Ordi tres lent
Fermé
grandtoure
Messages postés
141
Date d'inscription
jeudi 6 mars 2008
Statut
Membre
Dernière intervention
2 juillet 2013
-
3 nov. 2008 à 21:16
geoffrey5 Messages postés 13732 Date d'inscription dimanche 20 mai 2007 Statut Contributeur sécurité Dernière intervention 21 mai 2010 - 22 nov. 2008 à 15:03
geoffrey5 Messages postés 13732 Date d'inscription dimanche 20 mai 2007 Statut Contributeur sécurité Dernière intervention 21 mai 2010 - 22 nov. 2008 à 15:03
A voir également:
- Ordi tres lent
- Pc tres lent - Guide
- Comment reinitialiser un ordi - Guide
- Mon mac est lent comment le nettoyer - Guide
- Ordi scrabble - Télécharger - Jeux vidéo
- Ordi ecran noir - Guide
53 réponses
geoffrey5
Messages postés
13732
Date d'inscription
dimanche 20 mai 2007
Statut
Contributeur sécurité
Dernière intervention
21 mai 2010
10
3 nov. 2008 à 21:21
3 nov. 2008 à 21:21
Salut !!
▶ Télécharge Toolbar-S&D (de Team IDN) sur ton Bureau
(c est le numéro 6 en bas de la page) :
▶ Lance l'installation du programme en exécutant le fichier téléchargé.
▶ Double-clique maintenant sur le raccourci de Toolbar-S&D.
▶ Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
▶ Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
▶ Poste le rapport généré. (C:\TB.txt)
▶ Télécharge Toolbar-S&D (de Team IDN) sur ton Bureau
(c est le numéro 6 en bas de la page) :
▶ Lance l'installation du programme en exécutant le fichier téléchargé.
▶ Double-clique maintenant sur le raccourci de Toolbar-S&D.
▶ Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
▶ Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
▶ Poste le rapport généré. (C:\TB.txt)
grandtoure
Messages postés
141
Date d'inscription
jeudi 6 mars 2008
Statut
Membre
Dernière intervention
2 juillet 2013
3 nov. 2008 à 21:33
3 nov. 2008 à 21:33
-----------\\ ToolBar S&D 1.2.4 XP/Vista
Microsoft Windows XP Professional ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : AMD Duron(tm) processor )
BIOS : Award Modular BIOS v6.00PG
USER : Owner ( Administrator )
BOOT : Normal boot
Antivirus : McAfee VirusScan (Activated)
Firewall : McAfee Personal Firewall (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:37 Go (Free:20 Go)
D:\ (CD or DVD)
E:\ (CD or DVD)
F:\ (USB)
"C:\ToolBar SD" ( MAJ : 27-10-2008|09:25 )
Option : [1] ( Mon 11/03/2008|16:28 )
-----------\\ Recherche de Fichiers / Dossiers ...
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="https://fr.yahoo.com/?p=us"
"Search Page"="http://red.clientapps.yahoo.com/customize/ie/defaults/sp/sbcydsl/*https://fr.yahoo.com/?p=us"
"Search Bar"="http://red.clientapps.yahoo.com/customize/ie/defaults/sb/sbcydsl/*http://www.yahoo.com/search/ie.html"
"SearchMigratedDefaultURL"="https://search.yahoo.com/web{searchTerms}&ei=utf-8&fr=b1ie7"
"Url"="http://www.microsoft.com/atwork/community/rss.xml"
"Url"="http://www.microsoft.com/athome/community/rss.xml"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Start Page"="https://www.msn.com/fr-fr/?ocid=iehp"
"Search Bar"="http://red.clientapps.yahoo.com/customize/ie/defaults/sb/sbcydsl/*http://www.yahoo.com/search/ie.html"
"SearchAssistant"="https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm"
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
1 - "C:\ToolBar SD\TB_1.txt" - Mon 11/03/2008|16:34 - Option : [1]
-----------\\ Fin du rapport a 16:34:01.41
Microsoft Windows XP Professional ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : AMD Duron(tm) processor )
BIOS : Award Modular BIOS v6.00PG
USER : Owner ( Administrator )
BOOT : Normal boot
Antivirus : McAfee VirusScan (Activated)
Firewall : McAfee Personal Firewall (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:37 Go (Free:20 Go)
D:\ (CD or DVD)
E:\ (CD or DVD)
F:\ (USB)
"C:\ToolBar SD" ( MAJ : 27-10-2008|09:25 )
Option : [1] ( Mon 11/03/2008|16:28 )
-----------\\ Recherche de Fichiers / Dossiers ...
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="https://fr.yahoo.com/?p=us"
"Search Page"="http://red.clientapps.yahoo.com/customize/ie/defaults/sp/sbcydsl/*https://fr.yahoo.com/?p=us"
"Search Bar"="http://red.clientapps.yahoo.com/customize/ie/defaults/sb/sbcydsl/*http://www.yahoo.com/search/ie.html"
"SearchMigratedDefaultURL"="https://search.yahoo.com/web{searchTerms}&ei=utf-8&fr=b1ie7"
"Url"="http://www.microsoft.com/atwork/community/rss.xml"
"Url"="http://www.microsoft.com/athome/community/rss.xml"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Start Page"="https://www.msn.com/fr-fr/?ocid=iehp"
"Search Bar"="http://red.clientapps.yahoo.com/customize/ie/defaults/sb/sbcydsl/*http://www.yahoo.com/search/ie.html"
"SearchAssistant"="https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm"
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
1 - "C:\ToolBar SD\TB_1.txt" - Mon 11/03/2008|16:34 - Option : [1]
-----------\\ Fin du rapport a 16:34:01.41
geoffrey5
Messages postés
13732
Date d'inscription
dimanche 20 mai 2007
Statut
Contributeur sécurité
Dernière intervention
21 mai 2010
10
3 nov. 2008 à 21:36
3 nov. 2008 à 21:36
euh... C est un rapport du mois de Mars ça mdr
1 - "C:\ToolBar SD\TB_1.txt" - Mon 11/03/2008|16:34 - Option : [1]
-----------\\ Fin du rapport a 16:34:01.41
1 - "C:\ToolBar SD\TB_1.txt" - Mon 11/03/2008|16:34 - Option : [1]
-----------\\ Fin du rapport a 16:34:01.41
grandtoure
Messages postés
141
Date d'inscription
jeudi 6 mars 2008
Statut
Membre
Dernière intervention
2 juillet 2013
3 nov. 2008 à 21:41
3 nov. 2008 à 21:41
non pas du tout. Je viens tout juste de faire la recherche. Je suis aux usa et ici c est comme ca qu'il marque la date.(mois/jour/annee)
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
geoffrey5
Messages postés
13732
Date d'inscription
dimanche 20 mai 2007
Statut
Contributeur sécurité
Dernière intervention
21 mai 2010
10
3 nov. 2008 à 21:45
3 nov. 2008 à 21:45
ah ok lol
▶ Télécharge malwarebytes
▶ Voici mon tuto pour bien l installer et bien l utiliser :
https://www.androidworld.fr/
aide toi bien du tuto pour supprimer correctement ce qu il aura trouvé
Après l analyse, redémarre le pc et poste le rapport !!
Et refais un nouveau rapport hijackthis stp
▶ Télécharge malwarebytes
▶ Voici mon tuto pour bien l installer et bien l utiliser :
https://www.androidworld.fr/
aide toi bien du tuto pour supprimer correctement ce qu il aura trouvé
Après l analyse, redémarre le pc et poste le rapport !!
Et refais un nouveau rapport hijackthis stp
grandtoure
Messages postés
141
Date d'inscription
jeudi 6 mars 2008
Statut
Membre
Dernière intervention
2 juillet 2013
4 nov. 2008 à 17:46
4 nov. 2008 à 17:46
Malwarebytes' Anti-Malware 1.30
Database version: 1360
Windows 5.1.2600 Service Pack 2
11/4/2008 12:43:46 PM
mbam-log-2008-11-04 (12-43-45).txt
Scan type: Full Scan (C:\|F:\|)
Objects scanned: 103764
Time elapsed: 1 hour(s), 39 minute(s), 18 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:46:36 PM, on 11/4/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Executive Software\Diskeeper\DkService.exe
C:\WINDOWS\System32\inetsrv\inetinfo.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\program files\common files\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\WINDOWS\Explorer.EXE
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\ScsiAccess.EXE
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\mqsvc.exe
C:\WINDOWS\System32\mqtgsvc.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\Browser Mouse\mouse32a.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\system32\WgaTray.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe
C:\Program Files\Muiltmedia keyboard utility\1.1\KbdAp32A.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\VoipStunt.com\VoipStunt\VoipStunt.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\iPod\bin\iPodService.exe
c:\PROGRA~1\mcafee\msc\mcuimgr.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Support.com\bin\tgcmd.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/ie/defaults/sb/sbcydsl/*http://www.yahoo.com/search/ie.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/customize/ie/defaults/sp/sbcydsl/*https://fr.yahoo.com/?p=us
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/?p=us
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/ie/defaults/sb/sbcydsl/*http://www.yahoo.com/search/ie.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/ie/defaults/su/sbcydsl/*https://fr.yahoo.com/?p=us
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file)
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: (no name) - {F5735C15-1FB2-41FE-BA12-242757E69DDE} - (no file)
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll
O4 - HKLM\..\Run: [Pure Networks Port Magic] "C:\PROGRA~1\PURENE~1\PORTMA~1\PortAOL.exe" -Run
O4 - HKLM\..\Run: [FLMOFFICE4DMOUSE] C:\Program Files\Browser Mouse\mouse32a.exe
O4 - HKLM\..\Run: [FLMK08KB] C:\Program Files\Muiltmedia keyboard utility\1.1\MMKEYBD.EXE
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [YOP] C:\PROGRA~1\Yahoo!\YOP\yop.exe /autostart
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [tgcmd] C:\Program Files\Support.com\bin\tgcmd.exe /server /startmonitor /deaf
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [System Soap Pro] C:\PROGRA~1\SYSTEM~1\soap.exe min
O4 - HKCU\..\Run: [HBt9RTH3W] clsaysvr.exe
O4 - HKCU\..\Run: [ufqz] C:\PROGRA~1\COMMON~1\ufqz\ufqzm.exe
O4 - HKCU\..\Run: [SRS Audio Sandbox] "C:\Program Files\SRS Labs\Audio Sandbox\SRSSSC.exe" /hideme
O4 - HKCU\..\Run: [VoipStunt] "C:\Program Files\VoipStunt.com\VoipStunt\VoipStunt.exe" -nosplash -minimized
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office OneNote 2003 Quick Launch.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Download with Go!Zilla - file://C:\PROGRA~1\Go!Zilla\download-with-gozilla.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O15 - Trusted Zone: http://www.listen.com
O15 - Trusted Zone: https://us.napster.com/
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://kazaliou.spaces.live.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {50647AB5-18FD-4142-82B0-5852478DD0D5} (Keynote Connector Launcher 2) - http://webeffective.keynote.com/applications/pconnector/download/ConnectorLauncher.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/webplayer/stage6/windows/AutoDLDivXWebPlayerInstaller.cab
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\Diskeeper\DkService.exe
O23 - Service: InCD File System Service (InCDsrv) - AHEAD Software - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ScsiAccess - Unknown owner - C:\WINDOWS\system32\ScsiAccess.EXE
Database version: 1360
Windows 5.1.2600 Service Pack 2
11/4/2008 12:43:46 PM
mbam-log-2008-11-04 (12-43-45).txt
Scan type: Full Scan (C:\|F:\|)
Objects scanned: 103764
Time elapsed: 1 hour(s), 39 minute(s), 18 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:46:36 PM, on 11/4/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Executive Software\Diskeeper\DkService.exe
C:\WINDOWS\System32\inetsrv\inetinfo.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\program files\common files\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\WINDOWS\Explorer.EXE
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\ScsiAccess.EXE
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\mqsvc.exe
C:\WINDOWS\System32\mqtgsvc.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\Browser Mouse\mouse32a.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\system32\WgaTray.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe
C:\Program Files\Muiltmedia keyboard utility\1.1\KbdAp32A.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\VoipStunt.com\VoipStunt\VoipStunt.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\iPod\bin\iPodService.exe
c:\PROGRA~1\mcafee\msc\mcuimgr.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Support.com\bin\tgcmd.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/ie/defaults/sb/sbcydsl/*http://www.yahoo.com/search/ie.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/customize/ie/defaults/sp/sbcydsl/*https://fr.yahoo.com/?p=us
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/?p=us
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/ie/defaults/sb/sbcydsl/*http://www.yahoo.com/search/ie.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/ie/defaults/su/sbcydsl/*https://fr.yahoo.com/?p=us
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file)
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: (no name) - {F5735C15-1FB2-41FE-BA12-242757E69DDE} - (no file)
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll
O4 - HKLM\..\Run: [Pure Networks Port Magic] "C:\PROGRA~1\PURENE~1\PORTMA~1\PortAOL.exe" -Run
O4 - HKLM\..\Run: [FLMOFFICE4DMOUSE] C:\Program Files\Browser Mouse\mouse32a.exe
O4 - HKLM\..\Run: [FLMK08KB] C:\Program Files\Muiltmedia keyboard utility\1.1\MMKEYBD.EXE
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [YOP] C:\PROGRA~1\Yahoo!\YOP\yop.exe /autostart
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [tgcmd] C:\Program Files\Support.com\bin\tgcmd.exe /server /startmonitor /deaf
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [System Soap Pro] C:\PROGRA~1\SYSTEM~1\soap.exe min
O4 - HKCU\..\Run: [HBt9RTH3W] clsaysvr.exe
O4 - HKCU\..\Run: [ufqz] C:\PROGRA~1\COMMON~1\ufqz\ufqzm.exe
O4 - HKCU\..\Run: [SRS Audio Sandbox] "C:\Program Files\SRS Labs\Audio Sandbox\SRSSSC.exe" /hideme
O4 - HKCU\..\Run: [VoipStunt] "C:\Program Files\VoipStunt.com\VoipStunt\VoipStunt.exe" -nosplash -minimized
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office OneNote 2003 Quick Launch.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Download with Go!Zilla - file://C:\PROGRA~1\Go!Zilla\download-with-gozilla.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O15 - Trusted Zone: http://www.listen.com
O15 - Trusted Zone: https://us.napster.com/
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://kazaliou.spaces.live.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {50647AB5-18FD-4142-82B0-5852478DD0D5} (Keynote Connector Launcher 2) - http://webeffective.keynote.com/applications/pconnector/download/ConnectorLauncher.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/webplayer/stage6/windows/AutoDLDivXWebPlayerInstaller.cab
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\Diskeeper\DkService.exe
O23 - Service: InCD File System Service (InCDsrv) - AHEAD Software - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ScsiAccess - Unknown owner - C:\WINDOWS\system32\ScsiAccess.EXE
grandtoure
Messages postés
141
Date d'inscription
jeudi 6 mars 2008
Statut
Membre
Dernière intervention
2 juillet 2013
4 nov. 2008 à 17:56
4 nov. 2008 à 17:56
J'ai delete tout ce qui se trouvait dans la quarantaine de malwarebite
geoffrey5
Messages postés
13732
Date d'inscription
dimanche 20 mai 2007
Statut
Contributeur sécurité
Dernière intervention
21 mai 2010
10
4 nov. 2008 à 22:47
4 nov. 2008 à 22:47
Salut !!
