no save
Identification
Assistance
Achat
News

Forum | virus/sécurité
infection virus nideiect
chtimic, le mer. 12 nov. 2008 à 20:12:37
bonsoir,

voici le rapport de FindyKill ;
une autre precision : j'ai un 2è ordi fix sous xp qui est relié au premier infecté via mon routeur internet; est ce qu'il peut etre infecté a travers ce reseau local?



----------------- FindyKill V4.600 ------------------

* User : mic - TIMIC-70237D87B
* Emplacement : C:\Program Files\FindyKill
* Outils Mis a jours le 12/11/08 par Chiquitine29
* Recherche effectuée à 19:48:01 le 12/11/2008
* Windows XP - Internet Explorer 7.0.5730.13

((((((((((((((((( *** Recherche *** ))))))))))))))))))


--------------- [ Processus actifs ] ----------------


C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe
C:\Program Files\Eden Flirt\EdenFlirt.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Iminent\imbooster.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\FinePixViewer\QuickDCF2.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Fichiers communs\Logishrd\KHAL2\KHALMNPR.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Windows Live\Mail\wlmail.exe

--------------- [ Fichiers/Dossiers infectieux ] ----------------


»»»» Presence des fichiers dans C:


»»»» Presence des fichiers dans C:\WINDOWS


»»»» Presence des fichiers dans C:\WINDOWS\Prefetch

Found ! - C:\WINDOWS\prefetch\137031.EXE-1383BE5D.pf
Found ! - C:\WINDOWS\prefetch\139250.EXE-2E597952.pf
Found ! - C:\WINDOWS\prefetch\144218.EXE-0E166A31.pf
Found ! - C:\WINDOWS\prefetch\144734.EXE-38F5E03D.pf
Found ! - C:\WINDOWS\prefetch\153296.EXE-133D589F.pf
Found ! - C:\WINDOWS\prefetch\153437.EXE-27C84535.pf
Found ! - C:\WINDOWS\prefetch\153750.EXE-219CA0CB.pf
Found ! - C:\WINDOWS\prefetch\158343.EXE-030119A5.pf
Found ! - C:\WINDOWS\prefetch\162765.EXE-214B86E8.pf
Found ! - C:\WINDOWS\prefetch\164187.EXE-0096E341.pf
Found ! - C:\WINDOWS\prefetch\164593.EXE-02FC94C9.pf
Found ! - C:\WINDOWS\prefetch\177203.EXE-1A2F60CA.pf
Found ! - C:\WINDOWS\prefetch\177218.EXE-3A7C5DBF.pf
Found ! - C:\WINDOWS\prefetch\177546.EXE-2036F545.pf
Found ! - C:\WINDOWS\prefetch\71250.EXE-0048998E.pf
Found ! - C:\WINDOWS\prefetch\75125.EXE-1D9E3321.pf
Found ! - C:\WINDOWS\prefetch\84421.EXE-08F88EE9.pf
Found ! - C:\WINDOWS\prefetch\FLEC006.EXE-2BF49C2D.pf
Found ! - C:\WINDOWS\prefetch\MDELK.EXE-3B00332D.pf
Found ! - C:\WINDOWS\prefetch\WINTEMS.EXE-2B1270B6.pf

»»»» Presence des fichiers dans C:\WINDOWS\system32

Found ! [12/11/2008 19:33] - C:\WINDOWS\system32\mdelk.exe
Found ! [12/11/2008 19:33] - C:\WINDOWS\system32\wintems.exe
Found ! [12/11/2008 19:34] - C:\WINDOWS\system32\ban_list.txt

