High-Tech Santé Médecine Droit-Finances

Bien choisir

son appareil photo

Rechercher : dans
Par :

Trop dur pour nous

Dernière réponse le 2 jan 2009 à 14:42:49 brm, le 31 déc 2008 à 14:20:30 
 Signaler ce message aux modérateurs

Bonjour,

Histoire de bien finir l année, nous nous sommes vu méchamment infectés.
Premiers signes: un explorateur net qui vous redirige à loisir + malwarebytes, spybot, ad aware inopérants (impossibles à lancer)
Après bien des efforts, un passage sous f-prot et elistarA a permis de récupérer les fonctionnalités de malwarebytes et spy bot. ad aware se mets aussi à jour. néanmoins, après désinfection, le pc est extrêmement lent. d'après nos recherches, il semblerait que nous étions infectés par "fakealert" qui se manifeste sous des entrées "tdss".
Tous les fichiers tdss on été éliminés manuellement du système, mais après une ballade dans les clefs de registres, il reste des entrées.

aujourd'hui malwarebyte, spybot, elistarA, f-prot ,avast, bit defender scan online ne trouvent rien (le tout MAJ). seul ad-aware trouve "fakealert" sans pouvoir l éliminer.

Aidez moi, obiwan kenobi, vous êtes notre seul espoir^^
Merci à ceux qui se pencheront sur notre problème, et bonnes fêtes a tous

Configuration: Windows XP
Firefox 2.0.0.20

Meilleures réponses pour « trop dur pour nous » dans :
Disque dur Voir Le rôle du disque dur Le disque dur est l'organe servant à conserver les données de manière permanente, contrairement à la mémoire vive, qui s'efface à chaque redémarrage de l'ordinateur, c'est la raison pour laquelle on parle parfois de mémoire...
Partition - Partitionnement d'un disque dur Voir Qu'est-ce qu'une partition? Le partitionnement d'un disque dur se fait après le formatage physique de celui-ci et avant le formatage logique. Il consiste à créer des zones sur le disque dont les données ne seront pas mélangées. Cela sert par...
Formatage - Formater un disque dur Voir Avant de vouloir comprendre ce qu'est le formatage, il est essentiel de connaître le fonctionnement d'un disque dur. Beaucoup de personne ne distinguent pas le formatage de bas niveau (appelé aussi formatage physique) et le formatage de haut...
Défragmenter son disque dur Voir
Disque dur externe USB non reconnu sous Windows VoirSi Windows ne reconnaît pas votre disque dur externe, veuillez vérifier les points suivants : Dans le panneau de configuration : Double-cliquer sur Outils d'administration, Cliquer sur Gestion de l'ordinateur Cliquer sur Gestion des...
Numériser ses cassettes audio ou vinyles sur CD ou disque dur VoirComment transférer le contenu d'une cassette audio ou d'un vinyle vers son disque dur ? Comment graver sur CD ses vieux vinyles et cassettes ? Cet article vous présente le matériel et les logiciels nécessaires pour y remédier : I....
Histoire du disque dur VoirL'histoire du disque dur Le premier disque dur a été inventé au début en 1956, sur demande de l'US Air Force, par la firme IBM. Il s'agit du Ramac 305 (Random Access Method of Accounting and Control), un ensemble de 50 disques en aluminium de 61...
Disque dur SSD VoirDisque dur SSD La mémoire flash peut remplacer dans certains cas un disque dur. On parle dans ce cas de disques SSD (Solid State Drive). La traduction en lecteur à état solide fait référence aux composants électroniques dont il est constitué, par...
Posez votre question Répondre

1

V-X, le 31 déc 2008 à 14:22:15

Salut,

Ok jeune padawan....

▶ Télécharge hijackthis

▶ Enregistre la cible sous .... "le bureau"

▶ Fais un double-clic sur "HJTInstall.exe" afin de lancer l'installation

▶ Clique sur Install ensuite sur "I Accept"

▶ Clique sur" Do a scan system and save log file"

▶ Le bloc-notes s'ouvrira, fais un copier-coller de tout son contenu ici dans ta prochaine réponse

Tuto hijackthis(Merci à Balltrap34)

Si un rapport ne passe pas faire une alerte à la conciergerie avec le /!\ jaune.

   
Répondre à V-X

2

brm, le 31 déc 2008 à 14:26:33

Merci pour cette réponse aussi rapide :)



Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:24:56, on 31/12/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Archivos de programa\Alwil Software\Avast4\aswUpdSv.exe
C:\Archivos de programa\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\ARCHIV~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Archivos de programa\Google\Google Desktop Search\GoogleDesktop.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Archivos de programa\Messenger\msmsgs.exe
C:\Archivos de programa\Logitech\SetPoint\SetPoint.exe
C:\Archivos de programa\Archivos comunes\Logitech\KhalShared\KHALMNPR.EXE
C:\Archivos de programa\Google\Google Desktop Search\GoogleDesktop.exe
C:\Archivos de programa\Archivos comunes\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Archivos de programa\Bonjour\mDNSResponder.exe
C:\Archivos de programa\FRISK Software\F-PROT Antivirus for Windows\FPAVServer.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Archivos de programa\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\Archivos de programa\Alwil Software\Avast4\ashMaiSv.exe
C:\Archivos de programa\Alwil Software\Avast4\ashWebSv.exe
C:\Archivos de programa\Mozilla Firefox\firefox.exe
C:\Archivos de programa\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.es
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Vínculos
O2 - BHO: (no name) - {568DF331-063E-46AF-BA3D-FEE69B4399A3} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Archivos de programa\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Archivos de programa\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Archivos de programa\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [avast!] C:\ARCHIV~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [EPSON Stylus DX3800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE /P26 "EPSON Stylus DX3800 Series" /O6 "USB002" /M "Stylus DX3800"
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Archivos de programa\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Archivos de programa\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICIO LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Servicio de red')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Archivos de programa\Archivos comunes\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Archivos de programa\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\ARCHIV~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Archivos de programa\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Consola de Sun Java - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Archivos de programa\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARCHIV~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Archivos de programa\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Archivos de programa\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Archivos de programa\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.es/scan_es/scan8/oscan8.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{4CF633FC-A68E-481D-BEFF-4830010AD862}: NameServer = 62.14.63.145,62.14.2.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{4CF633FC-A68E-481D-BEFF-4830010AD862}: NameServer = 62.14.63.145,62.14.2.1
O17 - HKLM\System\CS3\Services\Tcpip\..\{4CF633FC-A68E-481D-BEFF-4830010AD862}: NameServer = 62.14.63.145,62.14.2.1
O20 - AppInit_DLLs: C:\ARCHIV~1\Google\GOOGLE~1\GOEC62~1.DLL wgpfaf.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Archivos de programa\Archivos comunes\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Archivos de programa\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Archivos de programa\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Archivos de programa\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Archivos de programa\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Servicio Bonjour (Bonjour Service) - Apple Inc. - C:\Archivos de programa\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Archivos de programa\Archivos comunes\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: F-PROT Antivirus for Windows system (FPAVServer) - FRISK Software International - C:\Archivos de programa\FRISK Software\F-PROT Antivirus for Windows\FPAVServer.exe
O23 - Service: Administrador de Google Desktop 5.7.802.22438 (GoogleDesktopManager-022208-143751) - Google - C:\Archivos de programa\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Archivos de programa\Archivos comunes\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Servicio del iPod (iPod Service) - Apple Inc. - C:\Archivos de programa\iPod\bin\iPodService.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Archivos de programa\ma-config.com\maconfservice.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Archivos de programa\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
End of file - 8770 bytes

   
Répondre à brm

3

V-X, le 31 déc 2008 à 14:29:59

Re,

▶ Télécharge random's system information tool (RSIT) et enregistre le sur ton bureau.

▶ Double clique sur RSIT.exe pour lancer l'outil.

▶ Clique sur ' continue ' à l'écran Disclaimer.

Si l'outil HIjackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera et tu devras accepter la licence.

▶ Une fois le scan fini , 2 rapports vont apparaitre. Poste le contenu des 2 rapports
( log.txt & info.txt )

(CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )

Si un rapport ne passe pas faire une alerte à la conciergerie avec le /!\ jaune.

+

Télécharge Rooter de l'équipe IDN

Sur ton bureau

/!\ Déconnecte toi d'internet et ferme toutes applications en cours /!\

▶ Exécute Rooter et laisse travailler l'outil .

▶ Une fois terminé, poste le rapport obtenu pour analyse

Si un rapport ne passe pas faire une alerte à la conciergerie avec le /!\ jaune.

   
Répondre à V-X

4

brm, le 31 déc 2008 à 14:35:16

Log.txt:

Logfile of random's system information tool 1.05 (written by random/random)
Run by principal at 2008-12-31 14:33:17
Microsoft Windows XP Professional Service Pack 3
System drive C: has 78 GB (40%) free of 194 GB
Total RAM: 2047 MB (73% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:33:32, on 31/12/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Archivos de programa\Alwil Software\Avast4\aswUpdSv.exe
C:\Archivos de programa\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\ARCHIV~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Archivos de programa\Google\Google Desktop Search\GoogleDesktop.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Archivos de programa\Messenger\msmsgs.exe
C:\Archivos de programa\Logitech\SetPoint\SetPoint.exe
C:\Archivos de programa\Archivos comunes\Logitech\KhalShared\KHALMNPR.EXE
C:\Archivos de programa\Google\Google Desktop Search\GoogleDesktop.exe
C:\Archivos de programa\Archivos comunes\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Archivos de programa\Bonjour\mDNSResponder.exe
C:\Archivos de programa\FRISK Software\F-PROT Antivirus for Windows\FPAVServer.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Archivos de programa\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\Archivos de programa\Alwil Software\Avast4\ashMaiSv.exe
C:\Archivos de programa\Alwil Software\Avast4\ashWebSv.exe
C:\Archivos de programa\Mozilla Firefox\firefox.exe
C:\Documents and Settings\principal\Escritorio\Tampon\RSIT.exe
C:\Archivos de programa\Trend Micro\HijackThis\principal.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.es
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Vínculos
O2 - BHO: (no name) - {568DF331-063E-46AF-BA3D-FEE69B4399A3} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Archivos de programa\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Archivos de programa\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Archivos de programa\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [avast!] C:\ARCHIV~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [EPSON Stylus DX3800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE /P26 "EPSON Stylus DX3800 Series" /O6 "USB002" /M "Stylus DX3800"
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Archivos de programa\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Archivos de programa\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICIO LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Servicio de red')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Archivos de programa\Archivos comunes\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Archivos de programa\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\ARCHIV~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Archivos de programa\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Consola de Sun Java - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Archivos de programa\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARCHIV~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Archivos de programa\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Archivos de programa\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Archivos de programa\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.es/scan_es/scan8/oscan8.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{4CF633FC-A68E-481D-BEFF-4830010AD862}: NameServer = 62.14.63.145,62.14.2.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{4CF633FC-A68E-481D-BEFF-4830010AD862}: NameServer = 62.14.63.145,62.14.2.1
O17 - HKLM\System\CS3\Services\Tcpip\..\{4CF633FC-A68E-481D-BEFF-4830010AD862}: NameServer = 62.14.63.145,62.14.2.1
O20 - AppInit_DLLs: C:\ARCHIV~1\Google\GOOGLE~1\GOEC62~1.DLL wgpfaf.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Archivos de programa\Archivos comunes\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Archivos de programa\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Archivos de programa\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Archivos de programa\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Archivos de programa\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Servicio Bonjour (Bonjour Service) - Apple Inc. - C:\Archivos de programa\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Archivos de programa\Archivos comunes\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: F-PROT Antivirus for Windows system (FPAVServer) - FRISK Software International - C:\Archivos de programa\FRISK Software\F-PROT Antivirus for Windows\FPAVServer.exe
O23 - Service: Administrador de Google Desktop 5.7.802.22438 (GoogleDesktopManager-022208-143751) - Google - C:\Archivos de programa\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Archivos de programa\Archivos comunes\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Servicio del iPod (iPod Service) - Apple Inc. - C:\Archivos de programa\iPod\bin\iPodService.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Archivos de programa\ma-config.com\maconfservice.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Archivos de programa\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
End of file - 8833 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\Maintenance en 1 clic.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{568DF331-063E-46AF-BA3D-FEE69B4399A3}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Archivos de programa\Java\jre1.6.0_03\bin\ssv.dll [2007-09-25 501136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}]
EpsonToolBandKicker Class - C:\Archivos de programa\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-21 368640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EE5D279F-081B-4404-994D-C6B60AAEBA6D} - EPSON Web-To-Page - C:\Archivos de programa\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-21 368640]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avast!"=C:\ARCHIV~1\ALWILS~1\Avast4\ashDisp.exe [2008-11-26 81000]
"IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-20 208952]
"MSPY2002"=C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [2004-08-20 59392]
"PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-20 455168]
"PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-20 455168]
"EPSON Stylus DX3800 Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE [2005-02-08 98304]
"Logitech Hardware Abstraction Layer"=C:\WINDOWS\KHALMNPR.EXE [2007-04-11 56080]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-09-17 13574144]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2008-09-17 86016]
"Google Desktop Search"=C:\Archivos de programa\Google\Google Desktop Search\GoogleDesktop.exe [2008-03-31 29744]
"MSConfig"=C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe [2008-04-14 171520]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"MSMSGS"=C:\Archivos de programa\Messenger\msmsgs.exe [2008-04-14 1695232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\F-PROT Antivirus Tray application]
C:\Archivos de programa\FRISK Software\F-PROT Antivirus for Windows\FProtTray.exe [2008-04-21 1597832]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
C:\Archivos de programa\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"ose"=3
"odserv"=3
"ATI Smart"=2
"Ati HotKey Poller"=2
"aawservice"=2

C:\Documents and Settings\All Users\Menú Inicio\Programas\Inicio
Adobe Gamma Loader.lnk - C:\Archivos de programa\Archivos comunes\Adobe\Calibration\Adobe Gamma Loader.exe
Logitech SetPoint.lnk - C:\Archivos de programa\Logitech\SetPoint\SetPoint.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\ARCHIV~1\Google\GOOGLE~1\GOEC62~1.DLL wgpfaf.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\FPAVServer]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\FPAVServer]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WdfLoadGroup]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Archivos de programa\eMule\eMule.exe"="C:\Archivos de programa\eMule\eMule.exe:*:Enabled:eMule Plus"
"C:\Archivos de programa\Nero\Nero 7\Nero Home\NeroHome.exe"="C:\Archivos de programa\Nero\Nero 7\Nero Home\NeroHome.exe:*:Disabled:Nero Home"
"C:\Archivos de programa\America's Army\System\ArmyOps.exe"="C:\Archivos de programa\America's Army\System\ArmyOps.exe:*:Enabled:ArmyOps"
"C:\Archivos de programa\NCsoft\Exteel\System\Exteel.exe"="C:\Archivos de programa\NCsoft\Exteel\System\Exteel.exe:*:Enabled:Exteel"
"C:\Archivos de programa\Winamp\winamp.exe"="C:\Archivos de programa\Winamp\winamp.exe:*:Enabled:Winamp"
"C:\Archivos de programa\Sony\Station\LaunchPad\LaunchPad.exe"="C:\Archivos de programa\Sony\Station\LaunchPad\LaunchPad.exe:*:Enabled:LaunchPad"
"C:\WINDOWS\system32\dpnsvr.exe"="C:\WINDOWS\system32\dpnsvr.exe:*:Enabled:Microsoft DirectPlay8 Server"
"C:\Archivos de programa\Flying Lab Software\Pirates of the Burning Sea\PlayPOTBS.exe"="C:\Archivos de programa\Flying Lab Software\Pirates of the Burning Sea\PlayPOTBS.exe:*:Enabled:Pirates of the Burning Sea"
"C:\Archivos de programa\SopCast\SopCast.exe"="C:\Archivos de programa\SopCast\SopCast.exe:*:Enabled:SopCast Main Application"
"C:\Archivos de programa\SopCast\sopvod.exe"="C:\Archivos de programa\SopCast\sopvod.exe:*:Disabled:sopvod"
"C:\Archivos de programa\SopCast\adv\SopAdver.exe"="C:\Archivos de programa\SopCast\adv\SopAdver.exe:*:Disabled:SopCast Adver"
"C:\Archivos de programa\AeriaGames\Project Torque\ProjectTorque.bin"="C:\Archivos de programa\AeriaGames\Project Torque\ProjectTorque.bin:*:Enabled:Project Torque"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Disabled:Microsoft DirectPlay Voice Test"
"C:\Archivos de programa\EA GAMES\Battlefield 2\BF2.exe"="C:\Archivos de programa\EA GAMES\Battlefield 2\BF2.exe:*:Enabled:Battlefield 2"
"C:\Archivos de programa\Sierra\SWAT 4\Content\System\Swat4.exe"="C:\Archivos de programa\Sierra\SWAT 4\Content\System\Swat4.exe:*:Enabled:SWAT 4"
"C:\Archivos de programa\Red Storm Entertainment\RavenShield\system\RavenShield.exe"="C:\Archivos de programa\Red Storm Entertainment\RavenShield\system\RavenShield.exe:*:Enabled:RavenShield"
"C:\Archivos de programa\Red Storm Entertainment\RavenShield\system\UCC.exe"="C:\Archivos de programa\Red Storm Entertainment\RavenShield\system\UCC.exe:*:Enabled:UCC"
"C:\Program Files\Vietcong\vietcong.exe"="C:\Program Files\Vietcong\vietcong.exe:*:Enabled:vietcong"
"C:\Archivos de programa\Veoh Networks\Veoh\VeohClient.exe"="C:\Archivos de programa\Veoh Networks\Veoh\VeohClient.exe:*:Enabled:Veoh Client"
"C:\Archivos de programa\The Game Creators\FPS Creator\FPSC-Game.exe"="C:\Archivos de programa\The Game Creators\FPS Creator\FPSC-Game.exe:*:Enabled:FPSC Game"
"C:\Archivos de programa\EA GAMES\Battlefield Vietnam\BfVietnam.exe"="C:\Archivos de programa\EA GAMES\Battlefield Vietnam\BfVietnam.exe:*:Enabled:BfVietnam"
"C:\Archivos de programa\CyberLink\PowerCinema\PowerCinema.exe"="C:\Archivos de programa\CyberLink\PowerCinema\PowerCinema.exe:*:Enabled:PowerCinema"
"C:\Archivos de programa\THQ\Dawn of War - Soulstorm\Soulstorm.exe"="C:\Archivos de programa\THQ\Dawn of War - Soulstorm\Soulstorm.exe:*:Enabled:Soulstorm"
"C:\Archivos de programa\StarWarsGalaxies\SwgClient_r.exe"="C:\Archivos de programa\StarWarsGalaxies\SwgClient_r.exe:*:Enabled:SwgClient_r"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Archivos de programa\Bonjour\mDNSResponder.exe"="C:\Archivos de programa\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Archivos de programa\iTunes\iTunes.exe"="C:\Archivos de programa\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Archivos de programa\Windows Live\Messenger\msnmsgr.exe"="C:\Archivos de programa\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Archivos de programa\Windows Live\Messenger\livecall.exe"="C:\Archivos de programa\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\Archivos de programa\ma-config.com\maconfservice.exe"="C:\Archivos de programa\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice"
"C:\Archivos de programa\Ubisoft\Far Cry 2\bin\FarCry2.exe"="C:\Archivos de programa\Ubisoft\Far Cry 2\bin\FarCry2.exe:*:Enabled:Far Cry 2"
"C:\Archivos de programa\Ubisoft\Far Cry 2\bin\FC2Launcher.exe"="C:\Archivos de programa\Ubisoft\Far Cry 2\bin\FC2Launcher.exe:*:Enabled:Far Cry 2 Updater"
"C:\Archivos de programa\Ubisoft\Far Cry 2\bin\FC2Editor.exe"="C:\Archivos de programa\Ubisoft\Far Cry 2\bin\FC2Editor.exe:*:Enabled:Editor"
"C:\Archivos de programa\Lphant\eLePhantClient.exe"="C:\Archivos de programa\Lphant\eLePhantClient.exe:*:Enabled:Lphant"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Archivos de programa\NCsoft\Exteel\System\Exteel.exe"="C:\Archivos de programa\NCsoft\Exteel\System\Exteel.exe:*:Enabled:Exteel"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Archivos de programa\Windows Live\Messenger\msnmsgr.exe"="C:\Archivos de programa\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Archivos de programa\Windows Live\Messenger\livecall.exe"="C:\Archivos de programa\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

