A voir également:
- System Securité help !!!!
- Question de sécurité - Guide
- Votre appareil ne dispose pas des correctifs de qualité et de sécurité importants - Guide
- Reboot system now - Guide
- Mode securite - Guide
- Hns-accessible-system-folder ✓ - Forum Réseau
11 réponses
télécharge hijackthis
http://www.trendsecure.com/portal/en-US/tools/security_tools/hijackthis/download
-> enregistre la cible sous .... "le bureau"
-> Fais un double-clic sur "HJTInstall.exe" afin de lancer l'installation
-> Clique sur Install ensuite sur "I Accept"
-> Clique sur" Do a scan system and save log file"
-> Le bloc-notes s'ouvrira, fais un copier-coller de tout son contenu ici dans ta prochaine réponse
->
http://pageperso.aol.fr/balltrap34/Hijenr.gif
Démo : (Merci a Balltrap34 pour cette réalisation)
http://www.trendsecure.com/portal/en-US/tools/security_tools/hijackthis/download
-> enregistre la cible sous .... "le bureau"
-> Fais un double-clic sur "HJTInstall.exe" afin de lancer l'installation
-> Clique sur Install ensuite sur "I Accept"
-> Clique sur" Do a scan system and save log file"
-> Le bloc-notes s'ouvrira, fais un copier-coller de tout son contenu ici dans ta prochaine réponse
->
http://pageperso.aol.fr/balltrap34/Hijenr.gif
Démo : (Merci a Balltrap34 pour cette réalisation)
Salut, telecharges hijackthis sur ton bureau ( outil de diagnostic) : http://www.trendsecure.com/portal/en-US/tools/Security_tools/hijackthis Fermes tous les programmes en cours, puis double clique sur hijackthis pour le lancer... Executes le en cliquant sur " Do a scan and save a logfile ". Un rapport s'ouvre --> enregistres le, puis postes le ...
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:02:27, on 31/12/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Norton Internet Security\ISSVC.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
D:\Documents and Settings\Hassna\Bureau\AntivirusFirewall\Anti-Virus\fsgk32st.exe
D:\Documents and Settings\Hassna\Bureau\AntivirusFirewall\Anti-Virus\FSGK32.EXE
D:\Documents and Settings\Hassna\Bureau\AntivirusFirewall\Common\FSMA32.EXE
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
c:\APPS\HIDSERVICE\HIDSERVICE.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
c:\APPS\Powercinema\Kernel\TV\CLSched.exe
D:\Documents and Settings\Hassna\Bureau\AntivirusFirewall\Common\FSMB32.EXE
D:\Documents and Settings\Hassna\Bureau\AntivirusFirewall\Common\FCH32.EXE
D:\Documents and Settings\Hassna\Bureau\AntivirusFirewall\Common\FAMEH32.EXE
D:\Documents and Settings\Hassna\Bureau\AntivirusFirewall\Anti-Virus\fsqh.exe
C:\WINDOWS\system32\Ati2evxx.exe
D:\Documents and Settings\Hassna\Bureau\AntivirusFirewall\FSAUA\program\fsaua.exe
C:\WINDOWS\Explorer.EXE
D:\Documents and Settings\Hassna\Bureau\AntivirusFirewall\Anti-Virus\fssm32.exe
D:\Documents and Settings\Hassna\Bureau\AntivirusFirewall\FWES\Program\fsdfwd.exe
C:\WINDOWS\System32\svchost.exe
D:\Documents and Settings\Hassna\Bureau\AntivirusFirewall\FSAUA\program\fsus.exe
C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe
C:\Apps\Powercinema\PCMService.exe
C:\WINDOWS\vsnpstd2.exe
C:\apps\ABoard\ABoard.exe
C:\apps\ABoard\AOSD.exe
D:\Documents and Settings\Hassna\Bureau\AntivirusFirewall\Common\FSM32.EXE
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Orange\Systray\SystrayApp.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\Mixer.exe
C:\Program Files\Orange\Launcher\Launcher.exe
D:\Documents and Settings\All Users\Application Data\277369513\933631186.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
D:\Documents and Settings\Hassna\Bureau\AntivirusFirewall\FSGUI\fsguidll.exe
C:\Program Files\Orange\connectivity\connectivitymanager.exe
C:\Program Files\Orange\connectivity\CoreCom\CoreCom.exe
C:\Program Files\Orange\connectivity\CoreCom\OraConfigRecover.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe
D:\Documents and Settings\Hassna\Bureau\AntivirusFirewall\Anti-Virus\fsav32.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\iexplore.exe
D:\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = file://C:\APPS\IE\offline\fr.htm
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Orange\SearchURLHook\SearchPageURL.dll
F3 - REG:win.ini: run=
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: CNisExtBho Class - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [Ulead AutoDetector v2] C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe
O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32"
O4 - HKLM\..\Run: [SNPSTD2] C:\WINDOWS\vsnpstd2.exe
O4 - HKLM\..\Run: [ACTIVBOARD] c:\apps\ABoard\ABoard.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [F-Secure Manager] "D:\Documents and Settings\Hassna\Bureau\AntivirusFirewall\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "D:\Documents and Settings\Hassna\Bureau\AntivirusFirewall\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SystrayORAHSS] "C:\Program Files\Orange\Systray\SystrayApp.exe"
O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\Orange\SessionManager\SessionManager.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [933631186] "D:\Documents and Settings\All Users\Application Data\277369513\933631186.exe"
O4 - HKLM\..\RunOnce: [Spybot - Search & Destroy] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck
O4 - HKLM\..\RunOnce: [SpybotSnD] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [AdobeUpdater] "C:\Program Files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Add to AMV Convert Tool... - C:\Program Files\MP3 Player Utilities 3.79\AMVConverter\grab.html
O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Program Files\MP3 Player Utilities 3.79\MediaManager\grab.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O15 - Trusted Zone: https://www.orange.fr/portail
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://ma-config.com/activex/hardwaredetection_3_0_2_0.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - D:\Documents and Settings\Hassna\Bureau\AntivirusFirewall\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - D:\Documents and Settings\Hassna\Bureau\AntivirusFirewall\FSAUA\program\fsaua.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - D:\Documents and Settings\Hassna\Bureau\AntivirusFirewall\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - D:\Documents and Settings\Hassna\Bureau\AntivirusFirewall\Common\FSMA32.EXE
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe
O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Program Files\Norton Internet Security\ISSVC.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: MysqlInventime - Unknown owner - C:\Apps\INVENT~1\mysql\bin\mysqld-nt.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
Scan saved at 18:02:27, on 31/12/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Norton Internet Security\ISSVC.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
D:\Documents and Settings\Hassna\Bureau\AntivirusFirewall\Anti-Virus\fsgk32st.exe
D:\Documents and Settings\Hassna\Bureau\AntivirusFirewall\Anti-Virus\FSGK32.EXE
D:\Documents and Settings\Hassna\Bureau\AntivirusFirewall\Common\FSMA32.EXE
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
c:\APPS\HIDSERVICE\HIDSERVICE.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
c:\APPS\Powercinema\Kernel\TV\CLSched.exe
D:\Documents and Settings\Hassna\Bureau\AntivirusFirewall\Common\FSMB32.EXE
D:\Documents and Settings\Hassna\Bureau\AntivirusFirewall\Common\FCH32.EXE
D:\Documents and Settings\Hassna\Bureau\AntivirusFirewall\Common\FAMEH32.EXE
D:\Documents and Settings\Hassna\Bureau\AntivirusFirewall\Anti-Virus\fsqh.exe
C:\WINDOWS\system32\Ati2evxx.exe
D:\Documents and Settings\Hassna\Bureau\AntivirusFirewall\FSAUA\program\fsaua.exe
C:\WINDOWS\Explorer.EXE
D:\Documents and Settings\Hassna\Bureau\AntivirusFirewall\Anti-Virus\fssm32.exe
D:\Documents and Settings\Hassna\Bureau\AntivirusFirewall\FWES\Program\fsdfwd.exe
C:\WINDOWS\System32\svchost.exe
D:\Documents and Settings\Hassna\Bureau\AntivirusFirewall\FSAUA\program\fsus.exe
C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe
C:\Apps\Powercinema\PCMService.exe
C:\WINDOWS\vsnpstd2.exe
C:\apps\ABoard\ABoard.exe
C:\apps\ABoard\AOSD.exe
D:\Documents and Settings\Hassna\Bureau\AntivirusFirewall\Common\FSM32.EXE
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Orange\Systray\SystrayApp.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\Mixer.exe
C:\Program Files\Orange\Launcher\Launcher.exe
D:\Documents and Settings\All Users\Application Data\277369513\933631186.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
D:\Documents and Settings\Hassna\Bureau\AntivirusFirewall\FSGUI\fsguidll.exe
C:\Program Files\Orange\connectivity\connectivitymanager.exe
C:\Program Files\Orange\connectivity\CoreCom\CoreCom.exe
C:\Program Files\Orange\connectivity\CoreCom\OraConfigRecover.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe
D:\Documents and Settings\Hassna\Bureau\AntivirusFirewall\Anti-Virus\fsav32.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\iexplore.exe
D:\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = file://C:\APPS\IE\offline\fr.htm
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Orange\SearchURLHook\SearchPageURL.dll
F3 - REG:win.ini: run=
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: CNisExtBho Class - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [Ulead AutoDetector v2] C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe
O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32"
O4 - HKLM\..\Run: [SNPSTD2] C:\WINDOWS\vsnpstd2.exe
O4 - HKLM\..\Run: [ACTIVBOARD] c:\apps\ABoard\ABoard.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [F-Secure Manager] "D:\Documents and Settings\Hassna\Bureau\AntivirusFirewall\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "D:\Documents and Settings\Hassna\Bureau\AntivirusFirewall\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SystrayORAHSS] "C:\Program Files\Orange\Systray\SystrayApp.exe"
O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\Orange\SessionManager\SessionManager.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [933631186] "D:\Documents and Settings\All Users\Application Data\277369513\933631186.exe"
O4 - HKLM\..\RunOnce: [Spybot - Search & Destroy] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck
O4 - HKLM\..\RunOnce: [SpybotSnD] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [AdobeUpdater] "C:\Program Files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Add to AMV Convert Tool... - C:\Program Files\MP3 Player Utilities 3.79\AMVConverter\grab.html
O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Program Files\MP3 Player Utilities 3.79\MediaManager\grab.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O15 - Trusted Zone: https://www.orange.fr/portail
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://ma-config.com/activex/hardwaredetection_3_0_2_0.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - D:\Documents and Settings\Hassna\Bureau\AntivirusFirewall\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - D:\Documents and Settings\Hassna\Bureau\AntivirusFirewall\FSAUA\program\fsaua.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - D:\Documents and Settings\Hassna\Bureau\AntivirusFirewall\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - D:\Documents and Settings\Hassna\Bureau\AntivirusFirewall\Common\FSMA32.EXE
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe
O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Program Files\Norton Internet Security\ISSVC.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: MysqlInventime - Unknown owner - C:\Apps\INVENT~1\mysql\bin\mysqld-nt.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Télécharge Lop S&D :
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2
▶ Double-clique dessus pour lancer l'installation
▶ Puis double-clique sur le raccourci Lop S&D présent sur ton bureau
▶ Séléctionne la langue souhaitée
▶ Puis choisis l'Option 1 ( Recherche )
▶ Patiente jusqu'à la fin du scan
▶ Poste le rapport généré ( C:lopR.txt )
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2
▶ Double-clique dessus pour lancer l'installation
▶ Puis double-clique sur le raccourci Lop S&D présent sur ton bureau
▶ Séléctionne la langue souhaitée
▶ Puis choisis l'Option 1 ( Recherche )
▶ Patiente jusqu'à la fin du scan
▶ Poste le rapport généré ( C:lopR.txt )
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : AMD Athlon(tm) 64 Processor 3400+ )
BIOS : BIOS Date: 09/06/05 17:29:38 Ver: 08.00.12
USER : Hassna ( Administrator )
BOOT : Normal boot
Antivirus : AntiVirus Firewall 7.00 7.00 (Activated)
Firewall : Norton Internet Security 2005 (Not Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:29 Go (Free:19 Go)
D:\ (Local Disk) - NTFS - Total:148 Go (Free:111 Go)
E:\ (CD or DVD)
F:\ (USB)
G:\ (USB)
H:\ (USB)
I:\ (USB)