»»»» Presence des fichiers dans C:\WINDOWS\system32\drivers

Found ! [12/11/2008 19:32] - C:\WINDOWS\system32\drivers\srosa.sys
Found ! [01/11/2008 09:28] - C:\WINDOWS\system32\drivers\winfilse.exe
Found ! [12/11/2008 19:39] - "C:\WINDOWS\system32\drivers\downld"
Found ! [12/11/2008 19:39] C:\WINDOWS\system32\drivers\downld\100468.exe
Found ! [12/11/2008 19:39] C:\WINDOWS\system32\drivers\downld\101687.exe
Found ! [12/11/2008 19:39] C:\WINDOWS\system32\drivers\downld\106625.exe
Found ! [12/11/2008 19:39] C:\WINDOWS\system32\drivers\downld\108450062.exe
Found ! [12/11/2008 19:39] C:\WINDOWS\system32\drivers\downld\108488812.exe
Found ! [12/11/2008 19:39] C:\WINDOWS\system32\drivers\downld\108496953.exe
Found ! [12/11/2008 19:39] C:\WINDOWS\system32\drivers\downld\111328.exe
Found ! [12/11/2008 19:39] C:\WINDOWS\system32\drivers\downld\112265.exe
Found ! [12/11/2008 19:39] C:\WINDOWS\system32\drivers\downld\122562.exe
Found ! [12/11/2008 19:39] C:\WINDOWS\system32\drivers\downld\137031.exe
Found ! [12/11/2008 19:39] C:\WINDOWS\system32\drivers\downld\139250.exe
Found ! [12/11/2008 19:39] C:\WINDOWS\system32\drivers\downld\144218.exe
Found ! [12/11/2008 19:39] C:\WINDOWS\system32\drivers\downld\144734.exe
Found ! [12/11/2008 19:39] C:\WINDOWS\system32\drivers\downld\153296.exe
Found ! [12/11/2008 19:39] C:\WINDOWS\system32\drivers\downld\153437.exe
Found ! [12/11/2008 19:39] C:\WINDOWS\system32\drivers\downld\153750.exe
Found ! [12/11/2008 19:39] C:\WINDOWS\system32\drivers\downld\158343.exe
Found ! [12/11/2008 19:39] C:\WINDOWS\system32\drivers\downld\1597781.exe
Found ! [12/11/2008 19:39] C:\WINDOWS\system32\drivers\downld\162765.exe
Found ! [12/11/2008 19:39] C:\WINDOWS\system32\drivers\downld\164187.exe
Found ! [12/11/2008 19:39] C:\WINDOWS\system32\drivers\downld\164593.exe
Found ! [12/11/2008 19:39] C:\WINDOWS\system32\drivers\downld\1707312.exe
Found ! [12/11/2008 19:39] C:\WINDOWS\system32\drivers\downld\172718.exe
Found ! [12/11/2008 19:39] C:\WINDOWS\system32\drivers\downld\174171.exe
Found ! [12/11/2008 19:39] C:\WINDOWS\system32\drivers\downld\1748578.exe
Found ! [12/11/2008 19:39] C:\WINDOWS\system32\drivers\downld\176703.exe
Found ! [12/11/2008 19:39] C:\WINDOWS\system32\drivers\downld\177203.exe
Found ! [12/11/2008 19:39] C:\WINDOWS\system32\drivers\downld\177218.exe
Found ! [12/11/2008 19:39] C:\WINDOWS\system32\drivers\downld\177546.exe
Found ! [12/11/2008 19:39] C:\WINDOWS\system32\drivers\downld\180750.exe
Found ! [12/11/2008 19:39] C:\WINDOWS\system32\drivers\downld\181234.exe
Found ! [12/11/2008 19:39] C:\WINDOWS\system32\drivers\downld\1826625.exe
Found ! [12/11/2008 19:39] C:\WINDOWS\system32\drivers\downld\1829906.exe
Found ! [12/11/2008 19:39] C:\WINDOWS\system32\drivers\downld\183312.exe
Found ! [12/11/2008 19:39] C:\WINDOWS\system32\drivers\downld\1895921.exe
Found ! [12/11/2008 19:39] C:\WINDOWS\system32\drivers\downld\1912171.exe
Found ! [12/11/2008 19:39] C:\WINDOWS\system32\drivers\downld\191921.exe
