Virus Bagle
Nimbus
-
J_O_J_O Messages postés 50 Date d'inscription Statut Membre Dernière intervention -
J_O_J_O Messages postés 50 Date d'inscription Statut Membre Dernière intervention -
Bonjour,
Je me retrouve infecté par BAGLE, comment faire pour m’en débarrasser .
J’ai lancé GenProc qui m’a fourni le rapport ci-dessous :
Pouvez-vous m’aider ?
Merci.
----------------- FindyKill V4.705 ------------------
* User : Michel Salord - NIMBUS-B4E501C9
* Emplacement : C:\Program Files\FindyKill
* Outils Mis a jours le 17/11/08 par Chiquitine29
* Recherche effectuée à 16:41:50 le 25/11/2008
* Windows XP - Internet Explorer 7.0.5730.13
((((((((((((((((( *** Recherche *** ))))))))))))))))))
--------------- [ Processus actifs ] ----------------
--------------- [ Fichiers/Dossiers infectieux ] ----------------
»»»» Presence des fichiers dans C:
»»»» Presence des fichiers dans C:\WINDOWS
»»»» Presence des fichiers dans C:\WINDOWS\Prefetch
Found ! - C:\WINDOWS\prefetch\101140.EXE-024086C3.pf
Found ! - C:\WINDOWS\prefetch\120890.EXE-2EE3616F.pf
Found ! - C:\WINDOWS\prefetch\122687.EXE-382FE756.pf
Found ! - C:\WINDOWS\prefetch\126812.EXE-1C8CAFDF.pf
Found ! - C:\WINDOWS\prefetch\139437.EXE-2286F6D6.pf
Found ! - C:\WINDOWS\prefetch\157796.EXE-1B18C72E.pf
Found ! - C:\WINDOWS\prefetch\164234.EXE-39372CD8.pf
Found ! - C:\WINDOWS\prefetch\167921.EXE-35A2F045.pf
Found ! - C:\WINDOWS\prefetch\180203.EXE-329EDF9F.pf
Found ! - C:\WINDOWS\prefetch\184343.EXE-294FCFD2.pf
Found ! - C:\WINDOWS\prefetch\358921.EXE-390256AA.pf
Found ! - C:\WINDOWS\prefetch\56046.EXE-0B8A4AA9.pf
Found ! - C:\WINDOWS\prefetch\71718.EXE-118C8E1E.pf
Found ! - C:\WINDOWS\prefetch\81812.EXE-069C89AB.pf
Found ! - C:\WINDOWS\prefetch\81906.EXE-3909E3F6.pf
Found ! - C:\WINDOWS\prefetch\87625.EXE-39A48902.pf
Found ! - C:\WINDOWS\prefetch\90843.EXE-38A82A4B.pf
Found ! - C:\WINDOWS\prefetch\99609.EXE-1D90FF54.pf
Found ! - C:\WINDOWS\prefetch\FLEC006.EXE-0F68C633.pf
Found ! - C:\WINDOWS\prefetch\MDELK.EXE-1D176F91.pf
Found ! - C:\WINDOWS\prefetch\WINFILSE.EXE-17C2CF68.pf
Found ! - C:\WINDOWS\prefetch\WINTEMS.EXE-2A563F9B.pf
Found ! - C:\WINDOWS\Prefetch\SAFEBOOTKEYREPAIR.EXE-20B6E341.pf
»»»» Presence des fichiers dans C:\WINDOWS\system32
Found ! [25/11/2008 16:26] - C:\WINDOWS\system32\mdelk.exe
Found ! [25/11/2008 16:26] - C:\WINDOWS\system32\wintems.exe
Found ! [25/11/2008 16:27] - C:\WINDOWS\system32\ban_list.txt
»»»» Presence des fichiers dans C:\WINDOWS\system32\drivers
Found ! [25/11/2008 16:25] - C:\WINDOWS\system32\drivers\srosa.sys
Found ! [25/11/2008 16:25] - C:\WINDOWS\system32\drivers\srosa2.sys
Found ! [26/03/2005 10:07] - C:\WINDOWS\system32\drivers\winfilse.exe
Found ! [25/11/2008 16:32] - "C:\WINDOWS\system32\drivers\downld"
Found ! [25/11/2008 16:32] - C:\WINDOWS\system32\drivers\downld\120890.exe
Found ! [25/11/2008 16:32] - C:\WINDOWS\system32\drivers\downld\126812.exe
Found ! [25/11/2008 16:32] - C:\WINDOWS\system32\drivers\downld\139437.exe
Found ! [25/11/2008 16:32] - C:\WINDOWS\system32\drivers\downld\157796.exe
Found ! [25/11/2008 16:32] - C:\WINDOWS\system32\drivers\downld\158765.exe
Found ! [25/11/2008 16:32] - C:\WINDOWS\system32\drivers\downld\167921.exe
Found ! [25/11/2008 16:32] - C:\WINDOWS\system32\drivers\downld\176359.exe
Found ! [25/11/2008 16:32] - C:\WINDOWS\system32\drivers\downld\180203.exe
Found ! [25/11/2008 16:32] - C:\WINDOWS\system32\drivers\downld\182734.exe
Found ! [25/11/2008 16:32] - C:\WINDOWS\system32\drivers\downld\184343.exe
Found ! [25/11/2008 16:32] - C:\WINDOWS\system32\drivers\downld\219593.exe
Found ! [25/11/2008 16:32] - C:\WINDOWS\system32\drivers\downld\223515.exe
Found ! [25/11/2008 16:32] - C:\WINDOWS\system32\drivers\downld\234187.exe
Found ! [25/11/2008 16:32] - C:\WINDOWS\system32\drivers\downld\240093.exe
Found ! [25/11/2008 16:32] - C:\WINDOWS\system32\drivers\downld\240734.exe
Found ! [25/11/2008 16:32] - C:\WINDOWS\system32\drivers\downld\245765.exe
Found ! [25/11/2008 16:32] - C:\WINDOWS\system32\drivers\downld\262109.exe
Found ! [25/11/2008 16:32] - C:\WINDOWS\system32\drivers\downld\278359.exe
Found ! [25/11/2008 16:32] - C:\WINDOWS\system32\drivers\downld\284953.exe
Found ! [25/11/2008 16:32] - C:\WINDOWS\system32\drivers\downld\292515.exe
Found ! [25/11/2008 16:32] - C:\WINDOWS\system32\drivers\downld\324031.exe
Found ! [25/11/2008 16:32] - C:\WINDOWS\system32\drivers\downld\324953.exe
Found ! [25/11/2008 16:32] - C:\WINDOWS\system32\drivers\downld\327000.exe
Found ! [25/11/2008 16:32] - C:\WINDOWS\system32\drivers\downld\335796.exe
Found ! [25/11/2008 16:32] - C:\WINDOWS\system32\drivers\downld\358921.exe
Found ! [25/11/2008 16:32] - C:\WINDOWS\system32\drivers\downld\391468.exe
Found ! [25/11/2008 16:32] - C:\WINDOWS\system32\drivers\downld\440343.exe
Found ! [25/11/2008 16:32] - C:\WINDOWS\system32\drivers\downld\444218.exe
Found ! [25/11/2008 16:32] - C:\WINDOWS\system32\drivers\downld\476937.exe
Found ! [25/11/2008 16:32] - C:\WINDOWS\system32\drivers\downld\52437.exe
Found ! [25/11/2008 16:32] - C:\WINDOWS\system32\drivers\downld\532093.exe
Found ! [25/11/2008 16:32] - C:\WINDOWS\system32\drivers\downld\56046.exe
Found ! [25/11/2008 16:32] - C:\WINDOWS\system32\drivers\downld\68250.exe
Found ! [25/11/2008 16:32] - C:\WINDOWS\system32\drivers\downld\75171.exe
Found ! [25/11/2008 16:32] - C:\WINDOWS\system32\drivers\downld\76250.exe
Found ! [25/11/2008 16:32] - C:\WINDOWS\system32\drivers\downld\81671.exe
Found ! [25/11/2008 16:32] - C:\WINDOWS\system32\drivers\downld\81906.exe
Found ! [25/11/2008 16:32] - C:\WINDOWS\system32\drivers\downld\82437.exe
Found ! [25/11/2008 16:32] - C:\WINDOWS\system32\drivers\downld\88890.exe
Found ! [25/11/2008 16:32] - C:\WINDOWS\system32\drivers\downld\89687.exe
Found ! [25/11/2008 16:32] - C:\WINDOWS\system32\drivers\downld\91265.exe
Found ! [25/11/2008 16:32] - C:\WINDOWS\system32\drivers\downld\91406.exe
Found ! [25/11/2008 16:32] - C:\WINDOWS\system32\drivers\downld\92171.exe
Found ! [25/11/2008 16:32] - C:\WINDOWS\system32\drivers\downld\95031.exe