"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( 31/12/2008|18:12 )
--------------------\\ Listing des dossiers dans APPLIC~1
[24/12/2005|23:46] D:\DOCUME~1\ACCOUN~2.)\APPLIC~1\Microsoft
[03/01/2008|23:46] D:\DOCUME~1\ACCOUN~1.)\APPLIC~1\Adobe
[08/09/2006|18:41] D:\DOCUME~1\ACCOUN~1.)\APPLIC~1\AdobeUM
[05/05/2007|17:58] D:\DOCUME~1\ACCOUN~1.)\APPLIC~1\Help
[27/10/2005|23:30] D:\DOCUME~1\ACCOUN~1.)\APPLIC~1\Identities
[27/10/2005|14:54] D:\DOCUME~1\ACCOUN~1.)\APPLIC~1\Macromedia
[06/04/2008|15:15] D:\DOCUME~1\ACCOUN~1.)\APPLIC~1\Microsoft
[23/12/2005|12:21] D:\DOCUME~1\ACCOUN~1.)\APPLIC~1\OD2
[01/03/2006|11:39] D:\DOCUME~1\ACCOUN~1.)\APPLIC~1\Real
[20/03/2008|16:47] D:\DOCUME~1\ACCOUN~1.)\APPLIC~1\TuneUp Software
[13/01/2007|19:18] D:\DOCUME~1\ACCOUN~1.)\APPLIC~1\Ulead Systems
[20/03/2008|16:47] D:\DOCUME~1\ACCOUN~1.)\APPLIC~1\WinRAR
[27/10/2005|14:48] D:\DOCUME~1\ACCOUN~1.)\APPLIC~1\You've Got Pictures Screensaver
[30/12/2008|22:25] D:\DOCUME~1\ALLUSE~1\APPLIC~1\277369513
[05/12/2008|19:55] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[22/09/2006|18:15] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
[27/10/2005|07:48] D:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL
[24/03/2008|11:41] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[05/04/2008|21:28] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[06/04/2008|15:16] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Avg7
[03/01/2008|12:45] D:\DOCUME~1\ALLUSE~1\APPLIC~1\AVS4YOU
[26/01/2007|18:31] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Corel
[27/10/2005|07:58] D:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[21/05/2008|13:02] D:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
[07/04/2008|17:20] D:\DOCUME~1\ALLUSE~1\APPLIC~1\F-Secure
[07/04/2008|17:18] D:\DOCUME~1\ALLUSE~1\APPLIC~1\fssg
[15/07/2008|13:46] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[22/07/2008|09:49] D:\DOCUME~1\ALLUSE~1\APPLIC~1\ma-config.com
[15/02/2008|19:54] D:\DOCUME~1\ALLUSE~1\APPLIC~1\MAGIX
[19/12/2008|19:07] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[18/12/2008|16:40] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[11/03/2006|09:43] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Motive
[11/03/2006|11:14] D:\DOCUME~1\ALLUSE~1\APPLIC~1\MotiveSysIDs
[05/12/2008|20:01] D:\DOCUME~1\ALLUSE~1\APPLIC~1\NOS
[27/10/2005|07:47] D:\DOCUME~1\ALLUSE~1\APPLIC~1\OD2
[12/09/2006|19:20] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Pinnacle
[12/09/2006|19:20] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Pinnacle Studio
[27/10/2005|07:48] D:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[27/10/2005|16:30] D:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[31/12/2008|17:40] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[03/05/2008|19:59] D:\DOCUME~1\ALLUSE~1\APPLIC~1\SweetIM
[16/07/2008|13:06] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[16/07/2008|15:39] D:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[20/03/2008|16:47] D:\DOCUME~1\ALLUSE~1\APPLIC~1\TuneUp Software
[27/10/2005|07:55] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Ulead Systems
[27/10/2005|07:48] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint
[17/07/2008|17:01] D:\DOCUME~1\ALLUSE~1\APPLIC~1\VistaCodecs
[18/05/2008|17:57] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Winamp Toolbar
[30/06/2006|11:38] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[04/07/2007|09:49] D:\DOCUME~1\ALLUSE~1\APPLIC~1\WindowsLiveInstaller
[30/12/2008|15:04] D:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[07/04/2008|01:46] D:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[07/04/2008|01:46] D:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia
[07/04/2008|01:46] D:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[07/04/2008|01:46] D:\DOCUME~1\DEFAUL~1\APPLIC~1\Real
[27/10/2005|07:51] D:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec
[27/10/2005|07:48] D:\DOCUME~1\DEFAUL~1\APPLIC~1\You've Got Pictures Screensaver
[23/04/2008|21:35] D:\DOCUME~1\Ghallia\APPLIC~1\Adobe
[06/04/2008|17:15] D:\DOCUME~1\Ghallia\APPLIC~1\eMule
[23/10/2008|14:53] D:\DOCUME~1\Ghallia\APPLIC~1\Google
[07/04/2008|01:46] D:\DOCUME~1\Ghallia\APPLIC~1\Identities
[06/04/2008|17:18] D:\DOCUME~1\Ghallia\APPLIC~1\LimeWire
[06/04/2008|16:59] D:\DOCUME~1\Ghallia\APPLIC~1\Macromedia
[23/10/2008|10:46] D:\DOCUME~1\Ghallia\APPLIC~1\Microsoft
[19/04/2008|18:22] D:\DOCUME~1\Ghallia\APPLIC~1\Mozilla
[07/04/2008|09:38] D:\DOCUME~1\Ghallia\APPLIC~1\OD2
[07/04/2008|01:46] D:\DOCUME~1\Ghallia\APPLIC~1\Real
[06/04/2008|16:57] D:\DOCUME~1\Ghallia\APPLIC~1\Symantec
[19/04/2008|18:23] D:\DOCUME~1\Ghallia\APPLIC~1\Talkback
[27/10/2005|07:48] D:\DOCUME~1\Ghallia\APPLIC~1\You've Got Pictures Screensaver
[12/10/2008|19:54] D:\DOCUME~1\Hassna\APPLIC~1\AccurateRip
[22/04/2008|17:55] D:\DOCUME~1\Hassna\APPLIC~1\Adobe
[10/04/2008|14:53] D:\DOCUME~1\Hassna\APPLIC~1\AdobeUM
[23/12/2008|11:43] D:\DOCUME~1\Hassna\APPLIC~1\Ahead
[17/07/2008|16:29] D:\DOCUME~1\Hassna\APPLIC~1\Apple Computer
[28/12/2008|17:14] D:\DOCUME~1\Hassna\APPLIC~1\Canon
[08/05/2008|21:50] D:\DOCUME~1\Hassna\APPLIC~1\CyberLink
[06/12/2008|23:19] D:\DOCUME~1\Hassna\APPLIC~1\DeepBurner
[07/04/2008|17:25] D:\DOCUME~1\Hassna\APPLIC~1\F-Secure
[20/09/2008|19:10] D:\DOCUME~1\Hassna\APPLIC~1\Google
[07/04/2008|01:46] D:\DOCUME~1\Hassna\APPLIC~1\Identities
[31/05/2008|17:53] D:\DOCUME~1\Hassna\APPLIC~1\InstallShield
[16/04/2008|16:57] D:\DOCUME~1\Hassna\APPLIC~1\Leadertech
[28/12/2008|21:07] D:\DOCUME~1\Hassna\APPLIC~1\LimeWire
[06/04/2008|17:24] D:\DOCUME~1\Hassna\APPLIC~1\Macromedia
[17/07/2008|17:09] D:\DOCUME~1\Hassna\APPLIC~1\Media Player Classic
[16/10/2008|18:18] D:\DOCUME~1\Hassna\APPLIC~1\Microsoft
[18/04/2008|13:54] D:\DOCUME~1\Hassna\APPLIC~1\Mozilla
[06/04/2008|18:02] D:\DOCUME~1\Hassna\APPLIC~1\OD2
[10/04/2008|18:12] D:\DOCUME~1\Hassna\APPLIC~1\OFFICE One v6
[07/04/2008|18:23] D:\DOCUME~1\Hassna\APPLIC~1\Real
[16/06/2008|18:11] D:\DOCUME~1\Hassna\APPLIC~1\Samsung
[16/04/2008|16:57] D:\DOCUME~1\Hassna\APPLIC~1\Sonic
[08/04/2008|13:27] D:\DOCUME~1\Hassna\APPLIC~1\Sun
[16/07/2008|13:06] D:\DOCUME~1\Hassna\APPLIC~1\Symantec
[18/04/2008|13:54] D:\DOCUME~1\Hassna\APPLIC~1\Talkback
[18/04/2008|19:28] D:\DOCUME~1\Hassna\APPLIC~1\Ulead Systems
[22/07/2008|09:37] D:\DOCUME~1\Hassna\APPLIC~1\vlc
[08/05/2008|21:23] D:\DOCUME~1\Hassna\APPLIC~1\Vso
[23/04/2008|14:57] D:\DOCUME~1\Hassna\APPLIC~1\WinRAR
