> Tous les forums > Forum Sécurité
 Rapport hijackthis pour analyse svp (RESOLU)
Ajouter un message à la discussion
Pages : [1] 2 3 ... Fin
Page 1 sur 3 [Fin]
Maelysroma
  Posté le 13/04/2005 @ 22:13 
Aller en bas de la page 
Petite astucienne
Bonsoir à tous, Il y a un peu plus de 3 mois que je n'ai pas fait appel à votre aide, car heureusement pour moi actuellement je ne rencontre pas de problème avec mon pc. Aujourd'hui je viens vous demander de m'aider car le pc d'une amie est loin d'être en forme [triste] Après avoir passer sur son pc: -cleanmgr -Easycleaner -Housecall -AdAware -Spybot -A Squared Je vous joint son rapport hijackthis: J'ai également un problème d'application avec son pc, un message d'erreur qui coupe direct l'ordi après avoir appuyer sur ok (netlogon.exe, un nom dans le style) Logfile of HijackThis v1.99.1 Scan saved at 21:45:30, on 13/04/2005 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe C:\Program Files\Apoint2K\Apoint.exe C:\WINDOWS\System32\sistray.EXE C:\WINDOWS\System32\khooker.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Apoint2K\Apntex.exe C:\Program Files\Analog Devices\SoundMAX\SMTray.exe C:\Program Files\Apoint2K\HidFind.exe C:\WINDOWS\AGRSMMSG.exe C:\Program Files\Norton SystemWorks\Norton Antivirus\navapsvc.exe C:\Program Files\Real\RealPlayer\RealPlay.exe C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe C:\Program Files\Norton SystemWorks\Norton Antivirus\SAVScan.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\isrvs\desktop.exe C:\WINDOWS\System32\ctfmon.exe C:\Program Files\a2\a2guard.exe C:\WINDOWS\System32\wuauclt.exe C:\WINDOWS\explorer.exe C:\Program Files\WinRAR\WinRAR.exe C:\DOCUME~1\MUMULA~1\LOCALS~1\Temp\Rar$EX00.974\HijackThis.exe C:\WINDOWS\system32\NOTEPAD.EXE R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://format.packardbell.com/cgi-bin/redirect/?country=FR&range=AD&phase=6&key=SEARCH R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = file://C:\APPS\IE\offline\fr.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://format.packardbell.com/cgi-bin/redirect/?country=FR&range=AD&phase=6&key=PHOTO R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton SystemWorks\Norton Antivirus\NavShExt.dll O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe O4 - HKLM\..\Run: [SiS Tray] C:\WINDOWS\System32\sistray.EXE O4 - HKLM\..\Run: [SiS KHooker] C:\WINDOWS\System32\khooker.exe O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [AME_CSA] rundll32 amecsa.cpl,RUN_DLL O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe O4 - HKLM\..\Run: [Desktop Search] C:\WINDOWS\isrvs\desktop.exe O4 - HKLM\..\Run: [ffis] C:\WINDOWS\isrvs\ffisearch.exe O4 - HKLM\..\Run: [VBouncer] C:\PROGRA~1\VBouncer\VirtualBouncer.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h O4 - HKCU\..\Run: [a-squared] "C:\Program Files\a2\a2guard.exe" O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\aklsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\aklsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\aklsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\aklsp.dll O12 - Plugin for .aif: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab O16 - DPF: {B467A3AF-E45B-4B1B-9983-C035D988FB0F} (VacPro.belgio_ver10) - http://advnt01.com/dialer/belgio_ver10.CAB O18 - Filter: text/html - {950238FB-C706-4791-8674-4D429F85897E} - (no file) O20 - Winlogon Notify: DateTime - C:\WINDOWS\system32\u6rulg9916.dll O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe O23 - Service: MySqlInventime - Unknown owner - c:\mysql\bin\mysqld-max-nt.exe O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton Antivirus\navapsvc.exe O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton Antivirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe

Modifié par Maelysroma le 24/04/2005 19:23
Publicité
philae
 Posté le 13/04/2005 à 22:20 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Grande Maîtresse astucienne

bonsoir, je démarre une analyse de ton rapport, réponse dans un moment. IMPORTANT HijackThis doit être enregistré dans un répertoire dédié tel que C:\HijackThis et pas dans un dossier de fichiers temporaires.[nonnon] Tutorial d'aide d'installation : http://sitethemacs.free.fr/aide_enregistrement_de_hijackthi.htm
Maelysroma
 Posté le 13/04/2005 à 22:39 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petite astucienne
Oups ... je vais vite aller l'enregistrer ailleurs sur son pc Je me suis reconnectée à partir du mien, car le sien m'a à nouveau éjectée, cette fois j'ai noté le message d'erreur: winlogon.exe "0x1001393c" emploie l'adresse mémoire "0x01c3a000". La mémoire ne peut pas üetre "read".
philae
 Posté le 13/04/2005 à 22:56 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Grande Maîtresse astucienne

rebonsoir, Télécharge LSPFix http://www.cexx.org/lspfix.htm on s'en servira plus tard. * Stoppe les processus suivants dans le Gestionnaire des tâches : Ctrl+Alt+Supp------>onglet Processus------>terminer le processus desktop.exe ffisearch.exe VirtualBouncer.exe * Désinstalle ces applications (si tu les trouves) dans Ajout-Suppression de programmes : Vbouncer * Démarrer le logiciel HijackThis et lancer un scan "Do a system scan only" Puis cocher les lignes suivantes en GRAS (dans HijackThis): Logfile of HijackThis v1.99.1 Scan saved at 21:45:30, on 13/04/2005 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe C:\Program Files\Apoint2K\Apoint.exe C:\WINDOWS\System32\sistray.EXE C:\WINDOWS\System32\khooker.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Apoint2K\Apntex.exe C:\Program Files\Analog Devices\SoundMAX\SMTray.exe C:\Program Files\Apoint2K\HidFind.exe C:\WINDOWS\AGRSMMSG.exe C:\Program Files\Norton SystemWorks\Norton Antivirus\navapsvc.exe C:\Program Files\Real\RealPlayer\RealPlay.exe C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe C:\Program Files\Norton SystemWorks\Norton Antivirus\SAVScan.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\isrvs\desktop.exe C:\WINDOWS\System32\ctfmon.exe C:\Program Files\a2\a2guard.exe C:\WINDOWS\System32\wuauclt.exe C:\WINDOWS\explorer.exe C:\Program Files\WinRAR\WinRAR.exe C:\DOCUME~1\MUMULA~1\LOCALS~1\Temp\Rar$EX00.974\HijackThis.exe C:\WINDOWS\system32\NOTEPAD.EXE R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://format.packardbell.com/cgi-bin/redirect/?country=FR&range=AD&phase=6&key=SEARCH R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = file://C:\APPS\IE\offline\fr.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://format.packardbell.com/cgi-bin/redirect/?country=FR&range=AD&phase=6&key=PHOTO R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton SystemWorks\Norton Antivirus\NavShExt.dll O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe O4 - HKLM\..\Run: [SiS Tray] C:\WINDOWS\System32\sistray.EXE O4 - HKLM\..\Run: [SiS KHooker] C:\WINDOWS\System32\khooker.exe O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [AME_CSA] rundll32 amecsa.cpl,RUN_DLL O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe O4 - HKLM\..\Run: [Desktop Search] C:\WINDOWS\isrvs\desktop.exe O4 - HKLM\..\Run: [ffis] C:\WINDOWS\isrvs\ffisearch.exe O4 - HKLM\..\Run: [VBouncer] C:\PROGRA~1\VBouncer\VirtualBouncer.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h O4 - HKCU\..\Run: [a-squared] "C:\Program Files\a2\a2guard.exe" O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\aklsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\aklsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\aklsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\aklsp.dll------>ne pas fixer ces lignes avec Hijack O12 - Plugin for .aif: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab O16 - DPF: {B467A3AF-E45B-4B1B-9983-C035D988FB0F} (VacPro.belgio_ver10) - http://advnt01.com/dialer/belgio_ver10.CAB O18 - Filter: text/html - {950238FB-C706-4791-8674-4D429F85897E} - (no file) O20 - Winlogon Notify: DateTime - C:\WINDOWS\system32\u6rulg9916.dll O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe O23 - Service: MySqlInventime - Unknown owner - c:\mysql\bin\mysqld-max-nt.exe O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton Antivirus\navapsvc.exe O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton Antivirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe * Fermer toutes les fenêtres Windows, Internet explorer, Outlook,…sauf le logiciel Hijackthis et cliquer sur « Fix checked » Lance l'application LSPFix (Exécute la) et agrandis la fenêtre qui, par défaut, est trop petite et fait apparaître les ascenseurs horizontaux et verticaux, masquant un bouton. Déconnecte-toi d'Internet et ferme toutes les instances (fenêtres) Internet Explorer. Coche la case "I know what I'm doing" ("je sais ce que je fais") Sélectionne toute(s) l(es) instance(s) de(s) dll suivante(s) : aklsp.dll * Redémarrer en mode sans echec (appuyer sur F8 ou F5 lors du démarrage) * Ensuite aller dans l’ Explorateur Windows et afficher tous les fichiers cachés: [IMG]http://img159.exs.cx/img159/1880/sanstitre8cr.jpg[/IMG] Outils----->Options des dossiers----->Onglet Affichage-------> (le paramètre activé par défaut est <Ne pas afficher les fichiers cachés ou les fichiers système>.) Cliquez une fois dans le cercle étiqueté <Afficher tous les fichiers>, cliquez sur <Appliquer> puis sur <OK>. et supprimer le(s) fichier(s ) ci dessous si il(s) est (sont) présent(s) : C:\WINDOWS\isrvs--------->le dossier C:\PROGRAMES FILES~1\Vbouncer--------->le dossier c:\windows\system32\aklsp.dll---------->le fichier * PUIS, C\temp\ <-- supprimer tout le contenu du dossier C:\windows\temp\ <-- supprimer tout le contenu du dossier C:\Documents and Settings\Tous les identifiants\Local Settings\Temp\<-- supprimer tout le contenu du dossier C:\Documents and Settings\ Tous les identifiants\Local Settings\Temporary Internet Files\<-- supprimer tout le contenu du dossier Fichier temporaire internet: Démarrer/panneau de configuration/options internet --> bouton supprimer cookies --> bouton supprimer fichier temporaire internet Fichiers temporaries : Démarrer/exécuter " CleanMgr " Cocher tout sauf : Compression des fichiers non utilisés Fichiers catalogue d’indexation du contenu / OK / OUI Dans l'Explorateur Windows recacher les fichiers système afin de ne pas faire d'erreur à l'avenir: Retournez à la fenêtre <Paramètres de dossier> et sélectionnez <Ne pas afficher les fichiers cachés ou les fichiers système>. * Vider la Corbeille * Redémarrer normalement Puis reviens mettre un rapport HijackThis
Maelysroma
 Posté le 13/04/2005 à 23:16 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petite astucienne
Merci de ta réponse si rapide ... je file de suite me mettre au boulot et faire tout ce que tu m'as demandé étape par étape ... je t'enverrais le rapport hijackthis dès que j'aurais terminé
Maelysroma
 Posté le 14/04/2005 à 00:46 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petite astucienne
Voilà, j'ai terminé de suivre toutes les instructions que tu m'as données. Petites remarques: -Je n'ai pas pu terminer le processus de ffisearch.exe et de VirtualBouncer.exe car il n'apparaissaient pas. -Dans Ajout-supression de programmes, je n'ai pas trouvé Vbouncer. -En mode sans échec, je n'ai pas pu supprimer le dossier Vbouncer dans C:/programes files car je ne l'ai pas trouvé et je n'ai également pas pu supprimer le fichier aklsp.dll car reçu le message "Impossible de supprimer aklsp: Accès refusé" - Et pour finir il n'y avait pas de C/temp/ donc je n'ai pas pu en supprimer le contenu. Voici le dernier rapport hijackthis Logfile of HijackThis v1.99.1 Scan saved at 00:34:41, on 14/04/2005 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe C:\Program Files\Apoint2K\Apoint.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Norton SystemWorks\Norton Antivirus\navapsvc.exe C:\WINDOWS\System32\sistray.EXE C:\WINDOWS\System32\khooker.exe C:\Program Files\Apoint2K\Apntex.exe C:\Program Files\Norton SystemWorks\Norton Antivirus\SAVScan.exe C:\Program Files\Apoint2K\HidFind.exe C:\Program Files\Analog Devices\SoundMAX\SMTray.exe C:\WINDOWS\AGRSMMSG.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\System32\rundll32.exe C:\Program Files\Real\RealPlayer\RealPlay.exe C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe C:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe C:\WINDOWS\System32\ctfmon.exe C:\WINDOWS\System32\NotifyPhoneBook.exe C:\Program Files\a2\a2guard.exe C:\WINDOWS\System32\wuauclt.exe C:\WINDOWS\System32\wuauclt.exe C:\Hijackthis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://format.packardbell.com/cgi-bin/redirect/?country=FR&range=AD&phase=6&key=SEARCH R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = file://C:\APPS\IE\offline\fr.htm R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://format.packardbell.com/cgi-bin/redirect/?country=FR&range=AD&phase=6&key=PHOTO R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton SystemWorks\Norton Antivirus\NavShExt.dll O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe O4 - HKLM\..\Run: [SiS Tray] C:\WINDOWS\System32\sistray.EXE O4 - HKLM\..\Run: [SiS KHooker] C:\WINDOWS\System32\khooker.exe O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [AME_CSA] rundll32 amecsa.cpl,RUN_DLL O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h O4 - HKCU\..\Run: [a-squared] "C:\Program Files\a2\a2guard.exe" O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\aklsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\aklsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\aklsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\aklsp.dll O12 - Plugin for .aif: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab O20 - Winlogon Notify: ThemeManager - C:\WINDOWS\system32\lv0u09d9e.dll O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe O23 - Service: MySqlInventime - Unknown owner - c:\mysql\bin\mysqld-max-nt.exe O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton Antivirus\navapsvc.exe O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton Antivirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
philae
 Posté le 14/04/2005 à 11:02 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Grande Maîtresse astucienne

