Connexion

Récupérer mon mot de passe

Qui est en ligne ?
Il y a en tout 0 utilisateur en ligne :: 0 Enregistré, 0 Invisible et 0 Invité :: 1 Moteur de recherche

Aucun

Le record du nombre d'utilisateurs en ligne est de 21 le Jeu 17 Oct 2013, 13:40
Derniers sujets
Flux RSS



Flag Counter
Partenaires

voila mon rapport

Voir le sujet précédent Voir le sujet suivant Aller en bas

Re: voila mon rapport

Message par Hackoo le Dim 23 Juin 2013, 03:03

Téléchargez sur le bureau Malwarebyte's Anti-Malware

  • => double-clic sur mbam-setup pour lancer l'installation
  • => Installer simplement sans rien modifier
  • => Faites les mises à jour (Clic sur "Mise à jour" puis "Recherche de mises à jour").
  • => si la mise à jour a échoué, la faire après execution du logiciel => onglet "Mise à jour"
  • => Quand le programme lancé ==> Cocher Exécuter un examen complet
  • => Clic Rechercher
  • => Eventuellement décocher les disques à ne pas analyser
  • => Clic Lancer l'examen
  • => En fin de scan ( 1h environ), si infection trouvée
  • => Clic Afficher résultat
  • => Fermer vos applications en cours
  • => Si MalwareByte's n'a rien détecté, cliquez sur OK Un rapport va apparaître fermez-le.
  • => Si MalwareByte's a détecté des infections, cliquez sur Afficher les résultats ensuite Vérifier si tout est coché et clic Supprimer la sélection.
  • => Note : Si MalwareByte's a besoin de redémarrer pour terminer la suppression, acceptez en cliquant sur "OK".
    un rapport s'ouvre le copier et le coller dans la réponse




et complétez le travail avec : AdwCleaner
AdwCleaner est un outil visant à supprimer :


  • Les adware (programmes publicitaires)
  • Les PUP/LPIs (programmes potentiellement indésirables)
  • Les toolbar (barres d'outil greffées au navigateur)
  • Les hijacker (détournement de la page de démarrage)


Adwcleaner dispose d'un mode recherche et d'un mode suppression.
Si vous avez fait le mode recherche il faut alors passer au mode Suppression
Après vous allez redémarrer le PC et un autre Rapport va être ouvert ; Alors vous pouvez poster ce dernier Rapport
Donc télécharge AdwCleaner ( d'Xplode ) sur ton bureau.


Puis exécutez ce vbscript ListProcessCmdLine.vbs pour afficher tous les processus en cours d'exécution et les éléments à démarrage automatique puis Poster le résultat généré par ce dernier dans la réponse aussi

* Pour restaurer les fichiers et les dossiers cachés et supprimer les raccourcis infectés , Utilisez ShortcutRemover
avatar
Hackoo
EQUIPE BBAT
EQUIPE BBAT

Mensagens : 135
Data de inscrição : 06/06/2013
Localização : Tunisie

Revenir en haut Aller en bas

RAPPORT MALAWARD BYTE

Message par FRED92G le Dim 23 Juin 2013, 10:46

Malwarebytes Anti-Malware (Essai) 1.75.0.1300
www.malwarebytes.org

Version de la base de données: v2013.06.22.07

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16618
fredport2 :: FREDPORT2-PC [administrateur]

Protection: Activé

23/06/2013 05:04:49
MBAM-log-2013-06-23 (12-44-08).txt

Type d'examen: Examen complet (C:\|D:\|E:\|H:\|)
Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM
Options d'examen désactivées: P2P
Elément(s) analysé(s): 659882
Temps écoulé: 3 heure(s), 18 minute(s), 38 seconde(s)

Processus mémoire détecté(s): 0
(Aucun élément nuisible détecté)

Module(s) mémoire détecté(s): 0
(Aucun élément nuisible détecté)

Clé(s) du Registre détectée(s): 1
HKCU\Software\VB and VBA Program Settings\SrvID (Malware.Trace) -> Aucune action effectuée.

Valeur(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)

Elément(s) de données du Registre détecté(s): 0
(Aucun élément nuisible détecté)

Dossier(s) détecté(s): 0
(Aucun élément nuisible détecté)

