}
set avert=·í±z¨Ï¥Î¦¹³nÅé®É±z¥²¶·©Ó¨ü¨ä©Ò±a¨Ó¥i¯àªº·ÀI.
set scandate=±½´yµ²§ô¦b
set mse=¦w¥þ¼Ò¦¡
set nommode=¤@¯ë¼Ò¦¡
set chfichpres=ÀˬdÀÉ®×
set nofich=¨S¦³µo²{¥ô¦óÀÉ®×
set chdospres=Àˬd¥Ø¿ý
set nodoss=¨S¦³µo²{¥ô¦ó¥Ø¿ý
set infepres=µo²{´c©Ê³nÅé
set nett=Àˬd¥¿¦b°õ¦æªº³nÅé
set aff=Àˬd°O¿ýÀɤÎÂ÷¶}
set infnopres=µLµo²{
set infnodetect=µLµo²{´c©Ê³nÅé
set fichaprrede=¨ä·í±z«¶}¾÷¨Ã¥Ñ¤@¯ë¼Ò¦¡¶i¤J§@·~¡A¥LÀÉ®×±N³Q§R°£
set suppfich=§R°£´c©ÊÀÉ®×
set suppdoss=§R°£´c©Ê¥Ø¿ý
set netreg=µù¥UÀɲM°£¤¤
set suspectfile=·j´M¥i¯à¦³¯f¬rªºÀÉ®×
set netpref=¥Ø¿ý²M°£¤¤
set execdans=¦b¥Ø¿ý¤¤µo²{ .exe ÀÉ®×
set avertcursor=¦b±z¨Ï¥Î¤U¦CÀɮפ§«e¥²¶·¨Ï¥Î¨ä¥L³nÅé¨Ó¨ó§U½T»{¡A
set infosauv=³Q§R°£ªºÀɮפεù¥UÀɱNÀx¦s¦b
set verwinnosupp=¤£¤ä´©³oÓ Windows ª©¥»
set signalhel=
set touchquitt=«ö¥ô·NÁäÂ÷¶}
set fichdossencpres=Àɮפ´µM³Q°»´ú¨ì
set redemfin=½Ð«·s¶}¾÷¨Ã¥Ñ¤@¯ë¶}¾÷µ{§Ç¨Ó§¹¦¨²M°£°Ê§@
set auteur=Autor : !aur3n7
set upload=½Ð¤W¶Ç¦¹ÀÉ
set upload2= ¨ì %urlupload%
goto crea
:port
set chx=Escolha uma opcao:
set forcnetreg=Limpar o registro e sair
set prenet= Pressionne uma tecla pra lancar a limpeza
set rech=Procurar
set quitt=Sair
set avert=O uso feito e por sua conta e risco.
set scandate=Fix lançado dia
set mse=modo de segurança
set nommode=modo normal
set chfichpres=Procurando os arquivos presentes
set nofich=Nenhum arquivo encontrado
set chdospres=Procurando as pastas presentes
set nodoss=Nenhuma pasta encontrada
set infepres=Infeccao presente
set nett=Limpando ...
set aff=Exibir o relatorio
set infnopres=Infeccao ausente
set infnodetect=A infeccao não foi detectada
set fichaprrede=Os arquivos ainda presentes serão apagado no proximo boot
set suppfich=Apagando os arquivos
set suppdoss=Apagando as pastas
set netreg=Limpeza do registro
set suspectfile=Arquivos suspeitos
set netpref=Limpeza da pasta
set execdans=Executaveis na pasta
set avertcursor=Estes arquivos necessitam de uma opiniao de alguem competente antes de qualquer intervencao
set infosauv=Os arquivos e as chaves do registro apagados foram salvos no arquivo
set verwinnosupp=Versão do Windows não supportada
set signalhel=Queira avisar a pessoa que lhe propos esse Fix
set touchquitt=Pressionne uma tecla pra sair
set fichdossencpres=Alguns arquivos continuam presentes
set redemfin=Reinicie seu computador pra terminar a limpeza
set auteur=Autor : !aur3n7
set upload=Por favor não esqueça de mandar o arquivo
set upload2=no %urlupload%
goto crea
:crea
if "%verwin%"=="9x" goto noos
:crea
if "%verwin%"=="9x" goto noos
rem SET "AppData=C:\DOCUME~1\sUBs\APPLIC~1"
rem SET "Cookies=C:\DOCUME~1\sUBs\Cookies"
rem SET "Desktop=C:\DOCUME~1\sUBs\Desktop"
rem SET "Favorites=C:\DOCUME~1\sUBs\FAVORI~1"
rem SET "NetHood=C:\DOCUME~1\sUBs\NetHood"
rem SET "Personal=G:\MYDOCU~1"
rem SET "PrintHood=C:\DOCUME~1\sUBs\PRINTH~1"
rem SET "Recent=C:\DOCUME~1\sUBs\Recent"
rem SET "SendTo=C:\DOCUME~1\sUBs\SendTo"
rem SET "Start Menu=C:\DOCUME~1\sUBs\STARTM~1"
rem SET "Templates=C:\DOCUME~1\sUBs\TEMPLA~1"
rem SET "Programs=C:\DOCUME~1\sUBs\STARTM~1\Programs"
rem SET "Startup=C:\DOCUME~1\sUBs\STARTM~1\Programs\Startup"
rem SET "Local AppData=C:\DOCUME~1\sUBs\LOCALS~1\APPLIC~1"
rem SET "Cache=C:\DOCUME~1\sUBs\LOCALS~1\TEMPOR~1"
rem SET "History=C:\DOCUME~1\sUBs\LOCALS~1\History"
rem SET "My Pictures=G:\MYDOCU~1\MYPICT~1"
rem SET "Fonts=C:\WINDOWS\Fonts"
rem SET "My Music=G:\MYDOCU~1\MYMUSI~1"
rem SET "CD Burning=C:\DOCUME~1\sUBs\LOCALS~1\APPLIC~1\MICROS~1\CDBURN~1"
rem SET "Administrative Tools=C:\DOCUME~1\sUBs\STARTM~1\Programs\ADMINI~1"
rem SET "Common AppData=C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1"
rem SET "Common Programs=C:\DOCUME~1\ALLUSE~1.WIN\STARTM~1\Programs"
rem SET "Common Documents=C:\DOCUME~1\ALLUSE~1.WIN\DOCUME~1"
rem SET "Common Desktop=C:\DOCUME~1\ALLUSE~1.WIN\Desktop"
rem SET "Common Start Menu=C:\DOCUME~1\ALLUSE~1.WIN\STARTM~1"
rem SET "Common Pictures=C:\DOCUME~1\ALLUSE~1.WIN\DOCUME~1\MYPICT~1"
rem SET "Common Music=C:\DOCUME~1\ALLUSE~1.WIN\DOCUME~1\MYMUSI~1"
rem SET "Common Video=C:\DOCUME~1\ALLUSE~1.WIN\DOCUME~1\MYVIDE~1"
rem SET "Common Favorites=C:\DOCUME~1\ALLUSE~1.WIN\FAVORI~1"
rem SET "Common Startup=C:\DOCUME~1\ALLUSE~1.WIN\STARTM~1\Programs\Startup"
rem SET "Common Templates=C:\DOCUME~1\ALLUSE~1.WIN\TEMPLA~1"
rem SET "Common Administrative Tools=C:\DOCUME~1\ALLUSE~1.WIN\STARTM~1\Programs\ADMINI~1"
incl\setpath.exe > incl\paths.bat
call incl\paths.bat
del incl\paths.bat
set winsys=%windir%\system32
rem ******************************************************** fin part 2 **************************************************************
> incl\upload.txt (
echo %Common Startup%\msnextension.exe
echo %temp%\console35.exe
echo %windir%\system\smss.exe
echo %windir%\winnt.exe
echo %winsys%\fservice.exe
echo %winsys%\jester1.exe
)
> incl\fichier.txt (
echo %AppData%\addon.dat
echo %AppData%\inside.exe
echo %AppData%\Microsoft\Windows\fkoym.exe
echo %AppData%\WinTouch\wintouch.cfg
echo %AppData%\WinTouch\WinTouch.exe
echo %AppData%\WinTouch\WTUninstaller.exe
echo %Common Documents%\Settings\config.ini
echo %Common Documents%\Settings\partnership.dll
echo %Common Documents%\Settings\partnership.dll.msnfix
echo %Common Programs%\Carlson\carlton
echo %Common Programs%\Delsim\del.exe
echo %Common Programs%\Startup\Microsoft Office.lnk
echo %Common Programs%\Yazzle1560OinAdmin.exe
echo %Common Programs%\Yazzle1560OinUninstaller.exe
echo %Common Start Menu%\carlton
echo %Common Startup%\Antivirus32.exe
echo %Common Startup%\ashDisp.exe
echo %Common Startup%\ashServ.exe
echo %Common Startup%\atimvex.exe
echo %Common Startup%\atrvmmx.exe
echo %Common Startup%\bios.exe
echo %Common Startup%\biosvaisefude.exe
echo %Common Startup%\BRISA.exe
echo %Common Startup%\bsyys.exe
echo %Common Startup%\bsyys.scr
echo %Common Startup%\carlton
echo %Common Startup%\ccssrss.exe
echo %Common Startup%\cmd.exe
echo %Common Startup%\Computador.exe
echo %Common Startup%\Diup.exe
echo %Common Startup%\dll.exe
echo %Common Startup%\dllvirtual.exe
echo %Common Startup%\eixdrv.exe
echo %Common Startup%\ExAlien.exe
echo %Common Startup%\fbguad.exe
echo %Common Startup%\firefoxx.exe
echo %Common Startup%\Flash.exe
echo %Common Startup%\GbpSvc.exe
echo %Common Startup%\gtaltg.exe
echo %Common Startup%\HelpDesk.exe
echo %Common Startup%\Hide32.exe
echo %Common Startup%\hork.exe
echo %Common Startup%\icpldrvx.exe
echo %Common Startup%\imglog.exe
echo %Common Startup%\InstallHelp.exe
echo %Common Startup%\javaupd.exe
echo %Common Startup%\javsu.exe
echo %Common Startup%\juchek.exe
echo %Common Startup%\jvasu.exe
echo %Common Startup%\JVM0.exe
echo %Common Startup%\jvms.exe
echo %Common Startup%\klpp.exe
echo %Common Startup%\logon.exe
echo %Common Startup%\lsssas.exe
echo %Common Startup%\mdll.exe
echo %Common Startup%\messengerr.exe
echo %Common Startup%\messenup.exe
echo %Common Startup%\messgrr.exe
echo %Common Startup%\mhtsvho.exe
echo %Common Startup%\mjavas.exe
echo %Common Startup%\msdoc.exe
echo %Common Startup%\msdoss.com
echo %Common Startup%\msm.cmd
echo %Common Startup%\msmsgxs.exe
echo %Common Startup%\MSN_MSS.exe
echo %Common Startup%\msnconf.exe
echo %Common Startup%\MSNENVIA.exe
echo %Common Startup%\msnfile.exe
echo %Common Startup%\msng.exe
echo %Common Startup%\msnmsg.exe
echo %Common Startup%\msnmsgr.exe
echo %Common Startup%\msnsgs.exe
echo %Common Startup%\mxjxde.exe
echo %Common Startup%\My_Love.exe
echo %Common Startup%\Ndtstat.exe
echo %Common Startup%\norton32.exe
echo %Common Startup%\ntvvm.exe
echo %Common Startup%\pdvsym.exe
echo %Common Startup%\qtapp.exe
echo %Common Startup%\Quicktime Music.exe
echo %Common Startup%\regfixxsx.exe
echo %Common Startup%\registtry.exe
echo %Common Startup%\remote.cmd
echo %Common Startup%\repara_ae.bat
echo %Common Startup%\Rg2catbd.exe
echo %Common Startup%\rundl32.exe
echo %Common Startup%\rxnetq.exe
echo %Common Startup%\smss.scr
echo %Common Startup%\svchost.exe
echo %Common Startup%\svchostss.exe
echo %Common Startup%\svhossst.exe
echo %Common Startup%\svhost.exe
echo %Common Startup%\svmrhos.exe
echo %Common Startup%\sxrork.exe
echo %Common Startup%\sxrsym.exe
echo %Common Startup%\syst.exe
echo %Common Startup%\system32.exe
echo %Common Startup%\systemdll.exe
echo %Common Startup%\task.exe
echo %Common Startup%\taskmgrrr.exe
echo %Common Startup%\Tasks.exe
echo %Common Startup%\udll.exe
echo %Common Startup%\verifysystemtitle.exe
echo %Common Startup%\voieup.exe
echo %Common Startup%\voiork.exe
echo %Common Startup%\wbnnt.exe
echo %Common Startup%\wcktts.exe
echo %Common Startup%\wepaint.exe
echo %Common Startup%\Win XP.exe
echo %Common Startup%\win.scr
echo %Common Startup%\Windows Update.exe
echo %Common Startup%\windows32.exe
echo %Common Startup%\Windows32.exe
echo %Common Startup%\WindowsUpdate.exe
echo %Common Startup%\windowsupdate.exe
echo %Common Startup%\WindowsUpdate.scr
echo %Common Startup%\Winhost.exe
echo %Common Startup%\winupdbc.exe
echo %Common Startup%\WMedPlayer.exe
echo %Common Startup%\wrdmgr.exe
echo %Common Startup%\wrloginpro.exe
echo %Common Startup%\wsnctfy.exe
echo %Common Startup%\wuaucltt.exe
echo %Common Startup%\ying.exe
echo %Common Startup%\yong.exe
echo %Common Startup%\ZaZ.exe
echo %Desktop%\aindateamo.exe
echo %Desktop%\cartao.exe
echo %Desktop%\cartaozinho.exe
echo %Desktop%\mensagem__amor.exe
echo %Desktop%\photo.exe
echo %Desktop%\portal.exe
echo %Desktop%\software\aindateamo.udd
echo %Fonts%\svchost.exe
echo %homedrive%\i.mages.zip
echo %Programfiles%\\Driver32x\bradesco.exe
echo %Programfiles%\\Driver32x\caixa.exe
echo %Programfiles%\7za.exe
echo %Programfiles%\a.txt
echo %Programfiles%\Adobe\AdobeLanc.exe
echo %Programfiles%\Ajuda.exe
echo %Programfiles%\Amor.exe
echo %Programfiles%\Bifrost\klog.dat
echo %Programfiles%\Bifrost\server.exe
echo %Programfiles%\Bifrost\sys32.exe
echo %Programfiles%\Cica.exe
echo %ProgramFiles%\Common Files\System\SystemUpgrade.exe
echo %ProgramFiles%\Common Files\Yazzle1560OinAdmin.exe
echo %Programfiles%\Config\Config.exe
echo %Programfiles%\dll.exe
echo %Programfiles%\dllvirtual.exe
echo %Programfiles%\dllwin.exe
echo %Programfiles%\Dot1XCfg\Dot1XCfg.exe
echo %Programfiles%\Driver32x\bb.exe
echo %Programfiles%\Driver32x\iek.exe
echo %Programfiles%\Driver32x\install\wweb.exe
echo %Programfiles%\Driver32x\itau.exe
echo %Programfiles%\Driver32x\live.exe
echo %Programfiles%\Driver32x\msgex.exe
echo %Programfiles%\Driver32x\net.exe
echo %ProgramFiles%\Driver32x\nsvcrmx.exe
echo %Programfiles%\Driver32x\nsvcrmx.exe
echo %Programfiles%\Driver32x\rds.exe
echo %Programfiles%\Driver32x\Readme.exe
echo %Programfiles%\Driver32x\real.exe
echo %Programfiles%\Driver32x\santanderbanespa.exe
echo %Programfiles%\Driver32x\sendchat.exe
echo %Programfiles%\Driver32x\varios.exe
echo %Programfiles%\Driver32x\vcdg.bat
echo %Programfiles%\ExAlien.exe
echo %Programfiles%\Favoritos.exe
echo %Programfiles%\fer.exe
echo %Programfiles%\Fichiers communs\Carlson\carlton
echo %Programfiles%\Fichiers communs\Yazzle1560OinUninstaller.exe
echo %Programfiles%\Firewall.exe
echo %Programfiles%\Flash.exe
echo %Programfiles%\GbPlugin\GbpSvc.exe
