Ordi tres lent

grandtoure Messages postés 147 Statut Membre -  
geoffrey5 Messages postés 14008 Statut Contributeur sécurité -
Bonjour,
Je trouve que mon ordi est tres lent. Pouvez-vous m'aider a le fixer?
Voici le rapport de hijackthis

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:14:14 PM, on 11/3/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Executive Software\Diskeeper\DkService.exe
C:\WINDOWS\System32\inetsrv\inetinfo.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\program files\common files\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\WINDOWS\Explorer.EXE
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\ScsiAccess.EXE
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\mqsvc.exe
C:\WINDOWS\System32\mqtgsvc.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\Browser Mouse\mouse32a.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\system32\WgaTray.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe
C:\Program Files\Muiltmedia keyboard utility\1.1\KbdAp32A.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\VoipStunt.com\VoipStunt\VoipStunt.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\iPod\bin\iPodService.exe
c:\PROGRA~1\mcafee\msc\mcuimgr.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Support.com\bin\tgcmd.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/ie/defaults/sb/sbcydsl/*http://www.yahoo.com/search/ie.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/customize/ie/defaults/sp/sbcydsl/*https://fr.yahoo.com/?p=us
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/?p=us
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/ie/defaults/sb/sbcydsl/*http://www.yahoo.com/search/ie.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/ie/defaults/su/sbcydsl/*https://fr.yahoo.com/?p=us
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file)
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: (no name) - {F5735C15-1FB2-41FE-BA12-242757E69DDE} - (no file)
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll
O4 - HKLM\..\Run: [Pure Networks Port Magic] "C:\PROGRA~1\PURENE~1\PORTMA~1\PortAOL.exe" -Run
O4 - HKLM\..\Run: [FLMOFFICE4DMOUSE] C:\Program Files\Browser Mouse\mouse32a.exe
O4 - HKLM\..\Run: [FLMK08KB] C:\Program Files\Muiltmedia keyboard utility\1.1\MMKEYBD.EXE
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [YOP] C:\PROGRA~1\Yahoo!\YOP\yop.exe /autostart
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [tgcmd] C:\Program Files\Support.com\bin\tgcmd.exe /server /startmonitor /deaf
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [System Soap Pro] C:\PROGRA~1\SYSTEM~1\soap.exe min
O4 - HKCU\..\Run: [HBt9RTH3W] clsaysvr.exe
O4 - HKCU\..\Run: [ufqz] C:\PROGRA~1\COMMON~1\ufqz\ufqzm.exe
O4 - HKCU\..\Run: [SRS Audio Sandbox] "C:\Program Files\SRS Labs\Audio Sandbox\SRSSSC.exe" /hideme
O4 - HKCU\..\Run: [VoipStunt] "C:\Program Files\VoipStunt.com\VoipStunt\VoipStunt.exe" -nosplash -minimized
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office OneNote 2003 Quick Launch.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Download with Go!Zilla - file://C:\PROGRA~1\Go!Zilla\download-with-gozilla.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O15 - Trusted Zone: http://www.listen.com
O15 - Trusted Zone: https://us.napster.com/
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://kazaliou.spaces.live.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {50647AB5-18FD-4142-82B0-5852478DD0D5} (Keynote Connector Launcher 2) - http://webeffective.keynote.com/applications/pconnector/download/ConnectorLauncher.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/webplayer/stage6/windows/AutoDLDivXWebPlayerInstaller.cab
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\Diskeeper\DkService.exe
O23 - Service: InCD File System Service (InCDsrv) - AHEAD Software - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ScsiAccess - Unknown owner - C:\WINDOWS\system32\ScsiAccess.EXE

--
End of file - 9667 bytes
Configuration: Windows XP
Firefox 2.0.0.17

53 réponses

  • 1
  • 2
  • 3
Résumé de la discussion

Le ralentissement observé peut s'expliquer par l'analyse HijackThis qui révèle de nombreuses entrées d'exécution au démarrage et des services potentiellement indésirables, ainsi que des composants liés à McAfee et à InCD. La solution prioritaire proposée est d'exécuter ComboFix (version 08-11-17.06) pour nettoyer les infections listées et supprimer les éléments malveillants ou indésirables détectés dans le rapport. Selon les résultats présentés, d'autres outils comme Malwarebytes ou Spybot peuvent être associés, et des éléments de démarrage actuels devraient être examinés pour éviter de futurs ralentissements.

Généré automatiquement par IA
sur la base des meilleures réponses
  1. geoffrey5 Messages postés 14008 Statut Contributeur sécurité 10
     
    Salut !!

    ▶ Télécharge Toolbar-S&D (de Team IDN) sur ton Bureau

    (c est le numéro 6 en bas de la page) :

    ▶ Lance l'installation du programme en exécutant le fichier téléchargé.
    ▶ Double-clique maintenant sur le raccourci de Toolbar-S&D.
    ▶ Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
    ▶ Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
    ▶ Poste le rapport généré. (C:\TB.txt)
    0
  2. grandtoure Messages postés 147 Statut Membre
     
    -----------\\ ToolBar S&D 1.2.4 XP/Vista

    Microsoft Windows XP Professional ( v5.1.2600 ) Service Pack 2
    X86-based PC ( Uniprocessor Free : AMD Duron(tm) processor )
    BIOS : Award Modular BIOS v6.00PG
    USER : Owner ( Administrator )
    BOOT : Normal boot
    Antivirus : McAfee VirusScan (Activated)
    Firewall : McAfee Personal Firewall (Activated)
    A:\ (USB)
    C:\ (Local Disk) - NTFS - Total:37 Go (Free:20 Go)
    D:\ (CD or DVD)
    E:\ (CD or DVD)
    F:\ (USB)

    "C:\ToolBar SD" ( MAJ : 27-10-2008|09:25 )
    Option : [1] ( Mon 11/03/2008|16:28 )

    -----------\\ Recherche de Fichiers / Dossiers ...

    -----------\\ [..\Internet Explorer\Main]

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
    "Local Page"="C:\\WINDOWS\\system32\\blank.htm"
    "Start Page"="https://fr.yahoo.com/?p=us"
    "Search Page"="http://red.clientapps.yahoo.com/customize/ie/defaults/sp/sbcydsl/*https://fr.yahoo.com/?p=us"
    "Search Bar"="http://red.clientapps.yahoo.com/customize/ie/defaults/sb/sbcydsl/*http://www.yahoo.com/search/ie.html"
    "SearchMigratedDefaultURL"="https://search.yahoo.com/web{searchTerms}&ei=utf-8&fr=b1ie7"
    "Url"="http://www.microsoft.com/atwork/community/rss.xml"
    "Url"="http://www.microsoft.com/athome/community/rss.xml"

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
    "Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
    "Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
    "Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
    "Start Page"="https://www.msn.com/fr-fr/?ocid=iehp"
    "Search Bar"="http://red.clientapps.yahoo.com/customize/ie/defaults/sb/sbcydsl/*http://www.yahoo.com/search/ie.html"
    "SearchAssistant"="https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm"

    --------------------\\ Recherche d'autres infections

    Aucune autre infection trouvée !

    1 - "C:\ToolBar SD\TB_1.txt" - Mon 11/03/2008|16:34 - Option : [1]

    -----------\\ Fin du rapport a 16:34:01.41
    0
  3. geoffrey5 Messages postés 14008 Statut Contributeur sécurité 10
     
    euh... C est un rapport du mois de Mars ça mdr

    1 - "C:\ToolBar SD\TB_1.txt" - Mon 11/03/2008|16:34 - Option : [1]

    -----------\\ Fin du rapport a 16:34:01.41
    0
  4. grandtoure Messages postés 147 Statut Membre
     
    non pas du tout. Je viens tout juste de faire la recherche. Je suis aux usa et ici c est comme ca qu'il marque la date.(mois/jour/annee)
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. geoffrey5 Messages postés 14008 Statut Contributeur sécurité 10
     
    ah ok lol

    ▶ Télécharge malwarebytes

    ▶ Voici mon tuto pour bien l installer et bien l utiliser :

    https://www.androidworld.fr/

    aide toi bien du tuto pour supprimer correctement ce qu il aura trouvé

    Après l analyse, redémarre le pc et poste le rapport !!

    Et refais un nouveau rapport hijackthis stp
    0
  7. grandtoure Messages postés 147 Statut Membre
     
    Malwarebytes' Anti-Malware 1.30
    Database version: 1360
    Windows 5.1.2600 Service Pack 2

    11/4/2008 12:43:46 PM
    mbam-log-2008-11-04 (12-43-45).txt

    Scan type: Full Scan (C:\|F:\|)
    Objects scanned: 103764
    Time elapsed: 1 hour(s), 39 minute(s), 18 second(s)

    Memory Processes Infected: 0
    Memory Modules Infected: 0
    Registry Keys Infected: 0
    Registry Values Infected: 0
    Registry Data Items Infected: 0
    Folders Infected: 0
    Files Infected: 0

    Memory Processes Infected:
    (No malicious items detected)

    Memory Modules Infected:
    (No malicious items detected)

    Registry Keys Infected:
    (No malicious items detected)

    Registry Values Infected:
    (No malicious items detected)

    Registry Data Items Infected:
    (No malicious items detected)

    Folders Infected:
    (No malicious items detected)