Fichier(s) détecté(s): 23
C:\Program Files\Adobe\Adobe After Effects CS6\Support Files\amtlib.dll (PUP.RiskwareTool.CK) -> Aucune action effectuée.
C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\AMTLib.dll (PUP.RiskwareTool.CK) -> Aucune action effectuée.
C:\Program Files\Adobe\Adobe Encore CS6\amtlib.dll (PUP.RiskwareTool.CK) -> Aucune action effectuée.
C:\Program Files\Adobe\Adobe Illustrator CS6 (64 Bit)\Support Files\Contents\Windows\amtlib.dll (PUP.RiskwareTool.CK) -> Aucune action effectuée.
C:\Program Files\Adobe\Adobe Media Encoder CS6\amtlib.dll (PUP.RiskwareTool.CK) -> Aucune action effectuée.
C:\Program Files\Adobe\Adobe Photoshop CS6 (64 Bit)\amtlib.dll (PUP.RiskwareTool.CK) -> Aucune action effectuée.
C:\Program Files\Adobe\Adobe Premiere Pro CS6\amtlib.dll (PUP.RiskwareTool.CK) -> Aucune action effectuée.
C:\Program Files\Adobe\Adobe SpeedGrade CS6\bin\amtlib.dll (PUP.RiskwareTool.CK) -> Aucune action effectuée.
C:\Program Files\VS Revo Group\Revo Uninstaller Pro\Revo.Uninstaller.Pro.2.x.x.Generic.Patch-JW.exe (RiskWare.Tool.CK) -> Aucune action effectuée.
C:\Program Files (x86)\Adobe\Adobe Audition CS6\amtlib.dll (PUP.RiskwareTool.CK) -> Aucune action effectuée.
C:\Program Files (x86)\Adobe\Adobe Bridge CS6\AMTLib.dll (PUP.RiskwareTool.CK) -> Aucune action effectuée.
C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS6\amtlib.dll (PUP.RiskwareTool.CK) -> Aucune action effectuée.
C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\amtlib.dll (PUP.RiskwareTool.CK) -> Aucune action effectuée.
C:\Program Files (x86)\Adobe\Adobe Fireworks CS6\amtlib.dll (PUP.RiskwareTool.CK) -> Aucune action effectuée.
C:\Program Files (x86)\Adobe\Adobe Flash CS6\amtlib.dll (PUP.RiskwareTool.CK) -> Aucune action effectuée.
C:\Program Files (x86)\Adobe\Adobe Illustrator CS6\Support Files\Contents\Windows\amtlib.dll (PUP.RiskwareTool.CK) -> Aucune action effectuée.
C:\Program Files (x86)\Adobe\Adobe InDesign CS6\amtlib.dll (PUP.RiskwareTool.CK) -> Aucune action effectuée.
C:\Program Files (x86)\Adobe\Adobe Photoshop CS6\amtlib.dll (PUP.RiskwareTool.CK) -> Aucune action effectuée.
C:\Program Files (x86)\Adobe\Adobe Prelude CS6\amtlib.dll (PUP.RiskwareTool.CK) -> Aucune action effectuée.
C:\Program Files (x86)\TuneUp Utilities 2013\Patch.exe (Riskware.Tool.CK) -> Aucune action effectuée.
C:\Users\fredport2\Desktop\lanceur.zip (Trojan.Agent) -> Aucune action effectuée.
C:\Users\fredport2\AppData\Roaming\data.dat (Stolen.Data) -> Aucune action effectuée.
C:\Users\fredport2\AppData\Roaming\taskmgr.exe (Trojan.Agent) -> Aucune action effectuée.

(fin)
avatar
FRED92G
EQUIPE BBAT
EQUIPE BBAT

Mensagens : 260
Data de inscrição : 04/06/2013
Idade : 30
Localização : FRANCE

Revenir en haut Aller en bas

RAPPORT MENAGE

Message par FRED92G le Dim 23 Juin 2013, 12:00

Malwarebytes Anti-Malware (Essai) 1.75.0.1300
www.malwarebytes.org

Version de la base de données: v2013.06.22.07

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16618
fredport2 :: FREDPORT2-PC [administrateur]

Protection: Activé

23/06/2013 05:04:49
mbam-log-2013-06-23 (05-04-49).txt

Type d'examen: Examen complet (C:\|D:\|E:\|H:\|)
Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM
Options d'examen désactivées: P2P
Elément(s) analysé(s): 659882
Temps écoulé: 3 heure(s), 18 minute(s), 38 seconde(s)

Processus mémoire détecté(s): 0
(Aucun élément nuisible détecté)

Module(s) mémoire détecté(s): 0
(Aucun élément nuisible détecté)

Clé(s) du Registre détectée(s): 1
HKCU\Software\VB and VBA Program Settings\SrvID (Malware.Trace) -> Mis en quarantaine et supprimé avec succès.

Valeur(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)

Elément(s) de données du Registre détecté(s): 0
(Aucun élément nuisible détecté)

Dossier(s) détecté(s): 0
(Aucun élément nuisible détecté)

Fichier(s) détecté(s): 23
C:\Users\fredport2\Desktop\lanceur.zip (Trojan.Agent) -> Aucune action effectuée.
C:\Program Files\Adobe\Adobe After Effects CS6\Support Files\amtlib.dll (PUP.RiskwareTool.CK) -> Mis en quarantaine et supprimé avec succès.
C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\AMTLib.dll (PUP.RiskwareTool.CK) -> Mis en quarantaine et supprimé avec succès.
C:\Program Files\Adobe\Adobe Encore CS6\amtlib.dll (PUP.RiskwareTool.CK) -> Mis en quarantaine et supprimé avec succès.
C:\Program Files\Adobe\Adobe Illustrator CS6 (64 Bit)\Support Files\Contents\Windows\amtlib.dll (PUP.RiskwareTool.CK) -> Mis en quarantaine et supprimé avec succès.
C:\Program Files\Adobe\Adobe Media Encoder CS6\amtlib.dll (PUP.RiskwareTool.CK) -> Mis en quarantaine et supprimé avec succès.
C:\Program Files\Adobe\Adobe Photoshop CS6 (64 Bit)\amtlib.dll (PUP.RiskwareTool.CK) -> Mis en quarantaine et supprimé avec succès.
C:\Program Files\Adobe\Adobe Premiere Pro CS6\amtlib.dll (PUP.RiskwareTool.CK) -> Mis en quarantaine et supprimé avec succès.
C:\Program Files\Adobe\Adobe SpeedGrade CS6\bin\amtlib.dll (PUP.RiskwareTool.CK) -> Mis en quarantaine et supprimé avec succès.
C:\Program Files\VS Revo Group\Revo Uninstaller Pro\Revo.Uninstaller.Pro.2.x.x.Generic.Patch-JW.exe (RiskWare.Tool.CK) -> Mis en quarantaine et supprimé avec succès.
C:\Program Files (x86)\Adobe\Adobe Audition CS6\amtlib.dll (PUP.RiskwareTool.CK) -> Mis en quarantaine et supprimé avec succès.
C:\Program Files (x86)\Adobe\Adobe Bridge CS6\AMTLib.dll (PUP.RiskwareTool.CK) -> Mis en quarantaine et supprimé avec succès.
C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS6\amtlib.dll (PUP.RiskwareTool.CK) -> Mis en quarantaine et supprimé avec succès.
C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\amtlib.dll (PUP.RiskwareTool.CK) -> Mis en quarantaine et supprimé avec succès.
C:\Program Files (x86)\Adobe\Adobe Fireworks CS6\amtlib.dll (PUP.RiskwareTool.CK) -> Mis en quarantaine et supprimé avec succès.
C:\Program Files (x86)\Adobe\Adobe Flash CS6\amtlib.dll (PUP.RiskwareTool.CK) -> Mis en quarantaine et supprimé avec succès.
C:\Program Files (x86)\Adobe\Adobe Illustrator CS6\Support Files\Contents\Windows\amtlib.dll (PUP.RiskwareTool.CK) -> Mis en quarantaine et supprimé avec succès.
C:\Program Files (x86)\Adobe\Adobe InDesign CS6\amtlib.dll (PUP.RiskwareTool.CK) -> Mis en quarantaine et supprimé avec succès.
C:\Program Files (x86)\Adobe\Adobe Photoshop CS6\amtlib.dll (PUP.RiskwareTool.CK) -> Mis en quarantaine et supprimé avec succès.
C:\Program Files (x86)\Adobe\Adobe Prelude CS6\amtlib.dll (PUP.RiskwareTool.CK) -> Mis en quarantaine et supprimé avec succès.
C:\Program Files (x86)\TuneUp Utilities 2013\Patch.exe (Riskware.Tool.CK) -> Mis en quarantaine et supprimé avec succès.
C:\Users\fredport2\AppData\Roaming\data.dat (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\fredport2\AppData\Roaming\taskmgr.exe (Trojan.Agent) -> Mis en quarantaine et supprimé avec succès.