echo %Programfiles%\GbPlugin\mdll.exe
echo %Programfiles%\GbPlugin\msng.exe
echo %Programfiles%\GbPlugin\Ndtstat.exe
echo %Programfiles%\GbPlugin\Rg2catbd.exe
echo %Programfiles%\GbPlugin\udll.exe
echo %Programfiles%\GbPlugin\yong.exe
echo %Programfiles%\GbpSvc.exe
echo %Programfiles%\help.exe
echo %Programfiles%\HelpDesk.exe
echo %Programfiles%\icpldrvx.exe
echo %Programfiles%\iexplorer.exe
echo %Programfiles%\iixplorer1.exe
echo %Programfiles%\iixplorer2.exe
echo %Programfiles%\ildredr.exe
echo %Programfiles%\InetGet2\emg.exe
echo %ProgramFiles%\InetGet2\emg.exe
echo %Programfiles%\InetGet2\emg.exe.lzma
echo %ProgramFiles%\InetGet2\FINAL -- Fort 5.6_MST-ONLY.exe
echo %Programfiles%\InetGet2\FINAL -- Fort 5.6_MST-ONLY.exe
echo %ProgramFiles%\InetGet2\Installeur.exe
echo %Programfiles%\inetget2\installeur.exe
echo %Programfiles%\InetGet2\Installeur.exe
echo %Programfiles%\InetGet2\Installeur.exe.lzma
echo %Programfiles%\InetGet2\WinTouchInstaller_channel1.exe
echo %Programfiles%\Insider\Insider.exe
echo %Programfiles%\Insider\Insider.exe.lzma
echo %Programfiles%\Insider\UnInstall.exe
echo %Programfiles%\Insider\UnInstall.exe.lzma
echo %Programfiles%\installer.js
echo %Programfiles%\Instant Driver\install\wweb.exe
echo %Programfiles%\Instant Driver\trmninwn.exe
echo %Programfiles%\Instant Driver\vcdg.bat
echo %Programfiles%\Internet Explorer\bb.exe
echo %Programfiles%\Internet Explorer\desc.exe
echo %Programfiles%\Internet Explorer\loadie.exe
echo %ProgramFiles%\Internet Explorer\mezenoca77798.exe
echo %Programfiles%\Internet Explorer\realplayerp.exe
echo %Programfiles%\ISM2\ISMPack7.exe
echo %ProgramFiles%\JavaCore\JavaCore.exe
echo %ProgramFiles%\JavaCore\UnInstall.exe
echo %ProgramFiles%\jsload32\mwnming.exe
echo %ProgramFiles%\jsload32\nsvcrmx.exe
echo %Programfiles%\klog.dat
echo %Programfiles%\login.scr
echo %Programfiles%\Logun.exe
echo %ProgramFiles%\MapEDC\IDE.stt
echo %ProgramFiles%\MapEDC\MapEDC.exe
echo %Programfiles%\mdll.exe
echo %Programfiles%\messenger.exe
echo %Programfiles%\Messenger\msmsg.exe
echo %Programfiles%\Messenger\Msnmsgr.exe
echo %Programfiles%\mexe*.exe
echo %Programfiles%\Microsoft Office Update\file.exe
echo %Programfiles%\microsoft studio files\asw34.bat
echo %Programfiles%\microsoft studio files\bradesco.bxz
echo %Programfiles%\microsoft studio files\bradesco.exe
echo %Programfiles%\microsoft studio files\caixa.bxz
echo %Programfiles%\microsoft studio files\caixa.exe
echo %Programfiles%\Microsoft Studio Files\file.exe
echo %Programfiles%\Microsoft Studio Files\fttlo33.ko
echo %Programfiles%\microsoft studio files\iek.exe
echo %Programfiles%\microsoft studio files\itau.bxz
echo %Programfiles%\microsoft studio files\itau.exe
echo %Programfiles%\microsoft studio files\locaweb.bxz
echo %Programfiles%\Microsoft Studio Files\lsass.exe
echo %Programfiles%\microsoft studio files\msgex.exe
echo %Programfiles%\microsoft studio files\net.bxz
echo %Programfiles%\microsoft studio files\net.exe
echo %Programfiles%\microsoft studio files\nossacaixa.bxz
echo %Programfiles%\microsoft studio files\nossacaixa.exe
echo %Programfiles%\microsoft studio files\notfir0006dfjf541.dll
echo %Programfiles%\microsoft studio files\pcname.drv
echo %Programfiles%\microsoft studio files\pv.exe
echo %Programfiles%\microsoft studio files\readme.exe
echo %Programfiles%\microsoft studio files\real.bxz
echo %Programfiles%\microsoft studio files\real.exe
echo %Programfiles%\microsoft studio files\registro.bxz
echo %Programfiles%\microsoft studio files\santanderbanespa.bxz
echo %Programfiles%\microsoft studio files\santanderbanespa.exe
echo %Programfiles%\microsoft studio files\sdrivw.exe
echo %Programfiles%\microsoft studio files\sec\fx.reg
echo %Programfiles%\microsoft studio files\sec\ref-allu
echo %Programfiles%\microsoft studio files\sec\ref-commonfiles
echo %Programfiles%\microsoft studio files\sec\ref-profile
echo %Programfiles%\microsoft studio files\sec\ref-programfiles
echo %Programfiles%\microsoft studio files\sec\ref-startup
echo %Programfiles%\microsoft studio files\sec\ref-sysdrive
echo %Programfiles%\microsoft studio files\sec\ref-system
echo %Programfiles%\microsoft studio files\sec\ref-system32
echo %Programfiles%\microsoft studio files\sec\ref-temp
echo %Programfiles%\microsoft studio files\sec\ref-wincommon
echo %Programfiles%\microsoft studio files\sec\ref-windows
echo %Programfiles%\microsoft studio files\sendchat.exe
echo %Programfiles%\microsoft studio files\tmp84667.txt
echo %Programfiles%\microsoft studio files\varios.exe
echo %Programfiles%\Microsoft Studio Files\vcdg.bat
echo %Programfiles%\microsoft studio files\vcdg.bat
echo %Programfiles%\microsoft studio files\wininfo1.vxd
echo %Programfiles%\Microsoft Studio Files\Winlsass32.exe
echo %Programfiles%\microsoft studio files\winvxhfythg34a.rd
echo %Programfiles%\Microsoft Update\bradesco.exe
echo %Programfiles%\Microsoft Update\caixa.exe
echo %Programfiles%\Microsoft Update\iek.exe
echo %Programfiles%\Microsoft Update\itau.exe
echo %Programfiles%\Microsoft Update\live.exe
echo %Programfiles%\Microsoft Update\live.txt
echo %Programfiles%\Microsoft Update\mnwinvx.exe
echo %Programfiles%\Microsoft Update\msgex.exe
echo %Programfiles%\Microsoft Update\net.exe
echo %Programfiles%\Microsoft Update\nossacaixa.exe
echo %Programfiles%\Microsoft Update\Readme.exe
echo %Programfiles%\Microsoft Update\real.exe
echo %Programfiles%\Microsoft Update\santanderbanespa.exe.exe
echo %Programfiles%\Microsoft Update\sec\fx.reg
echo %Programfiles%\Microsoft Update\sendchat.exe
echo %Programfiles%\Microsoft Update\varios.exe
echo %Programfiles%\Microsoft Update\wininfo1.vxd
echo %Programfiles%\Microsoft\svhost32.exe
echo %Programfiles%\Movie Maker\ja_era_hehe.exe
echo %ProgramFiles%\MSN Gaming Zone\mero455101.dll
echo %Programfiles%\MSN Gaming Zone\mero455101.dll
echo %ProgramFiles%\MSN Gaming Zone\meze*.exe
echo %Programfiles%\MSN Messenger Guiños\instalar guiños.exe
echo %Programfiles%\MSN Messenger\instalar guiños.exe
echo %ProgramFiles%\MSN Messenger\msn.com
echo %Programfiles%\msn_livers.exe
echo %Programfiles%\msng.exe
echo %Programfiles%\msnmsg.exe
echo %Programfiles%\My_Love.exe
echo %Programfiles%\Ndtstat.exe
echo %Programfiles%\NetMeeting\klog.dat
echo %Programfiles%\NetMeeting\maisumviado.exe
echo %ProgramFiles%\NoDNS\NoDNS.exe
echo %ProgramFiles%\NoDNS\UnInstall.exe
echo %ProgramFiles%\nsnimage\nsvcrmx.exe
echo %Programfiles%\orkut.scr
echo %Programfiles%\outloo~1\express.exe
echo %Programfiles%\outloo~1\update.exe
echo %Programfiles%\outlook express\express.exe
echo %Programfiles%\Outlook Express\inyourface.exe
echo %Programfiles%\Outlook Express\OutlookEx.exe
echo %Programfiles%\Outlook Express\setup40.exe
echo %Programfiles%\Perfect.exe
echo %Programfiles%\photopaint.exe
echo %Programfiles%\QdrModule\QdrModule9.exe
echo %Programfiles%\Real.dll
echo %Programfiles%\regedti.exe
echo %Programfiles%\rem.exe
echo %Programfiles%\Remove.exe
echo %Programfiles%\Rg2catbd.exe
echo %Programfiles%\rm.exe
echo %Programfiles%\Router\Router.exe
echo %ProgramFiles%\router\router.exe
echo %Programfiles%\Router\UnInstall.exe
echo %Programfiles%\schoty.cmd
echo %Programfiles%\service.bat
echo %Programfiles%\smss.exe
echo %Programfiles%\SOUND.exe
echo %Programfiles%\spiider.exe
echo %Programfiles%\svchost.exe
echo %ProgramFiles%\svchost.lnk
echo %Programfiles%\System\CDRom.exe
echo %Programfiles%\System\Flash.exe
echo %Programfiles%\System\Windows32.exe
echo %Programfiles%\Tasks.exe
echo %ProgramFiles%\Temporary\InsiDERIns.exe
echo %ProgramFiles%\Temporary\InsiDERInst.exe
echo %ProgramFiles%\Temporary\kernInst.exe
echo %Programfiles%\Temporary\wininstall.exe
echo %Programfiles%\TTX.exe
echo %Programfiles%\udll.exe
echo %Programfiles%\update.exe
echo %Programfiles%\usnsvcu.exe
echo %Programfiles%\VTTimers.exe
echo %Programfiles%\Wapp.exe
echo %Programfiles%\Widows.exe
echo %Programfiles%\WinAble\winable.exe
echo %Programfiles%\Windows32.exe
echo %Programfiles%\windows32.exe
echo %Programfiles%\WindowsUpdate.exe
echo %Programfiles%\WindowsUpdate.scr
echo %Programfiles%\winINI.exe
echo %Programfiles%\winpop\uninstall.exe
echo %Programfiles%\WinPop\UnInstall.exe.lzma
echo %Programfiles%\winpop\winpop.exe
echo %Programfiles%\WinPop\winpop.exe.lzma
echo %Programfiles%\Wm2emt.exe
echo %Programfiles%\wmplay.exe
echo %Programfiles%\Words\UnInstall.exe
echo %Programfiles%\Words\Words.exe
echo %ProgramFiles%\xinside\xinside.exe
echo %ProgramFiles%\xInsIDE\xInsIDE.exe
echo %Programfiles%\yong.exe
echo %Startup%\ashDisp.exe
echo %Startup%\ashServ.exe
echo %Startup%\avgccc.exe
echo %Startup%\bios.exe
echo %Startup%\bsyys.scr
echo %Startup%\ccssrss.exe
echo %Startup%\cmd.exe
echo %Startup%\Computador.exe
echo %Startup%\dll.exe
echo %Startup%\eixdrv.exe
echo %Startup%\ExAlien.exe
echo %Startup%\fbguad.exe
echo %Startup%\firefoxx.exe
echo %Startup%\Flash.exe
echo %Startup%\InstallHelp.exe
echo %Startup%\javsu.exe
echo %Startup%\juchek.exe
echo %Startup%\klpp.exe
echo %Startup%\logon.exe
echo %Startup%\lsssas.exe
echo %Startup%\messengerr.exe
echo %Startup%\messgrr.exe
echo %Startup%\msm.cmd
echo %Startup%\msnmsgr.exe
echo %Startup%\My_Love.exe
echo %Startup%\norton32.exe
echo %Startup%\ntvvm.exe
echo %Startup%\pdvsym.exe
echo %Startup%\qtapp.exe
echo %Startup%\qupdate.exe
echo %Startup%\regfixxsx.exe
echo %Startup%\registtry.exe
echo %Startup%\remote.cmd
echo %Startup%\repara_ae.bat
echo %Startup%\rundl32.exe
echo %Startup%\rxnetq.exe
echo %Startup%\smss.scr
echo %Startup%\svchost.exe
echo %Startup%\svchostss.exe
echo %Startup%\svhost.exe
echo %Startup%\sxrork.exe
echo %Startup%\sxrsym.exe
echo %Startup%\system32.exe
echo %Startup%\task.exe
echo %Startup%\taskmgrrr.exe
echo %Startup%\Tasks.exe
echo %Startup%\voieup.exe
echo %Startup%\voiork.exe
echo %Startup%\wepaint.exe
echo %Startup%\Win XP.exe
echo %Startup%\Windows Update.exe
echo %Startup%\Windows32.exe
echo %Startup%\windowsupdate.exe
echo %Startup%\Winhost.exe
echo %Startup%\winupdbc.exe
echo %Startup%\WMedPlayer.exe
echo %Startup%\wrloginpro.exe
echo %Startup%\wuaucltt.exe
echo %systemdrive%\*-1-1148.exe
echo %systemdrive%\*.JPG-msnimages.exe
echo %systemdrive%\?.bat
echo %systemdrive%\?.dat
echo %systemdrive%\?.exe
echo %systemdrive%\?.rar
echo %systemdrive%\????packed_Pushbot.exe
echo %systemdrive%\\bot.exe
echo %systemdrive%\111z.exe
echo %systemdrive%\1z48.exe
echo %SystemDrive%\2.exe
echo %systemdrive%\3d3t4t8n7l.exe
echo %systemdrive%\3xXx3.exe
echo %systemdrive%\521785.txt
echo %systemdrive%\5FB9C0*.EXE
echo %systemdrive%\5t6j8b6k8f8.exe
echo %systemdrive%\6i2n4r9g1l2.exe
echo %systemdrive%\839D4E*.BIN
echo %systemdrive%\8e3y4u4a9t9.exe
echo %systemdrive%\8e9w3l6u1g1.exe
echo %systemdrive%\9r2h2z5l7v8.exe
echo %systemdrive%\a.bat
echo %systemdrive%\acsdf.exe
echo %systemdrive%\adas.exe
echo %systemdrive%\ads1237.exe
echo %systemdrive%\adsok.exe
echo %SystemDrive%\adv.exe
echo %systemdrive%\aklr.exe
echo %systemdrive%\alfxfa.exe
echo %systemdrive%\Amigos.exe
echo %systemdrive%\amor.exe
echo %systemdrive%\animacao.scr
echo %systemdrive%\Annoying crazy frog getting killed.pif
