Sujet Précédent Sujet Suivant

Ordi tres lent

Fermé
grandtoure Messages postés 141 Date d'inscription jeudi 6 mars 2008 Statut Membre Dernière intervention 2 juillet 2013 - 3 nov. 2008 à 21:16
geoffrey5 Messages postés 13732 Date d'inscription dimanche 20 mai 2007 Statut Contributeur sécurité Dernière intervention 21 mai 2010 - 22 nov. 2008 à 15:03
Bonjour,
Je trouve que mon ordi est tres lent. Pouvez-vous m'aider a le fixer?
Voici le rapport de hijackthis

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:14:14 PM, on 11/3/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Executive Software\Diskeeper\DkService.exe
C:\WINDOWS\System32\inetsrv\inetinfo.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\program files\common files\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\WINDOWS\Explorer.EXE
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\ScsiAccess.EXE
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\mqsvc.exe
C:\WINDOWS\System32\mqtgsvc.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\Browser Mouse\mouse32a.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\system32\WgaTray.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe
C:\Program Files\Muiltmedia keyboard utility\1.1\KbdAp32A.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\VoipStunt.com\VoipStunt\VoipStunt.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\iPod\bin\iPodService.exe
c:\PROGRA~1\mcafee\msc\mcuimgr.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Support.com\bin\tgcmd.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/ie/defaults/sb/sbcydsl/*http://www.yahoo.com/search/ie.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/customize/ie/defaults/sp/sbcydsl/*https://fr.yahoo.com/?p=us
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/?p=us
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/ie/defaults/sb/sbcydsl/*http://www.yahoo.com/search/ie.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/ie/defaults/su/sbcydsl/*https://fr.yahoo.com/?p=us
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file)
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: (no name) - {F5735C15-1FB2-41FE-BA12-242757E69DDE} - (no file)
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll
O4 - HKLM\..\Run: [Pure Networks Port Magic] "C:\PROGRA~1\PURENE~1\PORTMA~1\PortAOL.exe" -Run
O4 - HKLM\..\Run: [FLMOFFICE4DMOUSE] C:\Program Files\Browser Mouse\mouse32a.exe
O4 - HKLM\..\Run: [FLMK08KB] C:\Program Files\Muiltmedia keyboard utility\1.1\MMKEYBD.EXE
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [YOP] C:\PROGRA~1\Yahoo!\YOP\yop.exe /autostart
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [tgcmd] C:\Program Files\Support.com\bin\tgcmd.exe /server /startmonitor /deaf
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [System Soap Pro] C:\PROGRA~1\SYSTEM~1\soap.exe min
O4 - HKCU\..\Run: [HBt9RTH3W] clsaysvr.exe
O4 - HKCU\..\Run: [ufqz] C:\PROGRA~1\COMMON~1\ufqz\ufqzm.exe
O4 - HKCU\..\Run: [SRS Audio Sandbox] "C:\Program Files\SRS Labs\Audio Sandbox\SRSSSC.exe" /hideme
O4 - HKCU\..\Run: [VoipStunt] "C:\Program Files\VoipStunt.com\VoipStunt\VoipStunt.exe" -nosplash -minimized
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office OneNote 2003 Quick Launch.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Download with Go!Zilla - file://C:\PROGRA~1\Go!Zilla\download-with-gozilla.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O15 - Trusted Zone: http://www.listen.com
O15 - Trusted Zone: https://us.napster.com/
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://kazaliou.spaces.live.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {50647AB5-18FD-4142-82B0-5852478DD0D5} (Keynote Connector Launcher 2) - http://webeffective.keynote.com/applications/pconnector/download/ConnectorLauncher.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/webplayer/stage6/windows/AutoDLDivXWebPlayerInstaller.cab
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\Diskeeper\DkService.exe
O23 - Service: InCD File System Service (InCDsrv) - AHEAD Software - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ScsiAccess - Unknown owner - C:\WINDOWS\system32\ScsiAccess.EXE
A voir également:

53 réponses

Précédent
Réponse 21 / 53
geoffrey5 Messages postés 13732 Date d'inscription dimanche 20 mai 2007 Statut Contributeur sécurité Dernière intervention 21 mai 2010 10
10 nov. 2008 à 20:04
essaye celui de panda
0
Réponse 22 / 53
grandtoure Messages postés 141 Date d'inscription jeudi 6 mars 2008 Statut Membre Dernière intervention 2 juillet 2013
11 nov. 2008 à 17:43
Le resultat marque que mon ordi est infecte . Que Mc Afee antivirus n'est pas update ni active.
Veux tu que je le mette a jour ?
0
Réponse 23 / 53
geoffrey5 Messages postés 13732 Date d'inscription dimanche 20 mai 2007 Statut Contributeur sécurité Dernière intervention 21 mai 2010 10
11 nov. 2008 à 23:07
Salut !!

Oui mets le à jour, fais une analyse et poste le rapport stp
0
Réponse 24 / 53
grandtoure Messages postés 141 Date d'inscription jeudi 6 mars 2008 Statut Membre Dernière intervention 2 juillet 2013
12 nov. 2008 à 18:45
je l'ai mis a jour et j'ai passe le scan. J'ai effaces les fichiers infectes. Il y a juste le SDfix.exe qui n a pas pu etre efface completement. J'arrive pas a poster le rapport. Comment faire?
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 25 / 53
geoffrey5 Messages postés 13732 Date d'inscription dimanche 20 mai 2007 Statut Contributeur sécurité Dernière intervention 21 mai 2010 10
12 nov. 2008 à 19:30
Salut !!

Pourquoi n arrives tu pas à le poster ??
0
Réponse 26 / 53
grandtoure Messages postés 141 Date d'inscription jeudi 6 mars 2008 Statut Membre Dernière intervention 2 juillet 2013
12 nov. 2008 à 20:21
Parce que aucun rapport ne s est affiche ni apparu. Je ne pense pas qu Mcafee affiche un rapport apres le scan
0
Réponse 27 / 53
geoffrey5 Messages postés 13732 Date d'inscription dimanche 20 mai 2007 Statut Contributeur sécurité Dernière intervention 21 mai 2010 10
12 nov. 2008 à 20:28
télécharge Trojan Remover

voici un tuto pour bien le faire fonctionner : http://www.malekal.com/tutorial_TrojanRemover.php

poste le rapport stp
0
Réponse 28 / 53
grandtoure Messages postés 141 Date d'inscription jeudi 6 mars 2008 Statut Membre Dernière intervention 2 juillet 2013
12 nov. 2008 à 21:31
***** NORMAL SCAN FOR ACTIVE MALWARE *****
Trojan Remover Ver 6.7.4.2551. For information, email support@simplysup1.com
[Unregistered version]
Scan started at: 4:24:23 PM 12 Nov 2008
Using Database v7197
Operating System: Windows XP SP2 [Windows XP Professional Service Pack 2 (Build 2600)]
File System: NTFS
Data directory: C:\Documents and Settings\Owner\Application Data\Simply Super Software\Trojan Remover\
Database directory: C:\Program Files\Trojan Remover\
Logfile directory: C:\Documents and Settings\Owner\My Documents\Simply Super Software\Trojan Remover Logfiles\
Program directory: C:\Program Files\Trojan Remover\
Running with Administrator privileges

************************************************************
The following Anti-Malware program(s) are loaded:
McAfee Anti-Virus

************************************************************


************************************************************
4:24:25 PM: Scanning ----------WIN.INI-----------
WIN.INI found in C:\WINDOWS

************************************************************
4:24:25 PM: Scanning --------SYSTEM.INI---------
SYSTEM.INI found in C:\WINDOWS

************************************************************
4:24:26 PM: ----- SCANNING FOR ROOTKIT SERVICES -----
No hidden Services were detected.