▶ Télécharger et enregistrer lopSD sur le Bureau
▶ Double-clic Lop S&D
▶ Faire l'installation
▶ Fermer toutes les applications
▶ Le lancer par un double-clic sur le raccourci qui est sur le bureau
Avec VISTA => clic-droit et => Exécuter en tant qu'administrateur
▶ Taper F pour français , puis presser entrée
▶ Taper 1
▶ Presser Entrée
▶ Le PC va redémarrer
Note= si l'antivirus annonce une infection dans TEMP , l'ignorer
▶ Attendre l'apparition du rapport
▶ Copier le rapport et le coller dans la réponse
le rapport se trouve aussi à C:\lopR
▶ Télécharger et enregistrer lopSD sur le Bureau
▶ Double-clic Lop S&D
▶ Faire l'installation
▶ Fermer toutes les applications
▶ Le lancer par un double-clic sur le raccourci qui est sur le bureau
Avec VISTA => clic-droit et => Exécuter en tant qu'administrateur
▶ Taper F pour français , puis presser entrée
▶ Taper 1
▶ Presser Entrée
▶ Le PC va redémarrer
Note= si l'antivirus annonce une infection dans TEMP , l'ignorer
▶ Attendre l'apparition du rapport
▶ Copier le rapport et le coller dans la réponse
le rapport se trouve aussi à C:\lopR
grandtoure
Messages postés
141
Date d'inscription
jeudi 6 mars 2008
Statut
Membre
Dernière intervention
2 juillet 2013
5 nov. 2008 à 17:51
5 nov. 2008 à 17:51
--------------------\\ Lop S&D 4.2.4-9c XP/Vista
Microsoft Windows XP Professional ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : AMD Duron(tm) processor )
BIOS : Award Modular BIOS v6.00PG
USER : Owner ( Administrator )
BOOT : Normal boot
Antivirus : McAfee VirusScan (Activated)
Firewall : McAfee Personal Firewall (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:37 Go (Free:20 Go)
D:\ (CD or DVD)
E:\ (CD or DVD)
"C:\Lop SD" ( MAJ : 01-11-2008|16:30 )
Option : [1] ( Wed 11/05/2008|12:34 )
--------------------\\ Listing des dossiers dans APPLIC~1
[06/15/2007|05:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Adobe
[01/08/2007|11:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Ahead
[02/26/2005|10:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> AOL
[01/10/2005|10:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> AOL Downloads
[02/13/2008|12:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Apple
[02/18/2008|02:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Apple Computer
[05/14/2004|11:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Broderbund
[12/20/2004|05:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Broderbund LLC
[01/10/2007|03:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> CA
[02/08/2005|08:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> CyberLink
[01/27/2005|03:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> GTek
[12/13/2006|01:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> HP
[01/26/2005|10:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Kodak
[10/10/2008|01:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Malwarebytes
[05/12/2007|11:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> McAfee
[12/12/2006|01:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Microsoft
[11/17/2007|03:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Microsoft Help
[01/10/2007|03:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Motive
[05/14/2004|06:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> MSN6
[02/08/2007|03:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> NVIDIA Corporation
[01/10/2005|11:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Pure Networks
[01/13/2005|06:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> QuickTime
[12/11/2007|05:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Skype
[12/13/2006|12:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Sonic
[03/22/2007|11:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> SRS Labs
[05/11/2007|06:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Support.com
[05/11/2007|04:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Symantec
[03/21/2005|10:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Viewpoint
[05/11/2007|04:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Visual Networks
[10/29/2005|04:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Windows Genuine Advantage
[01/10/2007|03:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Yahoo
[04/11/2007|10:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Yahoo!
[05/14/2004|02:35] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Microsoft
[10/29/2005|05:38] C:\DOCUME~1\LOCALS~1\APPLIC~1\<DIR> Microsoft
[02/08/2005|09:49] C:\DOCUME~1\NETWOR~1\APPLIC~1\<DIR> Microsoft
[04/15/2005|01:29] C:\DOCUME~1\NETWOR~1\APPLIC~1\<DIR> Symantec
[02/13/2008|05:29] C:\DOCUME~1\Owner\APPLIC~1\<DIR> Adobe
[02/10/2007|07:19] C:\DOCUME~1\Owner\APPLIC~1\<DIR> AdobeUM
[12/20/2006|12:37] C:\DOCUME~1\Owner\APPLIC~1\<DIR> Ahead
[01/11/2005|01:13] C:\DOCUME~1\Owner\APPLIC~1\<DIR> Aim
[02/26/2005|10:32] C:\DOCUME~1\Owner\APPLIC~1\<DIR> AOL
[03/26/2008|07:10] C:\DOCUME~1\Owner\APPLIC~1\<DIR> Apple Computer
[05/14/2004|11:51] C:\DOCUME~1\Owner\APPLIC~1\<DIR> Broderbund
[02/08/2005|08:57] C:\DOCUME~1\Owner\APPLIC~1\<DIR> CyberLink
[10/30/2005|01:46] C:\DOCUME~1\Owner\APPLIC~1\<DIR> Exodus
[01/28/2005|04:29] C:\DOCUME~1\Owner\APPLIC~1\<DIR> GTek
[01/08/2005|05:08] C:\DOCUME~1\Owner\APPLIC~1\<DIR> Help
[12/13/2006|01:26] C:\DOCUME~1\Owner\APPLIC~1\<DIR> HP
[05/14/2004|02:43] C:\DOCUME~1\Owner\APPLIC~1\<DIR> Identities
[09/10/2007|12:52] C:\DOCUME~1\Owner\APPLIC~1\<DIR> ivivo
[10/04/2007|01:13] C:\DOCUME~1\Owner\APPLIC~1\<DIR> Keynote Systems
[05/14/2004|11:43] C:\DOCUME~1\Owner\APPLIC~1\<DIR> Leadertech
[05/21/2004|02:26] C:\DOCUME~1\Owner\APPLIC~1\<DIR> Macromedia
[10/10/2008|01:03] C:\DOCUME~1\Owner\APPLIC~1\<DIR> Malwarebytes
[08/18/2007|04:29] C:\DOCUME~1\Owner\APPLIC~1\<DIR> Microsoft
[03/20/2007|02:00] C:\DOCUME~1\Owner\APPLIC~1\<DIR> Motive
[04/11/2008|04:40] C:\DOCUME~1\Owner\APPLIC~1\<DIR> Mozilla
[01/28/2005|04:28] C:\DOCUME~1\Owner\APPLIC~1\<DIR> MSN6
[01/23/2005|04:56] C:\DOCUME~1\Owner\APPLIC~1\<DIR> NeroVision
[11/12/2007|04:46] C:\DOCUME~1\Owner\APPLIC~1\<DIR> Real
[06/15/2007|12:16] C:\DOCUME~1\Owner\APPLIC~1\<DIR> Skype
[12/12/2004|05:45] C:\DOCUME~1\Owner\APPLIC~1\<DIR> Symantec
[04/11/2008|04:41] C:\DOCUME~1\Owner\APPLIC~1\<DIR> Talkback
[10/25/2008|12:39] C:\DOCUME~1\Owner\APPLIC~1\<DIR> VoipStunt
[11/03/2008|03:11] C:\DOCUME~1\Owner\APPLIC~1\<DIR> WinRAR
[12/19/2005|05:05] C:\DOCUME~1\Owner\APPLIC~1\<DIR> yahoo!
[02/16/2005|04:38] C:\DOCUME~1\Owner\APPLIC~1\<DIR> Yahoo! Messenger
[01/10/2005|11:04] C:\DOCUME~1\Owner\APPLIC~1\<DIR> You've Got Pictures Screensaver
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[10/30/2008 12:39 PM][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[10/15/2008 01:05 AM][--a------] C:\WINDOWS\tasks\McDefragTask.job
[04/01/2008 01:00 AM][--a------] C:\WINDOWS\tasks\McQcTask.job
[11/03/2008 03:14 PM][--ah-----] C:\WINDOWS\tasks\SA.DAT
[08/23/2001 07:00 AM][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[06/19/2007|11:09] C:\Program Files\<DIR> Adobe
[02/08/2007|03:06] C:\Program Files\<DIR> Ahead
[10/24/2008|12:06] C:\Program Files\<DIR> Apple Software Update
[07/14/2007|08:17] C:\Program Files\<DIR> ASIO4ALL v2
[05/11/2007|04:32] C:\Program Files\<DIR> BroadJump
[05/14/2004|11:50] C:\Program Files\<DIR> Broderbund
[02/26/2005|10:25] C:\Program Files\<DIR> Browser Mouse
[02/08/2007|02:56] C:\Program Files\<DIR> Cliprex DVD Player Professional
[05/09/2008|12:51] C:\Program Files\<DIR> Common Files
[02/08/2005|08:54] C:\Program Files\<DIR> CyberLink
[09/29/2007|12:54] C:\Program Files\<DIR> DivineIslam
[12/11/2007|05:16] C:\Program Files\<DIR> DivX
[05/14/2004|11:42] C:\Program Files\<DIR> Executive Software
[02/21/2006|08:35] C:\Program Files\<DIR> fsupport
[12/13/2006|12:28] C:\Program Files\<DIR> Hewlett-Packard
[05/14/2004|11:21] C:\Program Files\<DIR> HighMAT CD Writing Wizard
[10/17/2007|06:15] C:\Program Files\<DIR> HP
[01/10/2007|03:05] C:\Program Files\<DIR> illiminable
[12/15/2007|11:49] C:\Program Files\<DIR> Image-Line
[11/17/2007|03:45] C:\Program Files\<DIR> InstallShield Installation Information
[10/15/2008|05:27] C:\Program Files\<DIR> Internet Explorer
[04/04/2008|03:26] C:\Program Files\<DIR> iPod
[04/04/2008|03:27] C:\Program Files\<DIR> iTunes
[01/26/2005|10:38] C:\Program Files\<DIR> Kodak
[11/03/2008|04:58] C:\Program Files\<DIR> Malwarebytes' Anti-Malware
[08/07/2007|06:15] C:\Program Files\<DIR> MARS
[10/10/2008|04:01] C:\Program Files\<DIR> McAfee
[05/12/2007|11:17] C:\Program Files\<DIR> McAfee.com
[10/10/2008|05:19] C:\Program Files\<DIR> Messenger
[02/26/2005|10:25] C:\Program Files\<DIR> Microsoft ActiveSync
[05/11/2007|05:04] C:\Program Files\<DIR> Microsoft CAPICOM 2.1.0.2
[05/14/2004|02:36] C:\Program Files\<DIR> microsoft frontpage
[11/17/2007|04:01] C:\Program Files\<DIR> Microsoft Office
[05/14/2004|12:54] C:\Program Files\<DIR> Microsoft Visual Studio
[11/17/2007|04:01] C:\Program Files\<DIR> Microsoft Works
[05/14/2004|12:53] C:\Program Files\<DIR> Microsoft.NET
[01/26/2005|10:57] C:\Program Files\<DIR> Movie Maker
[11/04/2008|07:27] C:\Program Files\<DIR> Mozilla Firefox
[02/26/2005|10:25] C:\Program Files\<DIR> MSN
[11/02/2005|07:34] C:\Program Files\<DIR> MSN Apps
[05/14/2004|02:30] C:\Program Files\<DIR> MSN Gaming Zone
[04/27/2007|04:38] C:\Program Files\<DIR> MSN Messenger
[02/07/2005|10:58] C:\Program Files\<DIR> Muiltmedia keyboard utility
[11/03/2008|01:29] C:\Program Files\<DIR> Navilog1
[01/29/2007|03:56] C:\Program Files\<DIR> NetMeeting
[05/11/2007|04:52] C:\Program Files\<DIR> Norton SystemWorks
[02/26/2005|10:25] C:\Program Files\<DIR> OfficeUpdate11
[05/14/2004|02:34] C:\Program Files\<DIR> Online Services
[06/15/2007|11:53] C:\Program Files\<DIR> Outlook Express
[10/29/2005|03:50] C:\Program Files\<DIR> PeerCast
[01/14/2005|03:23] C:\Program Files\<DIR> Pure Networks
[04/04/2008|03:14] C:\Program Files\<DIR> QuickTime
[11/29/2007|02:36] C:\Program Files\<DIR> Real
[03/26/2008|11:31] C:\Program Files\<DIR> Safari
[03/20/2007|02:01] C:\Program Files\<DIR> SBC Self Support Tool
[05/21/2007|02:19] C:\Program Files\<DIR> Support.com
[10/10/2008|12:13] C:\Program Files\<DIR> Trend Micro
[02/13/2005|04:53] C:\Program Files\<DIR> Visual Networks
[10/25/2008|12:34] C:\Program Files\<DIR> VoipStunt.com
[07/16/2007|11:02] C:\Program Files\<DIR> VstPlugins
[05/14/2004|11:27] C:\Program Files\<DIR> Windows Journal Viewer
[01/11/2007|06:54] C:\Program Files\<DIR> Windows Media Connect
[11/13/2007|05:38] C:\Program Files\<DIR> Windows Media Connect 2
[11/19/2007|11:57] C:\Program Files\<DIR> Windows Media Player
[01/26/2005|10:44] C:\Program Files\<DIR> Windows NT
[06/19/2007|11:18] C:\Program Files\<DIR> WindowsUpdate
[11/03/2008|03:10] C:\Program Files\<DIR> WinRAR
[04/26/2007|02:51] C:\Program Files\<DIR> WriteExpress
[05/14/2004|02:36] C:\Program Files\<DIR> xerox
--------------------\\ Listing des dossiers dans C:\Program Files\Common Files
[06/19/2007|11:08] C:\Program Files\Common Files\<DIR> Adobe
[02/08/2007|03:05] C:\Program Files\Common Files\<DIR> Ahead
[02/18/2008|02:33] C:\Program Files\Common Files\<DIR> Apple
[05/14/2004|12:54] C:\Program Files\Common Files\<DIR> DESIGNER
[12/13/2006|12:22] C:\Program Files\Common Files\<DIR> Hewlett-Packard
[01/12/2007|02:06] C:\Program Files\Common Files\<DIR> HP
[04/26/2007|02:48] C:\Program Files\Common Files\<DIR> InstallShield
[01/26/2005|10:37] C:\Program Files\Common Files\<DIR> Kodak
[05/14/2004|12:57] C:\Program Files\Common Files\<DIR> L&H
[12/12/2006|01:19] C:\Program Files\Common Files\<DIR> Logitech
[10/10/2008|02:03] C:\Program Files\Common Files\<DIR> McAfee
[03/06/2008|11:37] C:\Program Files\Common Files\<DIR> Microsoft Shared
[03/20/2007|02:01] C:\Program Files\Common Files\<DIR> Motive
[05/14/2004|02:32] C:\Program Files\Common Files\<DIR> MSSoap
[10/31/2005|06:18] C:\Program Files\Common Files\<DIR> ODBC
[05/09/2008|12:46] C:\Program Files\Common Files\<DIR> Real
[05/11/2007|04:28] C:\Program Files\Common Files\<DIR> Scanner
[05/14/2004|02:32] C:\Program Files\Common Files\<DIR> Services
[12/31/2000|08:12] C:\Program Files\Common Files\<DIR> SpeechEngines
[02/21/2006|08:38] C:\Program Files\Common Files\<DIR> SWF Studio
[05/11/2007|08:42] C:\Program Files\Common Files\<DIR> Symantec Shared
[06/15/2007|11:53] C:\Program Files\Common Files\<DIR> System
[05/09/2008|12:51] C:\Program Files\Common Files\<DIR> xing shared
--------------------\\ Process
( 56 Processes )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-05 12:44:42
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 4
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:56][D:5]-> C:\DOCUME~1\Owner\LOCALS~1\Temp
[F:47][D:0]-> C:\DOCUME~1\Owner\Cookies
[F:532][D:45]-> C:\DOCUME~1\Owner\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - Wed 11/05/2008|12:51 - Option : [1]
--------------------\\ Fin du rapport a 12:51:13
Microsoft Windows XP Professional ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : AMD Duron(tm) processor )
BIOS : Award Modular BIOS v6.00PG
USER : Owner ( Administrator )
BOOT : Normal boot
Antivirus : McAfee VirusScan (Activated)
Firewall : McAfee Personal Firewall (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:37 Go (Free:20 Go)
D:\ (CD or DVD)
E:\ (CD or DVD)
"C:\Lop SD" ( MAJ : 01-11-2008|16:30 )
Option : [1] ( Wed 11/05/2008|12:34 )
--------------------\\ Listing des dossiers dans APPLIC~1
[06/15/2007|05:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Adobe
[01/08/2007|11:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Ahead
[02/26/2005|10:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> AOL
[01/10/2005|10:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> AOL Downloads
[02/13/2008|12:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Apple
[02/18/2008|02:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Apple Computer
[05/14/2004|11:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Broderbund
[12/20/2004|05:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Broderbund LLC
[01/10/2007|03:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> CA
[02/08/2005|08:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> CyberLink
[01/27/2005|03:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> GTek
[12/13/2006|01:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> HP
[01/26/2005|10:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Kodak
[10/10/2008|01:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Malwarebytes
[05/12/2007|11:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> McAfee
[12/12/2006|01:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Microsoft
[11/17/2007|03:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Microsoft Help
[01/10/2007|03:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Motive
[05/14/2004|06:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> MSN6
[02/08/2007|03:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> NVIDIA Corporation
[01/10/2005|11:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Pure Networks
[01/13/2005|06:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> QuickTime
[12/11/2007|05:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Skype
[12/13/2006|12:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Sonic
[03/22/2007|11:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> SRS Labs
[05/11/2007|06:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Support.com
[05/11/2007|04:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Symantec
[03/21/2005|10:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Viewpoint
[05/11/2007|04:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Visual Networks
[10/29/2005|04:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Windows Genuine Advantage
[01/10/2007|03:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Yahoo
[04/11/2007|10:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Yahoo!