»»»» Presence des fichiers dans C:\Documents and Settings\Michel Salord.NIMBUS-B4E501C9\Application Data
Found ! [25/11/2008 15:04] - "C:\Documents and Settings\Michel Salord.NIMBUS-B4E501C9\Application Data\m\flec006.exe"
Found ! [25/11/2008 16:19] - "C:\Documents and Settings\Michel Salord.NIMBUS-B4E501C9\Application Data\m\list.oct"
Found ! [25/11/2008 16:19] - "C:\Documents and Settings\Michel Salord.NIMBUS-B4E501C9\Application Data\m\data.oct"
Found ! [25/11/2008 16:19] - "C:\Documents and Settings\Michel Salord.NIMBUS-B4E501C9\Application Data\m\srvlist.oct"
Found ! [25/11/2008 16:28] - "C:\Documents and Settings\Michel Salord.NIMBUS-B4E501C9\Application Data\m\shared"
Found ! [25/11/2008 16:19] - "C:\Documents and Settings\Michel Salord.NIMBUS-B4E501C9\Application Data\m"
»»»» Presence des fichiers dans C:\DOCUME~1\MICHEL~1.NIM\LOCALS~1\Temp
»»»» Presence des fichiers dans C:\Documents and Settings\Michel Salord.NIMBUS-B4E501C9\Local Settings\Temporary Internet Files\Content.IE5
Found ! [25/11/2008 13:23] - C:\Documents and Settings\Michel Salord.NIMBUS-B4E501C9\Local Settings\Temporary Internet Files\Content.IE5\B9VYC815\b64_1[1].jpg
Found ! [25/11/2008 15:42] - C:\Documents and Settings\Michel Salord.NIMBUS-B4E501C9\Local Settings\Temporary Internet Files\Content.IE5\B9VYC815\b64_1[2].jpg
Found ! [25/11/2008 09:35] - C:\Documents and Settings\Michel Salord.NIMBUS-B4E501C9\Local Settings\Temporary Internet Files\Content.IE5\B9VYC815\b64_3[1].jpg
Found ! [25/11/2008 15:03] - C:\Documents and Settings\Michel Salord.NIMBUS-B4E501C9\Local Settings\Temporary Internet Files\Content.IE5\BTTUQGP4\b64_1[1].jpg
Found ! [25/11/2008 15:05] - C:\Documents and Settings\Michel Salord.NIMBUS-B4E501C9\Local Settings\Temporary Internet Files\Content.IE5\BTTUQGP4\b64_2[1].jpg
Found ! [25/11/2008 09:35] - C:\Documents and Settings\Michel Salord.NIMBUS-B4E501C9\Local Settings\Temporary Internet Files\Content.IE5\BTTUQGP4\b64_3[1].jpg
Found ! [25/11/2008 14:33] - C:\Documents and Settings\Michel Salord.NIMBUS-B4E501C9\Local Settings\Temporary Internet Files\Content.IE5\BTTUQGP4\b64_3[2].jpg
Found ! [25/11/2008 14:58] - C:\Documents and Settings\Michel Salord.NIMBUS-B4E501C9\Local Settings\Temporary Internet Files\Content.IE5\BTTUQGP4\b64_3[3].jpg
Found ! [25/11/2008 13:22] - C:\Documents and Settings\Michel Salord.NIMBUS-B4E501C9\Local Settings\Temporary Internet Files\Content.IE5\I0P170AV\b64[1].jpg
Found ! [25/11/2008 15:04] - C:\Documents and Settings\Michel Salord.NIMBUS-B4E501C9\Local Settings\Temporary Internet Files\Content.IE5\I0P170AV\b64[2].jpg
Found ! [25/11/2008 15:41] - C:\Documents and Settings\Michel Salord.NIMBUS-B4E501C9\Local Settings\Temporary Internet Files\Content.IE5\I0P170AV\b64_1[1].jpg
Found ! [25/11/2008 13:21] - C:\Documents and Settings\Michel Salord.NIMBUS-B4E501C9\Local Settings\Temporary Internet Files\Content.IE5\I0P170AV\b64_2[1].jpg
Found ! [25/11/2008 16:27] - C:\Documents and Settings\Michel Salord.NIMBUS-B4E501C9\Local Settings\Temporary Internet Files\Content.IE5\I0P170AV\b64_2[2].jpg
Found ! [25/11/2008 16:26] - C:\Documents and Settings\Michel Salord.NIMBUS-B4E501C9\Local Settings\Temporary Internet Files\Content.IE5\I0P170AV\b64_3[1].jpg
Found ! [25/11/2008 15:05] - C:\Documents and Settings\Michel Salord.NIMBUS-B4E501C9\Local Settings\Temporary Internet Files\Content.IE5\I0P170AV\mxd[1].jpg
Found ! [25/11/2008 09:35] - C:\Documents and Settings\Michel Salord.NIMBUS-B4E501C9\Local Settings\Temporary Internet Files\Content.IE5\XGTUJZ71\b64[1].jpg
Found ! [25/11/2008 14:58] - C:\Documents and Settings\Michel Salord.NIMBUS-B4E501C9\Local Settings\Temporary Internet Files\Content.IE5\XGTUJZ71\b64_1[1].jpg
Found ! [25/11/2008 15:06] - C:\Documents and Settings\Michel Salord.NIMBUS-B4E501C9\Local Settings\Temporary Internet Files\Content.IE5\XGTUJZ71\b64_1[2].jpg
Found ! [25/11/2008 13:22] - C:\Documents and Settings\Michel Salord.NIMBUS-B4E501C9\Local Settings\Temporary Internet Files\Content.IE5\XGTUJZ71\b64_3[1].jpg
Found ! [25/11/2008 13:22] - C:\Documents and Settings\Michel Salord.NIMBUS-B4E501C9\Local Settings\Temporary Internet Files\Content.IE5\XGTUJZ71\mxd[1].jpg
Found ! [25/11/2008 16:19] - C:\Documents and Settings\Michel Salord.NIMBUS-B4E501C9\Local Settings\Temporary Internet Files\Content.IE5\XGTUJZ71\mxd[2].jpg
--------------- [ Registre / Startup ] ----------------
--------------- [ Registre / Clés infectieuses ] ----------------
Found ! - HKEY_USERS\S-1-5-21-606747145-861567501-725345543-1003\Software\Local AppWizard-Generated Applications\winfilse
Found ! - HKEY_USERS\S-1-5-21-606747145-861567501-725345543-1003\Software\bisoft
Found ! - HKEY_USERS\S-1-5-21-606747145-861567501-725345543-1003\Software\DateTime4
Found ! - HKEY_USERS\S-1-5-21-606747145-861567501-725345543-1003\Software\FFC
Found ! - HKEY_USERS\S-1-5-21-606747145-861567501-725345543-1003\Software\FirtR
Found ! - HKEY_USERS\S-1-5-21-606747145-861567501-725345543-1003\Software\MuleAppData
Found ! - HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\winfilse
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\srosa
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\srosa
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\srosa
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SROSA
Found ! - HKEY_CURRENT_USER\Software\bisoft
Found ! - HKEY_CURRENT_USER\Software\DateTime4
Found ! - HKEY_CURRENT_USER\Software\FirtR
--------------- [ Etat / Services ] ----------------
Clé manquante : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot
- sans echec non fonctionnel !!
Clé manquante : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal
- sans echec non fonctionnel !!
Clé manquante : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network
- sans echec non fonctionnel !!
+- Services : [ Auto=2 / Demande=3 / Désactivé=4 ]
--------------- [ Recherche dans supports amovibles] ----------------
+- Informations :
C: - Lecteur fixe
D: - Lecteur fixe
E: - Lecteur fixe
+- presence des fichiers :
--------------- [ Registre / Mountpoint2 ] ----------------
-> Not found !