************************************************************
4:24:39 PM: Scanning -----WINDOWS REGISTRY-----
--------------------
Checking HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon
This key's "Shell" value calls the following program(s):
File: Explorer.exe
C:\WINDOWS\Explorer.exe
1033216 bytes
Created: 5/11/2003
Modified: 6/13/2007
Company: Microsoft Corporation
----------
This key's "Userinit" value calls the following program(s):
File: C:\WINDOWS\system32\userinit.exe
C:\WINDOWS\system32\userinit.exe
24576 bytes
Created: 8/23/2001
Modified: 8/4/2004
Company: Microsoft Corporation
----------
This key's "System" value appears to be blank
----------
This key's "UIHost" value calls the following program:
File: logonui.exe
C:\WINDOWS\system32\logonui.exe
514560 bytes
Created: 5/14/2004
Modified: 8/4/2004
Company: Microsoft Corporation
----------
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
--------------------
Checking HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
Value Name: load
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Value Name: InCD
Value Data: C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\Ahead\InCD\InCD.exe
1155122 bytes
Created: 5/14/2004
Modified: 7/24/2003
Company: Ahead Software AG
--------------------
Value Name: NeroFilterCheck
Value Data: C:\WINDOWS\system32\NeroCheck.exe
C:\WINDOWS\system32\NeroCheck.exe
155648 bytes
Created: 5/14/2004
Modified: 7/9/2001
Company: Ahead Software Gmbh
--------------------
Value Name: MsmqIntCert
Value Data: regsvr32 /s mqrt.dll
C:\WINDOWS\system32\mqrt.dll
177152 bytes
Created: 5/14/2004
Modified: 7/6/2007
Company: Microsoft Corporation
--------------------
Value Name: Pure Networks Port Magic
Value Data: "C:\PROGRA~1\PURENE~1\PORTMA~1\PortAOL.exe" -Run
C:\PROGRA~1\PURENE~1\PORTMA~1\PortAOL.exe
99480 bytes
Created: 1/14/2005
Modified: 5/7/2004
Company: Pure Networks, Inc.
--------------------
Value Name: FLMOFFICE4DMOUSE
Value Data: C:\Program Files\Browser Mouse\mouse32a.exe
C:\Program Files\Browser Mouse\mouse32a.exe
360448 bytes
Created: 2/7/2005
Modified: 2/7/2005
Company:
--------------------
Value Name: FLMK08KB
Value Data: C:\Program Files\Muiltmedia keyboard utility\1.1\MMKEYBD.EXE
C:\Program Files\Muiltmedia keyboard utility\1.1\MMKEYBD.EXE
207360 bytes
Created: 2/7/2005
Modified: 2/7/2005
Company:
--------------------
Value Name: RemoteControl
Value Data: "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
32768 bytes
Created: 2/8/2005
Modified: 10/31/2003
Company: Cyberlink Corp.
--------------------
Value Name: YOP
Value Data: C:\PROGRA~1\Yahoo!\YOP\yop.exe /autostart
C:\PROGRA~1\Yahoo!\YOP\yop.exe [file not found to scan]
--------------------
Value Name: HP Software Update
Value Data: C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
54840 bytes
Created: 5/8/2007
Modified: 5/8/2007
Company: Hewlett-Packard
--------------------
Value Name: Motive SmartBridge
Value Data: C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe
C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe
442455 bytes
Created: 1/10/2007
Modified: 8/24/2005
Company: Motive, Inc.
--------------------
Value Name: tgcmd
Value Data: C:\Program Files\Support.com\bin\tgcmd.exe /server /startmonitor /deaf
C:\Program Files\Support.com\bin\tgcmd.exe
1773568 bytes
Created: 6/2/2006
Modified: 3/7/2007
Company: SupportSoft, Inc.
--------------------
Value Name: Adobe Photo Downloader
Value Data: "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe [file not found to scan]
--------------------
Value Name: QuickTime Task
Value Data: "C:\Program Files\QuickTime\QTTask.exe" -atboottime
C:\Program Files\QuickTime\QTTask.exe
413696 bytes
Created: 3/28/2008
Modified: 3/28/2008
Company: Apple Inc.
--------------------
Value Name: iTunesHelper
Value Data: "C:\Program Files\iTunes\iTunesHelper.exe"
C:\Program Files\iTunes\iTunesHelper.exe
267048 bytes
Created: 3/30/2008
Modified: 3/30/2008
Company: Apple Inc.
--------------------
Value Name: TkBellExe
Value Data: "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
185896 bytes
Created: 3/8/2006
Modified: 5/9/2008
Company: RealNetworks, Inc.
--------------------
Value Name: mcagent_exe
Value Data: C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
C:\Program Files\McAfee.com\Agent\mcagent.exe
582992 bytes
Created: 5/12/2007
Modified: 11/1/2007
Company: McAfee, Inc.
--------------------
Value Name: TrojanScanner
Value Data: C:\Program Files\Trojan Remover\Trjscan.exe /boot
C:\Program Files\Trojan Remover\Trjscan.exe
1233800 bytes
Created: 11/12/2008
Modified: 11/8/2008
Company: Simply Super Software
--------------------
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
This Registry Key appears to be empty
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices
This Registry Key appears to be empty
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx
This Registry Key appears to be empty
--------------------
Checking HKCU\Software\Microsoft\Windows\CurrentVersion\Run
Value Name: ctfmon.exe
Value Data: C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\ctfmon.exe
15360 bytes
Created: 5/14/2004
Modified: 8/4/2004
Company: Microsoft Corporation
--------------------
Value Name: System Soap Pro
Value Data: C:\PROGRA~1\SYSTEM~1\soap.exe min
C:\PROGRA~1\SYSTEM~1\soap.exe [file not found to scan]
--------------------
Value Name: HBt9RTH3W
Value Data: clsaysvr.exe
clsaysvr.exe [file not found to scan]
--------------------
Value Name: ufqz
Value Data: C:\PROGRA~1\COMMON~1\ufqz\ufqzm.exe
C:\PROGRA~1\COMMON~1\ufqz\ufqzm.exe [file not found to scan]
--------------------
Value Name: SRS Audio Sandbox
Value Data: "C:\Program Files\SRS Labs\Audio Sandbox\SRSSSC.exe" /hideme
C:\Program Files\SRS Labs\Audio Sandbox\SRSSSC.exe [file not found to scan]
--------------------
Value Name: VoipStunt
Value Data: "C:\Program Files\VoipStunt.com\VoipStunt\VoipStunt.exe" -nosplash -minimized
C:\Program Files\VoipStunt.com\VoipStunt\VoipStunt.exe
8824112 bytes
Created: 10/25/2008
Modified: 12/13/2007
Company: VoipStunt
--------------------
--------------------
Checking HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce
Value Name: FlashPlayerUpdate
Value Data: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_FlashUtil.exe -p
C:\WINDOWS\system32\Macromed\Flash\NPSWF32_FlashUtil.exe
218496 bytes
Created: 11/20/2007
Modified: 11/20/2007
Company: Adobe Systems, Inc.
--------------------
--------------------
Checking HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices
This Registry Key appears to be empty

************************************************************
4:25:33 PM: Scanning -----SHELLEXECUTEHOOKS-----
ValueName: {AEB6717E-7E19-11d0-97EE-00C04FD91972}
File: shell32.dll - this file is expected and has been left in place
----------

************************************************************
4:25:33 PM: Scanning -----HIDDEN REGISTRY ENTRIES-----
Taskdir check completed
----------
No Hidden File-loading Registry Entries found
----------

************************************************************
4:25:39 PM: Scanning -----ACTIVE SCREENSAVER-----
No active ScreenSaver found to scan.

************************************************************
4:25:39 PM: Scanning ----- REGISTRY ACTIVE SETUP KEYS -----
Key: {6BF52A52-394A-11d3-B153-00C04F79FAA6}
Path: rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub
C:\WINDOWS\INF\wmp10.inf
34751 bytes
Created: 1/24/2005
Modified: 1/28/2005
Company:
----------
Key: {8b15971b-5355-4c82-8c07-7e181ea07608}
Path: rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\fxsocm.inf,Fax.Install.PerUser
C:\WINDOWS\INF\fxsocm.inf
50680 bytes
Created: 8/4/2004
Modified: 8/4/2004
Company:
----------

************************************************************
4:25:46 PM: Scanning ----- SERVICEDLL REGISTRY KEYS -----
Key: HidServ
%SystemRoot%\System32\hidserv.dll - file is globally excluded (file cannot be found)
--------------------
Key: NWCWorkstation
Path: %SystemRoot%\System32\nwwks.dll
C:\WINDOWS\System32\nwwks.dll
65536 bytes
Created: 5/14/2004
Modified: 10/13/2006
Company: Microsoft Corporation
--------------------