[05/14/2004|02:35] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Microsoft
[10/29/2005|05:38] C:\DOCUME~1\LOCALS~1\APPLIC~1\<DIR> Microsoft
[02/08/2005|09:49] C:\DOCUME~1\NETWOR~1\APPLIC~1\<DIR> Microsoft
[04/15/2005|01:29] C:\DOCUME~1\NETWOR~1\APPLIC~1\<DIR> Symantec
[02/13/2008|05:29] C:\DOCUME~1\Owner\APPLIC~1\<DIR> Adobe
[02/10/2007|07:19] C:\DOCUME~1\Owner\APPLIC~1\<DIR> AdobeUM
[12/20/2006|12:37] C:\DOCUME~1\Owner\APPLIC~1\<DIR> Ahead
[01/11/2005|01:13] C:\DOCUME~1\Owner\APPLIC~1\<DIR> Aim
[02/26/2005|10:32] C:\DOCUME~1\Owner\APPLIC~1\<DIR> AOL
[03/26/2008|07:10] C:\DOCUME~1\Owner\APPLIC~1\<DIR> Apple Computer
[05/14/2004|11:51] C:\DOCUME~1\Owner\APPLIC~1\<DIR> Broderbund
[02/08/2005|08:57] C:\DOCUME~1\Owner\APPLIC~1\<DIR> CyberLink
[10/30/2005|01:46] C:\DOCUME~1\Owner\APPLIC~1\<DIR> Exodus
[01/28/2005|04:29] C:\DOCUME~1\Owner\APPLIC~1\<DIR> GTek
[01/08/2005|05:08] C:\DOCUME~1\Owner\APPLIC~1\<DIR> Help
[12/13/2006|01:26] C:\DOCUME~1\Owner\APPLIC~1\<DIR> HP
[05/14/2004|02:43] C:\DOCUME~1\Owner\APPLIC~1\<DIR> Identities
[09/10/2007|12:52] C:\DOCUME~1\Owner\APPLIC~1\<DIR> ivivo
[10/04/2007|01:13] C:\DOCUME~1\Owner\APPLIC~1\<DIR> Keynote Systems
[05/14/2004|11:43] C:\DOCUME~1\Owner\APPLIC~1\<DIR> Leadertech
[05/21/2004|02:26] C:\DOCUME~1\Owner\APPLIC~1\<DIR> Macromedia
[10/10/2008|01:03] C:\DOCUME~1\Owner\APPLIC~1\<DIR> Malwarebytes
[08/18/2007|04:29] C:\DOCUME~1\Owner\APPLIC~1\<DIR> Microsoft
[03/20/2007|02:00] C:\DOCUME~1\Owner\APPLIC~1\<DIR> Motive
[04/11/2008|04:40] C:\DOCUME~1\Owner\APPLIC~1\<DIR> Mozilla
[01/28/2005|04:28] C:\DOCUME~1\Owner\APPLIC~1\<DIR> MSN6
[01/23/2005|04:56] C:\DOCUME~1\Owner\APPLIC~1\<DIR> NeroVision
[11/12/2007|04:46] C:\DOCUME~1\Owner\APPLIC~1\<DIR> Real
[06/15/2007|12:16] C:\DOCUME~1\Owner\APPLIC~1\<DIR> Skype
[12/12/2004|05:45] C:\DOCUME~1\Owner\APPLIC~1\<DIR> Symantec
[04/11/2008|04:41] C:\DOCUME~1\Owner\APPLIC~1\<DIR> Talkback
[10/25/2008|12:39] C:\DOCUME~1\Owner\APPLIC~1\<DIR> VoipStunt
[11/03/2008|03:11] C:\DOCUME~1\Owner\APPLIC~1\<DIR> WinRAR
[12/19/2005|05:05] C:\DOCUME~1\Owner\APPLIC~1\<DIR> yahoo!
[02/16/2005|04:38] C:\DOCUME~1\Owner\APPLIC~1\<DIR> Yahoo! Messenger
[01/10/2005|11:04] C:\DOCUME~1\Owner\APPLIC~1\<DIR> You've Got Pictures Screensaver
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[10/30/2008 12:39 PM][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[10/15/2008 01:05 AM][--a------] C:\WINDOWS\tasks\McDefragTask.job
[04/01/2008 01:00 AM][--a------] C:\WINDOWS\tasks\McQcTask.job
[11/03/2008 03:14 PM][--ah-----] C:\WINDOWS\tasks\SA.DAT
[08/23/2001 07:00 AM][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[06/19/2007|11:09] C:\Program Files\<DIR> Adobe
[02/08/2007|03:06] C:\Program Files\<DIR> Ahead
[10/24/2008|12:06] C:\Program Files\<DIR> Apple Software Update
[07/14/2007|08:17] C:\Program Files\<DIR> ASIO4ALL v2
[05/11/2007|04:32] C:\Program Files\<DIR> BroadJump
[05/14/2004|11:50] C:\Program Files\<DIR> Broderbund
[02/26/2005|10:25] C:\Program Files\<DIR> Browser Mouse
[02/08/2007|02:56] C:\Program Files\<DIR> Cliprex DVD Player Professional
[05/09/2008|12:51] C:\Program Files\<DIR> Common Files
[02/08/2005|08:54] C:\Program Files\<DIR> CyberLink
[09/29/2007|12:54] C:\Program Files\<DIR> DivineIslam
[12/11/2007|05:16] C:\Program Files\<DIR> DivX
[05/14/2004|11:42] C:\Program Files\<DIR> Executive Software
[02/21/2006|08:35] C:\Program Files\<DIR> fsupport
[12/13/2006|12:28] C:\Program Files\<DIR> Hewlett-Packard
[05/14/2004|11:21] C:\Program Files\<DIR> HighMAT CD Writing Wizard
[10/17/2007|06:15] C:\Program Files\<DIR> HP
[01/10/2007|03:05] C:\Program Files\<DIR> illiminable
[12/15/2007|11:49] C:\Program Files\<DIR> Image-Line
[11/17/2007|03:45] C:\Program Files\<DIR> InstallShield Installation Information
[10/15/2008|05:27] C:\Program Files\<DIR> Internet Explorer
[04/04/2008|03:26] C:\Program Files\<DIR> iPod
[04/04/2008|03:27] C:\Program Files\<DIR> iTunes
[01/26/2005|10:38] C:\Program Files\<DIR> Kodak
[11/03/2008|04:58] C:\Program Files\<DIR> Malwarebytes' Anti-Malware
[08/07/2007|06:15] C:\Program Files\<DIR> MARS
[10/10/2008|04:01] C:\Program Files\<DIR> McAfee
[05/12/2007|11:17] C:\Program Files\<DIR> McAfee.com
[10/10/2008|05:19] C:\Program Files\<DIR> Messenger
[02/26/2005|10:25] C:\Program Files\<DIR> Microsoft ActiveSync
[05/11/2007|05:04] C:\Program Files\<DIR> Microsoft CAPICOM 2.1.0.2
[05/14/2004|02:36] C:\Program Files\<DIR> microsoft frontpage
[11/17/2007|04:01] C:\Program Files\<DIR> Microsoft Office
[05/14/2004|12:54] C:\Program Files\<DIR> Microsoft Visual Studio
[11/17/2007|04:01] C:\Program Files\<DIR> Microsoft Works
[05/14/2004|12:53] C:\Program Files\<DIR> Microsoft.NET
[01/26/2005|10:57] C:\Program Files\<DIR> Movie Maker
[11/04/2008|07:27] C:\Program Files\<DIR> Mozilla Firefox
[02/26/2005|10:25] C:\Program Files\<DIR> MSN
[11/02/2005|07:34] C:\Program Files\<DIR> MSN Apps
[05/14/2004|02:30] C:\Program Files\<DIR> MSN Gaming Zone
[04/27/2007|04:38] C:\Program Files\<DIR> MSN Messenger
[02/07/2005|10:58] C:\Program Files\<DIR> Muiltmedia keyboard utility
[11/03/2008|01:29] C:\Program Files\<DIR> Navilog1
[01/29/2007|03:56] C:\Program Files\<DIR> NetMeeting
[05/11/2007|04:52] C:\Program Files\<DIR> Norton SystemWorks
[02/26/2005|10:25] C:\Program Files\<DIR> OfficeUpdate11
[05/14/2004|02:34] C:\Program Files\<DIR> Online Services
[06/15/2007|11:53] C:\Program Files\<DIR> Outlook Express
[10/29/2005|03:50] C:\Program Files\<DIR> PeerCast
[01/14/2005|03:23] C:\Program Files\<DIR> Pure Networks
[04/04/2008|03:14] C:\Program Files\<DIR> QuickTime
[11/29/2007|02:36] C:\Program Files\<DIR> Real
[03/26/2008|11:31] C:\Program Files\<DIR> Safari
[03/20/2007|02:01] C:\Program Files\<DIR> SBC Self Support Tool
[05/21/2007|02:19] C:\Program Files\<DIR> Support.com
[10/10/2008|12:13] C:\Program Files\<DIR> Trend Micro
[02/13/2005|04:53] C:\Program Files\<DIR> Visual Networks
[10/25/2008|12:34] C:\Program Files\<DIR> VoipStunt.com
[07/16/2007|11:02] C:\Program Files\<DIR> VstPlugins
[05/14/2004|11:27] C:\Program Files\<DIR> Windows Journal Viewer
[01/11/2007|06:54] C:\Program Files\<DIR> Windows Media Connect
[11/13/2007|05:38] C:\Program Files\<DIR> Windows Media Connect 2
[11/19/2007|11:57] C:\Program Files\<DIR> Windows Media Player
[01/26/2005|10:44] C:\Program Files\<DIR> Windows NT
[06/19/2007|11:18] C:\Program Files\<DIR> WindowsUpdate
[11/03/2008|03:10] C:\Program Files\<DIR> WinRAR
[04/26/2007|02:51] C:\Program Files\<DIR> WriteExpress
[05/14/2004|02:36] C:\Program Files\<DIR> xerox
--------------------\\ Listing des dossiers dans C:\Program Files\Common Files
[06/19/2007|11:08] C:\Program Files\Common Files\<DIR> Adobe
[02/08/2007|03:05] C:\Program Files\Common Files\<DIR> Ahead
[02/18/2008|02:33] C:\Program Files\Common Files\<DIR> Apple
[05/14/2004|12:54] C:\Program Files\Common Files\<DIR> DESIGNER
[12/13/2006|12:22] C:\Program Files\Common Files\<DIR> Hewlett-Packard
[01/12/2007|02:06] C:\Program Files\Common Files\<DIR> HP
[04/26/2007|02:48] C:\Program Files\Common Files\<DIR> InstallShield
[01/26/2005|10:37] C:\Program Files\Common Files\<DIR> Kodak
[05/14/2004|12:57] C:\Program Files\Common Files\<DIR> L&H
[12/12/2006|01:19] C:\Program Files\Common Files\<DIR> Logitech
[10/10/2008|02:03] C:\Program Files\Common Files\<DIR> McAfee
[03/06/2008|11:37] C:\Program Files\Common Files\<DIR> Microsoft Shared
[03/20/2007|02:01] C:\Program Files\Common Files\<DIR> Motive
[05/14/2004|02:32] C:\Program Files\Common Files\<DIR> MSSoap
[10/31/2005|06:18] C:\Program Files\Common Files\<DIR> ODBC
[05/09/2008|12:46] C:\Program Files\Common Files\<DIR> Real
[05/11/2007|04:28] C:\Program Files\Common Files\<DIR> Scanner
[05/14/2004|02:32] C:\Program Files\Common Files\<DIR> Services
[12/31/2000|08:12] C:\Program Files\Common Files\<DIR> SpeechEngines
[02/21/2006|08:38] C:\Program Files\Common Files\<DIR> SWF Studio
[05/11/2007|08:42] C:\Program Files\Common Files\<DIR> Symantec Shared
[06/15/2007|11:53] C:\Program Files\Common Files\<DIR> System
[05/09/2008|12:51] C:\Program Files\Common Files\<DIR> xing shared
--------------------\\ Process
( 56 Processes )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-05 12:44:42
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 4
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:56][D:5]-> C:\DOCUME~1\Owner\LOCALS~1\Temp
[F:47][D:0]-> C:\DOCUME~1\Owner\Cookies
[F:532][D:45]-> C:\DOCUME~1\Owner\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - Wed 11/05/2008|12:51 - Option : [1]
--------------------\\ Fin du rapport a 12:51:13
geoffrey5
Messages postés
13732
Date d'inscription
dimanche 20 mai 2007
Statut
Contributeur sécurité
Dernière intervention
21 mai 2010
10
5 nov. 2008 à 17:58
5 nov. 2008 à 17:58
Salut !!
rien dans le rapport de lopSD...
Option 1 - Recherche :
▶ télécharge smitfraudfix et enregistre le sur le bureau
▶ Ensuite double clique sur smitfraudfix puis exécuter
▶ Sélectionner 1 pour créer un rapport des fichiers responsables de l'infection.
(attention : N utilises pas l option 2 si je ne te l ai pas demandé !!)
▶ copier/coller le rapport dans la réponse.
Voici un tutoriel sonore et animé en cas de problème d'utilisation
(Attention : "process.exe", un composant de l'outil, est détecté par certains antivirus comme étant un "RiskTool".
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus. Mis entre de mauvaises mains,
cet utilitaire pourrait arrêter des logiciels de sécurité.)
rien dans le rapport de lopSD...
Option 1 - Recherche :
▶ télécharge smitfraudfix et enregistre le sur le bureau
▶ Ensuite double clique sur smitfraudfix puis exécuter
▶ Sélectionner 1 pour créer un rapport des fichiers responsables de l'infection.
(attention : N utilises pas l option 2 si je ne te l ai pas demandé !!)
▶ copier/coller le rapport dans la réponse.
Voici un tutoriel sonore et animé en cas de problème d'utilisation
(Attention : "process.exe", un composant de l'outil, est détecté par certains antivirus comme étant un "RiskTool".
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus. Mis entre de mauvaises mains,
cet utilitaire pourrait arrêter des logiciels de sécurité.)
grandtoure
Messages postés
141
Date d'inscription
jeudi 6 mars 2008
Statut
Membre
Dernière intervention
2 juillet 2013
5 nov. 2008 à 18:27
5 nov. 2008 à 18:27
SmitFraudFix v2.371
Scan done at 13:12:37.82, Wed 11/05/2008
Run from C:\Program Files\Mozilla Firefox\SmitfraudFix
OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT
The filesystem type is NTFS
Fix run in normal mode
»»»»»»»»»»»»»»»»»»»»»»»» Process
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Executive Software\Diskeeper\DkService.exe
C:\WINDOWS\System32\inetsrv\inetinfo.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\program files\common files\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\WINDOWS\Explorer.EXE
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\WINDOWS\system32\ScsiAccess.EXE
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\mqsvc.exe
C:\WINDOWS\System32\mqtgsvc.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\Browser Mouse\mouse32a.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\system32\WgaTray.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe
C:\Program Files\Muiltmedia keyboard utility\1.1\KbdAp32A.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\VoipStunt.com\VoipStunt\VoipStunt.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\iPod\bin\iPodService.exe
c:\PROGRA~1\mcafee\msc\mcuimgr.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Support.com\bin\tgcmd.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\cmd.exe
»»»»»»»»»»»»»»»»»»»»»»»» hosts
»»»»»»»»»»»»»»»»»»»»»»»» C:\
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles
»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Owner
»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\Owner\LOCALS~1\Temp
»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Owner\Application Data
»»»»»»»»»»»»»»»»»»»»»»»» Start Menu
»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\Owner\FAVORI~1
»»»»»»»»»»»»»»»»»»»»»»»» Desktop
»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files
»»»»»»»»»»»»»»»»»»»»»»»» Corrupted keys
»»»»»»»»»»»»»»»»»»»»»»»» Desktop Components
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="My Current Home Page"
»»»»»»»»»»»»»»»»»»»»»»»» o4Patch
!!!Attention, following keys are not inevitably infected!!!
o4Patch
Credits: Malware Analysis & Diagnostic
Code: S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» IEDFix
!!!Attention, following keys are not inevitably infected!!!
IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» VACFix
!!!Attention, following keys are not inevitably infected!!!
VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» 404Fix
!!!Attention, following keys are not inevitably infected!!!
404Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» AntiXPVSTFix
!!!Attention, following keys are not inevitably infected!!!
AntiXPVSTFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, following keys are not inevitably infected!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, following keys are not inevitably infected!!!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""
»»»»»»»»»»»»»»»»»»»»»»»» Winlogon
!!!Attention, following keys are not inevitably infected!!!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Userinit"="C:\\WINDOWS\\system32\\userinit.exe,"
"System"=""
»»»»»»»»»»»»»»»»»»»»»»»» RK
»»»»»»»»»»»»»»»»»»»»»»»» DNS
Description: ADMtek AN983 based ethernet adapter - Packet Scheduler Miniport
DNS Server Search Order: 192.168.0.1
DNS Server Search Order: 192.168.0.1
HKLM\SYSTEM\CCS\Services\Tcpip\..\{719099A9-4C71-4995-8E27-3C6BDBF1F7E2}: DhcpNameServer=192.168.0.1 192.168.0.1
HKLM\SYSTEM\CS1\Services\Tcpip\..\{719099A9-4C71-4995-8E27-3C6BDBF1F7E2}: DhcpNameServer=192.168.0.1 192.168.0.1
HKLM\SYSTEM\CS2\Services\Tcpip\..\{719099A9-4C71-4995-8E27-3C6BDBF1F7E2}: DhcpNameServer=192.168.0.1 192.168.0.1
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.0.1 192.168.0.1
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.0.1 192.168.0.1
HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=192.168.0.1 192.168.0.1
»»»»»»»»»»»»»»»»»»»»»»»» Scanning for wininet.dll infection
»»»»»»»»»»»»»»»»»»»»»»»» End
Scan done at 13:12:37.82, Wed 11/05/2008
Run from C:\Program Files\Mozilla Firefox\SmitfraudFix
OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT
The filesystem type is NTFS
Fix run in normal mode
»»»»»»»»»»»»»»»»»»»»»»»» Process
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Executive Software\Diskeeper\DkService.exe
C:\WINDOWS\System32\inetsrv\inetinfo.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\program files\common files\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\WINDOWS\Explorer.EXE
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\WINDOWS\system32\ScsiAccess.EXE
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\mqsvc.exe
C:\WINDOWS\System32\mqtgsvc.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\Browser Mouse\mouse32a.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\system32\WgaTray.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe
C:\Program Files\Muiltmedia keyboard utility\1.1\KbdAp32A.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\VoipStunt.com\VoipStunt\VoipStunt.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\iPod\bin\iPodService.exe
c:\PROGRA~1\mcafee\msc\mcuimgr.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Support.com\bin\tgcmd.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\cmd.exe
»»»»»»»»»»»»»»»»»»»»»»»» hosts
»»»»»»»»»»»»»»»»»»»»»»»» C:\
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles
»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Owner
»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\Owner\LOCALS~1\Temp
»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Owner\Application Data
»»»»»»»»»»»»»»»»»»»»»»»» Start Menu
»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\Owner\FAVORI~1
»»»»»»»»»»»»»»»»»»»»»»»» Desktop
»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files
»»»»»»»»»»»»»»»»»»»»»»»» Corrupted keys
»»»»»»»»»»»»»»»»»»»»»»»» Desktop Components
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="My Current Home Page"
»»»»»»»»»»»»»»»»»»»»»»»» o4Patch
!!!Attention, following keys are not inevitably infected!!!
o4Patch
Credits: Malware Analysis & Diagnostic
Code: S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» IEDFix
!!!Attention, following keys are not inevitably infected!!!
IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» VACFix
!!!Attention, following keys are not inevitably infected!!!
VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» 404Fix
!!!Attention, following keys are not inevitably infected!!!
404Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» AntiXPVSTFix
!!!Attention, following keys are not inevitably infected!!!
AntiXPVSTFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, following keys are not inevitably infected!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, following keys are not inevitably infected!!!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""
»»»»»»»»»»»»»»»»»»»»»»»» Winlogon
!!!Attention, following keys are not inevitably infected!!!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Userinit"="C:\\WINDOWS\\system32\\userinit.exe,"
"System"=""
»»»»»»»»»»»»»»»»»»»»»»»» RK
»»»»»»»»»»»»»»»»»»»»»»»» DNS
Description: ADMtek AN983 based ethernet adapter - Packet Scheduler Miniport
DNS Server Search Order: 192.168.0.1
DNS Server Search Order: 192.168.0.1
HKLM\SYSTEM\CCS\Services\Tcpip\..\{719099A9-4C71-4995-8E27-3C6BDBF1F7E2}: DhcpNameServer=192.168.0.1 192.168.0.1
HKLM\SYSTEM\CS1\Services\Tcpip\..\{719099A9-4C71-4995-8E27-3C6BDBF1F7E2}: DhcpNameServer=192.168.0.1 192.168.0.1
HKLM\SYSTEM\CS2\Services\Tcpip\..\{719099A9-4C71-4995-8E27-3C6BDBF1F7E2}: DhcpNameServer=192.168.0.1 192.168.0.1
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.0.1 192.168.0.1
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.0.1 192.168.0.1
HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=192.168.0.1 192.168.0.1
»»»»»»»»»»»»»»»»»»»»»»»» Scanning for wininet.dll infection
»»»»»»»»»»»»»»»»»»»»»»»» End
grandtoure
Messages postés
141
Date d'inscription
jeudi 6 mars 2008
Statut
Membre
Dernière intervention
2 juillet 2013
6 nov. 2008 à 20:41
6 nov. 2008 à 20:41
etes vous toujours la?
geoffrey5
Messages postés
13732
Date d'inscription
dimanche 20 mai 2007
Statut
Contributeur sécurité
Dernière intervention
21 mai 2010
10
6 nov. 2008 à 21:50
6 nov. 2008 à 21:50
Salut !!
▶ Télécharge a-squared free 3.5
▶ Voici un tutoriel pour bien l utiliser.
▶ fais la mise à jour et une analyse complète.
▶ poste le rapport stp
▶ Télécharge a-squared free 3.5
▶ Voici un tutoriel pour bien l utiliser.
▶ fais la mise à jour et une analyse complète.
▶ poste le rapport stp
grandtoure
Messages postés
141
Date d'inscription
jeudi 6 mars 2008
Statut
Membre
Dernière intervention
2 juillet 2013
7 nov. 2008 à 22:23
7 nov. 2008 à 22:23
a-squared Free - Version 3.5
Last update: 11/6/2008 7:55:52 PM
Scan settings:
Objects: Memory, Traces, Cookies, C:\
Scan archives: On
Heuristics: On
ADS Scan: On
Scan start: 11/7/2008 1:09:08 PM
c:\program files\cliprex dvd player professional detected: Trace.Directory.Cliprex DVD Player Professional!A2
c:\program files\partygaming detected: Trace.Directory.PartyPoker!A2
c:\program files\partygaming\partycasino detected: Trace.Directory.PartyPoker!A2
c:\program files\partygaming\partycasino\language detected: Trace.Directory.PartyPoker!A2
c:\program files\partygaming\partycasino\language\en_us detected: Trace.Directory.PartyPoker!A2
c:\program files\partygaming\partycasino\language\en_us\images detected: Trace.Directory.PartyPoker!A2
c:\program files\partygaming\partycasino\language\en_us\images\games detected: Trace.Directory.PartyPoker!A2
c:\program files\partygaming\partycasino\language\en_us\images\games\cardgames detected: Trace.Directory.PartyPoker!A2
c:\program files\partygaming\partycasino\language\en_us\images\games\cardgames\blackjack detected: Trace.Directory.PartyPoker!A2
c:\program files\partygaming\partycasino\language\en_us\images\games\cardgames\blackjack\blackjack detected: Trace.Directory.PartyPoker!A2
c:\program files\partygaming\partycasino\language\en_us\images\games\cardgames\multiplayerbj detected: Trace.Directory.PartyPoker!A2
c:\program files\partygaming\partycasino\language\en_us\images\games\cardgames\multiplayerbj\multiplayerblackjack detected: Trace.Directory.PartyPoker!A2
c:\program files\partygaming\partypoker detected: Trace.Directory.PartyPoker!A2
c:\program files\partygaming\partypoker\language detected: Trace.Directory.PartyPoker!A2
c:\program files\partygaming\partypoker\language\en_us detected: Trace.Directory.PartyPoker!A2
c:\program files\partygaming\partypoker\language\en_us\articles detected: Trace.Directory.PartyPoker!A2
c:\poker\titan poker detected: Trace.Directory.Titan Poker!A2
c:\poker\titan poker\data detected: Trace.Directory.Titan Poker!A2
c:\poker\titan poker\data\blackjack detected: Trace.Directory.Titan Poker!A2
c:\poker\titan poker\data\lobby detected: Trace.Directory.Titan Poker!A2
c:\poker\titan poker\data\lobby\buttons detected: Trace.Directory.Titan Poker!A2
c:\poker\titan poker\data\lobby\dialogs detected: Trace.Directory.Titan Poker!A2
c:\poker\titan poker\data\lobby\login detected: Trace.Directory.Titan Poker!A2
c:\poker\titan poker\data\lobby\sidegames detected: Trace.Directory.Titan Poker!A2
c:\poker\titan poker\data\lobby\tables detected: Trace.Directory.Titan Poker!A2
c:\poker\titan poker\data\lobby\waitinglist detected: Trace.Directory.Titan Poker!A2
c:\poker\titan poker\data\shared detected: Trace.Directory.Titan Poker!A2
c:\poker\titan poker\data\shared\buttons detected: Trace.Directory.Titan Poker!A2
c:\poker\titan poker\data\shared\history detected: Trace.Directory.Titan Poker!A2
c:\poker\titan poker\data\shared\history\cards detected: Trace.Directory.Titan Poker!A2
c:\poker\titan poker\data\shared\html detected: Trace.Directory.Titan Poker!A2
c:\poker\titan poker\data\shared\html\chat detected: Trace.Directory.Titan Poker!A2
c:\poker\titan poker\data\shared\html\chat\emoticons detected: Trace.Directory.Titan Poker!A2
c:\poker\titan poker\data\shared\sounds detected: Trace.Directory.Titan Poker!A2
c:\poker\titan poker\data\shared\sounds\playersounds detected: Trace.Directory.Titan Poker!A2
c:\poker\titan poker\data\shared\sounds\playersounds\baseballer detected: Trace.Directory.Titan Poker!A2
c:\poker\titan poker\data\shared\sounds\playersounds\blackdude detected: Trace.Directory.Titan Poker!A2
c:\poker\titan poker\data\shared\sounds\playersounds\bond detected: Trace.Directory.Titan Poker!A2
c:\poker\titan poker\data\shared\sounds\playersounds\cowboy detected: Trace.Directory.Titan Poker!A2
c:\poker\titan poker\data\shared\sounds\playersounds\frenchgirl detected: Trace.Directory.Titan Poker!A2
c:\poker\titan poker\data\shared\sounds\playersounds\frenchman detected: Trace.Directory.Titan Poker!A2
c:\poker\titan poker\data\shared\sounds\playersounds\mafiaguy detected: Trace.Directory.Titan Poker!A2
c:\poker\titan poker\data\shared\sounds\playersounds\olderbusinesswoman detected: Trace.Directory.Titan Poker!A2
c:\poker\titan poker\data\shared\sounds\playersounds\oldtourist detected: Trace.Directory.Titan Poker!A2
c:\poker\titan poker\data\shared\sounds\playersounds\valleygirl detected: Trace.Directory.Titan Poker!A2
c:\poker\titan poker\data\table detected: Trace.Directory.Titan Poker!A2
c:\poker\titan poker\data\table\smallview detected: Trace.Directory.Titan Poker!A2
c:\poker\titan poker\data\table\smallview\chat detected: Trace.Directory.Titan Poker!A2
c:\poker\titan poker\data\table\topview detected: Trace.Directory.Titan Poker!A2
c:\poker\titan poker\data\table\topview\anim detected: Trace.Directory.Titan Poker!A2
c:\poker\titan poker\data\table\topview\avatars detected: Trace.Directory.Titan Poker!A2
c:\poker\titan poker\data\table\topview\buttons detected: Trace.Directory.Titan Poker!A2
c:\poker\titan poker\data\table\topview\cards detected: Trace.Directory.Titan Poker!A2
c:\poker\titan poker\data\table\topview\chat detected: Trace.Directory.Titan Poker!A2
c:\poker\titan poker\data\table\topview\chat\chat_bottom detected: Trace.Directory.Titan Poker!A2
c:\poker\titan poker\data\table\topview\chat\chat_side detected: Trace.Directory.Titan Poker!A2
c:\poker\titan poker\data\table\topview\coins detected: Trace.Directory.Titan Poker!A2
c:\poker\titan poker\data\table\topview\dialogs detected: Trace.Directory.Titan Poker!A2
c:\poker\titan poker\data\table\topview\history detected: Trace.Directory.Titan Poker!A2
c:\documents and settings\all users\start menu\programs\titan poker detected: Trace.Directory.Titan Poker!A2
c:\documents and settings\owner\application data\microsoft\internet explorer\quick launch\titan poker.lnk detected: Trace.File.Titan Poker!A2
c:\poker\titan poker\_setuppoker.exe detected: Trace.File.Titan Poker!A2
c:\poker\titan poker\cactivex.dll detected: Trace.File.Titan Poker!A2
c:\poker\titan poker\casino.exe detected: Trace.File.Titan Poker!A2
c:\poker\titan poker\casino.hlp detected: Trace.File.Titan Poker!A2
c:\poker\titan poker\casino.ico detected: Trace.File.Titan Poker!A2
c:\poker\titan poker\data\blackjack.dll detected: Trace.File.Titan Poker!A2
c:\poker\titan poker\data\blackjack.gam detected: Trace.File.Titan Poker!A2
c:\poker\titan poker\data\cashier.dll detected: Trace.File.Titan Poker!A2
c:\poker\titan poker\data\cashier.gam detected: Trace.File.Titan Poker!A2
c:\poker\titan poker\data\common.dll detected: Trace.File.Titan Poker!A2
c:\poker\titan poker\data\common.gam detected: Trace.File.Titan Poker!A2
c:\poker\titan poker\data\loader.dll detected: Trace.File.Titan Poker!A2
c:\poker\titan poker\data\loader.gam detected: Trace.File.Titan Poker!A2
c:\poker\titan poker\data\poker_common.dll detected: Trace.File.Titan Poker!A2
c:\poker\titan poker\data\poker_common.gam detected: Trace.File.Titan Poker!A2
c:\poker\titan poker\data\poker_lobby.dll detected: Trace.File.Titan Poker!A2
c:\poker\titan poker\data\poker_lobby.gam detected: Trace.File.Titan Poker!A2
c:\poker\titan poker\data\poker_table.dll detected: Trace.File.Titan Poker!A2
c:\poker\titan poker\data\shared\bubble_lobby.jpg detected: Trace.File.Titan Poker!A2
c:\poker\titan poker\data\shared\bubble_lobby-alpha.jpg detected: Trace.File.Titan Poker!A2
c:\poker\titan poker\data\shared\html\cashier_offline.css detected: Trace.File.Titan Poker!A2
c:\poker\titan poker\data\shared\html\cashier_offline.js detected: Trace.File.Titan Poker!A2
c:\poker\titan poker\data\shared\html\cashier_offline_functions.js detected: Trace.File.Titan Poker!A2
c:\poker\titan poker\data\shared\html\cashier_offline_poker.html detected: Trace.File.Titan Poker!A2
c:\poker\titan poker\data\shared\html\chat\chat.html detected: Trace.File.Titan Poker!A2
c:\poker\titan poker\data\shared\html\chat\colors.html detected: Trace.File.Titan Poker!A2
c:\poker\titan poker\data\shared\html\chat\edit.html detected: Trace.File.Titan Poker!A2
c:\poker\titan poker\data\shared\html\chat\emoticons.html detected: Trace.File.Titan Poker!A2
c:\poker\titan poker\data\table\smallview\chat\chat.html detected: Trace.File.Titan Poker!A2
c:\poker\titan poker\data\table\topview\cards\card.lwo detected: Trace.File.Titan Poker!A2
c:\poker\titan poker\data\table\topview\chat\chat.html detected: Trace.File.Titan Poker!A2
c:\poker\titan poker\data\table\topview\chat\chat_options_back.jpg detected: Trace.File.Titan Poker!A2
c:\poker\titan poker\data\table\topview\chat\send.jpg detected: Trace.File.Titan Poker!A2
c:\poker\titan poker\data\table\topview\coins\coins.bmp detected: Trace.File.Titan Poker!A2
c:\poker\titan poker\data\table\topview\coins\coins-alpha.bmp detected: Trace.File.Titan Poker!A2
c:\poker\titan poker\data\table\topview\coins\dealer.jpg detected: Trace.File.Titan Poker!A2
c:\poker\titan poker\data\table\topview\coins\dealer-alpha.jpg detected: Trace.File.Titan Poker!A2
c:\poker\titan poker\data\topview.gam detected: Trace.File.Titan Poker!A2
c:\poker\titan poker\directsounddriver.dll detected: Trace.File.Titan Poker!A2
c:\poker\titan poker\fileinfo.dat detected: Trace.File.Titan Poker!A2
c:\poker\titan poker\fileinfo2.dat detected: Trace.File.Titan Poker!A2
c:\poker\titan poker\fileinfo2r.dat detected: Trace.File.Titan Poker!A2
c:\poker\titan poker\gdigraphdriver.dll detected: Trace.File.Titan Poker!A2
c:\poker\titan poker\ptsetup.lang detected: Trace.File.Titan Poker!A2
c:\poker\titan poker\ptsetup.log detected: Trace.File.Titan Poker!A2
c:\poker\titan poker\replace.exe detected: Trace.File.Titan Poker!A2
c:\documents and settings\all users\start menu\programs\titan poker\titan poker.lnk detected: Trace.File.Titan Poker!A2
c:\documents and settings\all users\start menu\programs\titan poker\uninstall titan poker.lnk detected: Trace.File.Titan Poker!A2
Value: HKEY_USERS\S-1-5-21-1547161642-839522115-1957994488-1003\Software\PartyGaming\PartyPoker --> 1 detected: Trace.Registry.PartyPoker!A2
Value: HKEY_USERS\S-1-5-21-1547161642-839522115-1957994488-1003\Software\PartyGaming\PartyPoker --> 10 detected: Trace.Registry.PartyPoker!A2
Value: HKEY_USERS\S-1-5-21-1547161642-839522115-1957994488-1003\Software\PartyGaming\PartyPoker --> 2 detected: Trace.Registry.PartyPoker!A2
Value: HKEY_USERS\S-1-5-21-1547161642-839522115-1957994488-1003\Software\PartyGaming\PartyPoker --> 4 detected: Trace.Registry.PartyPoker!A2
Value: HKEY_USERS\S-1-5-21-1547161642-839522115-1957994488-1003\Software\PartyGaming\PartyPoker --> 5 detected: Trace.Registry.PartyPoker!A2
Value: HKEY_USERS\S-1-5-21-1547161642-839522115-1957994488-1003\Software\PartyGaming\PartyPoker --> 6 detected: Trace.Registry.PartyPoker!A2
Value: HKEY_USERS\S-1-5-21-1547161642-839522115-1957994488-1003\Software\PartyGaming\PartyPoker --> 7 detected: Trace.Registry.PartyPoker!A2
Value: HKEY_USERS\S-1-5-21-1547161642-839522115-1957994488-1003\Software\PartyGaming\PartyPoker --> 9 detected: Trace.Registry.PartyPoker!A2