Found ! [12/11/2008 19:39] C:\WINDOWS\system32\drivers\downld\192562.exe
Found ! [12/11/2008 19:39] C:\WINDOWS\system32\drivers\downld\193875.exe
Found ! [12/11/2008 19:39] C:\WINDOWS\system32\drivers\downld\195296.exe
Found ! [12/11/2008 19:39] C:\WINDOWS\system32\drivers\downld\1957062.exe
Found ! [12/11/2008 19:39] C:\WINDOWS\system32\drivers\downld\1969234.exe
Found ! [12/11/2008 19:39] C:\WINDOWS\system32\drivers\downld\198328.exe
Found ! [12/11/2008 19:39] C:\WINDOWS\system32\drivers\downld\1987328.exe
Found ! [12/11/2008 19:39] C:\WINDOWS\system32\drivers\downld\200562.exe
Found ! [12/11/2008 19:39] C:\WINDOWS\system32\drivers\downld\201906.exe
Found ! [12/11/2008 19:39] C:\WINDOWS\system32\drivers\downld\205671.exe
Found ! [12/11/2008 19:39] C:\WINDOWS\system32\drivers\downld\205859.exe
Found ! [12/11/2008 19:39] C:\WINDOWS\system32\drivers\downld\206828.exe
Found ! [12/11/2008 19:39] C:\WINDOWS\system32\drivers\downld\207984.exe
Found ! [12/11/2008 19:39] C:\WINDOWS\system32\drivers\downld\219343.exe
Found ! [12/11/2008 19:39] C:\WINDOWS\system32\drivers\downld\220671.exe
Found ! [12/11/2008 19:39] C:\WINDOWS\system32\drivers\downld\227546.exe
Found ! [12/11/2008 19:39] C:\WINDOWS\system32\drivers\downld\233062.exe
Found ! [12/11/2008 19:39] C:\WINDOWS\system32\drivers\downld\235515.exe
Found ! [12/11/2008 19:39] C:\WINDOWS\system32\drivers\downld\245531.exe
Found ! [12/11/2008 19:39] C:\WINDOWS\system32\drivers\downld\248015.exe
Found ! [12/11/2008 19:39] C:\WINDOWS\system32\drivers\downld\261187.exe
Found ! [12/11/2008 19:39] C:\WINDOWS\system32\drivers\downld\278453.exe
Found ! [12/11/2008 19:39] C:\WINDOWS\system32\drivers\downld\307531.exe
Found ! [12/11/2008 19:39] C:\WINDOWS\system32\drivers\downld\310828.exe
Found ! [12/11/2008 19:39] C:\WINDOWS\system32\drivers\downld\321750.exe
Found ! [12/11/2008 19:39] C:\WINDOWS\system32\drivers\downld\326000.exe
Found ! [12/11/2008 19:39] C:\WINDOWS\system32\drivers\downld\330015.exe
Found ! [12/11/2008 19:39] C:\WINDOWS\system32\drivers\downld\330625.exe
Found ! [12/11/2008 19:39] C:\WINDOWS\system32\drivers\downld\334796.exe
Found ! [12/11/2008 19:39] C:\WINDOWS\system32\drivers\downld\334890.exe
Found ! [12/11/2008 19:39] C:\WINDOWS\system32\drivers\downld\359062.exe
Found ! [12/11/2008 19:39] C:\WINDOWS\system32\drivers\downld\363015.exe
Found ! [12/11/2008 19:39] C:\WINDOWS\system32\drivers\downld\372921.exe
Found ! [12/11/2008 19:39] C:\WINDOWS\system32\drivers\downld\376468.exe
Found ! [12/11/2008 19:39] C:\WINDOWS\system32\drivers\downld\397421.exe
Found ! [12/11/2008 19:39] C:\WINDOWS\system32\drivers\downld\401578.exe
Found ! [12/11/2008 19:39] C:\WINDOWS\system32\drivers\downld\411015.exe
Found ! [12/11/2008 19:39] C:\WINDOWS\system32\drivers\downld\420921.exe
Found ! [12/11/2008 19:39] C:\WINDOWS\system32\drivers\downld\422109.exe
Found ! [12/11/2008 19:39] C:\WINDOWS\system32\drivers\downld\439281.exe
Found ! [12/11/2008 19:39] C:\WINDOWS\system32\drivers\downld\454109.exe