[27/10/2005|07:48] D:\DOCUME~1\Hassna\APPLIC~1\You've Got Pictures Screensaver
[05/01/2006|19:24] D:\DOCUME~1\HASSNO~1\APPLIC~1\Adobe
[06/01/2006|20:48] D:\DOCUME~1\HASSNO~1\APPLIC~1\AdobeUM
[11/01/2006|15:15] D:\DOCUME~1\HASSNO~1\APPLIC~1\CyberLink
[23/12/2005|11:26] D:\DOCUME~1\HASSNO~1\APPLIC~1\Help
[27/10/2005|23:30] D:\DOCUME~1\HASSNO~1\APPLIC~1\Identities
[26/01/2006|21:57] D:\DOCUME~1\HASSNO~1\APPLIC~1\Leadertech
[27/10/2005|14:54] D:\DOCUME~1\HASSNO~1\APPLIC~1\Macromedia
[06/04/2008|14:52] D:\DOCUME~1\HASSNO~1\APPLIC~1\Microsoft
[22/12/2005|18:15] D:\DOCUME~1\HASSNO~1\APPLIC~1\MSNInstaller
[22/12/2005|21:59] D:\DOCUME~1\HASSNO~1\APPLIC~1\OD2
[31/12/2005|15:09] D:\DOCUME~1\HASSNO~1\APPLIC~1\Real
[26/01/2006|21:59] D:\DOCUME~1\HASSNO~1\APPLIC~1\Sonic
[27/12/2005|18:35] D:\DOCUME~1\HASSNO~1\APPLIC~1\Sun
[15/04/2006|21:22] D:\DOCUME~1\HASSNO~1\APPLIC~1\Symantec
[23/12/2005|15:23] D:\DOCUME~1\HASSNO~1\APPLIC~1\Ulead Systems
[27/10/2005|14:48] D:\DOCUME~1\HASSNO~1\APPLIC~1\You've Got Pictures Screensaver
[06/04/2008|17:19] D:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[07/04/2008|01:46] D:\DOCUME~1\LOCALS~1.AUT\APPLIC~1\Microsoft
[13/02/2006|15:27] D:\DOCUME~1\LOCALS~1.000\APPLIC~1\Help
[13/02/2006|15:29] D:\DOCUME~1\LOCALS~1.000\APPLIC~1\Macromedia
[06/04/2008|15:15] D:\DOCUME~1\LOCALS~1.000\APPLIC~1\Microsoft
[15/07/2006|23:07] D:\DOCUME~1\mohamed\APPLIC~1\Adobe
[15/07/2006|23:08] D:\DOCUME~1\mohamed\APPLIC~1\AdobeUM
[26/12/2005|18:27] D:\DOCUME~1\mohamed\APPLIC~1\Help
[27/10/2005|23:30] D:\DOCUME~1\mohamed\APPLIC~1\Identities
[27/10/2005|14:54] D:\DOCUME~1\mohamed\APPLIC~1\Macromedia
[06/04/2008|15:15] D:\DOCUME~1\mohamed\APPLIC~1\Microsoft
[15/07/2006|13:47] D:\DOCUME~1\mohamed\APPLIC~1\OD2
[27/10/2005|14:54] D:\DOCUME~1\mohamed\APPLIC~1\Real
[02/07/2006|13:29] D:\DOCUME~1\mohamed\APPLIC~1\Sun
[27/10/2005|14:48] D:\DOCUME~1\mohamed\APPLIC~1\You've Got Pictures Screensaver
[27/10/2005|16:30] D:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[24/12/2005|23:46] D:\DOCUME~1\NETWOR~1.AUT\APPLIC~1\Microsoft
[06/04/2008|15:15] D:\DOCUME~1\NETWOR~1.000\APPLIC~1\Microsoft
[07/04/2008|01:46] D:\DOCUME~1\NETWOR~1.001\APPLIC~1\Microsoft
[18/12/2008|19:48] D:\DOCUME~1\PROPRI~1\APPLIC~1\You've Got Pictures Screensaver
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[31/12/2008 11:09][--a------] C:\WINDOWS\tasks\Scheduled scanning task.job
[17/07/2008 16:27][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[31/12/2008 18:00][--a------] C:\WINDOWS\tasks\Configurer mon PC.job
[31/12/2008 17:09][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 13:00][-rah-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[05/12/2008|19:53] C:\Program Files\Adobe
[30/10/2008|20:25] C:\Program Files\Ahead
[16/10/2008|18:13] C:\Program Files\Alcohol Soft
[07/04/2008|01:40] C:\Program Files\AMD
[29/09/2008|13:15] C:\Program Files\AOL 9.0
[07/04/2008|01:40] C:\Program Files\AOL Compagnon
[17/07/2008|16:27] C:\Program Files\Apple Software Update
[07/12/2008|12:13] C:\Program Files\Astonsoft
[18/04/2008|19:40] C:\Program Files\Canon
[19/12/2008|18:27] C:\Program Files\Circle Developement
[07/04/2008|01:40] C:\Program Files\ComPlus Applications
[16/10/2008|18:48] C:\Program Files\Conduit
[07/04/2008|01:40] C:\Program Files\CyberLink
[12/10/2008|19:56] C:\Program Files\Exact Audio Copy
[31/12/2008|17:10] C:\Program Files\Fichiers communs
[12/10/2008|11:15] C:\Program Files\Free Audio Pack
[16/10/2008|18:48] C:\Program Files\free-downloads.net
[07/04/2008|01:40] C:\Program Files\GMixon
[23/12/2008|12:39] C:\Program Files\Google
[30/07/2008|15:38] C:\Program Files\Hercules
[10/04/2008|17:46] C:\Program Files\Hewlett-Packard
[09/05/2008|17:47] C:\Program Files\houari-dauphin
[10/04/2008|17:42] C:\Program Files\HP
[29/09/2008|13:16] C:\Program Files\Icone
[30/11/2008|15:17] C:\Program Files\InstallShield Installation Information
[10/12/2008|21:40] C:\Program Files\Internet Explorer
[07/04/2008|01:40] C:\Program Files\Java
[22/07/2008|09:21] C:\Program Files\Lavalys
[17/07/2008|12:39] C:\Program Files\Lavasoft
[07/04/2008|01:40] C:\Program Files\Learn2.com
[03/07/2008|19:51] C:\Program Files\LETMIN
[22/07/2008|09:49] C:\Program Files\ma-config.com
[29/09/2008|13:16] C:\Program Files\Messenger
[19/12/2008|18:27] C:\Program Files\Messenger Plus! Live
[06/04/2008|20:04] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[07/04/2008|01:40] C:\Program Files\microsoft frontpage
[06/04/2008|17:20] C:\Program Files\Microsoft SQL Server Compact Edition
[27/08/2008|20:16] C:\Program Files\Movie Maker
[22/04/2008|17:27] C:\Program Files\Mozilla Firefox
[06/04/2008|17:52] C:\Program Files\MSN
[19/07/2008|13:45] C:\Program Files\MSN Games
[07/04/2008|01:40] C:\Program Files\MSN Gaming Zone
[06/04/2008|20:00] C:\Program Files\MSXML 4.0
[27/08/2008|20:11] C:\Program Files\NetMeeting
[16/07/2008|13:06] C:\Program Files\Norton Internet Security
[05/12/2008|20:01] C:\Program Files\NOS
[03/05/2008|20:04] C:\Program Files\OFFICE One6.5
[07/04/2008|01:42] C:\Program Files\Online Services
[31/05/2008|17:59] C:\Program Files\Orange
[27/08/2008|20:11] C:\Program Files\Outlook Express
[28/11/2008|22:29] C:\Program Files\PhotoFiltre
[17/07/2008|16:28] C:\Program Files\QuickTime
[07/04/2008|01:40] C:\Program Files\Real
[22/07/2008|09:55] C:\Program Files\Realtek AC97
[31/05/2008|17:53] C:\Program Files\SAGEM
[16/06/2008|18:05] C:\Program Files\Samsung
[07/04/2008|01:43] C:\Program Files\Services en ligne
[07/04/2008|01:40] C:\Program Files\Sonic
[31/12/2008|11:18] C:\Program Files\Spybot - Search & Destroy
[16/07/2008|13:06] C:\Program Files\SymNetDrv
[31/12/2008|18:01] C:\Program Files\Trend Micro
[07/04/2008|01:40] C:\Program Files\Ulead Systems
[07/04/2008|01:40] C:\Program Files\Uninstall Information
[20/04/2008|12:57] C:\Program Files\user
[22/07/2008|09:35] C:\Program Files\VideoLAN
[07/04/2008|01:40] C:\Program Files\Viewpoint
[30/12/2008|15:04] C:\Program Files\Windows Live
[26/12/2008|21:32] C:\Program Files\Windows Live Safety Center
[07/04/2008|01:40] C:\Program Files\Windows Media Components
[06/04/2008|18:47] C:\Program Files\Windows Media Connect 2
[27/08/2008|20:11] C:\Program Files\Windows Media Player
[27/08/2008|20:11] C:\Program Files\Windows NT
[07/04/2008|01:40] C:\Program Files\WindowsUpdate
[23/04/2008|14:56] C:\Program Files\WinRAR
[07/04/2008|01:40] C:\Program Files\xerox
[16/10/2008|17:52] C:\Program Files\Yahoo!