------------------- ! Fin du rapport ! --------------------
Je me retrouve infecté par BAGLE, comment faire pour m’en débarrasser .
J’ai lancé GenProc qui m’a fourni le rapport ci-dessous :
Pouvez-vous m’aider ?
Merci.
----------------- FindyKill V4.705 ------------------
* User : Michel Salord - NIMBUS-B4E501C9
* Emplacement : C:\Program Files\FindyKill
* Outils Mis a jours le 17/11/08 par Chiquitine29
* Recherche effectuée à 16:41:50 le 25/11/2008
* Windows XP - Internet Explorer 7.0.5730.13
((((((((((((((((( *** Recherche *** ))))))))))))))))))
--------------- [ Processus actifs ] ----------------
--------------- [ Fichiers/Dossiers infectieux ] ----------------
»»»» Presence des fichiers dans C:
»»»» Presence des fichiers dans C:\WINDOWS
»»»» Presence des fichiers dans C:\WINDOWS\Prefetch
Found ! - C:\WINDOWS\prefetch\101140.EXE-024086C3.pf
Found ! - C:\WINDOWS\prefetch\120890.EXE-2EE3616F.pf
Found ! - C:\WINDOWS\prefetch\122687.EXE-382FE756.pf
Found ! - C:\WINDOWS\prefetch\126812.EXE-1C8CAFDF.pf
Found ! - C:\WINDOWS\prefetch\139437.EXE-2286F6D6.pf
Found ! - C:\WINDOWS\prefetch\157796.EXE-1B18C72E.pf
Found ! - C:\WINDOWS\prefetch\164234.EXE-39372CD8.pf
Found ! - C:\WINDOWS\prefetch\167921.EXE-35A2F045.pf
Found ! - C:\WINDOWS\prefetch\180203.EXE-329EDF9F.pf
Found ! - C:\WINDOWS\prefetch\184343.EXE-294FCFD2.pf
Found ! - C:\WINDOWS\prefetch\358921.EXE-390256AA.pf
Found ! - C:\WINDOWS\prefetch\56046.EXE-0B8A4AA9.pf
Found ! - C:\WINDOWS\prefetch\71718.EXE-118C8E1E.pf
Found ! - C:\WINDOWS\prefetch\81812.EXE-069C89AB.pf
Found ! - C:\WINDOWS\prefetch\81906.EXE-3909E3F6.pf
Found ! - C:\WINDOWS\prefetch\87625.EXE-39A48902.pf
Found ! - C:\WINDOWS\prefetch\90843.EXE-38A82A4B.pf
Found ! - C:\WINDOWS\prefetch\99609.EXE-1D90FF54.pf
Found ! - C:\WINDOWS\prefetch\FLEC006.EXE-0F68C633.pf
Found ! - C:\WINDOWS\prefetch\MDELK.EXE-1D176F91.pf
Found ! - C:\WINDOWS\prefetch\WINFILSE.EXE-17C2CF68.pf
Found ! - C:\WINDOWS\prefetch\WINTEMS.EXE-2A563F9B.pf
Found ! - C:\WINDOWS\Prefetch\SAFEBOOTKEYREPAIR.EXE-20B6E341.pf
»»»» Presence des fichiers dans C:\WINDOWS\system32
Found ! [25/11/2008 16:26] - C:\WINDOWS\system32\mdelk.exe
Found ! [25/11/2008 16:26] - C:\WINDOWS\system32\wintems.exe
Found ! [25/11/2008 16:27] - C:\WINDOWS\system32\ban_list.txt
»»»» Presence des fichiers dans C:\WINDOWS\system32\drivers
Found ! [25/11/2008 16:25] - C:\WINDOWS\system32\drivers\srosa.sys
Found ! [25/11/2008 16:25] - C:\WINDOWS\system32\drivers\srosa2.sys
Found ! [26/03/2005 10:07] - C:\WINDOWS\system32\drivers\winfilse.exe
Found ! [25/11/2008 16:32] - "C:\WINDOWS\system32\drivers\downld"
Found ! [25/11/2008 16:32] - C:\WINDOWS\system32\drivers\downld\120890.exe
Found ! [25/11/2008 16:32] - C:\WINDOWS\system32\drivers\downld\126812.exe
Found ! [25/11/2008 16:32] - C:\WINDOWS\system32\drivers\downld\139437.exe
Found ! [25/11/2008 16:32] - C:\WINDOWS\system32\drivers\downld\157796.exe
Found ! [25/11/2008 16:32] - C:\WINDOWS\system32\drivers\downld\158765.exe
Found ! [25/11/2008 16:32] - C:\WINDOWS\system32\drivers\downld\167921.exe
Found ! [25/11/2008 16:32] - C:\WINDOWS\system32\drivers\downld\176359.exe
Found ! [25/11/2008 16:32] - C:\WINDOWS\system32\drivers\downld\180203.exe
Found ! [25/11/2008 16:32] - C:\WINDOWS\system32\drivers\downld\182734.exe
Found ! [25/11/2008 16:32] - C:\WINDOWS\system32\drivers\downld\184343.exe
Found ! [25/11/2008 16:32] - C:\WINDOWS\system32\drivers\downld\219593.exe
Found ! [25/11/2008 16:32] - C:\WINDOWS\system32\drivers\downld\223515.exe
Found ! [25/11/2008 16:32] - C:\WINDOWS\system32\drivers\downld\234187.exe
Found ! [25/11/2008 16:32] - C:\WINDOWS\system32\drivers\downld\240093.exe
Found ! [25/11/2008 16:32] - C:\WINDOWS\system32\drivers\downld\240734.exe
Found ! [25/11/2008 16:32] - C:\WINDOWS\system32\drivers\downld\245765.exe
Found ! [25/11/2008 16:32] - C:\WINDOWS\system32\drivers\downld\262109.exe
Found ! [25/11/2008 16:32] - C:\WINDOWS\system32\drivers\downld\278359.exe
Found ! [25/11/2008 16:32] - C:\WINDOWS\system32\drivers\downld\284953.exe
Found ! [25/11/2008 16:32] - C:\WINDOWS\system32\drivers\downld\292515.exe
Found ! [25/11/2008 16:32] - C:\WINDOWS\system32\drivers\downld\324031.exe
Found ! [25/11/2008 16:32] - C:\WINDOWS\system32\drivers\downld\324953.exe
Found ! [25/11/2008 16:32] - C:\WINDOWS\system32\drivers\downld\327000.exe
Found ! [25/11/2008 16:32] - C:\WINDOWS\system32\drivers\downld\335796.exe
Found ! [25/11/2008 16:32] - C:\WINDOWS\system32\drivers\downld\358921.exe
Found ! [25/11/2008 16:32] - C:\WINDOWS\system32\drivers\downld\391468.exe
Found ! [25/11/2008 16:32] - C:\WINDOWS\system32\drivers\downld\440343.exe
Found ! [25/11/2008 16:32] - C:\WINDOWS\system32\drivers\downld\444218.exe
Found ! [25/11/2008 16:32] - C:\WINDOWS\system32\drivers\downld\476937.exe
Found ! [25/11/2008 16:32] - C:\WINDOWS\system32\drivers\downld\52437.exe
Found ! [25/11/2008 16:32] - C:\WINDOWS\system32\drivers\downld\532093.exe
Found ! [25/11/2008 16:32] - C:\WINDOWS\system32\drivers\downld\56046.exe
Found ! [25/11/2008 16:32] - C:\WINDOWS\system32\drivers\downld\68250.exe
Found ! [25/11/2008 16:32] - C:\WINDOWS\system32\drivers\downld\75171.exe
Found ! [25/11/2008 16:32] - C:\WINDOWS\system32\drivers\downld\76250.exe
Found ! [25/11/2008 16:32] - C:\WINDOWS\system32\drivers\downld\81671.exe
Found ! [25/11/2008 16:32] - C:\WINDOWS\system32\drivers\downld\81906.exe
Found ! [25/11/2008 16:32] - C:\WINDOWS\system32\drivers\downld\82437.exe
Found ! [25/11/2008 16:32] - C:\WINDOWS\system32\drivers\downld\88890.exe
Found ! [25/11/2008 16:32] - C:\WINDOWS\system32\drivers\downld\89687.exe
Found ! [25/11/2008 16:32] - C:\WINDOWS\system32\drivers\downld\91265.exe
Found ! [25/11/2008 16:32] - C:\WINDOWS\system32\drivers\downld\91406.exe
Found ! [25/11/2008 16:32] - C:\WINDOWS\system32\drivers\downld\92171.exe
Found ! [25/11/2008 16:32] - C:\WINDOWS\system32\drivers\downld\95031.exe
»»»» Presence des fichiers dans C:\Documents and Settings\Michel Salord.NIMBUS-B4E501C9\Application Data