Found ! [12/11/2008 19:39] C:\WINDOWS\system32\drivers\downld\463375.exe
Found ! [12/11/2008 19:39] C:\WINDOWS\system32\drivers\downld\463875.exe
Found ! [12/11/2008 19:39] C:\WINDOWS\system32\drivers\downld\471703.exe
Found ! [12/11/2008 19:39] C:\WINDOWS\system32\drivers\downld\475046.exe
Found ! [12/11/2008 19:39] C:\WINDOWS\system32\drivers\downld\475484.exe
Found ! [12/11/2008 19:39] C:\WINDOWS\system32\drivers\downld\478828.exe
Found ! [12/11/2008 19:39] C:\WINDOWS\system32\drivers\downld\484765.exe
Found ! [12/11/2008 19:39] C:\WINDOWS\system32\drivers\downld\489609.exe
Found ! [12/11/2008 19:39] C:\WINDOWS\system32\drivers\downld\492437.exe
Found ! [12/11/2008 19:39] C:\WINDOWS\system32\drivers\downld\496640.exe
Found ! [12/11/2008 19:39] C:\WINDOWS\system32\drivers\downld\499562.exe
Found ! [12/11/2008 19:39] C:\WINDOWS\system32\drivers\downld\499750.exe
Found ! [12/11/2008 19:39] C:\WINDOWS\system32\drivers\downld\503296.exe
Found ! [12/11/2008 19:39] C:\WINDOWS\system32\drivers\downld\504156.exe
Found ! [12/11/2008 19:39] C:\WINDOWS\system32\drivers\downld\511281.exe
Found ! [12/11/2008 19:39] C:\WINDOWS\system32\drivers\downld\513859.exe
Found ! [12/11/2008 19:39] C:\WINDOWS\system32\drivers\downld\522921.exe
Found ! [12/11/2008 19:39] C:\WINDOWS\system32\drivers\downld\529468.exe
Found ! [12/11/2008 19:39] C:\WINDOWS\system32\drivers\downld\537765.exe
Found ! [12/11/2008 19:39] C:\WINDOWS\system32\drivers\downld\540593.exe
Found ! [12/11/2008 19:39] C:\WINDOWS\system32\drivers\downld\564093.exe
Found ! [12/11/2008 19:39] C:\WINDOWS\system32\drivers\downld\570984.exe
Found ! [12/11/2008 19:39] C:\WINDOWS\system32\drivers\downld\577359.exe
Found ! [12/11/2008 19:39] C:\WINDOWS\system32\drivers\downld\598390.exe
Found ! [12/11/2008 19:39] C:\WINDOWS\system32\drivers\downld\68546.exe
Found ! [12/11/2008 19:39] C:\WINDOWS\system32\drivers\downld\70812.exe
Found ! [12/11/2008 19:39] C:\WINDOWS\system32\drivers\downld\71250.exe
Found ! [12/11/2008 19:39] C:\WINDOWS\system32\drivers\downld\75125.exe
Found ! [12/11/2008 19:39] C:\WINDOWS\system32\drivers\downld\84421.exe
Found ! [12/11/2008 19:39] C:\WINDOWS\system32\drivers\downld\86765.exe
Found ! [12/11/2008 19:39] C:\WINDOWS\system32\drivers\downld\88281.exe
Found ! [12/11/2008 19:39] C:\WINDOWS\system32\drivers\downld\89171.exe
Found ! [12/11/2008 19:39] C:\WINDOWS\system32\drivers\downld\90468.exe
Found ! [12/11/2008 19:39] C:\WINDOWS\system32\drivers\downld\91156.exe
Found ! [12/11/2008 19:39] C:\WINDOWS\system32\drivers\downld\92781.exe
Found ! [12/11/2008 19:39] C:\WINDOWS\system32\drivers\downld\93312.exe
Found ! [12/11/2008 19:39] C:\WINDOWS\system32\drivers\downld\93406.exe
Found ! [12/11/2008 19:39] C:\WINDOWS\system32\drivers\downld\93890.exe
Found ! [12/11/2008 19:39] C:\WINDOWS\system32\drivers\downld\95046.exe
Found ! [12/11/2008 19:39] C:\WINDOWS\system32\drivers\downld\97625.exe
Found ! [12/11/2008 19:39] C:\WINDOWS\system32\drivers\downld\98140.exe