(fin)
avatar
FRED92G
EQUIPE BBAT
EQUIPE BBAT

Mensagens : 260
Data de inscrição : 04/06/2013
Idade : 30
Localização : FRANCE

Revenir en haut Aller en bas

Re: voila mon rapport

Message par Hackoo le Dim 23 Juin 2013, 12:01

Salut Fred Very Happy
Allez-y envoie moi maintenant le rapport de Nettoyage
avatar
Hackoo
EQUIPE BBAT
EQUIPE BBAT

Mensagens : 135
Data de inscrição : 06/06/2013
Localização : Tunisie

Revenir en haut Aller en bas

Re: voila mon rapport

Message par FRED92G le Dim 23 Juin 2013, 12:01

JE LES POSTE DEJA
avatar
FRED92G
EQUIPE BBAT
EQUIPE BBAT

Mensagens : 260
Data de inscrição : 04/06/2013
Idade : 30
Localização : FRANCE

Revenir en haut Aller en bas

Re: voila mon rapport

Message par Hackoo le Dim 23 Juin 2013, 12:16

* Télécharger sur le bureau RogueKiller (par tigzy)
* Quitter tous les programmes en cours
* Lancer RogueKiller.exe puis postez son Rapport.
avatar
Hackoo
EQUIPE BBAT
EQUIPE BBAT

Mensagens : 135
Data de inscrição : 06/06/2013
Localização : Tunisie

Revenir en haut Aller en bas

Re: voila mon rapport

Message par FRED92G le Dim 23 Juin 2013, 12:20

sa va pas il conporte des tool barre et oblige de les installer
avatar
FRED92G
EQUIPE BBAT
EQUIPE BBAT

Mensagens : 260
Data de inscrição : 04/06/2013
Idade : 30
Localização : FRANCE

Revenir en haut Aller en bas

RAPPORT SPYBOT

Message par FRED92G le Dim 23 Juin 2013, 14:05

Search results from Spybot - Search & Destroy

23/06/2013 16:04:46
Scan took 01:11:42.
146 items found.

Delta.Toolbar: [SBI $04AEAE14] User settings (Registry Value, nothing done)
  HKEY_USERS\S-1-5-21-3111875592-3429259203-584709264-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\bProtectNewTabPageShow

Delta.Toolbar: [SBI $0760E887] User settings (Registry Value, nothing done)
  HKEY_USERS\S-1-5-21-3111875592-3429259203-584709264-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\bProtectShowTabsWelcome

Banyan.eSafe: [SBI $5CB84A12] Settings (Registry Key, nothing done)
  HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Eventlog\Application\eSafeSvc

Banyan.eSafe: [SBI $5CB84A12] Settings (Registry Key, nothing done)
  HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Eventlog\Application\eSafeSvc

Banyan.eSafe: [SBI $22C002B4] Settings (Registry Key, nothing done)
  HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\eSafeSvc

Banyan.eSafe: [SBI $22C002B4] Settings (Registry Key, nothing done)
  HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\eSafeSvc

Barowwsoe2Save: [SBI $092123B5] Settings (Registry Key, nothing done)
  HKEY_CLASSES_ROOT\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}

Elex.Desk365: [SBI $C8478A32] Settings (Registry Key, nothing done)
  HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Eventlog\Application\desksvc

Elex.Desk365: [SBI $C8478A32] Settings (Registry Key, nothing done)
  HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Eventlog\Application\desksvc

Elex.Desk365: [SBI $1BFEF581] Settings (Registry Key, nothing done)
  HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\desksvc

Elex.Desk365: [SBI $1BFEF581] Settings (Registry Key, nothing done)
  HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\desksvc

Systweak.RegCleanPro: [SBI $CFF9A7A2] Settings (Registry Key, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Systweak

Facebook.Messenger: [SBI $63375265] User settings (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-3111875592-3429259203-584709264-1000\Software\Classes\CLSID\{1FD1FE74-9E3C-4C1C-AEEB-AAB592AD770F}

Facebook.Messenger: [SBI $9191B288] User settings (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-3111875592-3429259203-584709264-1000\Software\Classes\CLSID\{5E71E4F3-E8C7-4906-9626-973E418762B6}

Facebook.Messenger: [SBI $6D1029B1] User settings (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-3111875592-3429259203-584709264-1000\Software\Classes\FacebookUpdate.OnDemandCOMClassUser

Facebook.Messenger: [SBI $7F45EA00] User settings (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-3111875592-3429259203-584709264-1000\Software\Classes\FacebookUpdate.OnDemandCOMClassUser.1.0