Value: HKEY_USERS\S-1-5-21-1547161642-839522115-1957994488-1003\Software\PartyGaming\PartyPoker --> AdsLastKnownState detected: Trace.Registry.PartyPoker!A2
Value: HKEY_USERS\S-1-5-21-1547161642-839522115-1957994488-1003\Software\PartyGaming\PartyPoker --> AppPath detected: Trace.Registry.PartyPoker!A2
Value: HKEY_USERS\S-1-5-21-1547161642-839522115-1957994488-1003\Software\PartyGaming\PartyPoker --> id detected: Trace.Registry.PartyPoker!A2
Value: HKEY_USERS\S-1-5-21-1547161642-839522115-1957994488-1003\Software\PartyGaming\PartyPoker --> InitialPort detected: Trace.Registry.PartyPoker!A2
Value: HKEY_USERS\S-1-5-21-1547161642-839522115-1957994488-1003\Software\PartyGaming\PartyPoker --> InstallState detected: Trace.Registry.PartyPoker!A2
Value: HKEY_USERS\S-1-5-21-1547161642-839522115-1957994488-1003\Software\PartyGaming\PartyPoker --> SL detected: Trace.Registry.PartyPoker!A2
Value: HKEY_USERS\S-1-5-21-1547161642-839522115-1957994488-1003\Software\PartyGaming\PartyPoker --> TableType detected: Trace.Registry.PartyPoker!A2
Value: HKEY_USERS\S-1-5-21-1547161642-839522115-1957994488-1003\Software\PartyGaming\PartyPoker --> useCount detected: Trace.Registry.PartyPoker!A2
Value: HKEY_USERS\S-1-5-21-1547161642-839522115-1957994488-1003\Software\PartyGaming --> AutoLoginToOtherGames detected: Trace.Registry.PartyPoker!A2
Value: HKEY_USERS\S-1-5-21-1547161642-839522115-1957994488-1003\Software\PartyGaming --> CFDialogShown detected: Trace.Registry.PartyPoker!A2
Value: HKEY_USERS\S-1-5-21-1547161642-839522115-1957994488-1003\Software\PartyGaming --> FreshInstall detected: Trace.Registry.PartyPoker!A2
Value: HKEY_USERS\S-1-5-21-1547161642-839522115-1957994488-1003\Software\PartyGaming --> OldCFformat detected: Trace.Registry.PartyPoker!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} --> ButtonText detected: Trace.Registry.PartyPoker!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} --> CLSID detected: Trace.Registry.PartyPoker!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} --> Default Visible detected: Trace.Registry.PartyPoker!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} --> Exec detected: Trace.Registry.PartyPoker!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} --> HotIcon detected: Trace.Registry.PartyPoker!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} --> Icon detected: Trace.Registry.PartyPoker!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} --> MenuStatusBar detected: Trace.Registry.PartyPoker!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} --> MenuText detected: Trace.Registry.PartyPoker!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} --> Path detected: Trace.Registry.PartyPoker!A2
Key: HKEY_LOCAL_MACHINE\software\system soap detected: Trace.Registry.SystemSoapPro
Value: HKEY_USERS\S-1-5-21-1547161642-839522115-1957994488-1003\Software\Titan Poker --> global_login_hint detected: Trace.Registry.Titan Poker!A2
Value: HKEY_USERS\S-1-5-21-1547161642-839522115-1957994488-1003\Software\Titan Poker --> options_dealervoices detected: Trace.Registry.Titan Poker!A2
Value: HKEY_USERS\S-1-5-21-1547161642-839522115-1957994488-1003\Software\Titan Poker --> options_music detected: Trace.Registry.Titan Poker!A2
Value: HKEY_USERS\S-1-5-21-1547161642-839522115-1957994488-1003\Software\Titan Poker --> options_poker_avatar_num detected: Trace.Registry.Titan Poker!A2
Value: HKEY_USERS\S-1-5-21-1547161642-839522115-1957994488-1003\Software\Titan Poker --> options_poker_filter_empty detected: Trace.Registry.Titan Poker!A2
Value: HKEY_USERS\S-1-5-21-1547161642-839522115-1957994488-1003\Software\Titan Poker --> options_poker_filter_finished detected: Trace.Registry.Titan Poker!A2
Value: HKEY_USERS\S-1-5-21-1547161642-839522115-1957994488-1003\Software\Titan Poker --> options_poker_filter_full detected: Trace.Registry.Titan Poker!A2
Value: HKEY_USERS\S-1-5-21-1547161642-839522115-1957994488-1003\Software\Titan Poker --> options_poker_filter_inprogress detected: Trace.Registry.Titan Poker!A2
Value: HKEY_USERS\S-1-5-21-1547161642-839522115-1957994488-1003\Software\Titan Poker --> options_poker_showsidegames detected: Trace.Registry.Titan Poker!A2
Value: HKEY_USERS\S-1-5-21-1547161642-839522115-1957994488-1003\Software\Titan Poker --> options_poker_smallview detected: Trace.Registry.Titan Poker!A2
Value: HKEY_USERS\S-1-5-21-1547161642-839522115-1957994488-1003\Software\Titan Poker --> options_sounds detected: Trace.Registry.Titan Poker!A2
Value: HKEY_USERS\S-1-5-21-1547161642-839522115-1957994488-1003\Software\Titan Poker --> options_xlslots detected: Trace.Registry.Titan Poker!A2
Value: HKEY_USERS\S-1-5-21-1547161642-839522115-1957994488-1003\Software\Titan Poker --> options-fullscreen detected: Trace.Registry.Titan Poker!A2
Value: HKEY_USERS\S-1-5-21-1547161642-839522115-1957994488-1003\Software\Titan Poker --> options-volume detected: Trace.Registry.Titan Poker!A2
Value: HKEY_USERS\S-1-5-21-1547161642-839522115-1957994488-1003\Software\Titan Poker --> poker_login_type detected: Trace.Registry.Titan Poker!A2
Value: HKEY_USERS\S-1-5-21-1547161642-839522115-1957994488-1003\Software\Titan Poker --> poker_nickname detected: Trace.Registry.Titan Poker!A2
Value: HKEY_USERS\S-1-5-21-1547161642-839522115-1957994488-1003\Software\Titan Poker --> ptdevm detected: Trace.Registry.Titan Poker!A2
Value: HKEY_USERS\S-1-5-21-1547161642-839522115-1957994488-1003\Software\Titan Poker --> tribeca_playernotes detected: Trace.Registry.Titan Poker!A2
Value: HKEY_USERS\S-1-5-21-1547161642-839522115-1957994488-1003\Software\Titan Poker --> username detected: Trace.Registry.Titan Poker!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{49783ED4-258D-4f9f-BE11-137C18D3E543} --> ButtonText detected: Trace.Registry.Titan Poker!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{49783ED4-258D-4f9f-BE11-137C18D3E543} --> CLSID detected: Trace.Registry.Titan Poker!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{49783ED4-258D-4f9f-BE11-137C18D3E543} --> Default Visible detected: Trace.Registry.Titan Poker!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{49783ED4-258D-4f9f-BE11-137C18D3E543} --> Exec detected: Trace.Registry.Titan Poker!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{49783ED4-258D-4f9f-BE11-137C18D3E543} --> HotIcon detected: Trace.Registry.Titan Poker!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{49783ED4-258D-4f9f-BE11-137C18D3E543} --> Icon detected: Trace.Registry.Titan Poker!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{49783ED4-258D-4f9f-BE11-137C18D3E543} --> MenuText detected: Trace.Registry.Titan Poker!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{49783ED4-258D-4f9f-BE11-137C18D3E543} --> ToolTip detected: Trace.Registry.Titan Poker!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Titan Poker --> DisplayName detected: Trace.Registry.Titan Poker!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Titan Poker --> UninstallString detected: Trace.Registry.Titan Poker!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Titan Poker --> account detected: Trace.Registry.Titan Poker!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Titan Poker --> advertisercode detected: Trace.Registry.Titan Poker!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Titan Poker --> banner detected: Trace.Registry.Titan Poker!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Titan Poker --> creferer detected: Trace.Registry.Titan Poker!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Titan Poker --> homedir detected: Trace.Registry.Titan Poker!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Titan Poker --> profile detected: Trace.Registry.Titan Poker!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Titan Poker --> referer detected: Trace.Registry.Titan Poker!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Titan Poker --> safemode detected: Trace.Registry.Titan Poker!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Titan Poker --> uninstall detected: Trace.Registry.Titan Poker!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Titan Poker --> uninstall_lang detected: Trace.Registry.Titan Poker!A2
c:\windows\downloaded program files\default.inf detected: Trace.File.iePlugin!A2
c:\program files\partygaming\partycasino\gra.ini detected: Trace.File.PartyPoker!A2
c:\program files\partygaming\partycasino\partycasino.dll detected: Trace.File.PartyPoker!A2
c:\program files\partygaming\partycasino\sys.ini detected: Trace.File.PartyPoker!A2
c:\program files\partygaming\partypoker\language\en_us\articles\2.html detected: Trace.File.PartyPoker!A2
c:\program files\partygaming\partypoker\language\en_us\articles\4.html detected: Trace.File.PartyPoker!A2
c:\program files\partygaming\partypoker\language\en_us\articles\54708.html detected: Trace.File.PartyPoker!A2
c:\program files\partygaming\partypoker\notes.txt detected: Trace.File.PartyPoker!A2
c:\program files\partygaming\partypoker\usertab.txt detected: Trace.File.PartyPoker!A2
Value: HKEY_USERS\S-1-5-21-1547161642-839522115-1957994488-1003\Software\Cliprex DVD Player Professional --> Volume detected: Trace.Registry.Cliprex DVD Player Professional!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\itbill --> Changed detected: Trace.Registry.MediaPipe!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\itbill --> SlowInfoCache detected: Trace.Registry.MediaPipe!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\p2pnetworks --> Changed detected: Trace.Registry.MediaPipe!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\p2pnetworks --> SlowInfoCache detected: Trace.Registry.MediaPipe!A2
Key: HKEY_CLASSES_ROOT\clsid\{147a976e-eee1-4377-8ea7-4716e4cdd239} detected: Trace.Registry.MyWebSearchToobar
C:\Documents and Settings\Owner\Cookies\owner@atdmt[2].txt detected: Trace.TrackingCookie.atdmt!A2
C:\Documents and Settings\Owner\Cookies\owner@bs.serving-sys[1].txt detected: Trace.TrackingCookie.bs.serving-sys!A2
C:\Documents and Settings\Owner\Cookies\owner@doubleclick[2].txt detected: Trace.TrackingCookie.doubleclick!A2
C:\Documents and Settings\Owner\Cookies\owner@questionmarket[1].txt detected: Trace.TrackingCookie.questionmarket!A2
C:\Documents and Settings\Owner\Cookies\owner@serving-sys[2].txt detected: Trace.TrackingCookie.serving-sys!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:71 detected: Trace.TrackingCookie.doubleclick.net!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:74 detected: Trace.TrackingCookie.doubleclick.net!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:75 detected: Trace.TrackingCookie.ad.yieldmanager.com!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:76 detected: Trace.TrackingCookie.ad.yieldmanager.com!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:77 detected: Trace.TrackingCookie.ad.yieldmanager.com!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:78 detected: Trace.TrackingCookie.ad.yieldmanager.com!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:79 detected: Trace.TrackingCookie.ad.yieldmanager.com!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:80 detected: Trace.TrackingCookie.ad.yieldmanager.com!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:81 detected: Trace.TrackingCookie.ad.yieldmanager.com!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:82 detected: Trace.TrackingCookie.ad.yieldmanager.com!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:84 detected: Trace.TrackingCookie.ad.yieldmanager.com!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:89 detected: Trace.TrackingCookie.zedo.com!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:90 detected: Trace.TrackingCookie.zedo.com!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:91 detected: Trace.TrackingCookie.zedo.com!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:92 detected: Trace.TrackingCookie.zedo.com!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:93 detected: Trace.TrackingCookie.zedo.com!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:94 detected: Trace.TrackingCookie.zedo.com!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:95 detected: Trace.TrackingCookie.zedo.com!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:133 detected: Trace.TrackingCookie.media!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:133 detected: Trace.TrackingCookie.media.adrevolver.com!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:134 detected: Trace.TrackingCookie.media!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:134 detected: Trace.TrackingCookie.media.adrevolver.com!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:135 detected: Trace.TrackingCookie.media!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:135 detected: Trace.TrackingCookie.media.adrevolver.com!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:136 detected: Trace.TrackingCookie.media!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:136 detected: Trace.TrackingCookie.media.adrevolver.com!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:155 detected: Trace.TrackingCookie.ads.bridgetrack.com!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:156 detected: Trace.TrackingCookie.ads.bridgetrack.com!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:157 detected: Trace.TrackingCookie.ads.bridgetrack.com!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:158 detected: Trace.TrackingCookie.ads.bridgetrack.com!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:159 detected: Trace.TrackingCookie.ads.bridgetrack.com!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:160 detected: Trace.TrackingCookie.ads.bridgetrack.com!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:161 detected: Trace.TrackingCookie.ads.bridgetrack.com!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:166 detected: Trace.TrackingCookie.server.iad.livepers!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:166 detected: Trace.TrackingCookie.server.iad.liveperson.net!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:167 detected: Trace.TrackingCookie.server.iad.livepers!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:167 detected: Trace.TrackingCookie.server.iad.liveperson.net!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:168 detected: Trace.TrackingCookie.server.iad.livepers!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:168 detected: Trace.TrackingCookie.server.iad.liveperson.net!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:172 detected: Trace.TrackingCookie.casalemedia.com!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:173 detected: Trace.TrackingCookie.casalemedia.com!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:174 detected: Trace.TrackingCookie.casalemedia.com!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:175 detected: Trace.TrackingCookie.casalemedia.com!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:210 detected: Trace.TrackingCookie.azjmp.com!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:211 detected: Trace.TrackingCookie.azjmp.com!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:212 detected: Trace.TrackingCookie.azjmp.com!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:213 detected: Trace.TrackingCookie.azjmp.com!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:216 detected: Trace.TrackingCookie.myspace.com!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:217 detected: Trace.TrackingCookie.myspace.com!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:218 detected: Trace.TrackingCookie.myspace.com!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:219 detected: Trace.TrackingCookie.myspace.com!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:220 detected: Trace.TrackingCookie.myspace.com!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:254 detected: Trace.TrackingCookie.www.googleadservices.com!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:319 detected: Trace.TrackingCookie.tribalfusion.com!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:351 detected: Trace.TrackingCookie.ads.monster.com!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:355 detected: Trace.TrackingCookie.server.iad.livepers!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:355 detected: Trace.TrackingCookie.server.iad.liveperson.net!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:476 detected: Trace.TrackingCookie.trafficmp.com!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:477 detected: Trace.TrackingCookie.trafficmp.com!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:478 detected: Trace.TrackingCookie.trafficmp.com!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:479 detected: Trace.TrackingCookie.trafficmp.com!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:480 detected: Trace.TrackingCookie.trafficmp.com!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:505 detected: Trace.TrackingCookie.tag.contextweb.com!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:506 detected: Trace.TrackingCookie.tag.contextweb.com!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:550 detected: Trace.TrackingCookie.statse.webtrendslive!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:550 detected: Trace.TrackingCookie.statse.webtrendslive.com!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:565 detected: Trace.TrackingCookie.sdc.radio-canada.ca!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:582 detected: Trace.TrackingCookie.www.burstbeacon.com!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:584 detected: Trace.TrackingCookie.www.burstnet.com!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:687 detected: Trace.TrackingCookie.www.googleadservices.com!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:739 detected: Trace.TrackingCookie.www.googleadservices.com!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:744 detected: Trace.TrackingCookie.visit.theglobeandmail.com!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:778 detected: Trace.TrackingCookie.adbrite.com!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:779 detected: Trace.TrackingCookie.adbrite.com!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:780 detected: Trace.TrackingCookie.adbrite.com!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:795 detected: Trace.TrackingCookie.www.googleadservices.com!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:845 detected: Trace.TrackingCookie.www.googleadservices.com!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:849 detected: Trace.TrackingCookie.www.googleadservices.com!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:865 detected: Trace.TrackingCookie.data.coremetrics!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:865 detected: Trace.TrackingCookie.data.coremetrics.com!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:866 detected: Trace.TrackingCookie.sec1.liveperson.net!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:867 detected: Trace.TrackingCookie.sec1.liveperson.net!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:915 detected: Trace.TrackingCookie.adknowledge!A2