    Files Infected:
    (No malicious items detected)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 12:46:36 PM, on 11/4/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16735)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Executive Software\Diskeeper\DkService.exe
    C:\WINDOWS\System32\inetsrv\inetinfo.exe
    C:\Program Files\Ahead\InCD\InCDsrv.exe
    C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
    c:\program files\common files\mcafee\mna\mcnasvc.exe
    c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
    C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\Program Files\McAfee\MPF\MPFSrv.exe
    C:\WINDOWS\Explorer.EXE
    c:\PROGRA~1\mcafee.com\agent\mcagent.exe
    C:\WINDOWS\system32\HPZipm12.exe
    C:\WINDOWS\system32\ScsiAccess.EXE
    C:\WINDOWS\System32\snmp.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\mqsvc.exe
    C:\WINDOWS\System32\mqtgsvc.exe
    C:\Program Files\Ahead\InCD\InCD.exe
    C:\Program Files\Browser Mouse\mouse32a.exe
    C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
    C:\WINDOWS\system32\WgaTray.exe
    C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe
    C:\Program Files\Muiltmedia keyboard utility\1.1\KbdAp32A.exe
    C:\Program Files\QuickTime\QTTask.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\VoipStunt.com\VoipStunt\VoipStunt.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\iPod\bin\iPodService.exe
    c:\PROGRA~1\mcafee\msc\mcuimgr.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Support.com\bin\tgcmd.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\Program Files\MSN Messenger\usnsvc.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/ie/defaults/sb/sbcydsl/*http://www.yahoo.com/search/ie.html
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/customize/ie/defaults/sp/sbcydsl/*https://fr.yahoo.com/?p=us
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/?p=us
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/ie/defaults/sb/sbcydsl/*http://www.yahoo.com/search/ie.html
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/ie/defaults/su/sbcydsl/*https://fr.yahoo.com/?p=us
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
    O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file)
    O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O3 - Toolbar: (no name) - {F5735C15-1FB2-41FE-BA12-242757E69DDE} - (no file)
    O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll
    O4 - HKLM\..\Run: [Pure Networks Port Magic] "C:\PROGRA~1\PURENE~1\PORTMA~1\PortAOL.exe" -Run
    O4 - HKLM\..\Run: [FLMOFFICE4DMOUSE] C:\Program Files\Browser Mouse\mouse32a.exe
    O4 - HKLM\..\Run: [FLMK08KB] C:\Program Files\Muiltmedia keyboard utility\1.1\MMKEYBD.EXE
    O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
    O4 - HKLM\..\Run: [YOP] C:\PROGRA~1\Yahoo!\YOP\yop.exe /autostart
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe
    O4 - HKLM\..\Run: [tgcmd] C:\Program Files\Support.com\bin\tgcmd.exe /server /startmonitor /deaf
    O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
    O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [System Soap Pro] C:\PROGRA~1\SYSTEM~1\soap.exe min
    O4 - HKCU\..\Run: [HBt9RTH3W] clsaysvr.exe
    O4 - HKCU\..\Run: [ufqz] C:\PROGRA~1\COMMON~1\ufqz\ufqzm.exe
    O4 - HKCU\..\Run: [SRS Audio Sandbox] "C:\Program Files\SRS Labs\Audio Sandbox\SRSSSC.exe" /hideme
    O4 - HKCU\..\Run: [VoipStunt] "C:\Program Files\VoipStunt.com\VoipStunt\VoipStunt.exe" -nosplash -minimized
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: Microsoft Office OneNote 2003 Quick Launch.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
    O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
    O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
    O8 - Extra context menu item: Download with Go!Zilla - file://C:\PROGRA~1\Go!Zilla\download-with-gozilla.html
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
    O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
    O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
    O15 - Trusted Zone: http://www.listen.com
    O15 - Trusted Zone: https://us.napster.com/
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://kazaliou.spaces.live.com//PhotoUpload/MsnPUpld.cab
    O16 - DPF: {50647AB5-18FD-4142-82B0-5852478DD0D5} (Keynote Connector Launcher 2) - http://webeffective.keynote.com/applications/pconnector/download/ConnectorLauncher.cab
    O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/webplayer/stage6/windows/AutoDLDivXWebPlayerInstaller.cab
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\Diskeeper\DkService.exe
    O23 - Service: InCD File System Service (InCDsrv) - AHEAD Software - C:\Program Files\Ahead\InCD\InCDsrv.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
    O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
    O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
    O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
    O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
    O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: ScsiAccess - Unknown owner - C:\WINDOWS\system32\ScsiAccess.EXE
    0
  8. grandtoure Messages postés 147 Statut Membre
     
    J'ai delete tout ce qui se trouvait dans la quarantaine de malwarebite
    0
  9. geoffrey5 Messages postés 14008 Statut Contributeur sécurité 10
     
    Salut !!

    ▶ Télécharger et enregistrer lopSD sur le Bureau

    ▶ Double-clic Lop S&D

    ▶ Faire l'installation

    ▶ Fermer toutes les applications

    ▶ Le lancer par un double-clic sur le raccourci qui est sur le bureau
    Avec VISTA => clic-droit et => Exécuter en tant qu'administrateur

    ▶ Taper F pour français , puis presser entrée

    ▶ Taper 1

    ▶ Presser Entrée

    ▶ Le PC va redémarrer
    Note= si l'antivirus annonce une infection dans TEMP , l'ignorer

    ▶ Attendre l'apparition du rapport
    ▶ Copier le rapport et le coller dans la réponse
    le rapport se trouve aussi à C:\lopR
    0
  10. grandtoure Messages postés 147 Statut Membre
     
    --------------------\\ Lop S&D 4.2.4-9c XP/Vista

    Microsoft Windows XP Professional ( v5.1.2600 ) Service Pack 2
    X86-based PC ( Uniprocessor Free : AMD Duron(tm) processor )
    BIOS : Award Modular BIOS v6.00PG
    USER : Owner ( Administrator )
    BOOT : Normal boot
    Antivirus : McAfee VirusScan (Activated)
    Firewall : McAfee Personal Firewall (Activated)
    A:\ (USB)
    C:\ (Local Disk) - NTFS - Total:37 Go (Free:20 Go)
    D:\ (CD or DVD)
    E:\ (CD or DVD)

    "C:\Lop SD" ( MAJ : 01-11-2008|16:30 )
    Option : [1] ( Wed 11/05/2008|12:34 )

    --------------------\\ Listing des dossiers dans APPLIC~1

    [06/15/2007|05:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Adobe
    [01/08/2007|11:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Ahead
    [02/26/2005|10:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> AOL
    [01/10/2005|10:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> AOL Downloads
    [02/13/2008|12:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Apple
    [02/18/2008|02:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Apple Computer
    [05/14/2004|11:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Broderbund
    [12/20/2004|05:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Broderbund LLC
    [01/10/2007|03:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> CA
    [02/08/2005|08:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> CyberLink
    [01/27/2005|03:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> GTek
    [12/13/2006|01:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> HP
    [01/26/2005|10:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Kodak
    [10/10/2008|01:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Malwarebytes
    [05/12/2007|11:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> McAfee
    [12/12/2006|01:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Microsoft
    [11/17/2007|03:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Microsoft Help
    [01/10/2007|03:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Motive
    [05/14/2004|06:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> MSN6
    [02/08/2007|03:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> NVIDIA Corporation
    [01/10/2005|11:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Pure Networks
    [01/13/2005|06:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> QuickTime
    [12/11/2007|05:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Skype
    [12/13/2006|12:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Sonic
    [03/22/2007|11:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> SRS Labs
    [05/11/2007|06:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Support.com
    [05/11/2007|04:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Symantec
    [03/21/2005|10:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Viewpoint
    [05/11/2007|04:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Visual Networks
    [10/29/2005|04:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Windows Genuine Advantage
    [01/10/2007|03:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Yahoo
    [04/11/2007|10:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Yahoo!

    [05/14/2004|02:35] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Microsoft

    [10/29/2005|05:38] C:\DOCUME~1\LOCALS~1\APPLIC~1\<DIR> Microsoft

    [02/08/2005|09:49] C:\DOCUME~1\NETWOR~1\APPLIC~1\<DIR> Microsoft
    [04/15/2005|01:29] C:\DOCUME~1\NETWOR~1\APPLIC~1\<DIR> Symantec

    [02/13/2008|05:29] C:\DOCUME~1\Owner\APPLIC~1\<DIR> Adobe
    [02/10/2007|07:19] C:\DOCUME~1\Owner\APPLIC~1\<DIR> AdobeUM
    [12/20/2006|12:37] C:\DOCUME~1\Owner\APPLIC~1\<DIR> Ahead
    [01/11/2005|01:13] C:\DOCUME~1\Owner\APPLIC~1\<DIR> Aim
    [02/26/2005|10:32] C:\DOCUME~1\Owner\APPLIC~1\<DIR> AOL
    [03/26/2008|07:10] C:\DOCUME~1\Owner\APPLIC~1\<DIR> Apple Computer
    [05/14/2004|11:51] C:\DOCUME~1\Owner\APPLIC~1\<DIR> Broderbund
    [02/08/2005|08:57] C:\DOCUME~1\Owner\APPLIC~1\<DIR> CyberLink
    [10/30/2005|01:46] C:\DOCUME~1\Owner\APPLIC~1\<DIR> Exodus
    [01/28/2005|04:29] C:\DOCUME~1\Owner\APPLIC~1\<DIR> GTek
    [01/08/2005|05:08] C:\DOCUME~1\Owner\APPLIC~1\<DIR> Help
    [12/13/2006|01:26] C:\DOCUME~1\Owner\APPLIC~1\<DIR> HP
    [05/14/2004|02:43] C:\DOCUME~1\Owner\APPLIC~1\<DIR> Identities
    [09/10/2007|12:52] C:\DOCUME~1\Owner\APPLIC~1\<DIR> ivivo
    [10/04/2007|01:13] C:\DOCUME~1\Owner\APPLIC~1\<DIR> Keynote Systems
    [05/14/2004|11:43] C:\DOCUME~1\Owner\APPLIC~1\<DIR> Leadertech
    [05/21/2004|02:26] C:\DOCUME~1\Owner\APPLIC~1\<DIR> Macromedia
    [10/10/2008|01:03] C:\DOCUME~1\Owner\APPLIC~1\<DIR> Malwarebytes
    [08/18/2007|04:29] C:\DOCUME~1\Owner\APPLIC~1\<DIR> Microsoft
    [03/20/2007|02:00] C:\DOCUME~1\Owner\APPLIC~1\<DIR> Motive
    [04/11/2008|04:40] C:\DOCUME~1\Owner\APPLIC~1\<DIR> Mozilla
    [01/28/2005|04:28] C:\DOCUME~1\Owner\APPLIC~1\<DIR> MSN6
    [01/23/2005|04:56] C:\DOCUME~1\Owner\APPLIC~1\<DIR> NeroVision
    [11/12/2007|04:46] C:\DOCUME~1\Owner\APPLIC~1\<DIR> Real
    [06/15/2007|12:16] C:\DOCUME~1\Owner\APPLIC~1\<DIR> Skype
    [12/12/2004|05:45] C:\DOCUME~1\Owner\APPLIC~1\<DIR> Symantec
    [04/11/2008|04:41] C:\DOCUME~1\Owner\APPLIC~1\<DIR> Talkback
    [10/25/2008|12:39] C:\DOCUME~1\Owner\APPLIC~1\<DIR> VoipStunt
    [11/03/2008|03:11] C:\DOCUME~1\Owner\APPLIC~1\<DIR> WinRAR
    [12/19/2005|05:05] C:\DOCUME~1\Owner\APPLIC~1\<DIR> yahoo!
    [02/16/2005|04:38] C:\DOCUME~1\Owner\APPLIC~1\<DIR> Yahoo! Messenger
    [01/10/2005|11:04] C:\DOCUME~1\Owner\APPLIC~1\<DIR> You've Got Pictures Screensaver