Facebook.Messenger: [SBI $59117437] User settings (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-3111875592-3429259203-584709264-1000\Software\Facebook

Facebook.Messenger: [SBI $62F77180] Settings (Registry Key, nothing done)
  HKEY_CLASSES_ROOT\CLSID\{1FD1FE74-9E3C-4C1C-AEEB-AAB592AD770F}

Facebook.Messenger: [SBI $9051916D] Settings (Registry Key, nothing done)
  HKEY_CLASSES_ROOT\CLSID\{5E71E4F3-E8C7-4906-9626-973E418762B6}

Facebook.Messenger: [SBI $573FFD1B] Settings (Registry Key, nothing done)
  HKEY_CLASSES_ROOT\Interface\{132885F2-8DE9-40F2-BEAE-1B31FDBAB159}

Facebook.Messenger: [SBI $BAA66334] Settings (Registry Key, nothing done)
  HKEY_CLASSES_ROOT\Interface\{3B692A7D-330E-4388-A955-724500AC0BC5}

Facebook.Messenger: [SBI $C061D222] Settings (Registry Key, nothing done)
  HKEY_CLASSES_ROOT\Interface\{649D9E01-9847-4EE9-9145-2CB4BC8298D0}

Facebook.Messenger: [SBI $6B188C64] Settings (Registry Key, nothing done)
  HKEY_CLASSES_ROOT\Interface\{71692661-DCBA-484A-BD41-A39404532B52}

Facebook.Messenger: [SBI $D849531E] Settings (Registry Key, nothing done)
  HKEY_CLASSES_ROOT\Interface\{B72C7377-0AA5-4F52-BDA2-85C4D1DB930E}

Facebook.Messenger: [SBI $06D47759] Settings (Registry Key, nothing done)
  HKEY_CLASSES_ROOT\Interface\{D0843545-5E7C-4C6D-B4E2-05948F759440}

Facebook.Messenger: [SBI $917BFFAB] Program directory (Directory, nothing done)
  C:\Users\fredport2\AppData\Local\Facebook\

Facebook.Messenger: [SBI $21F6393C] Program directory (Directory, nothing done)
  C:\Users\fredport2\AppData\Local\Facebook\CrashReports\

Facebook.Messenger: [SBI $05D5B32B] Program directory (Directory, nothing done)
  C:\Users\fredport2\AppData\Local\Facebook\Update\

Facebook.Messenger: [SBI $CC858234] Program directory (Directory, nothing done)
  C:\Users\fredport2\AppData\Local\Facebook\Update\Download\

Facebook.Messenger: [SBI $EA825272] Program directory (Directory, nothing done)
  C:\Users\fredport2\AppData\Local\Facebook\Update\Manifest\

Facebook.Messenger: [SBI $EB8149C2] Program directory (Directory, nothing done)
  C:\Users\fredport2\AppData\Local\Facebook\Update\Manifest\Initial\

JDownloader: [SBI $01C58A36] Program directory (Directory, nothing done)
  C:\Program Files (x86)\JDownloader\

JDownloader: [SBI $021B6BA9] Root class (Registry Key, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Classes\JDownloaderPortable

JDownloader: [SBI $021B6BA9] Root class (Registry Key, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Classes\JDownloaderPortable

JDownloader: [SBI $F4C53DAC] Root class (Registry Key, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Classes\JDownloaderPortable 1

JDownloader: [SBI $F4C53DAC] Root class (Registry Key, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Classes\JDownloaderPortable 1

JDownloader: [SBI $DFE86E6F] Root class (Registry Key, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Classes\JDownloaderPortable 2

JDownloader: [SBI $DFE86E6F] Root class (Registry Key, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Classes\JDownloaderPortable 2

JDownloader: [SBI $C6F35F2E] Root class (Registry Key, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Classes\JDownloaderPortable 3

JDownloader: [SBI $C6F35F2E] Root class (Registry Key, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Classes\JDownloaderPortable 3

JDownloader: [SBI $89B2C9E9] Root class (Registry Key, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Classes\JDownloaderPortable 4

JDownloader: [SBI $89B2C9E9] Root class (Registry Key, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Classes\JDownloaderPortable 4

SweetIM: [SBI $51CF2A45] Settings (Registry Value, nothing done)
  HKEY_USERS\S-1-5-21-3111875592-3429259203-584709264-1000\Software\SweetIM\simapp_id

SweetIM: [SBI $D5391F78] Settings (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-3111875592-3429259203-584709264-1000\Software\SweetIM

SweetIM: [SBI $3C0145EF] Settings (Registry Value, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\SweetIM\simapp_id

SweetIM: [SBI $CA2339F3] Settings (Registry Key, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\SweetIM

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\fredport2\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\KX5VZ7ZN\assets.tp-cdn.com\dealspot.sol
  Properties.size=0
  Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\fredport2\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\KX5VZ7ZN\cdn4.telemetryverification.net\dbg.sol
  Properties.size=0
  Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\fredport2\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\KX5VZ7ZN\cdn4.telemetryverification.net\mb.sol
  Properties.size=0
  Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\fredport2\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\KX5VZ7ZN\s.nsdsvc.com\dropdowndeals.sol
  Properties.size=0
  Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\fredport2\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\KX5VZ7ZN\static.anonymousdmp.com\pus.sol
  Properties.size=0
  Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\fredport2\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\KX5VZ7ZN\zcache.zgncdn.com\farm2-1.sol
  Properties.size=0
  Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Generic: [SBI $8E73A7FB] Interface (IspCommand) (Registry Key, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{FC856072-9CC4-4B33-8EBA-F62224A62A59}

DoubleClick: [SBI $8E73A7FB] Tracking cookie (Internet Explorer (Utilisateur): fredport2) (Browser: Cookie, nothing done)
  

DoubleClick: [SBI $8E73A7FB] Tracking cookie (Firefox: fredport2 (default-1354151854376)) (Browser: Cookie, nothing done)
  