************************************************************
4:25:56 PM: Scanning ----- SERVICES REGISTRY KEYS -----
Key: a2free
ImagePath: "C:\Program Files\a-squared Free\a2service.exe"
C:\Program Files\a-squared Free\a2service.exe
419448 bytes
Created: 11/6/2008
Modified: 11/6/2008
Company: Emsi Software GmbH
----------
Key: AN983
ImagePath: System32\DRIVERS\AN983.sys
C:\WINDOWS\System32\DRIVERS\AN983.sys
36224 bytes
Created: 5/21/2004
Modified: 8/28/2002
Company: ADMtek Incorporated.
----------
Key: aspnet_state
ImagePath: %SystemRoot%\Microsoft.NET\Framework\v2.0.50215\aspnet_state.exe
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50215\aspnet_state.exe
22016 bytes
Created: 4/8/2005
Modified: 4/8/2005
Company: Microsoft Corporation
----------
Key: catchme
ImagePath: \??\C:\DOCUME~1\Owner\LOCALS~1\Temp\catchme.sys - this file is globally excluded
----------
Key: clr_optimization_v2.0.50215_32
ImagePath: C:\WINDOWS\Microsoft.NET\Framework\v2.0.50215\mscorsvw.exe
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50215\mscorsvw.exe
56320 bytes
Created: 4/8/2005
Modified: 4/8/2005
Company: Microsoft Corporation
----------
Key: Diskeeper
ImagePath: C:\Program Files\Executive Software\Diskeeper\DkService.exe
C:\Program Files\Executive Software\Diskeeper\DkService.exe
426098 bytes
Created: 8/22/2003
Modified: 8/22/2003
Company: Executive Software International, Inc.
----------
Key: FastNIC
ImagePath: System32\DRIVERS\FastNIC.sys
C:\WINDOWS\System32\DRIVERS\FastNIC.sys
38528 bytes
Created: 5/21/2002
Modified: 5/21/2002
Company: ADMtek Incorporated.
----------
Key: HPZid412
ImagePath: system32\DRIVERS\HPZid412.sys
C:\WINDOWS\system32\DRIVERS\HPZid412.sys
-R- 49664 bytes
Created: 12/13/2006
Modified: 4/12/2006
Company: HP
----------
Key: HPZipr12
ImagePath: system32\DRIVERS\HPZipr12.sys
C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
-R- 16496 bytes
Created: 12/13/2006
Modified: 4/12/2006
Company: HP
----------
Key: HPZius12
ImagePath: system32\DRIVERS\HPZius12.sys
C:\WINDOWS\system32\DRIVERS\HPZius12.sys
21568 bytes
Created: 4/12/2006
Modified: 4/12/2006
Company: HP
----------
Key: IISADMIN
ImagePath: C:\WINDOWS\System32\inetsrv\inetinfo.exe
C:\WINDOWS\System32\inetsrv\inetinfo.exe
15872 bytes
Created: 5/14/2004
Modified: 8/4/2004
Company: Microsoft Corporation
----------
Key: InCDPass
ImagePath: System32\DRIVERS\InCDPass.sys
C:\WINDOWS\System32\DRIVERS\InCDPass.sys
28432 bytes
Created: 5/14/2004
Modified: 7/24/2003
Company: Ahead Software
----------
Key: InCDsrv
ImagePath: C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
786484 bytes
Created: 5/14/2004
Modified: 7/24/2003
Company: AHEAD Software
----------
Key: LVUSBSta
ImagePath: system32\drivers\lvusbsta.sys
C:\WINDOWS\system32\drivers\lvusbsta.sys [file not found to scan]
----------
Key: mcmscsvc
ImagePath: C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
767976 bytes
Created: 5/12/2007
Modified: 1/9/2008
Company: McAfee, Inc.
----------
Key: McNASvc
ImagePath: "c:\program files\common files\mcafee\mna\mcnasvc.exe"
c:\program files\common files\mcafee\mna\mcnasvc.exe
2458128 bytes
Created: 5/12/2007
Modified: 1/25/2008
Company: McAfee, Inc.
----------
Key: McODS
ImagePath: C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
378184 bytes
Created: 5/12/2007
Modified: 11/7/2007
Company: McAfee, Inc.
----------
Key: McProxy
ImagePath: c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
359248 bytes
Created: 10/10/2008
Modified: 8/15/2007
Company: McAfee, Inc.
----------
Key: McShield
ImagePath: C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
144704 bytes
Created: 5/12/2007
Modified: 7/24/2007
Company: McAfee, Inc.
----------
Key: McSysmon
ImagePath: C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
695624 bytes
Created: 5/12/2007
Modified: 12/5/2007
Company: McAfee, Inc.
----------
Key: mfeavfk
ImagePath: system32\drivers\mfeavfk.sys
C:\WINDOWS\system32\drivers\mfeavfk.sys
79304 bytes
Created: 5/12/2007
Modified: 11/22/2007
Company: McAfee, Inc.
----------
Key: mfebopk
ImagePath: system32\drivers\mfebopk.sys
C:\WINDOWS\system32\drivers\mfebopk.sys
35240 bytes
Created: 5/12/2007
Modified: 11/22/2007
Company: McAfee, Inc.
----------
Key: mfehidk
ImagePath: system32\drivers\mfehidk.sys
C:\WINDOWS\system32\drivers\mfehidk.sys
201320 bytes
Created: 5/12/2007
Modified: 11/22/2007
Company: McAfee, Inc.
----------
Key: mferkdk
ImagePath: system32\drivers\mferkdk.sys
C:\WINDOWS\system32\drivers\mferkdk.sys
33832 bytes
Created: 5/12/2007
Modified: 11/22/2007
Company: McAfee, Inc.
----------
Key: mfesmfk
ImagePath: system32\drivers\mfesmfk.sys
C:\WINDOWS\system32\drivers\mfesmfk.sys
40488 bytes
Created: 5/12/2007
Modified: 12/2/2007
Company: McAfee, Inc.
----------
Key: MPFP
ImagePath: System32\Drivers\Mpfp.sys
C:\WINDOWS\System32\Drivers\Mpfp.sys
113952 bytes
Created: 5/12/2007
Modified: 7/13/2007
Company: McAfee, Inc.
----------
Key: MpfService
ImagePath: "C:\Program Files\McAfee\MPF\MPFSrv.exe"
C:\Program Files\McAfee\MPF\MPFSrv.exe
856864 bytes
Created: 5/12/2007
Modified: 7/18/2007
Company: McAfee, Inc.
----------
Key: MQAC
ImagePath: \??\C:\WINDOWS\System32\drivers\mqac.sys
C:\WINDOWS\System32\drivers\mqac.sys
72960 bytes
Created: 5/14/2004
Modified: 7/6/2007
Company: Microsoft Corporation
----------
Key: MR97310_USB_DUAL_CAMERA
ImagePath: system32\DRIVERS\mr97310c.sys
C:\WINDOWS\system32\DRIVERS\mr97310c.sys
130309 bytes
Created: 8/7/2007
Modified: 9/9/2002
Company: DUCam Technology Inc.
----------
Key: MSFtpsvc
ImagePath: %SystemRoot%\System32\inetsrv\inetinfo.exe
C:\WINDOWS\System32\inetsrv\inetinfo.exe
15872 bytes
Created: 5/14/2004
Modified: 8/4/2004
Company: Microsoft Corporation
----------
Key: MSMQ
ImagePath: C:\WINDOWS\System32\mqsvc.exe
C:\WINDOWS\System32\mqsvc.exe
4608 bytes
Created: 8/23/2001
Modified: 8/4/2004
Company: Microsoft Corporation
----------
Key: MSMQTriggers
ImagePath: C:\WINDOWS\System32\mqtgsvc.exe
C:\WINDOWS\System32\mqtgsvc.exe
117248 bytes
Created: 8/23/2001
Modified: 8/4/2004
Company: Microsoft Corporation
----------
Key: ms_mpu401
ImagePath: system32\drivers\msmpu401.sys
C:\WINDOWS\system32\drivers\msmpu401.sys
2944 bytes
Created: 12/31/2000
Modified: 8/17/2001
Company: Microsoft Corporation
----------
Key: nvport
ImagePath: \??\C:\WINDOWS\system32\Drivers\nvport.sys
C:\WINDOWS\system32\Drivers\nvport.sys [file not found to scan]
----------
Key: NwlnkIpx
ImagePath: System32\DRIVERS\nwlnkipx.sys
C:\WINDOWS\System32\DRIVERS\nwlnkipx.sys
88448 bytes
Created: 8/23/2001
Modified: 8/4/2004
Company: Microsoft Corporation
----------
Key: NwlnkNb
ImagePath: System32\DRIVERS\nwlnknb.sys
C:\WINDOWS\System32\DRIVERS\nwlnknb.sys
63232 bytes
Created: 8/23/2001
Modified: 8/23/2001
Company: Microsoft Corporation
----------
Key: NwlnkSpx
ImagePath: System32\DRIVERS\nwlnkspx.sys
C:\WINDOWS\System32\DRIVERS\nwlnkspx.sys
55936 bytes
Created: 8/23/2001
Modified: 8/23/2001
Company: Microsoft Corporation
----------
Key: NWRDR
ImagePath: System32\DRIVERS\nwrdr.sys
C:\WINDOWS\System32\DRIVERS\nwrdr.sys
163584 bytes
Created: 5/14/2004
Modified: 10/13/2006
Company: Microsoft Corporation
----------
Key: OVT511Plus
ImagePath: System32\Drivers\omcamvid.sys
C:\WINDOWS\System32\Drivers\omcamvid.sys
160073 bytes
Created: 10/11/2000
Modified: 9/18/2000
Company: OmniVision Technologies, Inc.
----------
Key: pavboot
ImagePath: system32\drivers\pavboot.sys
C:\WINDOWS\system32\drivers\pavboot.sys
28544 bytes
Created: 11/10/2008
Modified: 6/19/2008
Company: Panda Security, S.L.
----------
Key: pfc
ImagePath: system32\drivers\pfc.sys
C:\WINDOWS\system32\drivers\pfc.sys
9856 bytes
Created: 1/16/2007
Modified: 3/29/2006
Company: Padus, Inc.
----------
Key: PID_08A0
ImagePath: system32\DRIVERS\LV302AV.SYS
C:\WINDOWS\system32\DRIVERS\LV302AV.SYS [file not found to scan]
----------
Key: Pml Driver HPZ12
ImagePath: C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\HPZipm12.exe
73728 bytes
Created: 12/13/2006
Modified: 8/9/2007
Company: HP
----------
Key: RMCAST
ImagePath: \??\C:\WINDOWS\System32\drivers\RMCast.sys
C:\WINDOWS\System32\drivers\RMCast.sys
202752 bytes
Created: 8/23/2001
Modified: 5/8/2008
Company: Microsoft Corporation
----------
Key: rtl8029
ImagePath: System32\DRIVERS\RTL8029.SYS
C:\WINDOWS\System32\DRIVERS\RTL8029.SYS
19017 bytes
Created: 5/14/2004
Modified: 8/17/2001
Company: Realtek Semiconductor Corporation
----------
Key: S3SavageNB
ImagePath: System32\DRIVERS\s3gnbm.sys
C:\WINDOWS\System32\DRIVERS\s3gnbm.sys
-R- 156288 bytes
Created: 5/21/2004
Modified: 8/13/2002
Company: S3 Graphics, Inc.
----------
Key: ScsiAccess
ImagePath: C:\WINDOWS\system32\ScsiAccess.EXE
C:\WINDOWS\system32\ScsiAccess.EXE
181312 bytes
Created: 2/4/2003
Modified: 2/4/2003
Company:
----------
Key: SMTPSVC
ImagePath: C:\WINDOWS\System32\inetsrv\inetinfo.exe
C:\WINDOWS\System32\inetsrv\inetinfo.exe
15872 bytes
Created: 5/14/2004
Modified: 8/4/2004
Company: Microsoft Corporation
----------
Key: SNMP
ImagePath: %SystemRoot%\System32\snmp.exe
C:\WINDOWS\System32\snmp.exe
33280 bytes
Created: 5/14/2004
Modified: 11/20/2006
Company: Microsoft Corporation
----------
Key: SRS_SSCFilter
ImagePath: system32\drivers\srs_sscfilter_i386.sys
C:\WINDOWS\system32\drivers\srs_sscfilter_i386.sys
-R- 38400 bytes
Created: 3/22/2007
Modified: 3/12/2007
Company:
----------
Key: SwPrv
ImagePath: C:\WINDOWS\System32\dllhost.exe /Processid:{F8C47B10-142D-4F62-82CE-02883089E7CA}
C:\WINDOWS\System32\dllhost.exe
5120 bytes
Created: 8/23/2001
Modified: 8/4/2004
Company: Microsoft Corporation
----------
Key: usnjsvc
ImagePath: "C:\Program Files\MSN Messenger\usnsvc.exe"
C:\Program Files\MSN Messenger\usnsvc.exe
97136 bytes
Created: 1/19/2007
Modified: 1/19/2007
Company: Microsoft Corporation
----------
Key: viaagp
ImagePath: System32\DRIVERS\viaagp.sys
C:\WINDOWS\System32\DRIVERS\viaagp.sys
42240 bytes
Created: 12/31/2000
Modified: 8/4/2004
Company: Microsoft Corporation
----------
Key: viaagp1
ImagePath: System32\DRIVERS\viaagp1.sys
C:\WINDOWS\System32\DRIVERS\viaagp1.sys
27904 bytes
Created: 7/2/2003
Modified: 7/2/2003
Company: VIA Technologies, Inc.
----------
Key: VIAudio
ImagePath: system32\drivers\ac97via.sys
C:\WINDOWS\system32\drivers\ac97via.sys
84480 bytes
Created: 5/21/2004
Modified: 8/28/2002
Company: VIA Technologies, Inc.
----------
Key: W3SVC
ImagePath: %SystemRoot%\System32\inetsrv\inetinfo.exe
C:\WINDOWS\System32\inetsrv\inetinfo.exe
15872 bytes
Created: 5/14/2004
Modified: 8/4/2004
Company: Microsoft Corporation
----------
Key: wanatw
ImagePath: System32\DRIVERS\wanatw4.sys
C:\WINDOWS\System32\DRIVERS\wanatw4.sys [file not found to scan]
----------

