FLAFLAQUIERE
Nouveau membre
Bonjour,
Je cherche quelqu'un qui pourrait m'aider à analyser un rapport FYNDYKILL que j'ai effectué sur mon PC car je soupçonne qu'un virus met infecté mon pc.
Merci d'avance de votre aide
Franck
VOICI LE RAPPORT :
############################## | FindyKill V5.020 |
# User : Franck (Administrateurs) # FRANCKLAPTOP
# Update on 26/11/2009 by Chiquitine29
# Start at: 21:48:37 | 02/12/2009
# Website :
# Contact : FindyKill.Contact@gmail.com
# Intel(R) Core(TM)2 Duo CPU P8400 @ 2.26GHz
# Microsoft® Windows Vista™ Édition Familiale Premium (6.0.6002 64-bit) # Service Pack 2
# Internet Explorer 8.0.6001.18828
# Windows Firewall Status : Enabled
# C:\ # Disque fixe local # 222,86 Go (76,39 Go free) [OS] # NTFS
# D:\ # Disque fixe local # 232,88 Go (23,6 Go free) [DATA] # NTFS
# E:\ # Disque fixe local # 10,03 Go (1,75 Go free) [HP_RECOVERY] # NTFS
# F:\ # Disque CD-ROM
# G:\ # Disque CD-ROM
# H:\ # Disque CD-ROM
# I:\ # Disque CD-ROM # 307,38 Mo (0 Mo free) [Dora] # CDFS
############################## | Processus actifs |
C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Windows\SysWOW64\bgsvcgen.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Common Files\InterVideo\DeviceService\DevSvc.exe
C:\Windows\SysWOW64\svchost.exe
C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe
C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe
C:\Program Files (x86)\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
C:\Program Files (x86)\HP\QuickPlay\Kernel\TV\QPSched.exe
C:\Windows\SMINST\BLService.exe
C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Users\Franck\AppData\Local\Temp\c.exe
C:\Windows\msa.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\USBStorage\USBDetector.exe
C:\Program Files (x86)\DigitalPersona\Bin\DpAgent.exe
C:\Program Files (x86)\Java\jre6\bin\jusched.exe
C:\Program Files (x86)\HTC\HTC Sync\Application Launcher\Application Launcher.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program Files (x86)\Common Files\Teleca Shared\CapabilityManager.exe
C:\Program Files (x86)\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe
C:\Program Files (x86)\Common Files\Teleca Shared\logger.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
C:\Program Files (x86)\Hotspot Shield\bin\openvpntray.exe
C:\Program Files (x86)\Common Files\Teleca Shared\Generic.exe
C:\Program Files (x86)\HTC\HTC Sync\ClientInitiatedStarter\ClientInitiatedStarter.exe
C:\Program Files (x86)\HTC\HTC Sync\Mobile Phone Monitor\epmworker.exe
C:\Program Files (x86)\HTC\HTC Sync\Mobile Phone Monitor\DbgOut.exe
C:\Program Files (x86)\HTC\HTC Sync\Mobile Phone Monitor\HTCVBTServer.exe
C:\Program Files (x86)\HTC\HTC Sync\Mobile Phone Monitor\FsynSrvStarter.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Windows\SysWOW64\conime.exe
################## | C: |
Présent ! I:\autorun.inf
################## | C:\Windows |
Présent ! C:\Windows\Prefetch\899435.EXE-C0183E9B.pf
Présent ! C:\Windows\Prefetch\KEYGEN.EXE-0850F28B.pf
################## | C:\Windows\system32 |
################## | C:\Windows\system32\drivers |
################## | C:\Users\Franck\AppData\Roaming |
################## | Autres detections ... |
################## | Temporary Internet Files |
################## | Registre / Clés infectieuses |
################## | Etat / Services / Informations |
# Affichage des fichiers cachés : OK
# Mode sans echec : OK
# (!) Uac = 0x0
# Ndisuio -> Start = 3 ( Good = 3 | Bad = 4 )
# EapHost -> Start = 3 ( Good = 2 | Bad = 4 )
# Wlansvc -> Start = 2 ( Good = 2 | Bad = 4 )
# (!) SharedAccess -> Start = 4 ( Good = 2 | Bad = 4 )
# windefend -> Start = 2 ( Good = 2 | Bad = 4 )
# wuauserv -> Start = 2 ( Good = 2 | Bad = 4 )
# wscsvc -> Start = 2 ( Good = 2 | Bad = 4 )
################## | Cracks / Keygens / Serials |
"D:\TORRENT\4 jeu pc dora en fr + no-cd\Crack\Dora_Sakado.exe"
28/09/2004 22:13 |Size 251485 |Crc32 84781741 |Md5 5f5a759821ff7ce5822603357692d700
"D:\TORRENT\easyHDR PRO 1.50.2\crack\easyHDR.exe"
28/11/2009 15:43 |Size 2715136 |Crc32 ffce307f |Md5 4f39c8ae4349534701c82d56a27bec7b
"D:\TORRENT\photomatrix_pro_v3.2.6.Final\photomatrix_pro_v3.2.6.Final\keygen.exe"
24/09/2007 01:34 |Size 167936 |Crc32 1c241a7f |Md5 1c071410bb1ccb2790de0808c537f168
################## | ! Fin du rapport # FindyKill V5.020 ! |
Je cherche quelqu'un qui pourrait m'aider à analyser un rapport FYNDYKILL que j'ai effectué sur mon PC car je soupçonne qu'un virus met infecté mon pc.