======File associations======

.js - open - %SystemRoot%\System32\CScript.exe "%1" %*
.txt - open - Notepad.exe "%1"
.vbs - open - %SystemRoot%\System32\CScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2008-12-31 14:33:17 ----D---- C:\rsit
2008-12-31 14:24:25 ----D---- C:\Archivos de programa\Trend Micro
2008-12-31 13:05:37 ----D---- C:\WINDOWS\BDOSCAN8
2008-12-31 13:05:35 ----D---- C:\WINDOWS\LastGood
2008-12-30 14:01:08 ----A---- C:\InfoSat.txt
2008-12-30 12:50:59 ----D---- C:\Documents and Settings\principal\Datos de programa\FRISK Software
2008-12-30 12:28:23 ----SHD---- C:\Config.Msi
2008-12-30 12:28:19 ----D---- C:\WINDOWS\484E1A3C94D942309AE4467EE6B40180.TMP
2008-12-30 12:18:56 ----D---- C:\Documents and Settings\All Users\Datos de programa\FRISK Software
2008-12-30 12:18:55 ----D---- C:\Archivos de programa\FRISK Software
2008-12-30 11:56:54 ----D---- C:\WINDOWS\system32\Kaspersky Lab
2008-12-30 11:19:23 ----D---- C:\Archivos de programa\Panda Security
2008-12-28 22:16:46 ----D---- C:\Documents and Settings\All Users\Datos de programa\Spybot - Search & Destroy
2008-12-28 22:16:46 ----D---- C:\Archivos de programa\Spybot - Search & Destroy
2008-12-28 21:48:38 ----D---- C:\Archivos de programa\Malwarebytes' Anti-Malware
2008-12-28 14:38:56 ----D---- C:\Documents and Settings\principal\Datos de programa\Desktopicon
2008-12-28 14:38:31 ----D---- C:\Archivos de programa\DsNET Corp
2008-12-28 14:24:52 ----A---- C:\WINDOWS\Applian FLV Player Uninstall Log.txt
2008-12-28 14:16:26 ----D---- C:\WINDOWS\Applian FLV Player
2008-12-28 14:15:28 ----A---- C:\WINDOWS\Applian FLV Player Setup Log.txt
2008-12-27 10:39:25 ----D---- C:\Documents and Settings\All Users\Datos de programa\2DBoy
2008-12-27 10:39:00 ----D---- C:\Archivos de programa\WorldOfGooDemo
2008-12-25 23:55:27 ----A---- C:\WINDOWS\system32\mpg4c32.dll
2008-12-25 23:55:04 ----A---- C:\WINDOWS\system32\mfc70.dll
2008-12-25 23:55:02 ----D---- C:\Archivos de programa\Game Cam
2008-12-18 20:22:26 ----HDC---- C:\WINDOWS\$NtUninstallKB960714$
2008-12-14 23:18:51 ----D---- C:\Documents and Settings\principal\Datos de programa\Malwarebytes
2008-12-14 23:18:38 ----D---- C:\Documents and Settings\All Users\Datos de programa\Malwarebytes
2008-12-14 23:12:02 ----D---- C:\WINDOWS\ERDNT
2008-12-14 23:12:02 ----D---- C:\Qoobox
2008-12-14 23:12:00 ----D---- C:\ComboFix
2008-12-14 19:17:34 ----A---- C:\WINDOWS\system32\fbb2bb70-.txt
2008-12-13 12:58:20 ----D---- C:\sorr
2008-12-12 00:39:25 ----HDC---- C:\WINDOWS\$NtUninstallKB955839$
2008-12-12 00:39:13 ----HDC---- C:\WINDOWS\$NtUninstallKB958215$
2008-12-12 00:37:58 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2008-12-12 00:37:54 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$
2008-12-12 00:37:45 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$

======List of files/folders modified in the last 1 months======

2008-12-31 14:33:25 ----D---- C:\WINDOWS\Prefetch
2008-12-31 14:24:25 ----RD---- C:\Archivos de programa
2008-12-31 14:22:25 ----D---- C:\Archivos de programa\Mozilla Firefox
2008-12-31 13:05:41 ----SD---- C:\WINDOWS\Downloaded Program Files
2008-12-31 13:05:38 ----D---- C:\WINDOWS
2008-12-31 13:05:37 ----D---- C:\WINDOWS\inf
2008-12-31 13:05:35 ----D---- C:\WINDOWS\system32\CatRoot2
2008-12-31 11:02:08 ----D---- C:\WINDOWS\system32\drivers
2008-12-31 10:35:54 ----D---- C:\WINDOWS\Temp
2008-12-31 10:32:58 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-12-31 10:32:41 ----RSH---- C:\boot.ini
2008-12-31 10:32:41 ----A---- C:\WINDOWS\win.ini
2008-12-31 10:32:41 ----A---- C:\WINDOWS\system.ini
2008-12-31 05:11:39 ----D---- C:\WINDOWS\system32
2008-12-31 02:01:58 ----A---- C:\WINDOWS\ntbtlog.txt
2008-12-30 15:16:34 ----SD---- C:\WINDOWS\Tasks
2008-12-30 14:06:00 ----D---- C:\Archivos de programa\JkDefragGUI
2008-12-30 12:46:47 ----SHD---- C:\WINDOWS\Installer
2008-12-30 12:46:47 ----DC---- C:\WINDOWS\system32\DRVSTORE
2008-12-28 20:53:25 ----SHD---- C:\WINDOWS\CSC
2008-12-28 15:41:37 ----A---- C:\WINDOWS\NeroDigital.ini
2008-12-28 12:58:45 ----SHD---- C:\System Volume Information
2008-12-28 12:43:23 ----D---- C:\Documents and Settings\principal\Datos de programa\Adobe
2008-12-28 06:16:34 ----D---- C:\Archivos de programa\StarWarsGalaxies
2008-12-28 04:32:14 ----D---- C:\Documents and Settings\principal\Datos de programa\Hamachi
2008-12-25 23:55:02 ----HD---- C:\Archivos de programa\InstallShield Installation Information
2008-12-18 20:22:30 ----RSHDC---- C:\WINDOWS\system32\dllcache
2008-12-18 20:21:57 ----HD---- C:\WINDOWS\$hf_mig$
2008-12-15 21:43:11 ----D---- C:\Archivos de programa\DivX
2008-12-12 18:02:14 ----A---- C:\WINDOWS\system32\mshtml.dll
2008-12-12 00:39:28 ----A---- C:\WINDOWS\imsins.BAK
2008-12-10 00:24:37 ----A---- C:\WINDOWS\system32\MRT.exe
2008-12-06 17:44:54 ----D---- C:\Archivos de programa\SystemRequirementsLab
2008-12-06 17:40:28 ----D---- C:\Documents and Settings\All Users\Datos de programa\ma-config.com

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2008-11-26 26944]
R1 ASPI32;ASPI32; C:\WINDOWS\system32\drivers\ASPI32.sys [2007-02-06 16512]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2008-11-26 111184]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2008-11-26 50864]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-11-26 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2008-11-26 94032]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2007-12-06 278728]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2007-12-06 25416]
R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2002-04-01 4816]
R3 Afc;PPdus ASPI Shell; C:\WINDOWS\system32\drivers\Afc.sys [2006-11-10 18688]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2008-11-26 23152]
R3 GEARAspiWDM;GEARAspiWDM; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2008-01-29 16168]
R3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2008-06-23 25280]
R3 hidusb;Controlador de clases HID de Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 L8042Kbd;Logitech SetPoint Keyboard Driver; C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys [2007-04-11 20496]
R3 L8042mou;SetPoint PS/2 Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\L8042mou.Sys [2007-04-11 63248]
R3 LMouKE;SetPoint Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouKE.Sys [2007-04-11 79376]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-09-17 6132576]
R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2007-10-18 47360]
R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2003-07-15 578368]
R3 usbaudio;Controlador de audio USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
R3 usbccgp;Controlador primario genérico USB de Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Controlador minipuerto de la controladora mejorada USB 2.0 de Microsoft; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Concentrador habilitado USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Controlador minipuerto de la controladora de host universal USB de Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Gigabit Ethernet Adapter; C:\WINDOWS\system32\DRIVERS\yukonwxp.sys [2003-11-10 174464]
S1 ATITool;ATITool Overclocking Utility; C:\WINDOWS\system32\DRIVERS\ATITool.sys [2006-11-10 24064]
S1 InCDPass;InCDPass; C:\WINDOWS\system32\drivers\InCDPass.sys []
S1 InCDRm;InCD Reader; C:\WINDOWS\system32\drivers\InCDRm.sys []
S1 kbdhid;Controlador HID de teclado; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
S3 a7ermfkj;a7ermfkj; C:\WINDOWS\system32\drivers\a7ermfkj.sys []
S3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2007-08-07 4108992]
S3 CCDECODE;Descodificador de título cerrado; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 driverhardwarev2;driverhardwarev2; \??\C:\Archivos de programa\ma-config.com\Drivers\driverhardwarev2.sys []
S3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys [2007-04-11 34832]
S3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys [2007-04-11 36112]
S3 MCU3000;ASUS My Cinema-U3000; C:\WINDOWS\System32\Drivers\mcu3000.sys []
S3 MidiSyn;MidiSyn; C:\WINDOWS\system32\drivers\MidiSyn.sys []
S3 mouhid;Controlador HID de mouse; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-22 12416]
S3 MPE;Filtro MPE de BDA; C:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-13 15232]
S3 MSTEE;Convertidor Tee/Sink-to-Sink de transferencia de Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;Códec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Conexión de TV/Vídeo de Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 ovt519;D-Link VGA Webcam; C:\WINDOWS\System32\Drivers\ov519vid.sys [2003-10-15 174530]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 SONYPVU1;Controlador de filtro USB de Sony (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 streamip;Receptor BDA IP; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbprint;Clase de impresora USB de Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Controlador de escáner USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Dispositivo de almacenamiento masivo de datos USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
S3 WSTCODEC;Códec de teletexto estándar mundial; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 InCDFs;InCD File System; C:\WINDOWS\system32\drivers\InCDFs.sys []
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Archivos de programa\Archivos comunes\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-07-22 116040]
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Archivos de programa\Alwil Software\Avast4\aswUpdSv.exe [2008-11-26 18752]
R2 avast! Antivirus;avast! Antivirus; C:\Archivos de programa\Alwil Software\Avast4\ashServ.exe [2008-11-26 155160]
R2 Bonjour Service;Servicio Bonjour; C:\Archivos de programa\Bonjour\mDNSResponder.exe [2007-07-24 229376]
R2 FPAVServer;F-PROT Antivirus for Windows system; C:\Archivos de programa\FRISK Software\F-PROT Antivirus for Windows\FPAVServer.exe [2008-04-21 45960]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-09-17 163908]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2008-07-30 66872]
R2 SoundMAX Agent Service (default);SoundMAX Agent Service; C:\Archivos de programa\Analog Devices\SoundMAX\SMAgent.exe [2002-09-20 45056]
R2 UxTuneUp;TuneUp Ampliación del thema; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Archivos de programa\Alwil Software\Avast4\ashMaiSv.exe [2008-11-26 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Archivos de programa\Alwil Software\Avast4\ashWebSv.exe [2008-11-26 352920]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Archivos de programa\Archivos comunes\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2008-03-31 654848]
S3 GoogleDesktopManager-022208-143751;Administrador de Google Desktop 5.7.802.22438; C:\Archivos de programa\Google\Google Desktop Search\GoogleDesktop.exe [2008-03-31 29744]
S3 IDriverT;InstallDriver Table Manager; C:\Archivos de programa\Archivos comunes\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 iPod Service;Servicio del iPod; C:\Archivos de programa\iPod\bin\iPodService.exe [2008-07-30 532264]
S3 maconfservice;Ma-Config Service; C:\Archivos de programa\ma-config.com\maconfservice.exe [2008-09-02 191656]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\WINDOWS\System32\TuneUpDefragService.exe [2008-05-16 306432]
S3 usprserv;User Privilege Service; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Archivos de programa\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 aawservice;Lavasoft Ad-Aware Service; C:\Archivos de programa\Lavasoft\Ad-Aware\aawservice.exe [2008-08-18 611664]
S4 odserv;Microsoft Office Diagnostics Service; C:\Archivos de programa\Archivos comunes\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S4 ose;Office Source Engine; C:\Archivos de programa\Archivos comunes\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S4 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Archivos de programa\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]