    --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

    [10/30/2008 12:39 PM][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    [10/15/2008 01:05 AM][--a------] C:\WINDOWS\tasks\McDefragTask.job
    [04/01/2008 01:00 AM][--a------] C:\WINDOWS\tasks\McQcTask.job
    [11/03/2008 03:14 PM][--ah-----] C:\WINDOWS\tasks\SA.DAT
    [08/23/2001 07:00 AM][-r-h-----] C:\WINDOWS\tasks\desktop.ini

    --------------------\\ Listing des dossiers dans C:\Program Files

    [06/19/2007|11:09] C:\Program Files\<DIR> Adobe
    [02/08/2007|03:06] C:\Program Files\<DIR> Ahead
    [10/24/2008|12:06] C:\Program Files\<DIR> Apple Software Update
    [07/14/2007|08:17] C:\Program Files\<DIR> ASIO4ALL v2
    [05/11/2007|04:32] C:\Program Files\<DIR> BroadJump
    [05/14/2004|11:50] C:\Program Files\<DIR> Broderbund
    [02/26/2005|10:25] C:\Program Files\<DIR> Browser Mouse
    [02/08/2007|02:56] C:\Program Files\<DIR> Cliprex DVD Player Professional
    [05/09/2008|12:51] C:\Program Files\<DIR> Common Files
    [02/08/2005|08:54] C:\Program Files\<DIR> CyberLink
    [09/29/2007|12:54] C:\Program Files\<DIR> DivineIslam
    [12/11/2007|05:16] C:\Program Files\<DIR> DivX
    [05/14/2004|11:42] C:\Program Files\<DIR> Executive Software
    [02/21/2006|08:35] C:\Program Files\<DIR> fsupport
    [12/13/2006|12:28] C:\Program Files\<DIR> Hewlett-Packard
    [05/14/2004|11:21] C:\Program Files\<DIR> HighMAT CD Writing Wizard
    [10/17/2007|06:15] C:\Program Files\<DIR> HP
    [01/10/2007|03:05] C:\Program Files\<DIR> illiminable
    [12/15/2007|11:49] C:\Program Files\<DIR> Image-Line
    [11/17/2007|03:45] C:\Program Files\<DIR> InstallShield Installation Information
    [10/15/2008|05:27] C:\Program Files\<DIR> Internet Explorer
    [04/04/2008|03:26] C:\Program Files\<DIR> iPod
    [04/04/2008|03:27] C:\Program Files\<DIR> iTunes
    [01/26/2005|10:38] C:\Program Files\<DIR> Kodak
    [11/03/2008|04:58] C:\Program Files\<DIR> Malwarebytes' Anti-Malware
    [08/07/2007|06:15] C:\Program Files\<DIR> MARS
    [10/10/2008|04:01] C:\Program Files\<DIR> McAfee
    [05/12/2007|11:17] C:\Program Files\<DIR> McAfee.com
    [10/10/2008|05:19] C:\Program Files\<DIR> Messenger
    [02/26/2005|10:25] C:\Program Files\<DIR> Microsoft ActiveSync
    [05/11/2007|05:04] C:\Program Files\<DIR> Microsoft CAPICOM 2.1.0.2
    [05/14/2004|02:36] C:\Program Files\<DIR> microsoft frontpage
    [11/17/2007|04:01] C:\Program Files\<DIR> Microsoft Office
    [05/14/2004|12:54] C:\Program Files\<DIR> Microsoft Visual Studio
    [11/17/2007|04:01] C:\Program Files\<DIR> Microsoft Works
    [05/14/2004|12:53] C:\Program Files\<DIR> Microsoft.NET
    [01/26/2005|10:57] C:\Program Files\<DIR> Movie Maker
    [11/04/2008|07:27] C:\Program Files\<DIR> Mozilla Firefox
    [02/26/2005|10:25] C:\Program Files\<DIR> MSN
    [11/02/2005|07:34] C:\Program Files\<DIR> MSN Apps
    [05/14/2004|02:30] C:\Program Files\<DIR> MSN Gaming Zone
    [04/27/2007|04:38] C:\Program Files\<DIR> MSN Messenger
    [02/07/2005|10:58] C:\Program Files\<DIR> Muiltmedia keyboard utility
    [11/03/2008|01:29] C:\Program Files\<DIR> Navilog1
    [01/29/2007|03:56] C:\Program Files\<DIR> NetMeeting
    [05/11/2007|04:52] C:\Program Files\<DIR> Norton SystemWorks
    [02/26/2005|10:25] C:\Program Files\<DIR> OfficeUpdate11
    [05/14/2004|02:34] C:\Program Files\<DIR> Online Services
    [06/15/2007|11:53] C:\Program Files\<DIR> Outlook Express
    [10/29/2005|03:50] C:\Program Files\<DIR> PeerCast
    [01/14/2005|03:23] C:\Program Files\<DIR> Pure Networks
    [04/04/2008|03:14] C:\Program Files\<DIR> QuickTime
    [11/29/2007|02:36] C:\Program Files\<DIR> Real
    [03/26/2008|11:31] C:\Program Files\<DIR> Safari
    [03/20/2007|02:01] C:\Program Files\<DIR> SBC Self Support Tool
    [05/21/2007|02:19] C:\Program Files\<DIR> Support.com
    [10/10/2008|12:13] C:\Program Files\<DIR> Trend Micro
    [02/13/2005|04:53] C:\Program Files\<DIR> Visual Networks
    [10/25/2008|12:34] C:\Program Files\<DIR> VoipStunt.com
    [07/16/2007|11:02] C:\Program Files\<DIR> VstPlugins
    [05/14/2004|11:27] C:\Program Files\<DIR> Windows Journal Viewer
    [01/11/2007|06:54] C:\Program Files\<DIR> Windows Media Connect
    [11/13/2007|05:38] C:\Program Files\<DIR> Windows Media Connect 2
    [11/19/2007|11:57] C:\Program Files\<DIR> Windows Media Player
    [01/26/2005|10:44] C:\Program Files\<DIR> Windows NT
    [06/19/2007|11:18] C:\Program Files\<DIR> WindowsUpdate
    [11/03/2008|03:10] C:\Program Files\<DIR> WinRAR
    [04/26/2007|02:51] C:\Program Files\<DIR> WriteExpress
    [05/14/2004|02:36] C:\Program Files\<DIR> xerox

    --------------------\\ Listing des dossiers dans C:\Program Files\Common Files

    [06/19/2007|11:08] C:\Program Files\Common Files\<DIR> Adobe
    [02/08/2007|03:05] C:\Program Files\Common Files\<DIR> Ahead
    [02/18/2008|02:33] C:\Program Files\Common Files\<DIR> Apple
    [05/14/2004|12:54] C:\Program Files\Common Files\<DIR> DESIGNER
    [12/13/2006|12:22] C:\Program Files\Common Files\<DIR> Hewlett-Packard
    [01/12/2007|02:06] C:\Program Files\Common Files\<DIR> HP
    [04/26/2007|02:48] C:\Program Files\Common Files\<DIR> InstallShield
    [01/26/2005|10:37] C:\Program Files\Common Files\<DIR> Kodak
    [05/14/2004|12:57] C:\Program Files\Common Files\<DIR> L&H
    [12/12/2006|01:19] C:\Program Files\Common Files\<DIR> Logitech
    [10/10/2008|02:03] C:\Program Files\Common Files\<DIR> McAfee
    [03/06/2008|11:37] C:\Program Files\Common Files\<DIR> Microsoft Shared
    [03/20/2007|02:01] C:\Program Files\Common Files\<DIR> Motive
    [05/14/2004|02:32] C:\Program Files\Common Files\<DIR> MSSoap
    [10/31/2005|06:18] C:\Program Files\Common Files\<DIR> ODBC
    [05/09/2008|12:46] C:\Program Files\Common Files\<DIR> Real
    [05/11/2007|04:28] C:\Program Files\Common Files\<DIR> Scanner
    [05/14/2004|02:32] C:\Program Files\Common Files\<DIR> Services
    [12/31/2000|08:12] C:\Program Files\Common Files\<DIR> SpeechEngines
    [02/21/2006|08:38] C:\Program Files\Common Files\<DIR> SWF Studio
    [05/11/2007|08:42] C:\Program Files\Common Files\<DIR> Symantec Shared
    [06/15/2007|11:53] C:\Program Files\Common Files\<DIR> System
    [05/09/2008|12:51] C:\Program Files\Common Files\<DIR> xing shared

    --------------------\\ Process

    ( 56 Processes )

    ... OK !

    --------------------\\ Recherche avec S_Lop

    Aucun fichier / dossier Lop trouvé !

    --------------------\\ Recherche de Fichiers / Dossiers Lop

    Aucun fichier / dossier Lop trouvé !

    --------------------\\ Verification du Registre

    ..... OK !

    --------------------\\ Verification du fichier Hosts

    Fichier Hosts PROPRE

    --------------------\\ Recherche de fichiers avec Catchme

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-11-05 12:44:42
    Windows 5.1.2600 Service Pack 2 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 4

    --------------------\\ Recherche d'autres infections

    Aucune autre infection trouvée !