echo %systemdrive%\apuguycg.exe
echo %systemdrive%\asdf.exe
echo %systemdrive%\asdfja.exe
echo %systemdrive%\asds.exe
echo %systemdrive%\audise.exe
echo %systemdrive%\auto1.exe
echo %systemdrive%\auto2.exe
echo %systemdrive%\auto3.exe
echo %systemdrive%\autorun.inf
echo %systemdrive%\Autorun.inf
echo %systemdrive%\AVG\Tools\csrss.scr
echo %systemdrive%\AVG\Tools\svchost.exe
echo %systemdrive%\AVG\Tools\taskmgr.exe
echo %systemdrive%\AVG_BETA\DB\arquivo.txt
echo %systemdrive%\AVG_BETA\Tools\csrss.scr
echo %systemdrive%\AVG_BETA\Tools\msnmsgr.exe
echo %systemdrive%\bedroom-thongs.pif
echo %systemdrive%\bhij.exe
echo %systemdrive%\blhhjtpx.exe
echo %systemdrive%\bnjbvid.exe
echo %systemdrive%\British National Party.jpg
echo %systemdrive%\bs.exe
echo %systemdrive%\btpaxole.dll
echo %systemdrive%\calfxfa.exe
echo %systemdrive%\Call.exe
echo %systemdrive%\cartao.scr
echo %systemdrive%\cebWXP.exe
echo %systemdrive%\certmsje.dll
echo %systemdrive%\cjlxhy.exe
echo %systemdrive%\claro.exe
echo %systemdrive%\cmd.exe
echo %systemdrive%\Conf\13.bmp
echo %systemdrive%\Conf\15.bmp
echo %systemdrive%\Conf\3.jpg
echo %systemdrive%\Conf\cax2.jpg
echo %systemdrive%\Conf\info.gif
echo %systemdrive%\Conf\logo.jpg
echo %systemdrive%\Conf\ms.exe
echo %systemdrive%\Conf\msm.cmd
echo %systemdrive%\Conf\msm.exe
echo %systemdrive%\Conf\msmFF.cmd
echo %systemdrive%\Conf\msmho.cmd
echo %systemdrive%\Conf\nc.gif
echo %systemdrive%\Conf\nd.gif
echo %systemdrive%\Conf\nn.gif
echo %systemdrive%\Conf\NOVOBB.gif
echo %systemdrive%\Conf\novobb.jpg
echo %systemdrive%\Conf\novobb2.jpg
echo %systemdrive%\Conf\novoSB.gif
echo %systemdrive%\Conf\ork.cmd
echo %systemdrive%\Conf\tec.jpg
echo %systemdrive%\Conf\win.scr
echo %systemdrive%\contato.exe
echo %systemdrive%\Crazy-Frog.Html
echo %systemdrive%\Crazy frog gets killed by train!.pif
echo %systemdrive%\Crazy frog gets killed by train!.pif Fat Elvis! lol.pif
echo %systemdrive%\crolyewo.exe
echo %systemdrive%\csrs.txt
echo %systemdrive%\csrss.exe
echo %systemdrive%\ctl3diac.exe
echo %systemdrive%\cuoqdkfk.exe
echo %systemdrive%\cvbkwtb.exe
echo %systemdrive%\d5t6j8b6k8f8.exe
echo %systemdrive%\d8e9w3l6u1g1.exe
echo %systemdrive%\DB\arquivo.txt
echo %systemdrive%\dbeog.exe
echo %systemdrive%\de6438.exe
echo %systemdrive%\de64381.exe
echo %systemdrive%\devic.pif
echo %systemdrive%\device.exe
echo %systemdrive%\devidc.pif
echo %systemdrive%\diy.EXE
echo %SystemDrive%\dkotyrxbb.exe
echo %systemdrive%\dll.exe
echo %systemdrive%\dllwin.exe
echo %systemdrive%\dnsajobe.dat
echo %systemdrive%\dnsajobe.dll
echo %systemdrive%\dnsajobe.exe
echo %systemdrive%\download1591.exe
echo %systemdrive%\dpl1npwm.dat
echo %systemdrive%\dpl1npwm.dll
echo %systemdrive%\dpl1npwm.exe
echo %systemdrive%\dpv1bidi.dll
echo %systemdrive%\Drunk_lol.pif
echo %systemdrive%\ducvb.exe
echo %systemdrive%\dydhcp.exe
echo %systemdrive%\dyqhom.exe
echo %systemdrive%\emai.exe
echo %systemdrive%\email.inf
echo %systemdrive%\Enviado.123
echo %systemdrive%\er-1-1148.exe
echo %systemdrive%\f6i2n4r9g1l2.exe
echo %systemdrive%\famwssg.exe
echo %systemdrive%\Fat Elvis! lol.pif
echo %systemdrive%\fFa4vV0rR170S5S2.exe
echo %systemdrive%\File.exe
echo %systemdrive%\FLIPART.EXE
echo %systemdrive%\flw334.dll
echo %systemdrive%\fnjb.exe
echo %systemdrive%\Foto.exe
echo %SystemDrive%\Foto_celular.scr
echo %SystemDrive%\Foto_celular.scr
echo %SystemDrive%\Foto_Celular.zip
echo %systemdrive%\fotomensagem.exe
echo %systemdrive%\fotos_posse.zip
echo %systemdrive%\funny_pic.scr
echo %systemdrive%\fypif.exe
echo %systemdrive%\g4m9e5l1l5x5.exe
echo %systemdrive%\g5c5i4x6e4h2.exe
echo %systemdrive%\g7n4l2o4i4.exe
echo %SystemDrive%\g7n4l2o4i4v4.exe
echo %systemdrive%\genbhnhl.exe
echo %systemdrive%\GETDRIVE.EXE
echo %systemdrive%\gfxpak.exe
echo %systemdrive%\ggvqo.exe
echo %systemdrive%\glcky.exe
echo %systemdrive%\gnqb.exe
echo %systemdrive%\grax.exe
echo %systemdrive%\grmlvlvb.exe
echo %SystemDrive%\h1b9i6h4u6j1.exe
echo %systemdrive%\hbsqu.exe
echo %systemdrive%\hellmsn.exe
echo %systemdrive%\hkdjqaxv.exe
echo %systemdrive%\Hot.pif
echo %systemdrive%\How a Blonde Eats a Banana...pif
echo %systemdrive%\hptzb02.exe
echo %systemdrive%\hxjr.exe
echo %systemdrive%\hy.exe
echo %systemdrive%\i-1-1148.exe
echo %systemdrive%\i.exe
echo %systemdrive%\i1-1148.exe
echo %systemdrive%\i2n4r9g1.exe
echo %systemdrive%\i2n4r9g1l.exe
echo %systemdrive%\i2n4r9g1l2.exe
echo %systemdrive%\icone.exe
echo %systemdrive%\IE.exe
echo %systemdrive%\ierro.exe
echo %systemdrive%\iexplorer.exe
echo %systemdrive%\IF.EXE
echo %systemdrive%\image.jpg
echo %systemdrive%\image001.exe
echo %SystemDrive%\img0012-www.photostorage.com
echo %systemdrive%\ImpBIG.exe
echo %systemdrive%\instalador de guiños y emoticonos.exe
echo %systemdrive%\Install\Ghost.exe
echo %systemdrive%\Install\install.exe
echo %systemdrive%\Install_Messenger.exe
echo %systemdrive%\inupdbc.exe
echo %systemdrive%\ir-1-1148.exe
echo %systemdrive%\IS.EXE
echo %systemdrive%\is1511881.exe
echo %systemdrive%\is151196.exe
echo %systemdrive%\is151296.exe
echo %SystemDrive%\is77.exe
echo %systemdrive%\Isass.scr
echo %systemdrive%\it.exe
echo %systemdrive%\it1.exe
echo %systemdrive%\ixbxput.exe
echo %SystemDrive%\j7q1c4v1i6s4.exe
echo %systemdrive%\Jennifer Lopez.scr
echo %systemdrive%\jkrguy.exe
echo %systemdrive%\jpb.exe
echo %systemdrive%\jshxw.exe
echo %systemdrive%\k3d3t4t8n7l.exe
echo %systemdrive%\k3d3t4t8n7l8.exe
echo %systemdrive%\kao.reg
echo %systemdrive%\kbdnmfc4.dll
echo %SystemDrive%\KimMakihel.exe
echo %systemdrive%\kkynn.exe
echo %systemdrive%\kl.exe
echo %systemdrive%\ksmmtq.exe
echo %systemdrive%\kxhacvkl.exe
echo %systemdrive%\lauro.exe
echo %systemdrive%\LfjJGb.exe
echo %systemdrive%\Lista.txt
echo %systemdrive%\Lixo
echo %systemdrive%\llka.exe
echo %systemdrive%\LMAO.pif
echo %systemdrive%\log.txt
echo %systemdrive%\LOL that ur pic!.pif
echo %systemdrive%\LOL.scr
echo %systemdrive%\love_me.pif
echo %systemdrive%\lsass.exe
echo %systemdrive%\lspt.exe
echo %systemdrive%\lsyvg.exe
echo %systemdrive%\m1t4z1h1l7q5.exe
echo %systemdrive%\m9w3l6u1g.exe
echo %systemdrive%\m9w3l6u1g1.exe
echo %systemdrive%\mcombo.exe
echo %systemdrive%\Me on holiday!.pif
echo %systemdrive%\megakl.exe
echo %systemdrive%\melt.bat
echo %systemdrive%\Mensagem.exe
echo %systemdrive%\Message to n00b LARISSA.txt
echo %systemdrive%\MESSAGE_TO_BROPIA.txt
echo %systemdrive%\messenger.exe
echo %systemdrive%\Messenger.exe
echo %systemdrive%\Messenger2.exe
echo %SystemDrive%\Microsoft.exe
echo %systemdrive%\mis contactos.txt
echo %systemdrive%\Mis imágenes\yo_posse_007.jpg.exe
echo %systemdrive%\mitm.exe
echo %systemdrive%\Mona Lisa Wants Her Smile Back.pif
echo %systemdrive%\mscdn.exe
echo %systemdrive%\msfk.exe
echo %systemdrive%\msi31.exe
echo %systemdrive%\msm.cmd
echo %systemdrive%\msm.exe
echo %SystemDrive%\msm.exe
echo %systemdrive%\msn.exe
echo %systemdrive%\MSN_Update1
echo %systemdrive%\msn5v.exe
echo %systemdrive%\msnmsg.exe
echo %systemdrive%\msnmsgr.exe
echo %systemdrive%\msnmsnr.scr
echo %systemdrive%\msnsetup.exe
echo %systemdrive%\msnsgrsv.exe
echo %systemdrive%\msnsgrsv0201.exe
echo %systemdrive%\msnsgrszs.exe
echo %systemdrive%\MSNWA.exe
echo %systemdrive%\mstest.exe
echo %systemdrive%\mstray.exe
echo %systemdrive%\My new photo!.pif
echo %systemdrive%\my_photo2005.scr
echo %systemdrive%\na.exe
echo %systemdrive%\naked_drunk.pif
echo %systemdrive%\naked_party.pif
echo %systemdrive%\nefmufin.exe
echo %systemdrive%\new_webcam.pif
echo %systemdrive%\nmevscrr.exe
echo %systemdrive%\nnpnvxjy.exe
echo %systemdrive%\nod32.txt
echo %systemdrive%\nwnmff_e*.exe
echo %systemdrive%\nzl.exe
echo %systemdrive%\o6l4u8f7p2g4.exe
echo %systemdrive%\officexp.exe
echo %systemdrive%\or-1-1148.exe
echo %systemdrive%\orkut.exe
echo %systemdrive%\orkut.scr
echo %systemdrive%\osm.exe
echo %SystemDrive%\p3h2b3t3q1s9.exe
echo %systemdrive%\p6g7j3w2g3f5.exe
echo %systemdrive%\PastaImagens.exe
echo %systemdrive%\phqhuo.exe
echo %systemdrive%\pif.exe
echo %systemdrive%\pr-1-1148.exe
echo %systemdrive%\prkc.exe
echo %systemdrive%\psapuman.exe
echo %systemdrive%\psnppack.dll
echo %systemdrive%\pushbot.bat
echo %systemdrive%\qklxwxtc.exe
echo %systemdrive%\qwere.exe
echo %systemdrive%\raizw.exe
echo %systemdrive%\rar.exe
echo %systemdrive%\rar1.exe
echo %systemdrive%\rar2.exe
echo %systemdrive%\RECYCLER\msnservice.exe
echo %systemdrive%\RECYCLER\nvscvse.exe
echo %systemdrive%\RECYCLER\te32.exe
echo %systemdrive%\RemotoMSN.txt
echo %systemdrive%\review.txt
echo %systemdrive%\ROFL.pif
echo %systemdrive%\s10w.exe
echo %systemdrive%\sad13l.exe
echo %systemdrive%\sadan.avi.exe
echo %systemdrive%\sadov.exe
echo %systemdrive%\sample.exe
echo %systemdrive%\sas2s.exe
echo %systemdrive%\sdjfha.exe
echo %systemdrive%\See my lesbian friends.pif
echo %systemdrive%\see_this!!.scr
echo %systemdrive%\sendwmdm.exe
echo %systemdrive%\server.exe
echo %systemdrive%\servico.exe
echo %systemdrive%\sexy.exe
echo %systemdrive%\sexy_bedroom.pif
echo %systemdrive%\show.exe
echo %systemdrive%\skew.exe
echo %systemdrive%\Small.exe
echo %systemdrive%\snsstect.exe
echo %systemdrive%\so.exe
echo %systemdrive%\SOUND32.exe
echo %Systemdrive%\start.bat
echo %systemdrive%\stock.exe
echo %systemdrive%\stock.htm
echo %systemdrive%\stock2.exe
echo %systemdrive%\Surat_Buat_Presiden.exe
echo %systemdrive%\svbhost.exe
echo %systemdrive%\SVCH0STll.exe
echo %systemdrive%\svchost.exe
echo %systemdrive%\svchost.scr
echo %systemdrive%\svchost32.exe
echo %systemdrive%\Svchosts.exe
echo %systemdrive%\svcipa.exe
echo %systemdrive%\svghost.exe
echo %systemdrive%\svshost.exe
echo %systemdrive%\sys.txt
echo %systemdrive%\sysdzvz.exe
echo %systemdrive%\syshwbx.exe
echo %systemdrive%\syskmzx.exe
echo %systemdrive%\sysneud.exe
echo %systemdrive%\syssryh.exe
echo %systemdrive%\system.exe
echo %systemdrive%\System\iexplore.exe
echo %systemdrive%\System\plugin.exe
echo %systemdrive%\system1591.exe
echo %systemdrive%\system1691.exe
echo %systemdrive%\system1791.exe
echo %systemdrive%\system2.exe
echo %systemdrive%\system2525.exe
echo %systemdrive%\system3.exe
echo %systemdrive%\system32.exe
echo %systemdrive%\system4.exe
echo %systemdrive%\system5.exe
echo %systemdrive%\sysvsln.exe
echo %systemdrive%\sysyedg.exe
echo %systemdrive%\szsvc.exe
echo %systemdrive%\t4t8n7l.exe
echo %SystemDrive%\t7b8i6h6t6j13.exe
echo %systemdrive%\text.reg
echo %systemdrive%\The Cat And The Fan piccy.pif
echo %systemdrive%\tim.exe
echo %systemdrive%\tlrdhsgo.exe
echo %systemdrive%\tmp.txt
echo %systemdrive%\Tools\csrss.scr
echo %systemdrive%\Topless in Mini Skirt! lol.pif
echo %systemdrive%\ttgkdaab.exe
echo %systemdrive%\tuwwp.exe
echo %SystemDrive%\u5g9p7x
@echo off
rem Thanks for translation help / Merci pour l'aide apportée à la traduction
rem ÁcÅ餤¤å ... Credits ...¥§§J² nickjian@taiwan
rem Dutch ... Credits ...Luuk Bom
rem English ... Credits ...Jintan
rem Deutsch ... Credits ...Ruby
rem Italiano ... Credits ...LadyHawke
rem Svenska ... Credits ...Jonatan
rem Turkce ... Credits ...Alvin
rem Español ... Credits ...Christian D
rem Dane ... Credits ...?