»»»» Presence des fichiers dans C:\Documents and Settings\mic\Application Data

Found ! [12/11/2008 12:36] - "C:\Documents and Settings\mic\Application Data\m\flec006.exe"
Found ! [12/11/2008 12:36] - "C:\Documents and Settings\mic\Application Data\m\list.oct"
Found ! [12/11/2008 12:36] - "C:\Documents and Settings\mic\Application Data\m\data.oct"
Found ! [12/11/2008 12:37] - "C:\Documents and Settings\mic\Application Data\m\srvlist.oct"
Found ! [12/11/2008 19:34] - "C:\Documents and Settings\mic\Application Data\m\shared"
Found ! [09/11/2008 22:04] - "C:\Documents and Settings\mic\Application Data\m"

»»»» Presence des fichiers dans C:\DOCUME~1\mic\LOCALS~1\Temp


»»»» Presence des fichiers dans C:\Documents and Settings\mic\Local Settings\Temporary Internet Files\Content.IE5

Found ! - C:\Documents and Settings\mic\Local Settings\Temporary Internet Files\Content.IE5\5CGGT8SU\b64[1].jpg
Found ! - C:\Documents and Settings\mic\Local Settings\Temporary Internet Files\Content.IE5\5CGGT8SU\b64[2].jpg
Found ! - C:\Documents and Settings\mic\Local Settings\Temporary Internet Files\Content.IE5\5CGGT8SU\b64_3[1].jpg
Found ! - C:\Documents and Settings\mic\Local Settings\Temporary Internet Files\Content.IE5\5CGGT8SU\b64_3[2].jpg
Found ! - C:\Documents and Settings\mic\Local Settings\Temporary Internet Files\Content.IE5\5CGGT8SU\b64_3[3].jpg
Found ! - C:\Documents and Settings\mic\Local Settings\Temporary Internet Files\Content.IE5\5CGGT8SU\mxd[1].jpg
Found ! - C:\Documents and Settings\mic\Local Settings\Temporary Internet Files\Content.IE5\J43K6R3Q\b64[1].jpg
Found ! - C:\Documents and Settings\mic\Local Settings\Temporary Internet Files\Content.IE5\J43K6R3Q\b64[2].jpg
Found ! - C:\Documents and Settings\mic\Local Settings\Temporary Internet Files\Content.IE5\J43K6R3Q\b64[3].jpg
Found ! - C:\Documents and Settings\mic\Local Settings\Temporary Internet Files\Content.IE5\J43K6R3Q\b64[4].jpg
Found ! - C:\Documents and Settings\mic\Local Settings\Temporary Internet Files\Content.IE5\J43K6R3Q\b64_1[1].jpg
Found ! - C:\Documents and Settings\mic\Local Settings\Temporary Internet Files\Content.IE5\J43K6R3Q\b64_3[1].jpg
Found ! - C:\Documents and Settings\mic\Local Settings\Temporary Internet Files\Content.IE5\J43K6R3Q\b64_3[2].jpg
Found ! - C:\Documents and Settings\mic\Local Settings\Temporary Internet Files\Content.IE5\PX950434\b64_3[1].jpg
Found ! - C:\Documents and Settings\mic\Local Settings\Temporary Internet Files\Content.IE5\PX950434\b64_3[2].jpg
Found ! - C:\Documents and Settings\mic\Local Settings\Temporary Internet Files\Content.IE5\PX950434\b64_3[3].jpg
Found ! - C:\Documents and Settings\mic\Local Settings\Temporary Internet Files\Content.IE5\PX950434\b64_3[4].jpg
Found ! - C:\Documents and Settings\mic\Local Settings\Temporary Internet Files\Content.IE5\PX950434\b64_3[5].jpg
Found ! - C:\Documents and Settings\mic\Local Settings\Temporary Internet Files\Content.IE5\PX950434\mxd[1].jpg
