Spyware ou virus
Résolu
domino 2509
-
g!rly Messages postés 18462 Statut Contributeur -
g!rly Messages postés 18462 Statut Contributeur -
Bonjour,je pense avoir un probleme sur mon ordi . pub intempestive, lenteur,ect.... .J'ai fait plusieurs scan avec avast, spyboot et adaware mais rien n'y fais. Quelqu'un pourrait-il m'aider a resoudre mon prob ?J'ai fais un rapport hjt que je joint. merci pour votre aide.Ce site est super...
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:17:27, on 12/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Search Settings\SearchSettings.exe
C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Microsoft Encarta\Collection Microsoft Encarta 2006\EDICT.EXE
C:\Program Files\Micro Application\12 DICOS Indispensables\MediaDICO12.EXE
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Micro Application\12 DICOS Indispensables\Rac12.EXE
C:\Program Files\eMule\emule.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe
c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
C:\PROGRA~1\INCRED~1\bin\IMApp.exe
C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\PROGRA~1\INCRED~1\bin\ImNotfy.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://neufportail.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll (file missing)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb125\SearchSettings.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\Search Settings\SearchSettings.exe
O4 - HKLM\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [Creative Live! Cam Manager] "C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MediaDico] C:\Program Files\Micro Application\12 DICOS Indispensables\LanceMediaDICO12.exe Lancement
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [E06FDXRC_195450765] "C:\Program Files\Microsoft Encarta\Collection Microsoft Encarta 2006\EDICT.EXE" -m
O4 - HKCU\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Startup: TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
O4 - Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
O4 - Global Startup: Acer Empowering Technology.lnk = ?
O4 - Global Startup: Acer WLAN 11g USB Dongle.lnk = C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\Program Files\IncrediMail\bin\resources\WebMenuImg.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Europa Casino - {4C826F10-D34B-4ba8-B609-1FB8C6482A05} - C:\Casino\Europa Casino\casino.exe
O9 - Extra 'Tools' menuitem: Europa Casino - {4C826F10-D34B-4ba8-B609-1FB8C6482A05} - C:\Casino\Europa Casino\casino.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {BD8667B7-38D8-4C77-B580-18C3E146372C} (Creative Toolbox Plug-in) - http://bmm.imgag.com/imgag/cp/install/crusher-fr.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://ww25.incredijeux.com/online/online2/chuzzle/popcaploader_v6.cab
O16 - DPF: {E1342154-4889-42B5-BEF6-19237577048F} (OberongamesLoader Object) - http://ww1.incredijeux.com
O18 - Protocol: bw+0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\MAGIX\Common\Database\bin\fbserver.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:17:27, on 12/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Search Settings\SearchSettings.exe
C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Microsoft Encarta\Collection Microsoft Encarta 2006\EDICT.EXE
C:\Program Files\Micro Application\12 DICOS Indispensables\MediaDICO12.EXE
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Micro Application\12 DICOS Indispensables\Rac12.EXE
C:\Program Files\eMule\emule.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe
c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
C:\PROGRA~1\INCRED~1\bin\IMApp.exe
C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\PROGRA~1\INCRED~1\bin\ImNotfy.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://neufportail.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll (file missing)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb125\SearchSettings.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\Search Settings\SearchSettings.exe
O4 - HKLM\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [Creative Live! Cam Manager] "C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MediaDico] C:\Program Files\Micro Application\12 DICOS Indispensables\LanceMediaDICO12.exe Lancement
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [E06FDXRC_195450765] "C:\Program Files\Microsoft Encarta\Collection Microsoft Encarta 2006\EDICT.EXE" -m
O4 - HKCU\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Startup: TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
O4 - Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
O4 - Global Startup: Acer Empowering Technology.lnk = ?
O4 - Global Startup: Acer WLAN 11g USB Dongle.lnk = C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\Program Files\IncrediMail\bin\resources\WebMenuImg.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Europa Casino - {4C826F10-D34B-4ba8-B609-1FB8C6482A05} - C:\Casino\Europa Casino\casino.exe
O9 - Extra 'Tools' menuitem: Europa Casino - {4C826F10-D34B-4ba8-B609-1FB8C6482A05} - C:\Casino\Europa Casino\casino.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {BD8667B7-38D8-4C77-B580-18C3E146372C} (Creative Toolbox Plug-in) - http://bmm.imgag.com/imgag/cp/install/crusher-fr.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://ww25.incredijeux.com/online/online2/chuzzle/popcaploader_v6.cab
O16 - DPF: {E1342154-4889-42B5-BEF6-19237577048F} (OberongamesLoader Object) - http://ww1.incredijeux.com
O18 - Protocol: bw+0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\MAGIX\Common\Database\bin\fbserver.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
A voir également:
- Spyware ou virus
- Virus mcafee - Accueil - Piratage
- Spyware doctor - Télécharger - Antivirus & Antimalwares
- Virus facebook demande d'amis - Accueil - Facebook
- Virus informatique - Guide
- Spyware terminator - Télécharger - Antivirus & Antimalwares
14 réponses
salut
desinstales :
C:\Program Files\Search Settings
et
C:\Program Files\Macrogaming
repost un hijack this apres la manip`
@+
desinstales :
C:\Program Files\Search Settings
et
C:\Program Files\Macrogaming
repost un hijack this apres la manip`
@+
<gras>bonjour moi aussi j'ai un p'tit problème avec mon ordi il rame et des pages de pub s'affiche tout seule y 'a t'il un anti virus ou spyware efficace pour me débarrasser de cette chossssssse...
par contre des trucs facile à installé car je ne suis pas une fortiche du net !!!
merci beaucoup de me venir en aide ...
kelly...
par contre des trucs facile à installé car je ne suis pas une fortiche du net !!!
merci beaucoup de me venir en aide ...
kelly...
domino,
ca l´a fais qu´a moitier...
fais ceci :
Télécharge combofix.exe (par sUBs) sur ton Bureau.
-> http://download.bleepingcomputer.com/sUBs/ComboFix.exe
-> Double clique combofix.exe.
-> Tape sur la touche 1 (Yes) pour démarrer le scan.
-> Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse.
NOTE : Le rapport se trouve également ici : C:\Combofix.txt
Avant d'utiliser ComboFix :
-> Déconnecte toi d'internet et referme les fenêtres de tous les programmes en cours.
-> Désactive provisoirement et seulement le temps de l'utilisation de ComboFix, la protection en temps réel de ton Antivirus et de tes Antispywares, qui peuvent géner fortement la procédure de recherche et de nettoyage de l'outil.
Une fois fait, sur ton bureau double-clic sur Combofix.exe.
- Répond oui au message d'avertissement, pour que le programme commence à procéder à l'analyse du pc.
/!\ Pendant la durée de cette étape, ne te sert pas du pc et n'ouvre aucun programmes.
- En fin de scan il est possible que ComboFix ait besoin de redemarrer le pc pour finaliser la désinfection\recherche, laisses-le faire.
- Un rapport s'ouvrira ensuite dans le bloc notes, ce fichier rapport Combofix.txt, est automatiquement sauvegardé et rangé à C:\Combofix.txt)
-> Réactive la protection en temps réel de ton Antivirus et de tes Antispywares, avant de te reconnecter à internet.
-> Reviens sur le forum, et copie et colle la totalité du contenu de C:\Combofix.txt dans ton prochain message.
-> Tutoriel https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix
@+
ca l´a fais qu´a moitier...
fais ceci :
Télécharge combofix.exe (par sUBs) sur ton Bureau.
-> http://download.bleepingcomputer.com/sUBs/ComboFix.exe
-> Double clique combofix.exe.
-> Tape sur la touche 1 (Yes) pour démarrer le scan.
-> Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse.
NOTE : Le rapport se trouve également ici : C:\Combofix.txt
Avant d'utiliser ComboFix :
-> Déconnecte toi d'internet et referme les fenêtres de tous les programmes en cours.
-> Désactive provisoirement et seulement le temps de l'utilisation de ComboFix, la protection en temps réel de ton Antivirus et de tes Antispywares, qui peuvent géner fortement la procédure de recherche et de nettoyage de l'outil.
Une fois fait, sur ton bureau double-clic sur Combofix.exe.
- Répond oui au message d'avertissement, pour que le programme commence à procéder à l'analyse du pc.
/!\ Pendant la durée de cette étape, ne te sert pas du pc et n'ouvre aucun programmes.
- En fin de scan il est possible que ComboFix ait besoin de redemarrer le pc pour finaliser la désinfection\recherche, laisses-le faire.
- Un rapport s'ouvrira ensuite dans le bloc notes, ce fichier rapport Combofix.txt, est automatiquement sauvegardé et rangé à C:\Combofix.txt)
-> Réactive la protection en temps réel de ton Antivirus et de tes Antispywares, avant de te reconnecter à internet.
-> Reviens sur le forum, et copie et colle la totalité du contenu de C:\Combofix.txt dans ton prochain message.
-> Tutoriel https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix
@+
jai doc fait le scan avec combofix dont voici le rapport.Y vois tu un prob ?ComboFix 08-03-10.1 - dominique 2008-03-13 14:37:09.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.1419 [GMT 1:00]
Endroit: C:\Documents and Settings\dominique\Bureau\ComboFix.exe
* Création d'un nouveau point de restauration
[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\WINDOWS\system32\hrbnyjcvgq.dat
C:\WINDOWS\system32\hrbnyjcvgq_nav.dat
C:\WINDOWS\system32\hrbnyjcvgq_navps.dat
c:\WINDOWS\system32\ncpemu.dat
C:\WINDOWS\system32\ncpemu.exe
C:\WINDOWS\system32\ncpemu_nav.dat
c:\WINDOWS\system32\ncpemu_navps.dat
.
((((((((((((((((((((((((((((( Fichiers créés 2008-02-13 to 2008-03-13 ))))))))))))))))))))))))))))))))))))
.
2008-03-12 10:16 . 2008-03-12 10:16 <REP> d-------- C:\Program Files\Trend Micro
2008-03-08 17:53 . 2008-03-08 17:53 664 --a------ C:\WINDOWS\system32\d3d9caps.dat
2008-03-01 13:38 . 2008-03-01 13:46 <REP> d-------- C:\Program Files\NCH Software
2008-03-01 13:38 . 2008-03-01 13:40 <REP> d-------- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
2008-03-01 13:38 . 2008-03-01 13:38 <REP> d-------- C:\Documents and Settings\All Users\Application Data\NCH Software
2008-03-01 13:37 . 2008-03-01 13:47 <REP> d-------- C:\Program Files\NCH Swift Sound
2008-03-01 13:37 . 2008-03-01 13:47 <REP> d-------- C:\Documents and Settings\dominique\Application Data\NCH Swift Sound
2008-03-01 12:24 . 2008-03-01 12:24 <REP> d-------- C:\WINDOWS\system32\windows media
2008-03-01 12:24 . 2008-03-01 12:24 <REP> d--h----- C:\WINDOWS\msdownld.tmp
2008-03-01 12:24 . 2008-03-01 12:24 <REP> d-------- C:\Program Files\Windows Media Components
2008-03-01 12:21 . 2008-03-01 12:21 <REP> d-------- C:\Program Files\NRJ
2008-02-26 17:35 . 2008-03-01 16:53 <REP> d-------- C:\Documents and Settings\dominique\Application Data\gtk-2.0
2008-02-26 17:34 . 2008-02-26 17:35 <REP> d-------- C:\Documents and Settings\dominique\.thumbnails
2008-02-26 17:25 . 2008-02-26 17:28 <REP> d-------- C:\Program Files\Gimp Pack Mode
2008-02-26 17:25 . 2008-03-01 16:55 <REP> d-------- C:\Documents and Settings\dominique\.gimp-2.4
2008-02-22 19:38 . 2008-02-22 20:09 <REP> d-------- C:\Program Files\denouvel
2008-02-22 19:38 . 2008-02-22 20:09 796,672 --a------ C:\WINDOWS\GPInstall.exe
2008-02-22 19:38 . 2000-09-29 18:00 8,784 --a------ C:\WINDOWS\F_France.gpl
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-03-13 02:03 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-03-12 17:22 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-03-12 07:40 --------- d-----w C:\Program Files\eMule
2008-03-10 14:31 --------- d-----w C:\Program Files\Fichiers communs\Adobe
2008-02-05 18:25 --------- d-----w C:\Program Files\Incredijeux
2008-02-04 16:16 --------- d-----w C:\Program Files\Google
2008-01-28 10:41 --------- d-----w C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-01-28 10:28 12,632 ----a-w C:\WINDOWS\system32\lsdelete.exe
2008-01-27 19:36 --------- d-----w C:\Documents and Settings\dominique\Application Data\DivX
2008-01-20 08:10 --------- d-----w C:\Documents and Settings\All Users\Application Data\MumboJumbo
.
------- Sigcheck -------
2007-06-13 14:22 979456 80a5400514eb32d393654768c4017e46 C:\WINDOWS\explorer.exe
2007-06-13 14:10 1037312 b795475444d6d57a572c14b9e1a29839 C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
2004-08-10 21:00 1036288 4c33e5b9a6197b6ed215f6cfba0a2daa C:\WINDOWS\$NtUninstallKB938828$\explorer.exe
2007-06-13 14:22 979456 80a5400514eb32d393654768c4017e46 C:\WINDOWS\system32\dllcache\explorer.exe
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}]
2007-11-22 21:35 1195360 --a------ C:\Program Files\Search Settings\kb125\SearchSettings.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-10 21:00 15360]
"IncrediMail"="C:\Program Files\IncrediMail\bin\IncMail.exe" [2007-12-04 18:01 214456]
"LDM"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2007-08-29 21:34 32768]
"Creative Live! Cam Manager"="C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe" [2006-05-31 15:00 143360]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-11-09 21:49 5724184]
"MediaDico"="C:\Program Files\Micro Application\12 DICOS Indispensables\LanceMediaDICO12.exe" [2002-12-24 14:31 253952]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 18:03 152872]
"E06FDXRC_195450765"="C:\Program Files\Microsoft Encarta\Collection Microsoft Encarta 2006\EDICT.exe" [2005-06-04 17:03 301776]
"eMuleAutoStart"="C:\Program Files\eMule\emule.exe" [2007-05-13 15:57 5308416]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-07-11 23:19 7626752]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 14:00 79224]
"NeroFilterCheck"="C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe" [2007-03-01 14:57 153136]
"SweetIM"="C:\Program Files\Macrogaming\SweetIM\SweetIM.exe" [2007-10-14 18:09 103712]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-10 21:00 15360]
C:\Documents and Settings\dominique\Menu D‚marrer\Programmes\D‚marrage\
Adobe Gamma.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 18:16:50 113664]
RocketDock.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe [2007-03-18 23:05:02 630784]
TransBar.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe [2005-06-01 20:41:18 65536]
UberIcon.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe [2006-05-21 08:43:08 180224]
Y'z Shadow.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe [2006-05-21 08:43:14 155648]
C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Acer Empowering Technology.lnk - C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe [2007-08-29 19:54:06 45056]
Acer WLAN 11g USB Dongle.lnk - C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe [2005-11-16 19:25:14 745472]
Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2007-08-29 21:34:58 450560]
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe [2007-08-29 21:34:12 450560]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"= C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"= C:\WINDOWS\Resources\Themes\Royale.theme
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\IncrediMail\\bin\\ImApp.exe"=
"C:\\Program Files\\IncrediMail\\bin\\IncMail.exe"=
"C:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"=
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"C:\\Program Files\\eMule\\emule.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\WINDOWS\\system32\\dpvsetup.exe"=
"C:\\WINDOWS\\system32\\rundll32.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Fichiers communs\\Ahead\\Nero Web\\SetupX.exe"=
"C:\\Program Files\\IncrediMail\\bin\\IncrediMail_Install.exe"=
"C:\\Program Files\\Azureus\\Azureus.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
R3 V0220Dev;Live! Cam Video IM;C:\WINDOWS\system32\DRIVERS\V0220Dev.sys [2006-06-29 06:58]
R3 V0220Vfx;V0220VFX;C:\WINDOWS\system32\DRIVERS\V0220Vfx.sys [2006-06-08 09:00]
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;C:\MAGIX\Common\Database\bin\fbserver.exe [2005-11-17 14:18]
S3 int15.sys;int15.sys;C:\Acer\Empowering Technology\eRecovery\int15.sys [2005-01-13 13:46]
S3 psdfilter;psdfilter;C:\WINDOWS\system32\Drivers\psdfilter.sys [2006-04-07 19:17]
S3 psdvdisk;psdvdisk;C:\WINDOWS\system32\Drivers\psdvdisk.sys [2006-03-08 16:10]
S3 ZD1211BU(ZyDAS);ZyDAS ZD1211B IEEE 802.11 b+g Wireless LAN Driver (USB)(ZyDAS);C:\WINDOWS\system32\DRIVERS\zd1211Bu.sys [2005-10-28 10:38]
.
**************************************************************************
catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-13 14:40:07
Windows 5.1.2600 Service Pack 2 NTFS
Balayage processus cachés ...
Balayage caché autostart entries ...
Balayage des fichiers cachés ...
Scan terminé avec succès
Les fichiers cachés: 0
**************************************************************************
.
Temps d'accomplissement: 2008-03-13 14:41:26
ComboFix-quarantined-files.txt 2008-03-13 13:40:52
.
2008-03-13 02:03:03 --- E O F ---
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.1419 [GMT 1:00]
Endroit: C:\Documents and Settings\dominique\Bureau\ComboFix.exe
* Création d'un nouveau point de restauration
[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\WINDOWS\system32\hrbnyjcvgq.dat
C:\WINDOWS\system32\hrbnyjcvgq_nav.dat
C:\WINDOWS\system32\hrbnyjcvgq_navps.dat
c:\WINDOWS\system32\ncpemu.dat
C:\WINDOWS\system32\ncpemu.exe
C:\WINDOWS\system32\ncpemu_nav.dat
c:\WINDOWS\system32\ncpemu_navps.dat
.
((((((((((((((((((((((((((((( Fichiers créés 2008-02-13 to 2008-03-13 ))))))))))))))))))))))))))))))))))))
.
2008-03-12 10:16 . 2008-03-12 10:16 <REP> d-------- C:\Program Files\Trend Micro
2008-03-08 17:53 . 2008-03-08 17:53 664 --a------ C:\WINDOWS\system32\d3d9caps.dat
2008-03-01 13:38 . 2008-03-01 13:46 <REP> d-------- C:\Program Files\NCH Software
2008-03-01 13:38 . 2008-03-01 13:40 <REP> d-------- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
2008-03-01 13:38 . 2008-03-01 13:38 <REP> d-------- C:\Documents and Settings\All Users\Application Data\NCH Software
2008-03-01 13:37 . 2008-03-01 13:47 <REP> d-------- C:\Program Files\NCH Swift Sound
2008-03-01 13:37 . 2008-03-01 13:47 <REP> d-------- C:\Documents and Settings\dominique\Application Data\NCH Swift Sound
2008-03-01 12:24 . 2008-03-01 12:24 <REP> d-------- C:\WINDOWS\system32\windows media
2008-03-01 12:24 . 2008-03-01 12:24 <REP> d--h----- C:\WINDOWS\msdownld.tmp
2008-03-01 12:24 . 2008-03-01 12:24 <REP> d-------- C:\Program Files\Windows Media Components
2008-03-01 12:21 . 2008-03-01 12:21 <REP> d-------- C:\Program Files\NRJ
2008-02-26 17:35 . 2008-03-01 16:53 <REP> d-------- C:\Documents and Settings\dominique\Application Data\gtk-2.0
2008-02-26 17:34 . 2008-02-26 17:35 <REP> d-------- C:\Documents and Settings\dominique\.thumbnails
2008-02-26 17:25 . 2008-02-26 17:28 <REP> d-------- C:\Program Files\Gimp Pack Mode
2008-02-26 17:25 . 2008-03-01 16:55 <REP> d-------- C:\Documents and Settings\dominique\.gimp-2.4
2008-02-22 19:38 . 2008-02-22 20:09 <REP> d-------- C:\Program Files\denouvel
2008-02-22 19:38 . 2008-02-22 20:09 796,672 --a------ C:\WINDOWS\GPInstall.exe
2008-02-22 19:38 . 2000-09-29 18:00 8,784 --a------ C:\WINDOWS\F_France.gpl
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-03-13 02:03 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-03-12 17:22 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-03-12 07:40 --------- d-----w C:\Program Files\eMule
2008-03-10 14:31 --------- d-----w C:\Program Files\Fichiers communs\Adobe
2008-02-05 18:25 --------- d-----w C:\Program Files\Incredijeux
2008-02-04 16:16 --------- d-----w C:\Program Files\Google
2008-01-28 10:41 --------- d-----w C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-01-28 10:28 12,632 ----a-w C:\WINDOWS\system32\lsdelete.exe
2008-01-27 19:36 --------- d-----w C:\Documents and Settings\dominique\Application Data\DivX
2008-01-20 08:10 --------- d-----w C:\Documents and Settings\All Users\Application Data\MumboJumbo
.
------- Sigcheck -------
2007-06-13 14:22 979456 80a5400514eb32d393654768c4017e46 C:\WINDOWS\explorer.exe
2007-06-13 14:10 1037312 b795475444d6d57a572c14b9e1a29839 C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
2004-08-10 21:00 1036288 4c33e5b9a6197b6ed215f6cfba0a2daa C:\WINDOWS\$NtUninstallKB938828$\explorer.exe
2007-06-13 14:22 979456 80a5400514eb32d393654768c4017e46 C:\WINDOWS\system32\dllcache\explorer.exe
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}]
2007-11-22 21:35 1195360 --a------ C:\Program Files\Search Settings\kb125\SearchSettings.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-10 21:00 15360]
"IncrediMail"="C:\Program Files\IncrediMail\bin\IncMail.exe" [2007-12-04 18:01 214456]
"LDM"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2007-08-29 21:34 32768]
"Creative Live! Cam Manager"="C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe" [2006-05-31 15:00 143360]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-11-09 21:49 5724184]
"MediaDico"="C:\Program Files\Micro Application\12 DICOS Indispensables\LanceMediaDICO12.exe" [2002-12-24 14:31 253952]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 18:03 152872]
"E06FDXRC_195450765"="C:\Program Files\Microsoft Encarta\Collection Microsoft Encarta 2006\EDICT.exe" [2005-06-04 17:03 301776]
"eMuleAutoStart"="C:\Program Files\eMule\emule.exe" [2007-05-13 15:57 5308416]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-07-11 23:19 7626752]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 14:00 79224]
"NeroFilterCheck"="C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe" [2007-03-01 14:57 153136]
"SweetIM"="C:\Program Files\Macrogaming\SweetIM\SweetIM.exe" [2007-10-14 18:09 103712]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-10 21:00 15360]
C:\Documents and Settings\dominique\Menu D‚marrer\Programmes\D‚marrage\
Adobe Gamma.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 18:16:50 113664]
RocketDock.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe [2007-03-18 23:05:02 630784]
TransBar.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe [2005-06-01 20:41:18 65536]
UberIcon.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe [2006-05-21 08:43:08 180224]
Y'z Shadow.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe [2006-05-21 08:43:14 155648]
C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Acer Empowering Technology.lnk - C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe [2007-08-29 19:54:06 45056]
Acer WLAN 11g USB Dongle.lnk - C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe [2005-11-16 19:25:14 745472]
Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2007-08-29 21:34:58 450560]
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe [2007-08-29 21:34:12 450560]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"= C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"= C:\WINDOWS\Resources\Themes\Royale.theme
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\IncrediMail\\bin\\ImApp.exe"=
"C:\\Program Files\\IncrediMail\\bin\\IncMail.exe"=
"C:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"=
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"C:\\Program Files\\eMule\\emule.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\WINDOWS\\system32\\dpvsetup.exe"=
"C:\\WINDOWS\\system32\\rundll32.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Fichiers communs\\Ahead\\Nero Web\\SetupX.exe"=
"C:\\Program Files\\IncrediMail\\bin\\IncrediMail_Install.exe"=
"C:\\Program Files\\Azureus\\Azureus.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
R3 V0220Dev;Live! Cam Video IM;C:\WINDOWS\system32\DRIVERS\V0220Dev.sys [2006-06-29 06:58]
R3 V0220Vfx;V0220VFX;C:\WINDOWS\system32\DRIVERS\V0220Vfx.sys [2006-06-08 09:00]
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;C:\MAGIX\Common\Database\bin\fbserver.exe [2005-11-17 14:18]
S3 int15.sys;int15.sys;C:\Acer\Empowering Technology\eRecovery\int15.sys [2005-01-13 13:46]
S3 psdfilter;psdfilter;C:\WINDOWS\system32\Drivers\psdfilter.sys [2006-04-07 19:17]
S3 psdvdisk;psdvdisk;C:\WINDOWS\system32\Drivers\psdvdisk.sys [2006-03-08 16:10]
S3 ZD1211BU(ZyDAS);ZyDAS ZD1211B IEEE 802.11 b+g Wireless LAN Driver (USB)(ZyDAS);C:\WINDOWS\system32\DRIVERS\zd1211Bu.sys [2005-10-28 10:38]
.
**************************************************************************
catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-13 14:40:07
Windows 5.1.2600 Service Pack 2 NTFS
Balayage processus cachés ...
Balayage caché autostart entries ...
Balayage des fichiers cachés ...
Scan terminé avec succès
Les fichiers cachés: 0
**************************************************************************
.
Temps d'accomplissement: 2008-03-13 14:41:26
ComboFix-quarantined-files.txt 2008-03-13 13:40:52
.
2008-03-13 02:03:03 --- E O F ---
ok domino,
la suite :
Copie le texte ci-dessous :
Folder::
C:\Program Files\Search Settings
C:\Program Files\Macrogaming
Registry::
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SweetIM"=-
Ouvre le Bloc-Notes puis colle le texte copié.
(Démarrer\Tous les programmes\Accessoires\Bloc notes.)
Sauvegarde ce fichier sous le nom de CFScript.txt.
Glisse maintenant le fichier CFScript.txt dans Combofix.exe comme ci-dessous :
http://serveur1.archive-host.com/membres/up/1366464061/CFScript.gif
Cela va relancer Combofix,
Une fenêtre bleue va apparaître: au message qui apparaît ( Type 1 to continue, or 2 to abort) , tape 1 puis valide.
Patiente le temps du scan.Le bureau va disparaître à plusieurs reprises: c'est normal!
Ne touche à rien tant que le scan n'est pas terminé.
Après redémarrage, poste le contenu du rapport Combofix.txt accompagné d'un rapport Hijackthis.
S'il n'y a pas de rédémarrage, poste quand même les rapports.
@+
la suite :
Copie le texte ci-dessous :
Folder::
C:\Program Files\Search Settings
C:\Program Files\Macrogaming
Registry::
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SweetIM"=-
Ouvre le Bloc-Notes puis colle le texte copié.
(Démarrer\Tous les programmes\Accessoires\Bloc notes.)
Sauvegarde ce fichier sous le nom de CFScript.txt.
Glisse maintenant le fichier CFScript.txt dans Combofix.exe comme ci-dessous :
http://serveur1.archive-host.com/membres/up/1366464061/CFScript.gif
Cela va relancer Combofix,
Une fenêtre bleue va apparaître: au message qui apparaît ( Type 1 to continue, or 2 to abort) , tape 1 puis valide.
Patiente le temps du scan.Le bureau va disparaître à plusieurs reprises: c'est normal!
Ne touche à rien tant que le scan n'est pas terminé.
Après redémarrage, poste le contenu du rapport Combofix.txt accompagné d'un rapport Hijackthis.
S'il n'y a pas de rédémarrage, poste quand même les rapports.
@+
C'est fait.voici les rapports combofix et hjt.ComboFix 08-03-10.1 - dominique 2008-03-13 16:59:18.2 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.1427 [GMT 1:00]
Endroit: C:\Documents and Settings\dominique\Bureau\ComboFix.exe
Command switches used :: C:\Documents and Settings\dominique\Mes documents\CFScript.txt..txt
* Création d'un nouveau point de restauration
[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Program Files\Macrogaming
C:\Program Files\Macrogaming\SweetIM\conf\adapter.xml
C:\Program Files\Macrogaming\SweetIM\conf\autoupdate.xml
C:\Program Files\Macrogaming\SweetIM\conf\logger.xml
C:\Program Files\Macrogaming\SweetIM\conf\messages.xml
C:\Program Files\Macrogaming\SweetIM\conf\sweetim.xml
C:\Program Files\Macrogaming\SweetIM\conf\sweetimapp.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\addom42@hotmail.fr\emoticons_shortcut.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\addom42@hotmail.fr\lastuse_Audibles.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\addom42@hotmail.fr\lastuse_DisplayPictures.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\addom42@hotmail.fr\lastuse_Emoticons.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\addom42@hotmail.fr\lastuse_SoundFX.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\addom42@hotmail.fr\lastuse_Winks.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\addom42@hotmail.fr\user_config.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\main_user_config.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\mouloud.42@hotmail.fr\emoticons_shortcut.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\mouloud.42@hotmail.fr\lastuse_Emoticons.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\mouloud.42@hotmail.fr\lastuse_Winks.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\mouloud.42@hotmail.fr\user_config.xml
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00100AA.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00100AD.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00100AE.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00100B2.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00100B3.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00100B5.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00100B6.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00100C9.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00100CC.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00100D2.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00100D8.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00100E7.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0010100.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0010101.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0010105.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0010119.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]001011E.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0010124.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0010819.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]001081A.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]001081C.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]001081E.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0010844.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0010846.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]001084A.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]001084D.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0010857.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0010859.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]001085C.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]001085D.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0010867.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]001086E.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0010891.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0010892.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0010893.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0010894.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0010896.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0010897.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0010898.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]001089A.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]001089B.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]001089D.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00108A0.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00108A3.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00108A4.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00108A5.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00108A8.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00108A9.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00108AA.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00108AB.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00108B3.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00108B5.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00108B6.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00108B7.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00108BB.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00108BE.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00108BF.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00108C2.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00108C3.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00108C7.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00108C8.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00108CD.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]002005B.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]002005C.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0020062.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0020066.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]002006A.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]002006D.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]002006E.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0020071.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0020073.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0020074.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0020075.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0020077.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]002007C.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0020080.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]002009A.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00200AB.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00200AF.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00200BB.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00200C0.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00200D5.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00200D6.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0020114.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]002011C.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]002013C.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]002013D.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]002013F.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0020144.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]002014B.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0020158.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0020167.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]002016D.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0020171.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0020185.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0020186.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]002018C.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]002018E.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0020193.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]002019D.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00201A5.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00201B0.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00201B6.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00201C7.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00201CA.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00201D4.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00201D6.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00201DC.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00201E7.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00201E8.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00201E9.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00201F3.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00201F5.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00201F6.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00201F7.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]002020A.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0020210.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]002021E.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0020221.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0020225.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0020226.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]002022F.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0020230.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]002023A.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0020266.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]003002B.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0030033.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0030038.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]003003E.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0030050.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0030057.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]003005A.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]003005F.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0030061.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0030063.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]003006A.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]003006C.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]003006F.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0040014.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0040024.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0040028.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]004002B.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0040032.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0040048.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]004004C.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]004004D.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0040063.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0040064.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0040066.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00400A3.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00400C0.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00400C4.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0050004.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0050005.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0050007.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00600B3.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00600C5.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00600C6.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00600C7.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00600C8.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00600C9.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00600CC.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00600CD.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00600D7.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0060147.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]10108A7.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]1030040.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]1030047.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]1050001.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]1050002.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]1050007.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\cache_indx.dat
C:\Program Files\Macrogaming\SweetIM\default.xml
C:\Program Files\Macrogaming\SweetIM\mgAdaptersProxy.dll
C:\Program Files\Macrogaming\SweetIM\mgAIMAuto.dll
C:\Program Files\Macrogaming\SweetIM\mgAIMMessengerAdapter.dll
C:\Program Files\Macrogaming\SweetIM\mgArchive.dll
C:\Program Files\Macrogaming\SweetIM\mgcommon.dll
C:\Program Files\Macrogaming\SweetIM\mgcommunication.dll
C:\Program Files\Macrogaming\SweetIM\mgconfig.dll
C:\Program Files\Macrogaming\SweetIM\mgFlashPlayer.dll
C:\Program Files\Macrogaming\SweetIM\mghooking.dll
C:\Program Files\Macrogaming\SweetIM\mgIEPlayer.dll
C:\Program Files\Macrogaming\SweetIM\mglogger.dll
C:\Program Files\Macrogaming\SweetIM\mgMediaPlayer.dll
C:\Program Files\Macrogaming\SweetIM\mgMsnAuto.dll
C:\Program Files\Macrogaming\SweetIM\mgMsnMessengerAdapter.dll
C:\Program Files\Macrogaming\SweetIM\mgSweetIM.dll
C:\Program Files\Macrogaming\SweetIM\mgUpdateSupport.dll
C:\Program Files\Macrogaming\SweetIM\mgxml_wrapper.dll
C:\Program Files\Macrogaming\SweetIM\mgYahooAuto.dll
C:\Program Files\Macrogaming\SweetIM\mgYahooMessengerAdapter.dll
C:\Program Files\Macrogaming\SweetIM\msvcp71.dll
C:\Program Files\Macrogaming\SweetIM\msvcr71.dll
C:\Program Files\Macrogaming\SweetIM\resources\images\AudibleButton.png
C:\Program Files\Macrogaming\SweetIM\resources\images\DisplayPicturesButton.png
C:\Program Files\Macrogaming\SweetIM\resources\images\EmoticonButton.png
C:\Program Files\Macrogaming\SweetIM\resources\images\NudgeButton.png
C:\Program Files\Macrogaming\SweetIM\resources\images\SoundFxButton.png
C:\Program Files\Macrogaming\SweetIM\resources\images\WinksButton.png
C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
C:\Program Files\Macrogaming\SweetIMBarForIE\affid.dat
C:\Program Files\Macrogaming\SweetIMBarForIE\basis.xml
C:\Program Files\Macrogaming\SweetIMBarForIE\Bookmarks_23x18.bmp
C:\Program Files\Macrogaming\SweetIMBarForIE\Cache\cd2005c66fba47ff715ecc444d3bc1fb.xml
C:\Program Files\Macrogaming\SweetIMBarForIE\Email_23x18.bmp
C:\Program Files\Macrogaming\SweetIMBarForIE\Games_23x18.bmp
C:\Program Files\Macrogaming\SweetIMBarForIE\Greetingcards_23x18.bmp
C:\Program Files\Macrogaming\SweetIMBarForIE\Mobile_23x18.bmp
C:\Program Files\Macrogaming\SweetIMBarForIE\Music_23x18.bmp
C:\Program Files\Macrogaming\SweetIMBarForIE\News_23x18.bmp
C:\Program Files\Macrogaming\SweetIMBarForIE\Shoping_23x18.bmp
C:\Program Files\Macrogaming\SweetIMBarForIE\SmileySmile.bmp
C:\Program Files\Macrogaming\SweetIMBarForIE\SmileyWink.bmp
C:\Program Files\Macrogaming\SweetIMBarForIE\sweetimicons.bmp
C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.crc
C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.xml
C:\Program Files\Macrogaming\SweetIMBarForIE\version.txt
C:\Program Files\Search Settings
C:\Program Files\Search Settings\kb125\res\ErrorPageTemplate.css
C:\Program Files\Search Settings\kb125\res\help.gif
C:\Program Files\Search Settings\kb125\res\tab_icon.png
C:\Program Files\Search Settings\kb125\res\tabdata.js
C:\Program Files\Search Settings\kb125\res\tablib.js
C:\Program Files\Search Settings\kb125\res\tabwelcome_en.html
C:\Program Files\Search Settings\kb125\res\toolbar_background.gif
C:\Program Files\Search Settings\kb125\res\yahoo_search.gif
C:\Program Files\Search Settings\kb125\SearchSettings.dll
C:\Program Files\Search Settings\SearchSettings.exe
.
((((((((((((((((((((((((((((( Fichiers créés 2008-02-13 to 2008-03-13 ))))))))))))))))))))))))))))))))))))
.