[02/08/2008|22:37] C:\Program Files\YesMessenger
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[05/12/2008|19:54] C:\Program Files\Fichiers communs\Adobe
[30/10/2008|20:25] C:\Program Files\Fichiers communs\Ahead
[07/04/2008|01:41] C:\Program Files\Fichiers communs\AOL
[07/04/2008|01:41] C:\Program Files\Fichiers communs\aolshare
[31/05/2008|17:57] C:\Program Files\Fichiers communs\France Telecom
[07/04/2008|01:40] C:\Program Files\Fichiers communs\InstallShield
[07/04/2008|01:40] C:\Program Files\Fichiers communs\Java
[30/12/2008|15:04] C:\Program Files\Fichiers communs\Microsoft Shared
[07/04/2008|01:40] C:\Program Files\Fichiers communs\MSSoap
[07/04/2008|01:40] C:\Program Files\Fichiers communs\Nullsoft
[07/04/2008|01:40] C:\Program Files\Fichiers communs\ODBC
[07/04/2008|01:40] C:\Program Files\Fichiers communs\Real
[07/04/2008|01:41] C:\Program Files\Fichiers communs\Services
[07/04/2008|01:41] C:\Program Files\Fichiers communs\Sonic Shared
[07/04/2008|01:40] C:\Program Files\Fichiers communs\SpeechEngines
[07/04/2008|01:42] C:\Program Files\Fichiers communs\SureThing Shared
[16/07/2008|13:09] C:\Program Files\Fichiers communs\Symantec Shared
[27/08/2008|20:11] C:\Program Files\Fichiers communs\System
[07/04/2008|01:40] C:\Program Files\Fichiers communs\Ulead Systems
[18/12/2008|16:40] C:\Program Files\Fichiers communs\Windows Live
[06/04/2008|17:13] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[07/04/2008|01:40] C:\Program Files\Fichiers communs\xing shared
--------------------\\ Process
( 74 Processes )
iexplore.exe ~ [PID:4972]
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\Program Files\Circle Developement
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-31 18:14:38
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
folder error: D:\DOCUME~1\Hassna\LOCALS~1\APPLIC~1
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:21][D:1]-> D:\DOCUME~1\Hassna\LOCALS~1\Temp
[F:18][D:0]-> D:\DOCUME~1\Hassna\Cookies
[F:556][D:8]-> D:\DOCUME~1\Hassna\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 31/12/2008|18:15 - Option : [1]
--------------------\\ Fin du rapport a 18:15:31
X86-based PC ( Uniprocessor Free : AMD Athlon(tm) 64 Processor 3400+ )
BIOS : BIOS Date: 09/06/05 17:29:38 Ver: 08.00.12
USER : Hassna ( Administrator )
BOOT : Normal boot
Antivirus : AntiVirus Firewall 7.00 7.00 (Activated)
Firewall : Norton Internet Security 2005 (Not Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:29 Go (Free:19 Go)
D:\ (Local Disk) - NTFS - Total:148 Go (Free:111 Go)
E:\ (CD or DVD)
F:\ (USB)
G:\ (USB)
H:\ (USB)
I:\ (USB)
"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( 31/12/2008|18:12 )
--------------------\\ Listing des dossiers dans APPLIC~1
[24/12/2005|23:46] D:\DOCUME~1\ACCOUN~2.)\APPLIC~1\Microsoft
[03/01/2008|23:46] D:\DOCUME~1\ACCOUN~1.)\APPLIC~1\Adobe
[08/09/2006|18:41] D:\DOCUME~1\ACCOUN~1.)\APPLIC~1\AdobeUM
[05/05/2007|17:58] D:\DOCUME~1\ACCOUN~1.)\APPLIC~1\Help
[27/10/2005|23:30] D:\DOCUME~1\ACCOUN~1.)\APPLIC~1\Identities
[27/10/2005|14:54] D:\DOCUME~1\ACCOUN~1.)\APPLIC~1\Macromedia
[06/04/2008|15:15] D:\DOCUME~1\ACCOUN~1.)\APPLIC~1\Microsoft
[23/12/2005|12:21] D:\DOCUME~1\ACCOUN~1.)\APPLIC~1\OD2
[01/03/2006|11:39] D:\DOCUME~1\ACCOUN~1.)\APPLIC~1\Real
[20/03/2008|16:47] D:\DOCUME~1\ACCOUN~1.)\APPLIC~1\TuneUp Software
[13/01/2007|19:18] D:\DOCUME~1\ACCOUN~1.)\APPLIC~1\Ulead Systems
[20/03/2008|16:47] D:\DOCUME~1\ACCOUN~1.)\APPLIC~1\WinRAR
[27/10/2005|14:48] D:\DOCUME~1\ACCOUN~1.)\APPLIC~1\You've Got Pictures Screensaver
[30/12/2008|22:25] D:\DOCUME~1\ALLUSE~1\APPLIC~1\277369513
[05/12/2008|19:55] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[22/09/2006|18:15] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
[27/10/2005|07:48] D:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL
[24/03/2008|11:41] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[05/04/2008|21:28] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[06/04/2008|15:16] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Avg7
[03/01/2008|12:45] D:\DOCUME~1\ALLUSE~1\APPLIC~1\AVS4YOU
[26/01/2007|18:31] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Corel
[27/10/2005|07:58] D:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[21/05/2008|13:02] D:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
[07/04/2008|17:20] D:\DOCUME~1\ALLUSE~1\APPLIC~1\F-Secure
[07/04/2008|17:18] D:\DOCUME~1\ALLUSE~1\APPLIC~1\fssg
[15/07/2008|13:46] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[22/07/2008|09:49] D:\DOCUME~1\ALLUSE~1\APPLIC~1\ma-config.com
[15/02/2008|19:54] D:\DOCUME~1\ALLUSE~1\APPLIC~1\MAGIX
[19/12/2008|19:07] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[18/12/2008|16:40] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[11/03/2006|09:43] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Motive
[11/03/2006|11:14] D:\DOCUME~1\ALLUSE~1\APPLIC~1\MotiveSysIDs
[05/12/2008|20:01] D:\DOCUME~1\ALLUSE~1\APPLIC~1\NOS
[27/10/2005|07:47] D:\DOCUME~1\ALLUSE~1\APPLIC~1\OD2
[12/09/2006|19:20] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Pinnacle
[12/09/2006|19:20] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Pinnacle Studio
[27/10/2005|07:48] D:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[27/10/2005|16:30] D:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[31/12/2008|17:40] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[03/05/2008|19:59] D:\DOCUME~1\ALLUSE~1\APPLIC~1\SweetIM
[16/07/2008|13:06] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[16/07/2008|15:39] D:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[20/03/2008|16:47] D:\DOCUME~1\ALLUSE~1\APPLIC~1\TuneUp Software
[27/10/2005|07:55] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Ulead Systems
[27/10/2005|07:48] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint
[17/07/2008|17:01] D:\DOCUME~1\ALLUSE~1\APPLIC~1\VistaCodecs
[18/05/2008|17:57] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Winamp Toolbar
[30/06/2006|11:38] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[04/07/2007|09:49] D:\DOCUME~1\ALLUSE~1\APPLIC~1\WindowsLiveInstaller