CasaleMedia: [SBI $8E73A7FB] Tracking cookie (Firefox: fredport2 (default-1354151854376)) (Browser: Cookie, nothing done)
  

CasaleMedia: [SBI $8E73A7FB] Tracking cookie (Firefox: fredport2 (default-1354151854376)) (Browser: Cookie, nothing done)
  

CasaleMedia: [SBI $8E73A7FB] Tracking cookie (Firefox: fredport2 (default-1354151854376)) (Browser: Cookie, nothing done)
  

CasaleMedia: [SBI $8E73A7FB] Tracking cookie (Firefox: fredport2 (default-1354151854376)) (Browser: Cookie, nothing done)
  

CasaleMedia: [SBI $8E73A7FB] Tracking cookie (Firefox: fredport2 (default-1354151854376)) (Browser: Cookie, nothing done)
  

MediaPlex: [SBI $8E73A7FB] Tracking cookie (Firefox: fredport2 (default-1354151854376)) (Browser: Cookie, nothing done)
  

MediaPlex: [SBI $8E73A7FB] Tracking cookie (Firefox: fredport2 (default-1354151854376)) (Browser: Cookie, nothing done)
  

MediaPlex: [SBI $8E73A7FB] Tracking cookie (Firefox: fredport2 (default-1354151854376)) (Browser: Cookie, nothing done)
  

Tradedoubler: [SBI $8E73A7FB] Tracking cookie (Firefox: fredport2 (default-1354151854376)) (Browser: Cookie, nothing done)
  

Tradedoubler: [SBI $8E73A7FB] Tracking cookie (Firefox: fredport2 (default-1354151854376)) (Browser: Cookie, nothing done)
  

Tradedoubler: [SBI $8E73A7FB] Tracking cookie (Firefox: fredport2 (default-1354151854376)) (Browser: Cookie, nothing done)
  

Tradedoubler: [SBI $8E73A7FB] Tracking cookie (Firefox: fredport2 (default-1354151854376)) (Browser: Cookie, nothing done)
  

DoubleClick: [SBI $8E73A7FB] Tracking cookie (Google Chrome: Default) (Browser: Cookie, nothing done)
  

BurstMedia: [SBI $8E73A7FB] Tracking cookie (Google Chrome: Default) (Browser: Cookie, nothing done)
  

MediaPlex: [SBI $8E73A7FB] Tracking cookie (Google Chrome: Default) (Browser: Cookie, nothing done)
  

MediaPlex: [SBI $8E73A7FB] Tracking cookie (Google Chrome: Default) (Browser: Cookie, nothing done)
  

MediaPlex: [SBI $8E73A7FB] Tracking cookie (Google Chrome: Default) (Browser: Cookie, nothing done)
  

MediaPlex: [SBI $8E73A7FB] Tracking cookie (Google Chrome: Default) (Browser: Cookie, nothing done)
  

Zedo: [SBI $8E73A7FB] Tracking cookie (Google Chrome: Default) (Browser: Cookie, nothing done)
  

Zedo: [SBI $8E73A7FB] Tracking cookie (Google Chrome: Default) (Browser: Cookie, nothing done)
  

Zedo: [SBI $8E73A7FB] Tracking cookie (Google Chrome: Default) (Browser: Cookie, nothing done)
  

Zedo: [SBI $8E73A7FB] Tracking cookie (Google Chrome: Default) (Browser: Cookie, nothing done)
  

Zedo: [SBI $8E73A7FB] Tracking cookie (Google Chrome: Default) (Browser: Cookie, nothing done)
  

CasaleMedia: [SBI $8E73A7FB] Tracking cookie (Google Chrome: Default) (Browser: Cookie, nothing done)
  

CasaleMedia: [SBI $8E73A7FB] Tracking cookie (Google Chrome: Default) (Browser: Cookie, nothing done)
  

CasaleMedia: [SBI $8E73A7FB] Tracking cookie (Google Chrome: Default) (Browser: Cookie, nothing done)
  

CasaleMedia: [SBI $8E73A7FB] Tracking cookie (Google Chrome: Default) (Browser: Cookie, nothing done)
  

CasaleMedia: [SBI $8E73A7FB] Tracking cookie (Google Chrome: Default) (Browser: Cookie, nothing done)
  

CasaleMedia: [SBI $8E73A7FB] Tracking cookie (Google Chrome: Default) (Browser: Cookie, nothing done)
  

CasaleMedia: [SBI $8E73A7FB] Tracking cookie (Google Chrome: Default) (Browser: Cookie, nothing done)
  

BurstMedia: [SBI $8E73A7FB] Tracking cookie (Google Chrome: Default) (Browser: Cookie, nothing done)
  

BurstMedia: [SBI $8E73A7FB] Tracking cookie (Google Chrome: Default) (Browser: Cookie, nothing done)
  

MediaPlex: [SBI $8E73A7FB] Tracking cookie (Google Chrome: Default) (Browser: Cookie, nothing done)
  

DoubleClick: [SBI $8E73A7FB] Tracking cookie (Google Chrome: Default) (Browser: Cookie, nothing done)
  

Statcounter: [SBI $8E73A7FB] Tracking cookie (Google Chrome: Default) (Browser: Cookie, nothing done)
  

Tradedoubler: [SBI $8E73A7FB] Tracking cookie (Google Chrome: Default) (Browser: Cookie, nothing done)
  

Tradedoubler: [SBI $8E73A7FB] Tracking cookie (Google Chrome: Default) (Browser: Cookie, nothing done)
  

FastClick: [SBI $8E73A7FB] Tracking cookie (Google Chrome: Default) (Browser: Cookie, nothing done)
  

Tradedoubler: [SBI $8E73A7FB] Tracking cookie (Google Chrome: Default) (Browser: Cookie, nothing done)
  

Tradedoubler: [SBI $8E73A7FB] Tracking cookie (Google Chrome: Default) (Browser: Cookie, nothing done)
  