    [F:56][D:5]-> C:\DOCUME~1\Owner\LOCALS~1\Temp
    [F:47][D:0]-> C:\DOCUME~1\Owner\Cookies
    [F:532][D:45]-> C:\DOCUME~1\Owner\LOCALS~1\TEMPOR~1\content.IE5

    1 - "C:\Lop SD\LopR_1.txt" - Wed 11/05/2008|12:51 - Option : [1]

    --------------------\\ Fin du rapport a 12:51:13
    0
  11. geoffrey5 Messages postés 14008 Statut Contributeur sécurité 10
     
    Salut !!

    rien dans le rapport de lopSD...

    Option 1 - Recherche :

    ▶ télécharge smitfraudfix et enregistre le sur le bureau

    ▶ Ensuite double clique sur smitfraudfix puis exécuter

    ▶ Sélectionner 1 pour créer un rapport des fichiers responsables de l'infection.

    (attention : N utilises pas l option 2 si je ne te l ai pas demandé !!)

    ▶ copier/coller le rapport dans la réponse.

    Voici un tutoriel sonore et animé en cas de problème d'utilisation

    (Attention : "process.exe", un composant de l'outil, est détecté par certains antivirus comme étant un "RiskTool".
    Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus. Mis entre de mauvaises mains,
    cet utilitaire pourrait arrêter des logiciels de sécurité.)
    0
  12. grandtoure Messages postés 147 Statut Membre
     
    SmitFraudFix v2.371

    Scan done at 13:12:37.82, Wed 11/05/2008
    Run from C:\Program Files\Mozilla Firefox\SmitfraudFix
    OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT
    The filesystem type is NTFS
    Fix run in normal mode

    »»»»»»»»»»»»»»»»»»»»»»»» Process

    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Executive Software\Diskeeper\DkService.exe
    C:\WINDOWS\System32\inetsrv\inetinfo.exe
    C:\Program Files\Ahead\InCD\InCDsrv.exe
    C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
    c:\program files\common files\mcafee\mna\mcnasvc.exe
    c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
    C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\Program Files\McAfee\MPF\MPFSrv.exe
    C:\WINDOWS\Explorer.EXE
    c:\PROGRA~1\mcafee.com\agent\mcagent.exe
    C:\WINDOWS\system32\ScsiAccess.EXE
    C:\WINDOWS\System32\snmp.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\mqsvc.exe
    C:\WINDOWS\System32\mqtgsvc.exe
    C:\Program Files\Ahead\InCD\InCD.exe
    C:\Program Files\Browser Mouse\mouse32a.exe
    C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
    C:\WINDOWS\system32\WgaTray.exe
    C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe
    C:\Program Files\Muiltmedia keyboard utility\1.1\KbdAp32A.exe
    C:\Program Files\QuickTime\QTTask.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\VoipStunt.com\VoipStunt\VoipStunt.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\iPod\bin\iPodService.exe
    c:\PROGRA~1\mcafee\msc\mcuimgr.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Support.com\bin\tgcmd.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\Program Files\MSN Messenger\usnsvc.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\WINDOWS\system32\cmd.exe

    »»»»»»»»»»»»»»»»»»»»»»»» hosts

    »»»»»»»»»»»»»»»»»»»»»»»» C:\

    »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS

    »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system

    »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web

    »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32

    »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles

    »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Owner

    »»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\Owner\LOCALS~1\Temp

    »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Owner\Application Data

    »»»»»»»»»»»»»»»»»»»»»»»» Start Menu

    »»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\Owner\FAVORI~1

    »»»»»»»»»»»»»»»»»»»»»»»» Desktop

    »»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files

    »»»»»»»»»»»»»»»»»»»»»»»» Corrupted keys

    »»»»»»»»»»»»»»»»»»»»»»»» Desktop Components

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
    "Source"="About:Home"
    "SubscribedURL"="About:Home"
    "FriendlyName"="My Current Home Page"

    »»»»»»»»»»»»»»»»»»»»»»»» o4Patch
    !!!Attention, following keys are not inevitably infected!!!

    o4Patch
    Credits: Malware Analysis & Diagnostic
    Code: S!Ri

    »»»»»»»»»»»»»»»»»»»»»»»» IEDFix
    !!!Attention, following keys are not inevitably infected!!!

    IEDFix
    Credits: Malware Analysis & Diagnostic
    Code: S!Ri

    »»»»»»»»»»»»»»»»»»»»»»»» VACFix
    !!!Attention, following keys are not inevitably infected!!!

    VACFix
    Credits: Malware Analysis & Diagnostic
    Code: S!Ri

    »»»»»»»»»»»»»»»»»»»»»»»» 404Fix
    !!!Attention, following keys are not inevitably infected!!!

    404Fix
    Credits: Malware Analysis & Diagnostic
    Code: S!Ri

    »»»»»»»»»»»»»»»»»»»»»»»» AntiXPVSTFix
    !!!Attention, following keys are not inevitably infected!!!

    AntiXPVSTFix
    Credits: Malware Analysis & Diagnostic
    Code: S!Ri

    »»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
    !!!Attention, following keys are not inevitably infected!!!

    SrchSTS.exe by S!Ri
    Search SharedTaskScheduler's .dll

    »»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
    !!!Attention, following keys are not inevitably infected!!!

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "AppInit_DLLs"=""

    »»»»»»»»»»»»»»»»»»»»»»»» Winlogon
    !!!Attention, following keys are not inevitably infected!!!

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
    "Userinit"="C:\\WINDOWS\\system32\\userinit.exe,"
    "System"=""

    »»»»»»»»»»»»»»»»»»»»»»»» RK

    »»»»»»»»»»»»»»»»»»»»»»»» DNS

    Description: ADMtek AN983 based ethernet adapter - Packet Scheduler Miniport
    DNS Server Search Order: 192.168.0.1
    DNS Server Search Order: 192.168.0.1

    HKLM\SYSTEM\CCS\Services\Tcpip\..\{719099A9-4C71-4995-8E27-3C6BDBF1F7E2}: DhcpNameServer=192.168.0.1 192.168.0.1
    HKLM\SYSTEM\CS1\Services\Tcpip\..\{719099A9-4C71-4995-8E27-3C6BDBF1F7E2}: DhcpNameServer=192.168.0.1 192.168.0.1
    HKLM\SYSTEM\CS2\Services\Tcpip\..\{719099A9-4C71-4995-8E27-3C6BDBF1F7E2}: DhcpNameServer=192.168.0.1 192.168.0.1
    HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.0.1 192.168.0.1
    HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.0.1 192.168.0.1
    HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=192.168.0.1 192.168.0.1

    »»»»»»»»»»»»»»»»»»»»»»»» Scanning for wininet.dll infection

    »»»»»»»»»»»»»»»»»»»»»»»» End
    0
  13. grandtoure Messages postés 147 Statut Membre
     
    etes vous toujours la?
    0
  14. geoffrey5 Messages postés 14008 Statut Contributeur sécurité 10
     
    Salut !!

    ▶ Télécharge a-squared free 3.5

    ▶ Voici un tutoriel pour bien l utiliser.

    ▶ fais la mise à jour et une analyse complète.

    ▶ poste le rapport stp
    0
  15. grandtoure Messages postés 147 Statut Membre
     
    a-squared Free - Version 3.5
    Last update: 11/6/2008 7:55:52 PM

    Scan settings:

    Objects: Memory, Traces, Cookies, C:\
    Scan archives: On
    Heuristics: On
    ADS Scan: On