[30/12/2008|15:04] D:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[07/04/2008|01:46] D:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[07/04/2008|01:46] D:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia
[07/04/2008|01:46] D:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[07/04/2008|01:46] D:\DOCUME~1\DEFAUL~1\APPLIC~1\Real
[27/10/2005|07:51] D:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec
[27/10/2005|07:48] D:\DOCUME~1\DEFAUL~1\APPLIC~1\You've Got Pictures Screensaver
[23/04/2008|21:35] D:\DOCUME~1\Ghallia\APPLIC~1\Adobe
[06/04/2008|17:15] D:\DOCUME~1\Ghallia\APPLIC~1\eMule
[23/10/2008|14:53] D:\DOCUME~1\Ghallia\APPLIC~1\Google
[07/04/2008|01:46] D:\DOCUME~1\Ghallia\APPLIC~1\Identities
[06/04/2008|17:18] D:\DOCUME~1\Ghallia\APPLIC~1\LimeWire
[06/04/2008|16:59] D:\DOCUME~1\Ghallia\APPLIC~1\Macromedia
[23/10/2008|10:46] D:\DOCUME~1\Ghallia\APPLIC~1\Microsoft
[19/04/2008|18:22] D:\DOCUME~1\Ghallia\APPLIC~1\Mozilla
[07/04/2008|09:38] D:\DOCUME~1\Ghallia\APPLIC~1\OD2
[07/04/2008|01:46] D:\DOCUME~1\Ghallia\APPLIC~1\Real
[06/04/2008|16:57] D:\DOCUME~1\Ghallia\APPLIC~1\Symantec
[19/04/2008|18:23] D:\DOCUME~1\Ghallia\APPLIC~1\Talkback
[27/10/2005|07:48] D:\DOCUME~1\Ghallia\APPLIC~1\You've Got Pictures Screensaver
[12/10/2008|19:54] D:\DOCUME~1\Hassna\APPLIC~1\AccurateRip
[22/04/2008|17:55] D:\DOCUME~1\Hassna\APPLIC~1\Adobe
[10/04/2008|14:53] D:\DOCUME~1\Hassna\APPLIC~1\AdobeUM
[23/12/2008|11:43] D:\DOCUME~1\Hassna\APPLIC~1\Ahead
[17/07/2008|16:29] D:\DOCUME~1\Hassna\APPLIC~1\Apple Computer
[28/12/2008|17:14] D:\DOCUME~1\Hassna\APPLIC~1\Canon
[08/05/2008|21:50] D:\DOCUME~1\Hassna\APPLIC~1\CyberLink
[06/12/2008|23:19] D:\DOCUME~1\Hassna\APPLIC~1\DeepBurner
[07/04/2008|17:25] D:\DOCUME~1\Hassna\APPLIC~1\F-Secure
[20/09/2008|19:10] D:\DOCUME~1\Hassna\APPLIC~1\Google
[07/04/2008|01:46] D:\DOCUME~1\Hassna\APPLIC~1\Identities
[31/05/2008|17:53] D:\DOCUME~1\Hassna\APPLIC~1\InstallShield
[16/04/2008|16:57] D:\DOCUME~1\Hassna\APPLIC~1\Leadertech
[28/12/2008|21:07] D:\DOCUME~1\Hassna\APPLIC~1\LimeWire
[06/04/2008|17:24] D:\DOCUME~1\Hassna\APPLIC~1\Macromedia
[17/07/2008|17:09] D:\DOCUME~1\Hassna\APPLIC~1\Media Player Classic
[16/10/2008|18:18] D:\DOCUME~1\Hassna\APPLIC~1\Microsoft
[18/04/2008|13:54] D:\DOCUME~1\Hassna\APPLIC~1\Mozilla
[06/04/2008|18:02] D:\DOCUME~1\Hassna\APPLIC~1\OD2
[10/04/2008|18:12] D:\DOCUME~1\Hassna\APPLIC~1\OFFICE One v6
[07/04/2008|18:23] D:\DOCUME~1\Hassna\APPLIC~1\Real
[16/06/2008|18:11] D:\DOCUME~1\Hassna\APPLIC~1\Samsung
[16/04/2008|16:57] D:\DOCUME~1\Hassna\APPLIC~1\Sonic
[08/04/2008|13:27] D:\DOCUME~1\Hassna\APPLIC~1\Sun
[16/07/2008|13:06] D:\DOCUME~1\Hassna\APPLIC~1\Symantec
[18/04/2008|13:54] D:\DOCUME~1\Hassna\APPLIC~1\Talkback
[18/04/2008|19:28] D:\DOCUME~1\Hassna\APPLIC~1\Ulead Systems
[22/07/2008|09:37] D:\DOCUME~1\Hassna\APPLIC~1\vlc
[08/05/2008|21:23] D:\DOCUME~1\Hassna\APPLIC~1\Vso
[23/04/2008|14:57] D:\DOCUME~1\Hassna\APPLIC~1\WinRAR
[27/10/2005|07:48] D:\DOCUME~1\Hassna\APPLIC~1\You've Got Pictures Screensaver
[05/01/2006|19:24] D:\DOCUME~1\HASSNO~1\APPLIC~1\Adobe
[06/01/2006|20:48] D:\DOCUME~1\HASSNO~1\APPLIC~1\AdobeUM
[11/01/2006|15:15] D:\DOCUME~1\HASSNO~1\APPLIC~1\CyberLink
[23/12/2005|11:26] D:\DOCUME~1\HASSNO~1\APPLIC~1\Help
[27/10/2005|23:30] D:\DOCUME~1\HASSNO~1\APPLIC~1\Identities
[26/01/2006|21:57] D:\DOCUME~1\HASSNO~1\APPLIC~1\Leadertech
[27/10/2005|14:54] D:\DOCUME~1\HASSNO~1\APPLIC~1\Macromedia
[06/04/2008|14:52] D:\DOCUME~1\HASSNO~1\APPLIC~1\Microsoft
[22/12/2005|18:15] D:\DOCUME~1\HASSNO~1\APPLIC~1\MSNInstaller
[22/12/2005|21:59] D:\DOCUME~1\HASSNO~1\APPLIC~1\OD2
[31/12/2005|15:09] D:\DOCUME~1\HASSNO~1\APPLIC~1\Real
[26/01/2006|21:59] D:\DOCUME~1\HASSNO~1\APPLIC~1\Sonic
[27/12/2005|18:35] D:\DOCUME~1\HASSNO~1\APPLIC~1\Sun
[15/04/2006|21:22] D:\DOCUME~1\HASSNO~1\APPLIC~1\Symantec
[23/12/2005|15:23] D:\DOCUME~1\HASSNO~1\APPLIC~1\Ulead Systems
[27/10/2005|14:48] D:\DOCUME~1\HASSNO~1\APPLIC~1\You've Got Pictures Screensaver
[06/04/2008|17:19] D:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[07/04/2008|01:46] D:\DOCUME~1\LOCALS~1.AUT\APPLIC~1\Microsoft
[13/02/2006|15:27] D:\DOCUME~1\LOCALS~1.000\APPLIC~1\Help
[13/02/2006|15:29] D:\DOCUME~1\LOCALS~1.000\APPLIC~1\Macromedia
[06/04/2008|15:15] D:\DOCUME~1\LOCALS~1.000\APPLIC~1\Microsoft
[15/07/2006|23:07] D:\DOCUME~1\mohamed\APPLIC~1\Adobe
[15/07/2006|23:08] D:\DOCUME~1\mohamed\APPLIC~1\AdobeUM
[26/12/2005|18:27] D:\DOCUME~1\mohamed\APPLIC~1\Help
[27/10/2005|23:30] D:\DOCUME~1\mohamed\APPLIC~1\Identities
[27/10/2005|14:54] D:\DOCUME~1\mohamed\APPLIC~1\Macromedia
[06/04/2008|15:15] D:\DOCUME~1\mohamed\APPLIC~1\Microsoft
[15/07/2006|13:47] D:\DOCUME~1\mohamed\APPLIC~1\OD2
[27/10/2005|14:54] D:\DOCUME~1\mohamed\APPLIC~1\Real
[02/07/2006|13:29] D:\DOCUME~1\mohamed\APPLIC~1\Sun
[27/10/2005|14:48] D:\DOCUME~1\mohamed\APPLIC~1\You've Got Pictures Screensaver
[27/10/2005|16:30] D:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[24/12/2005|23:46] D:\DOCUME~1\NETWOR~1.AUT\APPLIC~1\Microsoft
[06/04/2008|15:15] D:\DOCUME~1\NETWOR~1.000\APPLIC~1\Microsoft
[07/04/2008|01:46] D:\DOCUME~1\NETWOR~1.001\APPLIC~1\Microsoft
[18/12/2008|19:48] D:\DOCUME~1\PROPRI~1\APPLIC~1\You've Got Pictures Screensaver
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[31/12/2008 11:09][--a------] C:\WINDOWS\tasks\Scheduled scanning task.job
[17/07/2008 16:27][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[31/12/2008 18:00][--a------] C:\WINDOWS\tasks\Configurer mon PC.job
[31/12/2008 17:09][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 13:00][-rah-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[05/12/2008|19:53] C:\Program Files\Adobe
[30/10/2008|20:25] C:\Program Files\Ahead
[16/10/2008|18:13] C:\Program Files\Alcohol Soft
[07/04/2008|01:40] C:\Program Files\AMD
[29/09/2008|13:15] C:\Program Files\AOL 9.0
[07/04/2008|01:40] C:\Program Files\AOL Compagnon
[17/07/2008|16:27] C:\Program Files\Apple Software Update
[07/12/2008|12:13] C:\Program Files\Astonsoft
[18/04/2008|19:40] C:\Program Files\Canon
[19/12/2008|18:27] C:\Program Files\Circle Developement
[07/04/2008|01:40] C:\Program Files\ComPlus Applications
[16/10/2008|18:48] C:\Program Files\Conduit
[07/04/2008|01:40] C:\Program Files\CyberLink