2008-03-12 10:16 . 2008-03-12 10:16 <REP> d-------- C:\Program Files\Trend Micro
2008-03-08 17:53 . 2008-03-08 17:53 664 --a------ C:\WINDOWS\system32\d3d9caps.dat
2008-03-01 13:38 . 2008-03-01 13:46 <REP> d-------- C:\Program Files\NCH Software
2008-03-01 13:38 . 2008-03-01 13:40 <REP> d-------- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
2008-03-01 13:38 . 2008-03-01 13:38 <REP> d-------- C:\Documents and Settings\All Users\Application Data\NCH Software
2008-03-01 13:37 . 2008-03-01 13:47 <REP> d-------- C:\Program Files\NCH Swift Sound
2008-03-01 13:37 . 2008-03-01 13:47 <REP> d-------- C:\Documents and Settings\dominique\Application Data\NCH Swift Sound
2008-03-01 12:24 . 2008-03-01 12:24 <REP> d-------- C:\WINDOWS\system32\windows media
2008-03-01 12:24 . 2008-03-01 12:24 <REP> d--h----- C:\WINDOWS\msdownld.tmp
2008-03-01 12:24 . 2008-03-01 12:24 <REP> d-------- C:\Program Files\Windows Media Components
2008-03-01 12:21 . 2008-03-01 12:21 <REP> d-------- C:\Program Files\NRJ
2008-02-26 17:35 . 2008-03-01 16:53 <REP> d-------- C:\Documents and Settings\dominique\Application Data\gtk-2.0
2008-02-26 17:34 . 2008-02-26 17:35 <REP> d-------- C:\Documents and Settings\dominique\.thumbnails
2008-02-26 17:25 . 2008-02-26 17:28 <REP> d-------- C:\Program Files\Gimp Pack Mode
2008-02-26 17:25 . 2008-03-01 16:55 <REP> d-------- C:\Documents and Settings\dominique\.gimp-2.4
2008-02-22 19:38 . 2008-02-22 20:09 <REP> d-------- C:\Program Files\denouvel
2008-02-22 19:38 . 2008-02-22 20:09 796,672 --a------ C:\WINDOWS\GPInstall.exe
2008-02-22 19:38 . 2000-09-29 18:00 8,784 --a------ C:\WINDOWS\F_France.gpl
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-03-13 16:04 --------- d-----w C:\Program Files\eMule
2008-03-13 15:38 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-03-13 02:03 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-03-10 14:31 --------- d-----w C:\Program Files\Fichiers communs\Adobe
2008-02-05 18:25 --------- d-----w C:\Program Files\Incredijeux
2008-02-04 16:16 --------- d-----w C:\Program Files\Google
2008-01-28 10:41 --------- d-----w C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-01-27 19:36 --------- d-----w C:\Documents and Settings\dominique\Application Data\DivX
2008-01-20 08:10 --------- d-----w C:\Documents and Settings\All Users\Application Data\MumboJumbo
.
------- Sigcheck -------
2007-06-13 14:22 979456 80a5400514eb32d393654768c4017e46 C:\WINDOWS\explorer.exe
2007-06-13 14:10 1037312 b795475444d6d57a572c14b9e1a29839 C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
2004-08-10 21:00 1036288 4c33e5b9a6197b6ed215f6cfba0a2daa C:\WINDOWS\$NtUninstallKB938828$\explorer.exe
2007-06-13 14:22 979456 80a5400514eb32d393654768c4017e46 C:\WINDOWS\system32\dllcache\explorer.exe
.
((((((((((((((((((((((((((((( snapshot@2008-03-13_14.40.41,25 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-03-13 16:02:42 16,384 ----atw C:\WINDOWS\temp\Perflib_Perfdata_680.dat
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-10 21:00 15360]
"IncrediMail"="C:\Program Files\IncrediMail\bin\IncMail.exe" [2007-12-04 18:01 214456]
"LDM"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2007-08-29 21:34 32768]
"Creative Live! Cam Manager"="C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe" [2006-05-31 15:00 143360]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-11-09 21:49 5724184]
"MediaDico"="C:\Program Files\Micro Application\12 DICOS Indispensables\LanceMediaDICO12.exe" [2002-12-24 14:31 253952]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 18:03 152872]
"E06FDXRC_195450765"="C:\Program Files\Microsoft Encarta\Collection Microsoft Encarta 2006\EDICT.exe" [2005-06-04 17:03 301776]
"eMuleAutoStart"="C:\Program Files\eMule\emule.exe" [2007-05-13 15:57 5308416]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-07-11 23:19 7626752]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 14:00 79224]
"NeroFilterCheck"="C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe" [2007-03-01 14:57 153136]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-10 21:00 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"= C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"= C:\WINDOWS\Resources\Themes\Royale.theme
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\IncrediMail\\bin\\ImApp.exe"=
"C:\\Program Files\\IncrediMail\\bin\\IncMail.exe"=
"C:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"=
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"C:\\Program Files\\eMule\\emule.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\WINDOWS\\system32\\dpvsetup.exe"=
"C:\\WINDOWS\\system32\\rundll32.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Fichiers communs\\Ahead\\Nero Web\\SetupX.exe"=
"C:\\Program Files\\IncrediMail\\bin\\IncrediMail_Install.exe"=
"C:\\Program Files\\Azureus\\Azureus.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
R3 V0220Dev;Live! Cam Video IM;C:\WINDOWS\system32\DRIVERS\V0220Dev.sys [2006-06-29 06:58]
R3 V0220Vfx;V0220VFX;C:\WINDOWS\system32\DRIVERS\V0220Vfx.sys [2006-06-08 09:00]
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;C:\MAGIX\Common\Database\bin\fbserver.exe [2005-11-17 14:18]
S3 int15.sys;int15.sys;C:\Acer\Empowering Technology\eRecovery\int15.sys [2005-01-13 13:46]
S3 psdfilter;psdfilter;C:\WINDOWS\system32\Drivers\psdfilter.sys [2006-04-07 19:17]
S3 psdvdisk;psdvdisk;C:\WINDOWS\system32\Drivers\psdvdisk.sys [2006-03-08 16:10]
S3 ZD1211BU(ZyDAS);ZyDAS ZD1211B IEEE 802.11 b+g Wireless LAN Driver (USB)(ZyDAS);C:\WINDOWS\system32\DRIVERS\zd1211Bu.sys [2005-10-28 10:38]
.
**************************************************************************
catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-13 17:03:19
Windows 5.1.2600 Service Pack 2 NTFS
Balayage processus cachés ...
Balayage caché autostart entries ...
Balayage des fichiers cachés ...
Scan terminé avec succès
Les fichiers cachés: 0
**************************************************************************
.
--------------------- DLLs a chargé sous des processus courants ---------------------
PROCESS: C:\WINDOWS\explorer.exe [6.00.2900.3156]
-> C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.dll
-> C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon.dll
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\ehome\mcrdsvc.exe
C:\Program Files\Micro Application\12 DICOS Indispensables\MediaDICO12.EXE
C:\Program Files\Micro Application\12 DICOS Indispensables\Rac12.EXE
C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe
C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
C:\PROGRA~1\INCRED~1\bin\IMApp.exe
C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\system32\wscntfy.exe
.
**************************************************************************
.
Temps d'accomplissement: 2008-03-13 17:07:27 - machine was rebooted [dominique]
ComboFix-quarantined-files.txt 2008-03-13 16:07:25
ComboFix2.txt 2008-03-13 13:41:26
.
2008-03-13 02:03:03 --- E O F ---
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:09:02, on 13/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Microsoft Encarta\Collection Microsoft Encarta 2006\EDICT.EXE
C:\Program Files\Micro Application\12 DICOS Indispensables\MediaDICO12.EXE
C:\Program Files\Micro Application\12 DICOS Indispensables\Rac12.EXE
C:\Program Files\eMule\emule.exe
C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe
C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
C:\PROGRA~1\INCRED~1\bin\IMApp.exe
C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://neufportail.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll (file missing)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [Creative Live! Cam Manager] "C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MediaDico] C:\Program Files\Micro Application\12 DICOS Indispensables\LanceMediaDICO12.exe Lancement
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [E06FDXRC_195450765] "C:\Program Files\Microsoft Encarta\Collection Microsoft Encarta 2006\EDICT.EXE" -m
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Startup: TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
O4 - Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
O4 - Global Startup: Acer Empowering Technology.lnk = ?
O4 - Global Startup: Acer WLAN 11g USB Dongle.lnk = C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\Program Files\IncrediMail\bin\resources\WebMenuImg.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Europa Casino - {4C826F10-D34B-4ba8-B609-1FB8C6482A05} - C:\Casino\Europa Casino\casino.exe
O9 - Extra 'Tools' menuitem: Europa Casino - {4C826F10-D34B-4ba8-B609-1FB8C6482A05} - C:\Casino\Europa Casino\casino.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {BD8667B7-38D8-4C77-B580-18C3E146372C} (Creative Toolbox Plug-in) - http://bmm.imgag.com/imgag/cp/install/crusher-fr.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://ww25.incredijeux.com/online/online2/chuzzle/popcaploader_v6.cab
O16 - DPF: {E1342154-4889-42B5-BEF6-19237577048F} (OberongamesLoader Object) - http://ww1.incredijeux.com
O18 - Protocol: bw+0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\MAGIX\Common\Database\bin\fbserver.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.1427 [GMT 1:00]
Endroit: C:\Documents and Settings\dominique\Bureau\ComboFix.exe
Command switches used :: C:\Documents and Settings\dominique\Mes documents\CFScript.txt..txt
* Création d'un nouveau point de restauration
[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Program Files\Macrogaming
C:\Program Files\Macrogaming\SweetIM\conf\adapter.xml
C:\Program Files\Macrogaming\SweetIM\conf\autoupdate.xml
C:\Program Files\Macrogaming\SweetIM\conf\logger.xml
C:\Program Files\Macrogaming\SweetIM\conf\messages.xml
C:\Program Files\Macrogaming\SweetIM\conf\sweetim.xml
C:\Program Files\Macrogaming\SweetIM\conf\sweetimapp.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\addom42@hotmail.fr\emoticons_shortcut.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\addom42@hotmail.fr\lastuse_Audibles.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\addom42@hotmail.fr\lastuse_DisplayPictures.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\addom42@hotmail.fr\lastuse_Emoticons.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\addom42@hotmail.fr\lastuse_SoundFX.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\addom42@hotmail.fr\lastuse_Winks.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\addom42@hotmail.fr\user_config.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\main_user_config.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\mouloud.42@hotmail.fr\emoticons_shortcut.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\mouloud.42@hotmail.fr\lastuse_Emoticons.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\mouloud.42@hotmail.fr\lastuse_Winks.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\mouloud.42@hotmail.fr\user_config.xml
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00100AA.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00100AD.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00100AE.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00100B2.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00100B3.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00100B5.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00100B6.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00100C9.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00100CC.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00100D2.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00100D8.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00100E7.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0010100.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0010101.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0010105.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0010119.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]001011E.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0010124.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0010819.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]001081A.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]001081C.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]001081E.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0010844.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0010846.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]001084A.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]001084D.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0010857.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0010859.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]001085C.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]001085D.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0010867.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]001086E.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0010891.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0010892.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0010893.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0010894.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0010896.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0010897.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0010898.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]001089A.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]001089B.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]001089D.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00108A0.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00108A3.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00108A4.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00108A5.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00108A8.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00108A9.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00108AA.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00108AB.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00108B3.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00108B5.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00108B6.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00108B7.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00108BB.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00108BE.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00108BF.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00108C2.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00108C3.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00108C7.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00108C8.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00108CD.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]002005B.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]002005C.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0020062.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0020066.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]002006A.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]002006D.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]002006E.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0020071.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0020073.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0020074.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0020075.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0020077.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]002007C.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0020080.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]002009A.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00200AB.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00200AF.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00200BB.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00200C0.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00200D5.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00200D6.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0020114.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]002011C.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]002013C.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]002013D.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]002013F.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0020144.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]002014B.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0020158.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0020167.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]002016D.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0020171.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0020185.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0020186.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]002018C.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]002018E.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0020193.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]002019D.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00201A5.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00201B0.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00201B6.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00201C7.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00201CA.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00201D4.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00201D6.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00201DC.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00201E7.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00201E8.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00201E9.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00201F3.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00201F5.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00201F6.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00201F7.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]002020A.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0020210.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]002021E.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0020221.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0020225.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0020226.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]002022F.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0020230.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]002023A.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0020266.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]003002B.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0030033.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0030038.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]003003E.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0030050.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0030057.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]003005A.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]003005F.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0030061.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0030063.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]003006A.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]003006C.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]003006F.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0040014.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0040024.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0040028.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]004002B.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0040032.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0040048.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]004004C.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]004004D.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0040063.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0040064.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0040066.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00400A3.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00400C0.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00400C4.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0050004.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0050005.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0050007.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00600B3.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00600C5.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00600C6.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00600C7.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00600C8.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00600C9.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00600CC.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00600CD.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00600D7.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0060147.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]10108A7.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]1030040.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]1030047.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]1050001.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]1050002.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]1050007.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\cache_indx.dat
C:\Program Files\Macrogaming\SweetIM\default.xml
C:\Program Files\Macrogaming\SweetIM\mgAdaptersProxy.dll
C:\Program Files\Macrogaming\SweetIM\mgAIMAuto.dll
C:\Program Files\Macrogaming\SweetIM\mgAIMMessengerAdapter.dll
C:\Program Files\Macrogaming\SweetIM\mgArchive.dll
C:\Program Files\Macrogaming\SweetIM\mgcommon.dll
C:\Program Files\Macrogaming\SweetIM\mgcommunication.dll
C:\Program Files\Macrogaming\SweetIM\mgconfig.dll
C:\Program Files\Macrogaming\SweetIM\mgFlashPlayer.dll
C:\Program Files\Macrogaming\SweetIM\mghooking.dll
C:\Program Files\Macrogaming\SweetIM\mgIEPlayer.dll
C:\Program Files\Macrogaming\SweetIM\mglogger.dll
C:\Program Files\Macrogaming\SweetIM\mgMediaPlayer.dll
C:\Program Files\Macrogaming\SweetIM\mgMsnAuto.dll
C:\Program Files\Macrogaming\SweetIM\mgMsnMessengerAdapter.dll
C:\Program Files\Macrogaming\SweetIM\mgSweetIM.dll
C:\Program Files\Macrogaming\SweetIM\mgUpdateSupport.dll
C:\Program Files\Macrogaming\SweetIM\mgxml_wrapper.dll
C:\Program Files\Macrogaming\SweetIM\mgYahooAuto.dll
C:\Program Files\Macrogaming\SweetIM\mgYahooMessengerAdapter.dll
C:\Program Files\Macrogaming\SweetIM\msvcp71.dll
C:\Program Files\Macrogaming\SweetIM\msvcr71.dll
C:\Program Files\Macrogaming\SweetIM\resources\images\AudibleButton.png
C:\Program Files\Macrogaming\SweetIM\resources\images\DisplayPicturesButton.png
C:\Program Files\Macrogaming\SweetIM\resources\images\EmoticonButton.png
C:\Program Files\Macrogaming\SweetIM\resources\images\NudgeButton.png
C:\Program Files\Macrogaming\SweetIM\resources\images\SoundFxButton.png
C:\Program Files\Macrogaming\SweetIM\resources\images\WinksButton.png
C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
C:\Program Files\Macrogaming\SweetIMBarForIE\affid.dat
C:\Program Files\Macrogaming\SweetIMBarForIE\basis.xml
C:\Program Files\Macrogaming\SweetIMBarForIE\Bookmarks_23x18.bmp
C:\Program Files\Macrogaming\SweetIMBarForIE\Cache\cd2005c66fba47ff715ecc444d3bc1fb.xml
C:\Program Files\Macrogaming\SweetIMBarForIE\Email_23x18.bmp
C:\Program Files\Macrogaming\SweetIMBarForIE\Games_23x18.bmp
C:\Program Files\Macrogaming\SweetIMBarForIE\Greetingcards_23x18.bmp
C:\Program Files\Macrogaming\SweetIMBarForIE\Mobile_23x18.bmp
C:\Program Files\Macrogaming\SweetIMBarForIE\Music_23x18.bmp
C:\Program Files\Macrogaming\SweetIMBarForIE\News_23x18.bmp
C:\Program Files\Macrogaming\SweetIMBarForIE\Shoping_23x18.bmp
C:\Program Files\Macrogaming\SweetIMBarForIE\SmileySmile.bmp
C:\Program Files\Macrogaming\SweetIMBarForIE\SmileyWink.bmp
C:\Program Files\Macrogaming\SweetIMBarForIE\sweetimicons.bmp
C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.crc
C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.xml
C:\Program Files\Macrogaming\SweetIMBarForIE\version.txt
C:\Program Files\Search Settings
C:\Program Files\Search Settings\kb125\res\ErrorPageTemplate.css
C:\Program Files\Search Settings\kb125\res\help.gif
C:\Program Files\Search Settings\kb125\res\tab_icon.png
C:\Program Files\Search Settings\kb125\res\tabdata.js
C:\Program Files\Search Settings\kb125\res\tablib.js
C:\Program Files\Search Settings\kb125\res\tabwelcome_en.html
C:\Program Files\Search Settings\kb125\res\toolbar_background.gif
C:\Program Files\Search Settings\kb125\res\yahoo_search.gif
C:\Program Files\Search Settings\kb125\SearchSettings.dll
C:\Program Files\Search Settings\SearchSettings.exe
.
((((((((((((((((((((((((((((( Fichiers créés 2008-02-13 to 2008-03-13 ))))))))))))))))))))))))))))))))))))
.
2008-03-12 10:16 . 2008-03-12 10:16 <REP> d-------- C:\Program Files\Trend Micro
2008-03-08 17:53 . 2008-03-08 17:53 664 --a------ C:\WINDOWS\system32\d3d9caps.dat
2008-03-01 13:38 . 2008-03-01 13:46 <REP> d-------- C:\Program Files\NCH Software
2008-03-01 13:38 . 2008-03-01 13:40 <REP> d-------- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
2008-03-01 13:38 . 2008-03-01 13:38 <REP> d-------- C:\Documents and Settings\All Users\Application Data\NCH Software
2008-03-01 13:37 . 2008-03-01 13:47 <REP> d-------- C:\Program Files\NCH Swift Sound
2008-03-01 13:37 . 2008-03-01 13:47 <REP> d-------- C:\Documents and Settings\dominique\Application Data\NCH Swift Sound
2008-03-01 12:24 . 2008-03-01 12:24 <REP> d-------- C:\WINDOWS\system32\windows media
2008-03-01 12:24 . 2008-03-01 12:24 <REP> d--h----- C:\WINDOWS\msdownld.tmp
2008-03-01 12:24 . 2008-03-01 12:24 <REP> d-------- C:\Program Files\Windows Media Components
2008-03-01 12:21 . 2008-03-01 12:21 <REP> d-------- C:\Program Files\NRJ
2008-02-26 17:35 . 2008-03-01 16:53 <REP> d-------- C:\Documents and Settings\dominique\Application Data\gtk-2.0
2008-02-26 17:34 . 2008-02-26 17:35 <REP> d-------- C:\Documents and Settings\dominique\.thumbnails
2008-02-26 17:25 . 2008-02-26 17:28 <REP> d-------- C:\Program Files\Gimp Pack Mode
2008-02-26 17:25 . 2008-03-01 16:55 <REP> d-------- C:\Documents and Settings\dominique\.gimp-2.4
2008-02-22 19:38 . 2008-02-22 20:09 <REP> d-------- C:\Program Files\denouvel
2008-02-22 19:38 . 2008-02-22 20:09 796,672 --a------ C:\WINDOWS\GPInstall.exe
2008-02-22 19:38 . 2000-09-29 18:00 8,784 --a------ C:\WINDOWS\F_France.gpl
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-03-13 16:04 --------- d-----w C:\Program Files\eMule
2008-03-13 15:38 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-03-13 02:03 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-03-10 14:31 --------- d-----w C:\Program Files\Fichiers communs\Adobe
2008-02-05 18:25 --------- d-----w C:\Program Files\Incredijeux
2008-02-04 16:16 --------- d-----w C:\Program Files\Google
2008-01-28 10:41 --------- d-----w C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-01-27 19:36 --------- d-----w C:\Documents and Settings\dominique\Application Data\DivX
2008-01-20 08:10 --------- d-----w C:\Documents and Settings\All Users\Application Data\MumboJumbo
.
------- Sigcheck -------
2007-06-13 14:22 979456 80a5400514eb32d393654768c4017e46 C:\WINDOWS\explorer.exe
2007-06-13 14:10 1037312 b795475444d6d57a572c14b9e1a29839 C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
2004-08-10 21:00 1036288 4c33e5b9a6197b6ed215f6cfba0a2daa C:\WINDOWS\$NtUninstallKB938828$\explorer.exe
2007-06-13 14:22 979456 80a5400514eb32d393654768c4017e46 C:\WINDOWS\system32\dllcache\explorer.exe
.
((((((((((((((((((((((((((((( snapshot@2008-03-13_14.40.41,25 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-03-13 16:02:42 16,384 ----atw C:\WINDOWS\temp\Perflib_Perfdata_680.dat
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-10 21:00 15360]
"IncrediMail"="C:\Program Files\IncrediMail\bin\IncMail.exe" [2007-12-04 18:01 214456]
"LDM"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2007-08-29 21:34 32768]
"Creative Live! Cam Manager"="C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe" [2006-05-31 15:00 143360]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-11-09 21:49 5724184]
"MediaDico"="C:\Program Files\Micro Application\12 DICOS Indispensables\LanceMediaDICO12.exe" [2002-12-24 14:31 253952]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 18:03 152872]
"E06FDXRC_195450765"="C:\Program Files\Microsoft Encarta\Collection Microsoft Encarta 2006\EDICT.exe" [2005-06-04 17:03 301776]
"eMuleAutoStart"="C:\Program Files\eMule\emule.exe" [2007-05-13 15:57 5308416]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-07-11 23:19 7626752]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 14:00 79224]
"NeroFilterCheck"="C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe" [2007-03-01 14:57 153136]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-10 21:00 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"= C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"= C:\WINDOWS\Resources\Themes\Royale.theme
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\IncrediMail\\bin\\ImApp.exe"=
"C:\\Program Files\\IncrediMail\\bin\\IncMail.exe"=
"C:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"=
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"C:\\Program Files\\eMule\\emule.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\WINDOWS\\system32\\dpvsetup.exe"=
"C:\\WINDOWS\\system32\\rundll32.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Fichiers communs\\Ahead\\Nero Web\\SetupX.exe"=
"C:\\Program Files\\IncrediMail\\bin\\IncrediMail_Install.exe"=
"C:\\Program Files\\Azureus\\Azureus.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
R3 V0220Dev;Live! Cam Video IM;C:\WINDOWS\system32\DRIVERS\V0220Dev.sys [2006-06-29 06:58]
R3 V0220Vfx;V0220VFX;C:\WINDOWS\system32\DRIVERS\V0220Vfx.sys [2006-06-08 09:00]
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;C:\MAGIX\Common\Database\bin\fbserver.exe [2005-11-17 14:18]
S3 int15.sys;int15.sys;C:\Acer\Empowering Technology\eRecovery\int15.sys [2005-01-13 13:46]
S3 psdfilter;psdfilter;C:\WINDOWS\system32\Drivers\psdfilter.sys [2006-04-07 19:17]
S3 psdvdisk;psdvdisk;C:\WINDOWS\system32\Drivers\psdvdisk.sys [2006-03-08 16:10]
S3 ZD1211BU(ZyDAS);ZyDAS ZD1211B IEEE 802.11 b+g Wireless LAN Driver (USB)(ZyDAS);C:\WINDOWS\system32\DRIVERS\zd1211Bu.sys [2005-10-28 10:38]
.
**************************************************************************
catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-13 17:03:19
Windows 5.1.2600 Service Pack 2 NTFS
Balayage processus cachés ...
Balayage caché autostart entries ...
Balayage des fichiers cachés ...
Scan terminé avec succès
Les fichiers cachés: 0
**************************************************************************
.
--------------------- DLLs a chargé sous des processus courants ---------------------
PROCESS: C:\WINDOWS\explorer.exe [6.00.2900.3156]
-> C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.dll
-> C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon.dll
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\ehome\mcrdsvc.exe
C:\Program Files\Micro Application\12 DICOS Indispensables\MediaDICO12.EXE
C:\Program Files\Micro Application\12 DICOS Indispensables\Rac12.EXE
C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe
C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
C:\PROGRA~1\INCRED~1\bin\IMApp.exe
C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\system32\wscntfy.exe
.
**************************************************************************
.
Temps d'accomplissement: 2008-03-13 17:07:27 - machine was rebooted [dominique]
ComboFix-quarantined-files.txt 2008-03-13 16:07:25
ComboFix2.txt 2008-03-13 13:41:26
.
2008-03-13 02:03:03 --- E O F ---
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:09:02, on 13/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Microsoft Encarta\Collection Microsoft Encarta 2006\EDICT.EXE
C:\Program Files\Micro Application\12 DICOS Indispensables\MediaDICO12.EXE
C:\Program Files\Micro Application\12 DICOS Indispensables\Rac12.EXE
C:\Program Files\eMule\emule.exe
C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe
C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
C:\PROGRA~1\INCRED~1\bin\IMApp.exe
C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://neufportail.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll (file missing)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [Creative Live! Cam Manager] "C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MediaDico] C:\Program Files\Micro Application\12 DICOS Indispensables\LanceMediaDICO12.exe Lancement
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [E06FDXRC_195450765] "C:\Program Files\Microsoft Encarta\Collection Microsoft Encarta 2006\EDICT.EXE" -m
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Startup: TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
O4 - Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
O4 - Global Startup: Acer Empowering Technology.lnk = ?
O4 - Global Startup: Acer WLAN 11g USB Dongle.lnk = C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\Program Files\IncrediMail\bin\resources\WebMenuImg.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Europa Casino - {4C826F10-D34B-4ba8-B609-1FB8C6482A05} - C:\Casino\Europa Casino\casino.exe
O9 - Extra 'Tools' menuitem: Europa Casino - {4C826F10-D34B-4ba8-B609-1FB8C6482A05} - C:\Casino\Europa Casino\casino.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {BD8667B7-38D8-4C77-B580-18C3E146372C} (Creative Toolbox Plug-in) - http://bmm.imgag.com/imgag/cp/install/crusher-fr.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://ww25.incredijeux.com/online/online2/chuzzle/popcaploader_v6.cab
O16 - DPF: {E1342154-4889-42B5-BEF6-19237577048F} (OberongamesLoader Object) - http://ww1.incredijeux.com
O18 - Protocol: bw+0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\MAGIX\Common\Database\bin\fbserver.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
ok domino,
fais ceci maintenant :
regarde ce tutorial pour mettre ta console java a jour :
https://www.malekal.com/maintenir-java-adobe-reader-et-le-player-flash-a-jour/
puis
ta version de acrobat reader n´est pas a jour, tu veux la version 8.1 derniere en date alors desinstale ta version par le panneau de configuration / ajoue et suppression de programme
et instale la derniere :
https://get2.adobe.com/reader/otherversions/
ou oublie completement acrobat reader et instales foxit plus léger a la place:
https://www.clubic.com/telecharger-fiche13808-foxit-reader.html
pourquoi ne pas surfer avec firefox? = plus sur, tout en gardant ie 7.0 pour les mises a jour windows car impossible a effectuer sous firefox
http://www.mozilla-europe.org/fr/
plugins :
https://www.hugedomains.com/domain_profile.cfm?d=geckozone&e=org
un bonus :
spywareblaster :
http://www.brightfort.com/spywareblaster.html
c´est un resident, il suffit de le mettre a jour de temps en temps car la version gratuite ne le fait pas toute seul , une fois installé et mis a jour tu mets toutes les protections sur "enable"
tuto : http://forum.telecharger.01net.com/forum/high-tech/PRODUITS/Questions-techniques/question-spywareblaser-sujet_174747_1.htm
puis
instales un par feu :
par feu : kerio
telechargement : http://sd-1.archive-host.com/membres/up/1366464061/kerio-kpf-422-911-win.rar
tuto :
http://www.malekal.com/kerio_firewall.php#mozTocId721480
https://www.vulgarisation-informatique.com/kerio.php
https://kerio.probb.fr/f2-sunbelt-kerio-personal-firewall
Comodo 3 pro :
http://www.commentcamarche.net/telecharger/telecharger 34055041 comodo firewall pro
Online armor :
http://www.commentcamarche.net/telecharger/telecharger 34055356 online armor personal firewall
tuto : https://forum.pcastuces.com/sujet.asp?f=25&s=35606
ou zone alarm plus facil a configurer mais moins performant
https://www.malekal.com/tutoriel-zonealarm-firewall/
puis pour finir :
regarde ceci concernant avast :
antivir vs avast :
-> http://forum.malekal.com/ftopic3528.php
alors je te conseille de le desinstaller et d´installer antivir a la place
Telecharge et instales l'antivirus Antivir Personal Edition Classic :
->https://www.malekal.com/avira-free-security-antivirus-gratuit/
https://www.avira.com/en/prime
http://mickael.barroux.free.fr/securite/antivir.php
http://speedweb1.free.fr/frames2.php?page=tuto5
<- tutoriel configuration du scanner...
une fois antivir ouvert click surconfiguration et coche la case "expert mode" puis sur l´onglet scanner dans la fenetre du dessous tu va voir : rootkit search click sur le petit + pour deployer et coche la case a coté de ton disk dur
puis click sur configuration en haut a droite; dans la nouvelle fenetre a gauche >scanner > coche "scan all files" et en dessous >scanner priority = High
coche : allow stopping the scanner, comme cela tu peux faire une pause pendant le scan si tu le desir.
puis sur la droite coche les case suivantes :
scan boot sectors of selected drives
scan master boot sectors
scan memory
search foe rootkit before scan
decoche :
ignore off line files
toujours a gauche > scan > deploie > heuristique > macrovirus heuristic = coché et en dessous > win32 heuristic la case coché et high detection level
Je te dis tous ca car j´aimerais que tu performes un scan entier de ta machine a l´aide d´antivir avec les reglages stipulés ci dessus et que tu post le rapport généré ici stp
si jamais pour une raison ou une autre tu ne voulais pas remplacer avast par antivir ( ce qui serait bete ) performes un scan en ligne ici :
Scan en ligne bitdefender :
https://www.bitdefender.com/toolbox/
Clicker sur " I agree " et suivre les indications
A faire imperativement sous internet explorer, en acceptant l´activ x
tutoriel en image en image
http://pageperso.aol.fr/rginformatique/mapage/defender.htm
ou
Fais un scan en ligne Kaspersky avec Internet Explorer :
https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
-> Click sur Démarrer Online-Scanner
-> Click maintenant sur J'accepte.
-> Valide l'installation d'un ou de plusieurs ActiveX si c'est nécessaire.
-> Patiente pendant l'installation des Mises à jour.
-> Choisis par la suite l'analyse du Poste de travail.
-> Sauvegarde puis colle le rapport généré en fin d'analyse.
@+
fais ceci maintenant :
regarde ce tutorial pour mettre ta console java a jour :
https://www.malekal.com/maintenir-java-adobe-reader-et-le-player-flash-a-jour/
puis
ta version de acrobat reader n´est pas a jour, tu veux la version 8.1 derniere en date alors desinstale ta version par le panneau de configuration / ajoue et suppression de programme
et instale la derniere :
https://get2.adobe.com/reader/otherversions/
ou oublie completement acrobat reader et instales foxit plus léger a la place:
https://www.clubic.com/telecharger-fiche13808-foxit-reader.html
pourquoi ne pas surfer avec firefox? = plus sur, tout en gardant ie 7.0 pour les mises a jour windows car impossible a effectuer sous firefox
http://www.mozilla-europe.org/fr/
plugins :
https://www.hugedomains.com/domain_profile.cfm?d=geckozone&e=org
un bonus :
spywareblaster :
http://www.brightfort.com/spywareblaster.html
c´est un resident, il suffit de le mettre a jour de temps en temps car la version gratuite ne le fait pas toute seul , une fois installé et mis a jour tu mets toutes les protections sur "enable"
tuto : http://forum.telecharger.01net.com/forum/high-tech/PRODUITS/Questions-techniques/question-spywareblaser-sujet_174747_1.htm
puis
instales un par feu :
par feu : kerio
telechargement : http://sd-1.archive-host.com/membres/up/1366464061/kerio-kpf-422-911-win.rar
tuto :
http://www.malekal.com/kerio_firewall.php#mozTocId721480
https://www.vulgarisation-informatique.com/kerio.php
https://kerio.probb.fr/f2-sunbelt-kerio-personal-firewall
Comodo 3 pro :
http://www.commentcamarche.net/telecharger/telecharger 34055041 comodo firewall pro
Online armor :
http://www.commentcamarche.net/telecharger/telecharger 34055356 online armor personal firewall
tuto : https://forum.pcastuces.com/sujet.asp?f=25&s=35606
ou zone alarm plus facil a configurer mais moins performant
https://www.malekal.com/tutoriel-zonealarm-firewall/
puis pour finir :
regarde ceci concernant avast :
antivir vs avast :
-> http://forum.malekal.com/ftopic3528.php
alors je te conseille de le desinstaller et d´installer antivir a la place
Telecharge et instales l'antivirus Antivir Personal Edition Classic :
->https://www.malekal.com/avira-free-security-antivirus-gratuit/
https://www.avira.com/en/prime
http://mickael.barroux.free.fr/securite/antivir.php
http://speedweb1.free.fr/frames2.php?page=tuto5
<- tutoriel configuration du scanner...
une fois antivir ouvert click surconfiguration et coche la case "expert mode" puis sur l´onglet scanner dans la fenetre du dessous tu va voir : rootkit search click sur le petit + pour deployer et coche la case a coté de ton disk dur
puis click sur configuration en haut a droite; dans la nouvelle fenetre a gauche >scanner > coche "scan all files" et en dessous >scanner priority = High
coche : allow stopping the scanner, comme cela tu peux faire une pause pendant le scan si tu le desir.
puis sur la droite coche les case suivantes :
scan boot sectors of selected drives
scan master boot sectors
scan memory
search foe rootkit before scan
decoche :
ignore off line files
toujours a gauche > scan > deploie > heuristique > macrovirus heuristic = coché et en dessous > win32 heuristic la case coché et high detection level
Je te dis tous ca car j´aimerais que tu performes un scan entier de ta machine a l´aide d´antivir avec les reglages stipulés ci dessus et que tu post le rapport généré ici stp
si jamais pour une raison ou une autre tu ne voulais pas remplacer avast par antivir ( ce qui serait bete ) performes un scan en ligne ici :
Scan en ligne bitdefender :
https://www.bitdefender.com/toolbox/
Clicker sur " I agree " et suivre les indications
A faire imperativement sous internet explorer, en acceptant l´activ x
tutoriel en image en image
http://pageperso.aol.fr/rginformatique/mapage/defender.htm
ou
Fais un scan en ligne Kaspersky avec Internet Explorer :
https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
-> Click sur Démarrer Online-Scanner
-> Click maintenant sur J'accepte.
-> Valide l'installation d'un ou de plusieurs ActiveX si c'est nécessaire.
-> Patiente pendant l'installation des Mises à jour.
-> Choisis par la suite l'analyse du Poste de travail.
-> Sauvegarde puis colle le rapport généré en fin d'analyse.
@+
ok tres bien ;-)
oui il y avait .
sweet im > saloperie
search settings > saloperie
on va voire ce que antivir va trouver ?!
@+
oui il y avait .
sweet im > saloperie
search settings > saloperie
on va voire ce que antivir va trouver ?!