    Scan start: 11/7/2008 1:09:08 PM

    c:\program files\cliprex dvd player professional detected: Trace.Directory.Cliprex DVD Player Professional!A2
    c:\program files\partygaming detected: Trace.Directory.PartyPoker!A2
    c:\program files\partygaming\partycasino detected: Trace.Directory.PartyPoker!A2
    c:\program files\partygaming\partycasino\language detected: Trace.Directory.PartyPoker!A2
    c:\program files\partygaming\partycasino\language\en_us detected: Trace.Directory.PartyPoker!A2
    c:\program files\partygaming\partycasino\language\en_us\images detected: Trace.Directory.PartyPoker!A2
    c:\program files\partygaming\partycasino\language\en_us\images\games detected: Trace.Directory.PartyPoker!A2
    c:\program files\partygaming\partycasino\language\en_us\images\games\cardgames detected: Trace.Directory.PartyPoker!A2
    c:\program files\partygaming\partycasino\language\en_us\images\games\cardgames\blackjack detected: Trace.Directory.PartyPoker!A2
    c:\program files\partygaming\partycasino\language\en_us\images\games\cardgames\blackjack\blackjack detected: Trace.Directory.PartyPoker!A2
    c:\program files\partygaming\partycasino\language\en_us\images\games\cardgames\multiplayerbj detected: Trace.Directory.PartyPoker!A2
    c:\program files\partygaming\partycasino\language\en_us\images\games\cardgames\multiplayerbj\multiplayerblackjack detected: Trace.Directory.PartyPoker!A2
    c:\program files\partygaming\partypoker detected: Trace.Directory.PartyPoker!A2
    c:\program files\partygaming\partypoker\language detected: Trace.Directory.PartyPoker!A2
    c:\program files\partygaming\partypoker\language\en_us detected: Trace.Directory.PartyPoker!A2
    c:\program files\partygaming\partypoker\language\en_us\articles detected: Trace.Directory.PartyPoker!A2
    c:\poker\titan poker detected: Trace.Directory.Titan Poker!A2
    c:\poker\titan poker\data detected: Trace.Directory.Titan Poker!A2
    c:\poker\titan poker\data\blackjack detected: Trace.Directory.Titan Poker!A2
    c:\poker\titan poker\data\lobby detected: Trace.Directory.Titan Poker!A2
    c:\poker\titan poker\data\lobby\buttons detected: Trace.Directory.Titan Poker!A2
    c:\poker\titan poker\data\lobby\dialogs detected: Trace.Directory.Titan Poker!A2
    c:\poker\titan poker\data\lobby\login detected: Trace.Directory.Titan Poker!A2
    c:\poker\titan poker\data\lobby\sidegames detected: Trace.Directory.Titan Poker!A2
    c:\poker\titan poker\data\lobby\tables detected: Trace.Directory.Titan Poker!A2
    c:\poker\titan poker\data\lobby\waitinglist detected: Trace.Directory.Titan Poker!A2
    c:\poker\titan poker\data\shared detected: Trace.Directory.Titan Poker!A2
    c:\poker\titan poker\data\shared\buttons detected: Trace.Directory.Titan Poker!A2
    c:\poker\titan poker\data\shared\history detected: Trace.Directory.Titan Poker!A2
    c:\poker\titan poker\data\shared\history\cards detected: Trace.Directory.Titan Poker!A2
    c:\poker\titan poker\data\shared\html detected: Trace.Directory.Titan Poker!A2
    c:\poker\titan poker\data\shared\html\chat detected: Trace.Directory.Titan Poker!A2
    c:\poker\titan poker\data\shared\html\chat\emoticons detected: Trace.Directory.Titan Poker!A2
    c:\poker\titan poker\data\shared\sounds detected: Trace.Directory.Titan Poker!A2
    c:\poker\titan poker\data\shared\sounds\playersounds detected: Trace.Directory.Titan Poker!A2
    c:\poker\titan poker\data\shared\sounds\playersounds\baseballer detected: Trace.Directory.Titan Poker!A2
    c:\poker\titan poker\data\shared\sounds\playersounds\blackdude detected: Trace.Directory.Titan Poker!A2
    c:\poker\titan poker\data\shared\sounds\playersounds\bond detected: Trace.Directory.Titan Poker!A2
    c:\poker\titan poker\data\shared\sounds\playersounds\cowboy detected: Trace.Directory.Titan Poker!A2
    c:\poker\titan poker\data\shared\sounds\playersounds\frenchgirl detected: Trace.Directory.Titan Poker!A2
    c:\poker\titan poker\data\shared\sounds\playersounds\frenchman detected: Trace.Directory.Titan Poker!A2
    c:\poker\titan poker\data\shared\sounds\playersounds\mafiaguy detected: Trace.Directory.Titan Poker!A2
    c:\poker\titan poker\data\shared\sounds\playersounds\olderbusinesswoman detected: Trace.Directory.Titan Poker!A2
    c:\poker\titan poker\data\shared\sounds\playersounds\oldtourist detected: Trace.Directory.Titan Poker!A2
    c:\poker\titan poker\data\shared\sounds\playersounds\valleygirl detected: Trace.Directory.Titan Poker!A2
    c:\poker\titan poker\data\table detected: Trace.Directory.Titan Poker!A2
    c:\poker\titan poker\data\table\smallview detected: Trace.Directory.Titan Poker!A2
    c:\poker\titan poker\data\table\smallview\chat detected: Trace.Directory.Titan Poker!A2
    c:\poker\titan poker\data\table\topview detected: Trace.Directory.Titan Poker!A2
    c:\poker\titan poker\data\table\topview\anim detected: Trace.Directory.Titan Poker!A2
    c:\poker\titan poker\data\table\topview\avatars detected: Trace.Directory.Titan Poker!A2
    c:\poker\titan poker\data\table\topview\buttons detected: Trace.Directory.Titan Poker!A2
    c:\poker\titan poker\data\table\topview\cards detected: Trace.Directory.Titan Poker!A2
    c:\poker\titan poker\data\table\topview\chat detected: Trace.Directory.Titan Poker!A2
    c:\poker\titan poker\data\table\topview\chat\chat_bottom detected: Trace.Directory.Titan Poker!A2
    c:\poker\titan poker\data\table\topview\chat\chat_side detected: Trace.Directory.Titan Poker!A2
    c:\poker\titan poker\data\table\topview\coins detected: Trace.Directory.Titan Poker!A2
    c:\poker\titan poker\data\table\topview\dialogs detected: Trace.Directory.Titan Poker!A2
    c:\poker\titan poker\data\table\topview\history detected: Trace.Directory.Titan Poker!A2
    c:\documents and settings\all users\start menu\programs\titan poker detected: Trace.Directory.Titan Poker!A2
    c:\documents and settings\owner\application data\microsoft\internet explorer\quick launch\titan poker.lnk detected: Trace.File.Titan Poker!A2
    c:\poker\titan poker\_setuppoker.exe detected: Trace.File.Titan Poker!A2
    c:\poker\titan poker\cactivex.dll detected: Trace.File.Titan Poker!A2
    c:\poker\titan poker\casino.exe detected: Trace.File.Titan Poker!A2
    c:\poker\titan poker\casino.hlp detected: Trace.File.Titan Poker!A2
    c:\poker\titan poker\casino.ico detected: Trace.File.Titan Poker!A2
    c:\poker\titan poker\data\blackjack.dll detected: Trace.File.Titan Poker!A2
    c:\poker\titan poker\data\blackjack.gam detected: Trace.File.Titan Poker!A2
    c:\poker\titan poker\data\cashier.dll detected: Trace.File.Titan Poker!A2
    c:\poker\titan poker\data\cashier.gam detected: Trace.File.Titan Poker!A2
    c:\poker\titan poker\data\common.dll detected: Trace.File.Titan Poker!A2
    c:\poker\titan poker\data\common.gam detected: Trace.File.Titan Poker!A2
    c:\poker\titan poker\data\loader.dll detected: Trace.File.Titan Poker!A2
    c:\poker\titan poker\data\loader.gam detected: Trace.File.Titan Poker!A2
    c:\poker\titan poker\data\poker_common.dll detected: Trace.File.Titan Poker!A2
    c:\poker\titan poker\data\poker_common.gam detected: Trace.File.Titan Poker!A2
    c:\poker\titan poker\data\poker_lobby.dll detected: Trace.File.Titan Poker!A2
    c:\poker\titan poker\data\poker_lobby.gam detected: Trace.File.Titan Poker!A2
    c:\poker\titan poker\data\poker_table.dll detected: Trace.File.Titan Poker!A2
    c:\poker\titan poker\data\shared\bubble_lobby.jpg detected: Trace.File.Titan Poker!A2
    c:\poker\titan poker\data\shared\bubble_lobby-alpha.jpg detected: Trace.File.Titan Poker!A2
    c:\poker\titan poker\data\shared\html\cashier_offline.css detected: Trace.File.Titan Poker!A2
    c:\poker\titan poker\data\shared\html\cashier_offline.js detected: Trace.File.Titan Poker!A2
    c:\poker\titan poker\data\shared\html\cashier_offline_functions.js detected: Trace.File.Titan Poker!A2
    c:\poker\titan poker\data\shared\html\cashier_offline_poker.html detected: Trace.File.Titan Poker!A2
    c:\poker\titan poker\data\shared\html\chat\chat.html detected: Trace.File.Titan Poker!A2
    c:\poker\titan poker\data\shared\html\chat\colors.html detected: Trace.File.Titan Poker!A2
    c:\poker\titan poker\data\shared\html\chat\edit.html detected: Trace.File.Titan Poker!A2
    c:\poker\titan poker\data\shared\html\chat\emoticons.html detected: Trace.File.Titan Poker!A2
    c:\poker\titan poker\data\table\smallview\chat\chat.html detected: Trace.File.Titan Poker!A2
    c:\poker\titan poker\data\table\topview\cards\card.lwo detected: Trace.File.Titan Poker!A2
    c:\poker\titan poker\data\table\topview\chat\chat.html detected: Trace.File.Titan Poker!A2
    c:\poker\titan poker\data\table\topview\chat\chat_options_back.jpg detected: Trace.File.Titan Poker!A2
    c:\poker\titan poker\data\table\topview\chat\send.jpg detected: Trace.File.Titan Poker!A2
    c:\poker\titan poker\data\table\topview\coins\coins.bmp detected: Trace.File.Titan Poker!A2
    c:\poker\titan poker\data\table\topview\coins\coins-alpha.bmp detected: Trace.File.Titan Poker!A2
    c:\poker\titan poker\data\table\topview\coins\dealer.jpg detected: Trace.File.Titan Poker!A2
    c:\poker\titan poker\data\table\topview\coins\dealer-alpha.jpg detected: Trace.File.Titan Poker!A2
    c:\poker\titan poker\data\topview.gam detected: Trace.File.Titan Poker!A2
    c:\poker\titan poker\directsounddriver.dll detected: Trace.File.Titan Poker!A2
    c:\poker\titan poker\fileinfo.dat detected: Trace.File.Titan Poker!A2
    c:\poker\titan poker\fileinfo2.dat detected: Trace.File.Titan Poker!A2
    c:\poker\titan poker\fileinfo2r.dat detected: Trace.File.Titan Poker!A2
    c:\poker\titan poker\gdigraphdriver.dll detected: Trace.File.Titan Poker!A2
    c:\poker\titan poker\ptsetup.lang detected: Trace.File.Titan Poker!A2
    c:\poker\titan poker\ptsetup.log detected: Trace.File.Titan Poker!A2
    c:\poker\titan poker\replace.exe detected: Trace.File.Titan Poker!A2
    c:\documents and settings\all users\start menu\programs\titan poker\titan poker.lnk detected: Trace.File.Titan Poker!A2
    c:\documents and settings\all users\start menu\programs\titan poker\uninstall titan poker.lnk detected: Trace.File.Titan Poker!A2
    Value: HKEY_USERS\S-1-5-21-1547161642-839522115-1957994488-1003\Software\PartyGaming\PartyPoker --> 1 detected: Trace.Registry.PartyPoker!A2
    Value: HKEY_USERS\S-1-5-21-1547161642-839522115-1957994488-1003\Software\PartyGaming\PartyPoker --> 10 detected: Trace.Registry.PartyPoker!A2
    Value: HKEY_USERS\S-1-5-21-1547161642-839522115-1957994488-1003\Software\PartyGaming\PartyPoker --> 2 detected: Trace.Registry.PartyPoker!A2
    Value: HKEY_USERS\S-1-5-21-1547161642-839522115-1957994488-1003\Software\PartyGaming\PartyPoker --> 4 detected: Trace.Registry.PartyPoker!A2