Tradedoubler: [SBI $8E73A7FB] Tracking cookie (Google Chrome: Default) (Browser: Cookie, nothing done)
  

Tradedoubler: [SBI $8E73A7FB] Tracking cookie (Google Chrome: Default) (Browser: Cookie, nothing done)
  

7-Zip: [SBI $12C3A52C] Folder history (Registry Value, nothing done)
  HKEY_USERS\S-1-5-21-3111875592-3429259203-584709264-1000\Software\7-ZIP\FM\FolderHistory

Gabest Media Player Classic: [SBI $E81D76E1] Last captured file (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-3111875592-3429259203-584709264-1000\Software\Gabest\Media Player Classic\Capture\FileName

Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
  HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-3111875592-3429259203-584709264-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
  HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

MS Management Console: [SBI $ECD50EAD] Recent command list (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-3111875592-3429259203-584709264-1000\Software\Microsoft\Microsoft Management Console\Recent File List

MS Media Player: [SBI $735D57D7] Recent open directory (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-3111875592-3429259203-584709264-1000\Software\Microsoft\MediaPlayer\Player\Settings\OpenDir

MS Direct3D: [SBI $7FB7B83F] Most recent application (Registry Change, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Direct3D\MostRecentApplication\Name

MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
  HKEY_USERS\.DEFAULT\Software\Microsoft\Direct3D\MostRecentApplication\Name

MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-3111875592-3429259203-584709264-1000\Software\Microsoft\Direct3D\MostRecentApplication\Name

MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
  HKEY_USERS\S-1-5-18\Software\Microsoft\Direct3D\MostRecentApplication\Name

MS DirectDraw: [SBI $EB49D5AF] Most recent application (Registry Change, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\Name

MS DirectDraw: [SBI $EB49D5AF] Most recent application (Registry Change, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\Name

MS DirectInput: [SBI $9A063C91] Most recent application (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-3111875592-3429259203-584709264-1000\Software\Microsoft\DirectInput\MostRecentApplication\Name

MS DirectInput: [SBI $7B184199] Most recent application ID (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-3111875592-3429259203-584709264-1000\Software\Microsoft\DirectInput\MostRecentApplication\Id

MS Paint: [SBI $07867C39] Recent file list (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-3111875592-3429259203-584709264-1000\Software\Microsoft\Windows\CurrentVersion\Applets\Paint\Recent File List

MS Regedit: [SBI $C3B62FC1] Recent open key (Registry Change, nothing done)
  HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Applets\Regedit\LastKey

MS Regedit: [SBI $C3B62FC1] Recent open key (Registry Change, nothing done)
  HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Applets\Regedit\LastKey

MS Search Assistant: [SBI $AE0C4647] Typed search terms history (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-3111875592-3429259203-584709264-1000\Software\Microsoft\Search Assistant\ACMru

Windows: [SBI $1E4E2003] Drivers installation paths (Registry Change, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Installation Sources

Windows: [SBI $1E4E2003] Drivers installation paths (Registry Change, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Installation Sources

Windows.OpenWith: [SBI $787DC1A1] Open with list - .001 extension (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-3111875592-3429259203-584709264-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.001\OpenWithList

Windows.OpenWith: [SBI $F7204896] Open with list - .AVI extension (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-3111875592-3429259203-584709264-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.AVI\OpenWithList

Windows.OpenWith: [SBI $C8454735] Open with list - .BIF extension (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-3111875592-3429259203-584709264-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BIF\OpenWithList

Windows.OpenWith: [SBI $691C1B44] Open with list - .BIN extension (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-3111875592-3429259203-584709264-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BIN\OpenWithList

Windows.OpenWith: [SBI $A1C94E79] Open with list - .BMP extension (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-3111875592-3429259203-584709264-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BMP\OpenWithList

Windows.OpenWith: [SBI $3A7F8A99] Open with list - .BZ2 extension (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-3111875592-3429259203-584709264-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BZ2\OpenWithList

Windows.OpenWith: [SBI $63036C95] Open with list - .CAB extension (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-3111875592-3429259203-584709264-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CAB\OpenWithList

Windows.OpenWith: [SBI $99432203] Open with list - .CFG extension (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-3111875592-3429259203-584709264-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CFG\OpenWithList

Windows.OpenWith: [SBI $06671386] Open with list - .CIL extension (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-3111875592-3429259203-584709264-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CIL\OpenWithList

Windows.OpenWith: [SBI $7E93AD81] Open with list - .CSS extension (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-3111875592-3429259203-584709264-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CSS\OpenWithList

Windows.OpenWith: [SBI $ECC28BDF] Open with list - .CSV extension (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-3111875592-3429259203-584709264-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CSV\OpenWithList

Windows Explorer: [SBI $A2C7B3CD] Recent wallpaper list (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-3111875592-3429259203-584709264-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Wallpaper\MRU

Windows Explorer: [SBI $AA0766B5] Stream history (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-3111875592-3429259203-584709264-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\StreamMRU

Windows Explorer: [SBI $D20DA0AD] Recent file global history (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-3111875592-3429259203-584709264-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs

Windows Media SDK: [SBI $37AAEDE6] Computer name (Registry Change, nothing done)
  HKEY_USERS\.DEFAULT\Software\Microsoft\Windows Media\WMSDK\General\ComputerName

Windows Media SDK: [SBI $37AAEDE6] Computer name (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-3111875592-3429259203-584709264-1000\Software\Microsoft\Windows Media\WMSDK\General\ComputerName

Windows Media SDK: [SBI $37AAEDE6] Computer name (Registry Change, nothing done)
  HKEY_USERS\S-1-5-18\Software\Microsoft\Windows Media\WMSDK\General\ComputerName

Windows Media SDK: [SBI $CAA58B6E] Unique ID (Registry Change, nothing done)
  HKEY_USERS\.DEFAULT\Software\Microsoft\Windows Media\WMSDK\General\UniqueID