Found ! - C:\Documents and Settings\mic\Local Settings\Temporary Internet Files\Content.IE5\PX950434\mxd[2].jpg
Found ! - C:\Documents and Settings\mic\Local Settings\Temporary Internet Files\Content.IE5\PX950434\mxd[3].jpg
Found ! - C:\Documents and Settings\mic\Local Settings\Temporary Internet Files\Content.IE5\PX950434\mxd[4].jpg
Found ! - C:\Documents and Settings\mic\Local Settings\Temporary Internet Files\Content.IE5\UA53TIBZ\b64[1].jpg
Found ! - C:\Documents and Settings\mic\Local Settings\Temporary Internet Files\Content.IE5\UA53TIBZ\b64_1[1].jpg
Found ! - C:\Documents and Settings\mic\Local Settings\Temporary Internet Files\Content.IE5\UA53TIBZ\mxd[1].jpg
Found ! - C:\Documents and Settings\mic\Local Settings\Temporary Internet Files\Content.IE5\UA53TIBZ\mxd[2].jpg

--------------- [ Registre / Startup ] ----------------


! REG.EXE VERSION 3.0

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
nTrayFw REG_SZ C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe
Kernel and Hardware Abstraction Layer REG_SZ KHALMNPR.EXE
EdenFlirt REG_SZ C:\Program Files\Eden Flirt\EdenFlirt.exe
SoundMan REG_SZ SOUNDMAN.EXE
LVCOMSX REG_SZ C:\WINDOWS\system32\LVCOMSX.EXE
LogitechVideoRepair REG_SZ C:\Program Files\Logitech\Video\ISStart.exe
LogitechVideoTray REG_SZ C:\Program Files\Logitech\Video\LogiTray.exe
StartCCC REG_SZ "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
REGSHAVE REG_SZ C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN

! REG.EXE VERSION 3.0

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
CTFMON.EXE REG_SZ C:\WINDOWS\system32\ctfmon.exe
IMBooster REG_SZ C:\Program Files\Iminent\imbooster.exe /warmup
AlcoholAutomount REG_SZ "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
SuperCopier2.exe REG_SZ C:\Program Files\SuperCopier2\SuperCopier2.exe

--------------- [ Registre / Clés infectieuses ] ----------------


Found ! - HKEY_USERS\S-1-5-21-796845957-1644491937-682003330-1003\Software\Local AppWizard-Generated Applications\nideiect
Found ! - HKEY_USERS\S-1-5-21-796845957-1644491937-682003330-1003\Software\Local AppWizard-Generated Applications\winfilse
Found ! - HKEY_USERS\S-1-5-21-796845957-1644491937-682003330-1003\Software\bisoft
Found ! - HKEY_USERS\S-1-5-21-796845957-1644491937-682003330-1003\Software\DateTime4
Found ! - HKEY_USERS\S-1-5-21-796845957-1644491937-682003330-1003\Software\FFC
Found ! - HKEY_USERS\S-1-5-21-796845957-1644491937-682003330-1003\Software\MuleAppData
Found ! - HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\nideiect
Found ! - HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\winfilse
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\srosa
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\srosa
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\srosa
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SROSA
Found ! - HKEY_CURRENT_USER\Software\bisoft
Found ! - HKEY_CURRENT_USER\Software\DateTime4