************************************************************
4:27:38 PM: Scanning -----VXD ENTRIES-----
Checking the following VxD entries:
C:\WINDOWS\system32\JAVASUP.VXD
7315 bytes
Created: 2/13/2005
Modified: 2/28/2003
Company:
VxD Key = JAVASUP
----------
----------

************************************************************
4:27:40 PM: Scanning ----- WINLOGON\NOTIFY DLLS -----

************************************************************
4:27:41 PM: Scanning ----- CONTEXTMENUHANDLERS -----
Key: McCtxMenu
CLSID: {01576F39-90DE-4D6E-A068-5B20C22BAAEE}
Path: c:\PROGRA~1\mcafee\VIRUSS~1\mcctxmnu.dll
c:\PROGRA~1\mcafee\VIRUSS~1\mcctxmnu.dll
165192 bytes
Created: 10/10/2008
Modified: 11/7/2007
Company: McAfee, Inc.
----------

************************************************************
4:27:42 PM: Scanning ----- FOLDER\COLUMNHANDLERS -----

************************************************************
4:27:43 PM: Scanning ----- BROWSER HELPER OBJECTS -----
Key: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
BHO: C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
59032 bytes
Created: 12/18/2006
Modified: 12/18/2006
Company: Adobe Systems Incorporated
----------
Key: {3049C3E9-B461-4BC5-8870-4C09146192CA}
BHO: C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
308856 bytes
Created: 5/9/2008
Modified: 5/9/2008
Company: RealPlayer
----------
Key: {7DB2D5A0-7241-4E79-B68D-6309F01C5231}
BHO: C:\Program Files\McAfee\VirusScan\scriptsn.dll
C:\Program Files\McAfee\VirusScan\scriptsn.dll
58688 bytes
Created: 10/10/2008
Modified: 11/9/2007
Company: McAfee, Inc.
----------
Key: {9030D464-4C02-4ABF-8ECC-5164760863C6}
BHO: C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
322368 bytes
Created: 8/31/2006
Modified: 8/31/2006
Company: Microsoft Corporation
----------

************************************************************
4:27:48 PM: Scanning ----- SHELLSERVICEOBJECTS -----

************************************************************
4:27:48 PM: Scanning ----- SHAREDTASKSCHEDULER ENTRIES -----

************************************************************
4:27:48 PM: Scanning ----- IMAGEFILE DEBUGGERS -----
No "Debugger" entries found.

************************************************************
4:27:48 PM: Scanning ----- APPINIT_DLLS -----
The AppInit_DLLs value is blank or does not exist

************************************************************
4:27:56 PM: Scanning ----- SECURITY PROVIDER DLLS -----

************************************************************
4:27:57 PM: Scanning ------ COMMON STARTUP GROUP ------
[C:\Documents and Settings\All Users\Start Menu\Programs\Startup]
The Common Startup Group attempts to load the following file(s) at boot time:
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\desktop.ini
-HS- 84 bytes
Created: 12/31/2000
Modified: 5/14/2004
Company:
--------------------
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
288472 bytes
Created: 2/19/2006
Modified: 2/19/2006
Company: Hewlett-Packard Development Company, L.P.
HP Digital Imaging Monitor.lnk - links to C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
--------------------
C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
64864 bytes
Created: 4/19/2007
Modified: 4/19/2007
Company: Microsoft Corporation
Microsoft Office OneNote 2003 Quick Launch.lnk - links to C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
--------------------

************************************************************
4:28:00 PM: Scanning ------ USER STARTUP GROUPS ------
--------------------
Checking Startup Group for: Owner
[C:\Documents and Settings\Owner\START MENU\PROGRAMS\STARTUP]
The Startup Group for Owner attempts to load the following file(s):
C:\Documents and Settings\Owner\START MENU\PROGRAMS\STARTUP\desktop.ini
-HS- 84 bytes
Created: 5/14/2004
Modified: 5/14/2004
Company:
----------

************************************************************
4:28:01 PM: Scanning ----- SCHEDULED TASKS -----
Taskname: AppleSoftwareUpdate.job
File: C:\Program Files\Apple Software Update\SoftwareUpdate.exe
C:\Program Files\Apple Software Update\SoftwareUpdate.exe
566592 bytes
Created: 8/29/2007
Modified: 7/30/2008
Company: Apple Inc.
Parameters: -task
Next Run Time: 11/13/2008 12:39:00 PM
Status: The task is ready to run at its next scheduled time
Creator: SYSTEM
Comments: [blank]
----------
Taskname: McDefragTask.job
File: c:\program files\mcafee\mqc\QcConsol.exe
c:\program files\mcafee\mqc\QcConsol.exe
222496 bytes
Created: 5/12/2007
Modified: 12/4/2007
Company: McAfee, Inc.
Parameters: "C:\WINDOWS\system32\defrag.exe" C: -f
Next Run Time: 11/15/2008 1:00:00 AM
Status: The task is ready to run at its next scheduled time
Creator: Owner
Comments: Disk Defragmenter
----------
Taskname: McQcTask.job
File: c:\program files\mcafee\mqc\QcConsol.exe
c:\program files\mcafee\mqc\QcConsol.exe
222496 bytes
Created: 5/12/2007
Modified: 12/4/2007
Company: McAfee, Inc.
Parameters: 14 0
Next Run Time: 12/1/2008 1:00:00 AM
Status: The task is ready to run at its next scheduled time
Creator: Owner
Comments: McAfee McAfee QuickClean
----------