Windows Media SDK: [SBI $CAA58B6E] Unique ID (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-3111875592-3429259203-584709264-1000\Software\Microsoft\Windows Media\WMSDK\General\UniqueID

Windows Media SDK: [SBI $CAA58B6E] Unique ID (Registry Change, nothing done)
  HKEY_USERS\S-1-5-18\Software\Microsoft\Windows Media\WMSDK\General\UniqueID

Windows Media SDK: [SBI $BACCD0DA] Volume serial number (Registry Value, nothing done)
  HKEY_USERS\.DEFAULT\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber

Windows Media SDK: [SBI $BACCD0DA] Volume serial number (Registry Value, nothing done)
  HKEY_USERS\S-1-5-21-3111875592-3429259203-584709264-1000\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber

Windows Media SDK: [SBI $BACCD0DA] Volume serial number (Registry Value, nothing done)
  HKEY_USERS\S-1-5-18\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber

Cookie: [SBI $49804B54] Browser: Cookie (9) (Browser: Cookie, nothing done)
  

Cache: [SBI $49804B54] Browser: Cache (2070) (Browser: Cache, nothing done)
  

Historique: [SBI $49804B54] Browser: History (42) (Browser: History, nothing done)
  

Cookie: [SBI $49804B54] Browser: Cookie (338) (Browser: Cookie, nothing done)
  

Cookie: [SBI $49804B54] Browser: Cookie (2342) (Browser: Cookie, nothing done)
  


--- Spybot - Search & Destroy version: 2.1.18.131  DLL (build: 20130516) ---

2013-05-16 blindman.exe (2.1.18.151)
2013-05-16 explorer.exe (2.1.18.177)
2013-05-16 SDBootCD.exe (2.1.18.109)
2013-05-16 SDCleaner.exe (2.1.18.110)
2013-05-16 SDDelFile.exe (2.1.18.94)
2013-06-18 SDDisableProxy.exe
2013-05-16 SDFiles.exe (2.1.18.135)
2013-03-20 SDFileScanHelper.exe (2.1.16.1)
2013-05-16 SDFSSvc.exe (2.1.18.208)
2013-05-16 SDHookHelper.exe (2.1.18.2)
2013-05-16 SDHookInst32.exe (2.1.18.2)
2013-05-16 SDHookInst64.exe (2.1.18.2)
2013-05-16 SDImmunize.exe (2.1.18.130)
2013-05-16 SDLogReport.exe (2.1.18.107)
2013-05-16 SDOnAccess.exe (2.1.18.4)
2013-05-16 SDPESetup.exe (2.1.18.3)
2013-05-16 SDPEStart.exe (2.1.18.86)
2013-05-16 SDPhoneScan.exe (2.1.18.28)
2013-05-16 SDPRE.exe (2.1.18.22)
2013-05-16 SDPrepPos.exe (2.1.18.10)
2013-05-16 SDQuarantine.exe (2.1.18.103)
2013-05-16 SDRootAlyzer.exe (2.1.18.116)
2013-05-16 SDSBIEdit.exe (2.1.18.39)
2013-05-16 SDScan.exe (2.1.18.177)
2013-05-16 SDScript.exe (2.1.18.53)
2013-05-16 SDSettings.exe (2.1.18.136)
2013-05-16 SDShell.exe (2.1.18.2)
2013-05-16 SDShred.exe (2.1.18.107)
2013-05-16 SDSysRepair.exe (2.1.18.101)
2013-05-16 SDTools.exe (2.1.18.150)
2013-05-16 SDTray.exe (2.1.18.127)
2013-05-16 SDUpdate.exe (2.1.18.91)
2013-05-16 SDUpdSvc.exe (2.1.18.76)
2013-05-16 SDWelcome.exe (2.1.18.129)
2013-05-15 SDWSCSvc.exe (2.1.18.2)
2013-06-19 spybotsd2-translation-frx.exe
2013-06-23 unins000.exe (51.1052.0.0)
1999-12-02 xcacls.exe
2012-08-23 borlndmm.dll (10.0.2288.42451)
2012-09-05 DelZip190.dll (1.9.0.107)
2012-09-10 libeay32.dll (1.0.0.4)
2012-09-10 libssl32.dll (1.0.0.4)
2013-05-16 SDAdvancedCheckLibrary.dll (2.1.18.98)
2013-05-16 SDAV.dll
2013-05-16 SDECon32.dll (2.1.18.113)
2013-05-16 SDECon64.dll (2.1.18.113)
2013-04-05 SDEvents.dll (2.1.16.2)
2013-05-16 SDFileScanLibrary.dll (2.1.18.12)
2013-05-16 SDHook32.dll (2.1.18.2)
2013-05-16 SDHook64.dll (2.1.18.2)
2013-05-16 SDImmunizeLibrary.dll (2.1.18.2)
2013-05-16 SDLicense.dll (2.1.18.0)
2013-05-16 SDLists.dll (2.1.18.4)
2013-05-16 SDResources.dll (2.1.18.7)
2013-05-16 SDScanLibrary.dll (2.1.18.131)
2013-05-16 SDTasks.dll (2.1.18.15)
2013-05-16 SDWinLogon.dll (2.1.18.0)
2012-08-23 sqlite3.dll
2012-09-10 ssleay32.dll (1.0.0.4)
2013-05-16 Tools.dll (2.1.18.36)
2012-12-18 Includes\Adware.sbi (*)
2013-06-19 Includes\AdwareC.sbi (*)
2010-08-13 Includes\Cookies.sbi (*)
2012-11-14 Includes\Dialer.sbi (*)
2012-11-14 Includes\DialerC.sbi (*)
2012-11-14 Includes\HeavyDuty.sbi (*)
2012-11-14 Includes\Hijackers.sbi (*)
2012-11-14 Includes\HijackersC.sbi (*)
2012-11-14 Includes\iPhone.sbi (*)
2012-11-14 Includes\Keyloggers.sbi (*)
2012-12-18 Includes\KeyloggersC.sbi (*)
2013-05-29 Includes\Malware.sbi (*)
2013-06-19 Includes\MalwareC.sbi (*)
2012-11-14 Includes\PUPS.sbi (*)
2013-06-19 Includes\PUPSC.sbi (*)
2012-11-14 Includes\Security.sbi (*)
2012-11-14 Includes\SecurityC.sbi (*)
2013-05-22 Includes\Spyware.sbi (*)
2013-06-19 Includes\SpywareC.sbi (*)
2011-06-07 Includes\Tracks.sbi (*)
2012-11-19 Includes\Tracks.uti (*)
2013-01-16 Includes\Trojans.sbi (*)
2013-05-13 Includes\TrojansC-02.sbi (*)
2013-06-19 Includes\TrojansC-03.sbi (*)
2013-03-14 Includes\TrojansC-04.sbi (*)
2013-05-08 Includes\TrojansC-05.sbi (*)
2013-04-19 Includes\TrojansC.sbi (*)
avatar
FRED92G
EQUIPE BBAT
EQUIPE BBAT