--------------- [ Etat / Services ] ----------------

Clé manquante : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden

- des fichiers cachés non fonctionnel !!

Clé manquante : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot

- sans echec non fonctionnel !!

Clé manquante : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal

- sans echec non fonctionnel !!

Clé manquante : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network

- sans echec non fonctionnel !!



+- Services : [ Auto=2 / Demande=3 / Désactivé=4 ]

/!\ Ndisuio - Type de démarrage = 4

EapHost - Type de démarrage = 3

/!\ Ip6Fw - Type de démarrage = 4

/!\ SharedAccess - Type de démarrage = 4

/!\ wuauserv - Type de démarrage = 4

/!\ wscsvc - Type de démarrage = 4



--------------- [ Recherche dans supports amovibles] ----------------


+- Informations :

C: - Lecteur fixe

D: - Lecteur fixe

E: - Lecteur fixe

F: - Lecteur de CD-ROM

G: - Lecteur fixe

H: - Lecteur fixe

I: - Lecteur amovible

N: - Lecteur amovible


+- Contenu de l'autorun : F:\autorun.inf

[autorun]
open=autorun6e.exe
icon=autorun6e.exe


+- Contenu de l'autorun : I:\autorun.inf

[AutoRun]
open=nideiect.com
;shell\open=Open(&O)
shell\open\Command=nideiect.com
shell\open\Default=1
;shell\explore=Manager(&X)
shell\explore\Command=nideiect.com


+- Contenu de l'autorun : N:\autorun.inf

[AutoRun]
open=nideiect.com
;shell\open=Open(&O)
shell\open\Command=nideiect.com
shell\open\Default=1
;shell\explore=Manager(&X)
shell\explore\Command=nideiect.com


+- presence des fichiers :

Found ! [21/07/2006 18:29][-r-------] - F:\autorun.inf
Found ! [11/11/2008 21:26][---h-----] - I:\autorun.inf
Found ! [01/11/2008 09:28][---h-----] - I:\nideiect.com
Found ! [11/11/2008 21:27][---h-----] - N:\autorun.inf
Found ! [01/11/2008 09:28][---h-----] - N:\nideiect.com


--------------- [ Registre / Mountpoint2 ] ----------------

Found ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{71b275e3-ada1-11dd-ae6d-00508d7ef477}\Shell\AutoRun\command
Found ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{71b275e3-ada1-11dd-ae6d-00508d7ef477}\Shell\explore\Command
Found ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{71b275e3-ada1-11dd-ae6d-00508d7ef477}\Shell\open\Command
Found ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{783b5f42-a8ca-11dd-a893-806d6172696f}\Shell\AutoRun\command
Found ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{783b5f42-a8ca-11dd-a893-806d6172696f}\Shell\explore\Command
Found ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{783b5f42-a8ca-11dd-a893-806d6172696f}\Shell\open\Command


------------------- ! Fin du rapport ! --------------------
Précédentchtimic
nov. 08
Chiquitine29
nov. 08
Suivant
REPONSES
Jadema
nov. 08
Chiquitine29
nov. 08
chtimic
nov. 08
chtimic
nov. 08
Chiquitine29
nov. 08
chtimic
nov. 08
chtimic
nov. 08
Chiquitine29
nov. 08
chtimic
nov. 08
chtimic
nov. 08
Version Web
Mentions légales (c)2009
Réalisé par RedShift
no save