************************************************************
4:28:04 PM: Scanning ----- SHELLICONOVERLAYIDENTIFIERS -----

************************************************************
4:28:04 PM: ----- ADDITIONAL CHECKS -----
PE386 rootkit checks completed
----------
Winlogon registry rootkit checks completed
----------
Heuristic checks for hidden files/drivers completed
----------
Layered Service Provider entries checks completed
----------
Windows Explorer Policies checks completed
----------
Desktop Wallpaper: C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
1440054 bytes
Created: 12/21/2004
Modified: 7/25/2007
Company:
----------
Web Desktop Wallpaper: %USERPROFILE%\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
1440054 bytes
Created: 12/21/2004
Modified: 7/25/2007
Company:
----------
Additional checks completed

************************************************************
4:28:08 PM: Scanning ----- RUNNING PROCESSES -----

C:\WINDOWS\System32\smss.exe
--------------------
C:\WINDOWS\system32\csrss.exe
--------------------
C:\WINDOWS\system32\winlogon.exe
--------------------
C:\WINDOWS\system32\services.exe
--------------------
C:\WINDOWS\system32\lsass.exe
--------------------
C:\WINDOWS\system32\svchost.exe
--------------------
C:\WINDOWS\system32\svchost.exe - file already scanned
--------------------
C:\WINDOWS\System32\svchost.exe - file already scanned
--------------------
C:\WINDOWS\System32\svchost.exe - file already scanned
--------------------
C:\WINDOWS\system32\spoolsv.exe
--------------------
C:\Program Files\a-squared Free\a2service.exe - file already scanned
--------------------
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
--------------------
C:\Program Files\Executive Software\Diskeeper\DkService.exe - file already scanned
--------------------
C:\WINDOWS\System32\inetsrv\inetinfo.exe - file already scanned
--------------------
C:\Program Files\Ahead\InCD\InCDsrv.exe - file already scanned
--------------------
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe - file already scanned
--------------------
c:\program files\common files\mcafee\mna\mcnasvc.exe - file already scanned
--------------------
C:\WINDOWS\Explorer.EXE - file already scanned
--------------------
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe - file already scanned
--------------------
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
--------------------
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe - file already scanned
--------------------
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
--------------------
C:\Program Files\McAfee\MPF\MPFSrv.exe - file already scanned
--------------------
C:\WINDOWS\System32\msdtc.exe
--------------------
C:\WINDOWS\system32\ScsiAccess.EXE - file already scanned
--------------------
C:\WINDOWS\System32\snmp.exe - file already scanned
--------------------
C:\WINDOWS\System32\svchost.exe - file already scanned
--------------------
C:\WINDOWS\system32\wdfmgr.exe
--------------------
C:\WINDOWS\System32\mqsvc.exe - file already scanned
--------------------
C:\WINDOWS\System32\mqtgsvc.exe - file already scanned
--------------------
C:\WINDOWS\System32\alg.exe
--------------------
C:\WINDOWS\system32\WgaTray.exe
--------------------
C:\WINDOWS\system32\wuauclt.exe
--------------------
C:\Program Files\Ahead\InCD\InCD.exe - file already scanned
--------------------
C:\Program Files\Browser Mouse\mouse32a.exe - file already scanned
--------------------
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe - file already scanned
--------------------
C:\Program Files\Muiltmedia keyboard utility\1.1\KbdAp32A.exe
--------------------
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe - file already scanned
--------------------
C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe - file already scanned
--------------------
C:\Program Files\QuickTime\QTTask.exe - file already scanned
--------------------
C:\Program Files\iTunes\iTunesHelper.exe - file already scanned
--------------------
C:\WINDOWS\system32\ctfmon.exe - file already scanned
--------------------
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
--------------------
C:\Program Files\iPod\bin\iPodService.exe
--------------------
C:\Program Files\Support.com\bin\tgcmd.exe - file already scanned
--------------------
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
--------------------
C:\Program Files\Internet Explorer\iexplore.exe
--------------------
C:\Program Files\MSN Messenger\msnmsgr.exe
--------------------
C:\Program Files\MSN Messenger\usnsvc.exe - file already scanned
--------------------
C:\Program Files\Mozilla Firefox\firefox.exe
--------------------
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe - file already scanned
--------------------
c:\PROGRA~1\mcafee\msc\mcshell.exe
--------------------
C:\Program Files\Common Files\Real\Update_OB\realsched.exe - file already scanned
--------------------
C:\Documents and Settings\Owner\Application Data\Simply Super Software\Trojan Remover\ucj8E9.exe
FileSize: 2888568
[This is a Trojan Remover component]
--------------------
--------------------
c:\PROGRA~1\mcafee\msc\mcuimgr.exe
--------------------
C:\WINDOWS\system32\wscntfy.exe
--------------------

************************************************************
4:28:59 PM: Checking AUTOEXEC.NT file
AUTOEXEC.NT found in C:\WINDOWS\system32
No malicious entries were found in the AUTOEXEC.NT file

************************************************************
4:29:00 PM: Checking HOSTS file
No malicious entries were found in the HOSTS file

************************************************************
------ INTERNET EXPLORER HOME/START/SEARCH SETTINGS ------
HKLM\Software\Microsoft\Internet Explorer\Main\"Start Page":
https://www.msn.com/fr-fr/?ocid=iehp
HKLM\Software\Microsoft\Internet Explorer\Main\"Local Page":
%SystemRoot%\system32\blank.htm
HKLM\Software\Microsoft\Internet Explorer\Main\"Search Page":
https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
HKLM\Software\Microsoft\Internet Explorer\Main\"Default_Page_URL":
https://www.msn.com/fr-fr/?ocid=iehp
HKLM\Software\Microsoft\Internet Explorer\Main\"Default_Search_URL":
https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
HKLM\Software\Microsoft\Internet Explorer\Search\"CustomizeSearch":
https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchcust.htm
HKLM\Software\Microsoft\Internet Explorer\Search\"SearchAssistant":
https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm
HKCU\Software\Microsoft\Internet Explorer\Main\"Start Page":
https://fr.yahoo.com/?p=us
HKCU\Software\Microsoft\Internet Explorer\Main\"Local Page":
C:\WINDOWS\system32\blank.htm
HKCU\Software\Microsoft\Internet Explorer\Main\"Search Page":
http://red.clientapps.yahoo.com/customize/ie/defaults/sp/sbcydsl/*https://fr.yahoo.com/?p=us
HKCU\Software\Microsoft\Internet Explorer\Search\"CustomizeSearch":
https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchcust.htm
HKCU\Software\Microsoft\Internet Explorer\Search\"SearchAssistant":
https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm

************************************************************
=== NO CHANGES HAVE BEEN MADE TO YOUR SYSTEM FILES ===
Scan completed at: 4:29:00 PM 12 Nov 2008
Total Scan time: 00:04:35
************************************************************


***** NORMAL SCAN FOR ACTIVE MALWARE *****
Trojan Remover Ver 6.7.4.2551. For information, email support@simplysup1.com
[Unregistered version]
Scan started at: 4:24:23 PM 12 Nov 2008
Using Database v7197
Operating System: Windows XP SP2 [Windows XP Professional Service Pack 2 (Build 2600)]
File System: NTFS
Data directory: C:\Documents and Settings\Owner\Application Data\Simply Super Software\Trojan Remover\
Database directory: C:\Program Files\Trojan Remover\
Logfile directory: C:\Documents and Settings\Owner\My Documents\Simply Super Software\Trojan Remover Logfiles\
Program directory: C:\Program Files\Trojan Remover\
Running with Administrator privileges

************************************************************
The following Anti-Malware program(s) are loaded:
McAfee Anti-Virus

************************************************************


************************************************************
4:24:25 PM: Scanning ----------WIN.INI-----------
WIN.INI found in C:\WINDOWS

************************************************************
4:24:25 PM: Scanning --------SYSTEM.INI---------
SYSTEM.INI found in C:\WINDOWS

************************************************************
4:24:26 PM: ----- SCANNING FOR ROOTKIT SERVICES -----
No hidden Services were detected.