@+
salut g!rly. j'ai donc mis a jour JAVA comme tu me l'avait demandé.En ce qui conserne acrobat reader , apparament j'ai la version 8.1.2.je n'y ai donc pas touché.Ensuite j'ai désinstallé avast au profit de antivir.et là surprises!!! il a detecter 9 trojans. je les ai alors mis en quarantaine.ci joint le rapport :
AntiVir PersonalEdition Classic
Report file date: vendredi 14 mars 2008 15:30
Scanning for 1147416 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Username: SYSTEM
Computer name: ACER-7989E0343A
Version information:
BUILD.DAT : 270 15603 Bytes 19/09/2007 13:32:00
AVSCAN.EXE : 7.0.6.1 290856 Bytes 23/08/2007 13:16:29
AVSCAN.DLL : 7.0.6.0 49192 Bytes 16/08/2007 12:23:51
LUKE.DLL : 7.0.5.3 147496 Bytes 14/08/2007 15:32:47
LUKERES.DLL : 7.0.6.1 10280 Bytes 21/08/2007 12:35:20
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 14:27:15
ANTIVIR1.VDF : 7.0.3.2 5447168 Bytes 07/03/2008 14:15:41
ANTIVIR2.VDF : 7.0.3.3 2048 Bytes 07/03/2008 14:15:41
ANTIVIR3.VDF : 7.0.3.30 154112 Bytes 14/03/2008 14:15:41
AVEWIN32.DLL : 7.6.0.73 3334656 Bytes 14/03/2008 14:15:41
AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 10:36:26
AVPREF.DLL : 7.0.2.2 25640 Bytes 18/07/2007 07:39:17
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:16:24
AVPACK32.DLL : 7.6.0.3 360488 Bytes 14/03/2008 14:15:42
AVREG.DLL : 7.0.1.6 30760 Bytes 18/07/2007 07:17:06
AVARKT.DLL : 1.0.0.20 278568 Bytes 28/08/2007 12:26:33
AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 18/07/2007 07:10:18
NETNT.DLL : 7.0.0.0 7720 Bytes 08/03/2007 11:09:42
RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 07/08/2007 12:38:13
RCTEXT.DLL : 7.0.62.0 86056 Bytes 21/08/2007 12:50:37
SQLITE3.DLL : 3.3.17.1 339968 Bytes 23/07/2007 09:37:21
Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: D:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: on
Scan all files...................: All files
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: high
Start of the scan: vendredi 14 mars 2008 15:30
Starting search for hidden objects.
'54266' objects were checked, '0' hidden objects were found.
The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'usnsvc.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'NMIndexStoreSvr.exe' - '1' Module(s) have been scanned
Scan process 'dllhost.exe' - '1' Module(s) have been scanned
Scan process 'NMIndexingService.exe' - '1' Module(s) have been scanned
Scan process 'KHALMNPR.EXE' - '1' Module(s) have been scanned
Scan process 'mcrdsvc.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'ImApp.exe' - '1' Module(s) have been scanned
Scan process 'RAC12.exe' - '1' Module(s) have been scanned
Scan process 'nvsvc32.exe' - '1' Module(s) have been scanned
Scan process 'MediaDico12.exe' - '1' Module(s) have been scanned
Scan process 'YzShadow.exe' - '1' Module(s) have been scanned
Scan process 'UberIcon Manager.exe' - '1' Module(s) have been scanned
Scan process 'RocketDock.exe' - '1' Module(s) have been scanned
Scan process 'SetPoint.exe' - '1' Module(s) have been scanned
Scan process 'LSSrvc.exe' - '1' Module(s) have been scanned
Scan process 'ehSched.exe' - '1' Module(s) have been scanned
Scan process 'ZDWlan.exe' - '1' Module(s) have been scanned
Scan process 'Acer.Empowering.Framework.Launcher.exe' - '1' Module(s) have been scanned
Scan process 'ehrecvr.exe' - '1' Module(s) have been scanned
Scan process 'emule.exe' - '1' Module(s) have been scanned
Scan process 'EDICT.EXE' - '1' Module(s) have been scanned
Scan process 'NMBgMonitor.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned
Scan process 'CTLCMgr.exe' - '1' Module(s) have been scanned
Scan process 'LogitechDesktopMessenger.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'MemCheck.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'aawservice.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
51 processes with 51 modules were scanned
Starting master boot sector scan:
Master boot sector HD0
[NOTE] No virus was found!
Master boot sector HD1
[NOTE] No virus was found!
[WARNING] The boot sector file could not be read!
[WARNING] Error code: 0x0015
Master boot sector HD2
[NOTE] No virus was found!
[WARNING] The boot sector file could not be read!
[WARNING] Error code: 0x0015
Master boot sector HD3
[NOTE] No virus was found!
[WARNING] The boot sector file could not be read!
[WARNING] Error code: 0x0015
Master boot sector HD4
[NOTE] No virus was found!
[WARNING] The boot sector file could not be read!
[WARNING] Error code: 0x0015
Master boot sector HD5
[NOTE] No virus was found!
[WARNING] The boot sector file could not be read!
[WARNING] Error code: 0x0015
Start scanning boot sectors:
Boot sector 'C:\'
[NOTE] No virus was found!
Boot sector 'D:\'
[NOTE] No virus was found!
Starting to scan the registry.
The registry was scanned ( '26' files ).
Starting the file scan:
Begin scan in 'C:\' <ACER>
C:\hiberfil.sys
[WARNING] The file could not be opened!
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\Documents and Settings\dominique\Mes documents\MSNFix\08032008_16335389.zip
[0] Archive type: ZIP
--> backup/DSC01497.zip
[1] Archive type: ZIP
--> img091307-www.photoshop.com
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
--> backup/spoolms.exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
[INFO] The file was moved to '480a8ded.qua'!
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP291\A0039947.exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
[INFO] The file was moved to '480a94ea.qua'!
C:\WINDOWS\system32\clfdmhv.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[INFO] The file was moved to '484096bc.qua'!
C:\WINDOWS\system32\hjscfiod.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[INFO] The file was moved to '484d96cd.qua'!
C:\WINDOWS\system32\jhiuujl.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[INFO] The file was moved to '484396d5.qua'!
C:\WINDOWS\system32\jhvkcgd.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[INFO] The file was moved to '485096d8.qua'!
C:\WINDOWS\system32\vavgcvf.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[INFO] The file was moved to '485096ee.qua'!
C:\WINDOWS\system32\xcuzondfld.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[INFO] The file was moved to '484f96fb.qua'!
Begin scan in 'D:\' <ACERDATA>
End of the scan: vendredi 14 mars 2008 16:17
Used time: 46:59 min
The scan has been done completely.
7962 Scanning directories
301576 Files were scanned
9 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
8 files were moved to quarantine
0 files were renamed
2 Files cannot be scanned
301567 Files not concerned
9178 Archives were scanned
2 Warnings
0 Notes
54266 Objects were scanned with rootkit scan
0 Hidden objects were found
il me faudra les supprimer de la quarantaine ?
AntiVir PersonalEdition Classic
Report file date: vendredi 14 mars 2008 15:30
Scanning for 1147416 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Username: SYSTEM
Computer name: ACER-7989E0343A
Version information:
BUILD.DAT : 270 15603 Bytes 19/09/2007 13:32:00
AVSCAN.EXE : 7.0.6.1 290856 Bytes 23/08/2007 13:16:29
AVSCAN.DLL : 7.0.6.0 49192 Bytes 16/08/2007 12:23:51
LUKE.DLL : 7.0.5.3 147496 Bytes 14/08/2007 15:32:47
LUKERES.DLL : 7.0.6.1 10280 Bytes 21/08/2007 12:35:20
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 14:27:15
ANTIVIR1.VDF : 7.0.3.2 5447168 Bytes 07/03/2008 14:15:41
ANTIVIR2.VDF : 7.0.3.3 2048 Bytes 07/03/2008 14:15:41
ANTIVIR3.VDF : 7.0.3.30 154112 Bytes 14/03/2008 14:15:41
AVEWIN32.DLL : 7.6.0.73 3334656 Bytes 14/03/2008 14:15:41
AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 10:36:26
AVPREF.DLL : 7.0.2.2 25640 Bytes 18/07/2007 07:39:17
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:16:24
AVPACK32.DLL : 7.6.0.3 360488 Bytes 14/03/2008 14:15:42
AVREG.DLL : 7.0.1.6 30760 Bytes 18/07/2007 07:17:06
AVARKT.DLL : 1.0.0.20 278568 Bytes 28/08/2007 12:26:33
AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 18/07/2007 07:10:18
NETNT.DLL : 7.0.0.0 7720 Bytes 08/03/2007 11:09:42
RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 07/08/2007 12:38:13
RCTEXT.DLL : 7.0.62.0 86056 Bytes 21/08/2007 12:50:37
SQLITE3.DLL : 3.3.17.1 339968 Bytes 23/07/2007 09:37:21
Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: D:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: on
Scan all files...................: All files
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: high
Start of the scan: vendredi 14 mars 2008 15:30
Starting search for hidden objects.
'54266' objects were checked, '0' hidden objects were found.
The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'usnsvc.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'NMIndexStoreSvr.exe' - '1' Module(s) have been scanned
Scan process 'dllhost.exe' - '1' Module(s) have been scanned
Scan process 'NMIndexingService.exe' - '1' Module(s) have been scanned
Scan process 'KHALMNPR.EXE' - '1' Module(s) have been scanned
Scan process 'mcrdsvc.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'ImApp.exe' - '1' Module(s) have been scanned
Scan process 'RAC12.exe' - '1' Module(s) have been scanned
Scan process 'nvsvc32.exe' - '1' Module(s) have been scanned
Scan process 'MediaDico12.exe' - '1' Module(s) have been scanned
Scan process 'YzShadow.exe' - '1' Module(s) have been scanned
Scan process 'UberIcon Manager.exe' - '1' Module(s) have been scanned
Scan process 'RocketDock.exe' - '1' Module(s) have been scanned
Scan process 'SetPoint.exe' - '1' Module(s) have been scanned
Scan process 'LSSrvc.exe' - '1' Module(s) have been scanned
Scan process 'ehSched.exe' - '1' Module(s) have been scanned
Scan process 'ZDWlan.exe' - '1' Module(s) have been scanned
Scan process 'Acer.Empowering.Framework.Launcher.exe' - '1' Module(s) have been scanned
Scan process 'ehrecvr.exe' - '1' Module(s) have been scanned
Scan process 'emule.exe' - '1' Module(s) have been scanned
Scan process 'EDICT.EXE' - '1' Module(s) have been scanned
Scan process 'NMBgMonitor.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned
Scan process 'CTLCMgr.exe' - '1' Module(s) have been scanned
Scan process 'LogitechDesktopMessenger.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'MemCheck.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'aawservice.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
51 processes with 51 modules were scanned
Starting master boot sector scan:
Master boot sector HD0
[NOTE] No virus was found!
Master boot sector HD1
[NOTE] No virus was found!
[WARNING] The boot sector file could not be read!
[WARNING] Error code: 0x0015
Master boot sector HD2
[NOTE] No virus was found!
[WARNING] The boot sector file could not be read!
[WARNING] Error code: 0x0015
Master boot sector HD3
[NOTE] No virus was found!
[WARNING] The boot sector file could not be read!
[WARNING] Error code: 0x0015
Master boot sector HD4
[NOTE] No virus was found!
[WARNING] The boot sector file could not be read!
[WARNING] Error code: 0x0015
Master boot sector HD5
[NOTE] No virus was found!
[WARNING] The boot sector file could not be read!
[WARNING] Error code: 0x0015
Start scanning boot sectors:
Boot sector 'C:\'
[NOTE] No virus was found!
Boot sector 'D:\'
[NOTE] No virus was found!
Starting to scan the registry.
The registry was scanned ( '26' files ).
Starting the file scan:
Begin scan in 'C:\' <ACER>
C:\hiberfil.sys
[WARNING] The file could not be opened!
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\Documents and Settings\dominique\Mes documents\MSNFix\08032008_16335389.zip
[0] Archive type: ZIP
--> backup/DSC01497.zip
[1] Archive type: ZIP
--> img091307-www.photoshop.com
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
--> backup/spoolms.exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
[INFO] The file was moved to '480a8ded.qua'!
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP291\A0039947.exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
[INFO] The file was moved to '480a94ea.qua'!
C:\WINDOWS\system32\clfdmhv.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[INFO] The file was moved to '484096bc.qua'!
C:\WINDOWS\system32\hjscfiod.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[INFO] The file was moved to '484d96cd.qua'!
C:\WINDOWS\system32\jhiuujl.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[INFO] The file was moved to '484396d5.qua'!
C:\WINDOWS\system32\jhvkcgd.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[INFO] The file was moved to '485096d8.qua'!
C:\WINDOWS\system32\vavgcvf.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[INFO] The file was moved to '485096ee.qua'!
C:\WINDOWS\system32\xcuzondfld.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[INFO] The file was moved to '484f96fb.qua'!
Begin scan in 'D:\' <ACERDATA>
End of the scan: vendredi 14 mars 2008 16:17
Used time: 46:59 min
The scan has been done completely.
7962 Scanning directories
301576 Files were scanned
9 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
8 files were moved to quarantine
0 files were renamed
2 Files cannot be scanned
301567 Files not concerned
9178 Archives were scanned
2 Warnings
0 Notes
54266 Objects were scanned with rootkit scan
0 Hidden objects were found
il me faudra les supprimer de la quarantaine ?
salut domino2509,
oui effectivement antivir a debusqué pas mal de saloperies, tu ne dois pas etre mecontant d´avoir troqué avast a son profit ;-)
supprime ce fichier :
C:\WINDOWS\temp\Perflib_Perfdata_680.dat
au besoin :
Affiche tous les fichiers et dossiers :
Pour cela :
Clique sur démarrer/panneau de configuration/option des dossiers/affichage
Cocher afficher les dossiers cacher
Décoche la case "Masquer les fichiers protégés du système d'exploitation (recommandé)"
Décocher masquer les extensions dont le type est connu
Puis fais «Ok» pour valider les changements.
Et appliquer !
si tu n´arrives pas a le supprimer fais le en mode sans echec :
Comment redémarrer en mode sans echec?
Tu redemarre le pc et tapote la touche F8 des le début de l allumage sans t´arrêter.
Une fenêtre sur fond noir va s’ouvrir, tu te déplaces avec les flèches du clavier sur démarrer en mode sans échec puis tape entrée.
Une fois sur le bureau si il n y a pas toutes les couleurs et autres c´est normal!
Ps : si F8 ne marche pas utilise la touche F5.
puis passe cet outil :
-> Télécharge DiagHelp.zip sur ton bureau.
Tuto : http://www.malekal.com/DiagHelp/DiagHelp.php
-> Ne double-clic pas dessus !! Fais un clic droit sur le fichier et extraire tout
-> Un nouveau dossier chercher va être créé DiagHelp
-> Ouvre le et double-clic sur go.cmd (le .cmd peut ne pas apparaître)
-> Une fenêtre va s'ouvrir, choisis l'option 1
-> L'analyse va commencer, ceci peut durer quelques minutes, laisse faire et appuie sur une touche quand on te le demande.
ATTENTION : pendant l'analyse, après le rapport catchme, il te sera demandé d'appuyer sur une touche afin de poursuivre le scan, suis bien les instructions à l'écran !
-> A la fin de l'analyse, il peut-être (pas obligatoire) demandé de redemanderl'ordinateur... Une fois l'ordinateur redémarré le rapport va apparaître sur le bloc-note.. Ce dernier se trouve sur C:\resultat.txt
-> Copie/colle le contenu du bloc-note qui s'ouvre, pour cela :
-> Dans le bloc-note, cliquez sur le menu Edition / Selectionner tout
-> A nouveau menu Edition / copier
-> Dans un nouveau message ici, faire un clic droit / coller
@+
oui effectivement antivir a debusqué pas mal de saloperies, tu ne dois pas etre mecontant d´avoir troqué avast a son profit ;-)
supprime ce fichier :
C:\WINDOWS\temp\Perflib_Perfdata_680.dat
au besoin :
Affiche tous les fichiers et dossiers :
Pour cela :
Clique sur démarrer/panneau de configuration/option des dossiers/affichage
Cocher afficher les dossiers cacher
Décoche la case "Masquer les fichiers protégés du système d'exploitation (recommandé)"
Décocher masquer les extensions dont le type est connu
Puis fais «Ok» pour valider les changements.
Et appliquer !
si tu n´arrives pas a le supprimer fais le en mode sans echec :
Comment redémarrer en mode sans echec?
Tu redemarre le pc et tapote la touche F8 des le début de l allumage sans t´arrêter.
Une fenêtre sur fond noir va s’ouvrir, tu te déplaces avec les flèches du clavier sur démarrer en mode sans échec puis tape entrée.
Une fois sur le bureau si il n y a pas toutes les couleurs et autres c´est normal!
Ps : si F8 ne marche pas utilise la touche F5.
puis passe cet outil :
-> Télécharge DiagHelp.zip sur ton bureau.
Tuto : http://www.malekal.com/DiagHelp/DiagHelp.php
-> Ne double-clic pas dessus !! Fais un clic droit sur le fichier et extraire tout
-> Un nouveau dossier chercher va être créé DiagHelp
-> Ouvre le et double-clic sur go.cmd (le .cmd peut ne pas apparaître)
-> Une fenêtre va s'ouvrir, choisis l'option 1
-> L'analyse va commencer, ceci peut durer quelques minutes, laisse faire et appuie sur une touche quand on te le demande.
ATTENTION : pendant l'analyse, après le rapport catchme, il te sera demandé d'appuyer sur une touche afin de poursuivre le scan, suis bien les instructions à l'écran !
-> A la fin de l'analyse, il peut-être (pas obligatoire) demandé de redemanderl'ordinateur... Une fois l'ordinateur redémarré le rapport va apparaître sur le bloc-note.. Ce dernier se trouve sur C:\resultat.txt
-> Copie/colle le contenu du bloc-note qui s'ouvre, pour cela :
-> Dans le bloc-note, cliquez sur le menu Edition / Selectionner tout
-> A nouveau menu Edition / copier
-> Dans un nouveau message ici, faire un clic droit / coller
@+
salut g!rly. Cest sur qu'antivir a l'air nettement plus efficace....merci pour ton conseil.En ce qui concerne le fichier C\windows\temp\perflib_perfdata_680.dat ,je ne sais pas ce que c'était , mais j'ai pu le supprimer sans prob.J'espere que maintenant mon ordi est propre...lol.dorenavant je serais plus prudent.En tout cas je te remercie pour ton aide,tes explications etaient tres claires meme pour moi qui suis novice.Je ne te dit pas a bientot, ce serais pour de mauvaises raisons...@+
domino,
c´est pas fini :
-> Télécharge DiagHelp.zip sur ton bureau.
Tuto : http://www.malekal.com/DiagHelp/DiagHelp.php
-> Ne double-clic pas dessus !! Fais un clic droit sur le fichier et extraire tout
-> Un nouveau dossier chercher va être créé DiagHelp
-> Ouvre le et double-clic sur go.cmd (le .cmd peut ne pas apparaître)
-> Une fenêtre va s'ouvrir, choisis l'option 1
-> L'analyse va commencer, ceci peut durer quelques minutes, laisse faire et appuie sur une touche quand on te le demande.
ATTENTION : pendant l'analyse, après le rapport catchme, il te sera demandé d'appuyer sur une touche afin de poursuivre le scan, suis bien les instructions à l'écran !
-> A la fin de l'analyse, il peut-être (pas obligatoire) demandé de redemanderl'ordinateur... Une fois l'ordinateur redémarré le rapport va apparaître sur le bloc-note.. Ce dernier se trouve sur C:\resultat.txt
-> Copie/colle le contenu du bloc-note qui s'ouvre, pour cela :
-> Dans le bloc-note, cliquez sur le menu Edition / Selectionner tout
-> A nouveau menu Edition / copier
-> Dans un nouveau message ici, faire un clic droit / coller
@+
c´est pas fini :
-> Télécharge DiagHelp.zip sur ton bureau.
Tuto : http://www.malekal.com/DiagHelp/DiagHelp.php
-> Ne double-clic pas dessus !! Fais un clic droit sur le fichier et extraire tout
-> Un nouveau dossier chercher va être créé DiagHelp
-> Ouvre le et double-clic sur go.cmd (le .cmd peut ne pas apparaître)
-> Une fenêtre va s'ouvrir, choisis l'option 1
-> L'analyse va commencer, ceci peut durer quelques minutes, laisse faire et appuie sur une touche quand on te le demande.
ATTENTION : pendant l'analyse, après le rapport catchme, il te sera demandé d'appuyer sur une touche afin de poursuivre le scan, suis bien les instructions à l'écran !
-> A la fin de l'analyse, il peut-être (pas obligatoire) demandé de redemanderl'ordinateur... Une fois l'ordinateur redémarré le rapport va apparaître sur le bloc-note.. Ce dernier se trouve sur C:\resultat.txt
-> Copie/colle le contenu du bloc-note qui s'ouvre, pour cela :
-> Dans le bloc-note, cliquez sur le menu Edition / Selectionner tout
-> A nouveau menu Edition / copier
-> Dans un nouveau message ici, faire un clic droit / coller
@+
Ok.Jai terminer l'analyse avec diaghelp.Par contre il m'a été demandé de renvoyer un fichier (c:\upload-moi-ACER-7989EO343A.tar.gz)sur le site de malekal, et impossible.J'ai suivi les instructions à la lettre pour renvoyer ce fichier et le message est :"vous n'avez pas choisi de fichier".Voici le rapport diaghelp:DiagHelp version v1.4 - http://www.malekal.com
excute le 16/03/2008 à 9:45:26,81
Liste des derniers fichies modifies/crees dans windir\system32 et prefetch
C:\WINDOWS\prefetch\CHCP.COM-17EDBDC9.pf -->16/03/2008 09:44:40
C:\WINDOWS\prefetch\CMD.EXE-034B0549.pf -->16/03/2008 09:44:35
C:\WINDOWS\prefetch\WINRAR.EXE-0AA31BB9.pf -->16/03/2008 09:43:16
C:\WINDOWS\prefetch\VERCLSID.EXE-28F52AD2.pf -->16/03/2008 09:42:52
C:\WINDOWS\prefetch\E_FARNBVE.EXE-040EEB93.pf -->16/03/2008 09:40:44
C:\WINDOWS\prefetch\E_FAMTBVE.EXE-140B91EF.pf -->16/03/2008 09:40:44
C:\WINDOWS\prefetch\E_FPREBVE.EXE-1EC45BF5.pf -->16/03/2008 09:40:43
C:\WINDOWS\prefetch\RUNDLL32.EXE-6E8D4657.pf -->16/03/2008 09:39:54
C:\WINDOWS\prefetch\WLLOGINPROXY.EXE-090074F0.pf -->16/03/2008 09:39:08
C:\WINDOWS\prefetch\IEXPLORE.EXE-2D97EBE6.pf -->16/03/2008 09:39:00
C:\WINDOWS\System32\drivers\avipbb.sys -->14/03/2008 15:15:42
C:\WINDOWS\System32\drivers\fwdrv.err -->19/12/2007 20:27:01
C:\WINDOWS\System32\drivers\mrxdav.sys -->18/12/2007 10:51:35
C:\WINDOWS\System32\drivers\secdrv.sys -->13/11/2007 11:25:54
C:\WINDOWS\System32\drivers\tcpip.sys -->30/10/2007 18:20:55
C:\WINDOWS\System32\drivers\NSDriver.sys -->18/09/2007 22:33:46
C:\WINDOWS\System32\drivers\AWRTRD.sys -->18/09/2007 22:33:45
C:\WINDOWS\System32\nvapps.xml -->14/03/2008 15:18:05
C:\WINDOWS\System32\CONFIG.NT -->14/03/2008 15:10:44
C:\WINDOWS\System32\jupdate-1.6.0_05-b13.log -->14/03/2008 13:59:12
C:\WINDOWS\System32\d3d9caps.dat -->08/03/2008 17:53:10
C:\WINDOWS\System32\MRT.exe -->05/03/2008 17:30:54
C:\WINDOWS\System32\wpa.dbl -->03/03/2008 10:45:01
C:\WINDOWS\System32\javaws.exe -->22/02/2008 02:33:32
C:\WINDOWS\System32\javacpl.cpl -->22/02/2008 02:33:31
C:\WINDOWS\System32\javaw.exe -->22/02/2008 01:23:39
C:\WINDOWS\System32\java.exe -->22/02/2008 01:23:35
C:\WINDOWS\System32\lsdelete.exe -->28/01/2008 11:28:32
C:\WINDOWS\System32\pngfilt.dll -->11/01/2008 06:36:55
C:\WINDOWS\System32\FNTCACHE.DAT -->29/12/2007 15:13:22
C:\WINDOWS\System32\dxtmsft.dll -->19/12/2007 23:53:23
C:\WINDOWS\System32\TZLog.log -->13/12/2007 03:01:45
C:\WINDOWS\System32\dsm_fr.qm -->11/12/2007 20:46:04
C:\WINDOWS\System32\divxsm.tlb -->11/12/2007 20:46:04
C:\WINDOWS\System32\DivXsm.exe -->11/12/2007 20:46:04
C:\WINDOWS\System32\qt-dx331.dll -->11/12/2007 20:46:02
C:\WINDOWS\System32\ssldivx.dll -->11/12/2007 20:45:56
C:\WINDOWS\System32\libdivx.dll -->11/12/2007 20:45:56
C:\WINDOWS\System32\dtu100.dll.manifest -->11/12/2007 20:44:28
C:\WINDOWS\System32\dtu100.dll -->11/12/2007 20:44:28
C:\WINDOWS\System32\dpl100.dll.manifest -->11/12/2007 20:44:28
C:\WINDOWS\System32\dpl100.dll -->11/12/2007 20:44:28
C:\WINDOWS\wiadebug.log -->16/03/2008 09:41:34
C:\WINDOWS\WindowsUpdate.log -->16/03/2008 09:13:02
C:\WINDOWS\NeroDigital.ini -->15/03/2008 21:58:55
C:\WINDOWS\popcinfo.dat -->15/03/2008 14:19:54
C:\WINDOWS\0.log -->14/03/2008 15:18:59
C:\WINDOWS\wiaservc.log -->14/03/2008 15:18:36
C:\WINDOWS\bootstat.dat -->14/03/2008 15:17:37
C:\WINDOWS\SchedLgU.Txt -->14/03/2008 15:16:52
C:\WINDOWS\system.ini -->13/03/2008 17:03:04
C:\WINDOWS\setupact.log -->13/03/2008 15:22:49
C:\WINDOWS\msnfix.txt -->10/03/2008 17:14:00
C:\WINDOWS\ntbtlog.txt -->08/03/2008 17:44:08
C:\WINDOWS\setupapi.log -->06/03/2008 18:34:41
C:\WINDOWS\wmsetup.log -->01/03/2008 12:24:27
C:\WINDOWS\DirectX.log -->01/03/2008 12:22:12
winlogon.exe
Verified: Signed
svchost.exe
Verified: Signed
ws2_32.dll
Verified: Signed
user32.dll
Verified: Signed
tcpip.sys
Verified: Signed
ndis.sys
Verified: Signed
null.sys
Verified: Signed
ListDLLs v2.25 - DLL lister for Win9x/NT
Copyright (C) 1997-2004 Mark Russinovich
Sysinternals - www.sysinternals.com
------------------------------------------------------------------------------
explorer.exe pid: 1740
Command line: C:\WINDOWS\Explorer.EXE
Base Size Version Path
0x44080000 0xcf000 7.00.6000.16608 C:\WINDOWS\system32\WININET.dll
0x00440000 0x9000 6.00.5441.0000 C:\WINDOWS\system32\Normaliz.dll
0x43e00000 0x45000 7.00.6000.16608 C:\WINDOWS\system32\iertutil.dll
0x58b50000 0x9a000 5.82.2900.2982 C:\WINDOWS\system32\comctl32.dll
0x76f80000 0x7f000 2001.12.4414.0308 C:\WINDOWS\system32\CLBCATQ.DLL
0x77000000 0xd4000 2001.12.4414.0258 C:\WINDOWS\system32\COMRes.dll
0x76ac0000 0x11000 3.05.2284.0000 C:\WINDOWS\system32\ATL.DLL
0x44360000 0x5cd000 7.00.6000.16608 C:\WINDOWS\system32\ieframe.dll
0x442b0000 0x3c000 7.00.6000.16608 C:\WINDOWS\system32\webcheck.dll
0x44160000 0x127000 7.00.6000.16608 C:\WINDOWS\system32\urlmon.dll
0x164a0000 0x23000 5.02.5721.5145 C:\WINDOWS\system32\WPDShServiceObj.dll
0x109c0000 0x2c000 5.02.5721.5145 C:\WINDOWS\system32\PortableDeviceTypes.dll
0x10930000 0x49000 5.02.5721.5145 C:\WINDOWS\system32\PortableDeviceApi.dll
0x02320000 0x2be000 3.01.4000.4039 C:\WINDOWS\system32\msi.dll
0x10000000 0x6000 7.02.0000.0137 C:\DOCUME~1\DOMINI~1\LOCALS~1\Temp\IadHide5.dll
0x01840000 0x11000 C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon.dll
0x01870000 0xe000 1.09.0000.0000 C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.dll
0x10100000 0xe000 2.40.0849.0000 C:\Program Files\Logitech\SetPoint\lgscroll.dll
0x7c340000 0x56000 7.10.3052.0004 C:\WINDOWS\system32\MSVCR71.dll
0x7c3a0000 0x7b000 7.10.3077.0000 C:\WINDOWS\system32\MSVCP71.dll
0x01100000 0x34000 1.00.0000.0000 C:\WINDOWS\RACHook12.DLL
0x00fe0000 0x12000 C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.dll
0x02050000 0x27000 1.00.0003.0021 C:\Program Files\IncrediMail\bin\B4ImApp.dll
0x03c40000 0x1b9000 2.00.0000.0008 C:\Program Files\Fichiers communs\Ahead\Lib\NeroDigitalExt.dll
0x7c140000 0x103000 7.10.3077.0000 C:\Program Files\Fichiers communs\Ahead\Lib\MFC71.DLL
0x5d360000 0xf000 7.10.3077.0000 C:\WINDOWS\system32\MFC71FRA.DLL
0x03f00000 0x5b000 8.01.0000.0000 C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.dll
0x78130000 0x9b000 8.00.50727.0163 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\MSVCR80.dll
0x74730000 0x3d000 3.525.1117.0000 C:\WINDOWS\system32\ODBC32.dll
0x043e0000 0x18000 3.525.1117.0000 C:\WINDOWS\system32\odbcint.dll
0x74da0000 0x6c000 5.30.0023.1228 C:\WINDOWS\system32\RICHED20.dll
0x06470000 0x3b8000 2.10.0001.0001 C:\Program Files\Nero\Nero 7\Nero CoverDesigner\covered-fra.NLS
0x58640000 0x8a000 1.09.0000.0305 C:\WINDOWS\system32\l3codeca.acm
0x06e90000 0x2f2000 10.01.0001.10900 C:\Program Files\Fichiers communs\Ahead\Lib\AdvrCntr2.dll
0x07190000 0x75a000 6.14.0010.9136 C:\WINDOWS\system32\nvcpl.dll
0x74bf0000 0x2c000 4.02.5406.0000 C:\WINDOWS\system32\OLEACC.dll
0x76010000 0x65000 6.02.3104.0000 C:\WINDOWS\system32\MSVCP60.dll
0x03830000 0x73000 6.14.0010.11044 C:\WINDOWS\system32\nvshell.dll
0x03800000 0x2d000 C:\Program Files\WinRAR\rarext.dll
0x01ec0000 0x11000 3.00.0000.0000 C:\Program Files\IncrediMail\bin\ImShExtU.dll
0x02020000 0x13000 1.00.0000.0000 C:\Program Files\EPSON\Creativity Suite\Easy Photo Print\EPPShell.dll
0x73d20000 0xfe000 6.02.4131.0000 C:\WINDOWS\system32\MFC42.DLL
0x61d70000 0xe000 6.00.8665.0000 C:\WINDOWS\system32\MFC42LOC.DLL
0x02a40000 0x14000 2.02.0000.0011 C:\WINDOWS\system32\eDSshellExt.dll
0x7c120000 0x19000 7.10.3077.0000 C:\WINDOWS\system32\ATL71.DLL
0x05840000 0x1e2000 2.10.0001.0001 C:\Program Files\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll
0x03990000 0x19000 2.10.0003.0002 C:\Program Files\Nero\Nero 7\Nero BackItUp\NBShell.dll
0x05020000 0x102000 7.10.3077.0000 C:\Program Files\Nero\Nero 7\Nero BackItUp\MFC71U.DLL
0x03b10000 0x11000 7.00.0000.0010 C:\Program Files\Avira\AntiVir PersonalEdition Classic\shlext.dll
0x06830000 0x13d000 2.00.0016.0000 C:\Program Files\Fichiers communs\Ahead\Lib\MediaLibraryNSE.dll
0x5a500000 0x50000 8.05.1302.1018 C:\Program Files\Windows Live\Messenger\fsshext.8.5.1302.1018.dll
0x16210000 0x27e000 5.02.5721.5145 C:\WINDOWS\system32\wpdshext.dll
0x40000000 0x7a000 5.02.3790.3646 C:\WINDOWS\system32\Audiodev.dll
0x15110000 0x25a000 11.00.5721.5145 C:\WINDOWS\system32\WMVCore.DLL
0x11c70000 0x3a000 11.00.5721.5238 C:\WINDOWS\system32\WMASF.DLL
0x038b0000 0x10000 8.00.0000.0456 C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
0x04720000 0x5b000 1.01.0000.0000 C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
0x6bd10000 0x10000 12.00.4518.1014 C:\Program Files\Microsoft Office\Office12\msohevi.dll
ListDLLs v2.25 - DLL lister for Win9x/NT
Copyright (C) 1997-2004 Mark Russinovich
Sysinternals - www.sysinternals.com
------------------------------------------------------------------------------
winlogon.exe pid: 752
Command line: winlogon.exe
Base Size Version Path
0x01000000 0x81000 \??\C:\WINDOWS\system32\winlogon.exe
0x58b50000 0x9a000 5.82.2900.2982 C:\WINDOWS\system32\COMCTL32.dll
0x74730000 0x3d000 3.525.1117.0000 C:\WINDOWS\system32\ODBC32.dll
0x20000000 0x18000 3.525.1117.0000 C:\WINDOWS\system32\odbcint.dll
0x77000000 0xd4000 2001.12.4414.0258 C:\WINDOWS\system32\COMRes.dll
0x76f80000 0x7f000 2001.12.4414.0308 C:\WINDOWS\system32\CLBCATQ.DLL
0x76010000 0x65000 6.02.3104.0000 C:\WINDOWS\system32\MSVCP60.dll
Le volume dans le lecteur C s'appelle ACER
Le numéro de série du volume est DC97-BF5A
Répertoire de C:\WINDOWS\system
24/12/1998 09:15 345 983 RCDsetup.exe
1 fichier(s) 345 983 octets
0 Rép(s) 29 766 610 944 octets libres
Le volume dans le lecteur C s'appelle ACER
Le numéro de série du volume est DC97-BF5A
Répertoire de C:\WINDOWS\system32
10/08/2004 21:00 6 144 csrss.exe
1 fichier(s) 6 144 octets
0 Rép(s) 29 766 610 944 octets libres
Contenu de Downloaded Program Files
Le volume dans le lecteur C s'appelle ACER
Le numéro de série du volume est DC97-BF5A
Répertoire de C:\WINDOWS\Downloaded Program Files
06/03/2008 18:34 <REP> .
06/03/2008 18:34 <REP> ..
13/01/2005 15:59 233 Crusher.inf
11/08/2006 18:28 65 desktop.ini
25/07/2002 16:13 24 576 dwusplay.dll
25/07/2002 16:13 196 608 dwusplay.exe
11/04/2007 14:55 1 292 erma.inf
25/07/2002 16:05 172 032 isusweb.dll
25/04/2007 09:14 1 461 MusicManager.inf
25/06/2007 11:53 501 064 MusicManagerLib.dll
25/06/2007 11:53 1 099 184 MusicManagerPlugin.ocx
25/06/2007 11:53 95 560 MusicManagerUnInstaller.exe
28/11/2005 13:20 135 168 Oberongamesloader.dll
07/11/2005 16:47 257 Oberongamesloader.inf
18/05/2007 12:41 157 000 OD2hpb.dll
19/12/2003 17:02 126 976 popcaploader.dll
19/12/2003 15:43 241 popcaploader.inf
04/01/2008 09:51 144 swdir.inf
11/06/2007 11:21 5 021 swflash.inf
01/06/2004 13:41 853 yinst.inf
01/06/2004 13:36 141 312 yinsthelper.dll
19 fichier(s) 2 659 047 octets
Total des fichiers listés :
19 fichier(s) 2 659 047 octets
2 Rép(s) 29 766 606 848 octets libres
Recherche de rootkit! (Merci S!Ri)
Recherche d'infections connues
Export des clefs sensibles..