C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\KSU\KSU.CAB/backWeb_7288971.exe detected: Adware.BackWeb.a!A2
C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\KSU\KSU.CAB/runner.exe detected: Adware.BackWeb.a!A2
C:\Program Files\Kodak\KODAK Software Updater\7288971\6.1.4.37-7288971L\Program\runner.exe detected: Adware.BackWeb.a!A2
C:\Program Files\Mozilla Firefox\SmitfraudFix\IEDFix.exe detected: Hoax.Win32.Renos.vaoz!A2
C:\Program Files\Mozilla Firefox\SmitfraudFix\Process.exe detected: Riskware.RiskTool.Win32.Processor.20!A2
C:\System Volume Information\_restore{3D04D4D0-9194-4DD1-8578-5EF7FA091078}\RP646\A0241756.exe detected: Riskware.RiskTool.Win32.Processor.20!A2
C:\WINDOWS\abiloader.exe detected: Adware.Win32.BetterInternet.t!A2
C:\WINDOWS\system32\IEDFix.exe detected: Hoax.Win32.Renos.vaoz!A2
C:\WINDOWS\system32\Process.exe detected: Riskware.RiskTool.Win32.Processor.20!A2
Scanned
Files: 83898
Traces: 573196
Cookies: 1062
Processes: 54
Found
Files: 9
Traces: 193
Cookies: 88
Processes: 0
Registry keys: 0
Scan end: 11/7/2008 5:20:20 PM
Scan time: 4:11:12
Last update: 11/6/2008 7:55:52 PM
Scan settings:
Objects: Memory, Traces, Cookies, C:\
Scan archives: On
Heuristics: On
ADS Scan: On
Scan start: 11/7/2008 1:09:08 PM
c:\program files\cliprex dvd player professional detected: Trace.Directory.Cliprex DVD Player Professional!A2
c:\program files\partygaming detected: Trace.Directory.PartyPoker!A2
c:\program files\partygaming\partycasino detected: Trace.Directory.PartyPoker!A2
c:\program files\partygaming\partycasino\language detected: Trace.Directory.PartyPoker!A2
c:\program files\partygaming\partycasino\language\en_us detected: Trace.Directory.PartyPoker!A2
c:\program files\partygaming\partycasino\language\en_us\images detected: Trace.Directory.PartyPoker!A2
c:\program files\partygaming\partycasino\language\en_us\images\games detected: Trace.Directory.PartyPoker!A2
c:\program files\partygaming\partycasino\language\en_us\images\games\cardgames detected: Trace.Directory.PartyPoker!A2
c:\program files\partygaming\partycasino\language\en_us\images\games\cardgames\blackjack detected: Trace.Directory.PartyPoker!A2
c:\program files\partygaming\partycasino\language\en_us\images\games\cardgames\blackjack\blackjack detected: Trace.Directory.PartyPoker!A2
c:\program files\partygaming\partycasino\language\en_us\images\games\cardgames\multiplayerbj detected: Trace.Directory.PartyPoker!A2
c:\program files\partygaming\partycasino\language\en_us\images\games\cardgames\multiplayerbj\multiplayerblackjack detected: Trace.Directory.PartyPoker!A2
c:\program files\partygaming\partypoker detected: Trace.Directory.PartyPoker!A2
c:\program files\partygaming\partypoker\language detected: Trace.Directory.PartyPoker!A2
c:\program files\partygaming\partypoker\language\en_us detected: Trace.Directory.PartyPoker!A2
c:\program files\partygaming\partypoker\language\en_us\articles detected: Trace.Directory.PartyPoker!A2
c:\poker\titan poker detected: Trace.Directory.Titan Poker!A2
c:\poker\titan poker\data detected: Trace.Directory.Titan Poker!A2
c:\poker\titan poker\data\blackjack detected: Trace.Directory.Titan Poker!A2
c:\poker\titan poker\data\lobby detected: Trace.Directory.Titan Poker!A2
c:\poker\titan poker\data\lobby\buttons detected: Trace.Directory.Titan Poker!A2
c:\poker\titan poker\data\lobby\dialogs detected: Trace.Directory.Titan Poker!A2
c:\poker\titan poker\data\lobby\login detected: Trace.Directory.Titan Poker!A2
c:\poker\titan poker\data\lobby\sidegames detected: Trace.Directory.Titan Poker!A2
c:\poker\titan poker\data\lobby\tables detected: Trace.Directory.Titan Poker!A2
c:\poker\titan poker\data\lobby\waitinglist detected: Trace.Directory.Titan Poker!A2
c:\poker\titan poker\data\shared detected: Trace.Directory.Titan Poker!A2
c:\poker\titan poker\data\shared\buttons detected: Trace.Directory.Titan Poker!A2
c:\poker\titan poker\data\shared\history detected: Trace.Directory.Titan Poker!A2
c:\poker\titan poker\data\shared\history\cards detected: Trace.Directory.Titan Poker!A2
c:\poker\titan poker\data\shared\html detected: Trace.Directory.Titan Poker!A2
c:\poker\titan poker\data\shared\html\chat detected: Trace.Directory.Titan Poker!A2
c:\poker\titan poker\data\shared\html\chat\emoticons detected: Trace.Directory.Titan Poker!A2
c:\poker\titan poker\data\shared\sounds detected: Trace.Directory.Titan Poker!A2
c:\poker\titan poker\data\shared\sounds\playersounds detected: Trace.Directory.Titan Poker!A2
c:\poker\titan poker\data\shared\sounds\playersounds\baseballer detected: Trace.Directory.Titan Poker!A2
c:\poker\titan poker\data\shared\sounds\playersounds\blackdude detected: Trace.Directory.Titan Poker!A2
c:\poker\titan poker\data\shared\sounds\playersounds\bond detected: Trace.Directory.Titan Poker!A2
c:\poker\titan poker\data\shared\sounds\playersounds\cowboy detected: Trace.Directory.Titan Poker!A2
c:\poker\titan poker\data\shared\sounds\playersounds\frenchgirl detected: Trace.Directory.Titan Poker!A2
c:\poker\titan poker\data\shared\sounds\playersounds\frenchman detected: Trace.Directory.Titan Poker!A2
c:\poker\titan poker\data\shared\sounds\playersounds\mafiaguy detected: Trace.Directory.Titan Poker!A2
c:\poker\titan poker\data\shared\sounds\playersounds\olderbusinesswoman detected: Trace.Directory.Titan Poker!A2
c:\poker\titan poker\data\shared\sounds\playersounds\oldtourist detected: Trace.Directory.Titan Poker!A2
c:\poker\titan poker\data\shared\sounds\playersounds\valleygirl detected: Trace.Directory.Titan Poker!A2
c:\poker\titan poker\data\table detected: Trace.Directory.Titan Poker!A2
c:\poker\titan poker\data\table\smallview detected: Trace.Directory.Titan Poker!A2
c:\poker\titan poker\data\table\smallview\chat detected: Trace.Directory.Titan Poker!A2
c:\poker\titan poker\data\table\topview detected: Trace.Directory.Titan Poker!A2
c:\poker\titan poker\data\table\topview\anim detected: Trace.Directory.Titan Poker!A2
c:\poker\titan poker\data\table\topview\avatars detected: Trace.Directory.Titan Poker!A2
c:\poker\titan poker\data\table\topview\buttons detected: Trace.Directory.Titan Poker!A2
c:\poker\titan poker\data\table\topview\cards detected: Trace.Directory.Titan Poker!A2
c:\poker\titan poker\data\table\topview\chat detected: Trace.Directory.Titan Poker!A2
c:\poker\titan poker\data\table\topview\chat\chat_bottom detected: Trace.Directory.Titan Poker!A2
c:\poker\titan poker\data\table\topview\chat\chat_side detected: Trace.Directory.Titan Poker!A2
c:\poker\titan poker\data\table\topview\coins detected: Trace.Directory.Titan Poker!A2
c:\poker\titan poker\data\table\topview\dialogs detected: Trace.Directory.Titan Poker!A2
c:\poker\titan poker\data\table\topview\history detected: Trace.Directory.Titan Poker!A2
c:\documents and settings\all users\start menu\programs\titan poker detected: Trace.Directory.Titan Poker!A2
c:\documents and settings\owner\application data\microsoft\internet explorer\quick launch\titan poker.lnk detected: Trace.File.Titan Poker!A2
c:\poker\titan poker\_setuppoker.exe detected: Trace.File.Titan Poker!A2
c:\poker\titan poker\cactivex.dll detected: Trace.File.Titan Poker!A2
c:\poker\titan poker\casino.exe detected: Trace.File.Titan Poker!A2
c:\poker\titan poker\casino.hlp detected: Trace.File.Titan Poker!A2
c:\poker\titan poker\casino.ico detected: Trace.File.Titan Poker!A2
c:\poker\titan poker\data\blackjack.dll detected: Trace.File.Titan Poker!A2
c:\poker\titan poker\data\blackjack.gam detected: Trace.File.Titan Poker!A2
c:\poker\titan poker\data\cashier.dll detected: Trace.File.Titan Poker!A2
c:\poker\titan poker\data\cashier.gam detected: Trace.File.Titan Poker!A2
c:\poker\titan poker\data\common.dll detected: Trace.File.Titan Poker!A2
c:\poker\titan poker\data\common.gam detected: Trace.File.Titan Poker!A2
c:\poker\titan poker\data\loader.dll detected: Trace.File.Titan Poker!A2
c:\poker\titan poker\data\loader.gam detected: Trace.File.Titan Poker!A2
c:\poker\titan poker\data\poker_common.dll detected: Trace.File.Titan Poker!A2
c:\poker\titan poker\data\poker_common.gam detected: Trace.File.Titan Poker!A2
c:\poker\titan poker\data\poker_lobby.dll detected: Trace.File.Titan Poker!A2
c:\poker\titan poker\data\poker_lobby.gam detected: Trace.File.Titan Poker!A2
c:\poker\titan poker\data\poker_table.dll detected: Trace.File.Titan Poker!A2
c:\poker\titan poker\data\shared\bubble_lobby.jpg detected: Trace.File.Titan Poker!A2
c:\poker\titan poker\data\shared\bubble_lobby-alpha.jpg detected: Trace.File.Titan Poker!A2
c:\poker\titan poker\data\shared\html\cashier_offline.css detected: Trace.File.Titan Poker!A2
c:\poker\titan poker\data\shared\html\cashier_offline.js detected: Trace.File.Titan Poker!A2
c:\poker\titan poker\data\shared\html\cashier_offline_functions.js detected: Trace.File.Titan Poker!A2
c:\poker\titan poker\data\shared\html\cashier_offline_poker.html detected: Trace.File.Titan Poker!A2
c:\poker\titan poker\data\shared\html\chat\chat.html detected: Trace.File.Titan Poker!A2
c:\poker\titan poker\data\shared\html\chat\colors.html detected: Trace.File.Titan Poker!A2
c:\poker\titan poker\data\shared\html\chat\edit.html detected: Trace.File.Titan Poker!A2
c:\poker\titan poker\data\shared\html\chat\emoticons.html detected: Trace.File.Titan Poker!A2
c:\poker\titan poker\data\table\smallview\chat\chat.html detected: Trace.File.Titan Poker!A2
c:\poker\titan poker\data\table\topview\cards\card.lwo detected: Trace.File.Titan Poker!A2
c:\poker\titan poker\data\table\topview\chat\chat.html detected: Trace.File.Titan Poker!A2
c:\poker\titan poker\data\table\topview\chat\chat_options_back.jpg detected: Trace.File.Titan Poker!A2
c:\poker\titan poker\data\table\topview\chat\send.jpg detected: Trace.File.Titan Poker!A2
c:\poker\titan poker\data\table\topview\coins\coins.bmp detected: Trace.File.Titan Poker!A2
c:\poker\titan poker\data\table\topview\coins\coins-alpha.bmp detected: Trace.File.Titan Poker!A2
c:\poker\titan poker\data\table\topview\coins\dealer.jpg detected: Trace.File.Titan Poker!A2
c:\poker\titan poker\data\table\topview\coins\dealer-alpha.jpg detected: Trace.File.Titan Poker!A2
c:\poker\titan poker\data\topview.gam detected: Trace.File.Titan Poker!A2
c:\poker\titan poker\directsounddriver.dll detected: Trace.File.Titan Poker!A2
c:\poker\titan poker\fileinfo.dat detected: Trace.File.Titan Poker!A2
c:\poker\titan poker\fileinfo2.dat detected: Trace.File.Titan Poker!A2
c:\poker\titan poker\fileinfo2r.dat detected: Trace.File.Titan Poker!A2
c:\poker\titan poker\gdigraphdriver.dll detected: Trace.File.Titan Poker!A2
c:\poker\titan poker\ptsetup.lang detected: Trace.File.Titan Poker!A2
c:\poker\titan poker\ptsetup.log detected: Trace.File.Titan Poker!A2
c:\poker\titan poker\replace.exe detected: Trace.File.Titan Poker!A2
c:\documents and settings\all users\start menu\programs\titan poker\titan poker.lnk detected: Trace.File.Titan Poker!A2
c:\documents and settings\all users\start menu\programs\titan poker\uninstall titan poker.lnk detected: Trace.File.Titan Poker!A2
Value: HKEY_USERS\S-1-5-21-1547161642-839522115-1957994488-1003\Software\PartyGaming\PartyPoker --> 1 detected: Trace.Registry.PartyPoker!A2
Value: HKEY_USERS\S-1-5-21-1547161642-839522115-1957994488-1003\Software\PartyGaming\PartyPoker --> 10 detected: Trace.Registry.PartyPoker!A2
Value: HKEY_USERS\S-1-5-21-1547161642-839522115-1957994488-1003\Software\PartyGaming\PartyPoker --> 2 detected: Trace.Registry.PartyPoker!A2
Value: HKEY_USERS\S-1-5-21-1547161642-839522115-1957994488-1003\Software\PartyGaming\PartyPoker --> 4 detected: Trace.Registry.PartyPoker!A2
Value: HKEY_USERS\S-1-5-21-1547161642-839522115-1957994488-1003\Software\PartyGaming\PartyPoker --> 5 detected: Trace.Registry.PartyPoker!A2
Value: HKEY_USERS\S-1-5-21-1547161642-839522115-1957994488-1003\Software\PartyGaming\PartyPoker --> 6 detected: Trace.Registry.PartyPoker!A2
Value: HKEY_USERS\S-1-5-21-1547161642-839522115-1957994488-1003\Software\PartyGaming\PartyPoker --> 7 detected: Trace.Registry.PartyPoker!A2
Value: HKEY_USERS\S-1-5-21-1547161642-839522115-1957994488-1003\Software\PartyGaming\PartyPoker --> 9 detected: Trace.Registry.PartyPoker!A2
Value: HKEY_USERS\S-1-5-21-1547161642-839522115-1957994488-1003\Software\PartyGaming\PartyPoker --> AdsLastKnownState detected: Trace.Registry.PartyPoker!A2
Value: HKEY_USERS\S-1-5-21-1547161642-839522115-1957994488-1003\Software\PartyGaming\PartyPoker --> AppPath detected: Trace.Registry.PartyPoker!A2
Value: HKEY_USERS\S-1-5-21-1547161642-839522115-1957994488-1003\Software\PartyGaming\PartyPoker --> id detected: Trace.Registry.PartyPoker!A2
Value: HKEY_USERS\S-1-5-21-1547161642-839522115-1957994488-1003\Software\PartyGaming\PartyPoker --> InitialPort detected: Trace.Registry.PartyPoker!A2
Value: HKEY_USERS\S-1-5-21-1547161642-839522115-1957994488-1003\Software\PartyGaming\PartyPoker --> InstallState detected: Trace.Registry.PartyPoker!A2
Value: HKEY_USERS\S-1-5-21-1547161642-839522115-1957994488-1003\Software\PartyGaming\PartyPoker --> SL detected: Trace.Registry.PartyPoker!A2
Value: HKEY_USERS\S-1-5-21-1547161642-839522115-1957994488-1003\Software\PartyGaming\PartyPoker --> TableType detected: Trace.Registry.PartyPoker!A2
Value: HKEY_USERS\S-1-5-21-1547161642-839522115-1957994488-1003\Software\PartyGaming\PartyPoker --> useCount detected: Trace.Registry.PartyPoker!A2
Value: HKEY_USERS\S-1-5-21-1547161642-839522115-1957994488-1003\Software\PartyGaming --> AutoLoginToOtherGames detected: Trace.Registry.PartyPoker!A2
Value: HKEY_USERS\S-1-5-21-1547161642-839522115-1957994488-1003\Software\PartyGaming --> CFDialogShown detected: Trace.Registry.PartyPoker!A2
Value: HKEY_USERS\S-1-5-21-1547161642-839522115-1957994488-1003\Software\PartyGaming --> FreshInstall detected: Trace.Registry.PartyPoker!A2
Value: HKEY_USERS\S-1-5-21-1547161642-839522115-1957994488-1003\Software\PartyGaming --> OldCFformat detected: Trace.Registry.PartyPoker!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} --> ButtonText detected: Trace.Registry.PartyPoker!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} --> CLSID detected: Trace.Registry.PartyPoker!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} --> Default Visible detected: Trace.Registry.PartyPoker!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} --> Exec detected: Trace.Registry.PartyPoker!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} --> HotIcon detected: Trace.Registry.PartyPoker!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} --> Icon detected: Trace.Registry.PartyPoker!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} --> MenuStatusBar detected: Trace.Registry.PartyPoker!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} --> MenuText detected: Trace.Registry.PartyPoker!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} --> Path detected: Trace.Registry.PartyPoker!A2
Key: HKEY_LOCAL_MACHINE\software\system soap detected: Trace.Registry.SystemSoapPro
Value: HKEY_USERS\S-1-5-21-1547161642-839522115-1957994488-1003\Software\Titan Poker --> global_login_hint detected: Trace.Registry.Titan Poker!A2
Value: HKEY_USERS\S-1-5-21-1547161642-839522115-1957994488-1003\Software\Titan Poker --> options_dealervoices detected: Trace.Registry.Titan Poker!A2
Value: HKEY_USERS\S-1-5-21-1547161642-839522115-1957994488-1003\Software\Titan Poker --> options_music detected: Trace.Registry.Titan Poker!A2
Value: HKEY_USERS\S-1-5-21-1547161642-839522115-1957994488-1003\Software\Titan Poker --> options_poker_avatar_num detected: Trace.Registry.Titan Poker!A2