    Value: HKEY_USERS\S-1-5-21-1547161642-839522115-1957994488-1003\Software\PartyGaming\PartyPoker --> 5 detected: Trace.Registry.PartyPoker!A2
    Value: HKEY_USERS\S-1-5-21-1547161642-839522115-1957994488-1003\Software\PartyGaming\PartyPoker --> 6 detected: Trace.Registry.PartyPoker!A2
    Value: HKEY_USERS\S-1-5-21-1547161642-839522115-1957994488-1003\Software\PartyGaming\PartyPoker --> 7 detected: Trace.Registry.PartyPoker!A2
    Value: HKEY_USERS\S-1-5-21-1547161642-839522115-1957994488-1003\Software\PartyGaming\PartyPoker --> 9 detected: Trace.Registry.PartyPoker!A2
    Value: HKEY_USERS\S-1-5-21-1547161642-839522115-1957994488-1003\Software\PartyGaming\PartyPoker --> AdsLastKnownState detected: Trace.Registry.PartyPoker!A2
    Value: HKEY_USERS\S-1-5-21-1547161642-839522115-1957994488-1003\Software\PartyGaming\PartyPoker --> AppPath detected: Trace.Registry.PartyPoker!A2
    Value: HKEY_USERS\S-1-5-21-1547161642-839522115-1957994488-1003\Software\PartyGaming\PartyPoker --> id detected: Trace.Registry.PartyPoker!A2
    Value: HKEY_USERS\S-1-5-21-1547161642-839522115-1957994488-1003\Software\PartyGaming\PartyPoker --> InitialPort detected: Trace.Registry.PartyPoker!A2
    Value: HKEY_USERS\S-1-5-21-1547161642-839522115-1957994488-1003\Software\PartyGaming\PartyPoker --> InstallState detected: Trace.Registry.PartyPoker!A2
    Value: HKEY_USERS\S-1-5-21-1547161642-839522115-1957994488-1003\Software\PartyGaming\PartyPoker --> SL detected: Trace.Registry.PartyPoker!A2
    Value: HKEY_USERS\S-1-5-21-1547161642-839522115-1957994488-1003\Software\PartyGaming\PartyPoker --> TableType detected: Trace.Registry.PartyPoker!A2
    Value: HKEY_USERS\S-1-5-21-1547161642-839522115-1957994488-1003\Software\PartyGaming\PartyPoker --> useCount detected: Trace.Registry.PartyPoker!A2
    Value: HKEY_USERS\S-1-5-21-1547161642-839522115-1957994488-1003\Software\PartyGaming --> AutoLoginToOtherGames detected: Trace.Registry.PartyPoker!A2
    Value: HKEY_USERS\S-1-5-21-1547161642-839522115-1957994488-1003\Software\PartyGaming --> CFDialogShown detected: Trace.Registry.PartyPoker!A2
    Value: HKEY_USERS\S-1-5-21-1547161642-839522115-1957994488-1003\Software\PartyGaming --> FreshInstall detected: Trace.Registry.PartyPoker!A2
    Value: HKEY_USERS\S-1-5-21-1547161642-839522115-1957994488-1003\Software\PartyGaming --> OldCFformat detected: Trace.Registry.PartyPoker!A2
    Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} --> ButtonText detected: Trace.Registry.PartyPoker!A2
    Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} --> CLSID detected: Trace.Registry.PartyPoker!A2
    Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} --> Default Visible detected: Trace.Registry.PartyPoker!A2
    Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} --> Exec detected: Trace.Registry.PartyPoker!A2
    Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} --> HotIcon detected: Trace.Registry.PartyPoker!A2
    Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} --> Icon detected: Trace.Registry.PartyPoker!A2
    Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} --> MenuStatusBar detected: Trace.Registry.PartyPoker!A2
    Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} --> MenuText detected: Trace.Registry.PartyPoker!A2
    Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} --> Path detected: Trace.Registry.PartyPoker!A2
    Key: HKEY_LOCAL_MACHINE\software\system soap detected: Trace.Registry.SystemSoapPro
    Value: HKEY_USERS\S-1-5-21-1547161642-839522115-1957994488-1003\Software\Titan Poker --> global_login_hint detected: Trace.Registry.Titan Poker!A2
    Value: HKEY_USERS\S-1-5-21-1547161642-839522115-1957994488-1003\Software\Titan Poker --> options_dealervoices detected: Trace.Registry.Titan Poker!A2
    Value: HKEY_USERS\S-1-5-21-1547161642-839522115-1957994488-1003\Software\Titan Poker --> options_music detected: Trace.Registry.Titan Poker!A2
    Value: HKEY_USERS\S-1-5-21-1547161642-839522115-1957994488-1003\Software\Titan Poker --> options_poker_avatar_num detected: Trace.Registry.Titan Poker!A2
    Value: HKEY_USERS\S-1-5-21-1547161642-839522115-1957994488-1003\Software\Titan Poker --> options_poker_filter_empty detected: Trace.Registry.Titan Poker!A2
    Value: HKEY_USERS\S-1-5-21-1547161642-839522115-1957994488-1003\Software\Titan Poker --> options_poker_filter_finished detected: Trace.Registry.Titan Poker!A2
    Value: HKEY_USERS\S-1-5-21-1547161642-839522115-1957994488-1003\Software\Titan Poker --> options_poker_filter_full detected: Trace.Registry.Titan Poker!A2
    Value: HKEY_USERS\S-1-5-21-1547161642-839522115-1957994488-1003\Software\Titan Poker --> options_poker_filter_inprogress detected: Trace.Registry.Titan Poker!A2
    Value: HKEY_USERS\S-1-5-21-1547161642-839522115-1957994488-1003\Software\Titan Poker --> options_poker_showsidegames detected: Trace.Registry.Titan Poker!A2
    Value: HKEY_USERS\S-1-5-21-1547161642-839522115-1957994488-1003\Software\Titan Poker --> options_poker_smallview detected: Trace.Registry.Titan Poker!A2
    Value: HKEY_USERS\S-1-5-21-1547161642-839522115-1957994488-1003\Software\Titan Poker --> options_sounds detected: Trace.Registry.Titan Poker!A2
    Value: HKEY_USERS\S-1-5-21-1547161642-839522115-1957994488-1003\Software\Titan Poker --> options_xlslots detected: Trace.Registry.Titan Poker!A2
    Value: HKEY_USERS\S-1-5-21-1547161642-839522115-1957994488-1003\Software\Titan Poker --> options-fullscreen detected: Trace.Registry.Titan Poker!A2
    Value: HKEY_USERS\S-1-5-21-1547161642-839522115-1957994488-1003\Software\Titan Poker --> options-volume detected: Trace.Registry.Titan Poker!A2
    Value: HKEY_USERS\S-1-5-21-1547161642-839522115-1957994488-1003\Software\Titan Poker --> poker_login_type detected: Trace.Registry.Titan Poker!A2
    Value: HKEY_USERS\S-1-5-21-1547161642-839522115-1957994488-1003\Software\Titan Poker --> poker_nickname detected: Trace.Registry.Titan Poker!A2
    Value: HKEY_USERS\S-1-5-21-1547161642-839522115-1957994488-1003\Software\Titan Poker --> ptdevm detected: Trace.Registry.Titan Poker!A2
    Value: HKEY_USERS\S-1-5-21-1547161642-839522115-1957994488-1003\Software\Titan Poker --> tribeca_playernotes detected: Trace.Registry.Titan Poker!A2
    Value: HKEY_USERS\S-1-5-21-1547161642-839522115-1957994488-1003\Software\Titan Poker --> username detected: Trace.Registry.Titan Poker!A2
    Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{49783ED4-258D-4f9f-BE11-137C18D3E543} --> ButtonText detected: Trace.Registry.Titan Poker!A2
    Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{49783ED4-258D-4f9f-BE11-137C18D3E543} --> CLSID detected: Trace.Registry.Titan Poker!A2
    Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{49783ED4-258D-4f9f-BE11-137C18D3E543} --> Default Visible detected: Trace.Registry.Titan Poker!A2
    Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{49783ED4-258D-4f9f-BE11-137C18D3E543} --> Exec detected: Trace.Registry.Titan Poker!A2
    Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{49783ED4-258D-4f9f-BE11-137C18D3E543} --> HotIcon detected: Trace.Registry.Titan Poker!A2
    Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{49783ED4-258D-4f9f-BE11-137C18D3E543} --> Icon detected: Trace.Registry.Titan Poker!A2
    Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{49783ED4-258D-4f9f-BE11-137C18D3E543} --> MenuText detected: Trace.Registry.Titan Poker!A2
    Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{49783ED4-258D-4f9f-BE11-137C18D3E543} --> ToolTip detected: Trace.Registry.Titan Poker!A2
    Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Titan Poker --> DisplayName detected: Trace.Registry.Titan Poker!A2
    Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Titan Poker --> UninstallString detected: Trace.Registry.Titan Poker!A2
    Value: HKEY_LOCAL_MACHINE\SOFTWARE\Titan Poker --> account detected: Trace.Registry.Titan Poker!A2
    Value: HKEY_LOCAL_MACHINE\SOFTWARE\Titan Poker --> advertisercode detected: Trace.Registry.Titan Poker!A2
    Value: HKEY_LOCAL_MACHINE\SOFTWARE\Titan Poker --> banner detected: Trace.Registry.Titan Poker!A2
    Value: HKEY_LOCAL_MACHINE\SOFTWARE\Titan Poker --> creferer detected: Trace.Registry.Titan Poker!A2
    Value: HKEY_LOCAL_MACHINE\SOFTWARE\Titan Poker --> homedir detected: Trace.Registry.Titan Poker!A2
    Value: HKEY_LOCAL_MACHINE\SOFTWARE\Titan Poker --> profile detected: Trace.Registry.Titan Poker!A2
    Value: HKEY_LOCAL_MACHINE\SOFTWARE\Titan Poker --> referer detected: Trace.Registry.Titan Poker!A2
    Value: HKEY_LOCAL_MACHINE\SOFTWARE\Titan Poker --> safemode detected: Trace.Registry.Titan Poker!A2
    Value: HKEY_LOCAL_MACHINE\SOFTWARE\Titan Poker --> uninstall detected: Trace.Registry.Titan Poker!A2
    Value: HKEY_LOCAL_MACHINE\SOFTWARE\Titan Poker --> uninstall_lang detected: Trace.Registry.Titan Poker!A2
    c:\windows\downloaded program files\default.inf detected: Trace.File.iePlugin!A2
    c:\program files\partygaming\partycasino\gra.ini detected: Trace.File.PartyPoker!A2
    c:\program files\partygaming\partycasino\partycasino.dll detected: Trace.File.PartyPoker!A2
    c:\program files\partygaming\partycasino\sys.ini detected: Trace.File.PartyPoker!A2
    c:\program files\partygaming\partypoker\language\en_us\articles\2.html detected: Trace.File.PartyPoker!A2
    c:\program files\partygaming\partypoker\language\en_us\articles\4.html detected: Trace.File.PartyPoker!A2
    c:\program files\partygaming\partypoker\language\en_us\articles\54708.html detected: Trace.File.PartyPoker!A2
    c:\program files\partygaming\partypoker\notes.txt detected: Trace.File.PartyPoker!A2
    c:\program files\partygaming\partypoker\usertab.txt detected: Trace.File.PartyPoker!A2
    Value: HKEY_USERS\S-1-5-21-1547161642-839522115-1957994488-1003\Software\Cliprex DVD Player Professional --> Volume detected: Trace.Registry.Cliprex DVD Player Professional!A2
    Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\itbill --> Changed detected: Trace.Registry.MediaPipe!A2
    Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\itbill --> SlowInfoCache detected: Trace.Registry.MediaPipe!A2
    Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\p2pnetworks --> Changed detected: Trace.Registry.MediaPipe!A2
    Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\p2pnetworks --> SlowInfoCache detected: Trace.Registry.MediaPipe!A2
    Key: HKEY_CLASSES_ROOT\clsid\{147a976e-eee1-4377-8ea7-4716e4cdd239} detected: Trace.Registry.MyWebSearchToobar
    C:\Documents and Settings\Owner\Cookies\owner@atdmt[2].txt detected: Trace.TrackingCookie.atdmt!A2
    C:\Documents and Settings\Owner\Cookies\owner@bs.serving-sys[1].txt detected: Trace.TrackingCookie.bs.serving-sys!A2