bonjour Maelysroma, bonjour à tous je crois que dans mon copier coller, il m'en manquait un morceau, je suis confuse. On va donc reprendre cette opération là si tu veux bien. Lance l'application LSPFix (Exécute la) et agrandis la fenêtre qui, par défaut, est trop petite et fait apparaître les ascenseurs horizontaux et verticaux, masquant un bouton. Déconnecte-toi d'Internet et ferme toutes les instances (fenêtres) Internet Explorer. Coche la case "I know what I'm doing" ("je sais ce que je fais") Sélectionne toute(s) l(es) instance(s) de(s) dll suivante(s) : aklsp.dll et rien d'autre et fais les glisser du panneau de gauche, appelé "keep" au panneau de droite, appelé "Remove"). .Clique sur le bouton "Finish". * Redémarrer en mode sans echec (appuyer sur F8 ou F5 lors du démarrage) * Ensuite aller dans l’ Explorateur Windows et afficher tous les fichiers cachés: [IMG]http://img159.exs.cx/img159/1880/sanstitre8cr.jpg[/IMG] Outils----->Options des dossiers----->Onglet Affichage-------> (le paramètre activé par défaut est <Ne pas afficher les fichiers cachés ou les fichiers système>.) Cliquez une fois dans le cercle étiqueté <Afficher tous les fichiers>, cliquez sur <Appliquer> puis sur <OK>. et supprimer le(s) fichier(s ) ci dessous si il(s) est (sont) présent(s) : C:\windows\system32\aklsp.dll---------->le fichier * PUIS, C\temp\ <-- supprimer tout le contenu du dossier C:\windows\temp\ <-- supprimer tout le contenu du dossier C:\Documents and Settings\Tous les identifiants\Local Settings\Temp\<-- supprimer tout le contenu du dossier C:\Documents and Settings\ Tous les identifiants\Local Settings\Temporary Internet Files\<-- supprimer tout le contenu du dossier Fichier temporaire internet: Démarrer/panneau de configuration/options internet --> bouton supprimer cookies --> bouton supprimer fichier temporaire internet Fichiers temporaries : Démarrer/exécuter " CleanMgr " Cocher tout sauf : Compression des fichiers non utilisés Fichiers catalogue d’indexation du contenu / OK / OUI Dans l'Explorateur Windows recacher les fichiers système afin de ne pas faire d'erreur à l'avenir: Retournez à la fenêtre <Paramètres de dossier> et sélectionnez <Ne pas afficher les fichiers cachés ou les fichiers système>. * Vider la Corbeille * Redémarrer normalement Puis reviens mettre un rapport HijackThis
Maelysroma
 Posté le 14/04/2005 à 11:23 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petite astucienne
Bonjour Philae, Merci pour les nouvelles instructions, je ferais cela ce soir en rentrant car je suis connectée depuis mon lieu de travail en ce moment. Je te tiendrais informée dès que c'est fait.
philae
 Posté le 14/04/2005 à 11:53 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Grande Maîtresse astucienne