Found ! [25/11/2008 15:04] - "C:\Documents and Settings\Michel Salord.NIMBUS-B4E501C9\Application Data\m\flec006.exe"
Found ! [25/11/2008 16:19] - "C:\Documents and Settings\Michel Salord.NIMBUS-B4E501C9\Application Data\m\list.oct"
Found ! [25/11/2008 16:19] - "C:\Documents and Settings\Michel Salord.NIMBUS-B4E501C9\Application Data\m\data.oct"
Found ! [25/11/2008 16:19] - "C:\Documents and Settings\Michel Salord.NIMBUS-B4E501C9\Application Data\m\srvlist.oct"
Found ! [25/11/2008 16:28] - "C:\Documents and Settings\Michel Salord.NIMBUS-B4E501C9\Application Data\m\shared"
Found ! [25/11/2008 16:19] - "C:\Documents and Settings\Michel Salord.NIMBUS-B4E501C9\Application Data\m"
»»»» Presence des fichiers dans C:\DOCUME~1\MICHEL~1.NIM\LOCALS~1\Temp
»»»» Presence des fichiers dans C:\Documents and Settings\Michel Salord.NIMBUS-B4E501C9\Local Settings\Temporary Internet Files\Content.IE5
Found ! [25/11/2008 13:23] - C:\Documents and Settings\Michel Salord.NIMBUS-B4E501C9\Local Settings\Temporary Internet Files\Content.IE5\B9VYC815\b64_1[1].jpg
Found ! [25/11/2008 15:42] - C:\Documents and Settings\Michel Salord.NIMBUS-B4E501C9\Local Settings\Temporary Internet Files\Content.IE5\B9VYC815\b64_1[2].jpg
Found ! [25/11/2008 09:35] - C:\Documents and Settings\Michel Salord.NIMBUS-B4E501C9\Local Settings\Temporary Internet Files\Content.IE5\B9VYC815\b64_3[1].jpg
Found ! [25/11/2008 15:03] - C:\Documents and Settings\Michel Salord.NIMBUS-B4E501C9\Local Settings\Temporary Internet Files\Content.IE5\BTTUQGP4\b64_1[1].jpg
Found ! [25/11/2008 15:05] - C:\Documents and Settings\Michel Salord.NIMBUS-B4E501C9\Local Settings\Temporary Internet Files\Content.IE5\BTTUQGP4\b64_2[1].jpg
Found ! [25/11/2008 09:35] - C:\Documents and Settings\Michel Salord.NIMBUS-B4E501C9\Local Settings\Temporary Internet Files\Content.IE5\BTTUQGP4\b64_3[1].jpg
Found ! [25/11/2008 14:33] - C:\Documents and Settings\Michel Salord.NIMBUS-B4E501C9\Local Settings\Temporary Internet Files\Content.IE5\BTTUQGP4\b64_3[2].jpg
Found ! [25/11/2008 14:58] - C:\Documents and Settings\Michel Salord.NIMBUS-B4E501C9\Local Settings\Temporary Internet Files\Content.IE5\BTTUQGP4\b64_3[3].jpg
Found ! [25/11/2008 13:22] - C:\Documents and Settings\Michel Salord.NIMBUS-B4E501C9\Local Settings\Temporary Internet Files\Content.IE5\I0P170AV\b64[1].jpg
Found ! [25/11/2008 15:04] - C:\Documents and Settings\Michel Salord.NIMBUS-B4E501C9\Local Settings\Temporary Internet Files\Content.IE5\I0P170AV\b64[2].jpg
Found ! [25/11/2008 15:41] - C:\Documents and Settings\Michel Salord.NIMBUS-B4E501C9\Local Settings\Temporary Internet Files\Content.IE5\I0P170AV\b64_1[1].jpg
Found ! [25/11/2008 13:21] - C:\Documents and Settings\Michel Salord.NIMBUS-B4E501C9\Local Settings\Temporary Internet Files\Content.IE5\I0P170AV\b64_2[1].jpg
Found ! [25/11/2008 16:27] - C:\Documents and Settings\Michel Salord.NIMBUS-B4E501C9\Local Settings\Temporary Internet Files\Content.IE5\I0P170AV\b64_2[2].jpg
Found ! [25/11/2008 16:26] - C:\Documents and Settings\Michel Salord.NIMBUS-B4E501C9\Local Settings\Temporary Internet Files\Content.IE5\I0P170AV\b64_3[1].jpg
Found ! [25/11/2008 15:05] - C:\Documents and Settings\Michel Salord.NIMBUS-B4E501C9\Local Settings\Temporary Internet Files\Content.IE5\I0P170AV\mxd[1].jpg
Found ! [25/11/2008 09:35] - C:\Documents and Settings\Michel Salord.NIMBUS-B4E501C9\Local Settings\Temporary Internet Files\Content.IE5\XGTUJZ71\b64[1].jpg
Found ! [25/11/2008 14:58] - C:\Documents and Settings\Michel Salord.NIMBUS-B4E501C9\Local Settings\Temporary Internet Files\Content.IE5\XGTUJZ71\b64_1[1].jpg
Found ! [25/11/2008 15:06] - C:\Documents and Settings\Michel Salord.NIMBUS-B4E501C9\Local Settings\Temporary Internet Files\Content.IE5\XGTUJZ71\b64_1[2].jpg
Found ! [25/11/2008 13:22] - C:\Documents and Settings\Michel Salord.NIMBUS-B4E501C9\Local Settings\Temporary Internet Files\Content.IE5\XGTUJZ71\b64_3[1].jpg
Found ! [25/11/2008 13:22] - C:\Documents and Settings\Michel Salord.NIMBUS-B4E501C9\Local Settings\Temporary Internet Files\Content.IE5\XGTUJZ71\mxd[1].jpg
Found ! [25/11/2008 16:19] - C:\Documents and Settings\Michel Salord.NIMBUS-B4E501C9\Local Settings\Temporary Internet Files\Content.IE5\XGTUJZ71\mxd[2].jpg
--------------- [ Registre / Startup ] ----------------
--------------- [ Registre / Clés infectieuses ] ----------------
Found ! - HKEY_USERS\S-1-5-21-606747145-861567501-725345543-1003\Software\Local AppWizard-Generated Applications\winfilse
Found ! - HKEY_USERS\S-1-5-21-606747145-861567501-725345543-1003\Software\bisoft
Found ! - HKEY_USERS\S-1-5-21-606747145-861567501-725345543-1003\Software\DateTime4
Found ! - HKEY_USERS\S-1-5-21-606747145-861567501-725345543-1003\Software\FFC
Found ! - HKEY_USERS\S-1-5-21-606747145-861567501-725345543-1003\Software\FirtR
Found ! - HKEY_USERS\S-1-5-21-606747145-861567501-725345543-1003\Software\MuleAppData
Found ! - HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\winfilse
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\srosa
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\srosa
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\srosa
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SROSA
Found ! - HKEY_CURRENT_USER\Software\bisoft
Found ! - HKEY_CURRENT_USER\Software\DateTime4
Found ! - HKEY_CURRENT_USER\Software\FirtR
--------------- [ Etat / Services ] ----------------
Clé manquante : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot
- sans echec non fonctionnel !!
Clé manquante : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal
- sans echec non fonctionnel !!
Clé manquante : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network
- sans echec non fonctionnel !!
+- Services : [ Auto=2 / Demande=3 / Désactivé=4 ]
--------------- [ Recherche dans supports amovibles] ----------------
+- Informations :
C: - Lecteur fixe
D: - Lecteur fixe
E: - Lecteur fixe
+- presence des fichiers :
--------------- [ Registre / Mountpoint2 ] ----------------
-> Not found !
