----------------- FindyKill V4.710 ------------------ * User: Julien - JULIEN-PC * Executed from : C:\Program Files\FindyKill * Update on 21/12/08 by Chiquitine29 * Start at 10:12:45 the di 30/12/2008 * Windows Vista - Internet Explorer 7.0.6001.18000 ((((((((((((((((( *** Searching *** )))))))))))))))))) --------------- [ Active Processes ] ---------------- C:\Windows\System32\smss.exe C:\Windows\system32\csrss.exe C:\Windows\system32\wininit.exe C:\Windows\system32\csrss.exe C:\Windows\system32\winlogon.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe C:\Windows\system32\svchost.exe C:\Windows\System32\svchost.exe C:\Windows\System32\svchost.exe C:\Windows\System32\svchost.exe C:\Windows\system32\svchost.exe C:\Windows\system32\svchost.exe C:\Windows\system32\SLsvc.exe C:\Windows\system32\svchost.exe C:\Windows\system32\svchost.exe C:\Windows\System32\ZoneLabs\vsmon.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\svchost.exe C:\Program Files\Google\Update\GoogleUpdate.exe C:\Windows\system32\taskeng.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Windows\system32\svchost.exe C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe C:\Windows\system32\svchost.exe C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe C:\Windows\System32\svchost.exe C:\Windows\system32\IoctlSvc.exe C:\Windows\System32\svchost.exe C:\Program Files\CyberLink\Shared files\RichVideo.exe C:\Program Files\Spyware Doctor\pctsAuxs.exe C:\Program Files\Spyware Doctor\pctsSvc.exe C:\Windows\system32\svchost.exe C:\Windows\System32\TUProgSt.exe C:\Program Files\Spyware Doctor\pctsTray.exe C:\Windows\System32\svchost.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\Google\Gmail Notifier\gnotify.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\Alwil Software\Avast4\ashDisp.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\PROGRA~1\MICROS~2\Office12\OUTLOOK.EXE C:\Program Files\Internet Explorer\IEUser.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\Macromed\Flash\FlashUtil10a.exe C:\Windows\system32\conime.exe C:\Windows\system32\rundll32.exe C:\Windows\system32\svchost.exe --------------- [ Infected files / folders ] ---------------- »»»» Presence Files in C: »»»» Presence Files in C:\Windows Found ! [05/03/2007 23:45] - C:\Windows\crack\crack.exe Found ! [02/03/2008 18:59] - "C:\Windows\crack" »»»» Presence Files in C:\Windows\Prefetch »»»» Presence Files in C:\Windows\system32 »»»» Presence Files in C:\Windows\system32\config\systemprofile\AppData\Roaming »»»» Presence Files in C:\Windows\system32\drivers »»»» Presence Files in C:\Users\Julien\AppData\Roaming »»»» Presence Files in C:\Users\Julien\AppData\Local\Temp »»»» Presence Files in C:\Users\Julien\Local Settings\Temporary Internet Files\Content.IE5 Found ! [25/12/2005 11:40] - C:\Users\Julien\AppData\Local\Magentic\Runtime\ScreenSaver\40242AE5-DFC3-4FA108AC7-10CCDD67B640\tranquil_thumb.jpg --------------- [ Registry / Startup ] ---------------- [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\run] ISUSPM="C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler WMPNSCFG=C:\Program Files\Windows Media Player\WMPNSCFG.exe swg=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run] {0228e555-4f9c-4e35-a3ec-b109a192b4c2}=C:\Program Files\Google\Gmail Notifier\gnotify.exe ISTray="C:\Program Files\Spyware Doctor\pctsTray.exe" ZoneAlarm Client="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" avast!=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe Google Desktop Search="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents= = HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL= Installed=1 = HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI= NoChange=1 Installed=1 = HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS= Installed=1 = [HKEY_CURRENT_USER\software\local appwizard-generated applications\DestComp] [HKEY_CURRENT_USER\software\local appwizard-generated applications\hprbui] --------------- [ Registry / Infected keys ] ---------------- --------------- [ States / Services ] ---------------- +- Services : [ Auto=2 / Request=3 / Disable=4 ] Ndisuio - Type of startup = 3 EapHost - Type of startup = 3 Wlansvc - Type of startup = 3 SharedAccess - Type of startup = 2 wuauserv - Type of startup = 2 wscsvc - Type of startup = 2 WinDefend - Type of startup = 2 --------------- [ Searching in removable drives ] ---------------- +- Informations : C: - vast station D: - vast station +- Presence of files : --------------- [ Registry / Mountpoint2 ] ---------------- -> Not found ! ------------------- ! End of report ! --------------------