pas de soucis Maelysroma, on continue ce soir
Publicité
Maelysroma
 Posté le 14/04/2005 à 19:03 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petite astucienne
Voilà Philaé, après avoir bien suivi tes directives, je te poste le nouveau rapport hijackthis. Logfile of HijackThis v1.99.1 Scan saved at 18:59:14, on 14/04/2005 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Apoint2K\Apoint.exe C:\WINDOWS\System32\sistray.EXE C:\WINDOWS\System32\khooker.exe C:\Program Files\Apoint2K\Apntex.exe C:\Program Files\Apoint2K\HidFind.exe C:\Program Files\Analog Devices\SoundMAX\SMTray.exe C:\WINDOWS\AGRSMMSG.exe C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe C:\Program Files\Real\RealPlayer\RealPlay.exe C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe C:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe C:\WINDOWS\System32\ctfmon.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Norton SystemWorks\Norton Antivirus\navapsvc.exe C:\Program Files\a2\a2guard.exe C:\Program Files\Norton SystemWorks\Norton Antivirus\SAVScan.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\System32\wuauclt.exe C:\WINDOWS\System32\wuauclt.exe C:\Hijackthis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://format.packardbell.com/cgi-bin/redirect/?country=FR&range=AD&phase=6&key=SEARCH R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = file://C:\APPS\IE\offline\fr.htm R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://format.packardbell.com/cgi-bin/redirect/?country=FR&range=AD&phase=6&key=PHOTO R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton SystemWorks\Norton Antivirus\NavShExt.dll O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe O4 - HKLM\..\Run: [SiS Tray] C:\WINDOWS\System32\sistray.EXE O4 - HKLM\..\Run: [SiS KHooker] C:\WINDOWS\System32\khooker.exe O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [AME_CSA] rundll32 amecsa.cpl,RUN_DLL O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h O4 - HKCU\..\Run: [a-squared] "C:\Program Files\a2\a2guard.exe" O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll O12 - Plugin for .aif: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab O20 - Winlogon Notify: BITS - C:\WINDOWS\system32\fnj0211mg.dll O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe O23 - Service: MySqlInventime - Unknown owner - c:\mysql\bin\mysqld-max-nt.exe O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton Antivirus\navapsvc.exe O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton Antivirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
BipBip
 Posté le 14/04/2005 à 21:32 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
  Astucien
Salut je prend la releve de philae (elle doit manger) puis elle reviendra finaliser ton analyse... Démarrer le logiciel HijackThis [img]http://www.merijn.org/images/hijackthis_big.gif[/img] et lancer un scan "Do a system scan only". Puis cocher les lignes suivantes (dans HijackThis): O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h O20 - Winlogon Notify: BITS - C:\WINDOWS\system32\fnj0211mg.dll Fermer toutes les fenêtres Windows, Internet explorer, Outlook,…sauf le logiciel Hijackthis et cliquer sur « Fix checked » Redémarrer en mode sans echec (appuyer sur F8 ou F5 lors du démarrage) Ensuite aller dans l’ Explorateur Windows et afficher tous les fichiers cachés: Dans une fenêtre de l'explorateur Windows, cliquez sur le menu "Outils" et choisissez "Options des dossiers...". Affichez l'onglet "Affichage" et sélectionnez l'option "Afficher les fichiers et dossiers cachés" [img]http://www.rpn.ch/portail/ict/logiciels/install/img/caches.gif[/img] Cliquer sur « Appliquer ». Fermer la fenêtre d'options en cliquant "OK". En image [url="http://perso.wanadoo.fr/astwinds/astuces/fichiers_caches.html"]ici[/url] et supprimer les fichiers ci dessous si ils sont présent : C:\WINDOWS\system32\fnj0211mg.dll C:\Program Files\Ares\ C\temp\ <-- supprimer tout le contenu du dossier C:\windows\temp\ <-- supprimer tout le contenu du dossier C:\Documents and Settings\Tous les identifiants\Local Settings\Temp\<-- supprimer tout le contenu du dossier C:\Documents and Settings\ Tous les identifiants\Local Settings\Temporary Internet Files\<-- supprimer tout le contenu du dossier Fichier temporaire internet: Démarrer/panneau de configuration/options internet --> button supprimer cookies --> button supprimer fichier temporaire internet Fichiers temporaries : Démarrer/exécuter " CleanMgr " Cocher tout sauf : Compression des fichiers non utilisés Fichiers catalogue d’indexation du contenu / OK / OUI Dans l'Explorateur Windows recacher les fichiers systeme afin de ne pas faire d'erreur a l'avenir: Retournez à la fenêtre <Paramètres de dossier> et sélectionnez <Ne pas afficher les fichiers cachés ou les fichiers système>. 1/Télécharger L2mfix et l'installer sous c:\Program files\l2mfix\: http://www.atribune.org/downloads/l2mfix.exe ou ici http://www.downloads.subratam.org/l2mfix.exe Mets-le sur ton bureau. Double-clique sur l2mfix. Dans le dossier extrait, double-clique l2mfix.bat et choisis l'option 1 (et entrée). Attend qu'il termine et copie/colle le rapport généré. Nb : surtout, ne pas choisir l'option 2 ni aucuns autres fichiers de l2mfix. Puis reviens mettre un rapport Hijackthis [img]http://www.yatoula.com/gif/smiles/smiley_520.gif[/img]
Maelysroma
 Posté le 14/04/2005 à 22:38 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petite astucienne
Salut BipBip et merci d'avoir pris la relève (pendant qu'elle mangeait) Après avoir suivi tes instructions, voici le nouveau rapport hijackthis; te faut_il également le rapport l2mfix ? Logfile of HijackThis v1.99.1 Scan saved at 22:31:20, on 14/04/2005 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Apoint2K\Apoint.exe C:\WINDOWS\System32\sistray.EXE C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe C:\WINDOWS\System32\khooker.exe C:\Program Files\Apoint2K\Apntex.exe C:\Program Files\Apoint2K\HidFind.exe C:\Program Files\Analog Devices\SoundMAX\SMTray.exe C:\WINDOWS\AGRSMMSG.exe C:\WINDOWS\System32\rundll32.exe C:\Program Files\Real\RealPlayer\RealPlay.exe C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\System32\NotifyPhoneBook.exe C:\WINDOWS\System32\ctfmon.exe C:\Program Files\Norton SystemWorks\Norton Antivirus\navapsvc.exe C:\Program Files\a2\a2guard.exe C:\Program Files\Norton SystemWorks\Norton Antivirus\SAVScan.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\System32\wuauclt.exe C:\Hijackthis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://format.packardbell.com/cgi-bin/redirect/?country=FR&range=AD&phase=6&key=SEARCH R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = file://C:\APPS\IE\offline\fr.htm R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://format.packardbell.com/cgi-bin/redirect/?country=FR&range=AD&phase=6&key=PHOTO R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton SystemWorks\Norton Antivirus\NavShExt.dll O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe O4 - HKLM\..\Run: [SiS Tray] C:\WINDOWS\System32\sistray.EXE O4 - HKLM\..\Run: [SiS KHooker] C:\WINDOWS\System32\khooker.exe O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [AME_CSA] rundll32 amecsa.cpl,RUN_DLL O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [a-squared] "C:\Program Files\a2\a2guard.exe" O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll O12 - Plugin for .aif: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{224EFC4C-2995-4802-8B84-A7EB6C1C3110}: NameServer = 195.238.2.22 195.238.2.21 O17 - HKLM\System\CS1\Services\Tcpip\..\{224EFC4C-2995-4802-8B84-A7EB6C1C3110}: NameServer = 195.238.2.22 195.238.2.21 O20 - Winlogon Notify: WebCheck - C:\WINDOWS\system32\k026lafs1d26.dll O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe O23 - Service: MySqlInventime - Unknown owner - c:\mysql\bin\mysqld-max-nt.exe O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton Antivirus\navapsvc.exe O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton Antivirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
BipBip
 Posté le 14/04/2005 à 22:48 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
  Astucien
faut_il également le rapport l2mfix ?
Oui
Maelysroma
 Posté le 14/04/2005 à 22:52 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petite astucienne
OK le voici: L2MFIX find log 1.03 These are the registry keys present ********************************************************************************** Winlogon/notify: Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain] "Asynchronous"=dword:00000000 "Impersonate"=dword:00000000 "DllName"=hex(2):63,00,72,00,79,00,70,00,74,00,33,00,32,00,2e,00,64,00,6c,00,\ 6c,00,00,00 "Logoff"="ChainWlxLogoffEvent" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet] "Asynchronous"=dword:00000000 "Impersonate"=dword:00000000 "DllName"=hex(2):63,00,72,00,79,00,70,00,74,00,6e,00,65,00,74,00,2e,00,64,00,\ 6c,00,6c,00,00,00 "Logoff"="CryptnetWlxLogoffEvent" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll] "DLLName"="cscdll.dll" "Logon"="WinlogonLogonEvent" "Logoff"="WinlogonLogoffEvent" "ScreenSaver"="WinlogonScreenSaverEvent" "Startup"="WinlogonStartupEvent" "Shutdown"="WinlogonShutdownEvent" "StartShell"="WinlogonStartShellEvent" "Impersonate"=dword:00000000 "Asynchronous"=dword:00000001 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp] "DLLName"="wlnotify.dll" "Logon"="SCardStartCertProp" "Logoff"="SCardStopCertProp" "Lock"="SCardSuspendCertProp" "Unlock"="SCardResumeCertProp" "Enabled"=dword:00000001 "Impersonate"=dword:00000001 "Asynchronous"=dword:00000001 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule] "Asynchronous"=dword:00000000 "DllName"=hex(2):77,00,6c,00,6e,00,6f,00,74,00,69,00,66,00,79,00,2e,00,64,00,\ 6c,00,6c,00,00,00 "Impersonate"=dword:00000000 "StartShell"="SchedStartShell" "Logoff"="SchedEventLogOff" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy] "Logoff"="WLEventLogoff" "Impersonate"=dword:00000000 "Asynchronous"=dword:00000001 "DllName"=hex(2):73,00,63,00,6c,00,67,00,6e,00,74,00,66,00,79,00,2e,00,64,00,\ 6c,00,6c,00,00,00 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn] "DLLName"="WlNotify.dll" "Lock"="SensLockEvent" "Logon"="SensLogonEvent" "Logoff"="SensLogoffEvent" "Safe"=dword:00000001 "MaxWait"=dword:00000258 "StartScreenSaver"="SensStartScreenSaverEvent" "StopScreenSaver"="SensStopScreenSaverEvent" "Startup"="SensStartupEvent" "Shutdown"="SensShutdownEvent" "StartShell"="SensStartShellEvent" "PostShell"="SensPostShellEvent" "Disconnect"="SensDisconnectEvent" "Reconnect"="SensReconnectEvent" "Unlock"="SensUnlockEvent" "Impersonate"=dword:00000001 "Asynchronous"=dword:00000001 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv] "Asynchronous"=dword:00000000 "DllName"=hex(2):77,00,6c,00,6e,00,6f,00,74,00,69,00,66,00,79,00,2e,00,64,00,\ 6c,00,6c,00,00,00 "Impersonate"=dword:00000000 "Logoff"="TSEventLogoff" "Logon"="TSEventLogon" "PostShell"="TSEventPostShell" "Shutdown"="TSEventShutdown" "StartShell"="TSEventStartShell" "Startup"="TSEventStartup" "MaxWait"=dword:00000258 "Reconnect"="TSEventReconnect" "Disconnect"="TSEventDisconnect" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WebCheck] "Asynchronous"=dword:00000000 "DllName"="C:\\WINDOWS\\system32\\k026lafs1d26.dll" "Impersonate"=dword:00000000 "Logon"="WinLogon" "Logoff"="WinLogoff" "Shutdown"="WinShutdown" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon] "DLLName"="wlnotify.dll" "Logon"="RegisterTicketExpiredNotificationEvent" "Logoff"="UnregisterTicketExpiredNotificationEvent" "Impersonate"=dword:00000001 "Asynchronous"=dword:00000001 ********************************************************************************** useragent: Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform] "{2846A673-CCC3-6D67-F8D1-3BC0F0B28DAF}"="" ********************************************************************************** Shell Extension key: Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved] "{00022613-0000-0000-C000-000000000046}"="Feuille de propri‚t‚s du fichier multim‚dia" "{176d6597-26d3-11d1-b350-080036a75b03}"="Gestion de scanneur ICM" "{1F2E5C40-9550-11CE-99D2-00AA006E086C}"="Page de s‚curit‚ NTFS" "{3EA48300-8CF6-101B-84FB-666CCB9BCD32}"="Page des propri‚t‚s de OLE DocFile" "{40dd6e20-7c17-11ce-a804-00aa003ca9f6}"="Extensions de l'environnement pour le partage" "{41E300E0-78B6-11ce-849B-444553540000}"="PlusPack CPL Extension" "{42071712-76d4-11d1-8b24-00a0c9068ff3}"="Extension Affichage Carte du Panneau de configuration" "{42071713-76d4-11d1-8b24-00a0c9068ff3}"="Extension Affichage ?cran du Panneau de configuration" "{42071714-76d4-11d1-8b24-00a0c9068ff3}"="Extension Affichage Panorama du Panneau de configuration" "{4E40F770-369C-11d0-8922-00A024AB2DBB}"="Page de s‚curit‚ DS" "{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}"="Page de compatibilit‚" "{56117100-C0CD-101B-81E2-00AA004AE837}"="Gestionnaire de donn‚es endommag‚es de l'environnement" "{59099400-57FF-11CE-BD94-0020AF85B590}"="Extension copie de disquette" "{59be4990-f85c-11ce-aff7-00aa003ca9f6}"="Extensions de l'environnement pour les objets r‚seau de Microsoft Windows" "{5DB2625A-54DF-11D0-B6C4-0800091AA605}"="Gestion d'‚cran ICM" "{675F097E-4C4D-11D0-B6C1-0800091AA605}"="Gestion d'imprimante ICM" "{764BF0E1-F219-11ce-972D-00AA00A14F56}"="Extensions de l'environnement de compression de fichiers" "{77597368-7b15-11d0-a0c2-080036af3f03}"="Extension de l'environnement d'imprimante Web" "{7988B573-EC89-11cf-9C00-00AA00A14F56}"="Disk Quota UI" "{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA}"="Menu contextuel de cryptage" "{85BBD920-42A0-1069-A2E4-08002B30309D}"="Porte-documents" "{88895560-9AA2-1069-930E-00AA0030EBC8}"="Extension ic“ne HyperTerminal" "{BD84B380-8CA2-1069-AB1D-08000948F534}"="Fonts" "{DBCE2480-C732-101B-BE72-BA78E9AD5B27}"="Profil ICC" "{F37C5810-4D3F-11d0-B4BF-00AA00BBB723}"="Page de s‚curit‚ des imprimantes" "{f81e9010-6ea4-11ce-a7ff-00aa003ca9f6}"="Extensions de l'environnement pour le partage" "{f92e8c40-3d33-11d2-b1aa-080036a75b03}"="Display TroubleShoot CPL Extension" "{7444C717-39BF-11D1-8CD9-00C04FC29D45}"="Extension de cryptographie PKO" "{7444C719-39BF-11D1-8CD9-00C04FC29D45}"="Extension de cryptographie Sign" "{7007ACC7-3202-11D1-AAD2-00805FC1270E}"="Connexions r‚seau" "{992CFFA0-F557-101A-88EC-00DD010CCC48}"="Connexions r‚seau" "{E211B736-43FD-11D1-9EFB-0000F8757FCD}"="&Scanneurs et appareils photo" "{FB0C9C8A-6C50-11D1-9F1D-0000F8757FCD}"="&Scanneurs et appareils photo" "{905667aa-acd6-11d2-8080-00805f6596d2}"="&Scanneurs et appareils photo" "{3F953603-1008-4f6e-A73A-04AAC7A992F1}"="&Scanneurs et appareils photo" "{83bbcbf3-b28a-4919-a5aa-73027445d672}"="&Scanneurs et appareils photo" "{F0152790-D56E-4445-850E-4F3117DB740C}"="Remote Sessions CPL Extension" "{5F327514-6C5E-4d60-8F16-D07FA08A78ED}"="Auto Update Property Sheet Extension" "{60254CA5-953B-11CF-8C96-00AA00B8708C}"="Extensions de l'interpr‚teur de commandes pour l'environnement d'ex‚cution de scripts Windows" "{2206CDB2-19C1-11D1-89E0-00C04FD7A829}"="Liaison de donn‚es Microsoft" "{DD2110F0-9EEF-11cf-8D8E-00AA0060F5BF}"="Tasks Folder Icon Handler" "{797F1E90-9EDD-11cf-8D8E-00AA0060F5BF}"="Tasks Folder Shell Extension" "{D6277990-4C6A-11CF-8D87-00AA0060F5BF}"="Tƒches planifi‚es" "{0DF44EAA-FF21-4412-828E-260A8728E7F1}"="Barre des tƒches et menu D‚marrer" "{2559a1f0-21d7-11d4-bdaf-00c04f60b9f0}"="Rechercher" "{2559a1f1-21d7-11d4-bdaf-00c04f60b9f0}"="Aide et support" "{2559a1f2-21d7-11d4-bdaf-00c04f60b9f0}"="Aide et