------------------- ! Fin du rapport ! --------------------
A voir également:
- Virus Bagle
- Virus mcafee - Accueil - Piratage
- Virus informatique - Guide
- Panda anti virus gratuit - Télécharger - Antivirus & Antimalwares
- Undisclosed-recipients virus - Guide
- Ordinateur bloqué virus - Accueil - Arnaque
4 réponses
Salut ! relance findykill et fait l'option 2 ! et reposte le rapport :) (je t'aide un peut chiquitine :P enfin si sa te dérange pas ...)
Lol quand je disais si sa ne te déranger pas je demander à chiquitine29 car c'est lui le programmeur du "fix" : "findykill"
Par contre pour la lenteur je ne c'est pas attend un peut ...
Par contre pour la lenteur je ne c'est pas attend un peut ...
désinstalle findykill sur ton pc si tu là ! et refait tout ! :
Télécharge et installe findykill sur ton bureau : https://www.malekal.com/tutorial-findykill/
Branche tes disc amovible, (clé USB, disque dur externe, etc...) sans doute infectées ! ne les ouvres pas
*Lance l installation avec les paramètres par default
*Double clic sur le raccourci FindyKill sur ton bureau
*Au menu principal,choisi l option 1 (Recherche)
*Post le rapport FindyKill.txt
ps : le rapport FindyKill.txt est sauvegardé a la racine du disque
Télécharge et installe findykill sur ton bureau : https://www.malekal.com/tutorial-findykill/
Branche tes disc amovible, (clé USB, disque dur externe, etc...) sans doute infectées ! ne les ouvres pas
*Lance l installation avec les paramètres par default
*Double clic sur le raccourci FindyKill sur ton bureau
*Au menu principal,choisi l option 1 (Recherche)
*Post le rapport FindyKill.txt
ps : le rapport FindyKill.txt est sauvegardé a la racine du disque
Voici le nouveau rapport.
Je termine pour ce soir, je reprendrai demain matin.
Merci pour l'aide et bonne soirée.
----------------- FindyKill V4.705 ------------------
* User : Michel Salord - NIMBUS-B4E501C9
* Emplacement : C:\Program Files\FindyKill
* Outils Mis a jours le 17/11/08 par Chiquitine29
* Recherche effectuée à 18:03:33 le 25/11/2008
* Windows XP - Internet Explorer 7.0.5730.13
((((((((((((((((( *** Recherche *** ))))))))))))))))))
--------------- [ Processus actifs ] ----------------
--------------- [ Fichiers/Dossiers infectieux ] ----------------
»»»» Presence des fichiers dans C:
Found ! [25/11/2008 17:28] - C:\InfoSat.txt
»»»» Presence des fichiers dans C:\WINDOWS
»»»» Presence des fichiers dans C:\WINDOWS\Prefetch
Found ! - C:\WINDOWS\prefetch\101140.EXE-024086C3.pf
Found ! - C:\WINDOWS\prefetch\120890.EXE-2EE3616F.pf
Found ! - C:\WINDOWS\prefetch\122687.EXE-382FE756.pf
Found ! - C:\WINDOWS\prefetch\126812.EXE-1C8CAFDF.pf
Found ! - C:\WINDOWS\prefetch\139437.EXE-2286F6D6.pf
Found ! - C:\WINDOWS\prefetch\157796.EXE-1B18C72E.pf
Found ! - C:\WINDOWS\prefetch\164234.EXE-39372CD8.pf
Found ! - C:\WINDOWS\prefetch\167921.EXE-35A2F045.pf
Found ! - C:\WINDOWS\prefetch\180203.EXE-329EDF9F.pf
Found ! - C:\WINDOWS\prefetch\184343.EXE-294FCFD2.pf
Found ! - C:\WINDOWS\prefetch\358921.EXE-390256AA.pf
Found ! - C:\WINDOWS\prefetch\56046.EXE-0B8A4AA9.pf
Found ! - C:\WINDOWS\prefetch\71718.EXE-118C8E1E.pf
Found ! - C:\WINDOWS\prefetch\81812.EXE-069C89AB.pf
Found ! - C:\WINDOWS\prefetch\81906.EXE-3909E3F6.pf
Found ! - C:\WINDOWS\prefetch\87625.EXE-39A48902.pf
Found ! - C:\WINDOWS\prefetch\90843.EXE-38A82A4B.pf
Found ! - C:\WINDOWS\prefetch\99609.EXE-1D90FF54.pf
Found ! - C:\WINDOWS\prefetch\FLEC006.EXE-0F68C633.pf
Found ! - C:\WINDOWS\prefetch\MDELK.EXE-1D176F91.pf
Found ! - C:\WINDOWS\prefetch\WINFILSE.EXE-17C2CF68.pf
Found ! - C:\WINDOWS\prefetch\WINTEMS.EXE-2A563F9B.pf
Found ! - C:\WINDOWS\Prefetch\SAFEBOOTKEYREPAIR.EXE-20B6E341.pf
»»»» Presence des fichiers dans C:\WINDOWS\system32
Found ! [25/11/2008 16:26] - C:\WINDOWS\system32\mdelk.exe
Found ! [25/11/2008 16:26] - C:\WINDOWS\system32\wintems.exe
»»»» Presence des fichiers dans C:\WINDOWS\system32\drivers
Found ! [25/11/2008 16:25] - C:\WINDOWS\system32\drivers\srosa.sys
Found ! [25/11/2008 16:25] - C:\WINDOWS\system32\drivers\srosa2.sys
Found ! [26/03/2005 10:07] - C:\WINDOWS\system32\drivers\winfilse.exe
Found ! [25/11/2008 17:21] - "C:\WINDOWS\system32\drivers\downld"
Found ! [25/11/2008 17:21] - C:\WINDOWS\system32\drivers\downld\120890.exe
Found ! [25/11/2008 17:21] - C:\WINDOWS\system32\drivers\downld\126812.exe
Found ! [25/11/2008 17:21] - C:\WINDOWS\system32\drivers\downld\139437.exe
Found ! [25/11/2008 17:21] - C:\WINDOWS\system32\drivers\downld\157796.exe
Found ! [25/11/2008 17:21] - C:\WINDOWS\system32\drivers\downld\158765.exe
Found ! [25/11/2008 17:21] - C:\WINDOWS\system32\drivers\downld\167921.exe
Found ! [25/11/2008 17:21] - C:\WINDOWS\system32\drivers\downld\176359.exe
Found ! [25/11/2008 17:21] - C:\WINDOWS\system32\drivers\downld\182734.exe
Found ! [25/11/2008 17:21] - C:\WINDOWS\system32\drivers\downld\184343.exe
Found ! [25/11/2008 17:21] - C:\WINDOWS\system32\drivers\downld\219593.exe
Found ! [25/11/2008 17:21] - C:\WINDOWS\system32\drivers\downld\223515.exe
Found ! [25/11/2008 17:21] - C:\WINDOWS\system32\drivers\downld\234187.exe
Found ! [25/11/2008 17:21] - C:\WINDOWS\system32\drivers\downld\240093.exe
Found ! [25/11/2008 17:21] - C:\WINDOWS\system32\drivers\downld\240734.exe
Found ! [25/11/2008 17:21] - C:\WINDOWS\system32\drivers\downld\245765.exe
Found ! [25/11/2008 17:21] - C:\WINDOWS\system32\drivers\downld\262109.exe
Found ! [25/11/2008 17:21] - C:\WINDOWS\system32\drivers\downld\278359.exe
Found ! [25/11/2008 17:21] - C:\WINDOWS\system32\drivers\downld\284953.exe
Found ! [25/11/2008 17:21] - C:\WINDOWS\system32\drivers\downld\292515.exe
Found ! [25/11/2008 17:21] - C:\WINDOWS\system32\drivers\downld\324031.exe
Found ! [25/11/2008 17:21] - C:\WINDOWS\system32\drivers\downld\324953.exe
Found ! [25/11/2008 17:21] - C:\WINDOWS\system32\drivers\downld\327000.exe
Found ! [25/11/2008 17:21] - C:\WINDOWS\system32\drivers\downld\335796.exe
Found ! [25/11/2008 17:21] - C:\WINDOWS\system32\drivers\downld\358921.exe
Found ! [25/11/2008 17:21] - C:\WINDOWS\system32\drivers\downld\391468.exe
Found ! [25/11/2008 17:21] - C:\WINDOWS\system32\drivers\downld\440343.exe
Found ! [25/11/2008 17:21] - C:\WINDOWS\system32\drivers\downld\444218.exe
Found ! [25/11/2008 17:21] - C:\WINDOWS\system32\drivers\downld\476937.exe