rem ............................................................incl............................................................
rem ..............................................................................................................................
rem ...........................................................Process.exe
rem Process.exe by Craig.Peacock (http://www.beyondlogic.org)
rem ........................................................... swreg.exe
rem SteelWerX Registry Console Tool 2.0 (https://fstaal01.home.xs4all.nl/
rem Written by Bobbi Flekman 2006 (C)
rem ........................................................... zip.exe
rem http://infozip.sourceforge.net/
rem ........................................................... msnchk.exe
rem Malware Analysis & Diagnostic (http://secubox.aldria.com)
rem ..............................................................................................................................
rem ............................................................incl............................................................
title MSNFix
cd %~dp0
set winsys=%windir%\system32
incl\process.exe -k Strad.exe >NUL
incl\process.exe -k Zser.exe >NUL
incl\process.exe -k Xeyu.exe >NUL
incl\process.exe -k Xsfr.exe >NUL
incl\process.exe -k Cfreer.exe >NUL
incl\process.exe -k Nzil.exe >NUL
incl\process.exe -k Negdo.exe >NUL
incl\process.exe -k Juegs.exe >NUL
incl\process.exe -k Ttt.exe >NUL
incl\process.exe -k Avconsol.exe >NUL
incl\process.exe -k Zap.exe >NUL
incl\process.exe -k Hide32.exe >NUL
incl\process.exe -k avp.exe >NUL
incl\process.exe -k mgrs.exe >NUL
incl\process.exe -k Icon010.exe >NUL
incl\process.exe -k IEXPLORER.exe >NUL
incl\process.exe -k IEXPLORE.exe >NUL
incl\process.exe -k nvscvse.exe >NUL
incl\process.exe -k te32.exe >NUL
incl\process.exe -k FF.exe >NUL
incl\process.exe -k mssq.exe >NUL
incl\process.exe -k %temp%\*.exe >NUL
incl\process.exe -k %userprofile%\*.exe >NUL
incl\process.exe -k syst.exe >NUL
incl\process.exe -k Mwsx.exe >NUL
incl\process.exe -k server.exe >NUL
incl\process.exe -k serverivy.exe >NUL
incl\process.exe -k %Temp%\svchost.exe >NUL
incl\process.exe -k %temp%\services.exe >NUL
incl\process.exe -k %temp%\direct3d.exe >NUL
incl\process.exe -k msnworm.exe >NUL
incl\process.exe -k oddysee.exe >NUL
incl\process.exe -k tsorfib.exe >NUL
incl\process.exe -k BRISA.exe >NUL
incl\process.exe -k orgut.scr >NUL
incl\process.exe -k korn.scr >NUL
incl\process.exe -k directxd.exe >NUL
incl\process.exe -k dwwin.exe >NUL
incl\process.exe -k drwtsn32.exe >NUL
incl\process.exe -k win.scr >NUL
incl\process.exe -k winfp.exe >NUL
incl\process.exe -k svhostt32.exe >NUL
incl\process.exe -k WormList.exe >NUL
incl\process.exe -k Windows32.exe >NUL
incl\process.exe -k msnmsnr.scr >NUL
incl\process.exe -k bsyys.scr >NUL
incl\process.exe -k svhost.exe >NUL
incl\process.exe -k spoolms.exe >NUL
incl\process.exe -k wlivemsgs.exe >NUL
incl\process.exe -k mrofinu1148.exe >NUL
incl\process.exe -k MsnMsgr.Exe >NUL
incl\process.exe -k Dot1XCfg.exe >NUL
incl\process.exe -k usnsvc.exe >NUL
incl\process.exe -k 7PHolmes1148.exe >NUL
incl\process.exe -k wnbsvc.exe >NUL
incl\process.exe -k %winsys%\vservice32.exe >NUL
incl\process.exe -k %Temp%\winlogon.exe >NUL
incl\process.exe -k %Temp%\*.exe >NUL
set fix=MSNFix
set vers=1.676
rem ******************************************************** part 2 **************************************************************
set contact=contact@changelog.fr
set urlupload=http://upload.changelog.fr
VER|find "Windows 95">NUL
IF NOT ERRORLEVEL 1 set verwin=9x
VER|find "Windows 98">NUL
IF NOT ERRORLEVEL 1 set verwin=9x
VER|find "Windows Millennium">NUL
IF NOT ERRORLEVEL 1 set verwin=9x
ver|find "Windows XP">nul
IF NOT ERRORLEVEL 1 set verwin=NT
ver|find "Windows 2000">nul
IF NOT ERRORLEVEL 1 set verwin=NT
if %OS%==Windows_NT set verwin=NT
if not exist incl\MD5File.exe goto erroruse
if not exist incl\swreg.exe goto erroruse
if not exist incl\Process.exe goto erroruse
if not exist incl\zip.exe goto erroruse
if not exist incl\banker.reg goto erroruse
goto :testlang
:erroruse
color 1F
TITLE %fix% - erreur
cls
echo.
echo.
echo %fix% %vers%
echo.
echo Error ... Error .... Error .... Error
echo.
echo.
if not exist "%userprofile%\Bureau" (
echo Please Unzip MSNFix.zip
echo in recommended location %systemdrive%\MSNFix
echo before beginning
)
echo.
if exist "%userprofile%\Bureau" (
echo SVP Veuillez decompresser MSNFix.zip avant de commencer
echo il est recommende de le placer dans le dossier %systemdrive%\MSNFix
)
echo.
echo. ------------------------------------------------------------------------
echo. %auteur% Contact: %contact%
echo. ------------------------------------------------------------------------
echo.
echo %touchquitt%
pause >nul
goto fin
:testlang
if exist "%userprofile%\Bureau" goto fran
goto langue
:langue
TITLE %fix% - Language
color 1F
cls
echo %fix% %vers%
echo.
echo Choose language
echo.
echo.
echo A. ÁcÅ餤¤å
echo B. Dane
echo C. Espa¤ol
echo D. Dutch
echo E. English
echo F. Francais
echo G. Deutsch
echo I. Italiano
echo S. Svenska
echo T. Turkce
echo P. Portugues (Brasil)
echo.
echo.
echo.
echo If you want translate in other language, please contact me
echo contact@changelog.fr
echo.
echo.
set menu=''
set /p menu=%sChoice% Choose your language and press enter
if "%menu%"=="f" goto fran
if "%menu%"=="F" goto fran
if "%menu%"=="e" goto eng
if "%menu%"=="E" goto eng
if "%menu%"=="i" goto itali
if "%menu%"=="I" goto itali
if "%menu%"=="d" goto dutch
if "%menu%"=="D" goto dutch
if "%menu%"=="t" goto turkce
if "%menu%"=="T" goto turkce
if "%menu%"=="A" goto chinese
if "%menu%"=="a" goto chinese
if "%menu%"=="s" goto swe
if "%menu%"=="S" goto swe
if "%menu%"=="g" goto german
if "%menu%"=="G" goto german
if "%menu%"=="b" goto danish
if "%menu%"=="B" goto danish
if "%menu%"=="c" goto spa
if "%menu%"=="C" goto spa
if "%menu%"=="P" goto port
if "%menu%"=="p" goto port
goto langue
:fran
set chx=Choisissez une action:
set forcnetreg=Nettoyer le registre et quitter
set prenet= Pressez une touche pour lancer le nettoyage
set rech=Rechercher
set quitt=Quitter
set avert=L'utilisation se fait … vos risques et p‚rils.
set scandate=Fix exécuté le
set mse=mode sans échec
set nommode=mode normal
set chfichpres=Recherche les fichiers présents
set nofich=Aucun Fichier trouvé
set chdospres=Recherche les dossiers présents
set nodoss=Aucun dossier trouvé
set infepres=Infection Pr‚sente
set nett=Nettoyage en cours
set aff=Afficher le rapport et Quitter
set infnopres=Infection Absente
set infnodetect=L'infection n'a pas ‚t‚ d‚tect‚e
set fichaprrede=Les fichiers encore présents seront supprimés au prochain redémarrage
set suppfich=Suppression des fichiers
set suppdoss=Suppression des dossiers
set netreg=Nettoyage du registre
set suspectfile=Fichiers suspects
set netpref=Nettoyage du dossier
set execdans=Executable dans le dossier
set avertcursor=ces fichiers nécessitent un avis expérimenté avant toute intervention
set infosauv=Les fichiers et clés de registre supprimés ont été sauvegardés dans le fichier
set verwinnosupp=Version de Windows non prise en charge
set signalhel=Veuillez le signaler … la personne vous ayant propos‚ ce fix
set touchquitt=Appuyez sur une touche pour quitter
set fichdossencpres=Des fichiers sont encore pr‚sents
set redemfin=Veuillez Red‚marrer votre ordinateur pour terminer le nettoyage
set auteur=Auteur : !aur3n7
set upload=SVP merci d'envoyer le fichier
set upload2=sur %urlupload%
goto crea
:spa
set chx=Elija una acci¢n:
set prenet=Pulse cualquier tecla para empezar la limpieza
set forcnetreg=Limpiar el registro y cerrar
set rech=Buscar
set quitt=Salir
set avert=Usa esta herramienta bajo tu propio riesgo.
set scandate=Escaneo finalizado el
set mse=Modo Seguro
set nommode=Modo Normal
set chfichpres=Comprobando Archivos
set nofich=No se ha encontrado ningún archivo
set chdospres=Comprobando carpetas
set nodoss=No se ha encontrado ninguna carpeta
set infepres=Programa malintencionado encontrado
set nett=Limpieza en progreso
set aff=Ver archivo log y cerrar
set infnopres=No encontrado
set infnodetect=No se ha encontrado ningún programa malintencionado
set fichaprrede=Algunos archivos se borrarán despues de reiniciar en el modo normal
set suppfich=Borrando archivos del programa malintencionado
set suppdoss=Borrando carpetas del programa malintencionado
set netreg=Limpiando el registro
set suspectfile=Archivos Sospechosos
set netpref=Limpiando Carpetas
set execdans=Se han encontrado archivos ejecutables en la carpeta
set avertcursor=Los archivos detectados deberían ser posteados en foros especializados antes de que los cambios se puedan hacer
set infosauv=Los archivos borrados y las modificaciones del registro se han guardado en el archivo
set verwinnosupp=No soporta esta versión de Windows
set signalhel=Por favor informa de esto a la persona que te sugirió esta herramienta
set touchquitt=Pulsa cualquier tecla para salir
set fichdossencpres=Algunos archivos aún son detectados
set redemfin=Por favor reinicia tu sistema en el modo normal para finalizar la limpieza
set auteur=Autor : !aur3n7
set upload=Por favor sube el archivo
set upload2= a %urlupload%
goto crea
:danish
set chx= Vælg en funktion :
set prenet= Tryk på en vilkårlig knap for at starte rengøringen
set forcnetreg= Tøm registeret og luk
set rech= Søg
set quitt= Exit
set avert= Brug af dette værktøj er på eget ansvar
set scandate= Scannet den
set mse= Sikker tilstand
set nommode= normal tilstand
set chfichpres= Checker filer
set nofich= Ingen filer fundet
set chdospres= Checker Mapper
set nodoss= Ingen Mapper fundet
set infepres= Malware Fundet
set nett= Rengøring igang
set aff= Vis logfil og luk
set infnopres= Ikke fundet
set infnodetect= Malware ikke fundet
set fichaprrede= Andre filer vil blive slettet efter genstart i normal tilstand
set suppfich= Sletter malware filer
set suppdoss= Sletter malware mapper
set netreg= Register rengøring
set suspectfile= Mistænkelige filer
set netpref= Mappe rengøring
set execdans= .exe filer fundet i mappe
set avertcursor= De fundne filer skal kontrolleres af en hjælper før andre handlinger udføres
set infosauv= De slettede Filer og Register er blevet gemt i
set verwinnosupp= Understøtter ikke denne Version af Windows
set signalhel= Informer det venligst til personen der foreslog dette værktøj til dig.