    C:\Documents and Settings\Owner\Cookies\owner@doubleclick[2].txt detected: Trace.TrackingCookie.doubleclick!A2
    C:\Documents and Settings\Owner\Cookies\owner@questionmarket[1].txt detected: Trace.TrackingCookie.questionmarket!A2
    C:\Documents and Settings\Owner\Cookies\owner@serving-sys[2].txt detected: Trace.TrackingCookie.serving-sys!A2
    C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:71 detected: Trace.TrackingCookie.doubleclick.net!A2
    C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:74 detected: Trace.TrackingCookie.doubleclick.net!A2
    C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:75 detected: Trace.TrackingCookie.ad.yieldmanager.com!A2
    C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:76 detected: Trace.TrackingCookie.ad.yieldmanager.com!A2
    C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:77 detected: Trace.TrackingCookie.ad.yieldmanager.com!A2
    C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:78 detected: Trace.TrackingCookie.ad.yieldmanager.com!A2
    C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:79 detected: Trace.TrackingCookie.ad.yieldmanager.com!A2
    C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:80 detected: Trace.TrackingCookie.ad.yieldmanager.com!A2
    C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:81 detected: Trace.TrackingCookie.ad.yieldmanager.com!A2
    C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:82 detected: Trace.TrackingCookie.ad.yieldmanager.com!A2
    C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:84 detected: Trace.TrackingCookie.ad.yieldmanager.com!A2
    C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:89 detected: Trace.TrackingCookie.zedo.com!A2
    C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:90 detected: Trace.TrackingCookie.zedo.com!A2
    C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:91 detected: Trace.TrackingCookie.zedo.com!A2
    C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:92 detected: Trace.TrackingCookie.zedo.com!A2
    C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:93 detected: Trace.TrackingCookie.zedo.com!A2
    C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:94 detected: Trace.TrackingCookie.zedo.com!A2
    C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:95 detected: Trace.TrackingCookie.zedo.com!A2
    C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:133 detected: Trace.TrackingCookie.media!A2
    C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:133 detected: Trace.TrackingCookie.media.adrevolver.com!A2
    C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:134 detected: Trace.TrackingCookie.media!A2
    C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:134 detected: Trace.TrackingCookie.media.adrevolver.com!A2
    C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:135 detected: Trace.TrackingCookie.media!A2
    C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:135 detected: Trace.TrackingCookie.media.adrevolver.com!A2
    C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:136 detected: Trace.TrackingCookie.media!A2
    C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:136 detected: Trace.TrackingCookie.media.adrevolver.com!A2
    C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:155 detected: Trace.TrackingCookie.ads.bridgetrack.com!A2
    C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:156 detected: Trace.TrackingCookie.ads.bridgetrack.com!A2
    C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:157 detected: Trace.TrackingCookie.ads.bridgetrack.com!A2
    C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:158 detected: Trace.TrackingCookie.ads.bridgetrack.com!A2
    C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:159 detected: Trace.TrackingCookie.ads.bridgetrack.com!A2
    C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:160 detected: Trace.TrackingCookie.ads.bridgetrack.com!A2
    C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:161 detected: Trace.TrackingCookie.ads.bridgetrack.com!A2
    C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:166 detected: Trace.TrackingCookie.server.iad.livepers!A2
    C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:166 detected: Trace.TrackingCookie.server.iad.liveperson.net!A2
    C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:167 detected: Trace.TrackingCookie.server.iad.livepers!A2
    C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:167 detected: Trace.TrackingCookie.server.iad.liveperson.net!A2
    C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:168 detected: Trace.TrackingCookie.server.iad.livepers!A2
    C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:168 detected: Trace.TrackingCookie.server.iad.liveperson.net!A2
    C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:172 detected: Trace.TrackingCookie.casalemedia.com!A2
    C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:173 detected: Trace.TrackingCookie.casalemedia.com!A2
    C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:174 detected: Trace.TrackingCookie.casalemedia.com!A2
    C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:175 detected: Trace.TrackingCookie.casalemedia.com!A2
    C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:210 detected: Trace.TrackingCookie.azjmp.com!A2
    C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:211 detected: Trace.TrackingCookie.azjmp.com!A2
    C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:212 detected: Trace.TrackingCookie.azjmp.com!A2
    C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:213 detected: Trace.TrackingCookie.azjmp.com!A2
    C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:216 detected: Trace.TrackingCookie.myspace.com!A2
    C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:217 detected: Trace.TrackingCookie.myspace.com!A2
    C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:218 detected: Trace.TrackingCookie.myspace.com!A2
    C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:219 detected: Trace.TrackingCookie.myspace.com!A2
    C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:220 detected: Trace.TrackingCookie.myspace.com!A2
    C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:254 detected: Trace.TrackingCookie.www.googleadservices.com!A2
    C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:319 detected: Trace.TrackingCookie.tribalfusion.com!A2
    C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:351 detected: Trace.TrackingCookie.ads.monster.com!A2
    C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:355 detected: Trace.TrackingCookie.server.iad.livepers!A2
    C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:355 detected: Trace.TrackingCookie.server.iad.liveperson.net!A2
    C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:476 detected: Trace.TrackingCookie.trafficmp.com!A2
    C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:477 detected: Trace.TrackingCookie.trafficmp.com!A2
    C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:478 detected: Trace.TrackingCookie.trafficmp.com!A2
    C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:479 detected: Trace.TrackingCookie.trafficmp.com!A2
    C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:480 detected: Trace.TrackingCookie.trafficmp.com!A2
    C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:505 detected: Trace.TrackingCookie.tag.contextweb.com!A2
    C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:506 detected: Trace.TrackingCookie.tag.contextweb.com!A2
    C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:550 detected: Trace.TrackingCookie.statse.webtrendslive!A2
    C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:550 detected: Trace.TrackingCookie.statse.webtrendslive.com!A2
    C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:565 detected: Trace.TrackingCookie.sdc.radio-canada.ca!A2
    C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:582 detected: Trace.TrackingCookie.www.burstbeacon.com!A2
    C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:584 detected: Trace.TrackingCookie.www.burstnet.com!A2
    C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:687 detected: Trace.TrackingCookie.www.googleadservices.com!A2
    C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:739 detected: Trace.TrackingCookie.www.googleadservices.com!A2
    C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:744 detected: Trace.TrackingCookie.visit.theglobeandmail.com!A2
    C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:778 detected: Trace.TrackingCookie.adbrite.com!A2
    C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:779 detected: Trace.TrackingCookie.adbrite.com!A2
    C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:780 detected: Trace.TrackingCookie.adbrite.com!A2
    C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:795 detected: Trace.TrackingCookie.www.googleadservices.com!A2
    C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:845 detected: Trace.TrackingCookie.www.googleadservices.com!A2
    C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:849 detected: Trace.TrackingCookie.www.googleadservices.com!A2
    C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:865 detected: Trace.TrackingCookie.data.coremetrics!A2
    C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:865 detected: Trace.TrackingCookie.data.coremetrics.com!A2
    C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:866 detected: Trace.TrackingCookie.sec1.liveperson.net!A2
    C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:867 detected: Trace.TrackingCookie.sec1.liveperson.net!A2
    C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\cookies.txt:915 detected: Trace.TrackingCookie.adknowledge!A2
    C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\KSU\KSU.CAB/backWeb_7288971.exe detected: Adware.BackWeb.a!A2
    C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\KSU\KSU.CAB/runner.exe detected: Adware.BackWeb.a!A2
    C:\Program Files\Kodak\KODAK Software Updater\7288971\6.1.4.37-7288971L\Program\runner.exe detected: Adware.BackWeb.a!A2
    C:\Program Files\Mozilla Firefox\SmitfraudFix\IEDFix.exe detected: Hoax.Win32.Renos.vaoz!A2
    C:\Program Files\Mozilla Firefox\SmitfraudFix\Process.exe detected: Riskware.RiskTool.Win32.Processor.20!A2
    C:\System Volume Information\_restore{3D04D4D0-9194-4DD1-8578-5EF7FA091078}\RP646\A0241756.exe detected: Riskware.RiskTool.Win32.Processor.20!A2
    C:\WINDOWS\abiloader.exe detected: Adware.Win32.BetterInternet.t!A2
    C:\WINDOWS\system32\IEDFix.exe detected: Hoax.Win32.Renos.vaoz!A2
    C:\WINDOWS\system32\Process.exe detected: Riskware.RiskTool.Win32.Processor.20!A2