Liste des fichiers en exception sur le pare-feu XP SP2
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\IncrediMail\\bin\\ImApp.exe"="C:\\Program Files\\IncrediMail\\bin\\ImApp.exe:*:Enabled:IncrediMail"
"C:\\Program Files\\IncrediMail\\bin\\IncMail.exe"="C:\\Program Files\\IncrediMail\\bin\\IncMail.exe:*:Enabled:IncrediMail"
"C:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"="C:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe:*:Enabled:IncrediMail"
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Disabled:Logitech Desktop Messenger"
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Enabled:eMule"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\WINDOWS\\system32\\dpvsetup.exe"="C:\\WINDOWS\\system32\\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\\WINDOWS\\system32\\rundll32.exe"="C:\\WINDOWS\\system32\\rundll32.exe:*:Enabled:Exécuter une DLL en tant qu'application"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Fichiers communs\\Ahead\\Nero Web\\SetupX.exe"="C:\\Program Files\\Fichiers communs\\Ahead\\Nero Web\\SetupX.exe:*:Enabled:Nero ProductSetup"
"C:\\Program Files\\IncrediMail\\bin\\IncrediMail_Install.exe"="C:\\Program Files\\IncrediMail\\bin\\IncrediMail_Install.exe:*:Enabled:IncrediMail Installer"
"C:\\Program Files\\Azureus\\Azureus.exe"="C:\\Program Files\\Azureus\\Azureus.exe:*:Enabled:Azureus"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
Export de la clef SharedTaskScheduler
[SharedTaskScheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pré-chargeur Browseui"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Démon de cache des catégories de composant"
exports des policies
REGEDIT4
[system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001
"InstallVisualStyle"=hex(2):43,3a,5c,57,49,4e,44,4f,57,53,5c,52,65,73,6f,75,72,\
63,65,73,5c,54,68,65,6d,65,73,5c,52,6f,79,61,6c,65,5c,52,6f,79,61,6c,65,2e,\
6d,73,73,74,79,6c,65,73,00
"InstallTheme"=hex(2):43,3a,5c,57,49,4e,44,4f,57,53,5c,52,65,73,6f,75,72,63,65,\
73,5c,54,68,65,6d,65,73,5c,52,6f,79,61,6c,65,2e,74,68,65,6d,65,00
Export des clefs sensibles..
Rechercher adresses sensibles dans le fichier HOSTS...
catchme 0.3.1319 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-16 09:46:07
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden services & system hive ...
IPC error: 2 Le fichier spécifié est introuvable.
scanning hidden registry entries ...
scanning hidden files ...
scan completed successfully
hidden services: 0
hidden files: 0
KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg)
Process list by traversal of KiWaitListHead
4 - System
500 - MemCheck.exe
516 - avgnt.exe
528 - ctfmon.exe
560 - LogitechDesktop
600 - CTLCMgr.exe
716 - msnmsgr.exe
728 - csrss.exe
752 - winlogon.exe
800 - services.exe
812 - lsass.exe
988 - svchost.exe
1056 - svchost.exe
1104 - sched.exe
1124 - NMBgMonitor.exe
1136 - EDICT.EXE
1152 - svchost.exe
1192 - svchost.exe
1240 - svchost.exe
1276 - emule.exe
1364 - svchost.exe
1436 - Acer.Empowering
1520 - aawservice.exe
1568 - ZDWlan.exe
1572 - ehSched.exe
1740 - explorer.exe
1816 - spoolsv.exe
1880 - avguard.exe
2104 - RocketDock.exe
2128 - YzShadow.exe
2184 - nvsvc32.exe
2236 - ImApp.exe
2332 - svchost.exe
2528 - mcrdsvc.exe
3620 - NMIndexingServi
3708 - dllhost.exe
3964 - NMIndexStoreSvr
4036 - alg.exe
4196 - usnsvc.exe
5824 - msnmsgr.exe
7132 - iexplore.exe
7152 - cmd.exe
Total number of processes = 42
NOTE: Under WinXP, this will not show all processes.
KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg)
Driver/Module list by traversal of PsLoadedModuleList
804D7000 - \WINDOWS\system32\ntkrnlpa.exe
806E2000 - \WINDOWS\system32\hal.dll
BADA8000 - \WINDOWS\system32\KDCOM.DLL
BACB8000 - \WINDOWS\system32\BOOTVID.dll
BA778000 - ACPI.sys
BADAA000 - \WINDOWS\system32\DRIVERS\WMILIB.SYS
BA767000 - pci.sys
BA8A8000 - isapnp.sys
BA8B8000 - ohci1394.sys
BA8C8000 - \WINDOWS\system32\DRIVERS\1394BUS.SYS
BAE70000 - pciide.sys
BAB28000 - \WINDOWS\system32\DRIVERS\PCIIDEX.SYS
BA8D8000 - MountMgr.sys
BA748000 - ftdisk.sys
BADAC000 - dmload.sys
BA722000 - dmio.sys
BA70C000 - nvraid.sys
BA8E8000 - \WINDOWS\system32\drivers\CLASSPNP.SYS
BAB30000 - PartMgr.sys
BACBC000 - UBHelper.sys
BA8F8000 - VolSnap.sys
BA6F4000 - atapi.sys
BA6DA000 - nvatabus.sys
BA908000 - disk.sys
BA6BA000 - fltMgr.sys
BA6A8000 - sr.sys
BA918000 - PxHelp20.sys
BA691000 - KSecDD.sys
BA67E000 - WudfPf.sys
BA5F1000 - Ntfs.sys
BA5C4000 - NDIS.sys
BA5A9000 - Mup.sys
BA948000 - \SystemRoot\system32\DRIVERS\AmdK8.sys
BAB78000 - \SystemRoot\system32\DRIVERS\usbohci.sys
BA528000 - \SystemRoot\system32\DRIVERS\USBPORT.SYS
BAB80000 - \SystemRoot\system32\DRIVERS\usbehci.sys
BA958000 - \SystemRoot\system32\DRIVERS\nic1394.sys
BA503000 - \SystemRoot\system32\DRIVERS\HDAudBus.sys
BA968000 - \SystemRoot\system32\DRIVERS\imapi.sys
BA978000 - \SystemRoot\system32\DRIVERS\cdrom.sys
BA988000 - \SystemRoot\system32\DRIVERS\redbook.sys
BA4E0000 - \SystemRoot\system32\DRIVERS\ks.sys
BADAE000 - \SystemRoot\system32\DRIVERS\NTIDrvr.sys
BA11F000 - \SystemRoot\system32\DRIVERS\nv4_mini.sys
BA10B000 - \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
BA0CF000 - \SystemRoot\system32\DRIVERS\yk51x86.sys
BA0BE000 - \SystemRoot\system32\DRIVERS\serial.sys
BAD64000 - \SystemRoot\system32\DRIVERS\serenum.sys
BA0AA000 - \SystemRoot\system32\DRIVERS\parport.sys
BA998000 - \SystemRoot\system32\DRIVERS\i8042prt.sys
BA9A8000 - \SystemRoot\system32\DRIVERS\L8042mou.Sys
BA099000 - \SystemRoot\system32\DRIVERS\LMouKE.Sys
BABB8000 - \SystemRoot\system32\DRIVERS\mouclass.sys
BAD6C000 - \SystemRoot\system32\DRIVERS\L8042Kbd.sys
BABC8000 - \SystemRoot\system32\DRIVERS\kbdclass.sys
BAF9A000 - \SystemRoot\system32\DRIVERS\audstub.sys
BA9B8000 - \SystemRoot\system32\DRIVERS\rasl2tp.sys
BAD74000 - \SystemRoot\system32\DRIVERS\ndistapi.sys
BA082000 - \SystemRoot\system32\DRIVERS\ndiswan.sys
BA9C8000 - \SystemRoot\system32\DRIVERS\raspppoe.sys
BA9D8000 - \SystemRoot\system32\DRIVERS\raspptp.sys
BABE8000 - \SystemRoot\system32\DRIVERS\TDI.SYS
BA049000 - \SystemRoot\system32\DRIVERS\psched.sys
BA9E8000 - \SystemRoot\system32\DRIVERS\msgpc.sys
BABF8000 - \SystemRoot\system32\DRIVERS\ptilink.sys
BAC08000 - \SystemRoot\system32\DRIVERS\raspti.sys
B9F78000 - \SystemRoot\system32\DRIVERS\rdpdr.sys
BA9F8000 - \SystemRoot\system32\DRIVERS\termdd.sys
BADB4000 - \SystemRoot\system32\DRIVERS\swenum.sys
B9F44000 - \SystemRoot\system32\DRIVERS\update.sys
BAD98000 - \SystemRoot\system32\DRIVERS\mssmbios.sys
BAA08000 - \SystemRoot\System32\Drivers\NDProxy.SYS
BAA18000 - \SystemRoot\system32\DRIVERS\usbhub.sys
BADBA000 - \SystemRoot\system32\DRIVERS\USBD.SYS
B9AB1000 - \SystemRoot\system32\drivers\RtkHDAud.sys
B9A8F000 - \SystemRoot\system32\drivers\portcls.sys
BAA28000 - \SystemRoot\system32\drivers\drmk.sys
BADC6000 - \SystemRoot\System32\Drivers\Fs_Rec.SYS
BAEFD000 - \SystemRoot\System32\Drivers\Null.SYS
BADCA000 - \SystemRoot\System32\Drivers\Beep.SYS
BAC48000 - \SystemRoot\System32\drivers\vga.sys
BADCE000 - \SystemRoot\System32\Drivers\mnmdd.SYS
BADD2000 - \SystemRoot\System32\DRIVERS\RDPCDD.sys
BAC58000 - \SystemRoot\System32\Drivers\Msfs.SYS
BAC68000 - \SystemRoot\System32\Drivers\Npfs.SYS
BA05E000 - \SystemRoot\system32\DRIVERS\rasacd.sys
B7413000 - \SystemRoot\system32\DRIVERS\ipsec.sys
B73BB000 - \SystemRoot\system32\DRIVERS\tcpip.sys
B7393000 - \SystemRoot\system32\DRIVERS\netbt.sys
B7372000 - \SystemRoot\system32\DRIVERS\ipnat.sys
BAA58000 - \SystemRoot\system32\DRIVERS\wanarp.sys
B7350000 - \SystemRoot\System32\drivers\afd.sys
BAA68000 - \SystemRoot\system32\DRIVERS\arp1394.sys
BAA78000 - \SystemRoot\system32\DRIVERS\netbios.sys
BAC80000 - \SystemRoot\System32\Drivers\StarOpen.SYS
BAC90000 - \SystemRoot\system32\DRIVERS\ssmdrv.sys
B7325000 - \SystemRoot\system32\DRIVERS\rdbss.sys
B72B6000 - \SystemRoot\system32\DRIVERS\mrxsmb.sys
BAA98000 - \SystemRoot\System32\Drivers\Fips.SYS
BAAA8000 - \SystemRoot\system32\DRIVERS\avipbb.sys
BADD8000 - \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys
B71CA000 - \SystemRoot\system32\DRIVERS\V0220Dev.sys
BADDC000 - \SystemRoot\system32\DRIVERS\V0220Vfx.sys
BACB0000 - \SystemRoot\system32\DRIVERS\USBSTOR.SYS
B71A7000 - \SystemRoot\System32\Drivers\Fastfat.SYS
B718F000 - \SystemRoot\System32\Drivers\dump_atapi.sys
BADE6000 - \SystemRoot\System32\Drivers\dump_WMILIB.SYS
BF800000 - \SystemRoot\System32\win32k.sys
B7452000 - \SystemRoot\System32\drivers\Dxapi.sys
BABB0000 - \SystemRoot\System32\watchdog.sys
BF9C3000 - \SystemRoot\System32\drivers\dxg.sys
BAF22000 - \SystemRoot\System32\drivers\dxgthk.sys
BF9D5000 - \SystemRoot\System32\nv4_disp.dll
B5CCF000 - \SystemRoot\system32\DRIVERS\ndisuio.sys
B4F16000 - \SystemRoot\system32\drivers\wdmaud.sys
B4FFB000 - \SystemRoot\system32\drivers\sysaudio.sys
B9FA9000 - \SystemRoot\System32\Drivers\Cdfs.SYS
B4BAE000 - \SystemRoot\system32\DRIVERS\mrxdav.sys
B4AAB000 - \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys
B47EA000 - \SystemRoot\System32\Drivers\HTTP.sys
B4671000 - \SystemRoot\system32\DRIVERS\srv.sys
B657F000 - \SystemRoot\System32\Drivers\ZDPSp50.sys
B0017000 - \SystemRoot\system32\drivers\kmixer.sys
BAF36000 - \SystemRoot\System32\DRIVERS\KProcCheck.sys
Total number of drivers = 124
Liste des programmes installes
ABBYY FineReader 6.0 Sprint
Acer eDataSecurity Management
Acer eDataSecurity Management 2.0.3077
Acer Empowering Technology
Acer ePerformance Management
Acer WLAN 11g USB Dongle
Acer WLAN 11g USB Dongle
Ad-Aware 2007
Adobe Bridge 1.0
Adobe Common File Installer
Adobe Flash Player 9 ActiveX
Adobe Flash Player 9 ActiveX
Adobe Flash Player ActiveX
Adobe Help Center 1.0
Adobe Photoshop CS2
Adobe Photoshop CS2
Adobe Reader 8.1.2
Adobe Shockwave Player
Adobe Stock Photos 1.0
Advanced Video FX Engine
Archiveur WinRAR
ArcSoft PhotoStudio 5
Assistant de connexion Windows Live
Audacity 1.2.6
AutoUpdate
Avira AntiVir PersonalEdition Classic
Bejeweled 2 Deluxe
Côte d'Azur Palace Casino
Codeur Windows Media Série 9
Codeur Windows Media Série 9
Collection Microsoft Encarta 2006
Coloriage
commercial
Correctif n° 2 pour Windows XP Édition Media Center 2005
Correctif pour Lecteur Windows Media 11 (KB939683)
Correctif pour Windows XP (KB888795)
Correctif pour Windows XP (KB891593)
Correctif pour Windows XP (KB893357)
Correctif pour Windows XP (KB896256)
Correctif pour Windows XP (KB898444)
Correctif pour Windows XP (KB899337)
Correctif pour Windows XP (KB899510)
Correctif pour Windows XP (KB902841)
Correctif pour Windows XP (KB906569)
Correctif pour Windows XP (KB914440)
Correctif pour Windows XP (KB935448)
Correctif Windows XP - KB867282
Correctif Windows XP - KB873333
Correctif Windows XP - KB873339
Correctif Windows XP - KB885250
Correctif Windows XP - KB885835
Correctif Windows XP - KB885836
Correctif Windows XP - KB886185
Correctif Windows XP - KB887472
Correctif Windows XP - KB888113
Correctif Windows XP - KB888239
Correctif Windows XP - KB888302
Correctif Windows XP - KB890047
Correctif Windows XP - KB890175
Correctif Windows XP - KB890859
Correctif Windows XP - KB890923
Correctif Windows XP - KB891781
Correctif Windows XP - KB893086
Correctif Windows XP - KB895961
Creative Live! Cam Center
Creative Live! Cam Manager
Creative Live! Cam Video IM Driver (1.01.01.00)
Creative Photo Calendar
Creative Photo Manager
Creative Software AutoUpdate
Creative System Information
DivX Codec
DivX Content Uploader
DivX Converter
DivX Player
DivX Web Player
eMule
EPSON Attach To Email
EPSON Attach To Email
EPSON Copy Utility 3
EPSON Easy Photo Print
EPSON File Manager
EPSON Logiciel imprimante
EPSON Scan
EPSON Scan Assistant
EPSON Web-To-Page
ESDX5000_CX4900 Guide d’utilisation
Europa Casino
Firebird SQL Server - MAGIX Edition (F)
GemMaster Mystic
Gimp Pack Mode 2.4.2
High Definition Audio Driver Package - KB888111
HijackThis 2.0.2
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 10 (KB903157)
Hotfix for Windows XP (KB915865)
Hotfix for Windows XP (KB926239)
IncrediMail Xe
Installer Yahoo! Messenger
J2SE Runtime Environment 5.0 Update 6
Java(TM) 6 Update 5
L&H TTS3000 Français
Lecteur Windows Media 11
Lettres, Courriers Types & Présentations
LightScribe 1.4.74.1
Logitech Desktop Messenger
Logitech SetPoint
Luxor 3
Macrogaming SweetIM 2.1
Mah Jong 3D
Manuel d'utilisation de Creative Live! Cam Video IM (Français)
Micro Application - Faire-part Edition Classic
Micro Application - Les Jeux du DICO12
Micro Application - MediaDICO 12
Microsoft .NET Framework 1.0 Hotfix (KB930494)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 French Language Pack
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office Access MUI (French) 2007
Microsoft Office Excel MUI (French) 2007
Microsoft Office InfoPath MUI (French) 2007
Microsoft Office Outlook MUI (French) 2007
Microsoft Office PowerPoint MUI (French) 2007
Microsoft Office Professional Plus 2007
Microsoft Office Professional Plus 2007
Microsoft Office Proof (Arabic) 2007
Microsoft Office Proof (Dutch) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (German) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (French) 2007
Microsoft Office Publisher MUI (French) 2007
Microsoft Office Shared MUI (French) 2007
Microsoft Office Word MUI (French) 2007
Microsoft Software Update for Web Folders (French) 12
Microsoft User-Mode Driver Framework Feature Pack 1.0
Mise à jour de sécurité pour Lecteur Windows Media (KB911564)
Mise à jour de sécurité pour Lecteur Windows Media 10 (KB911565)
Mise à jour de sécurité pour Lecteur Windows Media 10 (KB936782)
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)
Mise à jour de sécurité pour Lecteur Windows Media 6.4 (KB925398)
Mise à jour de sécurité pour Step by Step Interactive Training (KB898458)
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB937143)
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB939653)
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615)
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB944533)
Mise à jour de sécurité pour Windows XP (KB883939)
Mise à jour de sécurité pour Windows XP (KB890046)
Mise à jour de sécurité pour Windows XP (KB893756)
Mise à jour de sécurité pour Windows XP (KB896358)
Mise à jour de sécurité pour Windows XP (KB896422)
Mise à jour de sécurité pour Windows XP (KB896423)
Mise à jour de sécurité pour Windows XP (KB896424)
Mise à jour de sécurité pour Windows XP (KB896428)
Mise à jour de sécurité pour Windows XP (KB899587)
Mise à jour de sécurité pour Windows XP (KB899588)
Mise à jour de sécurité pour Windows XP (KB899589)
Mise à jour de sécurité pour Windows XP (KB899591)
Mise à jour de sécurité pour Windows XP (KB900725)
Mise à jour de sécurité pour Windows XP (KB901017)
Mise à jour de sécurité pour Windows XP (KB901190)
Mise à jour de sécurité pour Windows XP (KB901214)
Mise à jour de sécurité pour Windows XP (KB902400)
Mise à jour de sécurité pour Windows XP (KB903235)
Mise à jour de sécurité pour Windows XP (KB904706)
Mise à jour de sécurité pour Windows XP (KB905414)
Mise à jour de sécurité pour Windows XP (KB905749)
Mise à jour de sécurité pour Windows XP (KB905915)
Mise à jour de sécurité pour Windows XP (KB908519)
Mise à jour de sécurité pour Windows XP (KB908531)
Mise à jour de sécurité pour Windows XP (KB911562)
Mise à jour de sécurité pour Windows XP (KB911567)
Mise à jour de sécurité pour Windows XP (KB911927)
Mise à jour de sécurité pour Windows XP (KB912812)
Mise à jour de sécurité pour Windows XP (KB912919)
Mise à jour de sécurité pour Windows XP (KB913433)
Mise à jour de sécurité pour Windows XP (KB913446)
Mise à jour de sécurité pour Windows XP (KB913580)
Mise à jour de sécurité pour Windows XP (KB914388)
Mise à jour de sécurité pour Windows XP (KB914389)
Mise à jour de sécurité pour Windows XP (KB917344)
Mise à jour de sécurité pour Windows XP (KB917953)
Mise à jour de sécurité pour Windows XP (KB918118)
Mise à jour de sécurité pour Windows XP (KB918439)
Mise à jour de sécurité pour Windows XP (KB919007)
Mise à jour de sécurité pour Windows XP (KB920213)
Mise à jour de sécurité pour Windows XP (KB920670)
Mise à jour de sécurité pour Windows XP (KB920683)
Mise à jour de sécurité pour Windows XP (KB920685)
Mise à jour de sécurité pour Windows XP (KB921503)
Mise à jour de sécurité pour Windows XP (KB922819)
Mise à jour de sécurité pour Windows XP (KB923191)
Mise à jour de sécurité pour Windows XP (KB923414)
Mise à jour de sécurité pour Windows XP (KB923689)
Mise à jour de sécurité pour Windows XP (KB923980)
Mise à jour de sécurité pour Windows XP (KB924270)
Mise à jour de sécurité pour Windows XP (KB924496)
Mise à jour de sécurité pour Windows XP (KB924667)
Mise à jour de sécurité pour Windows XP (KB925902)
Mise à jour de sécurité pour Windows XP (KB926255)
Mise à jour de sécurité pour Windows XP (KB926436)
Mise à jour de sécurité pour Windows XP (KB927779)
Mise à jour de sécurité pour Windows XP (KB927802)
Mise à jour de sécurité pour Windows XP (KB928255)
Mise à jour de sécurité pour Windows XP (KB928843)
Mise à jour de sécurité pour Windows XP (KB929123)
Mise à jour de sécurité pour Windows XP (KB930178)
Mise à jour de sécurité pour Windows XP (KB931261)
Mise à jour de sécurité pour Windows XP (KB931784)
Mise à jour de sécurité pour Windows XP (KB932168)
Mise à jour de sécurité pour Windows XP (KB933729)
Mise à jour de sécurité pour Windows XP (KB935839)
Mise à jour de sécurité pour Windows XP (KB935840)
Mise à jour de sécurité pour Windows XP (KB936021)
Mise à jour de sécurité pour Windows XP (KB937143)
Mise à jour de sécurité pour Windows XP (KB937894)
Mise à jour de sécurité pour Windows XP (KB938127)
Mise à jour de sécurité pour Windows XP (KB938829)
Mise à jour de sécurité pour Windows XP (KB941202)
Mise à jour de sécurité pour Windows XP (KB941568)
Mise à jour de sécurité pour Windows XP (KB941569)
Mise à jour de sécurité pour Windows XP (KB941644)
Mise à jour de sécurité pour Windows XP (KB943055)
Mise à jour de sécurité pour Windows XP (KB943460)
Mise à jour de sécurité pour Windows XP (KB943485)
Mise à jour de sécurité pour Windows XP (KB944653)
Mise à jour de sécurité pour Windows XP (KB946026)
Mise à jour pour Lecteur Windows Media 10 (KB910393)
Mise à jour pour Lecteur Windows Media 10 (KB913800)
Mise à jour pour Lecteur Windows Media 10 (KB926251)
Mise à jour pour Windows XP (KB894391)
Mise à jour pour Windows XP (KB896727)
Mise à jour pour Windows XP (KB898461)
Mise à jour pour Windows XP (KB900485)
Mise à jour pour Windows XP (KB904942)
Mise à jour pour Windows XP (KB910437)
Mise à jour pour Windows XP (KB911280)
Mise à jour pour Windows XP (KB912945)
Mise à jour pour Windows XP (KB916595)
Mise à jour pour Windows XP (KB920872)
Mise à jour pour Windows XP (KB922582)
Mise à jour pour Windows XP (KB927891)
Mise à jour pour Windows XP (KB930916)
Mise à jour pour Windows XP (KB933360)
Mise à jour pour Windows XP (KB938828)
Mise à jour pour Windows XP (KB942763)
MSXML 4.0 SP2 (KB936181)
MultiMedia Toolbar
MyDSC2
Nero 7 Ultra Edition
neroxml
Neuf - Kit de connexion
NTI Backup NOW! 4
NTI Backup NOW! 4
NTI CD & DVD-Maker
NTI CD & DVD-Maker
NVIDIA Drivers
OCA Client history tool install
Otto
Pack Vista Inspirat 2 1.0
Package de pilotes Windows - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0)
Package de pilotes Windows - AMD System (04/06/2006 1.0.1.0)
PIF DESIGNER
Pochette Express 2
PowerDVD
Prestige Casino
Realtek High Definition Audio Driver
SAMSUNG CDMA Modem Driver Set
SAMSUNG Mobile Composite Device Software
Samsung Mobile phone USB driver Software
SAMSUNG Mobile USB Modem 1.0 Software
SAMSUNG Mobile USB Modem Software
Samsung PC Studio 3
Samsung PC Studio 3
Search Settings
Security Update for CAPICOM (KB931906)
Security Update for CAPICOM (KB931906)
Security Update for Excel 2007 (KB946974)
Security Update for Office 2007 (KB934062)
Security Update for Office 2007 (KB947801)
Security Update for Outlook 2007 (KB946983)
Security Update for Publisher 2007 (KB936646)
Security Update for the 2007 Microsoft Office System (KB936960)
SightSpeed (remove only)
Sonic Encoders
Spybot - Search & Destroy 1.4
SpywareBlaster 4.0
SweetIM For Internet Explorer 3.0b
Ulead Photo Explorer 8.0 SE Basic
Ulead Photo Express 5 SE
Update for Office 2007 (KB932080)
Update for Office 2007 (KB934391)
Update for Office 2007 (KB934393)
Update for Outlook 2007 Junk Email Filter (kb947945)
Update for Word 2007 (KB934173)
WebFldrs XP
Windows Genuine Advantage Validation Tool (KB892130)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 7
Windows Live installer
Windows Live Messenger
Windows Live OneCare safety scanner
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Media Center Edition 2005 KB908246
Windows XP Media Center Edition 2005 KB925766
Le volume dans le lecteur C s'appelle ACER
Le numéro de série du volume est DC97-BF5A
Répertoire de C:\Program Files
14/03/2008 15:13 <REP> .
14/03/2008 15:13 <REP> ..
19/09/2007 19:02 <REP> ABBYY FineReader 6.0 Sprint
30/08/2007 04:28 <REP> Acer WLAN 11g USB Dongle
15/09/2007 08:49 <REP> Adobe
18/09/2007 20:51 <REP> Ahead
29/08/2007 20:42 <REP> Alwil Software
18/09/2007 21:32 <REP> ArcSoft
07/10/2007 10:32 <REP> AskTBar
23/12/2007 14:29 <REP> Audacity
14/03/2008 15:13 <REP> Avira
22/12/2007 13:37 <REP> Azureus
30/08/2007 04:28 <REP> commercial
11/08/2006 18:27 <REP> ComPlus Applications
29/08/2007 21:51 <REP> Creative
30/08/2007 04:28 <REP> CyberLink
22/02/2008 20:09 <REP> denouvel
30/08/2007 04:28 <REP> DIFX
22/12/2007 15:01 <REP> DivX
14/03/2008 15:19 <REP> eMule
29/08/2007 21:23 <REP> epson
30/12/2007 10:40 <REP> Fichiers communs
30/08/2007 04:28 <REP> FrenchOtto
30/08/2007 04:28 <REP> GemMasterFrench
26/02/2008 17:28 <REP> Gimp Pack Mode
04/02/2008 17:16 <REP> Google
05/02/2008 19:25 <REP> Incredijeux
10/01/2008 19:22 <REP> IncrediMail
13/02/2008 09:50 <REP> Internet Explorer
14/03/2008 14:01 <REP> Java
18/09/2007 22:30 <REP> Lavasoft
18/09/2007 21:30 <REP> Lavasoft(2)
18/09/2007 21:31 <REP> LGGSM
29/08/2007 21:34 <REP> Logitech
30/08/2007 04:28 <REP> Messenger
09/12/2007 20:58 <REP> Micro Application
18/09/2007 22:12 <REP> Microsoft CAPICOM 2.1.0.2
30/08/2007 14:22 <REP> Microsoft Encarta
30/08/2007 04:28 <REP> microsoft frontpage
29/08/2007 21:57 <REP> Microsoft Office
29/08/2007 21:57 <REP> Microsoft Visual Studio
29/08/2007 21:57 <REP> Microsoft Works
29/08/2007 21:56 <REP> Microsoft.NET
25/11/2007 09:18 <REP> Movie Maker
29/08/2007 21:57 <REP> MSBuild
30/08/2007 04:28 <REP> MSN
11/08/2006 18:26 <REP> MSN Gaming Zone
30/12/2007 11:37 <REP> MSN Messenger
18/09/2007 22:11 <REP> MSXML 4.0
24/09/2007 17:32 <REP> Multi_Media
19/11/2007 14:15 <REP> MultiMedia Toolbar
29/08/2007 21:35 <REP> MUSICMATCH
01/03/2008 13:46 <REP> NCH Software
01/03/2008 13:47 <REP> NCH Swift Sound
30/08/2007 21:47 <REP> Nero
30/08/2007 04:28 <REP> NetMeeting
29/08/2007 20:27 <REP> Neuf
30/08/2007 04:28 <REP> NewTech Infosystems
01/03/2008 12:21 <REP> NRJ
30/08/2007 04:28 <REP> Oca History Tool
30/08/2007 04:28 <REP> Online Services
25/11/2007 09:18 <REP> Outlook Express
30/08/2007 15:21 <REP> Pochette Express 2
30/08/2007 04:28 <REP> Realtek
07/12/2007 15:58 <REP> Samsung
30/08/2007 04:28 <REP> Services en ligne
29/08/2007 21:45 <REP> SightSpeed
18/09/2007 23:00 <REP> Spybot - Search & Destroy
15/03/2008 08:47 <REP> SpywareBlaster
19/12/2007 19:28 <REP> Sunbelt Software
29/12/2007 15:07 <REP> Total Video Converter
12/03/2008 10:16 <REP> Trend Micro
07/10/2007 12:11 <REP> Web Media Player
30/12/2007 11:35 <REP> Windows Live
22/12/2007 09:49 <REP> Windows Live Safety Center
01/03/2008 12:24 <REP> Windows Media Components
19/09/2007 16:04 <REP> Windows Media Connect 2
19/09/2007 16:03 <REP> Windows Media Player
30/08/2007 04:28 <REP> Windows NT
30/08/2007 04:28 <REP> Windows Plus
30/08/2007 15:15 <REP> WinRAR
30/08/2007 04:28 <REP> xerox
07/10/2007 10:30 <REP> Yahoo!
0 fichier(s) 0 octets
83 Rép(s) 29 740 273 664 octets libres
Le volume dans le lecteur C s'appelle ACER
Le numéro de série du volume est DC97-BF5A
Répertoire de C:\Program Files\fichiers communs
30/12/2007 10:40 <REP> .
30/12/2007 10:40 <REP> ..
10/03/2008 15:31 <REP> Adobe
30/08/2007 14:47 <REP> Adobe Systems Shared
20/09/2007 17:17 <REP> Ahead
29/08/2007 21:57 <REP> DESIGNER
29/08/2007 21:25 <REP> InstallShield
29/08/2007 19:38 <REP> Java
30/08/2007 04:28 <REP> LightScribe
29/08/2007 21:34 <REP> Logitech
19/09/2007 20:25 <REP> MAGIX Shared
10/10/2007 08:30 <REP> Micro Application Shared
30/12/2007 10:49 <REP> Microsoft Shared
30/08/2007 04:28 <REP> MSSoap
11/08/2006 18:52 <REP> muvee Technologies
30/08/2007 04:28 <REP> NewTech Infosystems
18/09/2007 23:16 <REP> Oberon Media
30/08/2007 04:28 <REP> ODBC
30/08/2007 04:28 <REP> Services
30/08/2007 04:28 <REP> SpeechEngines
29/08/2007 20:11 <REP> Symantec Shared
29/08/2007 21:54 <REP> System
28/12/2007 22:35 <REP> Ulead Systems
18/09/2007 22:29 <REP> Wise Installation Wizard
0 fichier(s) 0 octets
24 Rép(s) 29 740 269 568 octets libres
Le volume dans le lecteur C s'appelle ACER
Le numéro de série du volume est DC97-BF5A
Répertoire de C:\Program Files\fichiers communs\Microsoft Shared\Web Folders
29/08/2007 21:54 <REP> .
29/08/2007 21:54 <REP> ..