Found ! [25/11/2008 17:21] - C:\WINDOWS\system32\drivers\downld\52437.exe
Found ! [25/11/2008 17:21] - C:\WINDOWS\system32\drivers\downld\532093.exe
Found ! [25/11/2008 17:21] - C:\WINDOWS\system32\drivers\downld\56046.exe
Found ! [25/11/2008 17:21] - C:\WINDOWS\system32\drivers\downld\68250.exe
Found ! [25/11/2008 17:21] - C:\WINDOWS\system32\drivers\downld\75171.exe
Found ! [25/11/2008 17:21] - C:\WINDOWS\system32\drivers\downld\76250.exe
Found ! [25/11/2008 17:21] - C:\WINDOWS\system32\drivers\downld\81671.exe
Found ! [25/11/2008 17:21] - C:\WINDOWS\system32\drivers\downld\81906.exe
Found ! [25/11/2008 17:21] - C:\WINDOWS\system32\drivers\downld\82437.exe
Found ! [25/11/2008 17:21] - C:\WINDOWS\system32\drivers\downld\88890.exe
Found ! [25/11/2008 17:21] - C:\WINDOWS\system32\drivers\downld\89687.exe
Found ! [25/11/2008 17:21] - C:\WINDOWS\system32\drivers\downld\91265.exe
Found ! [25/11/2008 17:21] - C:\WINDOWS\system32\drivers\downld\91406.exe
Found ! [25/11/2008 17:21] - C:\WINDOWS\system32\drivers\downld\92171.exe
Found ! [25/11/2008 17:21] - C:\WINDOWS\system32\drivers\downld\95031.exe
»»»» Presence des fichiers dans C:\Documents and Settings\Michel Salord.NIMBUS-B4E501C9\Application Data
Found ! [25/11/2008 15:04] - "C:\Documents and Settings\Michel Salord.NIMBUS-B4E501C9\Application Data\m\flec006.exe"
Found ! [25/11/2008 16:28] - "C:\Documents and Settings\Michel Salord.NIMBUS-B4E501C9\Application Data\m\shared"
Found ! [25/11/2008 17:28] - "C:\Documents and Settings\Michel Salord.NIMBUS-B4E501C9\Application Data\m"
»»»» Presence des fichiers dans C:\DOCUME~1\MICHEL~1.NIM\LOCALS~1\Temp
»»»» Presence des fichiers dans C:\Documents and Settings\Michel Salord.NIMBUS-B4E501C9\Local Settings\Temporary Internet Files\Content.IE5
Found ! [25/11/2008 13:23] - C:\Documents and Settings\Michel Salord.NIMBUS-B4E501C9\Local Settings\Temporary Internet Files\Content.IE5\B9VYC815\b64_1[1].jpg
Found ! [25/11/2008 15:42] - C:\Documents and Settings\Michel Salord.NIMBUS-B4E501C9\Local Settings\Temporary Internet Files\Content.IE5\B9VYC815\b64_1[2].jpg
Found ! [25/11/2008 09:35] - C:\Documents and Settings\Michel Salord.NIMBUS-B4E501C9\Local Settings\Temporary Internet Files\Content.IE5\B9VYC815\b64_3[1].jpg
Found ! [25/11/2008 15:03] - C:\Documents and Settings\Michel Salord.NIMBUS-B4E501C9\Local Settings\Temporary Internet Files\Content.IE5\BTTUQGP4\b64_1[1].jpg
Found ! [25/11/2008 15:05] - C:\Documents and Settings\Michel Salord.NIMBUS-B4E501C9\Local Settings\Temporary Internet Files\Content.IE5\BTTUQGP4\b64_2[1].jpg
Found ! [25/11/2008 09:35] - C:\Documents and Settings\Michel Salord.NIMBUS-B4E501C9\Local Settings\Temporary Internet Files\Content.IE5\BTTUQGP4\b64_3[1].jpg
Found ! [25/11/2008 14:33] - C:\Documents and Settings\Michel Salord.NIMBUS-B4E501C9\Local Settings\Temporary Internet Files\Content.IE5\BTTUQGP4\b64_3[2].jpg
Found ! [25/11/2008 14:58] - C:\Documents and Settings\Michel Salord.NIMBUS-B4E501C9\Local Settings\Temporary Internet Files\Content.IE5\BTTUQGP4\b64_3[3].jpg
Found ! [25/11/2008 13:22] - C:\Documents and Settings\Michel Salord.NIMBUS-B4E501C9\Local Settings\Temporary Internet Files\Content.IE5\I0P170AV\b64[1].jpg
Found ! [25/11/2008 15:04] - C:\Documents and Settings\Michel Salord.NIMBUS-B4E501C9\Local Settings\Temporary Internet Files\Content.IE5\I0P170AV\b64[2].jpg
Found ! [25/11/2008 15:41] - C:\Documents and Settings\Michel Salord.NIMBUS-B4E501C9\Local Settings\Temporary Internet Files\Content.IE5\I0P170AV\b64_1[1].jpg
Found ! [25/11/2008 13:21] - C:\Documents and Settings\Michel Salord.NIMBUS-B4E501C9\Local Settings\Temporary Internet Files\Content.IE5\I0P170AV\b64_2[1].jpg
Found ! [25/11/2008 16:27] - C:\Documents and Settings\Michel Salord.NIMBUS-B4E501C9\Local Settings\Temporary Internet Files\Content.IE5\I0P170AV\b64_2[2].jpg
Found ! [25/11/2008 16:26] - C:\Documents and Settings\Michel Salord.NIMBUS-B4E501C9\Local Settings\Temporary Internet Files\Content.IE5\I0P170AV\b64_3[1].jpg
Found ! [25/11/2008 15:05] - C:\Documents and Settings\Michel Salord.NIMBUS-B4E501C9\Local Settings\Temporary Internet Files\Content.IE5\I0P170AV\mxd[1].jpg
Found ! [25/11/2008 09:35] - C:\Documents and Settings\Michel Salord.NIMBUS-B4E501C9\Local Settings\Temporary Internet Files\Content.IE5\XGTUJZ71\b64[1].jpg
Found ! [25/11/2008 14:58] - C:\Documents and Settings\Michel Salord.NIMBUS-B4E501C9\Local Settings\Temporary Internet Files\Content.IE5\XGTUJZ71\b64_1[1].jpg
Found ! [25/11/2008 15:06] - C:\Documents and Settings\Michel Salord.NIMBUS-B4E501C9\Local Settings\Temporary Internet Files\Content.IE5\XGTUJZ71\b64_1[2].jpg
Found ! [25/11/2008 13:22] - C:\Documents and Settings\Michel Salord.NIMBUS-B4E501C9\Local Settings\Temporary Internet Files\Content.IE5\XGTUJZ71\b64_3[1].jpg
Found ! [25/11/2008 13:22] - C:\Documents and Settings\Michel Salord.NIMBUS-B4E501C9\Local Settings\Temporary Internet Files\Content.IE5\XGTUJZ71\mxd[1].jpg
Found ! [25/11/2008 16:19] - C:\Documents and Settings\Michel Salord.NIMBUS-B4E501C9\Local Settings\Temporary Internet Files\Content.IE5\XGTUJZ71\mxd[2].jpg
--------------- [ Registre / Startup ] ----------------
--------------- [ Registre / Clés infectieuses ] ----------------
Found ! - HKEY_USERS\S-1-5-21-606747145-861567501-725345543-1003\Software\Local AppWizard-Generated Applications\winfilse
Found ! - HKEY_USERS\S-1-5-21-606747145-861567501-725345543-1003\Software\bisoft
Found ! - HKEY_USERS\S-1-5-21-606747145-861567501-725345543-1003\Software\FFC
Found ! - HKEY_USERS\S-1-5-21-606747145-861567501-725345543-1003\Software\FirtR
Found ! - HKEY_USERS\S-1-5-21-606747145-861567501-725345543-1003\Software\MuleAppData
Found ! - HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\winfilse
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\srosa
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\srosa
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\srosa
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SROSA
Found ! - HKEY_CURRENT_USER\Software\bisoft
Found ! - HKEY_CURRENT_USER\Software\FirtR
--------------- [ Etat / Services ] ----------------
Clé manquante : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot
- sans echec non fonctionnel !!