Value: HKEY_USERS\S-1-5-21-1547161642-839522115-1957994488-1003\Software\Titan Poker --> options_poker_filter_empty detected: Trace.Registry.Titan Poker!A2
Value: HKEY_USERS\S-1-5-21-1547161642-839522115-1957994488-1003\Software\Titan Poker --> options_poker_filter_finished detected: Trace.Registry.Titan Poker!A2
Value: HKEY_USERS\S-1-5-21-1547161642-839522115-1957994488-1003\Software\Titan Poker --> options_poker_filter_full detected: Trace.Registry.Titan Poker!A2
Value: HKEY_USERS\S-1-5-21-1547161642-839522115-1957994488-1003\Software\Titan Poker --> options_poker_filter_inprogress detected: Trace.Registry.Titan Poker!A2
Value: HKEY_USERS\S-1-5-21-1547161642-839522115-1957994488-1003\Software\Titan Poker --> options_poker_showsidegames detected: Trace.Registry.Titan Poker!A2
Value: HKEY_USERS\S-1-5-21-1547161642-839522115-1957994488-1003\Software\Titan Poker --> options_poker_smallview detected: Trace.Registry.Titan Poker!A2
Value: HKEY_USERS\S-1-5-21-1547161642-839522115-1957994488-1003\Software\Titan Poker --> options_sounds detected: Trace.Registry.Titan Poker!A2
Value: HKEY_USERS\S-1-5-21-1547161642-839522115-1957994488-1003\Software\Titan Poker --> options_xlslots detected: Trace.Registry.Titan Poker!A2
Value: HKEY_USERS\S-1-5-21-1547161642-839522115-1957994488-1003\Software\Titan Poker --> options-fullscreen detected: Trace.Registry.Titan Poker!A2
Value: HKEY_USERS\S-1-5-21-1547161642-839522115-1957994488-1003\Software\Titan Poker --> options-volume detected: Trace.Registry.Titan Poker!A2
Value: HKEY_USERS\S-1-5-21-1547161642-839522115-1957994488-1003\Software\Titan Poker --> poker_login_type detected: Trace.Registry.Titan Poker!A2
Value: HKEY_USERS\S-1-5-21-1547161642-839522115-1957994488-1003\Software\Titan Poker --> poker_nickname detected: Trace.Registry.Titan Poker!A2
Value: HKEY_USERS\S-1-5-21-1547161642-839522115-1957994488-1003\Software\Titan Poker --> ptdevm detected: Trace.Registry.Titan Poker!A2
Value: HKEY_USERS\S-1-5-21-1547161642-839522115-1957994488-1003\Software\Titan Poker --> tribeca_playernotes detected: Trace.Registry.Titan Poker!A2
Value: HKEY_USERS\S-1-5-21-1547161642-839522115-1957994488-1003\Software\Titan Poker --> username detected: Trace.Registry.Titan Poker!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{49783ED4-258D-4f9f-BE11-137C18D3E543} --> ButtonText detected: Trace.Registry.Titan Poker!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{49783ED4-258D-4f9f-BE11-137C18D3E543} --> CLSID detected: Trace.Registry.Titan Poker!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{49783ED4-258D-4f9f-BE11-137C18D3E543} --> Default Visible detected: Trace.Registry.Titan Poker!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{49783ED4-258D-4f9f-BE11-137C18D3E543} --> Exec detected: Trace.Registry.Titan Poker!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{49783ED4-258D-4f9f-BE11-137C18D3E543} --> HotIcon detected: Trace.Registry.Titan Poker!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{49783ED4-258D-4f9f-BE11-137C18D3E543} --> Icon detected: Trace.Registry.Titan Poker!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{49783ED4-258D-4f9f-BE11-137C18D3E543} --> MenuText detected: Trace.Registry.Titan Poker!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{49783ED4-258D-4f9f-BE11-137C18D3E543} --> ToolTip detected: Trace.Registry.Titan Poker!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Titan Poker --> DisplayName detected: Trace.Registry.Titan Poker!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Titan Poker --> UninstallString detected: Trace.Registry.Titan Poker!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Titan Poker --> account detected: Trace.Registry.Titan Poker!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Titan Poker --> advertisercode detected: Trace.Registry.Titan Poker!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Titan Poker --> banner detected: Trace.Registry.Titan Poker!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Titan Poker --> creferer detected: Trace.Registry.Titan Poker!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Titan Poker --> homedir detected: Trace.Registry.Titan Poker!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Titan Poker --> profile detected: Trace.Registry.Titan Poker!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Titan Poker --> referer detected: Trace.Registry.Titan Poker!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Titan Poker --> safemode detected: Trace.Registry.Titan Poker!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Titan Poker --> uninstall detected: Trace.Registry.Titan Poker!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Titan Poker --> uninstall_lang detected: Trace.Registry.Titan Poker!A2
c:\windows\downloaded program files\default.inf detected: Trace.File.iePlugin!A2
c:\program files\partygaming\partycasino\gra.ini detected: Trace.File.PartyPoker!A2
c:\program files\partygaming\partycasino\partycasino.dll detected: Trace.File.PartyPoker!A2
c:\program files\partygaming\partycasino\sys.ini detected: Trace.File.PartyPoker!A2
c:\program files\partygaming\partypoker\language\en_us\articles\2.html detected: Trace.File.PartyPoker!A2
c:\program files\partygaming\partypoker\language\en_us\articles\4.html detected: Trace.File.PartyPoker!A2
c:\program files\partygaming\partypoker\language\en_us\articles\54708.html detected: Trace.File.PartyPoker!A2
c:\program files\partygaming\partypoker\notes.txt detected: Trace.File.PartyPoker!A2
c:\program files\partygaming\partypoker\usertab.txt detected: Trace.File.PartyPoker!A2
Value: HKEY_USERS\S-1-5-21-1547161642-839522115-1957994488-1003\Software\Cliprex DVD Player Professional --> Volume detected: Trace.Registry.Cliprex DVD Player Professional!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\itbill --> Changed detected: Trace.Registry.MediaPipe!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\itbill --> SlowInfoCache detected: Trace.Registry.MediaPipe!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\p2pnetworks --> Changed detected: Trace.Registry.MediaPipe!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\p2pnetworks --> SlowInfoCache detected: Trace.Registry.MediaPipe!A2
Key: HKEY_CLASSES_ROOT\clsid\{147a976e-eee1-4377-8ea7-4716e4cdd239} detected: Trace.Registry.MyWebSearchToobar
C:\Documents and Settings\Owner\Cookies\owner@atdmt[2].txt detected: Trace.TrackingCookie.atdmt!A2
C:\Documents and Settings\Owner\Cookies\owner@bs.serving-sys[1].txt detected: Trace.TrackingCookie.bs.serving-sys!A2
C:\Documents and Settings\Owner\Cookies\owner@doubleclick[2].txt detected: Trace.TrackingCookie.doubleclick!A2
C:\Documents and Settings\Owner\Cookies\owner@questionmarket[1].txt detected: Trace.TrackingCookie.questionmarket!A2
C:\Documents and Settings\Owner\Cookies\owner@serving-sys[2].txt detected: Trace.TrackingCookie.serving-sys!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:71 detected: Trace.TrackingCookie.doubleclick.net!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:74 detected: Trace.TrackingCookie.doubleclick.net!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:75 detected: Trace.TrackingCookie.ad.yieldmanager.com!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:76 detected: Trace.TrackingCookie.ad.yieldmanager.com!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:77 detected: Trace.TrackingCookie.ad.yieldmanager.com!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:78 detected: Trace.TrackingCookie.ad.yieldmanager.com!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:79 detected: Trace.TrackingCookie.ad.yieldmanager.com!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:80 detected: Trace.TrackingCookie.ad.yieldmanager.com!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:81 detected: Trace.TrackingCookie.ad.yieldmanager.com!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:82 detected: Trace.TrackingCookie.ad.yieldmanager.com!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:84 detected: Trace.TrackingCookie.ad.yieldmanager.com!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:89 detected: Trace.TrackingCookie.zedo.com!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:90 detected: Trace.TrackingCookie.zedo.com!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:91 detected: Trace.TrackingCookie.zedo.com!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:92 detected: Trace.TrackingCookie.zedo.com!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:93 detected: Trace.TrackingCookie.zedo.com!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:94 detected: Trace.TrackingCookie.zedo.com!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:95 detected: Trace.TrackingCookie.zedo.com!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:133 detected: Trace.TrackingCookie.media!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:133 detected: Trace.TrackingCookie.media.adrevolver.com!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:134 detected: Trace.TrackingCookie.media!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:134 detected: Trace.TrackingCookie.media.adrevolver.com!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:135 detected: Trace.TrackingCookie.media!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:135 detected: Trace.TrackingCookie.media.adrevolver.com!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:136 detected: Trace.TrackingCookie.media!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:136 detected: Trace.TrackingCookie.media.adrevolver.com!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:155 detected: Trace.TrackingCookie.ads.bridgetrack.com!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:156 detected: Trace.TrackingCookie.ads.bridgetrack.com!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:157 detected: Trace.TrackingCookie.ads.bridgetrack.com!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:158 detected: Trace.TrackingCookie.ads.bridgetrack.com!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:159 detected: Trace.TrackingCookie.ads.bridgetrack.com!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:160 detected: Trace.TrackingCookie.ads.bridgetrack.com!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:161 detected: Trace.TrackingCookie.ads.bridgetrack.com!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:166 detected: Trace.TrackingCookie.server.iad.livepers!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:166 detected: Trace.TrackingCookie.server.iad.liveperson.net!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:167 detected: Trace.TrackingCookie.server.iad.livepers!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:167 detected: Trace.TrackingCookie.server.iad.liveperson.net!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:168 detected: Trace.TrackingCookie.server.iad.livepers!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:168 detected: Trace.TrackingCookie.server.iad.liveperson.net!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:172 detected: Trace.TrackingCookie.casalemedia.com!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:173 detected: Trace.TrackingCookie.casalemedia.com!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:174 detected: Trace.TrackingCookie.casalemedia.com!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:175 detected: Trace.TrackingCookie.casalemedia.com!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:210 detected: Trace.TrackingCookie.azjmp.com!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:211 detected: Trace.TrackingCookie.azjmp.com!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:212 detected: Trace.TrackingCookie.azjmp.com!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:213 detected: Trace.TrackingCookie.azjmp.com!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:216 detected: Trace.TrackingCookie.myspace.com!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:217 detected: Trace.TrackingCookie.myspace.com!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:218 detected: Trace.TrackingCookie.myspace.com!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:219 detected: Trace.TrackingCookie.myspace.com!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:220 detected: Trace.TrackingCookie.myspace.com!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:254 detected: Trace.TrackingCookie.www.googleadservices.com!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:319 detected: Trace.TrackingCookie.tribalfusion.com!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:351 detected: Trace.TrackingCookie.ads.monster.com!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:355 detected: Trace.TrackingCookie.server.iad.livepers!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:355 detected: Trace.TrackingCookie.server.iad.liveperson.net!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:476 detected: Trace.TrackingCookie.trafficmp.com!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:477 detected: Trace.TrackingCookie.trafficmp.com!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:478 detected: Trace.TrackingCookie.trafficmp.com!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:479 detected: Trace.TrackingCookie.trafficmp.com!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:480 detected: Trace.TrackingCookie.trafficmp.com!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:505 detected: Trace.TrackingCookie.tag.contextweb.com!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:506 detected: Trace.TrackingCookie.tag.contextweb.com!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:550 detected: Trace.TrackingCookie.statse.webtrendslive!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:550 detected: Trace.TrackingCookie.statse.webtrendslive.com!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:565 detected: Trace.TrackingCookie.sdc.radio-canada.ca!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:582 detected: Trace.TrackingCookie.www.burstbeacon.com!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:584 detected: Trace.TrackingCookie.www.burstnet.com!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:687 detected: Trace.TrackingCookie.www.googleadservices.com!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:739 detected: Trace.TrackingCookie.www.googleadservices.com!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:744 detected: Trace.TrackingCookie.visit.theglobeandmail.com!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:778 detected: Trace.TrackingCookie.adbrite.com!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:779 detected: Trace.TrackingCookie.adbrite.com!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:780 detected: Trace.TrackingCookie.adbrite.com!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:795 detected: Trace.TrackingCookie.www.googleadservices.com!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:845 detected: Trace.TrackingCookie.www.googleadservices.com!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:849 detected: Trace.TrackingCookie.www.googleadservices.com!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:865 detected: Trace.TrackingCookie.data.coremetrics!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:865 detected: Trace.TrackingCookie.data.coremetrics.com!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:866 detected: Trace.TrackingCookie.sec1.liveperson.net!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:867 detected: Trace.TrackingCookie.sec1.liveperson.net!A2
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:915 detected: Trace.TrackingCookie.adknowledge!A2
C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\KSU\KSU.CAB/backWeb_7288971.exe detected: Adware.BackWeb.a!A2
C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\KSU\KSU.CAB/runner.exe detected: Adware.BackWeb.a!A2
C:\Program Files\Kodak\KODAK Software Updater\7288971\6.1.4.37-7288971L\Program\runner.exe detected: Adware.BackWeb.a!A2
C:\Program Files\Mozilla Firefox\SmitfraudFix\IEDFix.exe detected: Hoax.Win32.Renos.vaoz!A2
C:\Program Files\Mozilla Firefox\SmitfraudFix\Process.exe detected: Riskware.RiskTool.Win32.Processor.20!A2
C:\System Volume Information\_restore{3D04D4D0-9194-4DD1-8578-5EF7FA091078}\RP646\A0241756.exe detected: Riskware.RiskTool.Win32.Processor.20!A2
C:\WINDOWS\abiloader.exe detected: Adware.Win32.BetterInternet.t!A2
C:\WINDOWS\system32\IEDFix.exe detected: Hoax.Win32.Renos.vaoz!A2
C:\WINDOWS\system32\Process.exe detected: Riskware.RiskTool.Win32.Processor.20!A2
Scanned
Files: 83898
Traces: 573196
Cookies: 1062
Processes: 54
Found
Files: 9
Traces: 193
Cookies: 88
Processes: 0
Registry keys: 0
Scan end: 11/7/2008 5:20:20 PM
Scan time: 4:11:12
geoffrey5
Messages postés
13732
Date d'inscription
dimanche 20 mai 2007
Statut
Contributeur sécurité
Dernière intervention
21 mai 2010
10
8 nov. 2008 à 00:36
8 nov. 2008 à 00:36
Salut !!
Tu peux aller supprimer tout ce qu il y a dans la quarantaine d a-squared..
ensuite :
▶ Télécharger SDFix (créé par AndyManchesta) et sauvegarde le sur ton Bureau.
▶ Double cliquer sur SDFix.exe et choisir Install pour l'extraire dans un dossier dédié sur ton disque C:.