29/08/2007 21:54 <REP> 1036
26/10/2006 18:49 970 528 MSONSEXT.DLL
26/10/2006 19:12 40 256 MSOSV.DLL
03/06/1999 11:09 122 937 MSOWS409.DLL
07/03/2001 06:00 127 033 MSOWS40c.DLL
4 fichier(s) 1 260 754 octets
3 Rép(s) 29 740 269 568 octets libres
c:\Documents and Settings\dominique\Application Data\Azureus\plugins\azemp\azmplay.exe
c:\Documents and Settings\dominique\Application Data\Microsoft\Installer\{F6D63A65-BD23-46F3-B9A3-87F442423481}\ARPPRODUCTICON.exe
c:\Documents and Settings\dominique\Bureau\antivir-personal-edition-7_antivir_personal_edition_classic_7_7.06.00.270_anglais_10821.exe
c:\Documents and Settings\dominique\Bureau\ComboFix.exe
c:\Documents and Settings\dominique\Bureau\DiagHelp\catchme.exe
c:\Documents and Settings\dominique\Bureau\DiagHelp\diff.exe
c:\Documents and Settings\dominique\Bureau\DiagHelp\dumphive.exe
c:\Documents and Settings\dominique\Bureau\DiagHelp\FilesInfoCmd.exe
c:\Documents and Settings\dominique\Bureau\DiagHelp\find2.exe
c:\Documents and Settings\dominique\Bureau\DiagHelp\Fport.exe
c:\Documents and Settings\dominique\Bureau\DiagHelp\grep.exe
c:\Documents and Settings\dominique\Bureau\DiagHelp\gzip.exe
c:\Documents and Settings\dominique\Bureau\DiagHelp\KProcCheck.exe
c:\Documents and Settings\dominique\Bureau\DiagHelp\LFiles.exe
c:\Documents and Settings\dominique\Bureau\DiagHelp\LISTDLLS.exe
c:\Documents and Settings\dominique\Bureau\DiagHelp\md5sums.exe
c:\Documents and Settings\dominique\Bureau\DiagHelp\pslist.exe
c:\Documents and Settings\dominique\Bureau\DiagHelp\sigcheck.exe
c:\Documents and Settings\dominique\Bureau\DiagHelp\streams.exe
c:\Documents and Settings\dominique\Bureau\DiagHelp\swreg.exe
c:\Documents and Settings\dominique\Bureau\DiagHelp\tar.exe
c:\Documents and Settings\dominique\Local Settings\Temporary Internet Files\Content.IE5\YBG6JM1J\spywareblastersetup40[1].exe
c:\Documents and Settings\dominique\Mes documents\programmes d'instalation\20070604184003406_Samsung_PC_Studio_312.exe
c:\Documents and Settings\dominique\Mes documents\programmes d'instalation\3DMagicSetup.exe
c:\Documents and Settings\dominique\Mes documents\programmes d'instalation\ad-aware 2007.exe
c:\Documents and Settings\dominique\Mes documents\programmes d'instalation\AdbeRdr810_en_US.exe
c:\Documents and Settings\dominique\Mes documents\programmes d'instalation\audacity-win-1.2.6.exe
c:\Documents and Settings\dominique\Mes documents\programmes d'instalation\avast.exe
c:\Documents and Settings\dominique\Mes documents\programmes d'instalation\bejeweled2-setup.exe
c:\Documents and Settings\dominique\Mes documents\programmes d'instalation\Casino prestige.exe
c:\Documents and Settings\dominique\Mes documents\programmes d'instalation\cote d'azur casino.exe
c:\Documents and Settings\dominique\Mes documents\programmes d'instalation\DivXBundle.exe
c:\Documents and Settings\dominique\Mes documents\programmes d'instalation\emoticones1_5.exe
c:\Documents and Settings\dominique\Mes documents\programmes d'instalation\EmoticonesAnimaux.exe
c:\Documents and Settings\dominique\Mes documents\programmes d'instalation\eMule0.48a-Installer.exe
c:\Documents and Settings\dominique\Mes documents\programmes d'instalation\faire-part.exe
c:\Documents and Settings\dominique\Mes documents\programmes d'instalation\gimp-mode_gimp_mode_2.4.2_francais_18452.exe
c:\Documents and Settings\dominique\Mes documents\programmes d'instalation\hijackthis_hijackthis_2.02_anglais_17891.exe
c:\Documents and Settings\dominique\Mes documents\programmes d'instalation\incredimail_install.exe
c:\Documents and Settings\dominique\Mes documents\programmes d'instalation\Luxor_3-setup.exe
c:\Documents and Settings\dominique\Mes documents\programmes d'instalation\pochette express.exe
c:\Documents and Settings\dominique\Mes documents\programmes d'instalation\setup_coloriage.exe
c:\Documents and Settings\dominique\Mes documents\programmes d'instalation\Setup_FreeConverter.exe
c:\Documents and Settings\dominique\Mes documents\programmes d'instalation\SetupCasino.exe
c:\Documents and Settings\dominique\Mes documents\programmes d'instalation\Skin Windows Live Vista 8.5.1302.1018.exe
c:\Documents and Settings\dominique\Mes documents\programmes d'instalation\spybot-search-destroy_spybot_-_search_destroy_1.4_francais_10965.exe
c:\Documents and Settings\dominique\Mes documents\programmes d'instalation\spywareblastersetup40.exe
c:\Documents and Settings\dominique\Mes documents\programmes d'instalation\spywarefighter.exe
c:\Documents and Settings\dominique\Mes documents\programmes d'instalation\SweetImSetup imoticones messeger.exe
c:\Documents and Settings\dominique\Mes documents\programmes d'instalation\tvc.exe
c:\Documents and Settings\dominique\Mes documents\programmes d'instalation\wrar370fr.exe
c:\Documents and Settings\dominique\Mes documents\programmes d'instalation\MSNFix\incl\handle.exe
c:\Documents and Settings\dominique\Mes documents\programmes d'instalation\MSNFix\incl\MD5File.exe
c:\Documents and Settings\dominique\Mes documents\programmes d'instalation\MSNFix\incl\Process.exe
c:\Documents and Settings\dominique\Mes documents\programmes d'instalation\MSNFix\incl\setpath.exe
c:\Documents and Settings\dominique\Mes documents\programmes d'instalation\MSNFix\incl\swreg.exe
c:\Documents and Settings\dominique\Mes documents\programmes d'instalation\MSNFix\incl\zip.exe
c:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\avewin32.dll
c:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\ppcrlconfig.dll
c:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\production\ppcrlconfig.dll
c:\Documents and Settings\All Users\Application Data\Nero\DrWeb\Drweb32.dll
c:\Documents and Settings\All Users\Application Data\Oberongames\OberongamesLoader\popcap\insaniquarium\Insaniquarium.dll
c:\Documents and Settings\All Users\Application Data\Oberongames\OberongamesLoader\popcap\zuma\Zuma.dll
c:\Documents and Settings\All Users\Application Data\PopCap\PopCapLoader\oberon\chuzzle\Chuzzle.dll
c:\Documents and Settings\All Users\Application Data\{938694FC-519F-43F3-8ECB-A2944038E068}\Microsoft .NET Framework 2.0\mDotNet.dll
c:\Documents and Settings\dominique\Application Data\Azureus\plugins\azemp\libInfoGetter.dll
c:\Documents and Settings\dominique\Local Settings\Application Data\Kiwee Toolbar\msvcp71.dll
c:\Documents and Settings\dominique\Local Settings\Application Data\Kiwee Toolbar\msvcr71.dll
c:\Documents and Settings\LocalService\Application Data\Microsoft\UPnP Device Host\upnphost\udhisapi.dll
****** Fin du rapport DiagHelp
Veuillez svp envoyer le fichier C:\upload_moi_ACER-7989E0343A.tar.gz a l'adresse http://upload.malekal.com
excute le 16/03/2008 à 9:45:26,81
Liste des derniers fichies modifies/crees dans windir\system32 et prefetch
C:\WINDOWS\prefetch\CHCP.COM-17EDBDC9.pf -->16/03/2008 09:44:40
C:\WINDOWS\prefetch\CMD.EXE-034B0549.pf -->16/03/2008 09:44:35
C:\WINDOWS\prefetch\WINRAR.EXE-0AA31BB9.pf -->16/03/2008 09:43:16
C:\WINDOWS\prefetch\VERCLSID.EXE-28F52AD2.pf -->16/03/2008 09:42:52
C:\WINDOWS\prefetch\E_FARNBVE.EXE-040EEB93.pf -->16/03/2008 09:40:44
C:\WINDOWS\prefetch\E_FAMTBVE.EXE-140B91EF.pf -->16/03/2008 09:40:44
C:\WINDOWS\prefetch\E_FPREBVE.EXE-1EC45BF5.pf -->16/03/2008 09:40:43
C:\WINDOWS\prefetch\RUNDLL32.EXE-6E8D4657.pf -->16/03/2008 09:39:54
C:\WINDOWS\prefetch\WLLOGINPROXY.EXE-090074F0.pf -->16/03/2008 09:39:08
C:\WINDOWS\prefetch\IEXPLORE.EXE-2D97EBE6.pf -->16/03/2008 09:39:00
C:\WINDOWS\System32\drivers\avipbb.sys -->14/03/2008 15:15:42
C:\WINDOWS\System32\drivers\fwdrv.err -->19/12/2007 20:27:01
C:\WINDOWS\System32\drivers\mrxdav.sys -->18/12/2007 10:51:35
C:\WINDOWS\System32\drivers\secdrv.sys -->13/11/2007 11:25:54
C:\WINDOWS\System32\drivers\tcpip.sys -->30/10/2007 18:20:55
C:\WINDOWS\System32\drivers\NSDriver.sys -->18/09/2007 22:33:46
C:\WINDOWS\System32\drivers\AWRTRD.sys -->18/09/2007 22:33:45
C:\WINDOWS\System32\nvapps.xml -->14/03/2008 15:18:05
C:\WINDOWS\System32\CONFIG.NT -->14/03/2008 15:10:44
C:\WINDOWS\System32\jupdate-1.6.0_05-b13.log -->14/03/2008 13:59:12
C:\WINDOWS\System32\d3d9caps.dat -->08/03/2008 17:53:10
C:\WINDOWS\System32\MRT.exe -->05/03/2008 17:30:54
C:\WINDOWS\System32\wpa.dbl -->03/03/2008 10:45:01
C:\WINDOWS\System32\javaws.exe -->22/02/2008 02:33:32
C:\WINDOWS\System32\javacpl.cpl -->22/02/2008 02:33:31
C:\WINDOWS\System32\javaw.exe -->22/02/2008 01:23:39
C:\WINDOWS\System32\java.exe -->22/02/2008 01:23:35
C:\WINDOWS\System32\lsdelete.exe -->28/01/2008 11:28:32
C:\WINDOWS\System32\pngfilt.dll -->11/01/2008 06:36:55
C:\WINDOWS\System32\FNTCACHE.DAT -->29/12/2007 15:13:22
C:\WINDOWS\System32\dxtmsft.dll -->19/12/2007 23:53:23
C:\WINDOWS\System32\TZLog.log -->13/12/2007 03:01:45
C:\WINDOWS\System32\dsm_fr.qm -->11/12/2007 20:46:04
C:\WINDOWS\System32\divxsm.tlb -->11/12/2007 20:46:04
C:\WINDOWS\System32\DivXsm.exe -->11/12/2007 20:46:04
C:\WINDOWS\System32\qt-dx331.dll -->11/12/2007 20:46:02
C:\WINDOWS\System32\ssldivx.dll -->11/12/2007 20:45:56
C:\WINDOWS\System32\libdivx.dll -->11/12/2007 20:45:56
C:\WINDOWS\System32\dtu100.dll.manifest -->11/12/2007 20:44:28
C:\WINDOWS\System32\dtu100.dll -->11/12/2007 20:44:28
C:\WINDOWS\System32\dpl100.dll.manifest -->11/12/2007 20:44:28
C:\WINDOWS\System32\dpl100.dll -->11/12/2007 20:44:28
C:\WINDOWS\wiadebug.log -->16/03/2008 09:41:34
C:\WINDOWS\WindowsUpdate.log -->16/03/2008 09:13:02
C:\WINDOWS\NeroDigital.ini -->15/03/2008 21:58:55
C:\WINDOWS\popcinfo.dat -->15/03/2008 14:19:54
C:\WINDOWS\0.log -->14/03/2008 15:18:59
C:\WINDOWS\wiaservc.log -->14/03/2008 15:18:36
C:\WINDOWS\bootstat.dat -->14/03/2008 15:17:37
C:\WINDOWS\SchedLgU.Txt -->14/03/2008 15:16:52
C:\WINDOWS\system.ini -->13/03/2008 17:03:04
C:\WINDOWS\setupact.log -->13/03/2008 15:22:49
C:\WINDOWS\msnfix.txt -->10/03/2008 17:14:00
C:\WINDOWS\ntbtlog.txt -->08/03/2008 17:44:08
C:\WINDOWS\setupapi.log -->06/03/2008 18:34:41
C:\WINDOWS\wmsetup.log -->01/03/2008 12:24:27
C:\WINDOWS\DirectX.log -->01/03/2008 12:22:12
winlogon.exe
Verified: Signed
svchost.exe
Verified: Signed
ws2_32.dll
Verified: Signed
user32.dll
Verified: Signed
tcpip.sys
Verified: Signed
ndis.sys
Verified: Signed
null.sys
Verified: Signed
ListDLLs v2.25 - DLL lister for Win9x/NT
Copyright (C) 1997-2004 Mark Russinovich
Sysinternals - www.sysinternals.com
------------------------------------------------------------------------------
explorer.exe pid: 1740
Command line: C:\WINDOWS\Explorer.EXE
Base Size Version Path
0x44080000 0xcf000 7.00.6000.16608 C:\WINDOWS\system32\WININET.dll
0x00440000 0x9000 6.00.5441.0000 C:\WINDOWS\system32\Normaliz.dll
0x43e00000 0x45000 7.00.6000.16608 C:\WINDOWS\system32\iertutil.dll
0x58b50000 0x9a000 5.82.2900.2982 C:\WINDOWS\system32\comctl32.dll
0x76f80000 0x7f000 2001.12.4414.0308 C:\WINDOWS\system32\CLBCATQ.DLL
0x77000000 0xd4000 2001.12.4414.0258 C:\WINDOWS\system32\COMRes.dll
0x76ac0000 0x11000 3.05.2284.0000 C:\WINDOWS\system32\ATL.DLL
0x44360000 0x5cd000 7.00.6000.16608 C:\WINDOWS\system32\ieframe.dll
0x442b0000 0x3c000 7.00.6000.16608 C:\WINDOWS\system32\webcheck.dll
0x44160000 0x127000 7.00.6000.16608 C:\WINDOWS\system32\urlmon.dll
0x164a0000 0x23000 5.02.5721.5145 C:\WINDOWS\system32\WPDShServiceObj.dll
0x109c0000 0x2c000 5.02.5721.5145 C:\WINDOWS\system32\PortableDeviceTypes.dll
0x10930000 0x49000 5.02.5721.5145 C:\WINDOWS\system32\PortableDeviceApi.dll
0x02320000 0x2be000 3.01.4000.4039 C:\WINDOWS\system32\msi.dll
0x10000000 0x6000 7.02.0000.0137 C:\DOCUME~1\DOMINI~1\LOCALS~1\Temp\IadHide5.dll
0x01840000 0x11000 C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon.dll
0x01870000 0xe000 1.09.0000.0000 C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.dll
0x10100000 0xe000 2.40.0849.0000 C:\Program Files\Logitech\SetPoint\lgscroll.dll
0x7c340000 0x56000 7.10.3052.0004 C:\WINDOWS\system32\MSVCR71.dll
0x7c3a0000 0x7b000 7.10.3077.0000 C:\WINDOWS\system32\MSVCP71.dll
0x01100000 0x34000 1.00.0000.0000 C:\WINDOWS\RACHook12.DLL
0x00fe0000 0x12000 C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.dll
0x02050000 0x27000 1.00.0003.0021 C:\Program Files\IncrediMail\bin\B4ImApp.dll
0x03c40000 0x1b9000 2.00.0000.0008 C:\Program Files\Fichiers communs\Ahead\Lib\NeroDigitalExt.dll
0x7c140000 0x103000 7.10.3077.0000 C:\Program Files\Fichiers communs\Ahead\Lib\MFC71.DLL
0x5d360000 0xf000 7.10.3077.0000 C:\WINDOWS\system32\MFC71FRA.DLL
0x03f00000 0x5b000 8.01.0000.0000 C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.dll
0x78130000 0x9b000 8.00.50727.0163 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\MSVCR80.dll
0x74730000 0x3d000 3.525.1117.0000 C:\WINDOWS\system32\ODBC32.dll
0x043e0000 0x18000 3.525.1117.0000 C:\WINDOWS\system32\odbcint.dll
0x74da0000 0x6c000 5.30.0023.1228 C:\WINDOWS\system32\RICHED20.dll
0x06470000 0x3b8000 2.10.0001.0001 C:\Program Files\Nero\Nero 7\Nero CoverDesigner\covered-fra.NLS
0x58640000 0x8a000 1.09.0000.0305 C:\WINDOWS\system32\l3codeca.acm
0x06e90000 0x2f2000 10.01.0001.10900 C:\Program Files\Fichiers communs\Ahead\Lib\AdvrCntr2.dll
0x07190000 0x75a000 6.14.0010.9136 C:\WINDOWS\system32\nvcpl.dll
0x74bf0000 0x2c000 4.02.5406.0000 C:\WINDOWS\system32\OLEACC.dll
0x76010000 0x65000 6.02.3104.0000 C:\WINDOWS\system32\MSVCP60.dll
0x03830000 0x73000 6.14.0010.11044 C:\WINDOWS\system32\nvshell.dll
0x03800000 0x2d000 C:\Program Files\WinRAR\rarext.dll
0x01ec0000 0x11000 3.00.0000.0000 C:\Program Files\IncrediMail\bin\ImShExtU.dll
0x02020000 0x13000 1.00.0000.0000 C:\Program Files\EPSON\Creativity Suite\Easy Photo Print\EPPShell.dll
0x73d20000 0xfe000 6.02.4131.0000 C:\WINDOWS\system32\MFC42.DLL
0x61d70000 0xe000 6.00.8665.0000 C:\WINDOWS\system32\MFC42LOC.DLL
0x02a40000 0x14000 2.02.0000.0011 C:\WINDOWS\system32\eDSshellExt.dll
0x7c120000 0x19000 7.10.3077.0000 C:\WINDOWS\system32\ATL71.DLL
0x05840000 0x1e2000 2.10.0001.0001 C:\Program Files\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll
0x03990000 0x19000 2.10.0003.0002 C:\Program Files\Nero\Nero 7\Nero BackItUp\NBShell.dll
0x05020000 0x102000 7.10.3077.0000 C:\Program Files\Nero\Nero 7\Nero BackItUp\MFC71U.DLL
0x03b10000 0x11000 7.00.0000.0010 C:\Program Files\Avira\AntiVir PersonalEdition Classic\shlext.dll
0x06830000 0x13d000 2.00.0016.0000 C:\Program Files\Fichiers communs\Ahead\Lib\MediaLibraryNSE.dll
0x5a500000 0x50000 8.05.1302.1018 C:\Program Files\Windows Live\Messenger\fsshext.8.5.1302.1018.dll
0x16210000 0x27e000 5.02.5721.5145 C:\WINDOWS\system32\wpdshext.dll
0x40000000 0x7a000 5.02.3790.3646 C:\WINDOWS\system32\Audiodev.dll
0x15110000 0x25a000 11.00.5721.5145 C:\WINDOWS\system32\WMVCore.DLL
0x11c70000 0x3a000 11.00.5721.5238 C:\WINDOWS\system32\WMASF.DLL
0x038b0000 0x10000 8.00.0000.0456 C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
0x04720000 0x5b000 1.01.0000.0000 C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
0x6bd10000 0x10000 12.00.4518.1014 C:\Program Files\Microsoft Office\Office12\msohevi.dll
ListDLLs v2.25 - DLL lister for Win9x/NT
Copyright (C) 1997-2004 Mark Russinovich
Sysinternals - www.sysinternals.com
------------------------------------------------------------------------------
winlogon.exe pid: 752
Command line: winlogon.exe
Base Size Version Path
0x01000000 0x81000 \??\C:\WINDOWS\system32\winlogon.exe
0x58b50000 0x9a000 5.82.2900.2982 C:\WINDOWS\system32\COMCTL32.dll
0x74730000 0x3d000 3.525.1117.0000 C:\WINDOWS\system32\ODBC32.dll
0x20000000 0x18000 3.525.1117.0000 C:\WINDOWS\system32\odbcint.dll
0x77000000 0xd4000 2001.12.4414.0258 C:\WINDOWS\system32\COMRes.dll
0x76f80000 0x7f000 2001.12.4414.0308 C:\WINDOWS\system32\CLBCATQ.DLL
0x76010000 0x65000 6.02.3104.0000 C:\WINDOWS\system32\MSVCP60.dll
Le volume dans le lecteur C s'appelle ACER
Le numéro de série du volume est DC97-BF5A
Répertoire de C:\WINDOWS\system
24/12/1998 09:15 345 983 RCDsetup.exe
1 fichier(s) 345 983 octets
0 Rép(s) 29 766 610 944 octets libres
Le volume dans le lecteur C s'appelle ACER
Le numéro de série du volume est DC97-BF5A
Répertoire de C:\WINDOWS\system32
10/08/2004 21:00 6 144 csrss.exe
1 fichier(s) 6 144 octets
0 Rép(s) 29 766 610 944 octets libres
Contenu de Downloaded Program Files
Le volume dans le lecteur C s'appelle ACER
Le numéro de série du volume est DC97-BF5A
Répertoire de C:\WINDOWS\Downloaded Program Files
06/03/2008 18:34 <REP> .
06/03/2008 18:34 <REP> ..
13/01/2005 15:59 233 Crusher.inf
11/08/2006 18:28 65 desktop.ini
25/07/2002 16:13 24 576 dwusplay.dll
25/07/2002 16:13 196 608 dwusplay.exe
11/04/2007 14:55 1 292 erma.inf
25/07/2002 16:05 172 032 isusweb.dll
25/04/2007 09:14 1 461 MusicManager.inf
25/06/2007 11:53 501 064 MusicManagerLib.dll
25/06/2007 11:53 1 099 184 MusicManagerPlugin.ocx
25/06/2007 11:53 95 560 MusicManagerUnInstaller.exe
28/11/2005 13:20 135 168 Oberongamesloader.dll
07/11/2005 16:47 257 Oberongamesloader.inf
18/05/2007 12:41 157 000 OD2hpb.dll
19/12/2003 17:02 126 976 popcaploader.dll
19/12/2003 15:43 241 popcaploader.inf
04/01/2008 09:51 144 swdir.inf
11/06/2007 11:21 5 021 swflash.inf
01/06/2004 13:41 853 yinst.inf
01/06/2004 13:36 141 312 yinsthelper.dll
19 fichier(s) 2 659 047 octets
Total des fichiers listés :
19 fichier(s) 2 659 047 octets
2 Rép(s) 29 766 606 848 octets libres
Recherche de rootkit! (Merci S!Ri)
Recherche d'infections connues
Export des clefs sensibles..
Liste des fichiers en exception sur le pare-feu XP SP2
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\IncrediMail\\bin\\ImApp.exe"="C:\\Program Files\\IncrediMail\\bin\\ImApp.exe:*:Enabled:IncrediMail"
"C:\\Program Files\\IncrediMail\\bin\\IncMail.exe"="C:\\Program Files\\IncrediMail\\bin\\IncMail.exe:*:Enabled:IncrediMail"
"C:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"="C:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe:*:Enabled:IncrediMail"
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Disabled:Logitech Desktop Messenger"
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Enabled:eMule"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\WINDOWS\\system32\\dpvsetup.exe"="C:\\WINDOWS\\system32\\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\\WINDOWS\\system32\\rundll32.exe"="C:\\WINDOWS\\system32\\rundll32.exe:*:Enabled:Exécuter une DLL en tant qu'application"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Fichiers communs\\Ahead\\Nero Web\\SetupX.exe"="C:\\Program Files\\Fichiers communs\\Ahead\\Nero Web\\SetupX.exe:*:Enabled:Nero ProductSetup"
"C:\\Program Files\\IncrediMail\\bin\\IncrediMail_Install.exe"="C:\\Program Files\\IncrediMail\\bin\\IncrediMail_Install.exe:*:Enabled:IncrediMail Installer"
"C:\\Program Files\\Azureus\\Azureus.exe"="C:\\Program Files\\Azureus\\Azureus.exe:*:Enabled:Azureus"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
Export de la clef SharedTaskScheduler
[SharedTaskScheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pré-chargeur Browseui"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Démon de cache des catégories de composant"
exports des policies
REGEDIT4
[system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001
"InstallVisualStyle"=hex(2):43,3a,5c,57,49,4e,44,4f,57,53,5c,52,65,73,6f,75,72,\
63,65,73,5c,54,68,65,6d,65,73,5c,52,6f,79,61,6c,65,5c,52,6f,79,61,6c,65,2e,\
6d,73,73,74,79,6c,65,73,00
"InstallTheme"=hex(2):43,3a,5c,57,49,4e,44,4f,57,53,5c,52,65,73,6f,75,72,63,65,\
73,5c,54,68,65,6d,65,73,5c,52,6f,79,61,6c,65,2e,74,68,65,6d,65,00
Export des clefs sensibles..
Rechercher adresses sensibles dans le fichier HOSTS...
catchme 0.3.1319 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-16 09:46:07
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden services & system hive ...
IPC error: 2 Le fichier spécifié est introuvable.
scanning hidden registry entries ...
scanning hidden files ...
scan completed successfully
hidden services: 0
hidden files: 0
KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg)
Process list by traversal of KiWaitListHead
4 - System
500 - MemCheck.exe
516 - avgnt.exe
528 - ctfmon.exe
560 - LogitechDesktop
600 - CTLCMgr.exe
716 - msnmsgr.exe
728 - csrss.exe
752 - winlogon.exe
800 - services.exe
812 - lsass.exe
988 - svchost.exe
1056 - svchost.exe
1104 - sched.exe
1124 - NMBgMonitor.exe
1136 - EDICT.EXE
1152 - svchost.exe
1192 - svchost.exe
1240 - svchost.exe
1276 - emule.exe
1364 - svchost.exe
1436 - Acer.Empowering
1520 - aawservice.exe
1568 - ZDWlan.exe
1572 - ehSched.exe
1740 - explorer.exe
1816 - spoolsv.exe
1880 - avguard.exe
2104 - RocketDock.exe
2128 - YzShadow.exe
2184 - nvsvc32.exe
2236 - ImApp.exe
2332 - svchost.exe
2528 - mcrdsvc.exe
3620 - NMIndexingServi
3708 - dllhost.exe
3964 - NMIndexStoreSvr
4036 - alg.exe
4196 - usnsvc.exe
5824 - msnmsgr.exe
7132 - iexplore.exe
7152 - cmd.exe
Total number of processes = 42
NOTE: Under WinXP, this will not show all processes.
KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg)
Driver/Module list by traversal of PsLoadedModuleList
804D7000 - \WINDOWS\system32\ntkrnlpa.exe
806E2000 - \WINDOWS\system32\hal.dll
BADA8000 - \WINDOWS\system32\KDCOM.DLL
BACB8000 - \WINDOWS\system32\BOOTVID.dll
BA778000 - ACPI.sys
BADAA000 - \WINDOWS\system32\DRIVERS\WMILIB.SYS
BA767000 - pci.sys
BA8A8000 - isapnp.sys
BA8B8000 - ohci1394.sys
BA8C8000 - \WINDOWS\system32\DRIVERS\1394BUS.SYS
BAE70000 - pciide.sys
BAB28000 - \WINDOWS\system32\DRIVERS\PCIIDEX.SYS
BA8D8000 - MountMgr.sys
BA748000 - ftdisk.sys
BADAC000 - dmload.sys
BA722000 - dmio.sys
BA70C000 - nvraid.sys
BA8E8000 - \WINDOWS\system32\drivers\CLASSPNP.SYS
BAB30000 - PartMgr.sys
BACBC000 - UBHelper.sys
BA8F8000 - VolSnap.sys
BA6F4000 - atapi.sys
BA6DA000 - nvatabus.sys
BA908000 - disk.sys
BA6BA000 - fltMgr.sys
BA6A8000 - sr.sys
BA918000 - PxHelp20.sys
BA691000 - KSecDD.sys
BA67E000 - WudfPf.sys
BA5F1000 - Ntfs.sys
BA5C4000 - NDIS.sys
BA5A9000 - Mup.sys
BA948000 - \SystemRoot\system32\DRIVERS\AmdK8.sys
BAB78000 - \SystemRoot\system32\DRIVERS\usbohci.sys
BA528000 - \SystemRoot\system32\DRIVERS\USBPORT.SYS
BAB80000 - \SystemRoot\system32\DRIVERS\usbehci.sys
BA958000 - \SystemRoot\system32\DRIVERS\nic1394.sys
BA503000 - \SystemRoot\system32\DRIVERS\HDAudBus.sys
BA968000 - \SystemRoot\system32\DRIVERS\imapi.sys
BA978000 - \SystemRoot\system32\DRIVERS\cdrom.sys
BA988000 - \SystemRoot\system32\DRIVERS\redbook.sys
BA4E0000 - \SystemRoot\system32\DRIVERS\ks.sys
BADAE000 - \SystemRoot\system32\DRIVERS\NTIDrvr.sys
BA11F000 - \SystemRoot\system32\DRIVERS\nv4_mini.sys
BA10B000 - \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
BA0CF000 - \SystemRoot\system32\DRIVERS\yk51x86.sys
BA0BE000 - \SystemRoot\system32\DRIVERS\serial.sys
BAD64000 - \SystemRoot\system32\DRIVERS\serenum.sys
BA0AA000 - \SystemRoot\system32\DRIVERS\parport.sys
BA998000 - \SystemRoot\system32\DRIVERS\i8042prt.sys
BA9A8000 - \SystemRoot\system32\DRIVERS\L8042mou.Sys
BA099000 - \SystemRoot\system32\DRIVERS\LMouKE.Sys
BABB8000 - \SystemRoot\system32\DRIVERS\mouclass.sys
BAD6C000 - \SystemRoot\system32\DRIVERS\L8042Kbd.sys
BABC8000 - \SystemRoot\system32\DRIVERS\kbdclass.sys
BAF9A000 - \SystemRoot\system32\DRIVERS\audstub.sys
BA9B8000 - \SystemRoot\system32\DRIVERS\rasl2tp.sys
BAD74000 - \SystemRoot\system32\DRIVERS\ndistapi.sys
BA082000 - \SystemRoot\system32\DRIVERS\ndiswan.sys
BA9C8000 - \SystemRoot\system32\DRIVERS\raspppoe.sys
BA9D8000 - \SystemRoot\system32\DRIVERS\raspptp.sys
BABE8000 - \SystemRoot\system32\DRIVERS\TDI.SYS
BA049000 - \SystemRoot\system32\DRIVERS\psched.sys
BA9E8000 - \SystemRoot\system32\DRIVERS\msgpc.sys
BABF8000 - \SystemRoot\system32\DRIVERS\ptilink.sys
BAC08000 - \SystemRoot\system32\DRIVERS\raspti.sys
B9F78000 - \SystemRoot\system32\DRIVERS\rdpdr.sys
BA9F8000 - \SystemRoot\system32\DRIVERS\termdd.sys
BADB4000 - \SystemRoot\system32\DRIVERS\swenum.sys
B9F44000 - \SystemRoot\system32\DRIVERS\update.sys
BAD98000 - \SystemRoot\system32\DRIVERS\mssmbios.sys
BAA08000 - \SystemRoot\System32\Drivers\NDProxy.SYS
BAA18000 - \SystemRoot\system32\DRIVERS\usbhub.sys
BADBA000 - \SystemRoot\system32\DRIVERS\USBD.SYS
B9AB1000 - \SystemRoot\system32\drivers\RtkHDAud.sys
B9A8F000 - \SystemRoot\system32\drivers\portcls.sys
BAA28000 - \SystemRoot\system32\drivers\drmk.sys
BADC6000 - \SystemRoot\System32\Drivers\Fs_Rec.SYS
BAEFD000 - \SystemRoot\System32\Drivers\Null.SYS
BADCA000 - \SystemRoot\System32\Drivers\Beep.SYS
BAC48000 - \SystemRoot\System32\drivers\vga.sys
BADCE000 - \SystemRoot\System32\Drivers\mnmdd.SYS
BADD2000 - \SystemRoot\System32\DRIVERS\RDPCDD.sys
BAC58000 - \SystemRoot\System32\Drivers\Msfs.SYS
BAC68000 - \SystemRoot\System32\Drivers\Npfs.SYS
BA05E000 - \SystemRoot\system32\DRIVERS\rasacd.sys
B7413000 - \SystemRoot\system32\DRIVERS\ipsec.sys
B73BB000 - \SystemRoot\system32\DRIVERS\tcpip.sys
B7393000 - \SystemRoot\system32\DRIVERS\netbt.sys
B7372000 - \SystemRoot\system32\DRIVERS\ipnat.sys
BAA58000 - \SystemRoot\system32\DRIVERS\wanarp.sys
B7350000 - \SystemRoot\System32\drivers\afd.sys
BAA68000 - \SystemRoot\system32\DRIVERS\arp1394.sys
BAA78000 - \SystemRoot\system32\DRIVERS\netbios.sys
BAC80000 - \SystemRoot\System32\Drivers\StarOpen.SYS
BAC90000 - \SystemRoot\system32\DRIVERS\ssmdrv.sys
B7325000 - \SystemRoot\system32\DRIVERS\rdbss.sys
B72B6000 - \SystemRoot\system32\DRIVERS\mrxsmb.sys
BAA98000 - \SystemRoot\System32\Drivers\Fips.SYS
BAAA8000 - \SystemRoot\system32\DRIVERS\avipbb.sys
BADD8000 - \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys
B71CA000 - \SystemRoot\system32\DRIVERS\V0220Dev.sys
BADDC000 - \SystemRoot\system32\DRIVERS\V0220Vfx.sys
BACB0000 - \SystemRoot\system32\DRIVERS\USBSTOR.SYS
B71A7000 - \SystemRoot\System32\Drivers\Fastfat.SYS
B718F000 - \SystemRoot\System32\Drivers\dump_atapi.sys
BADE6000 - \SystemRoot\System32\Drivers\dump_WMILIB.SYS
BF800000 - \SystemRoot\System32\win32k.sys
B7452000 - \SystemRoot\System32\drivers\Dxapi.sys
BABB0000 - \SystemRoot\System32\watchdog.sys
BF9C3000 - \SystemRoot\System32\drivers\dxg.sys
BAF22000 - \SystemRoot\System32\drivers\dxgthk.sys
BF9D5000 - \SystemRoot\System32\nv4_disp.dll
B5CCF000 - \SystemRoot\system32\DRIVERS\ndisuio.sys
B4F16000 - \SystemRoot\system32\drivers\wdmaud.sys
B4FFB000 - \SystemRoot\system32\drivers\sysaudio.sys
B9FA9000 - \SystemRoot\System32\Drivers\Cdfs.SYS
B4BAE000 - \SystemRoot\system32\DRIVERS\mrxdav.sys
B4AAB000 - \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys
B47EA000 - \SystemRoot\System32\Drivers\HTTP.sys
B4671000 - \SystemRoot\system32\DRIVERS\srv.sys
B657F000 - \SystemRoot\System32\Drivers\ZDPSp50.sys
B0017000 - \SystemRoot\system32\drivers\kmixer.sys
BAF36000 - \SystemRoot\System32\DRIVERS\KProcCheck.sys
Total number of drivers = 124
Liste des programmes installes
ABBYY FineReader 6.0 Sprint
Acer eDataSecurity Management
Acer eDataSecurity Management 2.0.3077
Acer Empowering Technology
Acer ePerformance Management
Acer WLAN 11g USB Dongle
Acer WLAN 11g USB Dongle
Ad-Aware 2007
Adobe Bridge 1.0
Adobe Common File Installer
Adobe Flash Player 9 ActiveX
Adobe Flash Player 9 ActiveX
Adobe Flash Player ActiveX
Adobe Help Center 1.0
Adobe Photoshop CS2
Adobe Photoshop CS2
Adobe Reader 8.1.2
Adobe Shockwave Player
Adobe Stock Photos 1.0
Advanced Video FX Engine
Archiveur WinRAR
ArcSoft PhotoStudio 5
Assistant de connexion Windows Live
Audacity 1.2.6
AutoUpdate
Avira AntiVir PersonalEdition Classic
Bejeweled 2 Deluxe
Côte d'Azur Palace Casino
Codeur Windows Media Série 9
Codeur Windows Media Série 9
Collection Microsoft Encarta 2006
Coloriage
commercial
Correctif n° 2 pour Windows XP Édition Media Center 2005
Correctif pour Lecteur Windows Media 11 (KB939683)
Correctif pour Windows XP (KB888795)
Correctif pour Windows XP (KB891593)
Correctif pour Windows XP (KB893357)
Correctif pour Windows XP (KB896256)
Correctif pour Windows XP (KB898444)
Correctif pour Windows XP (KB899337)
Correctif pour Windows XP (KB899510)
Correctif pour Windows XP (KB902841)
Correctif pour Windows XP (KB906569)
Correctif pour Windows XP (KB914440)
Correctif pour Windows XP (KB935448)
Correctif Windows XP - KB867282
Correctif Windows XP - KB873333
Correctif Windows XP - KB873339
Correctif Windows XP - KB885250
Correctif Windows XP - KB885835
Correctif Windows XP - KB885836
Correctif Windows XP - KB886185
Correctif Windows XP - KB887472
Correctif Windows XP - KB888113
Correctif Windows XP - KB888239
Correctif Windows XP - KB888302
Correctif Windows XP - KB890047
Correctif Windows XP - KB890175
Correctif Windows XP - KB890859
Correctif Windows XP - KB890923
Correctif Windows XP - KB891781
Correctif Windows XP - KB893086
Correctif Windows XP - KB895961
Creative Live! Cam Center
Creative Live! Cam Manager
Creative Live! Cam Video IM Driver (1.01.01.00)
Creative Photo Calendar
Creative Photo Manager
Creative Software AutoUpdate
Creative System Information
DivX Codec
DivX Content Uploader
DivX Converter
DivX Player
DivX Web Player
eMule
EPSON Attach To Email
EPSON Attach To Email
EPSON Copy Utility 3
EPSON Easy Photo Print
EPSON File Manager
EPSON Logiciel imprimante
EPSON Scan
EPSON Scan Assistant
EPSON Web-To-Page
ESDX5000_CX4900 Guide d’utilisation
Europa Casino
Firebird SQL Server - MAGIX Edition (F)
GemMaster Mystic
Gimp Pack Mode 2.4.2
High Definition Audio Driver Package - KB888111
HijackThis 2.0.2
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 10 (KB903157)
Hotfix for Windows XP (KB915865)
Hotfix for Windows XP (KB926239)
IncrediMail Xe
Installer Yahoo! Messenger
J2SE Runtime Environment 5.0 Update 6
Java(TM) 6 Update 5
L&H TTS3000 Français
Lecteur Windows Media 11
Lettres, Courriers Types & Présentations
LightScribe 1.4.74.1
Logitech Desktop Messenger
Logitech SetPoint
Luxor 3
Macrogaming SweetIM 2.1
Mah Jong 3D
Manuel d'utilisation de Creative Live! Cam Video IM (Français)
Micro Application - Faire-part Edition Classic
Micro Application - Les Jeux du DICO12
Micro Application - MediaDICO 12
Microsoft .NET Framework 1.0 Hotfix (KB930494)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 French Language Pack
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office Access MUI (French) 2007
Microsoft Office Excel MUI (French) 2007
Microsoft Office InfoPath MUI (French) 2007
Microsoft Office Outlook MUI (French) 2007
Microsoft Office PowerPoint MUI (French) 2007
Microsoft Office Professional Plus 2007
Microsoft Office Professional Plus 2007
Microsoft Office Proof (Arabic) 2007
Microsoft Office Proof (Dutch) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (German) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (French) 2007
Microsoft Office Publisher MUI (French) 2007
Microsoft Office Shared MUI (French) 2007
Microsoft Office Word MUI (French) 2007
Microsoft Software Update for Web Folders (French) 12
Microsoft User-Mode Driver Framework Feature Pack 1.0
Mise à jour de sécurité pour Lecteur Windows Media (KB911564)
Mise à jour de sécurité pour Lecteur Windows Media 10 (KB911565)
Mise à jour de sécurité pour Lecteur Windows Media 10 (KB936782)
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)
Mise à jour de sécurité pour Lecteur Windows Media 6.4 (KB925398)
Mise à jour de sécurité pour Step by Step Interactive Training (KB898458)
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB937143)
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB939653)
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615)
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB944533)
Mise à jour de sécurité pour Windows XP (KB883939)
Mise à jour de sécurité pour Windows XP (KB890046)
Mise à jour de sécurité pour Windows XP (KB893756)
Mise à jour de sécurité pour Windows XP (KB896358)
Mise à jour de sécurité pour Windows XP (KB896422)
Mise à jour de sécurité pour Windows XP (KB896423)
Mise à jour de sécurité pour Windows XP (KB896424)
Mise à jour de sécurité pour Windows XP (KB896428)
Mise à jour de sécurité pour Windows XP (KB899587)
Mise à jour de sécurité pour Windows XP (KB899588)
Mise à jour de sécurité pour Windows XP (KB899589)
Mise à jour de sécurité pour Windows XP (KB899591)
Mise à jour de sécurité pour Windows XP (KB900725)
Mise à jour de sécurité pour Windows XP (KB901017)
Mise à jour de sécurité pour Windows XP (KB901190)
Mise à jour de sécurité pour Windows XP (KB901214)
Mise à jour de sécurité pour Windows XP (KB902400)
Mise à jour de sécurité pour Windows XP (KB903235)
Mise à jour de sécurité pour Windows XP (KB904706)
Mise à jour de sécurité pour Windows XP (KB905414)
Mise à jour de sécurité pour Windows XP (KB905749)
Mise à jour de sécurité pour Windows XP (KB905915)
Mise à jour de sécurité pour Windows XP (KB908519)
Mise à jour de sécurité pour Windows XP (KB908531)
Mise à jour de sécurité pour Windows XP (KB911562)
Mise à jour de sécurité pour Windows XP (KB911567)
Mise à jour de sécurité pour Windows XP (KB911927)
Mise à jour de sécurité pour Windows XP (KB912812)
Mise à jour de sécurité pour Windows XP (KB912919)
Mise à jour de sécurité pour Windows XP (KB913433)
Mise à jour de sécurité pour Windows XP (KB913446)
Mise à jour de sécurité pour Windows XP (KB913580)
Mise à jour de sécurité pour Windows XP (KB914388)
Mise à jour de sécurité pour Windows XP (KB914389)
Mise à jour de sécurité pour Windows XP (KB917344)
Mise à jour de sécurité pour Windows XP (KB917953)
Mise à jour de sécurité pour Windows XP (KB918118)
Mise à jour de sécurité pour Windows XP (KB918439)
Mise à jour de sécurité pour Windows XP (KB919007)
Mise à jour de sécurité pour Windows XP (KB920213)
Mise à jour de sécurité pour Windows XP (KB920670)
Mise à jour de sécurité pour Windows XP (KB920683)
Mise à jour de sécurité pour Windows XP (KB920685)
Mise à jour de sécurité pour Windows XP (KB921503)
Mise à jour de sécurité pour Windows XP (KB922819)
Mise à jour de sécurité pour Windows XP (KB923191)
Mise à jour de sécurité pour Windows XP (KB923414)
Mise à jour de sécurité pour Windows XP (KB923689)
Mise à jour de sécurité pour Windows XP (KB923980)
Mise à jour de sécurité pour Windows XP (KB924270)
Mise à jour de sécurité pour Windows XP (KB924496)
Mise à jour de sécurité pour Windows XP (KB924667)
Mise à jour de sécurité pour Windows XP (KB925902)
Mise à jour de sécurité pour Windows XP (KB926255)
Mise à jour de sécurité pour Windows XP (KB926436)
Mise à jour de sécurité pour Windows XP (KB927779)
Mise à jour de sécurité pour Windows XP (KB927802)
Mise à jour de sécurité pour Windows XP (KB928255)
Mise à jour de sécurité pour Windows XP (KB928843)
Mise à jour de sécurité pour Windows XP (KB929123)
Mise à jour de sécurité pour Windows XP (KB930178)
Mise à jour de sécurité pour Windows XP (KB931261)
Mise à jour de sécurité pour Windows XP (KB931784)
Mise à jour de sécurité pour Windows XP (KB932168)
Mise à jour de sécurité pour Windows XP (KB933729)
Mise à jour de sécurité pour Windows XP (KB935839)
Mise à jour de sécurité pour Windows XP (KB935840)
Mise à jour de sécurité pour Windows XP (KB936021)
Mise à jour de sécurité pour Windows XP (KB937143)
Mise à jour de sécurité pour Windows XP (KB937894)
Mise à jour de sécurité pour Windows XP (KB938127)
Mise à jour de sécurité pour Windows XP (KB938829)
Mise à jour de sécurité pour Windows XP (KB941202)
Mise à jour de sécurité pour Windows XP (KB941568)
Mise à jour de sécurité pour Windows XP (KB941569)
Mise à jour de sécurité pour Windows XP (KB941644)
Mise à jour de sécurité pour Windows XP (KB943055)
Mise à jour de sécurité pour Windows XP (KB943460)
Mise à jour de sécurité pour Windows XP (KB943485)
Mise à jour de sécurité pour Windows XP (KB944653)
Mise à jour de sécurité pour Windows XP (KB946026)
Mise à jour pour Lecteur Windows Media 10 (KB910393)
Mise à jour pour Lecteur Windows Media 10 (KB913800)
Mise à jour pour Lecteur Windows Media 10 (KB926251)
Mise à jour pour Windows XP (KB894391)
Mise à jour pour Windows XP (KB896727)
Mise à jour pour Windows XP (KB898461)
Mise à jour pour Windows XP (KB900485)
Mise à jour pour Windows XP (KB904942)
Mise à jour pour Windows XP (KB910437)
Mise à jour pour Windows XP (KB911280)
Mise à jour pour Windows XP (KB912945)
Mise à jour pour Windows XP (KB916595)
Mise à jour pour Windows XP (KB920872)
Mise à jour pour Windows XP (KB922582)
Mise à jour pour Windows XP (KB927891)
Mise à jour pour Windows XP (KB930916)
Mise à jour pour Windows XP (KB933360)
Mise à jour pour Windows XP (KB938828)
Mise à jour pour Windows XP (KB942763)
MSXML 4.0 SP2 (KB936181)
MultiMedia Toolbar
MyDSC2
Nero 7 Ultra Edition
neroxml
Neuf - Kit de connexion
NTI Backup NOW! 4
NTI Backup NOW! 4
NTI CD & DVD-Maker
NTI CD & DVD-Maker
NVIDIA Drivers
OCA Client history tool install
Otto
Pack Vista Inspirat 2 1.0
Package de pilotes Windows - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0)
Package de pilotes Windows - AMD System (04/06/2006 1.0.1.0)
PIF DESIGNER
Pochette Express 2
PowerDVD
Prestige Casino
Realtek High Definition Audio Driver
SAMSUNG CDMA Modem Driver Set
SAMSUNG Mobile Composite Device Software
Samsung Mobile phone USB driver Software
SAMSUNG Mobile USB Modem 1.0 Software
SAMSUNG Mobile USB Modem Software
Samsung PC Studio 3
Samsung PC Studio 3
Search Settings
Security Update for CAPICOM (KB931906)
Security Update for CAPICOM (KB931906)
Security Update for Excel 2007 (KB946974)
Security Update for Office 2007 (KB934062)
Security Update for Office 2007 (KB947801)
Security Update for Outlook 2007 (KB946983)
Security Update for Publisher 2007 (KB936646)
Security Update for the 2007 Microsoft Office System (KB936960)
SightSpeed (remove only)
Sonic Encoders
Spybot - Search & Destroy 1.4
SpywareBlaster 4.0
SweetIM For Internet Explorer 3.0b
Ulead Photo Explorer 8.0 SE Basic
Ulead Photo Express 5 SE
Update for Office 2007 (KB932080)
Update for Office 2007 (KB934391)
Update for Office 2007 (KB934393)
Update for Outlook 2007 Junk Email Filter (kb947945)
Update for Word 2007 (KB934173)
WebFldrs XP
Windows Genuine Advantage Validation Tool (KB892130)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 7
Windows Live installer
Windows Live Messenger
Windows Live OneCare safety scanner
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Media Center Edition 2005 KB908246
Windows XP Media Center Edition 2005 KB925766
Le volume dans le lecteur C s'appelle ACER
Le numéro de série du volume est DC97-BF5A
Répertoire de C:\Program Files
14/03/2008 15:13 <REP> .