support" "{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}"="Ex‚cuter..." "{2559a1f4-21d7-11d4-bdaf-00c04f60b9f0}"="Internet" "{2559a1f5-21d7-11d4-bdaf-00c04f60b9f0}"="Courrier ‚lectronique" "{D20EA4E1-3957-11d2-A40B-0C5020524152}"="Polices" "{D20EA4E1-3957-11d2-A40B-0C5020524153}"="Outils d'administration" "{875CB1A1-0F29-45de-A1AE-CFB4950D0B78}"="Audio Media Properties Handler" "{40C3D757-D6E4-4b49-BB41-0E5BBEA28817}"="Video Media Properties Handler" "{E4B29F9D-D390-480b-92FD-7DDB47101D71}"="Wav Properties Handler" "{87D62D94-71B3-4b9a-9489-5FE6850DC73E}"="Avi Properties Handler" "{A6FD9E45-6E44-43f9-8644-08598F5A74D9}"="Midi Properties Handler" "{c5a40261-cd64-4ccf-84cb-c394da41d590}"="Video Thumbnail Extractor" "{5E6AB780-7743-11CF-A12B-00AA004AE837}"="Barre d'outils Internet Microsoft" "{22BF0C20-6DA7-11D0-B373-00A0C9034938}"="?tat du t‚l‚chargement" "{91EA3F8B-C99B-11d0-9815-00C04FD91972}"="Dossier Bureau ‚tendu" "{6413BA2C-B461-11d1-A18A-080036B11A03}"="Dossier du shell augment‚" "{F61FFEC1-754F-11d0-80CA-00AA005B4383}"="BandProxy" "{7BA4C742-9E81-11CF-99D3-00AA004AE837}"="Bande du navigateur Microsoft" "{30D02401-6A81-11d0-8274-00C04FD5AE38}"="Bande de recherche" "{32683183-48a0-441b-a342-7c2a440a9478}"="Media Band" "{169A0691-8DF9-11d1-A1C4-00C04FD75D13}"="Volet int‚gr‚ de recherche" "{07798131-AF23-11d1-9111-00A0C98BA67D}"="Recherche Web" "{AF4F6510-F982-11d0-8595-00AA004CD6D8}"="Utilitaire des options de l'arborescence du Registre" "{01E04581-4EEE-11d0-BFE9-00AA005B4383}"="&Adresse" "{A08C11D2-A228-11d0-825B-00AA005B4383}"="BoŒte d'entr‚e de l'adresse" "{00BB2763-6A77-11D0-A535-00C04FD7D062}"="Saisie semi-automatique Microsoft" "{7376D660-C583-11d0-A3A5-00C04FD706EC}"="TridentImageExtractor" "{6756A641-DE71-11d0-831B-00AA005B4383}"="Liste de saisie semi-automatique MRU" "{6935DB93-21E8-4ccc-BEB9-9FE3C77A297A}"="Liste de saisie semi-automatique personnalis‚e MRU" "{7e653215-fa25-46bd-a339-34a2790f3cb7}"="Accessible" "{acf35015-526e-4230-9596-becbe19f0ac9}"="Barre de progrŠs auto-ouvrante" "{E0E11A09-5CB8-4B6C-8332-E00720A168F2}"="Analyseur de la barre d'adresses" "{00BB2764-6A77-11D0-A535-00C04FD7D062}"="Liste de saisie semi-automatique de l'historique Microsoft" "{03C036F1-A186-11D0-824A-00AA005B4383}"="Liste de saisie semi-automatique du dossier Shell Microsoft" "{00BB2765-6A77-11D0-A535-00C04FD7D062}"="Conteneur de la liste de saisie semi-automatique multiple Microsoft" "{ECD4FC4E-521C-11D0-B792-00A0C90312E1}"="Menu Site de bandes" "{3CCF8A41-5C85-11d0-9796-00AA00B90ADF}"="Shell DeskBarApp" "{ECD4FC4C-521C-11D0-B792-00A0C90312E1}"="Barre du Bureau" "{ECD4FC4D-521C-11D0-B792-00A0C90312E1}"="Shell Rebar BandSite" "{DD313E04-FEFF-11d1-8ECD-0000F87A470C}"="Assistance utilisateur" "{EF8AD2D1-AE36-11D1-B2D2-006097DF8C11}"="ParamŠtres du dossier global" "{EFA24E61-B078-11d0-89E4-00C04FC9E26E}"="Favorites Band" "{0A89A860-D7B1-11CE-8350-444553540000}"="Shell Automation Inproc Service" "{E7E4BC40-E76A-11CE-A9BB-00AA004AE837}"="Shell DocObject Viewer" "{A5E46E3A-8849-11D1-9D8C-00C04FC99D61}"="Microsoft Browser Architecture" "{FBF23B40-E3F0-101B-8488-00AA003E56F8}"="InternetShortcut" "{3C374A40-BAE4-11CF-BF7D-00AA006946EE}"="Microsoft Url History Service" "{FF393560-C2A7-11CF-BFF4-444553540000}"="Historique" "{7BD29E00-76C1-11CF-9DD0-00A0C9034933}"="Temporary Internet Files" "{7BD29E01-76C1-11CF-9DD0-00A0C9034933}"="Temporary Internet Files" "{CFBFAE00-17A6-11D0-99CB-00C04FD64497}"="Microsoft Url Search Hook" "{A2B0DD40-CC59-11d0-A3A5-00C04FD706EC}"="Image de d‚marrage de la Suite IE4" "{67EA19A0-CCEF-11d0-8024-00C04FD75D13}"="CDF Extension Copy Hook" "{131A6951-7F78-11D0-A979-00C04FD705A2}"="ISFBand OC" "{9461b922-3c5a-11d2-bf8b-00c04fb93661}"="Search Assistant OC" "{3DC7A020-0ACD-11CF-A9BB-00AA004AE837}"="Internet" "{871C5380-42A0-1069-A2EA-08002B30309D}"="Internet Name Space" "{EFA24E64-B078-11d0-89E4-00C04FC9E26E}"="Explorer Band" "{9E56BE60-C50F-11CF-9A2C-00A0C90A90CE}"="Sendmail service" "{9E56BE61-C50F-11CF-9A2C-00A0C90A90CE}"="Sendmail service" "{88C6C381-2E85-11D0-94DE-444553540000}"="Dossier ActiveX Cache" "{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"="WebCheck" "{ABBE31D0-6DAE-11D0-BECA-00C04FD940BE}"="Subscription Mgr" "{F5175861-2688-11d0-9C5E-00AA00A45957}"="Dossier Inscription" "{08165EA0-E946-11CF-9C87-00AA005127ED}"="WebCheckWebCrawler" "{E3A8BDE6-ABCE-11d0-BC4B-00C04FD929DB}"="WebCheckChannelAgent" "{E8BB6DC0-6B4E-11d0-92DB-00A0C90C2BD7}"="TrayAgent" "{7D559C10-9FE9-11d0-93F7-00AA0059CE02}"="Code Download Agent" "{E6CC6978-6B6E-11D0-BECA-00C04FD940BE}"="ConnectionAgent" "{D8BD2030-6FC9-11D0-864F-00AA006809D9}"="PostAgent" "{7FC0B86E-5FA7-11d1-BC7C-00C04FD929DB}"="WebCheck SyncMgr Handler" "{352EC2B7-8B9A-11D1-B8AE-006008059382}"="Gestionnaire d'applications d'environnement" "{0B124F8F-91F0-11D1-B8B5-006008059382}"="?num‚rateur d'applications install‚es" "{CFCCC7A0-A282-11D1-9082-006008059382}"="Publication d'application Darwin" "{e84fda7c-1d6a-45f6-b725-cb260c236066}"="Shell Image Verbs" "{66e4e4fb-f385-4dd0-8d74-a2efd1bc6178}"="Shell Image Data Factory" "{3F30C968-480A-4C6C-862D-EFC0897BB84B}"="Extracteur de miniatures de fichier + GDI" "{9DBD2C50-62AD-11d0-B806-00C04FD706EC}"="Gestionnaire de miniatures - Informations de r‚sum‚ (DOCFILES)" "{EAB841A0-9550-11cf-8C16-00805F1408F3}"="Extracteur de miniatures HTML" "{eb9b1153-3b57-4e68-959a-a3266bc3d7fe}"="Shell Image Property Handler" "{CC6EEFFB-43F6-46c5-9619-51D571967F7D}"="Assistant Publication de sites Web" "{add36aa8-751a-4579-a266-d66f5202ccbb}"="Commande d'impressions via le Web" "{6b33163c-76a5-4b6c-bf21-45de9cd503a1}"="Objet Assistant de publication Shell" "{58f1f272-9240-4f51-b6d4-fd63d1618591}"="Assistant Obtenir une identit‚ Passport" "{7A9D77BD-5403-11d2-8785-2E0420524153}"="Comptes d'utilisateurs" "{BD472F60-27FA-11cf-B8B4-444553540000}"="Compressed (zipped) Folder Right Drag Handler" "{888DCA60-FC0A-11CF-8F0F-00C04FD7D062}"="Compressed (zipped) Folder SendTo Target" "{f39a0dc0-9cc8-11d0-a599-00c04fd64433}"="Fichier de chaŒne" "{f3aa0dc0-9cc8-11d0-a599-00c04fd64434}"="Raccourci de chaŒne" "{f3ba0dc0-9cc8-11d0-a599-00c04fd64435}"="Channel Handler Object" "{f3da0dc0-9cc8-11d0-a599-00c04fd64437}"="Channel Menu" "{f3ea0dc0-9cc8-11d0-a599-00c04fd64438}"="Channel Properties" "{63da6ec0-2e98-11cf-8d82-444553540000}"="FTP Folders Webview" "{883373C3-BF89-11D1-BE35-080036B11A03}"="Microsoft DocProp Shell Ext" "{A9CF0EAE-901A-4739-A481-E35B73E47F6D}"="Microsoft DocProp Inplace Edit Box Control" "{8EE97210-FD1F-4B19-91DA-67914005F020}"="Microsoft DocProp Inplace ML Edit Box Control" "{0EEA25CC-4362-4A12-850B-86EE61B0D3EB}"="Microsoft DocProp Inplace Droplist Combo Control" "{6A205B57-2567-4A2C-B881-F787FAB579A3}"="Microsoft DocProp Inplace Calendar Control" "{28F8A4AC-BBB3-4D9B-B177-82BFC914FA33}"="Microsoft DocProp Inplace Time Control" "{8A23E65E-31C2-11d0-891C-00A024AB2DBB}"="Directory Query UI" "{9E51E0D0-6E0F-11d2-9601-00C04FA31A86}"="Shell properties for a DS object" "{163FDC20-2ABC-11d0-88F0-00A024AB2DBB}"="Directory Object Find" "{F020E586-5264-11d1-A532-0000F8757D7E}"="Directory Start/Search Find" "{0D45D530-764B-11d0-A1CA-00AA00C16E65}"="Directory Property UI" "{62AE1F9A-126A-11D0-A14B-0800361B1103}"="Directory Context Menu Verbs" "{ECF03A33-103D-11d2-854D-006008059367}"="MyDocs Copy Hook" "{ECF03A32-103D-11d2-854D-006008059367}"="MyDocs Drop Target" "{4a7ded0a-ad25-11d0-98a8-0800361b1103}"="MyDocs Properties" "{750fdf0e-2a26-11d1-a3ea-080036587f03}"="Offline Files Menu" "{10CFC467-4392-11d2-8DB4-00C04FA31A66}"="Offline Files Folder Options" "{AFDB1F70-2A4C-11d2-9039-00C04F8EEB3E}"="Dossier Fichiers hors connexion" "{143A62C8-C33B-11D1-84FE-00C04FA34A14}"="Microsoft Agent Character Property Sheet Handler" "{ECCDF543-45CC-11CE-B9BF-0080C87CDBA6}"="DfsShell" "{60fd46de-f830-4894-a628-6fa81bc0190d}"="%DESC_PublishDropTarget%" "{7A80E4A8-8005-11D2-BCF8-00C04F72C717}"="MMC Icon Handler" "{0CD7A5C0-9F37-11CE-AE65-08002B2E1262}"=".CAB file viewer" "{32714800-2E5F-11d0-8B85-00AA0044F941}"="Des &personnes..." "{8DD448E6-C188-4aed-AF92-44956194EB1F}"="Windows Media Player Play as Playlist Context Menu Handler" "{CE3FB1D1-02AE-4a5f-A6E9-D9F1B4073E6C}"="Windows Media Player Burn Audio CD Context Menu Handler" "{F1B9284F-E9DC-4e68-9D7E-42362A59F0FD}"="Windows Media Player Add to Playlist Context Menu Handler" "{DEE12703-6333-4D4E-8F34-738C4DCC2E04}"="RecordNow! SendToExt" "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"="WinRAR shell extension" "{BDEADF00-C265-11D0-BCED-00A0C90AB50F}"="Dossiers Web" "{42042206-2D85-11D3-8CFF-005004838597}"="Microsoft Office HTML Icon Handler" "{9E45947A-E580-4EFB-8F22-0977A0A80C2B}"="" ********************************************************************************** HKEY ROOT CLASSIDS: Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{9E45947A-E580-4EFB-8F22-0977A0A80C2B}] @="" [HKEY_CLASSES_ROOT\CLSID\{9E45947A-E580-4EFB-8F22-0977A0A80C2B}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{9E45947A-E580-4EFB-8F22-0977A0A80C2B}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{9E45947A-E580-4EFB-8F22-0977A0A80C2B}\InprocServer32] @="C:\\WINDOWS\\system32\\paflbmsg.dll" "ThreadingModel"="Apartment" ********************************************************************************** Files Found are not all bad files: C:\WINDOWS\SYSTEM32\ alfsipc.dll Wed 13 Apr 2005 20:48:08 ..S.R 235 222 229,71 K cdnfmsp.dll Wed 13 Apr 2005 20:42:26 ..S.R 233 094 227,63 K e002la~1.dll Wed 13 Apr 2005 21:06:20 ..S.R 235 222 229,71 K fpl003~1.dll Mon 11 Apr 2005 20:44:28 ..S.R 232 784 227,33 K h0n0la~1.dll Mon 11 Apr 2005 15:47:28 ..S.R 234 288 228,80 K hosetup.dll Mon 11 Apr 2005 11:17:44 ..S.R 235 222 229,71 K iwsecsvc.dll Mon 11 Apr 2005 13:58:28 ..S.R 234 288 228,80 K k026la~1.dll Thu 14 Apr 2005 21:57:06 ..S.R 235 105 229,59 K lvlo09~1.dll Thu 14 Apr 2005 22:16:14 ..S.R 235 444 229,93 K lzadperf.dll Thu 14 Apr 2005 18:32:38 ..S.R 234 003 228,52 K mdrd2x40.dll Wed 13 Apr 2005 18:28:22 ..S.R 235 222 229,71 K mnieftp.dll Mon 11 Apr 2005 16:29:04 ..S.R 235 222 229,71 K mshtml.dll Thu 27 Jan 2005 17:02:26 A.... 2 806 272 2,68 M n48o0e~1.dll Wed 13 Apr 2005 21:57:44 ..S.R 233 478 228,00 K nnevtmsg.dll Thu 14 Apr 2005 18:15:38 ..S.R 233 094 227,63 K o4480e~1.dll Wed 13 Apr 2005 22:25:58 ..S.R 233 938 228,45 K ole32.dll Fri 14 Jan 2005 7:34:50 A.... 1 258 496 1,20 M olecli32.dll Fri 14 Jan 2005 7:34:50 A.... 69 120 67,50 K olecnv32.dll Fri 14 Jan 2005 7:34:50 A.... 35 328 34,50 K paflbmsg.dll Thu 14 Apr 2005 22:16:16 ..S.R 235 105 229,59 K qfery.dll Wed 13 Apr 2005 23:27:50 ..S.R 233 094 227,63 K rpcss.dll Fri 14 Jan 2005 7:34:50 A.... 284 672 278,00 K scrmdll.dll Wed 13 Apr 2005 23:52:48 ..S.R 234 179 228,69 K spmsg.dll Thu 24 Feb 2005 19:35:26 ..... 15 072 14,72 K sporder.dll Sun 10 Apr 2005 13:18:12 A.... 8 464 8,27 K symneti.dll Fri 21 Jan 2005 23:31:54 A.... 513 752 501,71 K symredir.dll Fri 21 Jan 2005 23:31:52 A.... 141 016 137,71 K wjnipsec.dll Thu 14 Apr 2005 18:54:02 ..S.R 235 105 229,59 K wri.dll Wed 13 Apr 2005 20:53:46 ..S.R 233 094 227,63 K 29 items found: 29 files (20 H/S), 0 directories. Total of file sizes: 9 818 395 bytes 9,36 M Locate .tmp files: No matches found. ********************************************************************************** Directory Listing of system files: Le volume dans le lecteur C s'appelle HDD Le num‚ro de s‚rie du volume est 685E-3314 R‚pertoire de C:\WINDOWS\System32 14/04/2005 22:16 235ÿ105 paflbmsg.dll 14/04/2005 22:16 235ÿ444 lvlo0933e.dll 14/04/2005 21:57 235ÿ105 k026lafs1d26.dll 14/04/2005 18:54 235ÿ105 wjnipsec.dll 14/04/2005 18:32 234ÿ003 lzadperf.dll 14/04/2005 18:15 233ÿ094 nnevtmsg.dll 13/04/2005 23:52 234ÿ179 scrmdll.dll 13/04/2005 23:27 233ÿ094 qfery.dll 13/04/2005 22:25 233ÿ938 o4480ehueh480.dll 13/04/2005 21:57 233ÿ478 n48o0el3ehq.dll 13/04/2005 21:06 235ÿ222 e002lado1d0c.dll 13/04/2005 20:53 233ÿ094 wri.dll 13/04/2005 20:48 235ÿ222 alfsipc.dll 13/04/2005 20:42 233ÿ094 cdnfmsp.dll 13/04/2005 18:28 235ÿ222 mdrd2x40.dll 11/04/2005 20:44 232ÿ784 fpl0033me.dll 11/04/2005 16:29 235ÿ222 mnieftp.dll 11/04/2005 15:47 234ÿ288 h0n0la5m1d.dll 11/04/2005 13:58 234ÿ288 iwsecsvc.dll 11/04/2005 11:17 235ÿ222 hosetup.dll 06/04/2005 18:17 <REP> dllcache 30/09/2002 14:14 <REP> Microsoft 20 fichier(s) 4ÿ686ÿ203 octets 2 R‚p(s) 3ÿ089ÿ264ÿ640 octets libres
BipBip
 Posté le 14/04/2005 à 23:01 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
  Astucien
Ferme tous les programmes ouvert actuellement. Double-clique sur l2mfix.bat dans le dossiers l2mfix et choisis l'option 2 puis entrée. Appuis sur n'importe quel touche pour redémarrer ton PC. Au redémarrage ton PC bureau vas disparaître quelques instant ceci est normal. L2mfix vas continuer son travail et vas ouvrir un nouveau rapport, copier&coller le rapport dans ton message. ainsi qu'un nouveau rapport Hijackthis. A+
Maelysroma
 Posté le 14/04/2005 à 23:16 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petite astucienne
J'ai suivi exactement ce que tu m'as dit mais au redémarrage, l2mfix ne m'a pas donné de rapport, que dois-je faire ?
BipBip
 Posté le 14/04/2005 à 23:31 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
  Astucien
Maelysroma a écrit :
J'ai suivi exactement ce que tu m'as dit mais au redémarrage, l2mfix ne m'a pas donné de rapport, que dois-je faire ?
Parfois cela prend un instant avant que le rapport notpad s'ouvre... Sinon refait demain ces manip, 1/Télécharger L2mfix et l'installer sous c:\Program files\l2mfix\: http://www.atribune.org/downloads/l2mfix.exe ou ici http://www.downloads.subratam.org/l2mfix.exe Mets-le sur ton bureau. Double-clique sur l2mfix. Dans le dossier extrait, double-clique l2mfix.bat et choisis l'option 1 (et entrée). Attend qu'il termine et le rapport généré. Nb : surtout, ne pas choisir l'option 2 ni aucuns autres fichiers de l2mfix. 2/Ferme tes applications en cours, il va y avoir un redémarrage du pc. Double-clique sur l2mfix.bat et choisis l'option 2 puis entrée. Appuis sur n'importe quel touche pour redémarrer ton PC. Au redémarrage ton PC bureau vas disparaître quelques instant ceci est normal. L2mfix vas continuer son travail et vas ouvrir un nouveau rapport, copier&coller le rapport dans ton message. A suivre...
Publicité
Maelysroma
 Posté le 14/04/2005 à 23:43 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petite astucienne
Faut-il que je le désinstalle, pour le réinstaller demain ? Ma question va peut-être paraître stupide [confus], mais pourquoi dois-je attendre demain pour le faire ? Est-ce que je pourrais le faire dès le matin, car comme je l'ai dit précedemment, c'est une amie qui m'a demandé de nettoyer son pc, et il faut que je lui ramène pour le week-end. En tous cas jusqu'à présent merci à vous Philae et BipBip pour vos conseils [clindoeil]
BipBip
 Posté le 14/04/2005 à 23:44 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
  Astucien
Non pas besoins de le reinstaller je te donnez juste la procedure complette :o)
Maelysroma a écrit : pourquoi dois-je attendre demain pour le faire ?
Par ce que BipBip [dormir] A+
Maelysroma
 Posté le 14/04/2005 à 23:49 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petite astucienne
[bigsmile]Ok merci BipBip et bonne nuit [clindoeil]
Maelysroma
 Posté le 15/04/2005 à 00:25 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petite astucienne
Alors soit je m'y prends très mal, soit le PC de mon amie ne veut rien savoir, mais j'ai beau resuivre la procédure de A à Z, et attendre, et attendre, .... mais rien n'y fait l2mfix ne reprend pas son travail au redémarrage et ne me fournit pas de rapport [triste]