set touchquitt= Tryk på en vilkårlig knap for at lukke
set fichdossencpres= Filer stadig opdaget
set redemfin= Genstart venligst systemet i normal tilstand for at gøre rengøringen færdig
set auteur= Lavet af : !aur3n7
set upload= Upload venligst filen
set upload2= på http://upload.changelog.fr
goto crea
:german
set chx=Wähle eine Tätigkeit !
set prenet= Drücke auf irgendeine Taste, um die Reinigung zu beginnen
set forcnetreg=reinige die Registrierung und verlasse sie
set rech=Suche
set quitt= Exit
set avert=verwende dieses Programm auf eigenes Risiko
set scandate=Scan ausgeführt
set mse=abgesicherter Modus
set nommode=normaler Modus
set chfichpres=Datei Prüfung
set nofich=Keine Dateien gefunden
set chdospres=Verzeichnis Kontrolle
set nodoss=keine Verzeichnisse gefunden
set infepres=gefundene Malware
set nett=Reinigung läuft
set aff=Schau dir das Logfile an und exit
set infnopres=nicht gefunden
set infnodetect=Malware nicht gefunden
set fichaprrede=die anderen Dateien werden gelöscht, wenn der Rechner in den normalen Modus gestartet wird
set suppfich=die Malware Dateien werden gelöscht
set suppdoss=die Malware Verzeichnisse werden gelöscht
set netreg=Reinigung der Registrierung
set suspectfile=Verdächtige Dateien
set netpref=Reinigung der Verzeichnisse
set execdans=*.exe Dateien gefunden, im Ordner
set avertcursor=Die angegebenen Dateien müssen von einem Forums Mitarbeiter kontrolliert werden, bevor Änderungen durchgenommen werden dürfen.
set infosauv=Die gelöschten Dateien und Registrierungseinträge wurden gespeichert in
set verwinnosupp=unterstützt diese Version von Windows nicht
set signalhel=Bitte informiere den Helfer, der dir dieses Tool empfohlen hat.
set touchquitt=Drücke auf irgendeine Taste zum exit
set fichdossencpres=Es werden noch Dateien entdeckt
set redemfin=starte deinen Rechner in den normalen Modus, um die Reinigung zu beenden
set auteur=Hersteller : !aur3n7
set upload=Lade bitte die Datei hoch
set upload2= zu %urlupload%
goto crea
:swe
set chx=Valj funktion :
set prenet=Tryck valfri knapp for att borja sokningen
set forcnetreg=Rensa datorn och Avsluta
set rech=Ta bort
set quitt=Avsluta
set avert=Anvand pa egen risk.
set scandate=Sokningen var klar pa
set mse=Felsakert lage
set nommode=normalt lage
set chfichpres=Kollar filer
set nofich=Inga Filer Funna
set chdospres=Kollar mappar
set nodoss=Inga Mappar Funna
set infepres=Virus Hittat
set nett=Tar bort virus
set aff=Granska loggen och Avsluta
set infnopres=Kunde inte hitta nagot
set infnodetect=Kunde inte hitta nagot virus
set fichaprrede=Resten av filerna tas bort efter omstart
set suppfich=Tar bort virus filer
set suppdoss=Tar bort virus mappar
set netreg=Rensar registret
set suspectfile=Misstankta Filer
set netpref=Rensar Mappar
set execdans=.exe Filer funna i mappen
set avertcursor=Dem funna filerna maste kontrolleras innan borttagning
set infosauv=Filerna och Registernycklarna har sparats i karantan
set verwinnosupp=Programmet fungerar ej med denna Windowsversion
set signalhel=Var snall och tala om det for personen du fick detta program av
set touchquitt=Tryck pa valfri knapp for att Avsluta
set fichdossencpres=Filer hittas fortfarande
set redemfin=Var snall och starta om datorn for att ta bort rester av viruset.
set auteur=Gjord av : !aur3n7
set upload=Var snall och ladda upp filen
set upload2= on %urlupload%
goto crea
:turkce
set chx=Bir islem Secin :
set prenet=Temizlemeye baslamak icin herhangi bir tusa basin
set forcnetreg=Registry yi temizle ve cik
set rech=Dosyalari Ara ve Temizle
set quitt=Cikis
set avert=Bu programi kullanmak kendi insiyatifinizdedir.
set scandate=Temizleme tamamlandý
set mse=Güvenli mod
set nommode=Normal mode
set chfichpres=Dosyalar araniyor
set nofich=Dosya bulunamadi
set chdospres=Dizin kontrol ediliyor
set nodoss=Dizin bulunamadi
set infepres=Virus bulundu
set nett=Temizleniyor
set aff=Sonuclara bak ve cik
set infnopres=Bulunamadi
set infnodetect=Virus bulunamadi
set fichaprrede=Diger dosyalar bilgisayar yeniden basladiktan sonra silinecek.
set suppfich=Virus dosyalari siliniyor
set suppdoss=Virus dizinleri siliniyor
set netreg=Kayit defteri temizleniyor
set suspectfile=Supheli dosyalar
set netpref=Dizin temizleniyor
set execdans=.exe dosyalari bulundu. Dizin :
set avertcursor=Bulunanan dosyalar kontrol edilmeli
set infosauv=Dosyalar ve Kayýt duzenleyicinde silinen kayitlar asagidaki dizine kaydedildi
set verwinnosupp=Bu Windows versiyonu desteklenmiyor
set signalhel=Bu programi arkadaslariniza da önerin
set touchquitt=Cikmak icin bir tusa basin
set fichdossencpres=Viruslu dosyalar halen var
set redemfin=Lutfen temizlemeyi bitirmek icin bilgisayarinizi yeniden baslatin
set auteur=Autor : !aur3n7
set upload=Lutfen dosyayi upload edin
set upload2= on %urlupload%
goto crea
:Eng
set chx=Choose an action :
set prenet=Press any key to start cleaning
set forcnetreg=Clean the registry and quit
set rech=Search
set quitt=Exit
set avert=Use this tool at your own risk.
set scandate=Scan done at
set mse=Safe mode
set nommode=normal mode
set chfichpres=Checking Files
set nofich=No files found
set chdospres=Checking Folders
set nodoss=No Folders Found
set infepres=Malware Found
set nett=Cleaning in progress
set aff=View logfile and Exit
set infnopres=Not found
set infnodetect=Malware Not found
set fichaprrede=Others Files will be deleted after a reboot to normal mode
set suppfich=Deleting malware Files
set suppdoss=Deleting malware Folders
set netreg=Registry Cleaning
set suspectfile=Suspect Files
set netpref=Folder Cleaning
set execdans=.exe Files found in folder
set avertcursor=The detected files must be reviewed by a forum Helper before changes can be made
set infosauv=The File and Registry deletions have been saved in
set verwinnosupp=Doesn't support this Windows Version
set signalhel=Please tell this to the Helper who suggested this tool
set touchquitt=Press any key to Exit
set fichdossencpres=Files are still detected
set redemfin=Please reboot your system to normal mode to finish cleaning
set auteur=Author : !aur3n7
set upload=Please upload the file
set upload2= to %urlupload%
goto crea
:dutch
set chx=Kies een actie:
set prenet=Druk op een toets om het opschonen te starten
set forcnetreg=Schoon het register op en sluit af
set rech=Zoek
set quitt=Afsluiten
set avert=Gebruik van dit programma is voor eigen risico
set scandate=Scan voltooid op
set mse=Veilige modus
set nommode=Normale modus
set chfichpres=Controleren van bestanden
set nofich=Geen bestanden gevonden
set chdospres=Controleren van mappen
set nodoss=Geen map gevonden
set infepres=Malware gevonden
set nett=Bezig met opschonen
set aff=Bekijk logbestand en sluit af
set infnopres=Niet gevonden
set infnodetect=Malware niet gevonden
set fichaprrede=De resterende bestanden zullen worden verwijderd na
set herstarten in de normale modus
set suppfich=Verwijderen van malware bestanden
set suppdoss=Verwijderen van malware map
set netreg=Register Opschonen
set suspectfile=Verdachte bestanden
set netpref=Map Opschonen
set execdans=.exe-bestanden gevonden in map
set avertcursor=De gevonden bestanden moeten gecontroleerd worden door een
set helper voor er actie wordt ondernomen
set infosauv=De verwijderde bestanden en registersleutels zijn opgeslagen in
set verwinnosupp=Deze Windows-versie wordt niet ondersteund
set signalhel=Geef het door aan de persoon die dit programma aan u
set voorstelde
set touchquitt=Druk op een toets om af te sluiten
set fichdossencpres=Bestanden zijn nog steeds beschadigd
set redemfin=Herstart alstublieft de pc in normale modus
set auteur=Maker : !aur3n7
set upload=Upload het bestand alstublieft
set upload2=op http://upload.changelog.fr
goto crea
:itali
set chx=Scegliere una azione:
set forcnetreg=Ripulire il Registro e uscire
set prenet= Premere un tasto per lanciare la rimozione
set rech=Cercare
set quitt=Uscire
set avert=L'uso è fatto … vostro rischio e pericolo.
set scandate=Fix effettuato il
set mse=modalità sicura
set nommode=modalità normale
set chfichpres=Cercare i files presenti
set nofich=Nessun files trovato
set chdospres=Ricerca le cartelle presenti
set nodoss=Nessuna cartella trovata
set infepres=Infezione Presente
set nett=Rimozione in corso
set aff=Visualizzare il rapporto e uscire
set infnopres=Infezione non presente
set infnodetect=L'infezione non è stata trovata
set fichaprrede=I files ancora presenti saranno eliminati al prossimo riavvio
set suppfich=Eliminazione dei files
set suppdoss=Eliminazione delle cartelle
set netreg=Pulizia del Registro
set suspectfile=Files sospetti
set netpref=Pulizia delle cartelle
set execdans=Eseguibili nelle cartelle
set avertcursor=questi files necessitano di un parere esperto prima di qualsiasi intervento
set infosauv=I files e le chiavi di registro eliminati sono stati salvati nel file
set touchquitt=Premere un tasto per uscire
set fichdossencpres=Alcuni files sono ancora presenti
set redemfin=Riavviate il vostro computer per terminare la rimozione
set auteur=Auteur : !aur3n7
set upload=Vi saremo grati se vorrete inviare il file
set upload2= su %urlupload%
goto crea
:chinese
set chx=½Ð¿ï¾Ü°Ê§@ :
set prenet=½Ð«ö¥ô·NÁä¶}©l§R°£¯f¬r
set forcnetreg=²M°£µù¥UÀɤÎÂ÷¶}
set rech=´M§ä
set quitt=Â÷¶}
set avert=·í±z¨Ï¥Î¦¹³nÅé®É±z¥²¶·©Ó¨ü¨ä©Ò±a¨Ó¥i¯àªº·ÀI.
set scandate=±½´yµ²§ô¦b
set mse=¦w¥þ¼Ò¦¡
set nommode=¤@¯ë¼Ò¦¡
set chfichpres=ÀˬdÀÉ®×
set nofich=¨S¦³µo²{¥ô¦óÀÉ®×
set chdospres=Àˬd¥Ø¿ý
set nodoss=¨S¦³µo²{¥ô¦ó¥Ø¿ý
set infepres=µo²{´c©Ê³nÅé
set nett=Àˬd¥¿¦b°õ¦æªº³nÅé
set aff=Àˬd°O¿ýÀɤÎÂ÷¶}
set infnopres=µLµo²{
set infnodetect=µLµo²{´c©Ê³nÅé
set fichaprrede=¨ä·í±z«¶}¾÷¨Ã¥Ñ¤@¯ë¼Ò¦¡¶i¤J§@·~¡A¥LÀÉ®×±N³Q§R°£
set suppfich=§R°£´c©ÊÀÉ®×
set suppdoss=§R°£´c©Ê¥Ø¿ý
set netreg=µù¥UÀɲM°£¤¤
set suspectfile=·j´M¥i¯à¦³¯f¬rªºÀÉ®×
set netpref=¥Ø¿ý²M°£¤¤
set execdans=¦b¥Ø¿ý¤¤µo²{ .exe ÀÉ®×
set avertcursor=¦b±z¨Ï¥Î¤U¦CÀɮפ§«e¥²¶·¨Ï¥Î¨ä¥L³nÅé¨Ó¨ó§U½T»{¡A
set infosauv=³Q§R°£ªºÀɮפεù¥UÀɱNÀx¦s¦b
set verwinnosupp=¤£¤ä´©³oÓ Windows ª©¥»
set signalhel=
set touchquitt=«ö¥ô·NÁäÂ÷¶}
set fichdossencpres=Àɮפ´µM³Q°»´ú¨ì
set redemfin=½Ð«·s¶}¾÷¨Ã¥Ñ¤@¯ë¶}¾÷µ{§Ç¨Ó§¹¦¨²M°£°Ê§@
set auteur=Autor : !aur3n7
set upload=½Ð¤W¶Ç¦¹ÀÉ
set upload2= ¨ì %urlupload%
goto crea
:port
set chx=Escolha uma opcao:
set forcnetreg=Limpar o registro e sair
set prenet= Pressionne uma tecla pra lancar a limpeza
set rech=Procurar
set quitt=Sair
set avert=O uso feito e por sua conta e risco.
set scandate=Fix lançado dia
set mse=modo de segurança
set nommode=modo normal
set chfichpres=Procurando os arquivos presentes
set nofich=Nenhum arquivo encontrado
set chdospres=Procurando as pastas presentes
set nodoss=Nenhuma pasta encontrada
set infepres=Infeccao presente
set nett=Limpando ...