-----------------EOF-----------------

   
Répondre à brm

5

brm, le 31 déc 2008 à 14:36:33

Info.txt:

info.txt logfile of random's system information tool 1.05 2008-12-31 14:33:34

======Uninstall list======

{ARPD} Coop Realism Mod Version 5.2-->C:\Archivos de programa\Sierra\SWAT 4\{ARPD}v5\Uninstall {ARPD}v5.exe
-->C:\Archivos de programa\Nero\Nero 7\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
-->C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
-->C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
-->C:\WINDOWS\UNRecode.exe /UNINSTALL
-->MsiExec /X{EFC1B35C-FFF2-41D8-A70A-CE6037F8040B}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
11-99 Enhancement Mod v1.1-->C:\Archivos de programa\Sierra\SWAT 4\11-99 Enhancement Mod v1.1\Uninstal.exe
11-99 Enhancement Mod-->C:\Archivos de programa\Sierra\SWAT 4\11-99 Enhancement Mod\Uninstal.exe
3DVIA Player 4.1-->MsiExec.exe /X{4E868D3D-6EEB-4273-926C-2287236B5B79}
Actualización de seguridad para el Reproductor de Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Actualización de seguridad para el Reproductor de Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Actualización de seguridad para el Reproductor de Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
Actualización de seguridad para Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB950759)-->"C:\WINDOWS\$NtUninstallKB950759$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB953838)-->"C:\WINDOWS\$NtUninstallKB953838$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB956390)-->"C:\WINDOWS\$NtUninstallKB956390$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB958215)-->"C:\WINDOWS\$NtUninstallKB958215$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB960714)-->"C:\WINDOWS\$NtUninstallKB960714$\spuninst\spuninst.exe"
Actualización para Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Actualización para Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Actualización para Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Ad-Aware-->MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
Adobe Anchor Service CS3-->MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95}
Adobe Asset Services CS3-->MsiExec.exe /I{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}
Adobe Bridge CS3-->MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394}
Adobe Bridge Start Meeting-->MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23}
Adobe Camera Raw 4.0-->MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}
Adobe CMaps-->MsiExec.exe /I{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}
Adobe Color - Photoshop Specific-->MsiExec.exe /I{A2D81E70-2A98-4A08-A628-94388B063C5E}
Adobe Color Common Settings-->MsiExec.exe /I{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}
Adobe Color EU Recommended Settings-->MsiExec.exe /I{73B5D990-04EA-4751-B10F-5534770B91F2}
Adobe Color JA Extra Settings-->MsiExec.exe /I{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}
Adobe Color NA Extra Settings-->MsiExec.exe /I{FF29A7E2-FF40-4D07-B7E4-2093DE59E10A}
Adobe Default Language CS3-->MsiExec.exe /I{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}
Adobe Device Central CS3-->MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}
Adobe ExtendScript Toolkit 2-->MsiExec.exe /I{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Fonts All-->MsiExec.exe /I{6ABE0BEE-D572-4FE8-B434-9E72A289431B}
Adobe Help Viewer CS3-->MsiExec.exe /I{04AF207D-9A77-465A-8B76-991F6AB66245}
Adobe Linguistics CS3-->MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078}
Adobe PDF Library Files-->MsiExec.exe /I{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}
Adobe Photoshop CS-->RunDll32 C:\ARCHIV~1\ARCHIV~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Archivos de programa\InstallShield Installation Information\{EFB21DE7-8C19-4A88-BB28-A766E16493BC}\setup.exe" -l0xa
Adobe Photoshop CS3-->C:\Archivos de programa\Archivos comunes\Adobe\Installers\53a35a181eeb50486a0e091bd67ae62\Setup.exe
Adobe Photoshop CS3-->MsiExec.exe /I{FB124956-B0E3-4D78-AB94-6E53430004B7}
Adobe Reader 8.1.2 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81200000003}
Adobe Setup-->MsiExec.exe /I{ACD238D4-5E74-42E1-8B11-A477BCE70D2F}
Adobe Shockwave Player 11-->C:\WINDOWS\system32\adobe\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Adobe\SHOCKW~1\Install.log
Adobe Stock Photos CS3-->MsiExec.exe /I{29E5EA97-5F74-4A57-B8B2-D4F169117183}
Adobe Type Support-->MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}
Adobe Update Manager CS3-->MsiExec.exe /I{E69AE897-9E0B-485C-8552-7841F48D42D8}
Adobe Version Cue CS3 Client-->MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5}
Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}
Adobe XMP Panels CS3-->MsiExec.exe /I{802771A9-A856-4A41-ACF7-1450E523C923}
AGEIA PhysX v7.07.24-->MsiExec.exe /X{EFC1B35C-FFF2-41D8-A70A-CE6037F8040B}
America's Army-->MsiExec.exe /I{656D5B05-0409-41EE-BBEE-D9C4D6388972}
Apple Mobile Device Support-->MsiExec.exe /I{49C88E44-1B38-4FC6-824E-2BDA3063B0E3}
Apple Software Update-->MsiExec.exe /I{02DFF6B1-1654-411C-8D7B-FD6052EF016F}
aTube Catcher 1.0-->"C:\Archivos de programa\DsNET Corp\aTube Catcher 1.0\unins000.exe"
avast! Antivirus-->C:\Archivos de programa\Alwil Software\Avast4\aswRunDll.exe "C:\Archivos de programa\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
AVIConverter 3.0-->C:\Archivos de programa\AVIConverter\uninst.exe
AviSynth 2.5-->"C:\Archivos de programa\AviSynth 2.5\Uninstall.exe"
Battlefield 2(TM)-->RunDll32 C:\ARCHIV~1\ARCHIV~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Archivos de programa\InstallShield Installation Information\{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}\setup.exe" -l0xa -removeonly
Bonjour-->MsiExec.exe /I{47BF1BD6-DCAC-468F-A0AD-E5DECC2211C3}
CDDRV_Installer-->MsiExec.exe /I{8CC990CD-87C8-475C-AC32-8A7984E2FCFA}
Convert Doc-->"C:\Archivos de programa\Softinterface, Inc\Convert Doc\unins000.exe"
ConvertXtoDVD 2.2.3.258-->"C:\Archivos de programa\VSO\ConvertXtoDVD\unins000.exe"
Dawn of War - Soulstorm-->"C:\Archivos de programa\InstallShield Installation Information\{20533183-D42D-4261-A125-956736FBEA8C}\setup.exe" -runfromtemp -l0x000a -removeonly
Dawn Of War - Winter Assault-->MsiExec.exe /X{DD8408E9-9421-484F-979D-DB6361E3E828}
DawnOfWar-->C:\ARCHIV~1\ARCHIV~1\INSTAL~1\Driver\10\INTEL3~1\IDriver.exe /M{362D5167-9716-44BE-89FD-BF9EB6EF814B}
DDS Thumbnail Viewer-->RunDll32 C:\ARCHIV~1\ARCHIV~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Archivos de programa\InstallShield Installation Information\{2205B8AE-490E-43F2-AB43-C13C2BEC86A7}\Setup.exe" -l0x9
DivX Web Player-->C:\Archivos de programa\DivX\DivXWebPlayerUninstall.exe /PLUGIN
D-Link VGA Webcam-->C:\WINDOWS\CleanDev.exe C:\WINDOWS\ov519.TXT
EPSON Attach To Email-->C:\Archivos de programa\Archivos comunes\InstallShield\Driver\8\Intel 32\IDriver.exe /M{20C45B32-5AB6-46A4-94EF-58950CAF05E5} /l1033 ADDREMOVEDLG
EPSON Copy Utility 3-->RunDll32 C:\ARCHIV~1\ARCHIV~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Archivos de programa\InstallShield Installation Information\{67EDD823-135A-4D59-87BD-950616D6E857}\SETUP.EXE" -l0xa -UnInstall
EPSON Easy Photo Print-->RunDll32 C:\ARCHIV~1\ARCHIV~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Archivos de programa\InstallShield Installation Information\{5DA7BC15-18D3-41A0-9F59-838DA3EAEF17}\SETUP.EXE" -l0xa UNINST
EPSON File Manager-->RunDll32 C:\ARCHIV~1\ARCHIV~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Archivos de programa\InstallShield Installation Information\{E86BC406-944E-41F6-ADE6-2C136734C96B}\Setup.exe" -l0xa UNINST
EPSON Image Clip Palette-->RunDll32 C:\ARCHIV~1\ARCHIV~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Archivos de programa\InstallShield Installation Information\{314F6D08-A8B7-11D8-8446-0050BA1D384D}\Setup.exe" -l0xa -u
EPSON Scan Assistant-->RunDll32 C:\ARCHIV~1\ARCHIV~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Archivos de programa\InstallShield Installation Information\{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}\Setup.exe" -l0xa -u
EPSON Scan-->C:\Archivos de programa\epson\escndv\setup\setup.exe /r
EPSON Web-To-Page-->RunDll32 C:\ARCHIV~1\ARCHIV~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Archivos de programa\InstallShield Installation Information\{7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}\SETUP.EXE" -l0xa -anything