Modifié par Maelysroma le 15/04/2005 00:45
Maelysroma
 Posté le 15/04/2005 à 10:13 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petite astucienne
Bonjour à tous J'ai encore réessayé ce matin, tout se passe bien jusqu'au redémarrage, mais toujours pas de rapport [triste] Y a t'il une solution ? ou dois-je me résigner à formater son pc ?
philae
 Posté le 15/04/2005 à 10:28 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Grande Maîtresse astucienne

bonjour,
'ai encore réessayé ce matin, tout se passe bien jusqu'au redémarrage, mais toujours pas de rapport Y a t'il une solution ? ou dois-je me résigner à formater son pc ?
non, ne formate pas ton pc, il y a toujours des solutions. Par contre, il va te falloir attendre bipbip ou quelqu'un d'autre, car je n'ai pas encore utilisé cet outil et je ne peux pas te répondre. Tu auras une réponse dans la journée ne t'inquiète pas. Ne formate pas, le formatage ne change malheureusement rien, les 3/4 du temps, les ennuis reviennent dans la foulée. A+
Maelysroma
 Posté le 15/04/2005 à 11:17 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petite astucienne
Je te remercie pour ton intervention Philae Ok je ne formate pas [nonnon], je vais attendre sagement BipBip ou quelqu'un d'autre [clindoeil] Passe une bonne journée [cool] A+
BipBip
 Posté le 15/04/2005 à 11:31 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
  Astucien
Franchement je ne vois pas pourquoi cela ne fonctionne pas ! Si queruak ou ipl_001 on un avis je suis prenneur ! Nous allons passer par un autre moyen (plus long): déziper, exécuter (fix) [url="http://computercops.biz/zx/Merijn/kill2me.zip"]Kill2me[/url] Vider la quarantaine de ton antivirus, Télécharger et lancer [url="http://www.mwti.net/download/tools/mwav.exe"]Escan[/url] .. (pour un scan complet) .. cocher la case "Drive" .. sélectionner le bouton-radio "Scan All Files" . cliquer sur le bouton "Scan Clean" (sous Action) Le scan dure un certain temps... efficace, eScan distingue plusieurs catégories dans les éléments douteux : .. "No action taken" pour des éléments qu'il reconnait finalement comme n'étant pas des virus .. "File renamed" pour des éléments douteux .. "File deleted" pour ceux qui ne méritent que çà ! La version gratuite ne supprimera pas les programmes potentiellement malicieux trouvés. Puis coller ici le rapport en évitant les lignes redondantes (qui sont pareil).