Merci d'avance de votre aide
Franck
VOICI LE RAPPORT :
############################## | FindyKill V5.020 |
# User : Franck (Administrateurs) # FRANCKLAPTOP
# Update on 26/11/2009 by Chiquitine29
# Start at: 21:48:37 | 02/12/2009
# Website :
Vous devez être connecté pour voir les liens.
# Contact : FindyKill.Contact@gmail.com
# Intel(R) Core(TM)2 Duo CPU P8400 @ 2.26GHz
# Microsoft® Windows Vista™ Édition Familiale Premium (6.0.6002 64-bit) # Service Pack 2
# Internet Explorer 8.0.6001.18828
# Windows Firewall Status : Enabled
# C:\ # Disque fixe local # 222,86 Go (76,39 Go free) [OS] # NTFS
# D:\ # Disque fixe local # 232,88 Go (23,6 Go free) [DATA] # NTFS
# E:\ # Disque fixe local # 10,03 Go (1,75 Go free) [HP_RECOVERY] # NTFS
# F:\ # Disque CD-ROM
# G:\ # Disque CD-ROM
# H:\ # Disque CD-ROM
# I:\ # Disque CD-ROM # 307,38 Mo (0 Mo free) [Dora] # CDFS
############################## | Processus actifs |
C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Windows\SysWOW64\bgsvcgen.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Common Files\InterVideo\DeviceService\DevSvc.exe
C:\Windows\SysWOW64\svchost.exe
C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe
C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe
C:\Program Files (x86)\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
C:\Program Files (x86)\HP\QuickPlay\Kernel\TV\QPSched.exe
C:\Windows\SMINST\BLService.exe
C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Users\Franck\AppData\Local\Temp\c.exe
C:\Windows\msa.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\USBStorage\USBDetector.exe
C:\Program Files (x86)\DigitalPersona\Bin\DpAgent.exe
C:\Program Files (x86)\Java\jre6\bin\jusched.exe
C:\Program Files (x86)\HTC\HTC Sync\Application Launcher\Application Launcher.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program Files (x86)\Common Files\Teleca Shared\CapabilityManager.exe
C:\Program Files (x86)\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe
C:\Program Files (x86)\Common Files\Teleca Shared\logger.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
C:\Program Files (x86)\Hotspot Shield\bin\openvpntray.exe
C:\Program Files (x86)\Common Files\Teleca Shared\Generic.exe
C:\Program Files (x86)\HTC\HTC Sync\ClientInitiatedStarter\ClientInitiatedStarter.exe
C:\Program Files (x86)\HTC\HTC Sync\Mobile Phone Monitor\epmworker.exe
C:\Program Files (x86)\HTC\HTC Sync\Mobile Phone Monitor\DbgOut.exe
C:\Program Files (x86)\HTC\HTC Sync\Mobile Phone Monitor\HTCVBTServer.exe
C:\Program Files (x86)\HTC\HTC Sync\Mobile Phone Monitor\FsynSrvStarter.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Windows\SysWOW64\conime.exe
################## | C: |
Présent ! I:\autorun.inf
################## | C:\Windows |
Présent ! C:\Windows\Prefetch\899435.EXE-C0183E9B.pf
Présent ! C:\Windows\Prefetch\KEYGEN.EXE-0850F28B.pf
################## | C:\Windows\system32 |
################## | C:\Windows\system32\drivers |
################## | C:\Users\Franck\AppData\Roaming |
################## | Autres detections ... |
################## | Temporary Internet Files |
################## | Registre / Clés infectieuses |
################## | Etat / Services / Informations |
# Affichage des fichiers cachés : OK
# Mode sans echec : OK
# (!) Uac = 0x0
# Ndisuio -> Start = 3 ( Good = 3 | Bad = 4 )
# EapHost -> Start = 3 ( Good = 2 | Bad = 4 )
# Wlansvc -> Start = 2 ( Good = 2 | Bad = 4 )
# (!) SharedAccess -> Start = 4 ( Good = 2 | Bad = 4 )
# windefend -> Start = 2 ( Good = 2 | Bad = 4 )
# wuauserv -> Start = 2 ( Good = 2 | Bad = 4 )
# wscsvc -> Start = 2 ( Good = 2 | Bad = 4 )
################## | Cracks / Keygens / Serials |
"D:\TORRENT\4 jeu pc dora en fr + no-cd\Crack\Dora_Sakado.exe"
28/09/2004 22:13 |Size 251485 |Crc32 84781741 |Md5 5f5a759821ff7ce5822603357692d700
"D:\TORRENT\easyHDR PRO 1.50.2\crack\easyHDR.exe"
28/11/2009 15:43 |Size 2715136 |Crc32 ffce307f |Md5 4f39c8ae4349534701c82d56a27bec7b
"D:\TORRENT\photomatrix_pro_v3.2.6.Final\photomatrix_pro_v3.2.6.Final\keygen.exe"
24/09/2007 01:34 |Size 167936 |Crc32 1c241a7f |Md5 1c071410bb1ccb2790de0808c537f168
################## | ! Fin du rapport # FindyKill V5.020 ! |