ESDX3800 Manual de usuario-->C:\Archivos de programa\EPSON\TPMANUAL\ESDX3800\USE_G\DOCUNINS.EXE
Euro Truck Simulator 1.00-->C:\Archivos de programa\Euro Truck Simulator\uninst.exe
Eve Of Destruction 0.1-->C:\Archivos de programa\EA Games\Battlefield Vietnam\Mods\uninst.exe
Far Cry 2-->"C:\Archivos de programa\InstallShield Installation Information\{F2835483-37F2-4123-B4FE-0E77D58447F2}\setup.exe" -runfromtemp -l0x000a -removeonly
F-PROT Antivirus for Windows-->MsiExec.exe /I{E58B329B-FB28-4874-90DE-0D7CB2709267}
F-PROT Antivirus Updater Fix-->MsiExec.exe /I{F8A3A6BC-D68F-445B-B1BA-6F03A4352865}
Freez FLV to AVI/MPEG/WMV Converter-->"C:\Archivos de programa\Smallvideosoft\Freez FLV to AVI MPEG WMV Converter\unins000.exe"
Game Cam-->RunDll32 C:\ARCHIV~1\ARCHIV~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Archivos de programa\InstallShield Installation Information\{DB52432E-3AD8-41A5-A586-0F065FB6A31E}\setup.exe"
Google Desktop-->C:\Archivos de programa\Google\Google Desktop Search\GoogleDesktopSetup.exe -uninstall
Hamachi 1.0.3.0-->C:\Archivos de programa\Hamachi\uninstall.exe
HijackThis 2.0.2-->"C:\Archivos de programa\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Imperial Glory-->RunDll32 C:\ARCHIV~1\ARCHIV~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Archivos de programa\InstallShield Installation Information\{1FCC8C70-66B9-420D-942C-2C2A8441C744}\setup.exe" -l0xa -removeonly
iTunes-->MsiExec.exe /I{3DE0053C-FD9A-483E-B7C9-B06E4392206E}
IZArc 3.81-->"C:\Archivos de programa\IZArc\unins000.exe"
Java(TM) 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Kaspersky Online Scanner-->C:\WINDOWS\system32\KASPER~1\KASPER~1\kavuninstall.exe
KhalInstallWrapper-->MsiExec.exe /I{56918C0C-0D87-4CA6-92BF-4975A43AC719}
K-Lite Codec Pack 3.9.0 Full-->"C:\Archivos de programa\K-Lite Codec Pack\unins000.exe"
Lecteur Windows Media 11-->"C:\Archivos de programa\Windows Media Player\Setup_wm.exe" /Uninstall
Logitech Registration-->MsiExec.exe /I{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}
Logitech SetPoint-->C:\Archivos de programa\InstallShield Installation Information\{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}\setup.exe -runfromtemp -l0x040c -removeonly
Lphant v3.51-->"C:\Archivos de programa\Lphant\unins000.exe"
Ma-Config.com-->MsiExec.exe /X{1C02A760-1682-49AE-BB54-FA7D63BD3504}
Malwarebytes' Anti-Malware-->"C:\Archivos de programa\Malwarebytes' Anti-Malware\unins000.exe"
Marvell Miniport Driver-->MsiExec.exe /X{C950420B-4182-49EA-850A-A6A2ABF06C6B}
Media Library Management Wizard-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\mplibwiz.inf,DefaultUninstall
Messenger Plus! Live-->"C:\Archivos de programa\Messenger Plus! Live\Uninstall.exe"
Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5-->"C:\WINDOWS\$NtUninstallWdf01005$\spuninst\spuninst.exe"
Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE}
Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (French) 2007-->MsiExec.exe /X{90120000-0044-040C-0000-0000000FF1CE}
Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
Microsoft Office Professional Plus 2007-->"C:\Archivos de programa\Archivos comunes\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL
Microsoft Office Professional Plus 2007-->MsiExec.exe /X{90120000-0011-0000-0000-0000000FF1CE}
Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE}
Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
MKVtoolnix 2.1.0-->C:\Archivos de programa\MKVtoolnix\uninst.exe
MoreJongg 7.00-->"C:\Archivos de programa\Moraff\Morejongg\Uninstal.exe"
Movie Maker Background Music Files-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\mmmusic.inf,DefaultUninstall
Movie Maker Sound Effects-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\mmsounds.inf,DefaultUninstall
Movie Maker Title Images-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\mmtitle.inf,DefaultUninstall
Mozilla Firefox (2.0.0.20)-->C:\Archivos de programa\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 Parser and SDK-->MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC}
Nero 7 Demo-->MsiExec.exe /I{A66B369B-2927-8B02-ADF7-5BC0FE941034}
NET Installation Assistance for VB6 App (Runtime Only)-->MsiExec.exe /I{66333C41-085E-4DA1-8273-E2BCA382D766}
Notepad++-->C:\Archivos de programa\Notepad++\uninstall.exe
NVIDIA Drivers-->C:\WINDOWS\system32\nvuninst.exe UninstallGUI
NVIDIA Photoshop Plug-ins-->RunDll32 C:\ARCHIV~1\ARCHIV~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Archivos de programa\InstallShield Installation Information\{23F79416-CAD1-41BF-99A3-040F6C814AAA}\setup.exe" -l0x9
OpenAL-->"C:\Archivos de programa\OpenAL\OpenALwEAX.exe" /U
Pack PSP - Ri4m - v1.0a-->C:\Archivos de programa\Ripp-it_AM\dlls\Uninstal.exe
Panda ActiveScan 2.0-->C:\Archivos de programa\Panda Security\ActiveScan 2.0\as2uninst.exe
PDF Settings-->MsiExec.exe /I{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}
PDFCreator-->C:\Archivos de programa\PDFCreator\unins000.exe
PIF DESIGNER-->RunDll32 C:\ARCHIV~1\ARCHIV~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Archivos de programa\InstallShield Installation Information\{B90450DF-E781-46FD-B1F1-0C86DA40E443}\SETUP.EXE" -l0xa anything
Pirates of the Burning Sea-->"C:\Archivos de programa\InstallShield Installation Information\{5541F601-F327-4739-B7E8-560EDEE1301E}\setup.exe" -runfromtemp -l0x040c -removeonly
PlayNC Launcher-->C:\Archivos de programa\InstallShield Installation Information\{5F8E2CBB-949D-4175-AC98-5ADE7F6C9697}\setup.exe -runfromtemp -l0x0009 -removeonly
Project Torque-->C:\Archivos de programa\AeriaGames\Project Torque\uninstall.exe
QuickTime-->MsiExec.exe /I{08CA9554-B5FE-4313-938F-D4A417B81175}
Revisión para el Reproductor de Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Revisión para Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Ri4m v5.0.1d-->C:\Archivos de programa\Ripp-it_AM\Ri4m_Uninstal.exe
RisingSun 1.00 -->C:\WINDOWS\uninstall\RisingSun\setup.exe
ServiWin-->C:\WINDOWS\zipinst.exe /uninst "C:\Archivos de programa\ServiWin\uninst1~.nsu"
Software de impresora EPSON-->C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /R
SopCast 3.0.1-->C:\Archivos de programa\SopCast\uninst.exe
SoundMAX-->RunDll32 C:\ARCHIV~1\ARCHIV~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Archivos de programa\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\Setup.exe"
SPORE™-->"C:\Archivos de programa\InstallShield Installation Information\{9DF0196F-B6B8-4C3A-8790-DE42AA530101}\SPORESetup.exe" -runfromtemp -l0x040c -removeonly
Spybot - Search & Destroy-->"C:\Archivos de programa\Spybot - Search & Destroy\unins000.exe"
Star Wars Galaxies: Complete Online Adventures-->RunDll32 C:\ARCHIV~1\ARCHIV~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Archivos de programa\InstallShield Installation Information\{19F59AB5-B1F6-4276-A40B-09472318BCFF}\setup.exe" -l0x9 -removeonly
SWAT 4-->C:\ARCHIV~1\ARCHIV~1\INSTAL~1\Driver\10\INTEL3~1\IDriver.exe /M{8E1CCF20-9E12-4824-BD59-7AD9E0486DD8} uninstall
System Requirements Lab-->C:\Archivos de programa\SystemRequirementsLab\Uninstall.exe
TeamSpeak 2 RC2-->"C:\Archivos de programa\Teamspeak2_RC2\unins000.exe"
TuneUp Utilities 2008-->MsiExec.exe /I{5888428E-699C-4E71-BF71-94EE06B497DA}
Twin Digital GamePad-->RunDll32 C:\ARCHIV~1\ARCHIV~1\INSTAL~1\PROFES~1\RunTime\0700\Intel32\Ctor.dll,LaunchSetup "C:\Archivos de programa\InstallShield Installation Information\{06204E2A-6369-43ED-A9CF-49B5F49915FA}\setup.exe" -l0x9
VDMSound 2.0.4-->MsiExec.exe /I{8ECBE643-8230-11D5-9D6B-00A024112F81}
VeohTV BETA-->C:\Archivos de programa\InstallShield Installation Information\{0405E51E-9582-4207-8F38-AC44201D3808}\setup.exe -runfromtemp -l0x0409
Vietcong-->C:\Program Files\Vietcong\Uninstall.exe
Winamp-->"C:\Archivos de programa\Winamp\UninstWA.exe"
Windows Live Messenger-->MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65}
Windows Media Format 11 runtime-->"C:\Archivos de programa\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows Media Player Skin Importer-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\wa2wmp.inf,DefaultUninstall
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
X-07 MAPPACK [LAN] Battlefield 2-->C:\Archivos de programa\EA GAMES\Battlefield 2\x07mappack_Uninstal.exe
Yahoo! Install Manager-->C:\WINDOWS\system32\regsvr32 /u C:\ARCHIV~1\Yahoo!\Common\YINSTH~1.DLL
Yahoo! Widgets-->C:\ARCHIV~1\Yahoo!\Widgets\uninstall.exe