Modifié par BipBip le 15/04/2005 11:33
Maelysroma
 Posté le 15/04/2005 à 19:58 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petite astucienne
Bonsoir à tous, bonsoir BipBip, Voici le rapport Escan, j'ai essayé d'éviter le maximum de lignes redondantes, ce qui m'y semble bizar c'est que malgré après avoir vider la quarantaine de l'antivirus, il y a encore des lignes à ce sujet [confus] Faut-il également te poster un nouveau rapport hijackthis ? Fri Apr 15 12:39:57 2005 => ********************************************************** Fri Apr 15 12:39:57 2005 => MicroWorld AntiVirus Toolkit Utility. Fri Apr 15 12:39:57 2005 => Copyright © 2003-2005, MicroWorld Technologies Inc. Fri Apr 15 12:39:57 2005 => ********************************************************** Fri Apr 15 12:39:57 2005 => Version 6.0.7 (C:\DOCUME~1\MUMULA~1\LOCALS~1\Temp\mwavscan.com) Fri Apr 15 12:39:57 2005 => Log File: C:\DOCUME~1\MUMULA~1\LOCALS~1\Temp\MWAV.LOG Fri Apr 15 12:39:57 2005 => MWAV Registered: FALSE. Fri Apr 15 12:39:57 2005 => MWAV Mode: Only Scan files. Fri Apr 15 12:39:57 2005 => Latest Date of files inside MWAV: 13 Apr 2005 11:12:21. Fri Apr 15 12:40:03 2005 => AV Library Loaded... Fri Apr 15 12:40:03 2005 => MWAV doing self scanning... Fri Apr 15 12:40:03 2005 => Scanning File C:\DOCUME~1\MUMULA~1\LOCALS~1\Temp\kavss.exe Fri Apr 15 12:40:03 2005 => Scanning File C:\DOCUME~1\MUMULA~1\LOCALS~1\Temp\Getvlist.exe Fri Apr 15 12:40:03 2005 => Scanning File C:\DOCUME~1\MUMULA~1\LOCALS~1\Temp\kavss.dll Fri Apr 15 12:40:03 2005 => Scanning File C:\DOCUME~1\MUMULA~1\LOCALS~1\Temp\kavssdi.dll Fri Apr 15 12:40:04 2005 => Scanning File C:\DOCUME~1\MUMULA~1\LOCALS~1\Temp\kavssi.dll Fri Apr 15 12:40:04 2005 => Scanning File C:\DOCUME~1\MUMULA~1\LOCALS~1\Temp\kavvlg.dll Fri Apr 15 12:40:04 2005 => Scanning File C:\DOCUME~1\MUMULA~1\LOCALS~1\Temp\msvlclnt.dll Fri Apr 15 12:40:04 2005 => Scanning File C:\DOCUME~1\MUMULA~1\LOCALS~1\Temp\ipc.dll Fri Apr 15 12:40:04 2005 => Scanning File C:\DOCUME~1\MUMULA~1\LOCALS~1\Temp\main.avi Fri Apr 15 12:40:04 2005 => Scanning File C:\DOCUME~1\MUMULA~1\LOCALS~1\Temp\virus.avi Fri Apr 15 12:40:04 2005 => MWAV files are clean. Fri Apr 15 12:40:04 2005 => Virus Database Date: 2005/04/13 Fri Apr 15 12:40:04 2005 => Virus Database Count: 125667 Fri Apr 15 12:41:06 2005 => ********************************************************** Fri Apr 15 12:41:06 2005 => MicroWorld AntiVirus Toolkit Utility. Fri Apr 15 12:41:06 2005 => Copyright © 2003-2005, MicroWorld Technologies Inc. Fri Apr 15 12:41:06 2005 => Fri Apr 15 12:41:06 2005 => Support: support@mwti.net Fri Apr 15 12:41:06 2005 => Web: http://www.mwti.net Fri Apr 15 12:41:06 2005 => ********************************************************** Fri Apr 15 12:41:06 2005 => Version 6.0.7 (C:\DOCUME~1\MUMULA~1\LOCALS~1\Temp\mwavscan.com) Fri Apr 15 12:41:06 2005 => Log File: C:\DOCUME~1\MUMULA~1\LOCALS~1\Temp\MWAV.LOG Fri Apr 15 12:41:06 2005 => User Account: Mumu la sorcière Fri Apr 15 12:41:06 2005 => Windows Root Folder: C:\WINDOWS Fri Apr 15 12:41:06 2005 => Windows Sys32 Folder: C:\WINDOWS\System32 Fri Apr 15 12:41:06 2005 => OS: Windows NT Fri Apr 15 12:41:06 2005 => Latest Date of files inside MWAV: 13 Apr 2005 11:12:21. Fri Apr 15 12:41:06 2005 => Options Selected by User: Fri Apr 15 12:41:06 2005 => Memory Check: Enabled Fri Apr 15 12:41:06 2005 => Registry Check: Enabled Fri Apr 15 12:41:06 2005 => StartUp Folder Check: Enabled Fri Apr 15 12:41:06 2005 => System Folder Check: Enabled Fri Apr 15 12:41:06 2005 => System Area Check: Disabled Fri Apr 15 12:41:06 2005 => Services Check: Enabled Fri Apr 15 12:41:06 2005 => Drive Check: Disabled Fri Apr 15 12:41:06 2005 => All Drive Check :Enabled Fri Apr 15 12:41:06 2005 => Folder Check: Disabled Fri Apr 15 12:41:07 2005 => ***** Scanning Memory Files ***** Fri Apr 15 12:42:02 2005 => File C:\WINDOWS\system32\djmrtp.dll infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken. Fri Apr 15 12:42:23 2005 => File C:\WINDOWS\system32\altiveds.dll infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken. Fri Apr 15 12:42:24 2005 => ***** Scanning Registry Files ***** Fri Apr 15 12:42:32 2005 => ERROR!!! Invalid Entry DllName = appmgmts.dll (in key SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{c6dc5466-785a-11d2-84d0-00c04fb169f7}). Removing it. Fri Apr 15 12:42:35 2005 => ERROR!!! Invalid Entry second = C:\Documents and Settings\Mumu la sorciŠre\Bureau\l2mfix\second.bat (in key SOFTWARE\Microsoft\Windows\CurrentVersion\Run). Removing it. Fri Apr 15 12:42:36 2005 => ***** Scanning StartUp Folders ***** Fri Apr 15 12:42:36 2005 => ***** Scanning C:\Documents and Settings\Mumu la sorcière\Menu Démarrer\Programmes\Démarrage Folder ***** Fri Apr 15 12:42:36 2005 => ***** Scanning C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage Folder ***** Fri Apr 15 12:42:36 2005 => ***** Scanning Service Files ***** Fri Apr 15 12:42:57 2005 => Offending Folder C:\DOCUME~1\MUMULA~1\MENUDM~1\PROGRA~1\ADDEST~1 present... Fri Apr 15 12:42:57 2005 => System found infected with addestroyer Spyware/Adware! Action taken: No Action Taken. Fri Apr 15 12:42:57 2005 => File System Found infected by "addestroyer Spyware/Adware" Virus. Action Taken: No Action Taken. Fri Apr 15 12:43:05 2005 => ***** Scanning System32 Folders ***** Fri Apr 15 12:43:08 2005 => File C:\WINDOWS\icont.exe infected by "not-a-virus:AdWare.AdURL.c" Virus. Action Taken: No Action Taken. Fri Apr 15 12:43:28 2005 => File C:\WINDOWS\System32\alfsipc.dll infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken. Fri Apr 15 12:43:28 2005 => File C:\WINDOWS\System32\altiveds.dll infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken. Fri Apr 15 12:43:36 2005 => File C:\WINDOWS\System32\cdnfmsp.dll infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken. Fri Apr 15 12:43:57 2005 => File C:\WINDOWS\System32\djmrtp.dll infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken. Fri Apr 15 12:44:05 2005 => File C:\WINDOWS\System32\e002lado1d0c.dll infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken. Fri Apr 15 12:44:05 2005 => File C:\WINDOWS\System32\e8200ifme82a0.dll infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken. Fri Apr 15 12:44:10 2005 => File C:\WINDOWS\System32\fpl0033me.dll infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken. Fri Apr 15 12:44:12 2005 => File C:\WINDOWS\System32\h0n0la5m1d.dll infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken. Fri Apr 15 12:44:14 2005 => File C:\WINDOWS\System32\hosetup.dll infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken. Fri Apr 15 12:44:25 2005 => File C:\WINDOWS\System32\iwsecsvc.dll infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken. Fri Apr 15 12:44:38 2005 => File C:\WINDOWS\System32\lvlo0933e.dll infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken. Fri Apr 15 12:44:38 2005 => File C:\WINDOWS\System32\lzadperf.dll infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken. Fri Apr 15 12:44:41 2005 => File C:\WINDOWS\System32\mdrd2x40.dll infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken. Fri Apr 15 12:44:45 2005 => File C:\WINDOWS\System32\mnieftp.dll infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken. Fri Apr 15 12:45:06 2005 => File C:\WINDOWS\System32\n48o0el3ehq.dll infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken. Fri Apr 15 12:45:09 2005 => File C:\WINDOWS\System32\nnevtmsg.dll infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken. Fri Apr 15 12:45:14 2005 => File C:\WINDOWS\System32\o4480ehueh480.dll infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken. Fri Apr 15 12:45:23 2005 => File C:\WINDOWS\System32\Process.exe tagged as not-a-virus:RiskWare.Tool.Processor.20. No Action Taken. Fri Apr 15 12:45:26 2005 => File C:\WINDOWS\System32\qfery.dll infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken. Fri Apr 15 12:45:38 2005 => File C:\WINDOWS\System32\scrmdll.dll infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken. Fri Apr 15 12:45:41 2005 => File C:\WINDOWS\System32\sfoolss.dll infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken. Fri Apr 15 12:45:52 2005 => File C:\WINDOWS\System32\syrvdeps.dll infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken. Fri Apr 15 12:46:12 2005 => File C:\WINDOWS\System32\wjnipsec.dll infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken. Fri Apr 15 12:46:19 2005 => File C:\WINDOWS\System32\wri.dll infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken. Fri Apr 15 12:48:41 2005 => ***** Scanning All Drives ***** Fri Apr 15 12:59:41 2005 => Result: ERROR!!! File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\AbetterInternet.zip is Not Scanned Fri Apr 15 12:59:41 2005 => C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\AbetterInternet.zip not Scanned. Possibly password protected... Fri Apr 15 12:59:41 2005 => Scanning File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\AdDestroyer.zip Fri Apr 15 12:59:41 2005 => Result: ERROR!!! File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\AdDestroyer.zip is Not Scanned Fri Apr 15 12:59:41 2005 => C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\AdDestroyer.zip not Scanned. Possibly password protected... Fri Apr 15 12:59:41 2005 => Scanning File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\AdDestroyer1.zip Fri Apr 15 12:59:42 2005 => Result: ERROR!!! File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\AdDestroyer1.zip is Not Scanned Fri Apr 15 12:59:42 2005 => C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\AdDestroyer1.zip not Scanned. Possibly password protected... Fri Apr 15 12:59:42 2005 => Scanning File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\AlexaRelated.zip Fri Apr 15 12:59:42 2005 => Result: ERROR!!! File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\AlexaRelated.zip is Not Scanned Fri Apr 15 12:59:42 2005 => C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\AlexaRelated.zip not Scanned. Possibly password protected... Fri Apr 15 12:59:42 2005 => Scanning File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\CallingHomebiz.zip Fri Apr 15 12:59:42 2005 => Result: ERROR!!! File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\CallingHomebiz.zip is Not Scanned Fri Apr 15 12:59:42 2005 => C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\CallingHomebiz.zip not Scanned. Possibly password protected... Fri Apr 15 12:59:42 2005 => Scanning File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DSOExploit.zip Fri Apr 15 12:59:42 2005 => Result: ERROR!!! File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DSOExploit.zip is Not Scanned Fri Apr 15 12:59:42 2005 => C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DSOExploit.zip not Scanned. Possibly password protected... Fri Apr 15 12:59:42 2005 => Scanning File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DSOExploit1.zip Fri Apr 15 12:59:42 2005 => Result: ERROR!!! File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DSOExploit1.zip is Not Scanned Fri Apr 15 12:59:42 2005 => C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DSOExploit1.zip not Scanned. Possibly password protected... Fri Apr 15 12:59:42 2005 => Scanning File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DSOExploit10.zip Fri Apr 15 12:59:42 2005 => Result: ERROR!!! File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DSOExploit10.zip is Not Scanned Fri Apr 15 12:59:42 2005 => C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DSOExploit10.zip not Scanned. Possibly password protected... Fri Apr 15 12:59:42 2005 => Scanning File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DSOExploit11.zip Fri Apr 15 12:59:42 2005 => Result: ERROR!!! File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DSOExploit11.zip is Not Scanned Fri Apr 15 12:59:42 2005 => C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DSOExploit11.zip not Scanned. Possibly password protected... Fri Apr 15 12:59:42 2005 => Scanning File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DSOExploit12.zip Fri Apr 15 12:59:42 2005 => Result: ERROR!!! File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DSOExploit12.zip is Not Scanned Fri Apr 15 12:59:42 2005 => C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DSOExploit12.zip not Scanned. Possibly password protected... Fri Apr 15 12:59:42 2005 => Scanning File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DSOExploit13.zip Fri Apr 15 12:59:42 2005 => Result: ERROR!!! File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DSOExploit13.zip is Not Scanned Fri Apr 15 12:59:43 2005 => C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DSOExploit13.zip not Scanned. Possibly password protected... Fri Apr 15 12:59:43 2005 => Scanning File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DSOExploit14.zip Fri Apr 15 12:59:43 2005 => Result: ERROR!!! File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DSOExploit14.zip is Not Scanned Fri Apr 15 12:59:43 2005 => C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DSOExploit14.zip not Scanned. Possibly password protected... Fri Apr 15 12:59:43 2005 => Scanning File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DSOExploit15.zip Fri Apr 15 12:59:43 2005 => Result: ERROR!!! File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DSOExploit15.zip is Not Scanned Fri Apr 15 12:59:43 2005 => C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DSOExploit15.zip not Scanned. Possibly password protected... Fri Apr 15 12:59:43 2005 => Scanning File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DSOExploit16.zip Fri Apr 15 12:59:43 2005 => Result: ERROR!!! File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DSOExploit16.zip is Not Scanned Fri Apr 15 12:59:43 2005 => C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DSOExploit16.zip not Scanned. Possibly password protected... Fri Apr 15 12:59:43 2005 => Scanning File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DSOExploit17.zip Fri Apr 15 12:59:43 2005 => Result: ERROR!!! File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DSOExploit17.zip is Not Scanned Fri Apr 15 12:59:43 2005 => C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DSOExploit17.zip not Scanned. Possibly password protected... Fri Apr 15 12:59:43 2005 => Scanning File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DSOExploit18.zip Fri Apr 15 12:59:43 2005 => Result: ERROR!!! File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DSOExploit18.zip is Not Scanned Fri Apr 15 12:59:43 2005 => C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DSOExploit18.zip not Scanned. Possibly password protected... Fri Apr 15 12:59:43 2005 => Scanning File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DSOExploit19.zip Fri Apr 15 12:59:43 2005 => Result: ERROR!!! File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DSOExploit19.zip is Not Scanned Fri Apr 15 12:59:43 2005 => C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DSOExploit19.zip not Scanned. Possibly password protected... Fri Apr 15 12:59:43 2005 => Scanning File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DSOExploit2.zip Fri Apr 15 12:59:43 2005 => Result: ERROR!!! File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DSOExploit2.zip is Not Scanned Fri Apr 15 12:59:43 2005 => C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DSOExploit2.zip not Scanned. Possibly password protected... Fri Apr 15 12:59:43 2005 => Scanning File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DSOExploit3.zip Fri Apr 15 12:59:43 2005 => Result: ERROR!!! File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DSOExploit3.zip is Not Scanned Fri Apr 15 12:59:43 2005 => C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DSOExploit3.zip not Scanned. Possibly password protected... Fri Apr 15 12:59:43 2005 => Scanning File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DSOExploit4.zip Fri Apr 15 12:59:43 2005 => Result: ERROR!!! File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DSOExploit4.zip is Not Scanned Fri Apr 15 12:59:44 2005 => C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DSOExploit4.zip not Scanned. Possibly password protected... Fri Apr 15 12:59:44 2005 => Scanning File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DSOExploit5.zip Fri Apr 15 12:59:44 2005 => Result: ERROR!!! File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DSOExploit5.zip is Not Scanned Fri Apr 15 12:59:44 2005 => C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DSOExploit5.zip not Scanned. Possibly password protected... Fri Apr 15 12:59:44 2005 => Scanning File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DSOExploit6.zip Fri Apr 15 12:59:44 2005 => Result: ERROR!!! File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DSOExploit6.zip is Not Scanned Fri Apr 15 12:59:44 2005 => C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DSOExploit6.zip not Scanned. Possibly password protected... Fri Apr 15 12:59:44 2005 => Scanning File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DSOExploit7.zip Fri Apr 15 12:59:44 2005 => Result: ERROR!!! File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DSOExploit7.zip is Not Scanned Fri Apr 15 12:59:44 2005 => C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DSOExploit7.zip not Scanned. Possibly password protected... Fri Apr 15 12:59:44 2005 => Scanning File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DSOExploit8.zip Fri Apr 15 12:59:44 2005 => Result: ERROR!!! File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DSOExploit8.zip is Not Scanned Fri Apr 15 12:59:44 2005 => C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DSOExploit8.zip not Scanned. Possibly password protected... Fri Apr 15 12:59:44 2005 => Scanning File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DSOExploit9.zip Fri Apr 15 12:59:44 2005 => Result: ERROR!!! File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DSOExploit9.zip is Not Scanned Fri Apr 15 12:59:44 2005 => C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DSOExploit9.zip not Scanned. Possibly password protected... Fri Apr 15 12:59:44 2005 => Scanning File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\iSearch.zip Fri Apr 15 12:59:44 2005 => Result: ERROR!!! File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\iSearch.zip is Not Scanned Fri Apr 15 12:59:44 2005 => C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\iSearch.zip not Scanned. Possibly password protected... Fri Apr 15 12:59:44 2005 => Scanning File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\LookMeTopconverting.zip Fri Apr 15 12:59:44 2005 => Result: ERROR!!! File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\LookMeTopconverting.zip is Not Scanned Fri Apr 15 12:59:44 2005 => C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\LookMeTopconverting.zip not Scanned. Possibly password protected... Fri Apr 15 12:59:44 2005 => Scanning File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\LookMeTopconverting1.zip Fri Apr 15 12:59:44 2005 => Result: ERROR!!! File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\LookMeTopconverting1.zip is Not Scanned Fri Apr 15 12:59:44 2005 => C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\LookMeTopconverting1.zip not Scanned. Possibly password protected... Fri Apr 15 12:59:44 2005 => Scanning File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\LookMeTopconverting2.zip Fri Apr 15 12:59:44 2005 => Result: ERROR!!! File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\LookMeTopconverting2.zip is Not Scanned Fri Apr 15 12:59:45 2005 => C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\LookMeTopconverting2.zip not Scanned. Possibly password protected... Fri Apr 15 12:59:45 2005 => Scanning File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\LookMeTopconverting3.zip Fri Apr 15 12:59:45 2005 => Result: ERROR!!! File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\LookMeTopconverting3.zip is Not Scanned Fri Apr 15 12:59:45 2005 => C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\LookMeTopconverting3.zip not Scanned. Possibly password protected... Fri Apr 15 12:59:45 2005 => Scanning File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\LookMeTopconverting4.zip Fri Apr 15 12:59:45 2005 => Result: ERROR!!! File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\LookMeTopconverting4.zip is Not Scanned Fri Apr 15 12:59:45 2005 => C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\LookMeTopconverting4.zip not Scanned. Possibly password protected... Fri Apr 15 12:59:45 2005 => Scanning File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NetworkEssentialsSmartpopOops.zip Fri Apr 15 12:59:45 2005 => Result: ERROR!!! File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NetworkEssentialsSmartpopOops.zip is Not Scanned Fri Apr 15 12:59:45 2005 => C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NetworkEssentialsSmartpopOops.zip not Scanned. Possibly password protected... Fri Apr 15 12:59:45 2005 => Scanning File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NetworkEssentialsSmartpopOops1.zip Fri Apr 15 12:59:45 2005 => Result: ERROR!!! File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NetworkEssentialsSmartpopOops1.zip is Not Scanned Fri Apr 15 12:59:45 2005 => C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NetworkEssentialsSmartpopOops1.zip not Scanned. Possibly password protected... Fri Apr 15 12:59:45 2005 => Scanning File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NetworkEssentialsSmartpopOops2.zip Fri Apr 15 12:59:45 2005 => Result: ERROR!!! File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NetworkEssentialsSmartpopOops2.zip is Not Scanned Fri Apr 15 12:59:45 2005 => C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NetworkEssentialsSmartpopOops2.zip not Scanned. Possibly password protected... Fri Apr 15 12:59:45 2005 => Scanning File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NetworkEssentialsSmartpopOops3.zip Fri Apr 15 12:59:45 2005 => Result: ERROR!!! File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NetworkEssentialsSmartpopOops3.zip is Not Scanned Fri Apr 15 12:59:45 2005 => C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NetworkEssentialsSmartpopOops3.zip not Scanned. Possibly password protected... Fri Apr 15 12:59:45 2005 => Scanning File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NetworkEssentialsSmartpopOops4.zip Fri Apr 15 12:59:45 2005 => Result: ERROR!!! File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NetworkEssentialsSmartpopOops4.zip is Not Scanned Fri Apr 15 12:59:45 2005 => C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NetworkEssentialsSmartpopOops4.zip not Scanned. Possibly password protected... Fri Apr 15 12:59:45 2005 => Scanning File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NicTechNetworksZestyfind.zip Fri Apr 15 12:59:45 2005 => Result: ERROR!!! File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NicTechNetworksZestyfind.zip is Not Scanned Fri Apr 15 12:59:45 2005 => C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NicTechNetworksZestyfind.zip not Scanned. Possibly password protected... Fri Apr 15 12:59:45 2005 => Scanning File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Overview.ini Fri Apr 15 12:59:46 2005 => Scanning File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Roings.zip Fri Apr 15 12:59:46 2005 => Result: ERROR!!! File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Roings.zip is Not Scanned Fri Apr 15 12:59:46 2005 => C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Roings.zip not Scanned. Possibly password protected... Fri Apr 15 12:59:46 2005 => Scanning File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\VBouncer.zip Fri Apr 15 12:59:46 2005 => Result: ERROR!!! File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\VBouncer.zip is Not Scanned Fri Apr 15 12:59:46 2005 => C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\VBouncer.zip not Scanned. Possibly password protected... Fri Apr 15 12:59:46 2005 => Scanning File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\VirtualBouncer.zip Fri Apr 15 12:59:46 2005 => Result: ERROR!!! File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\VirtualBouncer.zip is Not Scanned Fri Apr 15 12:59:46 2005 => C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\VirtualBouncer.zip not Scanned. Possibly password protected... Fri Apr 15 12:59:46 2005 => Scanning File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\VXf.zip Fri Apr 15 12:59:46 2005 => Result: ERROR!!! File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\VXf.zip is Not Scanned Fri Apr 15 12:59:46 2005 => C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\VXf.zip not Scanned. Possibly password protected... Fri Apr 15 13:01:38 2005 => File C:\Documents and Settings\Mumu la sorcière\Bureau\l2mfix\Process.exe tagged as not-a-virus:RiskWare.Tool.Processor.20. No Action Taken. Fri Apr 15 13:06:48 2005 => Scanning File C:\DRIVERS\MCDBF\SOURCE1\OTHER.EXE Fri Apr 15 13:06:48 2005 => Result: ERROR!!! File C:\DRIVERS\MCDBF\SOURCE1\OTHER.EXE is Not Scanned Fri Apr 15 13:06:48 2005 => C:\DRIVERS\MCDBF\SOURCE1\OTHER.EXE not Scanned. Possibly password protected... Fri Apr 15 13:06:49 2005 => Scanning File C:\DRIVERS\MCDBF\SOURCE1\TSADDON.EXE Fri Apr 15 13:06:49 2005 => Result: ERROR!!! File C:\DRIVERS\MCDBF\SOURCE1\TSADDON.EXE is Not Scanned Fri Apr 15 13:06:49 2005 => C:\DRIVERS\MCDBF\SOURCE1\TSADDON.EXE not Scanned. Possibly password protected... Fri Apr 15 13:07:03 2005 => Scanning File C:\hiberfil.sys Fri Apr 15 13:07:03 2005 => Result: ERROR!!! File C:\hiberfil.sys: Scanning Failure!!! Fri Apr 15 13:07:03 2005 => ERROR!!! ScanFile fails for C:\hiberfil.sys Fri Apr 15 13:10:25 2005 => File C:\Program Files\AOL 9.0\Jiti\Jiti_mm.exe tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. Fri Apr 15 13:16:37 2005 => File C:\Program Files\l2mfix\l2mfix.exe tagged as not-a-virus:RiskWare.Tool.Processor.20. No Action Taken. Fri Apr 15 13:16:40 2005 => Scanning File C:\Program Files\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask Fri Apr 15 13:16:40 2005 => Result: ERROR!!! File C:\Program Files\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask is Not Scanned Fri Apr 15 13:16:40 2005 => C:\Program Files\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask not Scanned. Possibly password protected... Fri Apr 15 13:25:06 2005 => File C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\\07C82955 infected by "Trojan-Downloader.Win32.Stubby.c" Virus. Action Taken: No Action Taken. Fri Apr 15 13:25:07 2005 => File C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\\09216F67.dll infected by "Trojan-Downloader.Win32.Ieser.a" Virus. Action Taken: No Action Taken. Fri Apr 15 13:25:07 2005 => File C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\\0BCE5A16 infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken. Fri Apr 15 13:25:07 2005 => File C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\151042D9.dll infected by "Trojan-Downloader.Win32.Ieser.a" Virus. Action Taken: No Action Taken. Fri Apr 15 13:25:08 2005 => File