Mensagens : 260
Data de inscrição : 04/06/2013
Idade : 30
Localização : FRANCE

Revenir en haut Aller en bas

RAPPORT ROCKILLER

Message par FRED92G le Dim 23 Juin 2013, 14:12

RogueKiller V8.6.1 [Jun 19 2013] par Tigzy
mail : tigzyRKgmailcom
Remontees : http://www.sur-la-toile.com/discussion-193725-1--RogueKiller-Remontees.html
Site Web : http://www.sur-la-toile.com/RogueKiller/
Blog : http://tigzyrk.blogspot.com/

Systeme d'exploitation : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Demarrage : Mode normal
Utilisateur : fredport2 [Droits d'admin]
Mode : Recherche -- Date : 06/23/2013 16:10:56
| ARK || FAK || MBR |

¤¤¤ Processus malicieux : 0 ¤¤¤

¤¤¤ Entrees de registre : 11 ¤¤¤
[PROXY IE] HKCU\[...]\Internet Settings : ProxyServer (localhost:21320) -> TROUVÉ
[PROXY IE] HKCU\[...]\Internet Settings : ProxyEnable (1) -> TROUVÉ
[DNS] HKLM\[...]\CCSet\[...]\{24744E69-BF3C-4F8C-BE81-9B815CC356FA} : NameServer (8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1) -> TROUVÉ
[DNS] HKLM\[...]\CCSet\[...]\{7EC729B1-B621-4B70-8C47-6FECD3F516E6} : NameServer (8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1) -> TROUVÉ
[DNS] HKLM\[...]\CS001\[...]\{24744E69-BF3C-4F8C-BE81-9B815CC356FA} : NameServer (8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1) -> TROUVÉ
[DNS] HKLM\[...]\CS001\[...]\{7EC729B1-B621-4B70-8C47-6FECD3F516E6} : NameServer (8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1) -> TROUVÉ
[DNS] HKLM\[...]\CS002\[...]\{24744E69-BF3C-4F8C-BE81-9B815CC356FA} : NameServer (8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1) -> TROUVÉ
[DNS] HKLM\[...]\CS002\[...]\{7EC729B1-B621-4B70-8C47-6FECD3F516E6} : NameServer (8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1) -> TROUVÉ
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> TROUVÉ
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> TROUVÉ
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> TROUVÉ

¤¤¤ Tâches planifiées : 1 ¤¤¤
[V2][SUSP PATH] {C15FAC4B-8128-4D86-8EBE-3CCA2A8AD36C} : "c:\users\fredport2\appdata\local\google\chrome\application\chrome.exe" - hxxp://ui.skype.com/ui/0/6.1.73.129.456/fr/go/help.faq.installer?LastError=1603 [x][x] -> TROUVÉ

¤¤¤ Entrées Startup : 0 ¤¤¤

¤¤¤ Navigateurs web : 0 ¤¤¤

¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤

¤¤¤ Driver : [NON CHARGE] ¤¤¤

¤¤¤ Ruches Externes: ¤¤¤

¤¤¤ Infection :  ¤¤¤

¤¤¤ Fichier HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1 secure.tune-up.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 ereg.adobe.com
127.0.0.1 wip.adobe.com
127.0.0.1 activate.adobe.com
127.0.0.1 localhost
127.0.0.1 hl2rcv.adobe.com
127.0.0.1 adobeereg.com
127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 ereg.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 ereg.wip3.adobe.com
127.0.0.1 wip3.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 3dns.adobe.com
[...]


¤¤¤ MBR Verif: ¤¤¤

+++++ PhysicalDrive0: ST950042 0ASG SATA Disk Device +++++
--- User ---
[MBR] c56ca88412ab6446b4af218e0ff639ef
[BSP] ccbb87b89ec5a9be9632a5b2a10d0226 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 63 | Size: 20002 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 40965750 | Size: 164030 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 376900965 | Size: 164038 Mo
3 - [XXXXXX] EXTEN (0x05) [VISIBLE] Offset (sectors): 712852245 | Size: 128867 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: ST950042 0ASG SATA Disk Device +++++
--- User ---
[MBR] 4ecfc55263d8e9541734731b20873cfd
[BSP] e1b6546b754dac1a850095bd1d624e14 : MBR Code unknown
Partition table:
0 - [ACTIVE] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 2048 | Size: 3837 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

Termine : << RKreport[0]_S_06232013_161056.txt >>
avatar
FRED92G
EQUIPE BBAT
EQUIPE BBAT

Mensagens : 260
Data de inscrição : 04/06/2013
Idade : 30
Localização : FRANCE

Revenir en haut Aller en bas

Re: voila mon rapport

Message par Contenu sponsorisé


Contenu sponsorisé


Revenir en haut Aller en bas

Voir le sujet précédent Voir le sujet suivant Revenir en haut

- Sujets similaires

 
Permission de ce forum:
Vous ne pouvez pas répondre aux sujets dans ce forum