/!\ Démarre en mode sans échec : après le bip et avant le logo windows tapoter sur la touche F8 (ou F5): menu M.S.E..
▶ Choisir son compte, pas celui de l'Administrateur ou autre.
Dérouler la liste des instructions ci-dessous :
• Ouvrir le dossier SDFix qui vient d'être créé dans le répertoire C:\ et double clique sur RunThis.bat pour lancer le script.
• Appuyer sur Y pour commencer le processus de nettoyage.
• Il va supprimer les services et les entrées du Registre de certains trojans trouvés puis te demandera d'appuyer sur une touche pour redémarrer.
• Appuyer sur une touche pour redémarrer le PC.
• Le système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers.
• Après le chargement du Bureau, l'outil terminera son travail et affichera Finished.
• Appuyer sur une touche pour finir l'exécution du script et charger les icônes du Bureau.
• Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier SDFix sous le nom Report.txt.
• Enfin, copier/coller le contenu du fichier Report.txt dans la prochaine réponse sur le forum
Tu peux aller supprimer tout ce qu il y a dans la quarantaine d a-squared..
ensuite :
▶ Télécharger SDFix (créé par AndyManchesta) et sauvegarde le sur ton Bureau.
▶ Double cliquer sur SDFix.exe et choisir Install pour l'extraire dans un dossier dédié sur ton disque C:.
/!\ Démarre en mode sans échec : après le bip et avant le logo windows tapoter sur la touche F8 (ou F5): menu M.S.E..
▶ Choisir son compte, pas celui de l'Administrateur ou autre.
Dérouler la liste des instructions ci-dessous :
• Ouvrir le dossier SDFix qui vient d'être créé dans le répertoire C:\ et double clique sur RunThis.bat pour lancer le script.
• Appuyer sur Y pour commencer le processus de nettoyage.
• Il va supprimer les services et les entrées du Registre de certains trojans trouvés puis te demandera d'appuyer sur une touche pour redémarrer.
• Appuyer sur une touche pour redémarrer le PC.
• Le système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers.
• Après le chargement du Bureau, l'outil terminera son travail et affichera Finished.
• Appuyer sur une touche pour finir l'exécution du script et charger les icônes du Bureau.
• Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier SDFix sous le nom Report.txt.
• Enfin, copier/coller le contenu du fichier Report.txt dans la prochaine réponse sur le forum
grandtoure
Messages postés
141
Date d'inscription
jeudi 6 mars 2008
Statut
Membre
Dernière intervention
2 juillet 2013
8 nov. 2008 à 00:45
8 nov. 2008 à 00:45
veux tu que je supprime seulement ce qu'il y a dans la quarantaine ? Que dois je faire de ceux detectes dans le scan?
geoffrey5
Messages postés
13732
Date d'inscription
dimanche 20 mai 2007
Statut
Contributeur sécurité
Dernière intervention
21 mai 2010
10
8 nov. 2008 à 00:49
8 nov. 2008 à 00:49
tu supprimes tout et tu vides la quarantaine
grandtoure
Messages postés
141
Date d'inscription
jeudi 6 mars 2008
Statut
Membre
Dernière intervention
2 juillet 2013
9 nov. 2008 à 01:48
9 nov. 2008 à 01:48
[b]SDFix: Version 1.240 [/b]
Run by Owner on Fri 11/07/2008 at 20:42
Microsoft Windows XP [Version 5.1.2600]
Running From: C:\SDFix
[b]Checking Services [/b]:
AUTOEXEC.NT Restored from backups
Restoring Default Security Values
Restoring Default Hosts File
Rebooting
[b]Checking Files [/b]:
No Trojan Files Found
Removing Temp Files
[b]ADS Check [/b]:
[b]Final Check [/b]:
catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-08 18:58:33
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden services & system hive ...
scanning hidden registry entries ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0
[b]Remaining Services [/b]:
Authorized Application Key Export:
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\\WINDOWS\\system32\\mqsvc.exe"="C:\\WINDOWS\\system32\\mqsvc.exe:*:Enabled:Message Queuing"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Kodak\\KODAK Software Updater\\7288971\\Program\\backWeb-7288971.exe"="C:\\Program Files\\Kodak\\KODAK Software Updater\\7288971\\Program\\backWeb-7288971.exe:*:Enabled:backWeb-7288971"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\backWeb-8876480.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\backWeb-8876480.exe:*:Enabled:Logitech Desktop Messenger"
"C:\\PROGRA~1\\Yahoo!\\MESSEN~1\\YPAGER.EXE"="C:\\PROGRA~1\\Yahoo!\\MESSEN~1\\YPAGER.EXE:*:Enabled:Yahoo! Messenger"
"C:\\PROGRA~1\\Yahoo!\\MESSEN~1\\yserver.exe"="C:\\PROGRA~1\\Yahoo!\\MESSEN~1\\yserver.exe:*:Enabled:Yahoo! FT Server"
"C:\\Program Files\\Yahoo!\\browser\\ybrowser.exe"="C:\\Program Files\\Yahoo!\\browser\\ybrowser.exe:*:Enabled:Yahoo! Browser"
"C:\\Program Files\\Yahoo!\\Messenger\\YPAGER.EXE"="C:\\Program Files\\Yahoo!\\Messenger\\YPAGER.EXE:*:Enabled:Yahoo! Messenger"
"C:\\Program Files\\Yahoo!\\Messenger\\yserver.exe"="C:\\Program Files\\Yahoo!\\Messenger\\yserver.exe:*:Enabled:Yahoo! FT Server"
"C:\\Program Files\\Real\\RealPlayer\\realplay.exe"="C:\\Program Files\\Real\\RealPlayer\\realplay.exe:*:Enabled:RealPlayer"
"C:\\Program Files\\PeerCast\\PeerCast.exe"="C:\\Program Files\\PeerCast\\PeerCast.exe:*:Enabled:PeerCast"
"C:\\Program Files\\America Online 9.0c\\waol.exe"="C:\\Program Files\\America Online 9.0c\\waol.exe:*:Disabled:America Online 9.0c"
"C:\\Program Files\\p2pnetworks\\p2pnetworks.exe"=" "
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe:*:Enabled:hposid01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"="C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"="C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe:*:Enabled:hpqdia.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe:*:Enabled:hpqnrs08.exe"
"C:\\Program Files\\inKline Global\\TVolution\\TVolution.exe"="C:\\Program Files\\inKline Global\\TVolution\\TVolution.exe:*:Enabled:TVolution"
"C:\\Program Files\\Internet Explorer\\iexplore.exe"="C:\\Program Files\\Internet Explorer\\iexplore.exe:*:Enabled:Internet Explorer"
"C:\\Program Files\\NetMeeting\\conf.exe"="C:\\Program Files\\NetMeeting\\conf.exe:*:Enabled:Windowsr NetMeetingr"
"C:\\Program Files\\Windows Media Player\\wmplayer.exe"="C:\\Program Files\\Windows Media Player\\wmplayer.exe:*:Enabled:Windows Media Player"
"C:\\Program Files\\QuickTime\\QuickTimePlayer.exe"="C:\\Program Files\\QuickTime\\QuickTimePlayer.exe:*:Enabled:QuickTime Player"
"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
"C:\\Program Files\\Common Files\\McAfee\\MNA\\McNASvc.exe"="C:\\Program Files\\Common Files\\McAfee\\MNA\\McNASvc.exe:*:Enabled:McAfee Network Agent"
"C:\\Program Files\\VoipStunt.com\\VoipStunt\\VoipStunt.exe"="C:\\Program Files\\VoipStunt.com\\VoipStunt\\VoipStunt.exe:*:Enabled:VoipStunt"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"C:\\WINDOWS\\system32\\mqsvc.exe"="C:\\WINDOWS\\system32\\mqsvc.exe:*:Enabled:Message Queuing"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[b]Remaining Files [/b]:
[b]Files with Hidden Attributes [/b]:
Fri 27 Feb 2004 233,472 A..H. --- "C:\RECYCLER\NPROTECT\00391518.DLL"
Wed 19 Jan 2005 4,348 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
Sun 8 May 2005 401 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv11.bak"
Thu 15 Aug 2002 266,240 A..H. --- "C:\Program Files\Broderbund\Mavis Beacon Teaches Typing Deluxe 15\Mavis Beacon Teaches Typing.exe"
Fri 27 Feb 2004 233,472 A..H. --- "C:\Program Files\Image-Line\FL Studio 7\REX Shared Library.dll"
Fri 10 Oct 2008 20,487 A.SHR --- "C:\Program Files\McAfee\MQC\MRU.bak"
Fri 10 Oct 2008 265 A.SHR --- "C:\Program Files\McAfee\MQC\qcconf.bak"
Tue 13 Nov 2007 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv02.tmp"
Fri 14 May 2004 1,206 A..HR --- "C:\Program Files\Common Files\Symantec Shared\Registry Backup\ccReg.reg"
Fri 14 May 2004 12,888 A..HR --- "C:\Program Files\Common Files\Symantec Shared\Registry Backup\CommonClient.reg"
Fri 10 Oct 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\c9f50bc388914012dca1d6d24cf3016d\BIT70.tmp"
Mon 12 Dec 2005 401 A..H. --- "C:\Documents and Settings\Owner\My Documents\My Music\License Backup\drmv1lic.bak"
Mon 12 Nov 2007 401 A..H. --- "C:\Documents and Settings\Owner\Application Data\Real\Rhapsody\wmlicbackup\drmv1lic.bak"
Thu 27 Jan 2005 8 A..H. --- "C:\Documents and Settings\All Users\Application Data\GTek\GTUpdate\AUpdate\Channels\ch1\lock.tmp"
[b]Finished![/b]
Run by Owner on Fri 11/07/2008 at 20:42
Microsoft Windows XP [Version 5.1.2600]
Running From: C:\SDFix
[b]Checking Services [/b]:
AUTOEXEC.NT Restored from backups
Restoring Default Security Values
Restoring Default Hosts File
Rebooting
[b]Checking Files [/b]:
No Trojan Files Found
Removing Temp Files
[b]ADS Check [/b]:
[b]Final Check [/b]:
catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-08 18:58:33
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden services & system hive ...
scanning hidden registry entries ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0
[b]Remaining Services [/b]:
Authorized Application Key Export:
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\\WINDOWS\\system32\\mqsvc.exe"="C:\\WINDOWS\\system32\\mqsvc.exe:*:Enabled:Message Queuing"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Kodak\\KODAK Software Updater\\7288971\\Program\\backWeb-7288971.exe"="C:\\Program Files\\Kodak\\KODAK Software Updater\\7288971\\Program\\backWeb-7288971.exe:*:Enabled:backWeb-7288971"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\backWeb-8876480.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\backWeb-8876480.exe:*:Enabled:Logitech Desktop Messenger"
"C:\\PROGRA~1\\Yahoo!\\MESSEN~1\\YPAGER.EXE"="C:\\PROGRA~1\\Yahoo!\\MESSEN~1\\YPAGER.EXE:*:Enabled:Yahoo! Messenger"
"C:\\PROGRA~1\\Yahoo!\\MESSEN~1\\yserver.exe"="C:\\PROGRA~1\\Yahoo!\\MESSEN~1\\yserver.exe:*:Enabled:Yahoo! FT Server"
"C:\\Program Files\\Yahoo!\\browser\\ybrowser.exe"="C:\\Program Files\\Yahoo!\\browser\\ybrowser.exe:*:Enabled:Yahoo! Browser"
"C:\\Program Files\\Yahoo!\\Messenger\\YPAGER.EXE"="C:\\Program Files\\Yahoo!\\Messenger\\YPAGER.EXE:*:Enabled:Yahoo! Messenger"
"C:\\Program Files\\Yahoo!\\Messenger\\yserver.exe"="C:\\Program Files\\Yahoo!\\Messenger\\yserver.exe:*:Enabled:Yahoo! FT Server"
"C:\\Program Files\\Real\\RealPlayer\\realplay.exe"="C:\\Program Files\\Real\\RealPlayer\\realplay.exe:*:Enabled:RealPlayer"
"C:\\Program Files\\PeerCast\\PeerCast.exe"="C:\\Program Files\\PeerCast\\PeerCast.exe:*:Enabled:PeerCast"
"C:\\Program Files\\America Online 9.0c\\waol.exe"="C:\\Program Files\\America Online 9.0c\\waol.exe:*:Disabled:America Online 9.0c"
"C:\\Program Files\\p2pnetworks\\p2pnetworks.exe"=" "
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe:*:Enabled:hposid01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"="C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"="C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe:*:Enabled:hpqdia.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe:*:Enabled:hpqnrs08.exe"
"C:\\Program Files\\inKline Global\\TVolution\\TVolution.exe"="C:\\Program Files\\inKline Global\\TVolution\\TVolution.exe:*:Enabled:TVolution"
"C:\\Program Files\\Internet Explorer\\iexplore.exe"="C:\\Program Files\\Internet Explorer\\iexplore.exe:*:Enabled:Internet Explorer"
"C:\\Program Files\\NetMeeting\\conf.exe"="C:\\Program Files\\NetMeeting\\conf.exe:*:Enabled:Windowsr NetMeetingr"
"C:\\Program Files\\Windows Media Player\\wmplayer.exe"="C:\\Program Files\\Windows Media Player\\wmplayer.exe:*:Enabled:Windows Media Player"
"C:\\Program Files\\QuickTime\\QuickTimePlayer.exe"="C:\\Program Files\\QuickTime\\QuickTimePlayer.exe:*:Enabled:QuickTime Player"
"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
"C:\\Program Files\\Common Files\\McAfee\\MNA\\McNASvc.exe"="C:\\Program Files\\Common Files\\McAfee\\MNA\\McNASvc.exe:*:Enabled:McAfee Network Agent"
"C:\\Program Files\\VoipStunt.com\\VoipStunt\\VoipStunt.exe"="C:\\Program Files\\VoipStunt.com\\VoipStunt\\VoipStunt.exe:*:Enabled:VoipStunt"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"C:\\WINDOWS\\system32\\mqsvc.exe"="C:\\WINDOWS\\system32\\mqsvc.exe:*:Enabled:Message Queuing"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[b]Remaining Files [/b]:
[b]Files with Hidden Attributes [/b]:
Fri 27 Feb 2004 233,472 A..H. --- "C:\RECYCLER\NPROTECT\00391518.DLL"
Wed 19 Jan 2005 4,348 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
Sun 8 May 2005 401 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv11.bak"
Thu 15 Aug 2002 266,240 A..H. --- "C:\Program Files\Broderbund\Mavis Beacon Teaches Typing Deluxe 15\Mavis Beacon Teaches Typing.exe"
Fri 27 Feb 2004 233,472 A..H. --- "C:\Program Files\Image-Line\FL Studio 7\REX Shared Library.dll"
Fri 10 Oct 2008 20,487 A.SHR --- "C:\Program Files\McAfee\MQC\MRU.bak"
Fri 10 Oct 2008 265 A.SHR --- "C:\Program Files\McAfee\MQC\qcconf.bak"
Tue 13 Nov 2007 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv02.tmp"
Fri 14 May 2004 1,206 A..HR --- "C:\Program Files\Common Files\Symantec Shared\Registry Backup\ccReg.reg"
Fri 14 May 2004 12,888 A..HR --- "C:\Program Files\Common Files\Symantec Shared\Registry Backup\CommonClient.reg"
Fri 10 Oct 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\c9f50bc388914012dca1d6d24cf3016d\BIT70.tmp"
Mon 12 Dec 2005 401 A..H. --- "C:\Documents and Settings\Owner\My Documents\My Music\License Backup\drmv1lic.bak"
Mon 12 Nov 2007 401 A..H. --- "C:\Documents and Settings\Owner\Application Data\Real\Rhapsody\wmlicbackup\drmv1lic.bak"
Thu 27 Jan 2005 8 A..H. --- "C:\Documents and Settings\All Users\Application Data\GTek\GTUpdate\AUpdate\Channels\ch1\lock.tmp"
[b]Finished![/b]
geoffrey5
Messages postés
13732
Date d'inscription
dimanche 20 mai 2007
Statut
Contributeur sécurité
Dernière intervention
21 mai 2010
10
9 nov. 2008 à 13:43
9 nov. 2008 à 13:43
Salut !!
vas faire une analyse en ligne avec bitdefender à cette adresse stp (sous internet explorer) :
http://www.zebulon.fr/outils/antivirus/antivirus-en-ligne.php
et poste le rapport
vas faire une analyse en ligne avec bitdefender à cette adresse stp (sous internet explorer) :
http://www.zebulon.fr/outils/antivirus/antivirus-en-ligne.php
et poste le rapport
grandtoure
Messages postés
141
Date d'inscription
jeudi 6 mars 2008
Statut
Membre
Dernière intervention
2 juillet 2013
10 nov. 2008 à 18:16
10 nov. 2008 à 18:16
La mise en jour de bitdefender ne s'effectue pas. Quand je commence le scan, ca echoue. En gros ca marche pas