    Scanned

    Files: 83898
    Traces: 573196
    Cookies: 1062
    Processes: 54

    Found

    Files: 9
    Traces: 193
    Cookies: 88
    Processes: 0
    Registry keys: 0

    Scan end: 11/7/2008 5:20:20 PM
    Scan time: 4:11:12
    0
  16. geoffrey5 Messages postés 14008 Statut Contributeur sécurité 10
     
    Salut !!

    Tu peux aller supprimer tout ce qu il y a dans la quarantaine d a-squared..

    ensuite :

    ▶ Télécharger SDFix (créé par AndyManchesta) et sauvegarde le sur ton Bureau.

    ▶ Double cliquer sur SDFix.exe et choisir Install pour l'extraire dans un dossier dédié sur ton disque C:.

    /!\ Démarre en mode sans échec : après le bip et avant le logo windows tapoter sur la touche F8 (ou F5): menu M.S.E..

    ▶ Choisir son compte, pas celui de l'Administrateur ou autre.

    Dérouler la liste des instructions ci-dessous :

    • Ouvrir le dossier SDFix qui vient d'être créé dans le répertoire C:\ et double clique sur RunThis.bat pour lancer le script.
    • Appuyer sur Y pour commencer le processus de nettoyage.
    • Il va supprimer les services et les entrées du Registre de certains trojans trouvés puis te demandera d'appuyer sur une touche pour redémarrer.
    • Appuyer sur une touche pour redémarrer le PC.
    • Le système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers.
    • Après le chargement du Bureau, l'outil terminera son travail et affichera Finished.
    • Appuyer sur une touche pour finir l'exécution du script et charger les icônes du Bureau.
    • Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier SDFix sous le nom Report.txt.
    • Enfin, copier/coller le contenu du fichier Report.txt dans la prochaine réponse sur le forum
    0
  17. grandtoure Messages postés 147 Statut Membre
     
    veux tu que je supprime seulement ce qu'il y a dans la quarantaine ? Que dois je faire de ceux detectes dans le scan?
    0
  18. geoffrey5 Messages postés 14008 Statut Contributeur sécurité 10
     
    tu supprimes tout et tu vides la quarantaine
    0
  19. grandtoure Messages postés 147 Statut Membre
     
    [b]SDFix: Version 1.240 [/b]
    Run by Owner on Fri 11/07/2008 at 20:42

    Microsoft Windows XP [Version 5.1.2600]
    Running From: C:\SDFix

    [b]Checking Services [/b]:

    AUTOEXEC.NT Restored from backups

    Restoring Default Security Values
    Restoring Default Hosts File

    Rebooting

    [b]Checking Files [/b]:

    No Trojan Files Found

    Removing Temp Files

    [b]ADS Check [/b]:

    [b]Final Check [/b]:

    catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-11-08 18:58:33
    Windows 5.1.2600 Service Pack 2 NTFS

    scanning hidden processes ...

    scanning hidden services & system hive ...

    scanning hidden registry entries ...

    scanning hidden files ...

    scan completed successfully
    hidden processes: 0
    hidden services: 0
    hidden files: 0

    [b]Remaining Services [/b]:

    Authorized Application Key Export:

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "C:\\WINDOWS\\system32\\mqsvc.exe"="C:\\WINDOWS\\system32\\mqsvc.exe:*:Enabled:Message Queuing"
    "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\\Program Files\\Kodak\\KODAK Software Updater\\7288971\\Program\\backWeb-7288971.exe"="C:\\Program Files\\Kodak\\KODAK Software Updater\\7288971\\Program\\backWeb-7288971.exe:*:Enabled:backWeb-7288971"
    "C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
    "C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\backWeb-8876480.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\backWeb-8876480.exe:*:Enabled:Logitech Desktop Messenger"
    "C:\\PROGRA~1\\Yahoo!\\MESSEN~1\\YPAGER.EXE"="C:\\PROGRA~1\\Yahoo!\\MESSEN~1\\YPAGER.EXE:*:Enabled:Yahoo! Messenger"
    "C:\\PROGRA~1\\Yahoo!\\MESSEN~1\\yserver.exe"="C:\\PROGRA~1\\Yahoo!\\MESSEN~1\\yserver.exe:*:Enabled:Yahoo! FT Server"
    "C:\\Program Files\\Yahoo!\\browser\\ybrowser.exe"="C:\\Program Files\\Yahoo!\\browser\\ybrowser.exe:*:Enabled:Yahoo! Browser"
    "C:\\Program Files\\Yahoo!\\Messenger\\YPAGER.EXE"="C:\\Program Files\\Yahoo!\\Messenger\\YPAGER.EXE:*:Enabled:Yahoo! Messenger"
    "C:\\Program Files\\Yahoo!\\Messenger\\yserver.exe"="C:\\Program Files\\Yahoo!\\Messenger\\yserver.exe:*:Enabled:Yahoo! FT Server"
    "C:\\Program Files\\Real\\RealPlayer\\realplay.exe"="C:\\Program Files\\Real\\RealPlayer\\realplay.exe:*:Enabled:RealPlayer"
    "C:\\Program Files\\PeerCast\\PeerCast.exe"="C:\\Program Files\\PeerCast\\PeerCast.exe:*:Enabled:PeerCast"
    "C:\\Program Files\\America Online 9.0c\\waol.exe"="C:\\Program Files\\America Online 9.0c\\waol.exe:*:Disabled:America Online 9.0c"
    "C:\\Program Files\\p2pnetworks\\p2pnetworks.exe"=" "
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe:*:Enabled:hpqtra08.exe"
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe:*:Enabled:hpqste08.exe"
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe:*:Enabled:hpofxm08.exe"
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe:*:Enabled:hposfx08.exe"
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe:*:Enabled:hposid01.exe"
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe:*:Enabled:hpqcopy.exe"
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe:*:Enabled:hpfccopy.exe"
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
    "C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"="C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"
    "C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"="C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe:*:Enabled:hpqdia.exe"
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe:*:Enabled:hpoews01.exe"
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe:*:Enabled:hpqnrs08.exe"
    "C:\\Program Files\\inKline Global\\TVolution\\TVolution.exe"="C:\\Program Files\\inKline Global\\TVolution\\TVolution.exe:*:Enabled:TVolution"
    "C:\\Program Files\\Internet Explorer\\iexplore.exe"="C:\\Program Files\\Internet Explorer\\iexplore.exe:*:Enabled:Internet Explorer"
    "C:\\Program Files\\NetMeeting\\conf.exe"="C:\\Program Files\\NetMeeting\\conf.exe:*:Enabled:Windowsr NetMeetingr"
    "C:\\Program Files\\Windows Media Player\\wmplayer.exe"="C:\\Program Files\\Windows Media Player\\wmplayer.exe:*:Enabled:Windows Media Player"
    "C:\\Program Files\\QuickTime\\QuickTimePlayer.exe"="C:\\Program Files\\QuickTime\\QuickTimePlayer.exe:*:Enabled:QuickTime Player"
    "C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
    "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
    "C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
    "C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
    "C:\\Program Files\\Common Files\\McAfee\\MNA\\McNASvc.exe"="C:\\Program Files\\Common Files\\McAfee\\MNA\\McNASvc.exe:*:Enabled:McAfee Network Agent"
    "C:\\Program Files\\VoipStunt.com\\VoipStunt\\VoipStunt.exe"="C:\\Program Files\\VoipStunt.com\\VoipStunt\\VoipStunt.exe:*:Enabled:VoipStunt"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "C:\\WINDOWS\\system32\\mqsvc.exe"="C:\\WINDOWS\\system32\\mqsvc.exe:*:Enabled:Message Queuing"
    "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
    "C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

    [b]Remaining Files [/b]:

    [b]Files with Hidden Attributes [/b]:

    Fri 27 Feb 2004 233,472 A..H. --- "C:\RECYCLER\NPROTECT\00391518.DLL"
    Wed 19 Jan 2005 4,348 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
    Sun 8 May 2005 401 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv11.bak"
    Thu 15 Aug 2002 266,240 A..H. --- "C:\Program Files\Broderbund\Mavis Beacon Teaches Typing Deluxe 15\Mavis Beacon Teaches Typing.exe"
    Fri 27 Feb 2004 233,472 A..H. --- "C:\Program Files\Image-Line\FL Studio 7\REX Shared Library.dll"
    Fri 10 Oct 2008 20,487 A.SHR --- "C:\Program Files\McAfee\MQC\MRU.bak"
    Fri 10 Oct 2008 265 A.SHR --- "C:\Program Files\McAfee\MQC\qcconf.bak"
    Tue 13 Nov 2007 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv02.tmp"
    Fri 14 May 2004 1,206 A..HR --- "C:\Program Files\Common Files\Symantec Shared\Registry Backup\ccReg.reg"
    Fri 14 May 2004 12,888 A..HR --- "C:\Program Files\Common Files\Symantec Shared\Registry Backup\CommonClient.reg"
    Fri 10 Oct 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\c9f50bc388914012dca1d6d24cf3016d\BIT70.tmp"
    Mon 12 Dec 2005 401 A..H. --- "C:\Documents and Settings\Owner\My Documents\My Music\License Backup\drmv1lic.bak"
    Mon 12 Nov 2007 401 A..H. --- "C:\Documents and Settings\Owner\Application Data\Real\Rhapsody\wmlicbackup\drmv1lic.bak"
    Thu 27 Jan 2005 8 A..H. --- "C:\Documents and Settings\All Users\Application Data\GTek\GTUpdate\AUpdate\Channels\ch1\lock.tmp"

    [b]Finished![/b]
    0
  20. geoffrey5 Messages postés 14008 Statut Contributeur sécurité 10
     
    Salut !!

    vas faire une analyse en ligne avec bitdefender à cette adresse stp (sous internet explorer) :

    http://www.zebulon.fr/outils/antivirus/antivirus-en-ligne.php

    et poste le rapport
    0
  21. grandtoure Messages postés 147 Statut Membre
     
    La mise en jour de bitdefender ne s'effectue pas. Quand je commence le scan, ca echoue. En gros ca marche pas
    0
  • 1
  • 2
  • 3