Clé manquante : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal
- sans echec non fonctionnel !!
Clé manquante : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network
- sans echec non fonctionnel !!
+- Services : [ Auto=2 / Demande=3 / Désactivé=4 ]
--------------- [ Recherche dans supports amovibles] ----------------
+- Informations :
C: - Lecteur fixe
D: - Lecteur fixe
E: - Lecteur fixe
+- presence des fichiers :
--------------- [ Registre / Mountpoint2 ] ----------------
-> Not found !
------------------- ! Fin du rapport ! --------------------
Je termine pour ce soir, je reprendrai demain matin.
Merci pour l'aide et bonne soirée.
----------------- FindyKill V4.705 ------------------
* User : Michel Salord - NIMBUS-B4E501C9
* Emplacement : C:\Program Files\FindyKill
* Outils Mis a jours le 17/11/08 par Chiquitine29
* Recherche effectuée à 18:03:33 le 25/11/2008
* Windows XP - Internet Explorer 7.0.5730.13
((((((((((((((((( *** Recherche *** ))))))))))))))))))
--------------- [ Processus actifs ] ----------------
--------------- [ Fichiers/Dossiers infectieux ] ----------------
»»»» Presence des fichiers dans C:
Found ! [25/11/2008 17:28] - C:\InfoSat.txt
»»»» Presence des fichiers dans C:\WINDOWS
»»»» Presence des fichiers dans C:\WINDOWS\Prefetch
Found ! - C:\WINDOWS\prefetch\101140.EXE-024086C3.pf
Found ! - C:\WINDOWS\prefetch\120890.EXE-2EE3616F.pf
Found ! - C:\WINDOWS\prefetch\122687.EXE-382FE756.pf
Found ! - C:\WINDOWS\prefetch\126812.EXE-1C8CAFDF.pf
Found ! - C:\WINDOWS\prefetch\139437.EXE-2286F6D6.pf
Found ! - C:\WINDOWS\prefetch\157796.EXE-1B18C72E.pf
Found ! - C:\WINDOWS\prefetch\164234.EXE-39372CD8.pf
Found ! - C:\WINDOWS\prefetch\167921.EXE-35A2F045.pf
Found ! - C:\WINDOWS\prefetch\180203.EXE-329EDF9F.pf
Found ! - C:\WINDOWS\prefetch\184343.EXE-294FCFD2.pf
Found ! - C:\WINDOWS\prefetch\358921.EXE-390256AA.pf
Found ! - C:\WINDOWS\prefetch\56046.EXE-0B8A4AA9.pf
Found ! - C:\WINDOWS\prefetch\71718.EXE-118C8E1E.pf
Found ! - C:\WINDOWS\prefetch\81812.EXE-069C89AB.pf
Found ! - C:\WINDOWS\prefetch\81906.EXE-3909E3F6.pf
Found ! - C:\WINDOWS\prefetch\87625.EXE-39A48902.pf
Found ! - C:\WINDOWS\prefetch\90843.EXE-38A82A4B.pf
Found ! - C:\WINDOWS\prefetch\99609.EXE-1D90FF54.pf
Found ! - C:\WINDOWS\prefetch\FLEC006.EXE-0F68C633.pf
Found ! - C:\WINDOWS\prefetch\MDELK.EXE-1D176F91.pf
Found ! - C:\WINDOWS\prefetch\WINFILSE.EXE-17C2CF68.pf
Found ! - C:\WINDOWS\prefetch\WINTEMS.EXE-2A563F9B.pf
Found ! - C:\WINDOWS\Prefetch\SAFEBOOTKEYREPAIR.EXE-20B6E341.pf
»»»» Presence des fichiers dans C:\WINDOWS\system32
Found ! [25/11/2008 16:26] - C:\WINDOWS\system32\mdelk.exe
Found ! [25/11/2008 16:26] - C:\WINDOWS\system32\wintems.exe
»»»» Presence des fichiers dans C:\WINDOWS\system32\drivers
Found ! [25/11/2008 16:25] - C:\WINDOWS\system32\drivers\srosa.sys
Found ! [25/11/2008 16:25] - C:\WINDOWS\system32\drivers\srosa2.sys
Found ! [26/03/2005 10:07] - C:\WINDOWS\system32\drivers\winfilse.exe
Found ! [25/11/2008 17:21] - "C:\WINDOWS\system32\drivers\downld"
Found ! [25/11/2008 17:21] - C:\WINDOWS\system32\drivers\downld\120890.exe
Found ! [25/11/2008 17:21] - C:\WINDOWS\system32\drivers\downld\126812.exe
Found ! [25/11/2008 17:21] - C:\WINDOWS\system32\drivers\downld\139437.exe
Found ! [25/11/2008 17:21] - C:\WINDOWS\system32\drivers\downld\157796.exe
Found ! [25/11/2008 17:21] - C:\WINDOWS\system32\drivers\downld\158765.exe
Found ! [25/11/2008 17:21] - C:\WINDOWS\system32\drivers\downld\167921.exe
Found ! [25/11/2008 17:21] - C:\WINDOWS\system32\drivers\downld\176359.exe
Found ! [25/11/2008 17:21] - C:\WINDOWS\system32\drivers\downld\182734.exe
Found ! [25/11/2008 17:21] - C:\WINDOWS\system32\drivers\downld\184343.exe
Found ! [25/11/2008 17:21] - C:\WINDOWS\system32\drivers\downld\219593.exe
Found ! [25/11/2008 17:21] - C:\WINDOWS\system32\drivers\downld\223515.exe
Found ! [25/11/2008 17:21] - C:\WINDOWS\system32\drivers\downld\234187.exe
Found ! [25/11/2008 17:21] - C:\WINDOWS\system32\drivers\downld\240093.exe
Found ! [25/11/2008 17:21] - C:\WINDOWS\system32\drivers\downld\240734.exe
Found ! [25/11/2008 17:21] - C:\WINDOWS\system32\drivers\downld\245765.exe
Found ! [25/11/2008 17:21] - C:\WINDOWS\system32\drivers\downld\262109.exe
Found ! [25/11/2008 17:21] - C:\WINDOWS\system32\drivers\downld\278359.exe
Found ! [25/11/2008 17:21] - C:\WINDOWS\system32\drivers\downld\284953.exe
Found ! [25/11/2008 17:21] - C:\WINDOWS\system32\drivers\downld\292515.exe
Found ! [25/11/2008 17:21] - C:\WINDOWS\system32\drivers\downld\324031.exe
Found ! [25/11/2008 17:21] - C:\WINDOWS\system32\drivers\downld\324953.exe
Found ! [25/11/2008 17:21] - C:\WINDOWS\system32\drivers\downld\327000.exe
Found ! [25/11/2008 17:21] - C:\WINDOWS\system32\drivers\downld\335796.exe
Found ! [25/11/2008 17:21] - C:\WINDOWS\system32\drivers\downld\358921.exe
Found ! [25/11/2008 17:21] - C:\WINDOWS\system32\drivers\downld\391468.exe
Found ! [25/11/2008 17:21] - C:\WINDOWS\system32\drivers\downld\440343.exe
Found ! [25/11/2008 17:21] - C:\WINDOWS\system32\drivers\downld\444218.exe
Found ! [25/11/2008 17:21] - C:\WINDOWS\system32\drivers\downld\476937.exe
Found ! [25/11/2008 17:21] - C:\WINDOWS\system32\drivers\downld\52437.exe
Found ! [25/11/2008 17:21] - C:\WINDOWS\system32\drivers\downld\532093.exe
Found ! [25/11/2008 17:21] - C:\WINDOWS\system32\drivers\downld\56046.exe
Found ! [25/11/2008 17:21] - C:\WINDOWS\system32\drivers\downld\68250.exe
Found ! [25/11/2008 17:21] - C:\WINDOWS\system32\drivers\downld\75171.exe
Found ! [25/11/2008 17:21] - C:\WINDOWS\system32\drivers\downld\76250.exe
Found ! [25/11/2008 17:21] - C:\WINDOWS\system32\drivers\downld\81671.exe
Found ! [25/11/2008 17:21] - C:\WINDOWS\system32\drivers\downld\81906.exe
Found ! [25/11/2008 17:21] - C:\WINDOWS\system32\drivers\downld\82437.exe
Found ! [25/11/2008 17:21] - C:\WINDOWS\system32\drivers\downld\88890.exe
Found ! [25/11/2008 17:21] - C:\WINDOWS\system32\drivers\downld\89687.exe
Found ! [25/11/2008 17:21] - C:\WINDOWS\system32\drivers\downld\91265.exe
Found ! [25/11/2008 17:21] - C:\WINDOWS\system32\drivers\downld\91406.exe