************************************************************
4:24:39 PM: Scanning -----WINDOWS REGISTRY-----
--------------------
Checking HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon
This key's "Shell" value calls the following program(s):
File: Explorer.exe
C:\WINDOWS\Explorer.exe
1033216 bytes
Created: 5/11/2003
Modified: 6/13/2007
Company: Microsoft Corporation
----------
This key's "Userinit" value calls the following program(s):
File: C:\WINDOWS\system32\userinit.exe
C:\WINDOWS\system32\userinit.exe
24576 bytes
Created: 8/23/2001
Modified: 8/4/2004
Company: Microsoft Corporation
----------
This key's "System" value appears to be blank
----------
This key's "UIHost" value calls the following program:
File: logonui.exe
C:\WINDOWS\system32\logonui.exe
514560 bytes
Created: 5/14/2004
Modified: 8/4/2004
Company: Microsoft Corporation
----------
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
--------------------
Checking HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
Value Name: load
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Value Name: InCD
Value Data: C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\Ahead\InCD\InCD.exe
1155122 bytes
Created: 5/14/2004
Modified: 7/24/2003
Company: Ahead Software AG
--------------------
Value Name: NeroFilterCheck
Value Data: C:\WINDOWS\system32\NeroCheck.exe
C:\WINDOWS\system32\NeroCheck.exe
155648 bytes
Created: 5/14/2004
Modified: 7/9/2001
Company: Ahead Software Gmbh
--------------------
Value Name: MsmqIntCert
Value Data: regsvr32 /s mqrt.dll
C:\WINDOWS\system32\mqrt.dll
177152 bytes
Created: 5/14/2004
Modified: 7/6/2007
Company: Microsoft Corporation
--------------------
Value Name: Pure Networks Port Magic
Value Data: "C:\PROGRA~1\PURENE~1\PORTMA~1\PortAOL.exe" -Run
C:\PROGRA~1\PURENE~1\PORTMA~1\PortAOL.exe
99480 bytes
Created: 1/14/2005
Modified: 5/7/2004
Company: Pure Networks, Inc.
--------------------
Value Name: FLMOFFICE4DMOUSE
Value Data: C:\Program Files\Browser Mouse\mouse32a.exe
C:\Program Files\Browser Mouse\mouse32a.exe
360448 bytes
Created: 2/7/2005
Modified: 2/7/2005
Company:
--------------------
Value Name: FLMK08KB
Value Data: C:\Program Files\Muiltmedia keyboard utility\1.1\MMKEYBD.EXE
C:\Program Files\Muiltmedia keyboard utility\1.1\MMKEYBD.EXE
207360 bytes
Created: 2/7/2005
Modified: 2/7/2005
Company:
--------------------
Value Name: RemoteControl
Value Data: "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
32768 bytes
Created: 2/8/2005
Modified: 10/31/2003
Company: Cyberlink Corp.
--------------------
Value Name: YOP
Value Data: C:\PROGRA~1\Yahoo!\YOP\yop.exe /autostart
C:\PROGRA~1\Yahoo!\YOP\yop.exe [file not found to scan]
--------------------
Value Name: HP Software Update
Value Data: C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
54840 bytes
Created: 5/8/2007
Modified: 5/8/2007
Company: Hewlett-Packard
--------------------
Value Name: Motive SmartBridge
Value Data: C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe
C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe
442455 bytes
Created: 1/10/2007
Modified: 8/24/2005
Company: Motive, Inc.
--------------------
Value Name: tgcmd
Value Data: C:\Program Files\Support.com\bin\tgcmd.exe /server /startmonitor /deaf
C:\Program Files\Support.com\bin\tgcmd.exe
1773568 bytes
Created: 6/2/2006
Modified: 3/7/2007
Company: SupportSoft, Inc.
--------------------
Value Name: Adobe Photo Downloader
Value Data: "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe [file not found to scan]
--------------------
Value Name: QuickTime Task
Value Data: "C:\Program Files\QuickTime\QTTask.exe" -atboottime
C:\Program Files\QuickTime\QTTask.exe
413696 bytes
Created: 3/28/2008
Modified: 3/28/2008
Company: Apple Inc.
--------------------
Value Name: iTunesHelper
Value Data: "C:\Program Files\iTunes\iTunesHelper.exe"
C:\Program Files\iTunes\iTunesHelper.exe
267048 bytes
Created: 3/30/2008
Modified: 3/30/2008
Company: Apple Inc.
--------------------
Value Name: TkBellExe
Value Data: "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
185896 bytes
Created: 3/8/2006
Modified: 5/9/2008
Company: RealNetworks, Inc.
--------------------
Value Name: mcagent_exe
Value Data: C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
C:\Program Files\McAfee.com\Agent\mcagent.exe
582992 bytes
Created: 5/12/2007
Modified: 11/1/2007
Company: McAfee, Inc.
--------------------
Value Name: TrojanScanner
Value Data: C:\Program Files\Trojan Remover\Trjscan.exe /boot
C:\Program Files\Trojan Remover\Trjscan.exe
1233800 bytes
Created: 11/12/2008
Modified: 11/8/2008
Company: Simply Super Software
--------------------
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
This Registry Key appears to be empty
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices
This Registry Key appears to be empty
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx
This Registry Key appears to be empty
--------------------
Checking HKCU\Software\Microsoft\Windows\CurrentVersion\Run
Value Name: ctfmon.exe
Value Data: C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\ctfmon.exe
15360 bytes
Created: 5/14/2004
Modified: 8/4/2004
Company: Microsoft Corporation
--------------------
Value Name: System Soap Pro
Value Data: C:\PROGRA~1\SYSTEM~1\soap.exe min
C:\PROGRA~1\SYSTEM~1\soap.exe [file not found to scan]
--------------------
Value Name: HBt9RTH3W
Value Data: clsaysvr.exe
clsaysvr.exe [file not found to scan]
--------------------
Value Name: ufqz
Value Data: C:\PROGRA~1\COMMON~1\ufqz\ufqzm.exe
C:\PROGRA~1\COMMON~1\ufqz\ufqzm.exe [file not found to scan]
--------------------
Value Name: SRS Audio Sandbox
Value Data: "C:\Program Files\SRS Labs\Audio Sandbox\SRSSSC.exe" /hideme
C:\Program Files\SRS Labs\Audio Sandbox\SRSSSC.exe [file not found to scan]
--------------------
Value Name: VoipStunt
Value Data: "C:\Program Files\VoipStunt.com\VoipStunt\VoipStunt.exe" -nosplash -minimized
C:\Program Files\VoipStunt.com\VoipStunt\VoipStunt.exe
8824112 bytes
Created: 10/25/2008
Modified: 12/13/2007
Company: VoipStunt
--------------------
--------------------
Checking HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce
Value Name: FlashPlayerUpdate
Value Data: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_FlashUtil.exe -p
C:\WINDOWS\system32\Macromed\Flash\NPSWF32_FlashUtil.exe
218496 bytes
Created: 11/20/2007
Modified: 11/20/2007
Company: Adobe Systems, Inc.
--------------------
--------------------
Checking HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices
This Registry Key appears to be empty

************************************************************
4:25:33 PM: Scanning -----SHELLEXECUTEHOOKS-----
ValueName: {AEB6717E-7E19-11d0-97EE-00C04FD91972}
File: shell32.dll - this file is expected and has been left in place
----------

************************************************************
4:25:33 PM: Scanning -----HIDDEN REGISTRY ENTRIES-----
Taskdir check completed
----------
No Hidden File-loading Registry Entries found
----------

************************************************************
4:25:39 PM: Scanning -----ACTIVE SCREENSAVER-----
No active ScreenSaver found to scan.

************************************************************
4:25:39 PM: Scanning ----- REGISTRY ACTIVE SETUP KEYS -----
Key: {6BF52A52-394A-11d3-B153-00C04F79FAA6}
Path: rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub
C:\WINDOWS\INF\wmp10.inf
34751 bytes
Created: 1/24/2005
Modified: 1/28/2005
Company:
----------
Key: {8b15971b-5355-4c82-8c07-7e181ea07608}
Path: rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\fxsocm.inf,Fax.Install.PerUser
C:\WINDOWS\INF\fxsocm.inf
50680 bytes
Created: 8/4/2004
Modified: 8/4/2004
Company:
----------

************************************************************
4:25:46 PM: Scanning ----- SERVICEDLL REGISTRY KEYS -----
Key: HidServ
%SystemRoot%\System32\hidserv.dll - file is globally excluded (file cannot be found)
--------------------
Key: NWCWorkstation
Path: %SystemRoot%\System32\nwwks.dll
C:\WINDOWS\System32\nwwks.dll
65536 bytes
Created: 5/14/2004
Modified: 10/13/2006
Company: Microsoft Corporation
--------------------