======Hosts File======

127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com

======Security center information======

AV: avast! antivirus 4.8.1296 [VPS 081230-0]
AV: F-PROT Antivirus for Windows

System event log

Computer Name: HOME-E0D3044181
Event Code: 26
Message: Aplicación emergente: Proxy Desktop: Explorer.EXE - Error de aplicación : Se ha producido la excepción excepción inesperada del programa (0xc06d007e) en la dirección 0x7c812aeb.


Record Number: 31704
Source Name: Application Popup
Time Written: 20081109011953.000000+060
Event Type: Información
User:

Computer Name: HOME-E0D3044181
Event Code: 26
Message: Aplicación emergente: Proxy Desktop: Explorer.EXE - Error de aplicación : Se ha producido la excepción excepción inesperada del programa (0xc06d007e) en la dirección 0x7c812aeb.


Record Number: 31703
Source Name: Application Popup
Time Written: 20081109011950.000000+060
Event Type: Información
User:

Computer Name: HOME-E0D3044181
Event Code: 7036
Message: El servicio Servicio COM de grabación de CD de IMAPI entró en estado detenido.

Record Number: 31702
Source Name: Service Control Manager
Time Written: 20081109011924.000000+060
Event Type: Información
User:

Computer Name: HOME-E0D3044181
Event Code: 7036
Message: El servicio Servicio COM de grabación de CD de IMAPI entró en estado Activo.

Record Number: 31701
Source Name: Service Control Manager
Time Written: 20081109011918.000000+060
Event Type: Información
User:

Computer Name: HOME-E0D3044181
Event Code: 7035
Message: Se ha enviado satisfactoriamente un control iniciar al servicio Servicio COM de grabación de CD de IMAPI.

Record Number: 31700
Source Name: Service Control Manager
Time Written: 20081109011918.000000+060
Event Type: Información
User: NT AUTHORITY\SYSTEM

Application event log

Computer Name: HOME-E0D3044181
Event Code: 1
Message:
Record Number: 4030
Source Name: Bonjour Service
Time Written: 20080419220214.000000+120
Event Type: Información
User:

Computer Name: HOME-E0D3044181
Event Code: 1517
Message: Windows guardó el Registro de usuario HOME-E0D3044181\principal mientras una aplicación o servicio todavía estaba usando el Registro durante el cierre de sesión. No se ha liberado la memoria usada por el Registro de usuario. Se descargará el Registro cuando ya no esté en uso.


Esto es debido a menudo por los servicios ejecutándose como cuentas de usuario. Intente configurar los servicios para ejecutarse en la cuenta ServicioLocal o ServicioRed.
Record Number: 4029
Source Name: Userenv
Time Written: 20080419184419.000000+120
Event Type: Advertencia
User: NT AUTHORITY\SYSTEM

Computer Name: HOME-E0D3044181
Event Code: 101
Message: msnmsgr (3532) Se detuvo el motor de base de datos.

Record Number: 4028
Source Name: ESENT
Time Written: 20080419184403.000000+120
Event Type: Información
User:

Computer Name: HOME-E0D3044181
Event Code: 103
Message: msnmsgr (3532) \\.\C:\Documents and Settings\principal\Configuración local\Datos de programa\Microsoft\Messenger\broumstick@yahoo.fr\SharingMetadata\Working\database_12F0_9195_F091_7FA1\dfsr.db: El motor de base de datos detuvo la instancia (0).

Record Number: 4027
Source Name: ESENT
Time Written: 20080419184403.000000+120
Event Type: Información
User:

Computer Name: HOME-E0D3044181
Event Code: 302
Message: msnmsgr (3532) \\.\C:\Documents and Settings\principal\Configuración local\Datos de programa\Microsoft\Messenger\broumstick@yahoo.fr\SharingMetadata\Working\database_12F0_9195_F091_7FA1\dfsr.db: El motor de base de datos completó correctamente los pasos de recuperación.

Record Number: 4026
Source Name: ESENT
Time Written: 20080419143729.000000+120
Event Type: Información
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%systemroot%\system32;%systemroot%;%systemroot%\system32\wbem;C:\Archivos de programa\ATI Technologies\ATI.ACE\Core-Static;%VDMSPath%;C:\Archivos de programa\QuickTime\QTSystem
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 12 Stepping 0, AuthenticAMD
"PROCESSOR_REVISION"=0c00
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"VDMSPath"=C:\Archivos de programa\VDMSound\
"CLASSPATH"=.;C:\Archivos de programa\Java\jre1.6.0_03\lib\ext\QTJava.zip
"QTJAVA"=C:\Archivos de programa\Java\jre1.6.0_03\lib\ext\QTJava.zip

-----------------EOF-----------------

   
Répondre à brm

6

brm, le 31 déc 2008 à 14:38:13

Pour rooter, je desactive l antivirus aussi?

   
Répondre à brm

7

V-X, le 31 déc 2008 à 14:39:54

Re,

Oui.

Tu as télécharger un crack ?

   
Répondre à V-X

8

brm, le 31 déc 2008 à 14:42:04

Ok pour l antivir.
pour le crack.....oui, ça nous arrive "shame"

   
Répondre à brm

9

V-X, le 31 déc 2008 à 14:44:13

Re,

Ben voilà un bagle.

Tu passe rooter et te donne la suite.

   
Répondre à V-X

10

brm, le 31 déc 2008 à 14:50:29

Microsoft (R) Windows Script Host versi¢n 5.7
Copyright (C) Microsoft Corporation 1996-2006. Reservados todos los derechos.

Microsoft Windows XP Professional ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : AMD Athlon(tm) 64 Processor 3400+ )
BIOS : Rev 2.00
USER : principal ( Administrator )
BOOT : Normal boot

Antivirus : F-PROT Antivirus for Windows 6.0 (Activated)


A:\ (USB)
C:\ (Local Disk) - NTFS - Total:189 Go (Free:76 Go)
D:\ (CD or DVD)
E:\ (CD or DVD)
F:\ (CD or DVD)

31/12/2008|14:44

----------------------\\ Search..

----------------------\\ ROOTKIT !!

Rootkit TDSS ! .. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_TD­SSSERV.SYS]
Rootkit TDSS ! .. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_TD­SSSERV.SYS]
Rootkit TDSS ! .. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGAC­Y_TDSSSERV.SYS]
Rootkit TDSS ! .. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\TDSSserv.s­ys]
Rootkit TDSS ! .. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\TDSSserv.s­ys]
Rootkit TDSS ! .. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TDSSse­rv.sys]

----------------------\\ Cracks & Keygens..

C:\DOCUME~1\PRINCI~1\Escritorio\audio-video\Data\Fruity Loops Studio XXL v.8 CRACK-BY ToRR3NTPYTHoN.rar
C:\DOCUME~1\PRINCI~1\Escritorio\audio-video\Data\Nero 7.0.1.2 Premium Edition (EspaÇñol-Spanish) Con Keygen, GuÇðas De Usuario Y.zip
C:\DOCUME~1\PRINCI~1\Escritorio\audio-video\Data\VSO.ConvertXtoDVD.v2.2.3.258.Multilangages.Incl-Keygen.rar
C:\DOCUME~1\PRINCI~1\Mis documentos\Mis im genes\photoshop\Akvis Filtres Crack.rar


1 - "C:\Rooter$\Rooter_1.txt" - 31/12/2008|14:44

----------------------\\ Scan completed at 14:44




bagle??

   
Répondre à brm

11

V-X, le 31 déc 2008 à 14:52:54

Re,


C:\DOCUME~1\PRINCI~1\Escritorio\audio-video\Data\Fruity Loops Studio XXL v.8 CRACK-BY ToRR3NTPYTHoN.rar
C:\DOCUME~1\PRINCI~1\Escritorio\audio-video\Data\Nero 7.0.1.2 Premium Edition (EspaÇñol-Spanish) Con Keygen, GuÇðas De Usuario Y.zip
C:\DOCUME~1\PRINCI~1\Escritorio\audio-video\Data\VSO.Convert­XtoDVD.v2.2.3.258.Multilangages.Incl-Keygen.rar
C:\DOCUME~1\PRINCI~1\Mis documentos\Mis im genes\photoshop\Akvis Filtres Crack.rar

Vire tout sa et fait ce qui suit:

FindyKill de Chiquitine29

▶ Fais un clique droit sur le lien et choisis ( "enregistrer la cible sous ...." )( , destination le bureau .

( Note importante : si tu as le prg Elibagla sur ton PC , supprimes le ( risque de conflit entre les deux outils )( .

▶ Entre dans le dossier " FindyKill "

▶ Double clic sur " FindyKill.bat " (et pas sur autre chose!) pour lancer l'outil .

▶ Choisis ( l'option 1( . Puis laisses travailler ...

▶ Une fois terminé, postes le rapport FindyKill.txt qui est généré ...

( Note : le rapport est sauvegardé à la racine du disque -> C:\FindyKill.txt )

Les-risques-securitaires-du-peer-to-peer

Si un rapport ne passe pas faire une alerte à la conciergerie avec le /!\ jaune.