Found ! [25/11/2008 17:21] - C:\WINDOWS\system32\drivers\downld\92171.exe
Found ! [25/11/2008 17:21] - C:\WINDOWS\system32\drivers\downld\95031.exe
»»»» Presence des fichiers dans C:\Documents and Settings\Michel Salord.NIMBUS-B4E501C9\Application Data
Found ! [25/11/2008 15:04] - "C:\Documents and Settings\Michel Salord.NIMBUS-B4E501C9\Application Data\m\flec006.exe"
Found ! [25/11/2008 16:28] - "C:\Documents and Settings\Michel Salord.NIMBUS-B4E501C9\Application Data\m\shared"
Found ! [25/11/2008 17:28] - "C:\Documents and Settings\Michel Salord.NIMBUS-B4E501C9\Application Data\m"
»»»» Presence des fichiers dans C:\DOCUME~1\MICHEL~1.NIM\LOCALS~1\Temp
»»»» Presence des fichiers dans C:\Documents and Settings\Michel Salord.NIMBUS-B4E501C9\Local Settings\Temporary Internet Files\Content.IE5
Found ! [25/11/2008 13:23] - C:\Documents and Settings\Michel Salord.NIMBUS-B4E501C9\Local Settings\Temporary Internet Files\Content.IE5\B9VYC815\b64_1[1].jpg
Found ! [25/11/2008 15:42] - C:\Documents and Settings\Michel Salord.NIMBUS-B4E501C9\Local Settings\Temporary Internet Files\Content.IE5\B9VYC815\b64_1[2].jpg
Found ! [25/11/2008 09:35] - C:\Documents and Settings\Michel Salord.NIMBUS-B4E501C9\Local Settings\Temporary Internet Files\Content.IE5\B9VYC815\b64_3[1].jpg
Found ! [25/11/2008 15:03] - C:\Documents and Settings\Michel Salord.NIMBUS-B4E501C9\Local Settings\Temporary Internet Files\Content.IE5\BTTUQGP4\b64_1[1].jpg
Found ! [25/11/2008 15:05] - C:\Documents and Settings\Michel Salord.NIMBUS-B4E501C9\Local Settings\Temporary Internet Files\Content.IE5\BTTUQGP4\b64_2[1].jpg
Found ! [25/11/2008 09:35] - C:\Documents and Settings\Michel Salord.NIMBUS-B4E501C9\Local Settings\Temporary Internet Files\Content.IE5\BTTUQGP4\b64_3[1].jpg
Found ! [25/11/2008 14:33] - C:\Documents and Settings\Michel Salord.NIMBUS-B4E501C9\Local Settings\Temporary Internet Files\Content.IE5\BTTUQGP4\b64_3[2].jpg
Found ! [25/11/2008 14:58] - C:\Documents and Settings\Michel Salord.NIMBUS-B4E501C9\Local Settings\Temporary Internet Files\Content.IE5\BTTUQGP4\b64_3[3].jpg
Found ! [25/11/2008 13:22] - C:\Documents and Settings\Michel Salord.NIMBUS-B4E501C9\Local Settings\Temporary Internet Files\Content.IE5\I0P170AV\b64[1].jpg
Found ! [25/11/2008 15:04] - C:\Documents and Settings\Michel Salord.NIMBUS-B4E501C9\Local Settings\Temporary Internet Files\Content.IE5\I0P170AV\b64[2].jpg
Found ! [25/11/2008 15:41] - C:\Documents and Settings\Michel Salord.NIMBUS-B4E501C9\Local Settings\Temporary Internet Files\Content.IE5\I0P170AV\b64_1[1].jpg
Found ! [25/11/2008 13:21] - C:\Documents and Settings\Michel Salord.NIMBUS-B4E501C9\Local Settings\Temporary Internet Files\Content.IE5\I0P170AV\b64_2[1].jpg
Found ! [25/11/2008 16:27] - C:\Documents and Settings\Michel Salord.NIMBUS-B4E501C9\Local Settings\Temporary Internet Files\Content.IE5\I0P170AV\b64_2[2].jpg
Found ! [25/11/2008 16:26] - C:\Documents and Settings\Michel Salord.NIMBUS-B4E501C9\Local Settings\Temporary Internet Files\Content.IE5\I0P170AV\b64_3[1].jpg
Found ! [25/11/2008 15:05] - C:\Documents and Settings\Michel Salord.NIMBUS-B4E501C9\Local Settings\Temporary Internet Files\Content.IE5\I0P170AV\mxd[1].jpg
Found ! [25/11/2008 09:35] - C:\Documents and Settings\Michel Salord.NIMBUS-B4E501C9\Local Settings\Temporary Internet Files\Content.IE5\XGTUJZ71\b64[1].jpg
Found ! [25/11/2008 14:58] - C:\Documents and Settings\Michel Salord.NIMBUS-B4E501C9\Local Settings\Temporary Internet Files\Content.IE5\XGTUJZ71\b64_1[1].jpg
Found ! [25/11/2008 15:06] - C:\Documents and Settings\Michel Salord.NIMBUS-B4E501C9\Local Settings\Temporary Internet Files\Content.IE5\XGTUJZ71\b64_1[2].jpg
Found ! [25/11/2008 13:22] - C:\Documents and Settings\Michel Salord.NIMBUS-B4E501C9\Local Settings\Temporary Internet Files\Content.IE5\XGTUJZ71\b64_3[1].jpg
Found ! [25/11/2008 13:22] - C:\Documents and Settings\Michel Salord.NIMBUS-B4E501C9\Local Settings\Temporary Internet Files\Content.IE5\XGTUJZ71\mxd[1].jpg
Found ! [25/11/2008 16:19] - C:\Documents and Settings\Michel Salord.NIMBUS-B4E501C9\Local Settings\Temporary Internet Files\Content.IE5\XGTUJZ71\mxd[2].jpg
--------------- [ Registre / Startup ] ----------------
--------------- [ Registre / Clés infectieuses ] ----------------
Found ! - HKEY_USERS\S-1-5-21-606747145-861567501-725345543-1003\Software\Local AppWizard-Generated Applications\winfilse
Found ! - HKEY_USERS\S-1-5-21-606747145-861567501-725345543-1003\Software\bisoft
Found ! - HKEY_USERS\S-1-5-21-606747145-861567501-725345543-1003\Software\FFC
Found ! - HKEY_USERS\S-1-5-21-606747145-861567501-725345543-1003\Software\FirtR
Found ! - HKEY_USERS\S-1-5-21-606747145-861567501-725345543-1003\Software\MuleAppData
Found ! - HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\winfilse
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\srosa
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\srosa
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\srosa
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SROSA
Found ! - HKEY_CURRENT_USER\Software\bisoft
Found ! - HKEY_CURRENT_USER\Software\FirtR
--------------- [ Etat / Services ] ----------------
Clé manquante : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot
- sans echec non fonctionnel !!
Clé manquante : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal
- sans echec non fonctionnel !!
Clé manquante : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network
- sans echec non fonctionnel !!
+- Services : [ Auto=2 / Demande=3 / Désactivé=4 ]
--------------- [ Recherche dans supports amovibles] ----------------
+- Informations :
C: - Lecteur fixe
D: - Lecteur fixe
E: - Lecteur fixe
+- presence des fichiers :
--------------- [ Registre / Mountpoint2 ] ----------------
-> Not found !
------------------- ! Fin du rapport ! --------------------
Bien sur que j'accepte ton aide.
J'ai lancé loption 2 mais ca n'a pas l'air d'aboutir ! ou alors c'est long !
Qu'en pense-tu ?
Pas de redémarrages non plus !
J'attend de tes nouvelles.