************************************************************
4:25:56 PM: Scanning ----- SERVICES REGISTRY KEYS -----
Key: a2free
ImagePath: "C:\Program Files\a-squared Free\a2service.exe"
C:\Program Files\a-squared Free\a2service.exe
419448 bytes
Created: 11/6/2008
Modified: 11/6/2008
Company: Emsi Software GmbH
----------
Key: AN983
ImagePath: System32\DRIVERS\AN983.sys
C:\WINDOWS\System32\DRIVERS\AN983.sys
36224 bytes
Created: 5/21/2004
Modified: 8/28/2002
Company: ADMtek Incorporated.
----------
Key: aspnet_state
ImagePath: %SystemRoot%\Microsoft.NET\Framework\v2.0.50215\aspnet_state.exe
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50215\aspnet_state.exe
22016 bytes
Created: 4/8/2005
Modified: 4/8/2005
Company: Microsoft Corporation
----------
Key: catchme
ImagePath: \??\C:\DOCUME~1\Owner\LOCALS~1\Temp\catchme.sys - this file is globally excluded
----------
Key: clr_optimization_v2.0.50215_32
ImagePath: C:\WINDOWS\Microsoft.NET\Framework\v2.0.50215\mscorsvw.exe
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50215\mscorsvw.exe
56320 bytes
Created: 4/8/2005
Modified: 4/8/2005
Company: Microsoft Corporation
----------
Key: Diskeeper
ImagePath: C:\Program Files\Executive Software\Diskeeper\DkService.exe
C:\Program Files\Executive Software\Diskeeper\DkService.exe
426098 bytes
Created: 8/22/2003
Modified: 8/22/2003
Company: Executive Software International, Inc.
----------
Key: FastNIC
ImagePath: System32\DRIVERS\FastNIC.sys
C:\WINDOWS\System32\DRIVERS\FastNIC.sys
38528 bytes
Created: 5/21/2002
Modified: 5/21/2002
Company: ADMtek Incorporated.
----------
Key: HPZid412
ImagePath: system32\DRIVERS\HPZid412.sys
C:\WINDOWS\system32\DRIVERS\HPZid412.sys
-R- 49664 bytes
Created: 12/13/2006
Modified: 4/12/2006
Company: HP
----------
Key: HPZipr12
ImagePath: system32\DRIVERS\HPZipr12.sys
C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
-R- 16496 bytes
Created: 12/13/2006
Modified: 4/12/2006
Company: HP
----------
Key: HPZius12
ImagePath: system32\DRIVERS\HPZius12.sys
C:\WINDOWS\system32\DRIVERS\HPZius12.sys
21568 bytes
Created: 4/12/2006
Modified: 4/12/2006
Company: HP
----------
Key: IISADMIN
ImagePath: C:\WINDOWS\System32\inetsrv\inetinfo.exe
C:\WINDOWS\System32\inetsrv\inetinfo.exe
15872 bytes
Created: 5/14/2004
Modified: 8/4/2004
Company: Microsoft Corporation
----------
Key: InCDPass
ImagePath: System32\DRIVERS\InCDPass.sys
C:\WINDOWS\System32\DRIVERS\InCDPass.sys
28432 bytes
Created: 5/14/2004
Modified: 7/24/2003
Company: Ahead Software
----------
Key: InCDsrv
ImagePath: C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
786484 bytes
Created: 5/14/2004
Modified: 7/24/2003
Company: AHEAD Software
----------
Key: LVUSBSta
ImagePath: system32\drivers\lvusbsta.sys
C:\WINDOWS\system32\drivers\lvusbsta.sys [file not found to scan]
----------
Key: mcmscsvc
ImagePath: C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
767976 bytes
Created: 5/12/2007
Modified: 1/9/2008
Company: McAfee, Inc.
----------
Key: McNASvc
ImagePath: "c:\program files\common files\mcafee\mna\mcnasvc.exe"
c:\program files\common files\mcafee\mna\mcnasvc.exe
2458128 bytes
Created: 5/12/2007
Modified: 1/25/2008
Company: McAfee, Inc.
----------
Key: McODS
ImagePath: C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
378184 bytes
Created: 5/12/2007
Modified: 11/7/2007
Company: McAfee, Inc.
----------
Key: McProxy
ImagePath: c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
359248 bytes
Created: 10/10/2008
Modified: 8/15/2007
Company: McAfee, Inc.
----------
Key: McShield
ImagePath: C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
144704 bytes
Created: 5/12/2007
Modified: 7/24/2007
Company: McAfee, Inc.
----------
Key: McSysmon
ImagePath: C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
695624 bytes
Created: 5/12/2007
Modified: 12/5/2007
Company: McAfee, Inc.
----------
Key: mfeavfk
ImagePath: system32\drivers\mfeavfk.sys
C:\WINDOWS\system32\drivers\mfeavfk.sys
79304 bytes
Created: 5/12/2007
Modified: 11/22/2007
Company: McAfee, Inc.
----------
Key: mfebopk
ImagePath: system32\drivers\mfebopk.sys
C:\WINDOWS\system32\drivers\mfebopk.sys
35240 bytes
Created: 5/12/2007
Modified: 11/22/2007
Company: McAfee, Inc.
----------
Key: mfehidk
ImagePath: system32\drivers\mfehidk.sys
C:\WINDOWS\system32\drivers\mfehidk.sys
201320 bytes
Created: 5/12/2007
Modified: 11/22/2007
Company: McAfee, Inc.
----------
Key: mferkdk
ImagePath: system32\drivers\mferkdk.sys
C:\WINDOWS\system32\drivers\mferkdk.sys
33832 bytes
Created: 5/12/2007
Modified: 11/22/2007
Company: McAfee, Inc.
----------
Key: mfesmfk
ImagePath: system32\drivers\mfesmfk.sys
C:\WINDOWS\system32\drivers\mfesmfk.sys
40488 bytes
Created: 5/12/2007
Modified: 12/2/2007
Company: McAfee, Inc.
----------
Key: MPFP
ImagePath: System32\Drivers\Mpfp.sys
C:\WINDOWS\System32\Drivers\Mpfp.sys
113952 bytes
Created: 5/12/2007
Modified: 7/13/2007
Company: McAfee, Inc.
----------
Key: MpfService
ImagePath: "C:\Program Files\McAfee\MPF\MPFSrv.exe"
C:\Program Files\McAfee\MPF\MPFSrv.exe
856864 bytes
Created: 5/12/2007
Modified: 7/18/2007
Company: McAfee, Inc.
----------
Key: MQAC
ImagePath: \??\C:\WINDOWS\System32\drivers\mqac.sys
C:\WINDOWS\System32\drivers\mqac.sys
72960 bytes
Created: 5/14/2004
Modified: 7/6/2007
Company: Microsoft Corporation
----------
Key: MR97310_USB_DUAL_CAMERA
ImagePath: system32\DRIVERS\mr97310c.sys
C:\WINDOWS\system32\DRIVERS\mr97310c.sys
130309 bytes
Created: 8/7/2007
Modified: 9/9/2002
Company: DUCam Technology Inc.
----------
Key: MSFtpsvc
ImagePath: %SystemRoot%\System32\inetsrv\inetinfo.exe
C:\WINDOWS\System32\inetsrv\inetinfo.exe
15872 bytes
Created: 5/14/2004
Modified: 8/4/2004
Company: Microsoft Corporation
----------
Key: MSMQ
ImagePath: C:\WINDOWS\System32\mqsvc.exe
C:\WINDOWS\System32\mqsvc.exe
4608 bytes
Created: 8/23/2001
Modified: 8/4/2004
Company: Microsoft Corporation
----------
Key: MSMQTriggers
ImagePath: C:\WINDOWS\System32\mqtgsvc.exe
C:\WINDOWS\System32\mqtgsvc.exe
117248 bytes
Created: 8/23/2001
Modified: 8/4/2004
Company: Microsoft Corporation
----------
Key: ms_mpu401
ImagePath: system32\drivers\msmpu401.sys
C:\WINDOWS\system32\drivers\msmpu401.sys
2944 bytes
Created: 12/31/2000
Modified: 8/17/2001
Company: Microsoft Corporation
----------
Key: nvport
ImagePath: \??\C:\WINDOWS\system32\Drivers\nvport.sys
C:\WINDOWS\system32\Drivers\nvport.sys [file not found to scan]
----------
Key: NwlnkIpx
ImagePath: System32\DRIVERS\nwlnkipx.sys
C:\WINDOWS\System32\DRIVERS\nwlnkipx.sys
88448 bytes
Created: 8/23/2001
Modified: 8/4/2004
Company: Microsoft Corporation
----------
Key: NwlnkNb
ImagePath: System32\DRIVERS\nwlnknb.sys
C:\WINDOWS\System32\DRIVERS\nwlnknb.sys
63232 bytes
Created: 8/23/2001
Modified: 8/23/2001
Company: Microsoft Corporation
----------
Key: NwlnkSpx
ImagePath: System32\DRIVERS\nwlnkspx.sys
C:\WINDOWS\System32\DRIVERS\nwlnkspx.sys
55936 bytes
Created: 8/23/2001
Modified: 8/23/2001
Company: Microsoft Corporation
----------
Key: NWRDR
ImagePath: System32\DRIVERS\nwrdr.sys
C:\WINDOWS\System32\DRIVERS\nwrdr.sys
163584 bytes
Created: 5/14/2004
Modified: 10/13/2006
Company: Microsoft Corporation
----------
Key: OVT511Plus
ImagePath: System32\Drivers\omcamvid.sys
C:\WINDOWS\System32\Drivers\omcamvid.sys
160073 bytes
Created: 10/11/2000
Modified: 9/18/2000
Company: OmniVision Technologies, Inc.
----------
Key: pavboot
ImagePath: system32\drivers\pavboot.sys
C:\WINDOWS\system32\drivers\pavboot.sys
28544 bytes
Created: 11/10/2008
Modified: 6/19/2008
Company: Panda Security, S.L.
----------
Key: pfc
ImagePath: system32\drivers\pfc.sys
C:\WIND
0
Réponse 29 / 53
geoffrey5 Messages postés 13732 Date d'inscription dimanche 20 mai 2007 Statut Contributeur sécurité Dernière intervention 21 mai 2010 10
12 nov. 2008 à 22:02
ok... Est ce que tu as les logiciels ad-aware et spybot ??
0
Réponse 30 / 53
grandtoure Messages postés 141 Date d'inscription jeudi 6 mars 2008 Statut Membre Dernière intervention 2 juillet 2013
12 nov. 2008 à 22:13
non, je ne les ai pas
0
Réponse 31 / 53
geoffrey5 Messages postés 13732 Date d'inscription dimanche 20 mai 2007 Statut Contributeur sécurité Dernière intervention 21 mai 2010 10
12 nov. 2008 à 22:34
les voici :