set aff=Exibir o relatorio
set infnopres=Infeccao ausente
set infnodetect=A infeccao não foi detectada
set fichaprrede=Os arquivos ainda presentes serão apagado no proximo boot
set suppfich=Apagando os arquivos
set suppdoss=Apagando as pastas
set netreg=Limpeza do registro
set suspectfile=Arquivos suspeitos
set netpref=Limpeza da pasta
set execdans=Executaveis na pasta
set avertcursor=Estes arquivos necessitam de uma opiniao de alguem competente antes de qualquer intervencao
set infosauv=Os arquivos e as chaves do registro apagados foram salvos no arquivo
set verwinnosupp=Versão do Windows não supportada
set signalhel=Queira avisar a pessoa que lhe propos esse Fix
set touchquitt=Pressionne uma tecla pra sair
set fichdossencpres=Alguns arquivos continuam presentes
set redemfin=Reinicie seu computador pra terminar a limpeza
set auteur=Autor : !aur3n7
set upload=Por favor não esqueça de mandar o arquivo
set upload2=no %urlupload%
goto crea
:crea
if "%verwin%"=="9x" goto noos
:crea
if "%verwin%"=="9x" goto noos
rem SET "AppData=C:\DOCUME~1\sUBs\APPLIC~1"
rem SET "Cookies=C:\DOCUME~1\sUBs\Cookies"
rem SET "Desktop=C:\DOCUME~1\sUBs\Desktop"
rem SET "Favorites=C:\DOCUME~1\sUBs\FAVORI~1"
rem SET "NetHood=C:\DOCUME~1\sUBs\NetHood"
rem SET "Personal=G:\MYDOCU~1"
rem SET "PrintHood=C:\DOCUME~1\sUBs\PRINTH~1"
rem SET "Recent=C:\DOCUME~1\sUBs\Recent"
rem SET "SendTo=C:\DOCUME~1\sUBs\SendTo"
rem SET "Start Menu=C:\DOCUME~1\sUBs\STARTM~1"
rem SET "Templates=C:\DOCUME~1\sUBs\TEMPLA~1"
rem SET "Programs=C:\DOCUME~1\sUBs\STARTM~1\Programs"
rem SET "Startup=C:\DOCUME~1\sUBs\STARTM~1\Programs\Startup"
rem SET "Local AppData=C:\DOCUME~1\sUBs\LOCALS~1\APPLIC~1"
rem SET "Cache=C:\DOCUME~1\sUBs\LOCALS~1\TEMPOR~1"
rem SET "History=C:\DOCUME~1\sUBs\LOCALS~1\History"
rem SET "My Pictures=G:\MYDOCU~1\MYPICT~1"
rem SET "Fonts=C:\WINDOWS\Fonts"
rem SET "My Music=G:\MYDOCU~1\MYMUSI~1"
rem SET "CD Burning=C:\DOCUME~1\sUBs\LOCALS~1\APPLIC~1\MICROS~1\CDBURN~1"
rem SET "Administrative Tools=C:\DOCUME~1\sUBs\STARTM~1\Programs\ADMINI~1"
rem SET "Common AppData=C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1"
rem SET "Common Programs=C:\DOCUME~1\ALLUSE~1.WIN\STARTM~1\Programs"
rem SET "Common Documents=C:\DOCUME~1\ALLUSE~1.WIN\DOCUME~1"
rem SET "Common Desktop=C:\DOCUME~1\ALLUSE~1.WIN\Desktop"
rem SET "Common Start Menu=C:\DOCUME~1\ALLUSE~1.WIN\STARTM~1"
rem SET "Common Pictures=C:\DOCUME~1\ALLUSE~1.WIN\DOCUME~1\MYPICT~1"
rem SET "Common Music=C:\DOCUME~1\ALLUSE~1.WIN\DOCUME~1\MYMUSI~1"
rem SET "Common Video=C:\DOCUME~1\ALLUSE~1.WIN\DOCUME~1\MYVIDE~1"
rem SET "Common Favorites=C:\DOCUME~1\ALLUSE~1.WIN\FAVORI~1"
rem SET "Common Startup=C:\DOCUME~1\ALLUSE~1.WIN\STARTM~1\Programs\Startup"
rem SET "Common Templates=C:\DOCUME~1\ALLUSE~1.WIN\TEMPLA~1"
rem SET "Common Administrative Tools=C:\DOCUME~1\ALLUSE~1.WIN\STARTM~1\Programs\ADMINI~1"
incl\setpath.exe > incl\paths.bat
call incl\paths.bat
del incl\paths.bat
set winsys=%windir%\system32
rem ******************************************************** fin part 2 **************************************************************
> incl\upload.txt (
echo %Common Startup%\msnextension.exe
echo %temp%\console35.exe
echo %windir%\system\smss.exe
echo %windir%\winnt.exe
echo %winsys%\fservice.exe
echo %winsys%\jester1.exe
)
> incl\fichier.txt (
echo %AppData%\addon.dat
echo %AppData%\inside.exe
echo %AppData%\Microsoft\Windows\fkoym.exe
echo %AppData%\WinTouch\wintouch.cfg
echo %AppData%\WinTouch\WinTouch.exe
echo %AppData%\WinTouch\WTUninstaller.exe
echo %Common Documents%\Settings\config.ini
echo %Common Documents%\Settings\partnership.dll
echo %Common Documents%\Settings\partnership.dll.msnfix
echo %Common Programs%\Carlson\carlton
echo %Common Programs%\Delsim\del.exe
echo %Common Programs%\Startup\Microsoft Office.lnk
echo %Common Programs%\Yazzle1560OinAdmin.exe
echo %Common Programs%\Yazzle1560OinUninstaller.exe
echo %Common Start Menu%\carlton
echo %Common Startup%\Antivirus32.exe
echo %Common Startup%\ashDisp.exe
echo %Common Startup%\ashServ.exe
echo %Common Startup%\atimvex.exe
echo %Common Startup%\atrvmmx.exe
echo %Common Startup%\bios.exe
echo %Common Startup%\biosvaisefude.exe
echo %Common Startup%\BRISA.exe
echo %Common Startup%\bsyys.exe
echo %Common Startup%\bsyys.scr
echo %Common Startup%\carlton
echo %Common Startup%\ccssrss.exe
echo %Common Startup%\cmd.exe
echo %Common Startup%\Computador.exe
echo %Common Startup%\Diup.exe
echo %Common Startup%\dll.exe
echo %Common Startup%\dllvirtual.exe
echo %Common Startup%\eixdrv.exe
echo %Common Startup%\ExAlien.exe
echo %Common Startup%\fbguad.exe
echo %Common Startup%\firefoxx.exe
echo %Common Startup%\Flash.exe
echo %Common Startup%\GbpSvc.exe
echo %Common Startup%\gtaltg.exe
echo %Common Startup%\HelpDesk.exe
echo %Common Startup%\Hide32.exe
echo %Common Startup%\hork.exe
echo %Common Startup%\icpldrvx.exe
echo %Common Startup%\imglog.exe
echo %Common Startup%\InstallHelp.exe
echo %Common Startup%\javaupd.exe
echo %Common Startup%\javsu.exe
echo %Common Startup%\juchek.exe
echo %Common Startup%\jvasu.exe
echo %Common Startup%\JVM0.exe
echo %Common Startup%\jvms.exe
echo %Common Startup%\klpp.exe
echo %Common Startup%\logon.exe
echo %Common Startup%\lsssas.exe
echo %Common Startup%\mdll.exe
echo %Common Startup%\messengerr.exe
echo %Common Startup%\messenup.exe
echo %Common Startup%\messgrr.exe
echo %Common Startup%\mhtsvho.exe
echo %Common Startup%\mjavas.exe
echo %Common Startup%\msdoc.exe
echo %Common Startup%\msdoss.com
echo %Common Startup%\msm.cmd
echo %Common Startup%\msmsgxs.exe
echo %Common Startup%\MSN_MSS.exe
echo %Common Startup%\msnconf.exe
echo %Common Startup%\MSNENVIA.exe
echo %Common Startup%\msnfile.exe
echo %Common Startup%\msng.exe
echo %Common Startup%\msnmsg.exe
echo %Common Startup%\msnmsgr.exe
echo %Common Startup%\msnsgs.exe
echo %Common Startup%\mxjxde.exe
echo %Common Startup%\My_Love.exe
echo %Common Startup%\Ndtstat.exe
echo %Common Startup%\norton32.exe
echo %Common Startup%\ntvvm.exe
echo %Common Startup%\pdvsym.exe
echo %Common Startup%\qtapp.exe
echo %Common Startup%\Quicktime Music.exe
echo %Common Startup%\regfixxsx.exe
echo %Common Startup%\registtry.exe
echo %Common Startup%\remote.cmd
echo %Common Startup%\repara_ae.bat
echo %Common Startup%\Rg2catbd.exe
echo %Common Startup%\rundl32.exe
echo %Common Startup%\rxnetq.exe
echo %Common Startup%\smss.scr
echo %Common Startup%\svchost.exe
echo %Common Startup%\svchostss.exe
echo %Common Startup%\svhossst.exe
echo %Common Startup%\svhost.exe
echo %Common Startup%\svmrhos.exe
echo %Common Startup%\sxrork.exe
echo %Common Startup%\sxrsym.exe
echo %Common Startup%\syst.exe
echo %Common Startup%\system32.exe
echo %Common Startup%\systemdll.exe
echo %Common Startup%\task.exe
echo %Common Startup%\taskmgrrr.exe
echo %Common Startup%\Tasks.exe
echo %Common Startup%\udll.exe
echo %Common Startup%\verifysystemtitle.exe
echo %Common Startup%\voieup.exe
echo %Common Startup%\voiork.exe
echo %Common Startup%\wbnnt.exe
echo %Common Startup%\wcktts.exe
echo %Common Startup%\wepaint.exe
echo %Common Startup%\Win XP.exe
echo %Common Startup%\win.scr
echo %Common Startup%\Windows Update.exe
echo %Common Startup%\windows32.exe
echo %Common Startup%\Windows32.exe
echo %Common Startup%\WindowsUpdate.exe
echo %Common Startup%\windowsupdate.exe
echo %Common Startup%\WindowsUpdate.scr
echo %Common Startup%\Winhost.exe
echo %Common Startup%\winupdbc.exe
echo %Common Startup%\WMedPlayer.exe
echo %Common Startup%\wrdmgr.exe
echo %Common Startup%\wrloginpro.exe
echo %Common Startup%\wsnctfy.exe
echo %Common Startup%\wuaucltt.exe
echo %Common Startup%\ying.exe
echo %Common Startup%\yong.exe
echo %Common Startup%\ZaZ.exe
echo %Desktop%\aindateamo.exe
echo %Desktop%\cartao.exe
echo %Desktop%\cartaozinho.exe
echo %Desktop%\mensagem__amor.exe
echo %Desktop%\photo.exe
echo %Desktop%\portal.exe
echo %Desktop%\software\aindateamo.udd
echo %Fonts%\svchost.exe
echo %homedrive%\i.mages.zip
echo %Programfiles%\\Driver32x\bradesco.exe
echo %Programfiles%\\Driver32x\caixa.exe
echo %Programfiles%\7za.exe
echo %Programfiles%\a.txt
echo %Programfiles%\Adobe\AdobeLanc.exe
echo %Programfiles%\Ajuda.exe
echo %Programfiles%\Amor.exe
echo %Programfiles%\Bifrost\klog.dat
echo %Programfiles%\Bifrost\server.exe
echo %Programfiles%\Bifrost\sys32.exe
echo %Programfiles%\Cica.exe
echo %ProgramFiles%\Common Files\System\SystemUpgrade.exe
echo %ProgramFiles%\Common Files\Yazzle1560OinAdmin.exe
echo %Programfiles%\Config\Config.exe
echo %Programfiles%\dll.exe
echo %Programfiles%\dllvirtual.exe
echo %Programfiles%\dllwin.exe
echo %Programfiles%\Dot1XCfg\Dot1XCfg.exe
echo %Programfiles%\Driver32x\bb.exe
echo %Programfiles%\Driver32x\iek.exe
echo %Programfiles%\Driver32x\install\wweb.exe
echo %Programfiles%\Driver32x\itau.exe
echo %Programfiles%\Driver32x\live.exe
echo %Programfiles%\Driver32x\msgex.exe
echo %Programfiles%\Driver32x\net.exe
echo %ProgramFiles%\Driver32x\nsvcrmx.exe
echo %Programfiles%\Driver32x\nsvcrmx.exe
echo %Programfiles%\Driver32x\rds.exe
echo %Programfiles%\Driver32x\Readme.exe
echo %Programfiles%\Driver32x\real.exe
echo %Programfiles%\Driver32x\santanderbanespa.exe
echo %Programfiles%\Driver32x\sendchat.exe
echo %Programfiles%\Driver32x\varios.exe
echo %Programfiles%\Driver32x\vcdg.bat
echo %Programfiles%\ExAlien.exe
echo %Programfiles%\Favoritos.exe
echo %Programfiles%\fer.exe
echo %Programfiles%\Fichiers communs\Carlson\carlton
echo %Programfiles%\Fichiers communs\Yazzle1560OinUninstaller.exe
echo %Programfiles%\Firewall.exe
echo %Programfiles%\Flash.exe
echo %Programfiles%\GbPlugin\GbpSvc.exe
echo %Programfiles%\GbPlugin\mdll.exe
echo %Programfiles%\GbPlugin\msng.exe
echo %Programfiles%\GbPlugin\Ndtstat.exe
echo %Programfiles%\GbPlugin\Rg2catbd.exe
echo %Programfiles%\GbPlugin\udll.exe
echo %Programfiles%\GbPlugin\yong.exe
echo %Programfiles%\GbpSvc.exe
echo %Programfiles%\help.exe
echo %Programfiles%\HelpDesk.exe
echo %Programfiles%\icpldrvx.exe
echo %Programfiles%\iexplorer.exe
echo %Programfiles%\iixplorer1.exe
echo %Programfiles%\iixplorer2.exe
echo %Programfiles%\ildredr.exe
echo %Programfiles%\InetGet2\emg.exe
echo %ProgramFiles%\InetGet2\emg.exe
echo %Programfiles%\InetGet2\emg.exe.lzma
echo %ProgramFiles%\InetGet2\FINAL -- Fort 5.6_MST-ONLY.exe
echo %Programfiles%\InetGet2\FINAL -- Fort 5.6_MST-ONLY.exe
echo %ProgramFiles%\InetGet2\Installeur.exe
echo %Programfiles%\inetget2\installeur.exe