   
Répondre à V-X

12

brm, le 31 déc 2008 à 14:59:50

Ok. A noter que certains fichiers a éliminer n'ont plus les progs associés depuis perpet. les tdss par contre nous inquiètes plus. je lance la manip recommandée et je poste.
encore merci pour l aide :)

   
Répondre à brm

13

brm, le 31 déc 2008 à 15:09:23

Je ne trouve pas findkill.bat après l install
J'ai DL via le lien un findkill.exe, qui a installé un prog. aucun bat dans le rep d installation

   
Répondre à brm

14

V-X, le 31 déc 2008 à 15:11:34

Re,

OKI.

Tu as l'icone sur ton bureau double clic dessus et choisit ta langue et fait l'option 1 recherche.

   
Répondre à V-X

15

brm, le 31 déc 2008 à 15:15:36

J ai une fenetre DOS. je lance une recherche en fr de "fichiers infectieux"

   
Répondre à brm

16

V-X, le 31 déc 2008 à 15:15:54

Re,

OUI

   
Répondre à V-X

21

brm, le 31 déc 2008 à 15:45:28

----------------- FindyKill V4.710 ------------------

* User : principal - HOME-E0D3044181
* executed from : C:\Archivos de programa\FindyKill
* Update on 21/12/08 par Chiquitine29
* Start at 15:35:06 the 31/12/2008
* Windows XP - Internet Explorer 6.0.2900.5512


((((((((((((((( *** deleting *** ))))))))))))))))))


--------------- [ Active Processes ] ----------------


C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\logonui.exe
C:\WINDOWS\system32\svchost.exe
C:\Archivos de programa\Alwil Software\Avast4\aswUpdSv.exe
C:\Archivos de programa\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\userinit.exe

--------------- [ Infected files / folders ] ----------------


»»»» Supression files in C:

Deleted ! - C:\InfoSat.txt

»»»» Supression files in C:\WINDOWS


»»»» Supression files in C:\WINDOWS\Prefetch


»»»» Supression files in C:\WINDOWS\system32


»»»» Supression files in C:\WINDOWS\system32\config\systemprofile\AppData\Roaming


»»»» Supression files in C:\WINDOWS\system32\drivers


»»»» Supression files in C:\Documents and Settings\principal\Datos de programa

Deleted ! - "C:\Documents and Settings\principal\Datos de programa\inst.exe"

»»»» Supression files in C:\DOCUME~1\PRINCI~1\CONFIG~1\Temp


»»»» Supression files in C:\Documents and Settings\principal\Local Settings\Temporary Internet Files\Content.IE5


--------------- [ Registry / Infected keys ] ----------------

Deleted ! - HKEY_CURRENT_CONFIG\System\CurrentControlSet\Enum\ROOT\LEGACY_SROSA
Deleted ! - HKEY_USERS\S-1-5-21-839522115-1229272821-2147125571-1003\Software\Ubisoft

--------------- [ States / Restarting of services ] ----------------



+- Services : [ Auto=2 / Request=3 / Disable=4 ]

Ndisuio - Type of startup = 3

EapHost - Type of startup = 2

Ip6Fw - Type of startup = 2

SharedAccess - Type of startup = 2

wuauserv - Type of startup = 2

wscsvc - Type of startup = 2


--------------- [ Cleaning removable drives ] ----------------

+- Informations :

C: - Unidad fija

G: - Unidad extra¡ble


+- deleting files :


--------------- [ Registry / Mountpoint2 ] ----------------


-> Not found !


--------------- [ Searching Cracks / Keygen ] ----------------

C:\Documents and Settings\principal\Escritorio\Jeux\GameCam.v1.2.0.16.Cracked.WinALL-iND
C:\Documents and Settings\principal\Escritorio\Jeux\battlefield2\Battlefield 2 Keygen.rar
C:\Documents and Settings\principal\Escritorio\Jeux\GameCam.v1.2.0.16.Cracked.WinALL-iND\Crack.exe
C:\Documents and Settings\principal\Escritorio\Jeux\GameCam.v1.2.0.16.Cracked.WinALL-iND\GameCamSetup.exe
C:\Documents and Settings\principal\Escritorio\Jeux\GameCam.v1.2.0.16.Cracked.WinALL-iND\GC-iND.nfo
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetailcrack.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetailcrackalphatest.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetailcrackalphatestlightmap.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetailcrackalphatestlightmapshadow.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetailcrackalphatestpointlight.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetailcrackalphatestshadow.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetailcracklightmap.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetailcracklightmapshadow.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetailcrackndetailncrack.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetailcrackndetailncrackalphatest.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetailcrackndetailncrackalphatestlightmap.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetailcrackndetailncrackalphatestlightmapshadow.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetailcrackndetailncrackalphatestpointlight.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetailcrackndetailncrackalphatestshadow.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetailcrackndetailncracklightmap.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetailcrackndetailncracklightmapshadow.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetailcrackndetailncrackpointlight.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetailcrackndetailncrackshadow.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetailcrackpointlight.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetailcrackshadow.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetaildirtcrack.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetaildirtcrackalphatest.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetaildirtcrackalphatestlightmap.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetaildirtcrackalphatestlightmapshadow.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetaildirtcrackalphatestpointlight.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetaildirtcrackalphatestshadow.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetaildirtcracklightmap.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetaildirtcracklightmapshadow.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetaildirtcrackndetailncrack.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetaildirtcrackndetailncrackalphatest.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetaildirtcrackndetailncrackalphatestlightmap.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetaildirtcrackndetailncrackalphatestlightmapshadow.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetaildirtcrackndetailncrackalphatestpointlight.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetaildirtcrackndetailncrackalphatestshadow.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetaildirtcrackndetailncracklightmap.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetaildirtcrackndetailncracklightmapshadow.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetaildirtcrackndetailncrackpointlight.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetaildirtcrackndetailncrackshadow.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetaildirtcrackpointlight.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetaildirtcrackshadow.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetailcrack.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetailcrackalphatest.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetailcrackalphatestlightmap.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetailcrackalphatestlightmapshadow.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetailcrackalphatestpointlight.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetailcrackalphatestshadow.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetailcracklightmap.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetailcracklightmapshadow.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetailcrackndetailncrack.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetailcrackndetailncrackalphatest.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetailcrackndetailncrackalphatestlightmap.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetailcrackndetailncrackalphatestlightmapshadow.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetailcrackndetailncrackalphatestpointlight.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetailcrackndetailncrackalphatestshadow.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetailcrackndetailncracklightmap.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetailcrackndetailncracklightmapshadow.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetailcrackndetailncrackpointlight.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetailcrackndetailncrackshadow.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetailcrackpointlight.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetailcrackshadow.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetaildirtcrack.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetaildirtcrackalphatest.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetaildirtcrackalphatestlightmap.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetaildirtcrackalphatestlightmapshadow.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetaildirtcrackalphatestpointlight.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetaildirtcrackalphatestshadow.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetaildirtcracklightmap.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetaildirtcracklightmapshadow.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetaildirtcrackndetailncrack.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetaildirtcrackndetailncrackalphatest.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetaildirtcrackndetailncrackalphatestlightmap.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetaildirtcrackndetailncrackalphatestlightmapshadow.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetaildirtcrackndetailncrackalphatestpointlight.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetaildirtcrackndetailncrackalphatestshadow.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetaildirtcrackndetailncracklightmap.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetaildirtcrackndetailncracklightmapshadow.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetaildirtcrackndetailncrackpointlight.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetaildirtcrackndetailncrackshadow.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetaildirtcrackpointlight.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetaildirtcrackshadow.cfx
C:\Documents and Settings\principal\Mis documentos\Mi m£sica\mp3\Drain STH - Horror Wrestling\08 - Crack The Liars Smile.mp3


---------------- ! End of report ! ------------------

   
Répondre à brm

22

brm, le 31 déc 2008 à 15:47:27

----------------- FindyKill V4.710 ------------------

* User : principal - HOME-E0D3044181
* executed from : C:\Archivos de programa\FindyKill
* Update on 21/12/08 par Chiquitine29
* Start at 15:35:06 the 31/12/2008
* Windows XP - Internet Explorer 6.0.2900.5512


((((((((((((((( *** deleting *** ))))))))))))))))))


--------------- [ Active Processes ] ----------------


C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\logonui.exe
C:\WINDOWS\system32\svchost.exe
C:\Archivos de programa\Alwil Software\Avast4\aswUpdSv.exe
C:\Archivos de programa\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\userinit.exe

--------------- [ Infected files / folders ] ----------------


»»»» Supression files in C:

Deleted ! - C:\InfoSat.txt

»»»» Supression files in C:\WINDOWS


»»»» Supression files in C:\WINDOWS\Prefetch


»»»» Supression files in C:\WINDOWS\system32


»»»» Supression files in C:\WINDOWS\system32\config\systemprofile\AppData\Roaming


»»»» Supression files in C:\WINDOWS\system32\drivers


»»»» Supression files in C:\Documents and Settings\principal\Datos de programa

Deleted ! - "C:\Documents and Settings\principal\Datos de programa\inst.exe"

»»»» Supression files in C:\DOCUME~1\PRINCI~1\CONFIG~1\Temp


»»»» Supression files in C:\Documents and Settings\principal\Local Settings\Temporary Internet Files\Content.IE5


--------------- [ Registry / Infected keys ] ----------------

Deleted ! - HKEY_CURRENT_CONFIG\System\CurrentControlSet\Enum\ROOT\LEGACY_SROSA
Deleted ! - HKEY_USERS\S-1-5-21-839522115-1229272821-2147125571-1003\Software\Ubisoft

--------------- [ States / Restarting of services ] ----------------



+- Services : [ Auto=2 / Request=3 / Disable=4 ]

Ndisuio - Type of startup = 3

EapHost - Type of startup = 2

Ip6Fw - Type of startup = 2

SharedAccess - Type of startup = 2

wuauserv - Type of startup = 2

wscsvc - Type of startup = 2


--------------- [ Cleaning removable drives ] ----------------

+- Informations :

C: - Unidad fija

G: - Unidad extra¡ble


+- deleting files :


--------------- [ Registry / Mountpoint2 ] ----------------


-> Not found !