14/03/2008 15:13 <REP> ..
19/09/2007 19:02 <REP> ABBYY FineReader 6.0 Sprint
30/08/2007 04:28 <REP> Acer WLAN 11g USB Dongle
15/09/2007 08:49 <REP> Adobe
18/09/2007 20:51 <REP> Ahead
29/08/2007 20:42 <REP> Alwil Software
18/09/2007 21:32 <REP> ArcSoft
07/10/2007 10:32 <REP> AskTBar
23/12/2007 14:29 <REP> Audacity
14/03/2008 15:13 <REP> Avira
22/12/2007 13:37 <REP> Azureus
30/08/2007 04:28 <REP> commercial
11/08/2006 18:27 <REP> ComPlus Applications
29/08/2007 21:51 <REP> Creative
30/08/2007 04:28 <REP> CyberLink
22/02/2008 20:09 <REP> denouvel
30/08/2007 04:28 <REP> DIFX
22/12/2007 15:01 <REP> DivX
14/03/2008 15:19 <REP> eMule
29/08/2007 21:23 <REP> epson
30/12/2007 10:40 <REP> Fichiers communs
30/08/2007 04:28 <REP> FrenchOtto
30/08/2007 04:28 <REP> GemMasterFrench
26/02/2008 17:28 <REP> Gimp Pack Mode
04/02/2008 17:16 <REP> Google
05/02/2008 19:25 <REP> Incredijeux
10/01/2008 19:22 <REP> IncrediMail
13/02/2008 09:50 <REP> Internet Explorer
14/03/2008 14:01 <REP> Java
18/09/2007 22:30 <REP> Lavasoft
18/09/2007 21:30 <REP> Lavasoft(2)
18/09/2007 21:31 <REP> LGGSM
29/08/2007 21:34 <REP> Logitech
30/08/2007 04:28 <REP> Messenger
09/12/2007 20:58 <REP> Micro Application
18/09/2007 22:12 <REP> Microsoft CAPICOM 2.1.0.2
30/08/2007 14:22 <REP> Microsoft Encarta
30/08/2007 04:28 <REP> microsoft frontpage
29/08/2007 21:57 <REP> Microsoft Office
29/08/2007 21:57 <REP> Microsoft Visual Studio
29/08/2007 21:57 <REP> Microsoft Works
29/08/2007 21:56 <REP> Microsoft.NET
25/11/2007 09:18 <REP> Movie Maker
29/08/2007 21:57 <REP> MSBuild
30/08/2007 04:28 <REP> MSN
11/08/2006 18:26 <REP> MSN Gaming Zone
30/12/2007 11:37 <REP> MSN Messenger
18/09/2007 22:11 <REP> MSXML 4.0
24/09/2007 17:32 <REP> Multi_Media
19/11/2007 14:15 <REP> MultiMedia Toolbar
29/08/2007 21:35 <REP> MUSICMATCH
01/03/2008 13:46 <REP> NCH Software
01/03/2008 13:47 <REP> NCH Swift Sound
30/08/2007 21:47 <REP> Nero
30/08/2007 04:28 <REP> NetMeeting
29/08/2007 20:27 <REP> Neuf
30/08/2007 04:28 <REP> NewTech Infosystems
01/03/2008 12:21 <REP> NRJ
30/08/2007 04:28 <REP> Oca History Tool
30/08/2007 04:28 <REP> Online Services
25/11/2007 09:18 <REP> Outlook Express
30/08/2007 15:21 <REP> Pochette Express 2
30/08/2007 04:28 <REP> Realtek
07/12/2007 15:58 <REP> Samsung
30/08/2007 04:28 <REP> Services en ligne
29/08/2007 21:45 <REP> SightSpeed
18/09/2007 23:00 <REP> Spybot - Search & Destroy
15/03/2008 08:47 <REP> SpywareBlaster
19/12/2007 19:28 <REP> Sunbelt Software
29/12/2007 15:07 <REP> Total Video Converter
12/03/2008 10:16 <REP> Trend Micro
07/10/2007 12:11 <REP> Web Media Player
30/12/2007 11:35 <REP> Windows Live
22/12/2007 09:49 <REP> Windows Live Safety Center
01/03/2008 12:24 <REP> Windows Media Components
19/09/2007 16:04 <REP> Windows Media Connect 2
19/09/2007 16:03 <REP> Windows Media Player
30/08/2007 04:28 <REP> Windows NT
30/08/2007 04:28 <REP> Windows Plus
30/08/2007 15:15 <REP> WinRAR
30/08/2007 04:28 <REP> xerox
07/10/2007 10:30 <REP> Yahoo!
0 fichier(s) 0 octets
83 Rép(s) 29 740 273 664 octets libres
Le volume dans le lecteur C s'appelle ACER
Le numéro de série du volume est DC97-BF5A
Répertoire de C:\Program Files\fichiers communs
30/12/2007 10:40 <REP> .
30/12/2007 10:40 <REP> ..
10/03/2008 15:31 <REP> Adobe
30/08/2007 14:47 <REP> Adobe Systems Shared
20/09/2007 17:17 <REP> Ahead
29/08/2007 21:57 <REP> DESIGNER
29/08/2007 21:25 <REP> InstallShield
29/08/2007 19:38 <REP> Java
30/08/2007 04:28 <REP> LightScribe
29/08/2007 21:34 <REP> Logitech
19/09/2007 20:25 <REP> MAGIX Shared
10/10/2007 08:30 <REP> Micro Application Shared
30/12/2007 10:49 <REP> Microsoft Shared
30/08/2007 04:28 <REP> MSSoap
11/08/2006 18:52 <REP> muvee Technologies
30/08/2007 04:28 <REP> NewTech Infosystems
18/09/2007 23:16 <REP> Oberon Media
30/08/2007 04:28 <REP> ODBC
30/08/2007 04:28 <REP> Services
30/08/2007 04:28 <REP> SpeechEngines
29/08/2007 20:11 <REP> Symantec Shared
29/08/2007 21:54 <REP> System
28/12/2007 22:35 <REP> Ulead Systems
18/09/2007 22:29 <REP> Wise Installation Wizard
0 fichier(s) 0 octets
24 Rép(s) 29 740 269 568 octets libres
Le volume dans le lecteur C s'appelle ACER
Le numéro de série du volume est DC97-BF5A
Répertoire de C:\Program Files\fichiers communs\Microsoft Shared\Web Folders
29/08/2007 21:54 <REP> .
29/08/2007 21:54 <REP> ..
29/08/2007 21:54 <REP> 1036
26/10/2006 18:49 970 528 MSONSEXT.DLL
26/10/2006 19:12 40 256 MSOSV.DLL
03/06/1999 11:09 122 937 MSOWS409.DLL
07/03/2001 06:00 127 033 MSOWS40c.DLL
4 fichier(s) 1 260 754 octets
3 Rép(s) 29 740 269 568 octets libres
c:\Documents and Settings\dominique\Application Data\Azureus\plugins\azemp\azmplay.exe
c:\Documents and Settings\dominique\Application Data\Microsoft\Installer\{F6D63A65-BD23-46F3-B9A3-87F442423481}\ARPPRODUCTICON.exe
c:\Documents and Settings\dominique\Bureau\antivir-personal-edition-7_antivir_personal_edition_classic_7_7.06.00.270_anglais_10821.exe
c:\Documents and Settings\dominique\Bureau\ComboFix.exe
c:\Documents and Settings\dominique\Bureau\DiagHelp\catchme.exe
c:\Documents and Settings\dominique\Bureau\DiagHelp\diff.exe
c:\Documents and Settings\dominique\Bureau\DiagHelp\dumphive.exe
c:\Documents and Settings\dominique\Bureau\DiagHelp\FilesInfoCmd.exe
c:\Documents and Settings\dominique\Bureau\DiagHelp\find2.exe
c:\Documents and Settings\dominique\Bureau\DiagHelp\Fport.exe
c:\Documents and Settings\dominique\Bureau\DiagHelp\grep.exe
c:\Documents and Settings\dominique\Bureau\DiagHelp\gzip.exe
c:\Documents and Settings\dominique\Bureau\DiagHelp\KProcCheck.exe
c:\Documents and Settings\dominique\Bureau\DiagHelp\LFiles.exe
c:\Documents and Settings\dominique\Bureau\DiagHelp\LISTDLLS.exe
c:\Documents and Settings\dominique\Bureau\DiagHelp\md5sums.exe
c:\Documents and Settings\dominique\Bureau\DiagHelp\pslist.exe
c:\Documents and Settings\dominique\Bureau\DiagHelp\sigcheck.exe
c:\Documents and Settings\dominique\Bureau\DiagHelp\streams.exe
c:\Documents and Settings\dominique\Bureau\DiagHelp\swreg.exe
c:\Documents and Settings\dominique\Bureau\DiagHelp\tar.exe
c:\Documents and Settings\dominique\Local Settings\Temporary Internet Files\Content.IE5\YBG6JM1J\spywareblastersetup40[1].exe
c:\Documents and Settings\dominique\Mes documents\programmes d'instalation\20070604184003406_Samsung_PC_Studio_312.exe
c:\Documents and Settings\dominique\Mes documents\programmes d'instalation\3DMagicSetup.exe
c:\Documents and Settings\dominique\Mes documents\programmes d'instalation\ad-aware 2007.exe
c:\Documents and Settings\dominique\Mes documents\programmes d'instalation\AdbeRdr810_en_US.exe
c:\Documents and Settings\dominique\Mes documents\programmes d'instalation\audacity-win-1.2.6.exe
c:\Documents and Settings\dominique\Mes documents\programmes d'instalation\avast.exe
c:\Documents and Settings\dominique\Mes documents\programmes d'instalation\bejeweled2-setup.exe
c:\Documents and Settings\dominique\Mes documents\programmes d'instalation\Casino prestige.exe
c:\Documents and Settings\dominique\Mes documents\programmes d'instalation\cote d'azur casino.exe
c:\Documents and Settings\dominique\Mes documents\programmes d'instalation\DivXBundle.exe
c:\Documents and Settings\dominique\Mes documents\programmes d'instalation\emoticones1_5.exe
c:\Documents and Settings\dominique\Mes documents\programmes d'instalation\EmoticonesAnimaux.exe
c:\Documents and Settings\dominique\Mes documents\programmes d'instalation\eMule0.48a-Installer.exe
c:\Documents and Settings\dominique\Mes documents\programmes d'instalation\faire-part.exe
c:\Documents and Settings\dominique\Mes documents\programmes d'instalation\gimp-mode_gimp_mode_2.4.2_francais_18452.exe
c:\Documents and Settings\dominique\Mes documents\programmes d'instalation\hijackthis_hijackthis_2.02_anglais_17891.exe
c:\Documents and Settings\dominique\Mes documents\programmes d'instalation\incredimail_install.exe
c:\Documents and Settings\dominique\Mes documents\programmes d'instalation\Luxor_3-setup.exe
c:\Documents and Settings\dominique\Mes documents\programmes d'instalation\pochette express.exe
c:\Documents and Settings\dominique\Mes documents\programmes d'instalation\setup_coloriage.exe
c:\Documents and Settings\dominique\Mes documents\programmes d'instalation\Setup_FreeConverter.exe
c:\Documents and Settings\dominique\Mes documents\programmes d'instalation\SetupCasino.exe
c:\Documents and Settings\dominique\Mes documents\programmes d'instalation\Skin Windows Live Vista 8.5.1302.1018.exe
c:\Documents and Settings\dominique\Mes documents\programmes d'instalation\spybot-search-destroy_spybot_-_search_destroy_1.4_francais_10965.exe
c:\Documents and Settings\dominique\Mes documents\programmes d'instalation\spywareblastersetup40.exe
c:\Documents and Settings\dominique\Mes documents\programmes d'instalation\spywarefighter.exe
c:\Documents and Settings\dominique\Mes documents\programmes d'instalation\SweetImSetup imoticones messeger.exe
c:\Documents and Settings\dominique\Mes documents\programmes d'instalation\tvc.exe
c:\Documents and Settings\dominique\Mes documents\programmes d'instalation\wrar370fr.exe
c:\Documents and Settings\dominique\Mes documents\programmes d'instalation\MSNFix\incl\handle.exe
c:\Documents and Settings\dominique\Mes documents\programmes d'instalation\MSNFix\incl\MD5File.exe
c:\Documents and Settings\dominique\Mes documents\programmes d'instalation\MSNFix\incl\Process.exe
c:\Documents and Settings\dominique\Mes documents\programmes d'instalation\MSNFix\incl\setpath.exe
c:\Documents and Settings\dominique\Mes documents\programmes d'instalation\MSNFix\incl\swreg.exe
c:\Documents and Settings\dominique\Mes documents\programmes d'instalation\MSNFix\incl\zip.exe
c:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\avewin32.dll
c:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\ppcrlconfig.dll
c:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\production\ppcrlconfig.dll
c:\Documents and Settings\All Users\Application Data\Nero\DrWeb\Drweb32.dll
c:\Documents and Settings\All Users\Application Data\Oberongames\OberongamesLoader\popcap\insaniquarium\Insaniquarium.dll
c:\Documents and Settings\All Users\Application Data\Oberongames\OberongamesLoader\popcap\zuma\Zuma.dll
c:\Documents and Settings\All Users\Application Data\PopCap\PopCapLoader\oberon\chuzzle\Chuzzle.dll
c:\Documents and Settings\All Users\Application Data\{938694FC-519F-43F3-8ECB-A2944038E068}\Microsoft .NET Framework 2.0\mDotNet.dll
c:\Documents and Settings\dominique\Application Data\Azureus\plugins\azemp\libInfoGetter.dll
c:\Documents and Settings\dominique\Local Settings\Application Data\Kiwee Toolbar\msvcp71.dll
c:\Documents and Settings\dominique\Local Settings\Application Data\Kiwee Toolbar\msvcr71.dll
c:\Documents and Settings\LocalService\Application Data\Microsoft\UPnP Device Host\upnphost\udhisapi.dll
****** Fin du rapport DiagHelp
Veuillez svp envoyer le fichier C:\upload_moi_ACER-7989E0343A.tar.gz a l'adresse http://upload.malekal.com
salut domino
passe encore cet antispyware :
telecharge malwarebytes
-> http://forum.telecharger.01net.com/forum/high-tech/PRODUITS/Questions-techniques/anti-malware-sujet_197382_1.htm
tu l´instales, le programme va se mettre a jour automatiquement.
une fois a jour le programme va se lancer, clcik sur l´onglet parametre, tu coche la case : Arreter internet explorer pendant la suppression.
click sur l´onglet recherche maintenant et coche la case : executer un examun complet.
puis click sur rechercher.
laisses le scanner le pc, a la fin un rapport va s´ouvrir copie et colle le ici stp
@+
passe encore cet antispyware :
telecharge malwarebytes
-> http://forum.telecharger.01net.com/forum/high-tech/PRODUITS/Questions-techniques/anti-malware-sujet_197382_1.htm
tu l´instales, le programme va se mettre a jour automatiquement.
une fois a jour le programme va se lancer, clcik sur l´onglet parametre, tu coche la case : Arreter internet explorer pendant la suppression.
click sur l´onglet recherche maintenant et coche la case : executer un examun complet.
puis click sur rechercher.
laisses le scanner le pc, a la fin un rapport va s´ouvrir copie et colle le ici stp
@+
Je te post 2 rapports: 1 apres l'analyse et l'autre apres avoir supprimé des fichiers infectés (684!!!!) 1er rapport:Malwarebytes' Anti-Malware 1.08
Version de la base de données: 495
Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 141455
Temps écoulé: 31 minute(s), 7 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 1
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 71
Fichier(s) infecté(s): 613
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\poof (Rootkit.Agent) -> No action taken.
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
C:\Casino (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\aroundtheworld (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\baccarat (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\baccarat_ln (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\roulette_ln (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\sicbo_ln (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\aroundtheworld\sounds (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\aroundtheworld\windows (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\gameicon (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\ln (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\login (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\menu (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\sounds (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\buttons (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\fonts (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\ln (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\ui (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\chat (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\chat\emoticons (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\chat (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\ui (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\aroundtheworld (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\baccarat_ln (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\roulette_ln (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\sicbo_ln (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\ln (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\login (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\menu (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\sounds (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\buttons (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\fonts (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\html (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\interface (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\ln (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\ui (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\html\chat (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\html\chat\emoticons (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\interface\chat (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\interface\ui (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\aroundtheworld (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\baccarat_ln (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\roulette_ln (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\shared (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\sicbo_ln (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\ln (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\login (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\menu (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\sounds (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\shared\buttons (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\shared\fonts (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\shared\html (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\shared\interface (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\shared\ln (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\shared\ui (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\shared\html\chat (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\shared\html\chat\emoticons (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\shared\interface\chat (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\shared\interface\ui (Adware.Casino) -> No action taken.
Fichier(s) infecté(s):
C:\Casino\Côte d'Azur Palace Casino\cactivex.dll (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\casino.exe (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\casino.hlp (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\directsounddriver.dll (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\fileinfo.dat (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\fileinfo2.dat (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\fileinfo2r.dat (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\gdigraphdriver.dll (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\h264dec.dll (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\nvssd430.dll (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\ptsetup.lang (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\ptsetup.log (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\replace.exe (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\unicows.dll (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\_cote d'azur casino.exe (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\aroundtheworld.dll (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\aroundtheworld.gam (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\baccarat.gam (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\cashier.dll (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\cashier.gam (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\common.dll (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\common.gam (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\loader.dll (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\loader.gam (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby.dll (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby.gam (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\aroundtheworld\anim-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\aroundtheworld\anim.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\aroundtheworld\back.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\aroundtheworld\highlow-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\aroundtheworld\highlow.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\aroundtheworld\sounds\cashout.mp3 (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\aroundtheworld\sounds\click.mp3 (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\aroundtheworld\sounds\level1.mp3 (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\aroundtheworld\sounds\level2.mp3 (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\aroundtheworld\sounds\level3.mp3 (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\aroundtheworld\sounds\level4.mp3 (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\aroundtheworld\sounds\lose.mp3 (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\aroundtheworld\sounds\reel.mp3 (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\aroundtheworld\sounds\up.mp3 (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\aroundtheworld\windows\cash_out.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\aroundtheworld\windows\gameover.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\aroundtheworld\windows\keep_playing.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\aroundtheworld\windows\play_again-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\aroundtheworld\windows\play_again.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\aroundtheworld\windows\start.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\aroundtheworld\windows\texts.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\baccarat\baccarat.lws (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\baccarat\back.z (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\baccarat_ln\history_buttons.png (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\baccarat_ln\history_symbols.png (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\animation1.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\back.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\buttons.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\cashier-over.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\contact_us.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\enter_the_name_of_the_group-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\enter_the_name_of_the_group.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\groupname-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\groupname.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\invite.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\onlinestatus.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\online_support-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\online_support.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\play_for_real.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\gameicon\gameicon-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\gameicon\menu_asian.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\gameicon\menu_cardgames.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\gameicon\menu_favourite.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\gameicon\menu_livegames.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\gameicon\menu_progressive.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\gameicon\menu_specials.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\gameicon\menu_videopoker.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\gameicon\menu_videoslots.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\ln\back.png (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\ln\checkbox.png (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\ln\close.png (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\ln\header_txt.png (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\ln\history_back.png (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\ln\join.png (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\ln\loading.png (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\ln\tabletop_arrows.png (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\ln\tabletop_limits_button.png (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\ln\tabletop_limits_table.png (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\ln\tabletop_over.png (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\ln\tabletop_sep.png (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\ln\tabletop_txt.png (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\ln\table_back.png (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\ln\tabs.png (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\ln\waiting_list.png (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\ln\waiting_list_remove.png (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\login\background-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\login\background.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\login\create_account-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\login\create_account.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\login\dont_have_an_account.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\login\forgot-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\login\forgot.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\login\login-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\login\login.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\login\play_for_fun-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\login\play_for_fun.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\login\play_for_picture.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\login\play_for_real-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\login\play_for_real.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\login\remember_password-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\login\remember_password.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\login\textbox-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\login\textbox.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\login\uppertext-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\login\uppertext.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\menu\gamebutton-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\menu\gamebutton_bottom-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\menu\gamebutton_bottom.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\menu\gamebutton_default-over.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\menu\gamebutton_default.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\menu\gamebutton_info.png (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\menu\gamebutton_root.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\menu\gamebutton_slots.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\menu\gamebutton_special-over.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\menu\gamebutton_special.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\menu\gamebutton_text-over.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\menu\gamebutton_text.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\menu\gamebutton_top-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\menu\gamebutton_top.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\menu\gametype-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\menu\gametype.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\menu\gametype_bottom-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\menu\gametype_bottom.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\menu\gametype_mahjong.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\menu\gametype_top-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\menu\gametype_top.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\menu\headers-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\menu\headers.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\menu\million2-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\menu\million2.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\menu\take5mil-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\menu\take5mil.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\sounds\ambercoast_lobby.mp3 (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\roulette_ln\history_numbers.png (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\roulette_ln\history_over.png (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\black100x100.png (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\loading.png (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\loading_anim.png (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\buttons\buttons-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\buttons\buttons.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\fonts\serifabdcnbt.fon (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\fonts\square721bdexbt.fon (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\fonts\tahoma10b.fon (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\fonts\tahoma8.fon (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\fonts\tahoma8b.fon (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\bg.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\button_left.gif (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\button_middle.gif (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\button_right.gif (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\cashier_offline.css (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\cashier_offline.html (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\cashier_offline.js (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\cashier_offline_functions.js (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\dealer.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\icon_comps.gif (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\icon_transactionhistory.gif (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\icon_withdraw.gif (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\logo_offline_cashier.gif (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\spacer.gif (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\chat\chat.html (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\chat\colors.html (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\chat\edit.html (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\chat\emoticons.html (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\chat\emoticons\01.gif (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\chat\emoticons\02.gif (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\chat\emoticons\03.gif (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\chat\emoticons\04.gif (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\chat\emoticons\05.gif (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\chat\emoticons\06.gif (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\chat\emoticons\07.gif (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\chat\emoticons\08.gif (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\chat\emoticons\09.gif (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\chat\emoticons\10.gif (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\chat\emoticons\11.gif (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\chat\emoticons\12.gif (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\chat\emoticons\13.gif (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\chat\emoticons\14.gif (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\bottom_ribbon-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\bottom_ribbon.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\buttons.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\button_close.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\cashier_playforreal.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\chat.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\game.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\logo-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\logo.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\logo_download-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\logo_download.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\menu.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\onlinestatus.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\options-dialog.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\options-dialog2-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\options-dialog2.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\options-dialog3.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\options_adjust.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\options_ribbon.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\options_slider.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\playtech-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\playtech.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\play_for_real2-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\play_for_real2.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\small_window.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\sound.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\chat\chat_window.png (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\chat\close-over.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\chat\font.png (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\chat\send.png (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\ui\ui-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\ui\ui.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\ln\cross.png (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\ln\scrollbuttons.png (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\ui\sysmenu.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\sicbo_ln\history_dice.png (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\sicbo_ln\history_over.png (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\cactivex.dll (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\casino.exe (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\casino.hlp (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\casino.ico (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\directsounddriver.dll (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\fileinfo.dat (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\fileinfo2.dat (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\fileinfo2r.dat (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\gdigraphdriver.dll (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\h264dec.dll (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\nvssd430.dll (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\ptsetup.lang (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\ptsetup.log (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\replace.exe (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\unicows.dll (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\_SetupCasino.exe (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\aroundtheworld.dll (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\aroundtheworld.gam (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\cashier.dll (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\cashier.gam (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\common.dll (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\common.gam (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\loader.dll (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\loader.gam (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby.dll (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby.gam (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\aroundtheworld\anim-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\baccarat_ln\history_buttons.png (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\baccarat_ln\history_symbols.png (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\anim1.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\anim2-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\anim2.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\anim3.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\anim4.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\anim5-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\anim5.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\anim6-alpha1.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\anim6-alpha2.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\anim6-alpha3.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\anim6-alpha4.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\anim6.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\back.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\cashier-over.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\contact_us-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\contact_us.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\elite-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\elite.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\enter_the_name_of_the_group-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\enter_the_name_of_the_group.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\exit-over.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\exit.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\groupname-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\groupname.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\help-over.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\help.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\newgames_icons.png (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\onlinestatus.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\options-over.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\options.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\play_for_real.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\ln\back.png (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\ln\checkbox.png (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\ln\close.png (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\ln\header_txt.png (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\ln\history_back.png (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\ln\join.png (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\ln\loading.png (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\ln\tabletop_arrows.png (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\ln\tabletop_limits_button.png (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\ln\tabletop_limits_table.png (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\ln\tabletop_over.png (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\ln\tabletop_sep.png (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\ln\tabletop_txt.png (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\ln\table_back.png (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\ln\tabs.png (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\ln\waiting_list.png (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\ln\waiting_list_remove.png (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\login\background-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\login\background.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\login\create_account.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\login\dont_have_an_account.png (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\login\forgot.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\login\login.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\login\play_for_fun-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\login\play_for_fun.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\login\play_for_picture-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\login\play_for_picture.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\login\play_for_real-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\login\play_for_real.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\login\remember_password.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\login\select_gamemode.png (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\login\textbox.png (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\login\uppertext.png (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\menu\gamebutton_bottom.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\menu\gamebutton_default-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\menu\gamebutton_default-over.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\menu\gamebutton_default.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\menu\gamebutton_info.png (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\menu\gamebutton_root.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\menu\gamebutton_slots.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\menu\gamebutton_special-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\menu\gamebutton_special-over.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\menu\gamebutton_special.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\menu\gamebutton_text-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\menu\gamebutton_text-over.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\menu\gamebutton_text.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\menu\gamebutton_top.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\menu\gametype-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\menu\gametype.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\menu\gametype_bottom.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\menu\gametype_mahjong-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\menu\gametype_mahjong.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\menu\gametype_top.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\menu\headers.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\sounds\back.mp3 (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\roulette_ln\history_numbers.png (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\roulette_ln\history_over.png (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\black100x100.png (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\loading.png (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\loading_anim.png (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\buttons\buttons.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\fonts\serifabdcnbt.fon (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\fonts\square721bdexbt.fon (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\fonts\tahoma10b.fon (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\fonts\tahoma8.fon (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\fonts\tahoma8b.fon (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\html\bg.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\html\button_left.gif (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\html\button_middle.gif (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\html\button_right.gif (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\html\cashier_offline.css (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\html\cashier_offline.html (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\html\cashier_offline.js (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\html\cashier_offline_functions.js (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\html\dealer.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\html\icon_comps.gif (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\html\icon_transactionhistory.gif (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\html\icon_withdraw.gif (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\html\logo_offline_cashier.gif (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\html\spacer.gif (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\html\chat\chat.html (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\html\chat\colors.html (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\html\chat\edit.html (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\html\chat\emoticons.html (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\html\chat\emoticons\01.gif (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\html\chat\emoticons\02.gif (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\html\chat\emoticons\03.gif (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\html\chat\emoticons\04.gif (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\html\chat\emoticons\05.gif (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\html\chat\emoticons\06.gif (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\html\chat\emoticons\07.gif (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\html\chat\emoticons\08.gif (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\html\chat\emoticons\09.gif (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\html\chat\emoticons\10.gif (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\html\chat\emoticons\11.gif (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\html\chat\emoticons\12.gif (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\html\chat\emoticons\13.gif (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\html\chat\emoticons\14.gif (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\interface\bottom_ribbon-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\interface\bottom_ribbon.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\interface\buttons.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\interface\button_close-over.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\interface\button_close.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\interface\cashier-over.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\interface\cashier.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\interface\chat-over.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\interface\chat.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\interface\game.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\interface\logo-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\interface\logo.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\interface\logo_download-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\interface\logo_download.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\interface\menu.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\interface\onlinestatus.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\interface\online_support-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\interface\online_support-over.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\interface\online_support.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\interface\options-dialog.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\interface\options-dialog2.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\interface\options-dialog_big-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\interface\options-dialog_big.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\interface\options_adjust.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\interface\options_ribbon.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\interface\options_slider.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\interface\playtech-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\interface\playtech.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\interface\play_for_real-over.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\interface\play_for_real.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\interface\play_for_real2-over.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\interface\play_for_real2.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\interface\small_window.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\interface\small_window2.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\interface\sound.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\interface\chat\chat_window.png (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\interface\chat\close-over.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\interface\chat\font.png (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\interface\chat\send.png (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\interface\ui\ui-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\interface\ui\ui.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\ln\cross.png (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\ln\scrollbuttons.png (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\ui\sysmenu.bmp (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\sicbo_ln\history_dice.png (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\sicbo_ln\history_over.png (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\cactivex.dll (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\casino.exe (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\casino.hlp (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\directsounddriver.dll (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\fileinfo.dat (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\fileinfo2.dat (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\fileinfo2r.dat (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\gdigraphdriver.dll (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\h264dec.dll (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\nvssd430.dll (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\ptsetup.lang (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\ptsetup.log (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\replace.exe (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\unicows.dll (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\aroundtheworld.dll (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\aroundtheworld.gam (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\cashier.dll (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\cashier.gam (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\common.dll (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\common.gam (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\loader.dll (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\loader.gam (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby.dll (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby.gam (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\aroundtheworld\anim-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\baccarat_ln\history_buttons.png (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\baccarat_ln\history_symbols.png (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\anim.jpg (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\back.jpg (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\buttons-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\buttons.jpg (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\cashier-over.jpg (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\enter_the_name_of_the_group-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\enter_the_name_of_the_group.jpg (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\groupname-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\groupname.jpg (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\invite.jpg (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\moregames.jpg (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\moregames_arrow-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\moregames_arrow.jpg (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\news_promotions.jpg (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\onlinestatus.jpg (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\play_for_real.jpg (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\reward.jpg (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\ln\back.png (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\ln\checkbox.png (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\ln\close.png (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\ln\header_txt.png (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\ln\history_back.png (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\ln\join.png (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\ln\loading.png (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\ln\tabletop_arrows.png (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\ln\tabletop_limits_button.png (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\ln\tabletop_limits_table.png (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\ln\tabletop_over.png (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\ln\tabletop_sep.png (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\ln\tabletop_txt.png (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\ln\table_back.png (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\ln\tabs.png (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\ln\waiting_list.png (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\ln\waiting_list_remove.png (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\login\back-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\login\back.jpg (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\login\background.jpg (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\login\create_account-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\login\create_account.jpg (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\login\create_login.jpg (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\login\dont_have_an_account-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\login\dont_have_an_account.jpg (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\login\forgot-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\login\forgot.jpg (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\login\play_for_fun-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\login\play_for_fun.jpg (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\login\play_for_picture-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\login\play_for_picture.jpg (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\login\play_for_real-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\login\play_for_real.jpg (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\login\remember_password-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\login\remember_password.jpg (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\login\textbox-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\login\textbox.jpg (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\login\uppertext-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\login\uppertext.jpg (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\menu\gamebutton_bottom-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\menu\gamebutton_bottom.jpg (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\menu\gamebutton_default-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\menu\gamebutton_default-over.jpg (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\menu\gamebutton_default.jpg (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\menu\gamebutton_info.png (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\menu\gamebutton_root-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\menu\gamebutton_root.jpg (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\menu\gamebutton_slots.jpg (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\menu\gamebutton_special-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\menu\gamebutton_special-over.jpg (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\menu\gamebutton_special.jpg (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\menu\gamebutton_text-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\menu\gamebutton_text-over.jpg (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\menu\gamebutton_text.jpg (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\menu\gametype-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\menu\gametype.jpg (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\menu\gametype_bottom.jpg (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\menu\gametype_mahjong-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\menu\gametype_mahjong.jpg (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\menu\headers.jpg (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\menu\spin2million-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\menu\spin2million.jpg (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\sounds\prestigecasino_lobby.mp3 (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\roulette_ln\history_numbers.png (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\roulette_ln\history_over.png (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\shared\black100x100.png (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\shared\loading.png (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\shared\loading_anim.png (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\shared\buttons\buttons-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\shared\buttons\buttons.jpg (Adware.C
Version de la base de données: 495
Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 141455
Temps écoulé: 31 minute(s), 7 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 1
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 71
Fichier(s) infecté(s): 613
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\poof (Rootkit.Agent) -> No action taken.