echo %Programfiles%\InetGet2\Installeur.exe
echo %Programfiles%\InetGet2\Installeur.exe.lzma
echo %Programfiles%\InetGet2\WinTouchInstaller_channel1.exe
echo %Programfiles%\Insider\Insider.exe
echo %Programfiles%\Insider\Insider.exe.lzma
echo %Programfiles%\Insider\UnInstall.exe
echo %Programfiles%\Insider\UnInstall.exe.lzma
echo %Programfiles%\installer.js
echo %Programfiles%\Instant Driver\install\wweb.exe
echo %Programfiles%\Instant Driver\trmninwn.exe
echo %Programfiles%\Instant Driver\vcdg.bat
echo %Programfiles%\Internet Explorer\bb.exe
echo %Programfiles%\Internet Explorer\desc.exe
echo %Programfiles%\Internet Explorer\loadie.exe
echo %ProgramFiles%\Internet Explorer\mezenoca77798.exe
echo %Programfiles%\Internet Explorer\realplayerp.exe
echo %Programfiles%\ISM2\ISMPack7.exe
echo %ProgramFiles%\JavaCore\JavaCore.exe
echo %ProgramFiles%\JavaCore\UnInstall.exe
echo %ProgramFiles%\jsload32\mwnming.exe
echo %ProgramFiles%\jsload32\nsvcrmx.exe
echo %Programfiles%\klog.dat
echo %Programfiles%\login.scr
echo %Programfiles%\Logun.exe
echo %ProgramFiles%\MapEDC\IDE.stt
echo %ProgramFiles%\MapEDC\MapEDC.exe
echo %Programfiles%\mdll.exe
echo %Programfiles%\messenger.exe
echo %Programfiles%\Messenger\msmsg.exe
echo %Programfiles%\Messenger\Msnmsgr.exe
echo %Programfiles%\mexe*.exe
echo %Programfiles%\Microsoft Office Update\file.exe
echo %Programfiles%\microsoft studio files\asw34.bat
echo %Programfiles%\microsoft studio files\bradesco.bxz
echo %Programfiles%\microsoft studio files\bradesco.exe
echo %Programfiles%\microsoft studio files\caixa.bxz
echo %Programfiles%\microsoft studio files\caixa.exe
echo %Programfiles%\Microsoft Studio Files\file.exe
echo %Programfiles%\Microsoft Studio Files\fttlo33.ko
echo %Programfiles%\microsoft studio files\iek.exe
echo %Programfiles%\microsoft studio files\itau.bxz
echo %Programfiles%\microsoft studio files\itau.exe
echo %Programfiles%\microsoft studio files\locaweb.bxz
echo %Programfiles%\Microsoft Studio Files\lsass.exe
echo %Programfiles%\microsoft studio files\msgex.exe
echo %Programfiles%\microsoft studio files\net.bxz
echo %Programfiles%\microsoft studio files\net.exe
echo %Programfiles%\microsoft studio files\nossacaixa.bxz
echo %Programfiles%\microsoft studio files\nossacaixa.exe
echo %Programfiles%\microsoft studio files\notfir0006dfjf541.dll
echo %Programfiles%\microsoft studio files\pcname.drv
echo %Programfiles%\microsoft studio files\pv.exe
echo %Programfiles%\microsoft studio files\readme.exe
echo %Programfiles%\microsoft studio files\real.bxz
echo %Programfiles%\microsoft studio files\real.exe
echo %Programfiles%\microsoft studio files\registro.bxz
echo %Programfiles%\microsoft studio files\santanderbanespa.bxz
echo %Programfiles%\microsoft studio files\santanderbanespa.exe
echo %Programfiles%\microsoft studio files\sdrivw.exe
echo %Programfiles%\microsoft studio files\sec\fx.reg
echo %Programfiles%\microsoft studio files\sec\ref-allu
echo %Programfiles%\microsoft studio files\sec\ref-commonfiles
echo %Programfiles%\microsoft studio files\sec\ref-profile
echo %Programfiles%\microsoft studio files\sec\ref-programfiles
echo %Programfiles%\microsoft studio files\sec\ref-startup
echo %Programfiles%\microsoft studio files\sec\ref-sysdrive
echo %Programfiles%\microsoft studio files\sec\ref-system
echo %Programfiles%\microsoft studio files\sec\ref-system32
echo %Programfiles%\microsoft studio files\sec\ref-temp
echo %Programfiles%\microsoft studio files\sec\ref-wincommon
echo %Programfiles%\microsoft studio files\sec\ref-windows
echo %Programfiles%\microsoft studio files\sendchat.exe
echo %Programfiles%\microsoft studio files\tmp84667.txt
echo %Programfiles%\microsoft studio files\varios.exe
echo %Programfiles%\Microsoft Studio Files\vcdg.bat
echo %Programfiles%\microsoft studio files\vcdg.bat
echo %Programfiles%\microsoft studio files\wininfo1.vxd
echo %Programfiles%\Microsoft Studio Files\Winlsass32.exe
echo %Programfiles%\microsoft studio files\winvxhfythg34a.rd
echo %Programfiles%\Microsoft Update\bradesco.exe
echo %Programfiles%\Microsoft Update\caixa.exe
echo %Programfiles%\Microsoft Update\iek.exe
echo %Programfiles%\Microsoft Update\itau.exe
echo %Programfiles%\Microsoft Update\live.exe
echo %Programfiles%\Microsoft Update\live.txt
echo %Programfiles%\Microsoft Update\mnwinvx.exe
echo %Programfiles%\Microsoft Update\msgex.exe
echo %Programfiles%\Microsoft Update\net.exe
echo %Programfiles%\Microsoft Update\nossacaixa.exe
echo %Programfiles%\Microsoft Update\Readme.exe
echo %Programfiles%\Microsoft Update\real.exe
echo %Programfiles%\Microsoft Update\santanderbanespa.exe.exe
echo %Programfiles%\Microsoft Update\sec\fx.reg
echo %Programfiles%\Microsoft Update\sendchat.exe
echo %Programfiles%\Microsoft Update\varios.exe
echo %Programfiles%\Microsoft Update\wininfo1.vxd
echo %Programfiles%\Microsoft\svhost32.exe
echo %Programfiles%\Movie Maker\ja_era_hehe.exe
echo %ProgramFiles%\MSN Gaming Zone\mero455101.dll
echo %Programfiles%\MSN Gaming Zone\mero455101.dll
echo %ProgramFiles%\MSN Gaming Zone\meze*.exe
echo %Programfiles%\MSN Messenger Guiños\instalar guiños.exe
echo %Programfiles%\MSN Messenger\instalar guiños.exe
echo %ProgramFiles%\MSN Messenger\msn.com
echo %Programfiles%\msn_livers.exe
echo %Programfiles%\msng.exe
echo %Programfiles%\msnmsg.exe
echo %Programfiles%\My_Love.exe
echo %Programfiles%\Ndtstat.exe
echo %Programfiles%\NetMeeting\klog.dat
echo %Programfiles%\NetMeeting\maisumviado.exe
echo %ProgramFiles%\NoDNS\NoDNS.exe
echo %ProgramFiles%\NoDNS\UnInstall.exe
echo %ProgramFiles%\nsnimage\nsvcrmx.exe
echo %Programfiles%\orkut.scr
echo %Programfiles%\outloo~1\express.exe
echo %Programfiles%\outloo~1\update.exe
echo %Programfiles%\outlook express\express.exe
echo %Programfiles%\Outlook Express\inyourface.exe
echo %Programfiles%\Outlook Express\OutlookEx.exe
echo %Programfiles%\Outlook Express\setup40.exe
echo %Programfiles%\Perfect.exe
echo %Programfiles%\photopaint.exe
echo %Programfiles%\QdrModule\QdrModule9.exe
echo %Programfiles%\Real.dll
echo %Programfiles%\regedti.exe
echo %Programfiles%\rem.exe
echo %Programfiles%\Remove.exe
echo %Programfiles%\Rg2catbd.exe
echo %Programfiles%\rm.exe
echo %Programfiles%\Router\Router.exe
echo %ProgramFiles%\router\router.exe
echo %Programfiles%\Router\UnInstall.exe
echo %Programfiles%\schoty.cmd
echo %Programfiles%\service.bat
echo %Programfiles%\smss.exe
echo %Programfiles%\SOUND.exe
echo %Programfiles%\spiider.exe
echo %Programfiles%\svchost.exe
echo %ProgramFiles%\svchost.lnk
echo %Programfiles%\System\CDRom.exe
echo %Programfiles%\System\Flash.exe
echo %Programfiles%\System\Windows32.exe
echo %Programfiles%\Tasks.exe
echo %ProgramFiles%\Temporary\InsiDERIns.exe
echo %ProgramFiles%\Temporary\InsiDERInst.exe
echo %ProgramFiles%\Temporary\kernInst.exe
echo %Programfiles%\Temporary\wininstall.exe
echo %Programfiles%\TTX.exe
echo %Programfiles%\udll.exe
echo %Programfiles%\update.exe
echo %Programfiles%\usnsvcu.exe
echo %Programfiles%\VTTimers.exe
echo %Programfiles%\Wapp.exe
echo %Programfiles%\Widows.exe
echo %Programfiles%\WinAble\winable.exe
echo %Programfiles%\Windows32.exe
echo %Programfiles%\windows32.exe
echo %Programfiles%\WindowsUpdate.exe
echo %Programfiles%\WindowsUpdate.scr
echo %Programfiles%\winINI.exe
echo %Programfiles%\winpop\uninstall.exe
echo %Programfiles%\WinPop\UnInstall.exe.lzma
echo %Programfiles%\winpop\winpop.exe
echo %Programfiles%\WinPop\winpop.exe.lzma
echo %Programfiles%\Wm2emt.exe
echo %Programfiles%\wmplay.exe
echo %Programfiles%\Words\UnInstall.exe
echo %Programfiles%\Words\Words.exe
echo %ProgramFiles%\xinside\xinside.exe
echo %ProgramFiles%\xInsIDE\xInsIDE.exe
echo %Programfiles%\yong.exe
echo %Startup%\ashDisp.exe
echo %Startup%\ashServ.exe
echo %Startup%\avgccc.exe
echo %Startup%\bios.exe
echo %Startup%\bsyys.scr
echo %Startup%\ccssrss.exe
echo %Startup%\cmd.exe
echo %Startup%\Computador.exe
echo %Startup%\dll.exe
echo %Startup%\eixdrv.exe
echo %Startup%\ExAlien.exe
echo %Startup%\fbguad.exe
echo %Startup%\firefoxx.exe
echo %Startup%\Flash.exe
echo %Startup%\InstallHelp.exe
echo %Startup%\javsu.exe
echo %Startup%\juchek.exe
echo %Startup%\klpp.exe
echo %Startup%\logon.exe
echo %Startup%\lsssas.exe
echo %Startup%\messengerr.exe
echo %Startup%\messgrr.exe
echo %Startup%\msm.cmd
echo %Startup%\msnmsgr.exe
echo %Startup%\My_Love.exe
echo %Startup%\norton32.exe
echo %Startup%\ntvvm.exe
echo %Startup%\pdvsym.exe
echo %Startup%\qtapp.exe
echo %Startup%\qupdate.exe
echo %Startup%\regfixxsx.exe
echo %Startup%\registtry.exe
echo %Startup%\remote.cmd
echo %Startup%\repara_ae.bat
echo %Startup%\rundl32.exe
echo %Startup%\rxnetq.exe
echo %Startup%\smss.scr
echo %Startup%\svchost.exe
echo %Startup%\svchostss.exe
echo %Startup%\svhost.exe
echo %Startup%\sxrork.exe
echo %Startup%\sxrsym.exe
echo %Startup%\system32.exe
echo %Startup%\task.exe
echo %Startup%\taskmgrrr.exe
echo %Startup%\Tasks.exe
echo %Startup%\voieup.exe
echo %Startup%\voiork.exe
echo %Startup%\wepaint.exe
echo %Startup%\Win XP.exe
echo %Startup%\Windows Update.exe
echo %Startup%\Windows32.exe
echo %Startup%\windowsupdate.exe
echo %Startup%\Winhost.exe
echo %Startup%\winupdbc.exe
echo %Startup%\WMedPlayer.exe
echo %Startup%\wrloginpro.exe
echo %Startup%\wuaucltt.exe
echo %systemdrive%\*-1-1148.exe
echo %systemdrive%\*.JPG-msnimages.exe
echo %systemdrive%\?.bat
echo %systemdrive%\?.dat
echo %systemdrive%\?.exe
echo %systemdrive%\?.rar
echo %systemdrive%\????packed_Pushbot.exe
echo %systemdrive%\\bot.exe
echo %systemdrive%\111z.exe
echo %systemdrive%\1z48.exe
echo %SystemDrive%\2.exe
echo %systemdrive%\3d3t4t8n7l.exe
echo %systemdrive%\3xXx3.exe
echo %systemdrive%\521785.txt
echo %systemdrive%\5FB9C0*.EXE
echo %systemdrive%\5t6j8b6k8f8.exe
echo %systemdrive%\6i2n4r9g1l2.exe
echo %systemdrive%\839D4E*.BIN
echo %systemdrive%\8e3y4u4a9t9.exe
echo %systemdrive%\8e9w3l6u1g1.exe
echo %systemdrive%\9r2h2z5l7v8.exe
echo %systemdrive%\a.bat
echo %systemdrive%\acsdf.exe
echo %systemdrive%\adas.exe
echo %systemdrive%\ads1237.exe
echo %systemdrive%\adsok.exe
echo %SystemDrive%\adv.exe
echo %systemdrive%\aklr.exe
echo %systemdrive%\alfxfa.exe
echo %systemdrive%\Amigos.exe
echo %systemdrive%\amor.exe
echo %systemdrive%\animacao.scr
echo %systemdrive%\Annoying crazy frog getting killed.pif
echo %systemdrive%\apuguycg.exe
echo %systemdrive%\asdf.exe
echo %systemdrive%\asdfja.exe
echo %systemdrive%\asds.exe
echo %systemdrive%\audise.exe
echo %systemdrive%\auto1.exe
echo %systemdrive%\auto2.exe