C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\1EE82153 infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken. Fri Apr 15 13:25:08 2005 => File C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\30264835.exe infected by "Backdoor.Win32.Agobot.gen" Virus. Action Taken: No Action Taken. Fri Apr 15 13:25:08 2005 => File C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\30297231.exe infected by "Backdoor.Win32.Agobot.gen" Virus. Action Taken: No Action Taken. Fri Apr 15 13:25:09 2005 => File C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\302C1C2E.exe infected by "Backdoor.Win32.Agobot.gen" Virus. Action Taken: No Action Taken. Fri Apr 15 13:25:09 2005 => File C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\342A2CF3.exe infected by "Backdoor.Win32.Agobot.gen" Virus. Action Taken: No Action Taken. Fri Apr 15 13:25:09 2005 => File C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\344D7ACC.exe infected by "Backdoor.Win32.Agobot.gen" Virus. Action Taken: No Action Taken. Fri Apr 15 13:25:09 2005 => File C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\347E7096.exe infected by "Backdoor.Win32.Agobot.gen" Virus. Action Taken: No Action Taken. Fri Apr 15 13:25:10 2005 => File C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\34A64D72 infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken. Fri Apr 15 13:25:10 2005 => File C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\351E79E6.exe infected by "Backdoor.Win32.Agobot.gen" Virus. Action Taken: No Action Taken. Fri Apr 15 13:25:10 2005 => File C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\35A43352.exe infected by "Backdoor.Win32.Agobot.gen" Virus. Action Taken: No Action Taken. Fri Apr 15 13:25:10 2005 => File C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\35C5572E.exe infected by "Backdoor.Win32.Agobot.gen" Virus. Action Taken: No Action Taken. Fri Apr 15 13:25:11 2005 => File C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\3648669F.exe infected by "Backdoor.Win32.Agobot.gen" Virus. Action Taken: No Action Taken. Fri Apr 15 13:25:11 2005 => File C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\366F0F57 infected by "Trojan-Downloader.Win32.Agent.bt" Virus. Action Taken: No Action Taken. Fri Apr 15 13:25:11 2005 => File C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\36CE200B.exe infected by "Backdoor.Win32.Agobot.gen" Virus. Action Taken: No Action Taken. Fri Apr 15 13:25:11 2005 => File C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\38310084.exe infected by "Backdoor.Win32.Agobot.gen" Virus. Action Taken: No Action Taken. Fri Apr 15 13:25:12 2005 => File C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\3866204A.exe infected by "Backdoor.Win32.Agobot.gen" Virus. Action Taken: No Action Taken. Fri Apr 15 13:25:12 2005 => File C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\389A4011.exe infected by "Backdoor.Win32.Agobot.gen" Virus. Action Taken: No Action Taken. Fri Apr 15 13:25:12 2005 => File C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\3962060B.exe infected by "Backdoor.Win32.Agobot.gen" Virus. Action Taken: No Action Taken. Fri Apr 15 13:25:12 2005 => File C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\3B393B68 infected by "Trojan-Downloader.Win32.Agent.br" Virus. Action Taken: No Action Taken. Fri Apr 15 13:25:12 2005 => File C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\3B943BA1.exe infected by "Backdoor.Win32.Agobot.gen" Virus. Action Taken: No Action Taken. Fri Apr 15 13:25:13 2005 => File C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\3D7E5586.exe infected by "Backdoor.Win32.Agobot.gen" Virus. Action Taken: No Action Taken. Fri Apr 15 13:25:13 2005 => File C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\434B7523.exe infected by "Backdoor.Win32.Agobot.gen" Virus. Action Taken: No Action Taken. Fri Apr 15 13:25:13 2005 => File C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\4CF73694 infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken. Fri Apr 15 13:25:13 2005 => File C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\5C6378C3 infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken. Fri Apr 15 13:25:14 2005 => File C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\67BE41DB infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken. Fri Apr 15 13:25:14 2005 => File C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\67C415D4 infected by "not-a-virus:AdWare.Coreak" Virus. Action Taken: No Action Taken. Fri Apr 15 13:25:14 2005 => File C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\67C83FD1 infected by "Trojan-Downloader.Win32.Agent.bt" Virus. Action Taken: No Action Taken. Fri Apr 15 13:25:15 2005 => File C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\67CB69CD infected by "Trojan-Downloader.Win32.Agent.br" Virus. Action Taken: No Action Taken. Fri Apr 15 13:25:15 2005 => File C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\67CE13C9 infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken. Fri Apr 15 13:25:15 2005 => File C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\67D13DC6 infected by "Trojan-Downloader.Win32.Stubby.c" Virus. Action Taken: No Action Taken. Fri Apr 15 13:25:15 2005 => File C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\67D567C2 infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken. Fri Apr 15 13:25:16 2005 => File C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\67DE65B7 infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken. Fri Apr 15 13:25:16 2005 => File C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\70A73158 infected by "not-a-virus:AdWare.Coreak" Virus. Action Taken: No Action Taken. Fri Apr 15 13:25:16 2005 => File C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\7C376D57 infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken. Fri Apr 15 13:27:03 2005 => File C:\System Volume Information\\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP132\A0025048.exe infected by "not-a-virus:AdWare.ToolBar.ISearch.d" Virus. Action Taken: No Action Taken. Fri Apr 15 13:27:04 2005 => File C:\System Volume Information\\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP132\A0025050.exe infected by "not-a-virus:AdWare.VirtualBouncer.c" Virus. Action Taken: No Action Taken. Fri Apr 15 13:27:04 2005 => File C:\System Volume Information\\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP132\A0025057.EXE infected by "not-a-virus:AdWare.VirtualBouncer.j" Virus. Action Taken: No Action Taken. Fri Apr 15 13:27:04 2005 => File C:\System Volume Information\\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP132\A0025058.EXE infected by "not-a-virus:AdWare.VirtualBouncer.j" Virus. Action Taken: No Action Taken. Fri Apr 15 13:27:04 2005 => File C:\System Volume Information\\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP132\A0025059.EXE infected by "not-a-virus:AdWare.VirtualBouncer" Virus. Action Taken: No Action Taken. Fri Apr 15 13:27:05 2005 => File C:\System Volume Information\\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP132\A0025066.exe infected by "not-a-virus:AdWare.VirtualBouncer.i" Virus. Action Taken: No Action Taken. Fri Apr 15 13:27:05 2005 => File C:\System Volume Information\\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP132\A0025067.exe infected by "not-a-virus:AdWare.VirtualBouncer.g" Virus. Action Taken: No Action Taken. Fri Apr 15 13:27:05 2005 => File C:\System Volume Information\\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP132\A0025068.dll infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken. Fri Apr 15 13:27:05 2005 => File C:\System Volume Information\\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP132\A0025073.dll infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken. Fri Apr 15 13:27:06 2005 => File C:\System Volume Information\\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP132\A0025077.dll infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken. Fri Apr 15 13:27:06 2005 => File C:\System Volume Information\\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP132\A0025082.dll infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken. Fri Apr 15 13:27:06 2005 => File C:\System Volume Information\\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP132\A0025084.dll infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken. Fri Apr 15 13:27:06 2005 => File C:\System Volume Information\\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP132\A0025088.dll infected by "not-a-virus:AdWare.VirtualBouncer.g" Virus. Action Taken: No Action Taken. Fri Apr 15 13:27:06 2005 => File C:\System Volume Information\\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP132\A0025089.dll infected by "not-a-virus:AdWare.VirtualBouncer.g" Virus. Action Taken: No Action Taken. Fri Apr 15 13:27:06 2005 => File C:\System Volume Information\\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP132\A0025090.dll infected by "not-a-virus:AdWare.VirtualBouncer.g" Virus. Action Taken: No Action Taken. Fri Apr 15 13:27:06 2005 => File C:\System Volume Information\\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP132\A0025091.dll infected by "not-a-virus:AdWare.VirtualBouncer.g" Virus. Action Taken: No Action Taken. Fri Apr 15 13:27:13 2005 => File C:\System Volume Information\\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP136\A0025098.dll infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken. Fri Apr 15 13:27:14 2005 => File C:\System Volume Information\\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP136\A0025103.exe infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken. Fri Apr 15 13:27:14 2005 => File C:\System Volume Information\\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP136\A0025104.dll infected by "not-a-virus:AdWare.Coreak" Virus. Action Taken: No Action Taken. Fri Apr 15 13:27:14 2005 => File C:\System Volume Information\\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP136\A0025106.dll infected by "Trojan-Downloader.Win32.Agent.br" Virus. Action Taken: No Action Taken. Fri Apr 15 13:27:14 2005 => File C:\System Volume Information\\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP136\A0025108.dll infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken. Fri Apr 15 13:27:14 2005 => File C:\System Volume Information\\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP136\A0025109.dll infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken. Fri Apr 15 13:27:14 2005 => File C:\System Volume Information\\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP136\A0025111.dll infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken. Fri Apr 15 13:27:14 2005 => File C:\System Volume Information\\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP136\A0025112.dll infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken. Fri Apr 15 13:27:14 2005 => File C:\System Volume Information\\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP136\A0025113.dll infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken. Fri Apr 15 13:27:14 2005 => File C:\System Volume Information\\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP136\A0025114.dll infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken. Fri Apr 15 13:27:14 2005 => File C:\System Volume Information\\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP136\A0025116.dll infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken. Fri Apr 15 13:27:16 2005 => File C:\System Volume Information\\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP137\A0025126.dll infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken. Fri Apr 15 13:27:17 2005 => File C:\System Volume Information\\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP137\A0026130.dll infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken. Fri Apr 15 13:27:17 2005 => File C:\System Volume Information\\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP137\A0026134.dll infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken. Fri Apr 15 13:27:18 2005 => File C:\System Volume Information\\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP137\A0026140.sys infected by "Trojan.Win32.Delprot.a" Virus. Action Taken: No Action Taken. Fri Apr 15 13:27:18 2005 => File C:\System Volume Information\\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP137\A0026143.exe infected by "not-a-virus:AdWare.Zestyfind" Virus. Action Taken: No Action Taken. Fri Apr 15 13:27:18 2005 => File C:\System Volume Information\\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP137\A0026144.exe infected by "not-a-virus:AdWare.AdURL.c" Virus. Action Taken: No Action Taken. Fri Apr 15 13:27:18 2005 => File C:\System Volume Information\\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP137\A0026147.exe infected by "not-a-virus:AdWare.ToolBar.ISearch.d" Virus. Action Taken: No Action Taken. Fri Apr 15 13:27:19 2005 => File C:\System Volume Information\\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP137\A0026148.exe infected by "not-a-virus:AdWare.VirtualBouncer.c" Virus. Action Taken: No Action Taken. Fri Apr 15 13:27:19 2005 => File C:\System Volume Information\\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP137\A0026149.dll infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken. Fri Apr 15 13:27:19 2005 => File C:\System Volume Information\\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP137\A0026154.dll infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken. Fri Apr 15 13:27:19 2005 => File C:\System Volume Information\\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP137\A0026155.dll infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken. Fri Apr 15 13:27:20 2005 => File C:\System Volume Information\\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP137\A0026158.exe infected by "not-a-virus:AdWare.Zestyfind" Virus. Action Taken: No Action Taken. Fri Apr 15 13:27:20 2005 => File C:\System Volume Information\\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP137\A0026159.exe infected by "not-a-virus:AdWare.AdURL.c" Virus. Action Taken: No Action Taken. Fri Apr 15 13:27:20 2005 => File C:\System Volume Information\\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP137\A0026165.dll infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken. Fri Apr 15 13:27:23 2005 => File C:\System Volume Information\\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP138\A0026172.EXE infected by "not-a-virus:AdWare.VirtualBouncer.j" Virus. Action Taken: No Action Taken. Fri Apr 15 13:27:23 2005 => File C:\System Volume Information\\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP138\A0026173.EXE infected by "not-a-virus:AdWare.VirtualBouncer.j" Virus. Action Taken: No Action Taken. Fri Apr 15 13:27:24 2005 => File C:\System Volume Information\\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP138\A0026176.EXE infected by "not-a-virus:AdWare.VirtualBouncer" Virus. Action Taken: No Action Taken. Fri Apr 15 13:27:24 2005 => File C:\System Volume Information\\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP138\A0026177.exe infected by "not-a-virus:AdWare.VirtualBouncer.g" Virus. Action Taken: No Action Taken. Fri Apr 15 13:27:24 2005 => File C:\System Volume Information\\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP138\A0026179.dll infected by "not-a-virus:AdWare.VirtualBouncer.g" Virus. Action Taken: No Action Taken. Fri Apr 15 13:27:24 2005 => File C:\System Volume Information\\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP138\A0026180.dll infected by "not-a-virus:AdWare.VirtualBouncer.g" Virus. Action Taken: No Action Taken. Fri Apr 15 13:27:24 2005 => File C:\System Volume Information\\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP138\A0026181.dll infected by "not-a-virus:AdWare.VirtualBouncer.g" Virus. Action Taken: No Action Taken. Fri Apr 15 13:27:24 2005 => File C:\System Volume Information\\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP138\A0026182.dll infected by "not-a-virus:AdWare.VirtualBouncer.g" Virus. Action Taken: No Action Taken. Fri Apr 15 13:27:26 2005 => File C:\System Volume Information\\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP139\A0026187.exe infected by "not-a-virus:AdWare.VirtualBouncer.i" Virus. Action Taken: No Action Taken. Fri Apr 15 13:27:26 2005 => File C:\System Volume Information\\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP139\snapshot\MFEX-25.DAT infected by "not-a-virus:AdWare.VirtualBouncer.i" Virus. Action Taken: No Action Taken. Fri Apr 15 13:27:31 2005 => File C:\System Volume Information\\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP140\A0026213.dll infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken. Fri Apr 15 13:27:32 2005 => File C:\System Volume Information\\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP140\A0026218.dll infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken. Fri Apr 15 13:27:32 2005 => File C:\System Volume Information\\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP140\A0026223.dll infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken. Fri Apr 15 13:27:33 2005 => File C:\System Volume Information\\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP140\A0026228.dll infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken. Fri Apr 15 13:27:33 2005 => File C:\System Volume Information\\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP140\A0026233.dll infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken. Fri Apr 15 13:27:35 2005 => File C:\System Volume Information\\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP140\A0027253.exe infected by "Trojan.Win32.Agent.ay" Virus. Action Taken: No Action Taken. Fri Apr 15 13:27:35 2005 => File C:\System Volume Information\\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP140\A0027254.dll infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken. Fri Apr 15 13:27:41 2005 => File C:\System Volume Information\\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP141\A0027292.dll infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken. Fri Apr 15 13:27:41 2005 => File C:\System Volume Information\\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP141\A0027297.dll infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken. Fri Apr 15 13:27:41 2005 => File C:\System Volume Information\\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP141\A0027303.dll infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken. Fri Apr 15 13:27:42 2005 => File C:\System Volume Information\\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP141\A0027305.dll infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken. Fri Apr 15 13:27:42 2005 => File C:\System Volume Information\\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP141\A0027309.dll infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken. Fri Apr 15 13:27:42 2005 => File C:\System Volume Information\\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP141\A0027311.dll infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken. Fri Apr 15 13:27:42 2005 => File C:\System Volume Information\\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP141\A0027315.dll infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken. Fri Apr 15 13:27:47 2005 => File C:\System Volume Information\\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP143\A0027325.dll infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken. Fri Apr 15 13:27:47 2005 => File C:\System Volume Information\\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP143\A0027329.dll infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken. Fri Apr 15 13:27:47 2005 => File C:\System Volume Information\\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP143\A0027337.dll infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken. Fri Apr 15 13:27:48 2005 => File C:\System Volume Information\\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP143\A0027341.dll infected by "Trojan-Downloader.Win32.Agent.br" Virus. Action Taken: No Action Taken. Fri Apr 15 13:27:48 2005 => File C:\System Volume Information\\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP143\A0027345.dll infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken. Fri Apr 15 13:27:48 2005 => File C:\System Volume Information\\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP143\A0027351.dll infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken. Fri Apr 15 13:27:48 2005 => File C:\System Volume Information\\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP143\A0027353.dll infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken. Fri Apr 15 13:27:49 2005 => File C:\System Volume Information\\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP143\A0028356.dll infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken. Fri Apr 15 13:27:49 2005 => File C:\System Volume Information\\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP143\A0028360.dll infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken. Fri Apr 15 13:27:49 2005 => File C:\System Volume Information\\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP143\A0028361.exe tagged as not-a-virus:RiskWare.Tool.Processor.20. No Action Taken. Fri Apr 15 13:27:49 2005 => File C:\System Volume Information\\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP143\A0028368.dll infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken. Fri Apr 15 13:27:50 2005 => File C:\System Volume Information\\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP143\A0028372.dll infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken. Fri Apr 15 13:27:51 2005 => File C:\System Volume Information\\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP143\A0028392.exe tagged as not-a-virus:RiskWare.Tool.Processor.20. No Action Taken. Fri Apr 15 13:28:06 2005 => File C:\System Volume Information\\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP148\A0028463.dll infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken. Fri Apr 15 13:29:29 2005 => File C:\WINDOWS\Downloaded Program Files\DS3.dll infected by "Trojan-Downloader.Win32.Agent.jt" Virus. Action Taken: No Action Taken. Fri Apr 15 13:43:49 2005 => File C:\WINDOWS\icont.exe infected by "not-a-virus:AdWare.AdURL.c" Virus. Action Taken: No Action Taken. Fri Apr 15 13:45:12 2005 => File C:\WINDOWS\inst\3p_1n.exe infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken. Fri Apr 15 13:45:47 2005 => File C:\WINDOWS\LastGood\ceres.dll infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken. Fri Apr 15 13:47:58 2005 => File C:\WINDOWS\system\UpdInst.exe infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken. Fri Apr 15 13:48:04 2005 => File C:\WINDOWS\system32\alfsipc.dll infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken. Fri Apr 15 13:48:04 2005 => File C:\WINDOWS\system32\altiveds.dll infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken. Fri Apr 15 13:48:21 2005 => File C:\WINDOWS\system32\cdnfmsp.dll infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken. Fri Apr 15 13:48:58 2005 => File C:\WINDOWS\system32\djmrtp.dll infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken. Fri Apr 15 13:49:37 2005 => File C:\WINDOWS\system32\e002lado1d0c.dll infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken. Fri Apr 15 13:49:37 2005 => File C:\WINDOWS\system32\e8200ifme82a0.dll infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken. Fri Apr 15 13:49:42 2005 => File C:\WINDOWS\system32\fpl0033me.dll infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken. Fri Apr 15 13:49:44 2005 => File C:\WINDOWS\system32\h0n0la5m1d.dll infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken. Fri Apr 15 13:49:46 2005 => File C:\WINDOWS\system32\hosetup.dll infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken. Fri Apr 15 13:49:59 2005 => File C:\WINDOWS\system32\iwsecsvc.dll infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken. Fri Apr 15 13:50:12 2005 => File C:\WINDOWS\system32\lvlo0933e.dll infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken. Fri Apr 15 13:50:12 2005 => File C:\WINDOWS\system32\lzadperf.dll infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken. Fri Apr 15 13:50:20 2005 => File C:\WINDOWS\system32\mdrd2x40.dll infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken. Fri Apr 15 13:50:24 2005 => File C:\WINDOWS\system32\mnieftp.dll infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken. Fri Apr 15 13:50:48 2005 => File C:\WINDOWS\system32\n48o0el3ehq.dll infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken. Fri Apr 15 13:50:51 2005 => File C:\WINDOWS\system32\nnevtmsg.dll infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken. Fri Apr 15 13:50:56 2005 => File C:\WINDOWS\system32\o4480ehueh480.dll infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken. Fri Apr 15 13:51:18 2005 => File C:\WINDOWS\system32\Process.exe tagged as not-a-virus:RiskWare.Tool.Processor.20. No Action Taken. Fri Apr 15 13:51:21 2005 => File C:\WINDOWS\system32\qfery.dll infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken. Fri Apr 15 13:51:38 2005 => File C:\WINDOWS\system32\scrmdll.dll infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken. Fri Apr 15 13:51:43 2005 => File C:\WINDOWS\system32\sfoolss.dll infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken. Fri Apr 15 13:51:55 2005 => File C:\WINDOWS\system32\syrvdeps.dll infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken. Fri Apr 15 13:52:30 2005 => File C:\WINDOWS\system32\wjnipsec.dll infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken. Fri Apr 15 13:52:36 2005 => File C:\WINDOWS\system32\wri.dll infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken. Fri Apr 15 13:52:55 2005 => ***** Checking for specific ITW Viruses ***** Fri Apr 15 13:52:55 2005 => Checking for Welchia Virus... Fri Apr 15 13:52:55 2005 => Checking for LovGate Virus... Fri Apr 15 13:52:55 2005 => Checking for CodeRed Virus... Fri Apr 15 13:52:55 2005 => Checking for OpaServ Virus... Fri Apr 15 13:52:55 2005 => Checking for Sobig.e Virus... Fri Apr 15 13:52:55 2005 => Checking for Winupie Virus... Fri Apr 15 13:52:55 2005 => Checking for Swen Virus... Fri Apr 15 13:52:55 2005 => Checking for JS.Fortnight Virus... Fri Apr 15 13:52:55 2005 => Checking for Novarg Virus... Fri Apr 15 13:52:55 2005 => Checking for Pagabot Virus... Fri Apr 15 13:52:55 2005 => Checking for Parite.b Virus... Fri Apr 15 13:52:55 2005 => Checking for Parite.a Virus... Fri Apr 15 13:52:55 2005 => ***** Scanning complete. ***** Fri Apr 15 13:52:55 2005 => Total Objects Scanned: 42619 Fri Apr 15 13:52:55 2005 => Total Virus(es) Found: 187 Fri Apr 15 13:52:55 2005 => Total Disinfected Files: 0 Fri Apr 15 13:52:55 2005 => Total Files Renamed: 0 Fri Apr 15 13:52:55 2005 => Total Deleted Objects: 0 Fri Apr 15 13:52:55 2005 => Total Errors: 50 Fri Apr 15 13:52:55 2005 => Time Elapsed: 01:11:43 Fri Apr 15 13:52:55 2005 => Virus Database Date: 2005/04/13 Fri Apr 15 13:52:55 2005 => Virus Database Count: 125667 Fri Apr 15 13:52:55 2005 => Scan Completed.
Publicité
Pages : [1] 2 3 ... Fin
Page 1 sur 3 [Fin]