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
C:\Casino (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\aroundtheworld (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\baccarat (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\baccarat_ln (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\roulette_ln (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\sicbo_ln (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\aroundtheworld\sounds (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\aroundtheworld\windows (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\gameicon (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\ln (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\login (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\menu (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\sounds (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\buttons (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\fonts (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\ln (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\ui (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\chat (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\chat\emoticons (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\chat (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\ui (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\aroundtheworld (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\baccarat_ln (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\roulette_ln (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\sicbo_ln (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\ln (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\login (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\menu (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\sounds (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\buttons (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\fonts (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\html (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\interface (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\ln (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\ui (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\html\chat (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\html\chat\emoticons (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\interface\chat (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\interface\ui (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\aroundtheworld (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\baccarat_ln (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\roulette_ln (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\shared (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\sicbo_ln (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\ln (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\login (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\menu (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\sounds (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\shared\buttons (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\shared\fonts (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\shared\html (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\shared\interface (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\shared\ln (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\shared\ui (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\shared\html\chat (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\shared\html\chat\emoticons (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\shared\interface\chat (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\shared\interface\ui (Adware.Casino) -> No action taken.
Fichier(s) infecté(s):
C:\Casino\Côte d'Azur Palace Casino\cactivex.dll (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\casino.exe (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\casino.hlp (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\directsounddriver.dll (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\fileinfo.dat (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\fileinfo2.dat (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\fileinfo2r.dat (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\gdigraphdriver.dll (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\h264dec.dll (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\nvssd430.dll (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\ptsetup.lang (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\ptsetup.log (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\replace.exe (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\unicows.dll (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\_cote d'azur casino.exe (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\aroundtheworld.dll (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\aroundtheworld.gam (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\baccarat.gam (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\cashier.dll (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\cashier.gam (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\common.dll (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\common.gam (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\loader.dll (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\loader.gam (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby.dll (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby.gam (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\aroundtheworld\anim-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\aroundtheworld\anim.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\aroundtheworld\back.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\aroundtheworld\highlow-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\aroundtheworld\highlow.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\aroundtheworld\sounds\cashout.mp3 (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\aroundtheworld\sounds\click.mp3 (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\aroundtheworld\sounds\level1.mp3 (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\aroundtheworld\sounds\level2.mp3 (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\aroundtheworld\sounds\level3.mp3 (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\aroundtheworld\sounds\level4.mp3 (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\aroundtheworld\sounds\lose.mp3 (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\aroundtheworld\sounds\reel.mp3 (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\aroundtheworld\sounds\up.mp3 (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\aroundtheworld\windows\cash_out.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\aroundtheworld\windows\gameover.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\aroundtheworld\windows\keep_playing.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\aroundtheworld\windows\play_again-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\aroundtheworld\windows\play_again.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\aroundtheworld\windows\start.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\aroundtheworld\windows\texts.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\baccarat\baccarat.lws (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\baccarat\back.z (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\baccarat_ln\history_buttons.png (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\baccarat_ln\history_symbols.png (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\animation1.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\back.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\buttons.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\cashier-over.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\contact_us.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\enter_the_name_of_the_group-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\enter_the_name_of_the_group.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\groupname-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\groupname.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\invite.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\onlinestatus.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\online_support-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\online_support.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\play_for_real.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\gameicon\gameicon-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\gameicon\menu_asian.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\gameicon\menu_cardgames.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\gameicon\menu_favourite.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\gameicon\menu_livegames.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\gameicon\menu_progressive.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\gameicon\menu_specials.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\gameicon\menu_videopoker.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\gameicon\menu_videoslots.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\ln\back.png (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\ln\checkbox.png (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\ln\close.png (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\ln\header_txt.png (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\ln\history_back.png (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\ln\join.png (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\ln\loading.png (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\ln\tabletop_arrows.png (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\ln\tabletop_limits_button.png (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\ln\tabletop_limits_table.png (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\ln\tabletop_over.png (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\ln\tabletop_sep.png (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\ln\tabletop_txt.png (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\ln\table_back.png (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\ln\tabs.png (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\ln\waiting_list.png (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\ln\waiting_list_remove.png (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\login\background-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\login\background.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\login\create_account-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\login\create_account.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\login\dont_have_an_account.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\login\forgot-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\login\forgot.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\login\login-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\login\login.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\login\play_for_fun-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\login\play_for_fun.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\login\play_for_picture.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\login\play_for_real-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\login\play_for_real.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\login\remember_password-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\login\remember_password.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\login\textbox-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\login\textbox.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\login\uppertext-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\login\uppertext.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\menu\gamebutton-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\menu\gamebutton_bottom-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\menu\gamebutton_bottom.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\menu\gamebutton_default-over.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\menu\gamebutton_default.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\menu\gamebutton_info.png (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\menu\gamebutton_root.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\menu\gamebutton_slots.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\menu\gamebutton_special-over.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\menu\gamebutton_special.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\menu\gamebutton_text-over.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\menu\gamebutton_text.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\menu\gamebutton_top-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\menu\gamebutton_top.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\menu\gametype-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\menu\gametype.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\menu\gametype_bottom-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\menu\gametype_bottom.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\menu\gametype_mahjong.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\menu\gametype_top-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\menu\gametype_top.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\menu\headers-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\menu\headers.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\menu\million2-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\menu\million2.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\menu\take5mil-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\menu\take5mil.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\sounds\ambercoast_lobby.mp3 (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\roulette_ln\history_numbers.png (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\roulette_ln\history_over.png (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\black100x100.png (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\loading.png (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\loading_anim.png (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\buttons\buttons-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\buttons\buttons.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\fonts\serifabdcnbt.fon (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\fonts\square721bdexbt.fon (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\fonts\tahoma10b.fon (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\fonts\tahoma8.fon (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\fonts\tahoma8b.fon (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\bg.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\button_left.gif (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\button_middle.gif (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\button_right.gif (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\cashier_offline.css (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\cashier_offline.html (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\cashier_offline.js (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\cashier_offline_functions.js (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\dealer.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\icon_comps.gif (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\icon_transactionhistory.gif (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\icon_withdraw.gif (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\logo_offline_cashier.gif (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\spacer.gif (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\chat\chat.html (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\chat\colors.html (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\chat\edit.html (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\chat\emoticons.html (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\chat\emoticons\01.gif (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\chat\emoticons\02.gif (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\chat\emoticons\03.gif (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\chat\emoticons\04.gif (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\chat\emoticons\05.gif (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\chat\emoticons\06.gif (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\chat\emoticons\07.gif (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\chat\emoticons\08.gif (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\chat\emoticons\09.gif (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\chat\emoticons\10.gif (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\chat\emoticons\11.gif (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\chat\emoticons\12.gif (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\chat\emoticons\13.gif (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\chat\emoticons\14.gif (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\bottom_ribbon-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\bottom_ribbon.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\buttons.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\button_close.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\cashier_playforreal.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\chat.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\game.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\logo-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\logo.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\logo_download-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\logo_download.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\menu.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\onlinestatus.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\options-dialog.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\options-dialog2-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\options-dialog2.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\options-dialog3.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\options_adjust.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\options_ribbon.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\options_slider.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\playtech-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\playtech.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\play_for_real2-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\play_for_real2.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\small_window.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\sound.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\chat\chat_window.png (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\chat\close-over.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\chat\font.png (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\chat\send.png (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\ui\ui-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\ui\ui.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\ln\cross.png (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\ln\scrollbuttons.png (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\shared\ui\sysmenu.jpg (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\sicbo_ln\history_dice.png (Adware.Casino) -> No action taken.
C:\Casino\Côte d'Azur Palace Casino\data\sicbo_ln\history_over.png (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\cactivex.dll (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\casino.exe (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\casino.hlp (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\casino.ico (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\directsounddriver.dll (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\fileinfo.dat (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\fileinfo2.dat (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\fileinfo2r.dat (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\gdigraphdriver.dll (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\h264dec.dll (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\nvssd430.dll (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\ptsetup.lang (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\ptsetup.log (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\replace.exe (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\unicows.dll (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\_SetupCasino.exe (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\aroundtheworld.dll (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\aroundtheworld.gam (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\cashier.dll (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\cashier.gam (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\common.dll (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\common.gam (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\loader.dll (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\loader.gam (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby.dll (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby.gam (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\aroundtheworld\anim-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\baccarat_ln\history_buttons.png (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\baccarat_ln\history_symbols.png (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\anim1.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\anim2-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\anim2.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\anim3.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\anim4.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\anim5-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\anim5.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\anim6-alpha1.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\anim6-alpha2.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\anim6-alpha3.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\anim6-alpha4.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\anim6.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\back.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\cashier-over.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\contact_us-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\contact_us.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\elite-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\elite.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\enter_the_name_of_the_group-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\enter_the_name_of_the_group.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\exit-over.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\exit.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\groupname-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\groupname.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\help-over.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\help.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\newgames_icons.png (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\onlinestatus.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\options-over.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\options.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\play_for_real.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\ln\back.png (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\ln\checkbox.png (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\ln\close.png (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\ln\header_txt.png (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\ln\history_back.png (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\ln\join.png (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\ln\loading.png (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\ln\tabletop_arrows.png (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\ln\tabletop_limits_button.png (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\ln\tabletop_limits_table.png (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\ln\tabletop_over.png (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\ln\tabletop_sep.png (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\ln\tabletop_txt.png (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\ln\table_back.png (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\ln\tabs.png (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\ln\waiting_list.png (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\ln\waiting_list_remove.png (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\login\background-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\login\background.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\login\create_account.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\login\dont_have_an_account.png (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\login\forgot.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\login\login.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\login\play_for_fun-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\login\play_for_fun.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\login\play_for_picture-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\login\play_for_picture.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\login\play_for_real-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\login\play_for_real.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\login\remember_password.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\login\select_gamemode.png (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\login\textbox.png (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\login\uppertext.png (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\menu\gamebutton_bottom.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\menu\gamebutton_default-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\menu\gamebutton_default-over.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\menu\gamebutton_default.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\menu\gamebutton_info.png (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\menu\gamebutton_root.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\menu\gamebutton_slots.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\menu\gamebutton_special-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\menu\gamebutton_special-over.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\menu\gamebutton_special.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\menu\gamebutton_text-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\menu\gamebutton_text-over.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\menu\gamebutton_text.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\menu\gamebutton_top.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\menu\gametype-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\menu\gametype.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\menu\gametype_bottom.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\menu\gametype_mahjong-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\menu\gametype_mahjong.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\menu\gametype_top.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\menu\headers.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\lobby\sounds\back.mp3 (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\roulette_ln\history_numbers.png (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\roulette_ln\history_over.png (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\black100x100.png (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\loading.png (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\loading_anim.png (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\buttons\buttons.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\fonts\serifabdcnbt.fon (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\fonts\square721bdexbt.fon (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\fonts\tahoma10b.fon (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\fonts\tahoma8.fon (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\fonts\tahoma8b.fon (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\html\bg.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\html\button_left.gif (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\html\button_middle.gif (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\html\button_right.gif (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\html\cashier_offline.css (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\html\cashier_offline.html (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\html\cashier_offline.js (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\html\cashier_offline_functions.js (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\html\dealer.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\html\icon_comps.gif (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\html\icon_transactionhistory.gif (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\html\icon_withdraw.gif (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\html\logo_offline_cashier.gif (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\html\spacer.gif (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\html\chat\chat.html (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\html\chat\colors.html (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\html\chat\edit.html (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\html\chat\emoticons.html (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\html\chat\emoticons\01.gif (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\html\chat\emoticons\02.gif (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\html\chat\emoticons\03.gif (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\html\chat\emoticons\04.gif (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\html\chat\emoticons\05.gif (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\html\chat\emoticons\06.gif (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\html\chat\emoticons\07.gif (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\html\chat\emoticons\08.gif (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\html\chat\emoticons\09.gif (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\html\chat\emoticons\10.gif (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\html\chat\emoticons\11.gif (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\html\chat\emoticons\12.gif (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\html\chat\emoticons\13.gif (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\html\chat\emoticons\14.gif (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\interface\bottom_ribbon-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\interface\bottom_ribbon.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\interface\buttons.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\interface\button_close-over.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\interface\button_close.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\interface\cashier-over.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\interface\cashier.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\interface\chat-over.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\interface\chat.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\interface\game.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\interface\logo-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\interface\logo.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\interface\logo_download-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\interface\logo_download.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\interface\menu.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\interface\onlinestatus.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\interface\online_support-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\interface\online_support-over.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\interface\online_support.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\interface\options-dialog.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\interface\options-dialog2.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\interface\options-dialog_big-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\interface\options-dialog_big.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\interface\options_adjust.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\interface\options_ribbon.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\interface\options_slider.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\interface\playtech-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\interface\playtech.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\interface\play_for_real-over.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\interface\play_for_real.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\interface\play_for_real2-over.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\interface\play_for_real2.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\interface\small_window.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\interface\small_window2.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\interface\sound.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\interface\chat\chat_window.png (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\interface\chat\close-over.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\interface\chat\font.png (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\interface\chat\send.png (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\interface\ui\ui-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\interface\ui\ui.jpg (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\ln\cross.png (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\ln\scrollbuttons.png (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\shared\ui\sysmenu.bmp (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\sicbo_ln\history_dice.png (Adware.Casino) -> No action taken.
C:\Casino\Europa Casino\data\sicbo_ln\history_over.png (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\cactivex.dll (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\casino.exe (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\casino.hlp (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\directsounddriver.dll (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\fileinfo.dat (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\fileinfo2.dat (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\fileinfo2r.dat (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\gdigraphdriver.dll (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\h264dec.dll (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\nvssd430.dll (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\ptsetup.lang (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\ptsetup.log (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\replace.exe (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\unicows.dll (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\aroundtheworld.dll (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\aroundtheworld.gam (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\cashier.dll (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\cashier.gam (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\common.dll (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\common.gam (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\loader.dll (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\loader.gam (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby.dll (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby.gam (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\aroundtheworld\anim-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\baccarat_ln\history_buttons.png (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\baccarat_ln\history_symbols.png (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\anim.jpg (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\back.jpg (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\buttons-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\buttons.jpg (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\cashier-over.jpg (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\enter_the_name_of_the_group-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\enter_the_name_of_the_group.jpg (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\groupname-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\groupname.jpg (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\invite.jpg (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\moregames.jpg (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\moregames_arrow-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\moregames_arrow.jpg (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\news_promotions.jpg (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\onlinestatus.jpg (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\play_for_real.jpg (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\reward.jpg (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\ln\back.png (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\ln\checkbox.png (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\ln\close.png (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\ln\header_txt.png (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\ln\history_back.png (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\ln\join.png (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\ln\loading.png (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\ln\tabletop_arrows.png (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\ln\tabletop_limits_button.png (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\ln\tabletop_limits_table.png (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\ln\tabletop_over.png (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\ln\tabletop_sep.png (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\ln\tabletop_txt.png (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\ln\table_back.png (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\ln\tabs.png (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\ln\waiting_list.png (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\ln\waiting_list_remove.png (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\login\back-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\login\back.jpg (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\login\background.jpg (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\login\create_account-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\login\create_account.jpg (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\login\create_login.jpg (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\login\dont_have_an_account-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\login\dont_have_an_account.jpg (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\login\forgot-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\login\forgot.jpg (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\login\play_for_fun-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\login\play_for_fun.jpg (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\login\play_for_picture-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\login\play_for_picture.jpg (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\login\play_for_real-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\login\play_for_real.jpg (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\login\remember_password-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\login\remember_password.jpg (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\login\textbox-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\login\textbox.jpg (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\login\uppertext-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\login\uppertext.jpg (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\menu\gamebutton_bottom-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\menu\gamebutton_bottom.jpg (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\menu\gamebutton_default-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\menu\gamebutton_default-over.jpg (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\menu\gamebutton_default.jpg (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\menu\gamebutton_info.png (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\menu\gamebutton_root-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\menu\gamebutton_root.jpg (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\menu\gamebutton_slots.jpg (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\menu\gamebutton_special-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\menu\gamebutton_special-over.jpg (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\menu\gamebutton_special.jpg (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\menu\gamebutton_text-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\menu\gamebutton_text-over.jpg (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\menu\gamebutton_text.jpg (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\menu\gametype-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\menu\gametype.jpg (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\menu\gametype_bottom.jpg (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\menu\gametype_mahjong-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\menu\gametype_mahjong.jpg (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\menu\headers.jpg (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\menu\spin2million-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\menu\spin2million.jpg (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\lobby\sounds\prestigecasino_lobby.mp3 (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\roulette_ln\history_numbers.png (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\roulette_ln\history_over.png (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\shared\black100x100.png (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\shared\loading.png (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\shared\loading_anim.png (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\shared\buttons\buttons-alpha.jpg (Adware.Casino) -> No action taken.
C:\Casino\Prestige Casino\data\shared\buttons\buttons.jpg (Adware.C
domino,
ok ca c´est le premier,
tu as le deuxieme ?
@+
ok ca c´est le premier,
tu as le deuxieme ?
@+
salut g!rly.Voila le 2eme:Malwarebytes' Anti-Malware 1.08
Version de la base de données: 495
Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 141455
Temps écoulé: 31 minute(s), 7 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 1
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 71
Fichier(s) infecté(s): 613
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\poof (Rootkit.Agent) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
C:\Casino (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Prestige Casino (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\aroundtheworld (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\baccarat (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\baccarat_ln (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\roulette_ln (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\sicbo_ln (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\aroundtheworld\sounds (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\aroundtheworld\windows (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\gameicon (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\ln (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\login (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\menu (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\sounds (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\buttons (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\fonts (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\ln (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\ui (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\chat (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\chat\emoticons (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\chat (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\ui (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\aroundtheworld (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\baccarat_ln (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\roulette_ln (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\sicbo_ln (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\ln (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\login (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\menu (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\sounds (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\buttons (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\fonts (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\html (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\interface (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\ln (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\ui (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\html\chat (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\html\chat\emoticons (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\interface\chat (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\interface\ui (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Prestige Casino\data (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Prestige Casino\data\aroundtheworld (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Prestige Casino\data\baccarat_ln (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Prestige Casino\data\lobby (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Prestige Casino\data\roulette_ln (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Prestige Casino\data\shared (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Prestige Casino\data\sicbo_ln (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Prestige Casino\data\lobby\ln (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Prestige Casino\data\lobby\login (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Prestige Casino\data\lobby\menu (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Prestige Casino\data\lobby\sounds (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Prestige Casino\data\shared\buttons (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Prestige Casino\data\shared\fonts (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Prestige Casino\data\shared\html (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Prestige Casino\data\shared\interface (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Prestige Casino\data\shared\ln (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Prestige Casino\data\shared\ui (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Prestige Casino\data\shared\html\chat (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Prestige Casino\data\shared\html\chat\emoticons (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Prestige Casino\data\shared\interface\chat (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Prestige Casino\data\shared\interface\ui (Adware.Casino) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\Casino\Côte d'Azur Palace Casino\cactivex.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\casino.exe (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\casino.hlp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\directsounddriver.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\fileinfo.dat (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\fileinfo2.dat (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\fileinfo2r.dat (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\gdigraphdriver.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\h264dec.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\nvssd430.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\ptsetup.lang (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\ptsetup.log (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\replace.exe (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\unicows.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\_cote d'azur casino.exe (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\aroundtheworld.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\aroundtheworld.gam (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\baccarat.gam (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\cashier.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\cashier.gam (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\common.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\common.gam (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\loader.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\loader.gam (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby.gam (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\aroundtheworld\anim-alpha.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\aroundtheworld\anim.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\aroundtheworld\back.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\aroundtheworld\highlow-alpha.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\aroundtheworld\highlow.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\aroundtheworld\sounds\cashout.mp3 (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\aroundtheworld\sounds\click.mp3 (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\aroundtheworld\sounds\level1.mp3 (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\aroundtheworld\sounds\level2.mp3 (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\aroundtheworld\sounds\level3.mp3 (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\aroundtheworld\sounds\level4.mp3 (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\aroundtheworld\sounds\lose.mp3 (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\aroundtheworld\sounds\reel.mp3 (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\aroundtheworld\sounds\up.mp3 (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\aroundtheworld\windows\cash_out.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\aroundtheworld\windows\gameover.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\aroundtheworld\windows\keep_playing.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\aroundtheworld\windows\play_again-alpha.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\aroundtheworld\windows\play_again.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\aroundtheworld\windows\start.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\aroundtheworld\windows\texts.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\baccarat\baccarat.lws (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\baccarat\back.z (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\baccarat_ln\history_buttons.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\baccarat_ln\history_symbols.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\animation1.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\back.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\buttons.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\cashier-over.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\contact_us.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\enter_the_name_of_the_group-alpha.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\enter_the_name_of_the_group.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\groupname-alpha.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\groupname.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\invite.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\onlinestatus.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\online_support-alpha.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\online_support.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\play_for_real.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\gameicon\gameicon-alpha.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\gameicon\menu_asian.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\gameicon\menu_cardgames.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\gameicon\menu_favourite.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\gameicon\menu_livegames.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\gameicon\menu_progressive.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\gameicon\menu_specials.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\gameicon\menu_videopoker.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\gameicon\menu_videoslots.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\ln\back.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\ln\checkbox.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\ln\close.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\ln\header_txt.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\ln\history_back.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\ln\join.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\ln\loading.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\ln\tabletop_arrows.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\ln\tabletop_limits_button.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\ln\tabletop_limits_table.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\ln\tabletop_over.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\ln\tabletop_sep.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\ln\tabletop_txt.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\ln\table_back.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\ln\tabs.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\ln\waiting_list.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\ln\waiting_list_remove.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\login\background-alpha.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\login\background.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\login\create_account-alpha.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\login\create_account.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\login\dont_have_an_account.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\login\forgot-alpha.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\login\forgot.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\login\login-alpha.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\login\login.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\login\play_for_fun-alpha.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\login\play_for_fun.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\login\play_for_picture.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\login\play_for_real-alpha.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\login\play_for_real.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\login\remember_password-alpha.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\login\remember_password.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\login\textbox-alpha.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\login\textbox.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\login\uppertext-alpha.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\login\uppertext.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\menu\gamebutton-alpha.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\menu\gamebutton_bottom-alpha.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\menu\gamebutton_bottom.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\menu\gamebutton_default-over.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\menu\gamebutton_default.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\menu\gamebutton_info.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\menu\gamebutton_root.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\menu\gamebutton_slots.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\menu\gamebutton_special-over.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\menu\gamebutton_special.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\menu\gamebutton_text-over.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\menu\gamebutton_text.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\menu\gamebutton_top-alpha.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\menu\gamebutton_top.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\menu\gametype-alpha.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\menu\gametype.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\menu\gametype_bottom-alpha.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\menu\gametype_bottom.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\menu\gametype_mahjong.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\menu\gametype_top-alpha.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\menu\gametype_top.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\menu\headers-alpha.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\menu\headers.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\menu\million2-alpha.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\menu\million2.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\menu\take5mil-alpha.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\menu\take5mil.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\sounds\ambercoast_lobby.mp3 (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\roulette_ln\history_numbers.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\roulette_ln\history_over.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\black100x100.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\loading.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\loading_anim.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\buttons\buttons-alpha.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\buttons\buttons.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\fonts\serifabdcnbt.fon (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\fonts\square721bdexbt.fon (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\fonts\tahoma10b.fon (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\fonts\tahoma8.fon (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\fonts\tahoma8b.fon (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\bg.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\button_left.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\button_middle.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\button_right.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\cashier_offline.css (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\cashier_offline.html (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\cashier_offline.js (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\cashier_offline_functions.js (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\dealer.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\icon_comps.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\icon_transactionhistory.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\icon_withdraw.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\logo_offline_cashier.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\spacer.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\chat\chat.html (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\chat\colors.html (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\chat\edit.html (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\chat\emoticons.html (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\chat\emoticons\01.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\chat\emoticons\02.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\chat\emoticons\03.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\chat\emoticons\04.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\chat\emoticons\05.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\chat\emoticons\06.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\chat\emoticons\07.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\chat\emoticons\08.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\chat\emoticons\09.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\chat\emoticons\10.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\chat\emoticons\11.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\chat\emoticons\12.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\chat\emoticons\13.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\chat\emoticons\14.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\bottom_ribbon-alpha.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\bottom_ribbon.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\buttons.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\button_close.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\cashier_playforreal.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\chat.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\game.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\logo-alpha.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\logo.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\logo_download-alpha.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\logo_download.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\menu.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\onlinestatus.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\options-dialog.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\options-dialog2-alpha.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\options-dialog2.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\options-dialog3.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\options_adjust.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\options_ribbon.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\options_slider.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\playtech-alpha.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\playtech.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\play_for_real2-alpha.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\play_for_real2.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\small_window.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\sound.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\chat\chat_window.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\chat\close-over.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\chat\font.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\chat\send.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\ui\ui-alpha.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\ui\ui.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\ln\cross.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\ln\scrollbuttons.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\ui\sysmenu.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\sicbo_ln\history_dice.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\sicbo_ln\history_over.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\cactivex.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\casino.exe (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\casino.hlp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\casino.ico (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\directsounddriver.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\fileinfo.dat (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\fileinfo2.dat (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\fileinfo2r.dat (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\gdigraphdriver.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\h264dec.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\nvssd430.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\ptsetup.lang (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\ptsetup.log (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\replace.exe (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\unicows.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\_SetupCasino.exe (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\aroundtheworld.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\aroundtheworld.gam (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\cashier.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\cashier.gam (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\common.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\common.gam (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\loader.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\loader.gam (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby.gam (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\aroundtheworld\anim-alpha.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\baccarat_ln\history_buttons.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\baccarat_ln\history_symbols.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\anim1.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\anim2-alpha.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\anim2.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\anim3.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\anim4.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\anim5-alpha.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\anim5.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\anim6-alpha1.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\anim6-alpha2.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\anim6-alpha3.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\anim6-alpha4.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\anim6.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\back.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\cashier-over.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\contact_us-alpha.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\contact_us.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\elite-alpha.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\elite.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\enter_the_name_of_the_group-alpha.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\enter_the_name_of_the_group.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\exit-over.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\exit.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\groupname-alpha.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\groupname.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\help-over.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\help.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\newgames_icons.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\onlinestatus.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\options-over.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\options.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\play_for_real.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\ln\back.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\ln\checkbox.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\ln\close.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\ln\header_txt.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\ln\history_back.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\ln\join.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\ln\loading.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\ln\tabletop_arrows.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\ln\tabletop_limits_button.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\ln\tabletop_limits_table.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\ln\tabletop_over.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\ln\tabletop_sep.