[12/10/2008|19:56] C:\Program Files\Exact Audio Copy
[31/12/2008|17:10] C:\Program Files\Fichiers communs
[12/10/2008|11:15] C:\Program Files\Free Audio Pack
[16/10/2008|18:48] C:\Program Files\free-downloads.net
[07/04/2008|01:40] C:\Program Files\GMixon
[23/12/2008|12:39] C:\Program Files\Google
[30/07/2008|15:38] C:\Program Files\Hercules
[10/04/2008|17:46] C:\Program Files\Hewlett-Packard
[09/05/2008|17:47] C:\Program Files\houari-dauphin
[10/04/2008|17:42] C:\Program Files\HP
[29/09/2008|13:16] C:\Program Files\Icone
[30/11/2008|15:17] C:\Program Files\InstallShield Installation Information
[10/12/2008|21:40] C:\Program Files\Internet Explorer
[07/04/2008|01:40] C:\Program Files\Java
[22/07/2008|09:21] C:\Program Files\Lavalys
[17/07/2008|12:39] C:\Program Files\Lavasoft
[07/04/2008|01:40] C:\Program Files\Learn2.com
[03/07/2008|19:51] C:\Program Files\LETMIN
[22/07/2008|09:49] C:\Program Files\ma-config.com
[29/09/2008|13:16] C:\Program Files\Messenger
[19/12/2008|18:27] C:\Program Files\Messenger Plus! Live
[06/04/2008|20:04] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[07/04/2008|01:40] C:\Program Files\microsoft frontpage
[06/04/2008|17:20] C:\Program Files\Microsoft SQL Server Compact Edition
[27/08/2008|20:16] C:\Program Files\Movie Maker
[22/04/2008|17:27] C:\Program Files\Mozilla Firefox
[06/04/2008|17:52] C:\Program Files\MSN
[19/07/2008|13:45] C:\Program Files\MSN Games
[07/04/2008|01:40] C:\Program Files\MSN Gaming Zone
[06/04/2008|20:00] C:\Program Files\MSXML 4.0
[27/08/2008|20:11] C:\Program Files\NetMeeting
[16/07/2008|13:06] C:\Program Files\Norton Internet Security
[05/12/2008|20:01] C:\Program Files\NOS
[03/05/2008|20:04] C:\Program Files\OFFICE One6.5
[07/04/2008|01:42] C:\Program Files\Online Services
[31/05/2008|17:59] C:\Program Files\Orange
[27/08/2008|20:11] C:\Program Files\Outlook Express
[28/11/2008|22:29] C:\Program Files\PhotoFiltre
[17/07/2008|16:28] C:\Program Files\QuickTime
[07/04/2008|01:40] C:\Program Files\Real
[22/07/2008|09:55] C:\Program Files\Realtek AC97
[31/05/2008|17:53] C:\Program Files\SAGEM
[16/06/2008|18:05] C:\Program Files\Samsung
[07/04/2008|01:43] C:\Program Files\Services en ligne
[07/04/2008|01:40] C:\Program Files\Sonic
[31/12/2008|11:18] C:\Program Files\Spybot - Search & Destroy
[16/07/2008|13:06] C:\Program Files\SymNetDrv
[31/12/2008|18:01] C:\Program Files\Trend Micro
[07/04/2008|01:40] C:\Program Files\Ulead Systems
[07/04/2008|01:40] C:\Program Files\Uninstall Information
[20/04/2008|12:57] C:\Program Files\user
[22/07/2008|09:35] C:\Program Files\VideoLAN
[07/04/2008|01:40] C:\Program Files\Viewpoint
[30/12/2008|15:04] C:\Program Files\Windows Live
[26/12/2008|21:32] C:\Program Files\Windows Live Safety Center
[07/04/2008|01:40] C:\Program Files\Windows Media Components
[06/04/2008|18:47] C:\Program Files\Windows Media Connect 2
[27/08/2008|20:11] C:\Program Files\Windows Media Player
[27/08/2008|20:11] C:\Program Files\Windows NT
[07/04/2008|01:40] C:\Program Files\WindowsUpdate
[23/04/2008|14:56] C:\Program Files\WinRAR
[07/04/2008|01:40] C:\Program Files\xerox
[16/10/2008|17:52] C:\Program Files\Yahoo!
[02/08/2008|22:37] C:\Program Files\YesMessenger
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[05/12/2008|19:54] C:\Program Files\Fichiers communs\Adobe
[30/10/2008|20:25] C:\Program Files\Fichiers communs\Ahead
[07/04/2008|01:41] C:\Program Files\Fichiers communs\AOL
[07/04/2008|01:41] C:\Program Files\Fichiers communs\aolshare
[31/05/2008|17:57] C:\Program Files\Fichiers communs\France Telecom
[07/04/2008|01:40] C:\Program Files\Fichiers communs\InstallShield
[07/04/2008|01:40] C:\Program Files\Fichiers communs\Java
[30/12/2008|15:04] C:\Program Files\Fichiers communs\Microsoft Shared
[07/04/2008|01:40] C:\Program Files\Fichiers communs\MSSoap
[07/04/2008|01:40] C:\Program Files\Fichiers communs\Nullsoft
[07/04/2008|01:40] C:\Program Files\Fichiers communs\ODBC
[07/04/2008|01:40] C:\Program Files\Fichiers communs\Real
[07/04/2008|01:41] C:\Program Files\Fichiers communs\Services
[07/04/2008|01:41] C:\Program Files\Fichiers communs\Sonic Shared
[07/04/2008|01:40] C:\Program Files\Fichiers communs\SpeechEngines
[07/04/2008|01:42] C:\Program Files\Fichiers communs\SureThing Shared
[16/07/2008|13:09] C:\Program Files\Fichiers communs\Symantec Shared
[27/08/2008|20:11] C:\Program Files\Fichiers communs\System
[07/04/2008|01:40] C:\Program Files\Fichiers communs\Ulead Systems
[18/12/2008|16:40] C:\Program Files\Fichiers communs\Windows Live
[06/04/2008|17:13] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[07/04/2008|01:40] C:\Program Files\Fichiers communs\xing shared
--------------------\\ Process
( 74 Processes )
iexplore.exe ~ [PID:4972]
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\Program Files\Circle Developement
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-31 18:14:38
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
folder error: D:\DOCUME~1\Hassna\LOCALS~1\APPLIC~1
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:21][D:1]-> D:\DOCUME~1\Hassna\LOCALS~1\Temp
[F:18][D:0]-> D:\DOCUME~1\Hassna\Cookies
[F:556][D:8]-> D:\DOCUME~1\Hassna\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 31/12/2008|18:15 - Option : [1]
--------------------\\ Fin du rapport a 18:15:31
ok , essais de passer malwarebytes en mode sans echec
Télécharge Malwarebytes' Anti-Malware: https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
. sur la page cliques sur Télécharger Malwarebyte's Anti-Malware
. enregistres le sur le bureau
. Double cliques sur le fichier téléchargé pour lancer le processus d'installation.
. Dans l'onglet "mise à jour", cliques sur le bouton Recherche de mise à jour
. si le pare-feu demande l'autorisation de se connecter pour malwarebytes, acceptes
. Une fois la mise à jour terminée,fermes Malwarebytes
. redemarres en mode sans échec pour savoir comment au cas ou tu ne saurrais pas regarde plus bas
. une fois en mode sans echec tu double-cliques sur l'icône de malwarebytes
. une fois ouvert rend-toi dans l'onglet, Recherche
. Sélectionnes Exécuter un examen complet
. Cliques sur Rechercher
. Le scan démarre.