--------------- [ Searching Cracks / Keygen ] ----------------

C:\Documents and Settings\principal\Escritorio\Jeux\GameCam.v1.2.0.16.Cracked.WinALL-iND
C:\Documents and Settings\principal\Escritorio\Jeux\battlefield2\Battlefield 2 Keygen.rar
C:\Documents and Settings\principal\Escritorio\Jeux\GameCam.v1.2.0.16.Cracked.WinALL-iND\Crack.exe
C:\Documents and Settings\principal\Escritorio\Jeux\GameCam.v1.2.0.16.Cracked.WinALL-iND\GameCamSetup.exe
C:\Documents and Settings\principal\Escritorio\Jeux\GameCam.v1.2.0.16.Cracked.WinALL-iND\GC-iND.nfo
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetailcrack.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetailcrackalphatest.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetailcrackalphatestlightmap.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetailcrackalphatestlightmapshadow.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetailcrackalphatestpointlight.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetailcrackalphatestshadow.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetailcracklightmap.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetailcracklightmapshadow.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetailcrackndetailncrack.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetailcrackndetailncrackalphatest.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetailcrackndetailncrackalphatestlightmap.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetailcrackndetailncrackalphatestlightmapshadow.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetailcrackndetailncrackalphatestpointlight.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetailcrackndetailncrackalphatestshadow.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetailcrackndetailncracklightmap.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetailcrackndetailncracklightmapshadow.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetailcrackndetailncrackpointlight.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetailcrackndetailncrackshadow.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetailcrackpointlight.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetailcrackshadow.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetaildirtcrack.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetaildirtcrackalphatest.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetaildirtcrackalphatestlightmap.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetaildirtcrackalphatestlightmapshadow.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetaildirtcrackalphatestpointlight.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetaildirtcrackalphatestshadow.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetaildirtcracklightmap.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetaildirtcracklightmapshadow.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetaildirtcrackndetailncrack.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetaildirtcrackndetailncrackalphatest.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetaildirtcrackndetailncrackalphatestlightmap.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetaildirtcrackndetailncrackalphatestlightmapshadow.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetaildirtcrackndetailncrackalphatestpointlight.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetaildirtcrackndetailncrackalphatestshadow.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetaildirtcrackndetailncracklightmap.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetaildirtcrackndetailncracklightmapshadow.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetaildirtcrackndetailncrackpointlight.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetaildirtcrackndetailncrackshadow.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetaildirtcrackpointlight.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_2\rashaderstmbasedetaildirtcrackshadow.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetailcrack.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetailcrackalphatest.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetailcrackalphatestlightmap.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetailcrackalphatestlightmapshadow.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetailcrackalphatestpointlight.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetailcrackalphatestshadow.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetailcracklightmap.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetailcracklightmapshadow.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetailcrackndetailncrack.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetailcrackndetailncrackalphatest.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetailcrackndetailncrackalphatestlightmap.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetailcrackndetailncrackalphatestlightmapshadow.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetailcrackndetailncrackalphatestpointlight.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetailcrackndetailncrackalphatestshadow.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetailcrackndetailncracklightmap.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetailcrackndetailncracklightmapshadow.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetailcrackndetailncrackpointlight.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetailcrackndetailncrackshadow.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetailcrackpointlight.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetailcrackshadow.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetaildirtcrack.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetaildirtcrackalphatest.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetaildirtcrackalphatestlightmap.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetaildirtcrackalphatestlightmapshadow.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetaildirtcrackalphatestpointlight.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetaildirtcrackalphatestshadow.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetaildirtcracklightmap.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetaildirtcracklightmapshadow.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetaildirtcrackndetailncrack.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetaildirtcrackndetailncrackalphatest.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetaildirtcrackndetailncrackalphatestlightmap.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetaildirtcrackndetailncrackalphatestlightmapshadow.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetaildirtcrackndetailncrackalphatestpointlight.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetaildirtcrackndetailncrackalphatestshadow.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetaildirtcrackndetailncracklightmap.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetaildirtcrackndetailncracklightmapshadow.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetaildirtcrackndetailncrackpointlight.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetaildirtcrackndetailncrackshadow.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetaildirtcrackpointlight.cfx
C:\Documents and Settings\principal\Mis documentos\Battlefield 2\mods\bf2\cache\{D7B71EE2-0210-11CF-846E-0A22A1C2CB35}_2965_3\rashaderstmbasedetaildirtcrackshadow.cfx
C:\Documents and Settings\principal\Mis documentos\Mi m£sica\mp3\Drain STH - Horror Wrestling\08 - Crack The Liars Smile.mp3


---------------- ! End of report ! ------------------

   
Répondre à brm

17

brm, le 31 déc 2008 à 15:17:44

----------------- FindyKill V4.710 ------------------

* User : principal - HOME-E0D3044181
* Emplacement : C:\Archivos de programa\FindyKill
* Outils Mis a jours le 21/12/08 par Chiquitine29
* Recherche effectuée à 15:15:53 le 31/12/2008
* Windows XP - Internet Explorer 6.0.2900.5512

((((((((((((((((( *** Recherche *** ))))))))))))))))))


--------------- [ Processus actifs ] ----------------


C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Archivos de programa\Alwil Software\Avast4\aswUpdSv.exe
C:\Archivos de programa\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\ARCHIV~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Archivos de programa\Messenger\msmsgs.exe
C:\Archivos de programa\Logitech\SetPoint\SetPoint.exe
C:\Archivos de programa\Archivos comunes\Logitech\KhalShared\KHALMNPR.EXE
C:\Archivos de programa\Archivos comunes\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Archivos de programa\Bonjour\mDNSResponder.exe
C:\Archivos de programa\FRISK Software\F-PROT Antivirus for Windows\FPAVServer.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Archivos de programa\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\Notepad.exe
C:\Archivos de programa\Alwil Software\Avast4\ashMaiSv.exe
C:\Archivos de programa\Alwil Software\Avast4\ashWebSv.exe
C:\Archivos de programa\Mozilla Firefox\firefox.exe
C:\WINDOWS\Explorer.EXE

--------------- [ Fichiers/Dossiers infectieux ] ----------------


»»»» Presence des fichiers dans C:

Found ! [31/12/2008 03:00] - C:\InfoSat.txt

»»»» Presence des fichiers dans C:\WINDOWS


»»»» Presence des fichiers dans C:\WINDOWS\Prefetch


»»»» Presence des fichiers dans C:\WINDOWS\system32


»»»» Presence des fichiers dans C:\WINDOWS\system32\config\systemprofile\AppData\Roaming


»»»» Presence des fichiers dans C:\WINDOWS\system32\drivers


»»»» Presence des fichiers dans C:\Documents and Settings\principal\Datos de programa


»»»» Presence des fichiers dans C:\DOCUME~1\PRINCI~1\CONFIG~1\Temp


»»»» Presence des fichiers dans C:\Documents and Settings\principal\Local Settings\Temporary Internet Files\Content.IE5


--------------- [ Registre / Startup ] ----------------

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion­\run]
ctfmon.exe=C:\WINDOWS\system32\ctfmon.exe
MSMSGS="C:\Archivos de programa\Messenger\msmsgs.exe" /background
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run\AdobeUpdater=
<NO NAME>=

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run]
avast!=C:\ARCHIV~1\ALWILS~1\Avast4\ashDisp.exe
IMJPMIG8.1="C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
MSPY2002=C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
PHIME2002ASync=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
PHIME2002A=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
EPSON Stylus DX3800 Series=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE /P26 "EPSON Stylus DX3800 Series" /O6 "USB002" /M "Stylus DX3800"
Logitech Hardware Abstraction Layer=KHALMNPR.EXE
NvCplDaemon=RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
nwiz=nwiz.exe /install
NvMediaCenter=RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
Google Desktop Search="C:\Archivos de programa\Google\Google Desktop Search\GoogleDesktop.exe" /startup
MSConfig=C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents=
<NO NAME>=
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL=
Installed=1
<NO NAME>=
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI=
NoChange=1
Installed=1
<NO NAME>=
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS=
Installed=1
<NO NAME>=

[HKEY_CURRENT_USER\software\local appwizard-generated applications\DocUnins]

--------------- [ Registre / Clés infectieuses ] ----------------


Found ! - HKEY_USERS\S-1-5-21-839522115-1229272821-2147125571-1003\Software\Ubisoft

--------------- [ Etat / Services ] ----------------



+- Services : [ Auto=2 / Demande=3 / Désactivé=4 ]

Ndisuio - Type de démarrage = 3

EapHost - Type de démarrage = 3

Ip6Fw - Type de démarrage = 3

SharedAccess - Type de démarrage = 2

wuauserv - Type de démarrage = 2

wscsvc - Type de démarrage = 2



--------------- [ Recherche dans supports amovibles] ----------------


+- Informations :

C: - Unidad fija


+- presence des fichiers :



--------------- [ Registre / Mountpoint2 ] ----------------


-> Not found !


------------------- ! Fin du rapport ! --------------------

   
Répondre à brm

18

V-X, le 31 déc 2008 à 15:19:29

Re,

Findykill de chiquitine29 option 2:

▶ Branche tes disques amovibles à ton PC ( (clefs USB, disque dur externe, etc...) sans les ouvrir

▶ Double-clique sur le raccourci FindyKill sur ton bureau

▶ Au menu principal, choisisl'option 2 (Suppression)

/!\ Il y aura 2 redémarrages, laisse travailler l'outil jusqu'à l'apparition du message "nettoyage effectué" /!\

𥭮nsuite, poste le rapport FindyKill.txt

Note : le rapport FindyKill.txt est sauvegardé à la racine du disque.

Si un rapport ne passe pas faire une alerte à la conciergerie avec le /!\ jaune.

Found ! [31/12/2008 03:00] - C:\InfoSat.txt ==>Pas bien sa!!

   
Répondre à V-X

19

brm, le 31 déc 2008 à 15:24:50

Je commence a avoir des soucis d'affichage du fo. te serait t'il possible de me contacter via msn? harkiogovi@yahoo.fr

d'avance merci

   
Répondre à brm
99 réponses 12345 Suivant
Posez votre question Répondre
Ils ont besoin de votre aide