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\ln\tabletop_txt.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\ln\table_back.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\ln\tabs.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\ln\waiting_list.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\ln\waiting_list_remove.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\login\background-alpha.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\login\background.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\login\create_account.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\login\dont_have_an_account.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\login\forgot.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\login\login.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\login\play_for_fun-alpha.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\login\play_for_fun.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\login\play_for_picture-alpha.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\login\play_for_picture.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\login\play_for_real-alpha.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\login\play_for_real.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\login\remember_password.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\login\select_gamemode.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\login\textbox.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\login\uppertext.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\menu\gamebutton_bottom.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\menu\gamebutton_default-alpha.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\menu\gamebutton_default-over.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\menu\gamebutton_default.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\menu\gamebutton_info.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\menu\gamebutton_root.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\menu\gamebutton_slots.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\menu\gamebutton_special-alpha.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\menu\gamebutton_special-over.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\menu\gamebutton_special.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\menu\gamebutton_text-alpha.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\menu\gamebutton_text-over.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\menu\gamebutton_text.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\menu\gamebutton_top.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\menu\gametype-alpha.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\menu\gametype.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\menu\gametype_bottom.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\menu\gametype_mahjong-alpha.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\menu\gametype_mahjong.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\menu\gametype_top.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\menu\headers.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\sounds\back.mp3 (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\roulette_ln\history_numbers.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\roulette_ln\history_over.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\black100x100.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\loading.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\loading_anim.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\buttons\buttons.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\fonts\serifabdcnbt.fon (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\fonts\square721bdexbt.fon (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\fonts\tahoma10b.fon (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\fonts\tahoma8.fon (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\fonts\tahoma8b.fon (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\html\bg.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\html\button_left.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\html\button_middle.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\html\button_right.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\html\cashier_offline.css (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\html\cashier_offline.html (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\html\cashier_offline.js (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\html\cashier_offline_functions.js (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\html\dealer.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\html\icon_comps.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\html\icon_transactionhistory.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\html\icon_withdraw.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\html\logo_offline_cashier.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\html\spacer.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\html\chat\chat.html (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\html\chat\colors.html (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\html\chat\edit.html (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\html\chat\emoticons.html (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\html\chat\emoticons\01.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\html\chat\emoticons\02.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\html\chat\emoticons\03.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\html\chat\emoticons\04.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\html\chat\emoticons\05.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\html\chat\emoticons\06.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\html\chat\emoticons\07.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\html\chat\emoticons\08.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\html\chat\emoticons\09.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\html\chat\emoticons\10.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\html\chat\emoticons\11.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\html\chat\emoticons\12.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\html\chat\emoticons\13.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\html\chat\emoticons\14.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\interface\bottom_ribbon-alpha.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\interface\bottom_ribbon.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\interface\buttons.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\interface\button_close-over.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\interface\button_close.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\interface\cashier-over.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\interface\cashier.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\interface\chat-over.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\interface\chat.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\interface\game.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\interface\logo-alpha.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\interface\logo.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\interface\logo_download-alpha.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\interface\logo_download.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\interface\menu.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\interface\onlinestatus.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\interface\online_support-alpha.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\interface\online_support-over.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\interface\online_support.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\interface\options-dialog.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\interface\options-dialog2.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\interface\options-dialog_big-alpha.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\interface\options-dialog_big.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\interface\options_adjust.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\interface\options_ribbon.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\interface\options_slider.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\interface\playtech-alpha.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\interface\playtech.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\interface\play_for_real-over.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\interface\play_for_real.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\interface\play_for_real2-over.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\interface\play_for_real2.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\interface\small_window.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\interface\small_window2.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\interface\sound.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\interface\chat\chat_window.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\interface\chat\close-over.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\interface\chat\font.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\interface\chat\send.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\interface\ui\ui-alpha.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\interface\ui\ui.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\ln\cross.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\ln\scrollbuttons.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\ui\sysmenu.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\sicbo_ln\history_dice.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\sicbo_ln\history_over.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Prestige Casino\cactivex.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Prestige Casino\casino.exe (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Prestige Casino\casino.hlp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Prestige Casino\directsounddriver.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Prestige Casino\fileinfo.dat (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Prestige Casino\fileinfo2.dat (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Prestige Casino\fileinfo2r.dat (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Prestige Casino\gdigraphdriver.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Prestige Casino\h264dec.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Prestige Casino\nvssd430.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Prestige Casino\ptsetup.lang (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Prestige Casino\ptsetup.log (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Prestige Casino\repla
Version de la base de données: 495
Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 141455
Temps écoulé: 31 minute(s), 7 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 1
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 71
Fichier(s) infecté(s): 613
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\poof (Rootkit.Agent) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
C:\Casino (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Prestige Casino (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\aroundtheworld (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\baccarat (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\baccarat_ln (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\roulette_ln (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\sicbo_ln (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\aroundtheworld\sounds (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\aroundtheworld\windows (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\gameicon (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\ln (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\login (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\menu (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\sounds (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\buttons (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\fonts (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\ln (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\ui (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\chat (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\chat\emoticons (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\chat (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\ui (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\aroundtheworld (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\baccarat_ln (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\roulette_ln (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\sicbo_ln (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\ln (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\login (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\menu (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\sounds (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\buttons (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\fonts (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\html (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\interface (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\ln (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\ui (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\html\chat (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\html\chat\emoticons (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\interface\chat (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\interface\ui (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Prestige Casino\data (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Prestige Casino\data\aroundtheworld (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Prestige Casino\data\baccarat_ln (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Prestige Casino\data\lobby (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Prestige Casino\data\roulette_ln (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Prestige Casino\data\shared (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Prestige Casino\data\sicbo_ln (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Prestige Casino\data\lobby\ln (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Prestige Casino\data\lobby\login (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Prestige Casino\data\lobby\menu (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Prestige Casino\data\lobby\sounds (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Prestige Casino\data\shared\buttons (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Prestige Casino\data\shared\fonts (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Prestige Casino\data\shared\html (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Prestige Casino\data\shared\interface (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Prestige Casino\data\shared\ln (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Prestige Casino\data\shared\ui (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Prestige Casino\data\shared\html\chat (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Prestige Casino\data\shared\html\chat\emoticons (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Prestige Casino\data\shared\interface\chat (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Prestige Casino\data\shared\interface\ui (Adware.Casino) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\Casino\Côte d'Azur Palace Casino\cactivex.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\casino.exe (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\casino.hlp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\directsounddriver.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\fileinfo.dat (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\fileinfo2.dat (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\fileinfo2r.dat (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\gdigraphdriver.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\h264dec.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\nvssd430.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\ptsetup.lang (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\ptsetup.log (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\replace.exe (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\unicows.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\_cote d'azur casino.exe (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\aroundtheworld.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\aroundtheworld.gam (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\baccarat.gam (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\cashier.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\cashier.gam (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\common.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\common.gam (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\loader.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\loader.gam (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby.gam (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\aroundtheworld\anim-alpha.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\aroundtheworld\anim.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\aroundtheworld\back.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\aroundtheworld\highlow-alpha.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\aroundtheworld\highlow.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\aroundtheworld\sounds\cashout.mp3 (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\aroundtheworld\sounds\click.mp3 (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\aroundtheworld\sounds\level1.mp3 (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\aroundtheworld\sounds\level2.mp3 (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\aroundtheworld\sounds\level3.mp3 (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\aroundtheworld\sounds\level4.mp3 (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\aroundtheworld\sounds\lose.mp3 (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\aroundtheworld\sounds\reel.mp3 (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\aroundtheworld\sounds\up.mp3 (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\aroundtheworld\windows\cash_out.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\aroundtheworld\windows\gameover.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\aroundtheworld\windows\keep_playing.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\aroundtheworld\windows\play_again-alpha.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\aroundtheworld\windows\play_again.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\aroundtheworld\windows\start.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\aroundtheworld\windows\texts.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\baccarat\baccarat.lws (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\baccarat\back.z (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\baccarat_ln\history_buttons.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\baccarat_ln\history_symbols.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\animation1.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\back.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\buttons.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\cashier-over.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\contact_us.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\enter_the_name_of_the_group-alpha.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\enter_the_name_of_the_group.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\groupname-alpha.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\groupname.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\invite.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\onlinestatus.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\online_support-alpha.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\online_support.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\play_for_real.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\gameicon\gameicon-alpha.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\gameicon\menu_asian.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\gameicon\menu_cardgames.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\gameicon\menu_favourite.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\gameicon\menu_livegames.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\gameicon\menu_progressive.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\gameicon\menu_specials.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\gameicon\menu_videopoker.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\gameicon\menu_videoslots.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\ln\back.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\ln\checkbox.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\ln\close.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\ln\header_txt.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\ln\history_back.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\ln\join.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\ln\loading.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\ln\tabletop_arrows.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\ln\tabletop_limits_button.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\ln\tabletop_limits_table.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\ln\tabletop_over.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\ln\tabletop_sep.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\ln\tabletop_txt.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\ln\table_back.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\ln\tabs.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\ln\waiting_list.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\ln\waiting_list_remove.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\login\background-alpha.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\login\background.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\login\create_account-alpha.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\login\create_account.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\login\dont_have_an_account.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\login\forgot-alpha.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\login\forgot.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\login\login-alpha.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\login\login.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\login\play_for_fun-alpha.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\login\play_for_fun.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\login\play_for_picture.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\login\play_for_real-alpha.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\login\play_for_real.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\login\remember_password-alpha.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\login\remember_password.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\login\textbox-alpha.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\login\textbox.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\login\uppertext-alpha.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\login\uppertext.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\menu\gamebutton-alpha.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\menu\gamebutton_bottom-alpha.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\menu\gamebutton_bottom.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\menu\gamebutton_default-over.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\menu\gamebutton_default.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\menu\gamebutton_info.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\menu\gamebutton_root.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\menu\gamebutton_slots.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\menu\gamebutton_special-over.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\menu\gamebutton_special.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\menu\gamebutton_text-over.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\menu\gamebutton_text.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\menu\gamebutton_top-alpha.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\menu\gamebutton_top.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\menu\gametype-alpha.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\menu\gametype.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\menu\gametype_bottom-alpha.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\menu\gametype_bottom.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\menu\gametype_mahjong.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\menu\gametype_top-alpha.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\menu\gametype_top.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\menu\headers-alpha.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\menu\headers.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\menu\million2-alpha.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\menu\million2.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\menu\take5mil-alpha.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\menu\take5mil.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\lobby\sounds\ambercoast_lobby.mp3 (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\roulette_ln\history_numbers.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\roulette_ln\history_over.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\black100x100.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\loading.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\loading_anim.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\buttons\buttons-alpha.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\buttons\buttons.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\fonts\serifabdcnbt.fon (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\fonts\square721bdexbt.fon (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\fonts\tahoma10b.fon (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\fonts\tahoma8.fon (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\fonts\tahoma8b.fon (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\bg.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\button_left.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\button_middle.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\button_right.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\cashier_offline.css (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\cashier_offline.html (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\cashier_offline.js (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\cashier_offline_functions.js (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\dealer.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\icon_comps.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\icon_transactionhistory.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\icon_withdraw.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\logo_offline_cashier.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\spacer.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\chat\chat.html (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\chat\colors.html (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\chat\edit.html (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\chat\emoticons.html (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\chat\emoticons\01.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\chat\emoticons\02.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\chat\emoticons\03.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\chat\emoticons\04.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\chat\emoticons\05.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\chat\emoticons\06.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\chat\emoticons\07.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\chat\emoticons\08.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\chat\emoticons\09.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\chat\emoticons\10.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\chat\emoticons\11.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\chat\emoticons\12.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\chat\emoticons\13.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\html\chat\emoticons\14.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\bottom_ribbon-alpha.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\bottom_ribbon.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\buttons.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\button_close.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\cashier_playforreal.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\chat.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\game.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\logo-alpha.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\logo.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\logo_download-alpha.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\logo_download.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\menu.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\onlinestatus.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\options-dialog.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\options-dialog2-alpha.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\options-dialog2.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\options-dialog3.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\options_adjust.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\options_ribbon.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\options_slider.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\playtech-alpha.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\playtech.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\play_for_real2-alpha.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\play_for_real2.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\small_window.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\sound.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\chat\chat_window.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\chat\close-over.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\chat\font.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\chat\send.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\ui\ui-alpha.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\interface\ui\ui.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\ln\cross.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\ln\scrollbuttons.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\shared\ui\sysmenu.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\sicbo_ln\history_dice.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Côte d'Azur Palace Casino\data\sicbo_ln\history_over.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\cactivex.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\casino.exe (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\casino.hlp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\casino.ico (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\directsounddriver.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\fileinfo.dat (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\fileinfo2.dat (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\fileinfo2r.dat (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\gdigraphdriver.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\h264dec.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\nvssd430.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\ptsetup.lang (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\ptsetup.log (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\replace.exe (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\unicows.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\_SetupCasino.exe (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\aroundtheworld.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\aroundtheworld.gam (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\cashier.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\cashier.gam (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\common.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\common.gam (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\loader.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\loader.gam (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby.gam (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\aroundtheworld\anim-alpha.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\baccarat_ln\history_buttons.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\baccarat_ln\history_symbols.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\anim1.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\anim2-alpha.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\anim2.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\anim3.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\anim4.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\anim5-alpha.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\anim5.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\anim6-alpha1.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\anim6-alpha2.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\anim6-alpha3.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\anim6-alpha4.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\anim6.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\back.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\cashier-over.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\contact_us-alpha.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\contact_us.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\elite-alpha.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\elite.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\enter_the_name_of_the_group-alpha.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\enter_the_name_of_the_group.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\exit-over.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\exit.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\groupname-alpha.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\groupname.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\help-over.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\help.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\newgames_icons.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\onlinestatus.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\options-over.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\options.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\play_for_real.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\ln\back.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\ln\checkbox.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\ln\close.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\ln\header_txt.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\ln\history_back.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\ln\join.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\ln\loading.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\ln\tabletop_arrows.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\ln\tabletop_limits_button.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\ln\tabletop_limits_table.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\ln\tabletop_over.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\ln\tabletop_sep.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\ln\tabletop_txt.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\ln\table_back.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\ln\tabs.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\ln\waiting_list.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\ln\waiting_list_remove.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\login\background-alpha.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\login\background.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\login\create_account.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\login\dont_have_an_account.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\login\forgot.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\login\login.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\login\play_for_fun-alpha.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\login\play_for_fun.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\login\play_for_picture-alpha.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\login\play_for_picture.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\login\play_for_real-alpha.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\login\play_for_real.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\login\remember_password.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\login\select_gamemode.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\login\textbox.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\login\uppertext.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\menu\gamebutton_bottom.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\menu\gamebutton_default-alpha.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\menu\gamebutton_default-over.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\menu\gamebutton_default.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\menu\gamebutton_info.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\menu\gamebutton_root.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\menu\gamebutton_slots.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\menu\gamebutton_special-alpha.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\menu\gamebutton_special-over.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\menu\gamebutton_special.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\menu\gamebutton_text-alpha.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\menu\gamebutton_text-over.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\menu\gamebutton_text.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\menu\gamebutton_top.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\menu\gametype-alpha.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\menu\gametype.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\menu\gametype_bottom.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\menu\gametype_mahjong-alpha.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\menu\gametype_mahjong.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\menu\gametype_top.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\menu\headers.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\sounds\back.mp3 (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\roulette_ln\history_numbers.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\roulette_ln\history_over.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\black100x100.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\loading.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\loading_anim.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\buttons\buttons.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\fonts\serifabdcnbt.fon (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\fonts\square721bdexbt.fon (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\fonts\tahoma10b.fon (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\fonts\tahoma8.fon (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\fonts\tahoma8b.fon (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\html\bg.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\html\button_left.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\html\button_middle.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\html\button_right.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\html\cashier_offline.css (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\html\cashier_offline.html (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\html\cashier_offline.js (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\html\cashier_offline_functions.js (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\html\dealer.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\html\icon_comps.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\html\icon_transactionhistory.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\html\icon_withdraw.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\html\logo_offline_cashier.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\html\spacer.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\html\chat\chat.html (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\html\chat\colors.html (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\html\chat\edit.html (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\html\chat\emoticons.html (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\html\chat\emoticons\01.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\html\chat\emoticons\02.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\html\chat\emoticons\03.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\html\chat\emoticons\04.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\html\chat\emoticons\05.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\html\chat\emoticons\06.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\html\chat\emoticons\07.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\html\chat\emoticons\08.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\html\chat\emoticons\09.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\html\chat\emoticons\10.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\html\chat\emoticons\11.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\html\chat\emoticons\12.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\html\chat\emoticons\13.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\html\chat\emoticons\14.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\interface\bottom_ribbon-alpha.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\interface\bottom_ribbon.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\interface\buttons.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\interface\button_close-over.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\interface\button_close.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\interface\cashier-over.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\interface\cashier.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\interface\chat-over.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\interface\chat.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\interface\game.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\interface\logo-alpha.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\interface\logo.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\interface\logo_download-alpha.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\interface\logo_download.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\interface\menu.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\interface\onlinestatus.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\interface\online_support-alpha.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\interface\online_support-over.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\interface\online_support.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\interface\options-dialog.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\interface\options-dialog2.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\interface\options-dialog_big-alpha.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\interface\options-dialog_big.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\interface\options_adjust.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\interface\options_ribbon.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\interface\options_slider.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\interface\playtech-alpha.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\interface\playtech.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\interface\play_for_real-over.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\interface\play_for_real.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\interface\play_for_real2-over.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\interface\play_for_real2.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\interface\small_window.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\interface\small_window2.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\interface\sound.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\interface\chat\chat_window.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\interface\chat\close-over.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\interface\chat\font.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\interface\chat\send.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\interface\ui\ui-alpha.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\interface\ui\ui.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\ln\cross.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\ln\scrollbuttons.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\ui\sysmenu.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\sicbo_ln\history_dice.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\sicbo_ln\history_over.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Prestige Casino\cactivex.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Prestige Casino\casino.exe (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Prestige Casino\casino.hlp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Prestige Casino\directsounddriver.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Prestige Casino\fileinfo.dat (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Prestige Casino\fileinfo2.dat (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Prestige Casino\fileinfo2r.dat (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Prestige Casino\gdigraphdriver.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Prestige Casino\h264dec.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Prestige Casino\nvssd430.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Prestige Casino\ptsetup.lang (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Prestige Casino\ptsetup.log (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Prestige Casino\repla
domino
cool ;-)
ou en sont tes soucis ?
repost un hijack this stp
@+
cool ;-)
ou en sont tes soucis ?
repost un hijack this stp
@+
Salut g!rly . Pour mes problemes ca va beaucoup mieux.Plus de pub, et j'ai l'impression que l'ordi rame moins.Je te post un hjt. Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:19:52, on 17/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\PROGRA~1\INCRED~1\bin\IMApp.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Microsoft Encarta\Collection Microsoft Encarta 2006\EDICT.EXE
C:\Program Files\eMule\emule.exe
C:\Program Files\Micro Application\12 DICOS Indispensables\MediaDICO12.EXE
C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe
C:\Program Files\Micro Application\12 DICOS Indispensables\Rac12.EXE
C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE
C:\WINDOWS\eHome\ehSched.exe
c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://neufportail.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll (file missing)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [Creative Live! Cam Manager] "C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MediaDico] C:\Program Files\Micro Application\12 DICOS Indispensables\LanceMediaDICO12.exe Lancement
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [E06FDXRC_195450765] "C:\Program Files\Microsoft Encarta\Collection Microsoft Encarta 2006\EDICT.EXE" -m
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Startup: TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
O4 - Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
O4 - Global Startup: Acer Empowering Technology.lnk = ?
O4 - Global Startup: Acer WLAN 11g USB Dongle.lnk = C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\Program Files\IncrediMail\bin\resources\WebMenuImg.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Europa Casino - {4C826F10-D34B-4ba8-B609-1FB8C6482A05} - C:\Casino\Europa Casino\casino.exe (file missing)
O9 - Extra 'Tools' menuitem: Europa Casino - {4C826F10-D34B-4ba8-B609-1FB8C6482A05} - C:\Casino\Europa Casino\casino.exe (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {BD8667B7-38D8-4C77-B580-18C3E146372C} (Creative Toolbox Plug-in) - http://bmm.imgag.com/imgag/cp/install/crusher-fr.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://ww25.incredijeux.com/online/online2/chuzzle/popcaploader_v6.cab
O16 - DPF: {E1342154-4889-42B5-BEF6-19237577048F} (OberongamesLoader Object) - http://ww1.incredijeux.com
O18 - Protocol: bw+0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\MAGIX\Common\Database\bin\fbserver.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
Scan saved at 15:19:52, on 17/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\PROGRA~1\INCRED~1\bin\IMApp.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Microsoft Encarta\Collection Microsoft Encarta 2006\EDICT.EXE
C:\Program Files\eMule\emule.exe
C:\Program Files\Micro Application\12 DICOS Indispensables\MediaDICO12.EXE
C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe
C:\Program Files\Micro Application\12 DICOS Indispensables\Rac12.EXE
C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE
C:\WINDOWS\eHome\ehSched.exe
c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://neufportail.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll (file missing)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [Creative Live! Cam Manager] "C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MediaDico] C:\Program Files\Micro Application\12 DICOS Indispensables\LanceMediaDICO12.exe Lancement
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [E06FDXRC_195450765] "C:\Program Files\Microsoft Encarta\Collection Microsoft Encarta 2006\EDICT.EXE" -m
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Startup: TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
O4 - Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
O4 - Global Startup: Acer Empowering Technology.lnk = ?
O4 - Global Startup: Acer WLAN 11g USB Dongle.lnk = C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\Program Files\IncrediMail\bin\resources\WebMenuImg.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Europa Casino - {4C826F10-D34B-4ba8-B609-1FB8C6482A05} - C:\Casino\Europa Casino\casino.exe (file missing)
O9 - Extra 'Tools' menuitem: Europa Casino - {4C826F10-D34B-4ba8-B609-1FB8C6482A05} - C:\Casino\Europa Casino\casino.exe (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {BD8667B7-38D8-4C77-B580-18C3E146372C} (Creative Toolbox Plug-in) - http://bmm.imgag.com/imgag/cp/install/crusher-fr.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://ww25.incredijeux.com/online/online2/chuzzle/popcaploader_v6.cab
O16 - DPF: {E1342154-4889-42B5-BEF6-19237577048F} (OberongamesLoader Object) - http://ww1.incredijeux.com
O18 - Protocol: bw+0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\MAGIX\Common\Database\bin\fbserver.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
domino,
a l´aide de hijack this coche et fix ceci :
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll (file missing)
O9 - Extra button: Europa Casino - {4C826F10-D34B-4ba8-B609-1FB8C6482A05} - C:\Casino\Europa Casino\casino.exe (file missing)
O9 - Extra 'Tools' menuitem: Europa Casino - {4C826F10-D34B-4ba8-B609-1FB8C6482A05} - C:\Casino\Europa Casino\casino.exe (file missing)
comment fixer :
Tutoriel d´utilisation (video) : (Merci a Balltrap34 pour cette réalisation)
-> http://perso.orange.fr/rginformatique/section%20virus/demohijack.htm
instale un par feu :
par feu : kerio
telechargement : http://sd-1.archive-host.com/membres/up/1366464061/kerio-kpf-422-911-win.rar
tuto :
http://www.malekal.com/kerio_firewall.php#mozTocId721480
https://www.vulgarisation-informatique.com/kerio.php
https://kerio.probb.fr/f2-sunbelt-kerio-personal-firewall
Comodo 3 pro :
http://www.commentcamarche.net/telecharger/telecharger 34055041 comodo firewall pro
Online armor :
http://www.commentcamarche.net/telecharger/telecharger 34055356 online armor personal firewall
tuto : https://forum.pcastuces.com/sujet.asp?f=25&s=35606
ou zone alarm plus facil a configurer mais moins performant
https://www.malekal.com/tutoriel-zonealarm-firewall/
anti spyware : bonus :
spywareblaster :
http://www.brightfort.com/spywareblaster.html
c´est un resident, il suffit de le mettre a jour de temps en temps car la version gratuite ne le fait pas toute seul , une fois installé et mis a jour tu mets toutes les protections sur "enable"
tuto : http://forum.telecharger.01net.com/forum/high-tech/PRODUITS/Questions-techniques/question-spywareblaser-sujet_174747_1.htm
il rame moins mais il rame encore ?
Ccleaner:
-> Télécharge Ccleaner (n'installe pas la barre d'outil Yahoo):
http://www.commentcamarche.net/telecharger/telechargement 168 ccleaner
-> L´installer.
-> Une fois installé et lancé :
Dans la colonne de gauche, click sur :
->"erreurs" :
Coches toutes les cases sous"l´integrité du registre", puis click en bas sur "chercher des erreurs" une fois terminé, clic sur "reparer les erreurs", tu auras un message pour sauvegarder ta base de registre, tu click "oui" puis tu recommence jusqu'à ce qu'il ne trouve plus rien.
ps : les sauvegardes que tu auras faites, pourront etre supprimées ulterieurement si tout va bien.
->"nettoyeur"
quitte ton navigateur avant de le lancer, dans les propriétés du nettoyeur de l´onglet "windows" et "applications"décoche la derniere case (Avancé si elle est cochée) puis click sur "lancer le nettoyage" qunand il aura terminé le scan click en bas a droite sur "lancer le nettoyage" et accepte par oui.
-> Tutoriel en image :
https://www.vulgarisation-informatique.com/nettoyer-windows-ccleaner.php
-> Pour ceux qui voudraient aller plus loin en compagnie de jesses (fonctions avancés) :
http://perso.orange.fr/jesses/Docs/Logiciels/CCleaner.htm
puis
telecharge et instal regcleaner:
http://www.01net.com/windows/Utilitaire/nettoyeurs_et_installeurs/fiches/4894.html
tutorial :
https://forums.cnetfrance.fr
http://www.softastuces.com/tuto/maint/regcleaner/
c´est important le par feu ! je te l´avais deja dit, mais tu ne l´as pas installé ?
@+
a l´aide de hijack this coche et fix ceci :
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll (file missing)
O9 - Extra button: Europa Casino - {4C826F10-D34B-4ba8-B609-1FB8C6482A05} - C:\Casino\Europa Casino\casino.exe (file missing)
O9 - Extra 'Tools' menuitem: Europa Casino - {4C826F10-D34B-4ba8-B609-1FB8C6482A05} - C:\Casino\Europa Casino\casino.exe (file missing)
comment fixer :
Tutoriel d´utilisation (video) : (Merci a Balltrap34 pour cette réalisation)
-> http://perso.orange.fr/rginformatique/section%20virus/demohijack.htm
instale un par feu :
par feu : kerio
telechargement : http://sd-1.archive-host.com/membres/up/1366464061/kerio-kpf-422-911-win.rar
tuto :
http://www.malekal.com/kerio_firewall.php#mozTocId721480
https://www.vulgarisation-informatique.com/kerio.php
https://kerio.probb.fr/f2-sunbelt-kerio-personal-firewall
Comodo 3 pro :
http://www.commentcamarche.net/telecharger/telecharger 34055041 comodo firewall pro
Online armor :
http://www.commentcamarche.net/telecharger/telecharger 34055356 online armor personal firewall
tuto : https://forum.pcastuces.com/sujet.asp?f=25&s=35606
ou zone alarm plus facil a configurer mais moins performant
https://www.malekal.com/tutoriel-zonealarm-firewall/
anti spyware : bonus :
spywareblaster :
http://www.brightfort.com/spywareblaster.html
c´est un resident, il suffit de le mettre a jour de temps en temps car la version gratuite ne le fait pas toute seul , une fois installé et mis a jour tu mets toutes les protections sur "enable"
tuto : http://forum.telecharger.01net.com/forum/high-tech/PRODUITS/Questions-techniques/question-spywareblaser-sujet_174747_1.htm
il rame moins mais il rame encore ?
Ccleaner:
-> Télécharge Ccleaner (n'installe pas la barre d'outil Yahoo):
http://www.commentcamarche.net/telecharger/telechargement 168 ccleaner
-> L´installer.
-> Une fois installé et lancé :
Dans la colonne de gauche, click sur :
->"erreurs" :
Coches toutes les cases sous"l´integrité du registre", puis click en bas sur "chercher des erreurs" une fois terminé, clic sur "reparer les erreurs", tu auras un message pour sauvegarder ta base de registre, tu click "oui" puis tu recommence jusqu'à ce qu'il ne trouve plus rien.
ps : les sauvegardes que tu auras faites, pourront etre supprimées ulterieurement si tout va bien.
->"nettoyeur"
quitte ton navigateur avant de le lancer, dans les propriétés du nettoyeur de l´onglet "windows" et "applications"décoche la derniere case (Avancé si elle est cochée) puis click sur "lancer le nettoyage" qunand il aura terminé le scan click en bas a droite sur "lancer le nettoyage" et accepte par oui.
-> Tutoriel en image :
https://www.vulgarisation-informatique.com/nettoyer-windows-ccleaner.php
-> Pour ceux qui voudraient aller plus loin en compagnie de jesses (fonctions avancés) :
http://perso.orange.fr/jesses/Docs/Logiciels/CCleaner.htm
puis
telecharge et instal regcleaner:
http://www.01net.com/windows/Utilitaire/nettoyeurs_et_installeurs/fiches/4894.html
tutorial :
https://forums.cnetfrance.fr
http://www.softastuces.com/tuto/maint/regcleaner/
c´est important le par feu ! je te l´avais deja dit, mais tu ne l´as pas installé ?
@+
Scan saved at 18:46:36, on 12/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Microsoft Encarta\Collection Microsoft Encarta 2006\EDICT.EXE
C:\Program Files\Micro Application\12 DICOS Indispensables\MediaDICO12.EXE
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Micro Application\12 DICOS Indispensables\Rac12.EXE
C:\Program Files\eMule\emule.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe
c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
C:\PROGRA~1\INCRED~1\bin\IMApp.exe
C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://neufportail.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll (file missing)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb125\SearchSettings.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [Creative Live! Cam Manager] "C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MediaDico] C:\Program Files\Micro Application\12 DICOS Indispensables\LanceMediaDICO12.exe Lancement
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [E06FDXRC_195450765] "C:\Program Files\Microsoft Encarta\Collection Microsoft Encarta 2006\EDICT.EXE" -m
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Startup: TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
O4 - Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
O4 - Global Startup: Acer Empowering Technology.lnk = ?
O4 - Global Startup: Acer WLAN 11g USB Dongle.lnk = C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\Program Files\IncrediMail\bin\resources\WebMenuImg.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Europa Casino - {4C826F10-D34B-4ba8-B609-1FB8C6482A05} - C:\Casino\Europa Casino\casino.exe
O9 - Extra 'Tools' menuitem: Europa Casino - {4C826F10-D34B-4ba8-B609-1FB8C6482A05} - C:\Casino\Europa Casino\casino.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {BD8667B7-38D8-4C77-B580-18C3E146372C} (Creative Toolbox Plug-in) - http://bmm.imgag.com/imgag/cp/install/crusher-fr.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://ww25.incredijeux.com/online/online2/chuzzle/popcaploader_v6.cab
O16 - DPF: {E1342154-4889-42B5-BEF6-19237577048F} (OberongamesLoader Object) - http://ww1.incredijeux.com
O18 - Protocol: bw+0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {6AE3DECF-1B4F-4862-8F70-DF580ACFF8DA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\MAGIX\Common\Database\bin\fbserver.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.1419 [GMT 1:00]
Endroit: C:\Documents and Settings\dominique\Bureau\ComboFix.exe
* Création d'un nouveau point de restauration
[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\WINDOWS\system32\hrbnyjcvgq.dat
C:\WINDOWS\system32\hrbnyjcvgq_nav.dat
C:\WINDOWS\system32\hrbnyjcvgq_navps.dat
c:\WINDOWS\system32\ncpemu.dat
C:\WINDOWS\system32\ncpemu.exe
C:\WINDOWS\system32\ncpemu_nav.dat
c:\WINDOWS\system32\ncpemu_navps.dat
.
((((((((((((((((((((((((((((( Fichiers créés 2008-02-13 to 2008-03-13 ))))))))))))))))))))))))))))))))))))
.
2008-03-12 10:16 . 2008-03-12 10:16 <REP> d-------- C:\Program Files\Trend Micro
2008-03-08 17:53 . 2008-03-08 17:53 664 --a------ C:\WINDOWS\system32\d3d9caps.dat
2008-03-01 13:38 . 2008-03-01 13:46 <REP> d-------- C:\Program Files\NCH Software
2008-03-01 13:38 . 2008-03-01 13:40 <REP> d-------- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
2008-03-01 13:38 . 2008-03-01 13:38 <REP> d-------- C:\Documents and Settings\All Users\Application Data\NCH Software
2008-03-01 13:37 . 2008-03-01 13:47 <REP> d-------- C:\Program Files\NCH Swift Sound
2008-03-01 13:37 . 2008-03-01 13:47 <REP> d-------- C:\Documents and Settings\dominique\Application Data\NCH Swift Sound
2008-03-01 12:24 . 2008-03-01 12:24 <REP> d-------- C:\WINDOWS\system32\windows media
2008-03-01 12:24 . 2008-03-01 12:24 <REP> d--h----- C:\WINDOWS\msdownld.tmp
2008-03-01 12:24 . 2008-03-01 12:24 <REP> d-------- C:\Program Files\Windows Media Components
2008-03-01 12:21 . 2008-03-01 12:21 <REP> d-------- C:\Program Files\NRJ
2008-02-26 17:35 . 2008-03-01 16:53 <REP> d-------- C:\Documents and Settings\dominique\Application Data\gtk-2.0
2008-02-26 17:34 . 2008-02-26 17:35 <REP> d-------- C:\Documents and Settings\dominique\.thumbnails
2008-02-26 17:25 . 2008-02-26 17:28 <REP> d-------- C:\Program Files\Gimp Pack Mode
2008-02-26 17:25 . 2008-03-01 16:55 <REP> d-------- C:\Documents and Settings\dominique\.gimp-2.4
2008-02-22 19:38 . 2008-02-22 20:09 <REP> d-------- C:\Program Files\denouvel
2008-02-22 19:38 . 2008-02-22 20:09 796,672 --a------ C:\WINDOWS\GPInstall.exe
2008-02-22 19:38 . 2000-09-29 18:00 8,784 --a------ C:\WINDOWS\F_France.gpl
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-03-13 02:03 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-03-12 17:22 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-03-12 07:40 --------- d-----w C:\Program Files\eMule
2008-03-10 14:31 --------- d-----w C:\Program Files\Fichiers communs\Adobe
2008-02-05 18:25 --------- d-----w C:\Program Files\Incredijeux
2008-02-04 16:16 --------- d-----w C:\Program Files\Google
2008-01-28 10:41 --------- d-----w C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-01-28 10:28 12,632 ----a-w C:\WINDOWS\system32\lsdelete.exe
2008-01-27 19:36 --------- d-----w C:\Documents and Settings\dominique\Application Data\DivX
2008-01-20 08:10 --------- d-----w C:\Documents and Settings\All Users\Application Data\MumboJumbo
.
------- Sigcheck -------
2007-06-13 14:22 979456 80a5400514eb32d393654768c4017e46 C:\WINDOWS\explorer.exe
2007-06-13 14:10 1037312 b795475444d6d57a572c14b9e1a29839 C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
2004-08-10 21:00 1036288 4c33e5b9a6197b6ed215f6cfba0a2daa C:\WINDOWS\$NtUninstallKB938828$\explorer.exe
2007-06-13 14:22 979456 80a5400514eb32d393654768c4017e46 C:\WINDOWS\system32\dllcache\explorer.exe
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}]
2007-11-22 21:35 1195360 --a------ C:\Program Files\Search Settings\kb125\SearchSettings.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-10 21:00 15360]
"IncrediMail"="C:\Program Files\IncrediMail\bin\IncMail.exe" [2007-12-04 18:01 214456]
"LDM"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2007-08-29 21:34 32768]
"Creative Live! Cam Manager"="C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe" [2006-05-31 15:00 143360]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-11-09 21:49 5724184]
"MediaDico"="C:\Program Files\Micro Application\12 DICOS Indispensables\LanceMediaDICO12.exe" [2002-12-24 14:31 253952]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 18:03 152872]
"E06FDXRC_195450765"="C:\Program Files\Microsoft Encarta\Collection Microsoft Encarta 2006\EDICT.exe" [2005-06-04 17:03 301776]
"eMuleAutoStart"="C:\Program Files\eMule\emule.exe" [2007-05-13 15:57 5308416]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-07-11 23:19 7626752]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 14:00 79224]
"NeroFilterCheck"="C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe" [2007-03-01 14:57 153136]
"SweetIM"="C:\Program Files\Macrogaming\SweetIM\SweetIM.exe" [2007-10-14 18:09 103712]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-10 21:00 15360]
C:\Documents and Settings\dominique\Menu D‚marrer\Programmes\D‚marrage\
Adobe Gamma.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 18:16:50 113664]
RocketDock.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe [2007-03-18 23:05:02 630784]
TransBar.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe [2005-06-01 20:41:18 65536]
UberIcon.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe [2006-05-21 08:43:08 180224]
Y'z Shadow.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe [2006-05-21 08:43:14 155648]
C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Acer Empowering Technology.lnk - C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe [2007-08-29 19:54:06 45056]
Acer WLAN 11g USB Dongle.lnk - C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe [2005-11-16 19:25:14 745472]
Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2007-08-29 21:34:58 450560]
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe [2007-08-29 21:34:12 450560]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"= C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"= C:\WINDOWS\Resources\Themes\Royale.theme
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\IncrediMail\\bin\\ImApp.exe"=
"C:\\Program Files\\IncrediMail\\bin\\IncMail.exe"=
"C:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"=
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"C:\\Program Files\\eMule\\emule.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\WINDOWS\\system32\\dpvsetup.exe"=
"C:\\WINDOWS\\system32\\rundll32.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Fichiers communs\\Ahead\\Nero Web\\SetupX.exe"=
"C:\\Program Files\\IncrediMail\\bin\\IncrediMail_Install.exe"=
"C:\\Program Files\\Azureus\\Azureus.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
R3 V0220Dev;Live! Cam Video IM;C:\WINDOWS\system32\DRIVERS\V0220Dev.sys [2006-06-29 06:58]
R3 V0220Vfx;V0220VFX;C:\WINDOWS\system32\DRIVERS\V0220Vfx.sys [2006-06-08 09:00]
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;C:\MAGIX\Common\Database\bin\fbserver.exe [2005-11-17 14:18]
S3 int15.sys;int15.sys;C:\Acer\Empowering Technology\eRecovery\int15.sys [2005-01-13 13:46]
S3 psdfilter;psdfilter;C:\WINDOWS\system32\Drivers\psdfilter.sys [2006-04-07 19:17]
S3 psdvdisk;psdvdisk;C:\WINDOWS\system32\Drivers\psdvdisk.sys [2006-03-08 16:10]
S3 ZD1211BU(ZyDAS);ZyDAS ZD1211B IEEE 802.11 b+g Wireless LAN Driver (USB)(ZyDAS);C:\WINDOWS\system32\DRIVERS\zd1211Bu.sys [2005-10-28 10:38]
.
**************************************************************************
catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-13 14:40:07
Windows 5.1.2600 Service Pack 2 NTFS
Balayage processus cachés ...
Balayage caché autostart entries ...
Balayage des fichiers cachés ...
Scan terminé avec succès
Les fichiers cachés: 0
**************************************************************************
.
Temps d'accomplissement: 2008-03-13 14:41:26
ComboFix-quarantined-files.txt 2008-03-13 13:40:52
.
2008-03-13 02:03:03 --- E O F ---