. A la fin de l'analyse, un message s'affiche : L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.
. Cliques sur Ok pour poursuivre.
. Si des malwares ont été détectés, cliques sur Afficher les résultats
. Sélectionnes tout (ou laisses cochés)
. cliques sur Supprimer la sélection
. Malwarebytes va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.
. Malwarebytes va ouvrir le bloc-notes et y copier le rapport d'analyse.
. redemarre le pc
. une fois redémarré en mode normal double-cliques sur malwarebytes
. rends toi dans l'onglet rapport/log
. tu cliques dessus pour l'afficher une fois affiché
. tu cliques sur edition en haut du boc notes,et puis sur sélectionner tous
. tu recliques sur edition et puis sur copier et tu reviens sur le forum et dans ta réponse
. tu cliques droit dans le cadre de la reponse et coller
Si tu as besoin d'aide regarde ces tutoriels :
https://forum.pcastuces.com/malwarebytes_antimalwares___tutoriel-f31s3.htm
https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
(attention : pas de connexion possible en mode sans échec , donc copies ou imprimes bien la manipe pour éviter les erreurs ...)
Télécharge Malwarebytes' Anti-Malware: https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
. sur la page cliques sur Télécharger Malwarebyte's Anti-Malware
. enregistres le sur le bureau
. Double cliques sur le fichier téléchargé pour lancer le processus d'installation.
. Dans l'onglet "mise à jour", cliques sur le bouton Recherche de mise à jour
. si le pare-feu demande l'autorisation de se connecter pour malwarebytes, acceptes
. Une fois la mise à jour terminée,fermes Malwarebytes
. redemarres en mode sans échec pour savoir comment au cas ou tu ne saurrais pas regarde plus bas
. une fois en mode sans echec tu double-cliques sur l'icône de malwarebytes
. une fois ouvert rend-toi dans l'onglet, Recherche
. Sélectionnes Exécuter un examen complet
. Cliques sur Rechercher
. Le scan démarre.
. A la fin de l'analyse, un message s'affiche : L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.
. Cliques sur Ok pour poursuivre.
. Si des malwares ont été détectés, cliques sur Afficher les résultats
. Sélectionnes tout (ou laisses cochés)
. cliques sur Supprimer la sélection
. Malwarebytes va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.
. Malwarebytes va ouvrir le bloc-notes et y copier le rapport d'analyse.
. redemarre le pc
. une fois redémarré en mode normal double-cliques sur malwarebytes
. rends toi dans l'onglet rapport/log
. tu cliques dessus pour l'afficher une fois affiché
. tu cliques sur edition en haut du boc notes,et puis sur sélectionner tous
. tu recliques sur edition et puis sur copier et tu reviens sur le forum et dans ta réponse
. tu cliques droit dans le cadre de la reponse et coller
Si tu as besoin d'aide regarde ces tutoriels :
https://forum.pcastuces.com/malwarebytes_antimalwares___tutoriel-f31s3.htm
https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
(attention : pas de connexion possible en mode sans échec , donc copies ou imprimes bien la manipe pour éviter les erreurs ...)
Salut Darkpoet, pas que je cherches à t'embeter, mais lop a trouvé ' Circle Developement ' ---> l'option 2 est necessaire, non ?
tu as raison je suis passer un peu vite
Relance Lop S&D
▶ Choisis cette fois ci l'Option 2 ( Suppression )
▶ Ne ferme pas la fenêtre lors de la suppression !
▶ Poste le rapport généré ( C:\lopR.txt )
( Si le Bureau ne réapparaît pas presse Ctrl + Alt + Suppr, Onglet Fichier,
Nouvelle tâche, tape explorer.exe et valide )
Relance Lop S&D
▶ Choisis cette fois ci l'Option 2 ( Suppression )
▶ Ne ferme pas la fenêtre lors de la suppression !
▶ Poste le rapport généré ( C:\lopR.txt )
( Si le Bureau ne réapparaît pas presse Ctrl + Alt + Suppr, Onglet Fichier,
Nouvelle tâche, tape explorer.exe et valide )
bon je te laisse pour ce soir et je te dit a l annee prochaine je te reprend demain fait les manip du post 9 et poste les deux rapport malwarebytes et lopsd option 2
bonne fetes a demain
bonne fetes a demain
Oups ! j'ai fait l'examen sur Malwarbytes et System security s'est desinstallé de mon ordinateur ainsi que d'autres infections. Je vous remercie infiniment mais si je n'ai pas fait l'option 2 est ce que cela est grave car l'examen a duré 3h30 !!!!! je n'ai pas donc pu aller me connecter sur internet je vous poste le rapport
Malwarebytes' Anti-Malware 1.31
Version de la base de données: 1585
Windows 5.1.2600 Service Pack 3
31/12/2008 23:01:32
mbam-log-2008-12-31 (23-01-32).txt
Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 204686
Temps écoulé: 3 hour(s), 41 minute(s), 39 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 2
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 11
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{500bca15-57a7-4eaf-8143-8c619470b13d} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\933631186 (Rogue.SystemSecurity) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
D:\Documents and Settings\Sam\Local Settings\Application Data\qqoykee_navps.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
D:\Documents and Settings\Sam\Local Settings\Application Data\qqoykee_nav.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
D:\Documents and Settings\Sam\Local Settings\Application Data\qqoykee.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
D:\Documents and Settings\Sam\Local Settings\Application Data\qqoykee.exe (Adware.Navipromo.H) -> Quarantined and deleted successfully.
D:\Documents and Settings\All Users\Application Data\277369513\933631186.exe (Rogue.SystemSecurity) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\explorer32.0xe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ieupdates.0xe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ieupdates.exe.tmp (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\winsrc.dll.0mp (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\msxml71.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully.
D:\Documents and Settings\Hassna\Bureau\System Security.lnk (Rogue.SystemSecurity) -> Quarantined and deleted successfully.
Je vous souhaite de tres bonne fete de fin d'année à Chateau Thierry( j'ai vu sur votre profil que vous habitez la bas) Je suis egalement originaire de cette ville mais j'ai emmenagé avec mes parents près de Troyes . Merci beaucoup encore!!!
Malwarebytes' Anti-Malware 1.31
Version de la base de données: 1585
Windows 5.1.2600 Service Pack 3
31/12/2008 23:01:32
mbam-log-2008-12-31 (23-01-32).txt
Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 204686
Temps écoulé: 3 hour(s), 41 minute(s), 39 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 2
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 11
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{500bca15-57a7-4eaf-8143-8c619470b13d} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\933631186 (Rogue.SystemSecurity) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
D:\Documents and Settings\Sam\Local Settings\Application Data\qqoykee_navps.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
D:\Documents and Settings\Sam\Local Settings\Application Data\qqoykee_nav.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
D:\Documents and Settings\Sam\Local Settings\Application Data\qqoykee.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
D:\Documents and Settings\Sam\Local Settings\Application Data\qqoykee.exe (Adware.Navipromo.H) -> Quarantined and deleted successfully.
D:\Documents and Settings\All Users\Application Data\277369513\933631186.exe (Rogue.SystemSecurity) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\explorer32.0xe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ieupdates.0xe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ieupdates.exe.tmp (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\winsrc.dll.0mp (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\msxml71.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully.
D:\Documents and Settings\Hassna\Bureau\System Security.lnk (Rogue.SystemSecurity) -> Quarantined and deleted successfully.
Je vous souhaite de tres bonne fete de fin d'année à Chateau Thierry( j'ai vu sur votre profil que vous habitez la bas) Je suis egalement originaire de cette ville mais j'ai emmenagé avec mes parents près de Troyes . Merci beaucoup encore!!!