Vous devez être connecté pour participer à la discussion.
Cliquez ici pour vous identifier.

Vous n'avez pas de compte ? Créez-en un gratuitement !
Recevoir PC Astuces par e-mail


La Lettre quotidienne +226 000 inscrits
Avec l'actu, des logiciels, des applis, des astuces, des bons plans, ...

Les bonnes affaires
Une fois par semaine, un récap des meilleurs offres.

Les fonds d'écran
De jolies photos pour personnaliser votre bureau. Une fois par semaine.

Les nouveaux Bons Plans
Des notifications pour ne pas rater les bons plans publiés sur le site.

Les bons plans du moment PC Astuces

Tous les Bons Plans
149,99 €Smartphone 6.53 pouces Xiaomi Redmi Note 8 Pro (FHD+, 6Go/64Go) à 149,99 €
Valable jusqu'au 16 Juin

Cdiscount fait une promotion sur le smartphone 6.53 pouces Xiaomi Redmi Note 8 Pro qui passe à 149,99 € livré gratuitement au lieu de 200 €. Ce smartphone dispose d'un écran 6.53 pouces FHD+ (2340x1080 pixels), un processeur 8 coeurs Helio G90T, 6 Go de mémoire, de 64 Go d'espace de stockage extensible par microSD, d'un APN 64 +8 +2 + 2 MPixels et d'un APN 20 MP avant, du bluetooh, du Wifi, d'un lecteur d'empreintes digitales. Il est compatible avec les fréquences 2G, 3G et 4G. Le tout tourne sous Android 9 avec une surcouche Xiaomi. La batterie est de haute capacité 4500 mAh et est compatible charge rapide.


> Voir l'offre
60,99 €SSD PNY XLR8 CS3030 500 Go (NMVe M.2, 3500 Mo/s) à 60,99 €
Valable jusqu'au 15 Juin

Amazon fait une promotion sur le SSD PNY XLR8 CS3030 500 Go (NMVe M.2) qui passe à 60,99 € alors qu'on le trouve ailleurs à partir de 80 €. Ce SSD utilise une interface M.2 NVMe PCIe Gen3 x 4 pour une connexion simple et des performances exceptionnelles : jusqu’à 3500 Mo/s en lecture séquentielle et jusqu’à 2000 Mo/s en écriture séquentielle.

Le SSD est doté de la technologie 3D TLC NAND haute densité offrant une endurance d’écriture durable et assorti d’une garantie de cinq ans.


> Voir l'offre
14,89 €Clé USB Sandisk Ultra 64 Go à double connectique USB 3.1 Type A et C à 14,89 €
Valable jusqu'au 16 Juin

Amazon fait une promotion sur la clé USB Sandisk Ultra 64 Go à double connectique USB 3.1 Type A et C qui passe à 14,89 € alors qu'on la trouve ailleurs à plus de 25 €. Cette clé USB  dispose d'un connecteur réversible USB Type C et d'un connecteur classique de type A. Grâce à elle, transférez en toute simplicité et rapidement (jusqu'à 150 Mo/s) vos fichiers entre vos smartphones, tablettes et ordinateurs. 


> Voir l'offre

Sujets relatifs
Rapport hijackthis pour analyse svp (RESOLU)
Souhaite aide pour analyse rapport hijackthis
Aide pour rapport Hijackthis [non résolu]
Aide pour une analyse de rapport HijackThis
Aide pour analyse rapport HijackThis
RESOLU analyse rapport hijackthis
rapport hijackthis pour analyse svp
rapport ewido et HijackThis pour analyse, merci
Rapport Hijackthis pour faire suite [RESOLU]
analyse rapport hijackthis (résolu)
Plus de sujets relatifs à Rapport hijackthis pour analyse svp (RESOLU)
 > Tous les forums > Forum Sécurité