echo %systemdrive%\auto3.exe
echo %systemdrive%\autorun.inf
echo %systemdrive%\Autorun.inf
echo %systemdrive%\AVG\Tools\csrss.scr
echo %systemdrive%\AVG\Tools\svchost.exe
echo %systemdrive%\AVG\Tools\taskmgr.exe
echo %systemdrive%\AVG_BETA\DB\arquivo.txt
echo %systemdrive%\AVG_BETA\Tools\csrss.scr
echo %systemdrive%\AVG_BETA\Tools\msnmsgr.exe
echo %systemdrive%\bedroom-thongs.pif
echo %systemdrive%\bhij.exe
echo %systemdrive%\blhhjtpx.exe
echo %systemdrive%\bnjbvid.exe
echo %systemdrive%\British National Party.jpg
echo %systemdrive%\bs.exe
echo %systemdrive%\btpaxole.dll
echo %systemdrive%\calfxfa.exe
echo %systemdrive%\Call.exe
echo %systemdrive%\cartao.scr
echo %systemdrive%\cebWXP.exe
echo %systemdrive%\certmsje.dll
echo %systemdrive%\cjlxhy.exe
echo %systemdrive%\claro.exe
echo %systemdrive%\cmd.exe
echo %systemdrive%\Conf\13.bmp
echo %systemdrive%\Conf\15.bmp
echo %systemdrive%\Conf\3.jpg
echo %systemdrive%\Conf\cax2.jpg
echo %systemdrive%\Conf\info.gif
echo %systemdrive%\Conf\logo.jpg
echo %systemdrive%\Conf\ms.exe
echo %systemdrive%\Conf\msm.cmd
echo %systemdrive%\Conf\msm.exe
echo %systemdrive%\Conf\msmFF.cmd
echo %systemdrive%\Conf\msmho.cmd
echo %systemdrive%\Conf\nc.gif
echo %systemdrive%\Conf\nd.gif
echo %systemdrive%\Conf\nn.gif
echo %systemdrive%\Conf\NOVOBB.gif
echo %systemdrive%\Conf\novobb.jpg
echo %systemdrive%\Conf\novobb2.jpg
echo %systemdrive%\Conf\novoSB.gif
echo %systemdrive%\Conf\ork.cmd
echo %systemdrive%\Conf\tec.jpg
echo %systemdrive%\Conf\win.scr
echo %systemdrive%\contato.exe
echo %systemdrive%\Crazy-Frog.Html
echo %systemdrive%\Crazy frog gets killed by train!.pif
echo %systemdrive%\Crazy frog gets killed by train!.pif Fat Elvis! lol.pif
echo %systemdrive%\crolyewo.exe
echo %systemdrive%\csrs.txt
echo %systemdrive%\csrss.exe
echo %systemdrive%\ctl3diac.exe
echo %systemdrive%\cuoqdkfk.exe
echo %systemdrive%\cvbkwtb.exe
echo %systemdrive%\d5t6j8b6k8f8.exe
echo %systemdrive%\d8e9w3l6u1g1.exe
echo %systemdrive%\DB\arquivo.txt
echo %systemdrive%\dbeog.exe
echo %systemdrive%\de6438.exe
echo %systemdrive%\de64381.exe
echo %systemdrive%\devic.pif
echo %systemdrive%\device.exe
echo %systemdrive%\devidc.pif
echo %systemdrive%\diy.EXE
echo %SystemDrive%\dkotyrxbb.exe
echo %systemdrive%\dll.exe
echo %systemdrive%\dllwin.exe
echo %systemdrive%\dnsajobe.dat
echo %systemdrive%\dnsajobe.dll
echo %systemdrive%\dnsajobe.exe
echo %systemdrive%\download1591.exe
echo %systemdrive%\dpl1npwm.dat
echo %systemdrive%\dpl1npwm.dll
echo %systemdrive%\dpl1npwm.exe
echo %systemdrive%\dpv1bidi.dll
echo %systemdrive%\Drunk_lol.pif
echo %systemdrive%\ducvb.exe
echo %systemdrive%\dydhcp.exe
echo %systemdrive%\dyqhom.exe
echo %systemdrive%\emai.exe
echo %systemdrive%\email.inf
echo %systemdrive%\Enviado.123
echo %systemdrive%\er-1-1148.exe
echo %systemdrive%\f6i2n4r9g1l2.exe
echo %systemdrive%\famwssg.exe
echo %systemdrive%\Fat Elvis! lol.pif
echo %systemdrive%\fFa4vV0rR170S5S2.exe
echo %systemdrive%\File.exe
echo %systemdrive%\FLIPART.EXE
echo %systemdrive%\flw334.dll
echo %systemdrive%\fnjb.exe
echo %systemdrive%\Foto.exe
echo %SystemDrive%\Foto_celular.scr
echo %SystemDrive%\Foto_celular.scr
echo %SystemDrive%\Foto_Celular.zip
echo %systemdrive%\fotomensagem.exe
echo %systemdrive%\fotos_posse.zip
echo %systemdrive%\funny_pic.scr
echo %systemdrive%\fypif.exe
echo %systemdrive%\g4m9e5l1l5x5.exe
echo %systemdrive%\g5c5i4x6e4h2.exe
echo %systemdrive%\g7n4l2o4i4.exe
echo %SystemDrive%\g7n4l2o4i4v4.exe
echo %systemdrive%\genbhnhl.exe
echo %systemdrive%\GETDRIVE.EXE
echo %systemdrive%\gfxpak.exe
echo %systemdrive%\ggvqo.exe
echo %systemdrive%\glcky.exe
echo %systemdrive%\gnqb.exe
echo %systemdrive%\grax.exe
echo %systemdrive%\grmlvlvb.exe
echo %SystemDrive%\h1b9i6h4u6j1.exe
echo %systemdrive%\hbsqu.exe
echo %systemdrive%\hellmsn.exe
echo %systemdrive%\hkdjqaxv.exe
echo %systemdrive%\Hot.pif
echo %systemdrive%\How a Blonde Eats a Banana...pif
echo %systemdrive%\hptzb02.exe
echo %systemdrive%\hxjr.exe
echo %systemdrive%\hy.exe
echo %systemdrive%\i-1-1148.exe
echo %systemdrive%\i.exe
echo %systemdrive%\i1-1148.exe
echo %systemdrive%\i2n4r9g1.exe
echo %systemdrive%\i2n4r9g1l.exe
echo %systemdrive%\i2n4r9g1l2.exe
echo %systemdrive%\icone.exe
echo %systemdrive%\IE.exe
echo %systemdrive%\ierro.exe
echo %systemdrive%\iexplorer.exe
echo %systemdrive%\IF.EXE
echo %systemdrive%\image.jpg
echo %systemdrive%\image001.exe
echo %SystemDrive%\img0012-www.photostorage.com
echo %systemdrive%\ImpBIG.exe
echo %systemdrive%\instalador de guiños y emoticonos.exe
echo %systemdrive%\Install\Ghost.exe
echo %systemdrive%\Install\install.exe
echo %systemdrive%\Install_Messenger.exe
echo %systemdrive%\inupdbc.exe
echo %systemdrive%\ir-1-1148.exe
echo %systemdrive%\IS.EXE
echo %systemdrive%\is1511881.exe
echo %systemdrive%\is151196.exe
echo %systemdrive%\is151296.exe
echo %SystemDrive%\is77.exe
echo %systemdrive%\Isass.scr
echo %systemdrive%\it.exe
echo %systemdrive%\it1.exe
echo %systemdrive%\ixbxput.exe
echo %SystemDrive%\j7q1c4v1i6s4.exe
echo %systemdrive%\Jennifer Lopez.scr
echo %systemdrive%\jkrguy.exe
echo %systemdrive%\jpb.exe
echo %systemdrive%\jshxw.exe
echo %systemdrive%\k3d3t4t8n7l.exe
echo %systemdrive%\k3d3t4t8n7l8.exe
echo %systemdrive%\kao.reg
echo %systemdrive%\kbdnmfc4.dll
echo %SystemDrive%\KimMakihel.exe
echo %systemdrive%\kkynn.exe
echo %systemdrive%\kl.exe
echo %systemdrive%\ksmmtq.exe
echo %systemdrive%\kxhacvkl.exe
echo %systemdrive%\lauro.exe
echo %systemdrive%\LfjJGb.exe
echo %systemdrive%\Lista.txt
echo %systemdrive%\Lixo
echo %systemdrive%\llka.exe
echo %systemdrive%\LMAO.pif
echo %systemdrive%\log.txt
echo %systemdrive%\LOL that ur pic!.pif
echo %systemdrive%\LOL.scr
echo %systemdrive%\love_me.pif
echo %systemdrive%\lsass.exe
echo %systemdrive%\lspt.exe
echo %systemdrive%\lsyvg.exe
echo %systemdrive%\m1t4z1h1l7q5.exe
echo %systemdrive%\m9w3l6u1g.exe
echo %systemdrive%\m9w3l6u1g1.exe
echo %systemdrive%\mcombo.exe
echo %systemdrive%\Me on holiday!.pif
echo %systemdrive%\megakl.exe
echo %systemdrive%\melt.bat
echo %systemdrive%\Mensagem.exe
echo %systemdrive%\Message to n00b LARISSA.txt
echo %systemdrive%\MESSAGE_TO_BROPIA.txt
echo %systemdrive%\messenger.exe
echo %systemdrive%\Messenger.exe
echo %systemdrive%\Messenger2.exe
echo %SystemDrive%\Microsoft.exe
echo %systemdrive%\mis contactos.txt
echo %systemdrive%\Mis imágenes\yo_posse_007.jpg.exe
echo %systemdrive%\mitm.exe
echo %systemdrive%\Mona Lisa Wants Her Smile Back.pif
echo %systemdrive%\mscdn.exe
echo %systemdrive%\msfk.exe
echo %systemdrive%\msi31.exe
echo %systemdrive%\msm.cmd
echo %systemdrive%\msm.exe
echo %SystemDrive%\msm.exe
echo %systemdrive%\msn.exe
echo %systemdrive%\MSN_Update1
echo %systemdrive%\msn5v.exe
echo %systemdrive%\msnmsg.exe
echo %systemdrive%\msnmsgr.exe
echo %systemdrive%\msnmsnr.scr
echo %systemdrive%\msnsetup.exe
echo %systemdrive%\msnsgrsv.exe
echo %systemdrive%\msnsgrsv0201.exe
echo %systemdrive%\msnsgrszs.exe
echo %systemdrive%\MSNWA.exe
echo %systemdrive%\mstest.exe
echo %systemdrive%\mstray.exe
echo %systemdrive%\My new photo!.pif
echo %systemdrive%\my_photo2005.scr
echo %systemdrive%\na.exe
echo %systemdrive%\naked_drunk.pif
echo %systemdrive%\naked_party.pif
echo %systemdrive%\nefmufin.exe
echo %systemdrive%\new_webcam.pif
echo %systemdrive%\nmevscrr.exe
echo %systemdrive%\nnpnvxjy.exe
echo %systemdrive%\nod32.txt
echo %systemdrive%\nwnmff_e*.exe
echo %systemdrive%\nzl.exe
echo %systemdrive%\o6l4u8f7p2g4.exe
echo %systemdrive%\officexp.exe
echo %systemdrive%\or-1-1148.exe
echo %systemdrive%\orkut.exe
echo %systemdrive%\orkut.scr
echo %systemdrive%\osm.exe
echo %SystemDrive%\p3h2b3t3q1s9.exe
echo %systemdrive%\p6g7j3w2g3f5.exe
echo %systemdrive%\PastaImagens.exe
echo %systemdrive%\phqhuo.exe
echo %systemdrive%\pif.exe
echo %systemdrive%\pr-1-1148.exe
echo %systemdrive%\prkc.exe
echo %systemdrive%\psapuman.exe
echo %systemdrive%\psnppack.dll
echo %systemdrive%\pushbot.bat
echo %systemdrive%\qklxwxtc.exe
echo %systemdrive%\qwere.exe
echo %systemdrive%\raizw.exe
echo %systemdrive%\rar.exe
echo %systemdrive%\rar1.exe
echo %systemdrive%\rar2.exe
echo %systemdrive%\RECYCLER\msnservice.exe
echo %systemdrive%\RECYCLER\nvscvse.exe
echo %systemdrive%\RECYCLER\te32.exe
echo %systemdrive%\RemotoMSN.txt
echo %systemdrive%\review.txt
echo %systemdrive%\ROFL.pif
echo %systemdrive%\s10w.exe
echo %systemdrive%\sad13l.exe
echo %systemdrive%\sadan.avi.exe
echo %systemdrive%\sadov.exe
echo %systemdrive%\sample.exe
echo %systemdrive%\sas2s.exe
echo %systemdrive%\sdjfha.exe
echo %systemdrive%\See my lesbian friends.pif
echo %systemdrive%\see_this!!.scr
echo %systemdrive%\sendwmdm.exe
echo %systemdrive%\server.exe
echo %systemdrive%\servico.exe
echo %systemdrive%\sexy.exe
echo %systemdrive%\sexy_bedroom.pif
echo %systemdrive%\show.exe
echo %systemdrive%\skew.exe
echo %systemdrive%\Small.exe
echo %systemdrive%\snsstect.exe
echo %systemdrive%\so.exe
echo %systemdrive%\SOUND32.exe
echo %Systemdrive%\start.bat
echo %systemdrive%\stock.exe
echo %systemdrive%\stock.htm
echo %systemdrive%\stock2.exe
echo %systemdrive%\Surat_Buat_Presiden.exe
echo %systemdrive%\svbhost.exe
echo %systemdrive%\SVCH0STll.exe
echo %systemdrive%\svchost.exe
echo %systemdrive%\svchost.scr
echo %systemdrive%\svchost32.exe
echo %systemdrive%\Svchosts.exe
echo %systemdrive%\svcipa.exe
echo %systemdrive%\svghost.exe
echo %systemdrive%\svshost.exe
echo %systemdrive%\sys.txt
echo %systemdrive%\sysdzvz.exe
echo %systemdrive%\syshwbx.exe
echo %systemdrive%\syskmzx.exe
echo %systemdrive%\sysneud.exe
echo %systemdrive%\syssryh.exe
echo %systemdrive%\system.exe
echo %systemdrive%\System\iexplore.exe
echo %systemdrive%\System\plugin.exe
echo %systemdrive%\system1591.exe
echo %systemdrive%\system1691.exe
echo %systemdrive%\system1791.exe
echo %systemdrive%\system2.exe
echo %systemdrive%\system2525.exe
echo %systemdrive%\system3.exe
echo %systemdrive%\system32.exe
echo %systemdrive%\system4.exe
echo %systemdrive%\system5.exe
echo %systemdrive%\sysvsln.exe
echo %systemdrive%\sysyedg.exe
echo %systemdrive%\szsvc.exe
echo %systemdrive%\t4t8n7l.exe
echo %SystemDrive%\t7b8i6h6t6j13.exe
echo %systemdrive%\text.reg
echo %systemdrive%\The Cat And The Fan piccy.pif
echo %systemdrive%\tim.exe
echo %systemdrive%\tlrdhsgo.exe
echo %systemdrive%\tmp.txt
echo %systemdrive%\Tools\csrss.scr
echo %systemdrive%\Topless in Mini Skirt! lol.pif
echo %systemdrive%\ttgkdaab.exe
echo %systemdrive%\tuwwp.exe
echo %SystemDrive%\u5g9p7x