Ad-aware

Spybot

Fais une mise à jour et une analyse complete avec chaques logiciels (une analyse à la fois)
0
Réponse 32 / 53
grandtoure Messages postés 141 Date d'inscription jeudi 6 mars 2008 Statut Membre Dernière intervention 2 juillet 2013
13 nov. 2008 à 20:09
ca y est. c est fait. je comprends pas, l ordi est toujours un peu lent.
0
Réponse 33 / 53
geoffrey5 Messages postés 13732 Date d'inscription dimanche 20 mai 2007 Statut Contributeur sécurité Dernière intervention 21 mai 2010 10
14 nov. 2008 à 12:34
Salut !!

refais une mise à jour et une analyse complete avec malwarebytes stp
0
Réponse 34 / 53
grandtoure Messages postés 141 Date d'inscription jeudi 6 mars 2008 Statut Membre Dernière intervention 2 juillet 2013
14 nov. 2008 à 21:15
Malwarebytes' Anti-Malware 1.30
Database version: 1360
Windows 5.1.2600 Service Pack 2

11/14/2008 4:14:36 PM
mbam-log-2008-11-14 (16-14-36).txt

Scan type: Full Scan (C:\|)
Objects scanned: 105563
Time elapsed: 3 hour(s), 51 minute(s), 29 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)
0
Réponse 35 / 53
geoffrey5 Messages postés 13732 Date d'inscription dimanche 20 mai 2007 Statut Contributeur sécurité Dernière intervention 21 mai 2010 10
15 nov. 2008 à 16:17
Salut !!

▶ Télécharge Combofix de sUBs


▶ et enregistre le sur le Bureau.


▶ désactive tes protections et ferme toutes tes applications(antivirus, parefeu, garde en temps réel de l'antispyware)


Voici le tutoriel officiel de Bleeping Computer pour savoir l utiliser :

https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix


ensuite envois le rapport et refais un nouveau rapport hijackthis stp
0
Réponse 36 / 53
grandtoure Messages postés 141 Date d'inscription jeudi 6 mars 2008 Statut Membre Dernière intervention 2 juillet 2013
18 nov. 2008 à 19:56
ComboFix 08-11-17.06 - Owner 2008-11-18 14:31:08.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.149 [GMT -5:00]
Running from: c:\documents and settings\Owner\Desktop\ComboFix.exe
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\IE4 Error Log.txt
c:\windows\system32\Cache

.
((((((((((((((((((((((((( Files Created from 2008-10-18 to 2008-11-18 )))))))))))))))))))))))))))))))
.

2008-11-13 15:34 . 2008-11-13 15:34 <DIR> d-------- c:\windows\Sun
2008-11-13 15:17 . 2008-11-13 15:16 410,976 --a------ c:\windows\system32\deploytk.dll
2008-11-13 15:17 . 2008-11-13 15:16 73,728 --a------ c:\windows\system32\javacpl.cpl
2008-11-13 15:15 . 2008-11-13 15:15 <DIR> d-------- c:\program files\Java
2008-11-13 14:21 . 2008-11-13 14:27 <DIR> d-------- c:\documents and settings\All Users\Application Data\Lavasoft
2008-11-12 19:30 . 2008-11-13 12:48 <DIR> d-------- c:\program files\Spybot - Search & Destroy
2008-11-12 19:30 . 2008-11-13 13:14 <DIR> d-------- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2008-11-12 17:39 . 2008-11-12 17:39 1,172 --a------ c:\windows\mozver.dat
2008-11-12 17:36 . 2008-11-12 17:36 <DIR> d-------- c:\program files\MSXML 4.0
2008-11-12 16:16 . 2008-11-12 16:16 <DIR> d-------- c:\documents and settings\All Users\Application Data\TEMP
2008-11-10 15:18 . 2008-11-13 15:53 <DIR> d-------- c:\program files\Panda Security
2008-11-10 12:49 . 2008-11-10 12:56 <DIR> d-------- c:\windows\BDOSCAN8
2008-11-07 20:33 . 2008-11-07 20:34 <DIR> d-------- c:\windows\ERUNT
2008-11-07 20:33 . 2001-08-18 12:00 1,688 --a------ c:\windows\system32\AUTOEXEC.NT
2008-11-07 19:59 . 2008-11-08 19:13 <DIR> d-------- C:\SDFix
2008-11-06 19:53 . 2008-11-06 19:53 <DIR> d-------- C:\Poker
2008-11-05 13:15 . 2008-11-05 13:15 3,452 --a------ c:\windows\system32\tmp.reg
2008-11-05 13:12 . 2007-09-05 23:22 289,144 --a------ c:\windows\system32\VCCLSID.exe
2008-11-05 13:12 . 2006-04-27 16:49 288,417 --a------ c:\windows\system32\SrchSTS.exe
2008-11-05 13:12 . 2008-09-08 22:38 88,576 --a------ c:\windows\system32\AntiXPVSTFix.exe
2008-11-05 13:12 . 2008-10-01 14:51 87,552 --a------ c:\windows\system32\VACFix.exe
2008-11-05 13:12 . 2008-10-10 07:58 82,944 --a------ c:\windows\system32\o4Patch.exe
2008-11-05 13:12 . 2008-10-10 07:58 82,944 --a------ c:\windows\system32\IEDFix.C.exe
2008-11-05 13:12 . 2008-08-18 11:19 82,432 --a------ c:\windows\system32\404Fix.exe
2008-11-05 13:12 . 2004-07-31 17:50 51,200 --a------ c:\windows\system32\dumphive.exe
2008-11-05 13:12 . 2007-10-03 23:36 25,600 --a------ c:\windows\system32\WS2Fix.exe
2008-11-05 12:31 . 2008-11-05 12:51 <DIR> d-------- C:\Lop SD
2008-11-03 16:58 . 2008-11-07 05:20 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware
2008-11-03 16:58 . 2008-10-22 16:10 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2008-11-03 16:58 . 2008-10-22 16:10 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2008-11-03 16:27 . 2008-11-03 16:34 <DIR> d-------- C:\ToolBar SD
2008-10-25 12:36 . 2008-10-25 12:39 <DIR> d-------- c:\documents and settings\Owner\Application Data\VoipStunt
2008-10-25 12:34 . 2008-10-25 12:34 <DIR> d-------- c:\program files\VoipStunt.com

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-11-03 18:29 --------- d-----w c:\program files\Navilog1
2008-10-24 17:06 --------- d-----w c:\program files\Apple Software Update
2008-10-24 11:10 453,632 ----a-w c:\windows\system32\drivers\mrxsmb.sys
2008-10-16 19:13 202,776 ----a-w c:\windows\system32\wuweb.dll
2008-10-16 19:13 1,809,944 ----a-w c:\windows\system32\wuaueng.dll
2008-10-16 19:12 561,688 ----a-w c:\windows\system32\wuapi.dll
2008-10-16 19:12 323,608 ----a-w c:\windows\system32\wucltui.dll
2008-10-16 19:09 92,696 ----a-w c:\windows\system32\cdm.dll
2008-10-16 19:09 51,224 ----a-w c:\windows\system32\wuauclt.exe
2008-10-16 19:09 43,544 ----a-w c:\windows\system32\wups2.dll
2008-10-16 19:08 34,328 ----a-w c:\windows\system32\wups.dll
2008-10-10 21:01 --------- d-----w c:\program files\McAfee
2008-10-10 19:03 --------- d-----w c:\program files\Common Files\McAfee
2008-10-10 18:03 --------- d-----w c:\documents and settings\Owner\Application Data\Malwarebytes
2008-10-10 18:02 --------- d-----w c:\documents and settings\All Users\Application Data\Malwarebytes
2008-10-10 17:13 --------- d-----w c:\program files\Trend Micro
2008-09-30 21:43 1,286,152 ----a-w c:\windows\system32\msxml4.dll
2008-09-15 11:57 1,846,016 ----a-w c:\windows\system32\win32k.sys
2008-09-04 16:42 1,106,944 ----a-w c:\windows\system32\msxml3.dll
2008-08-28 08:00 74,752 ----a-w c:\windows\system32\msw3prt.dll
2008-08-28 08:00 104,448 ----a-w c:\windows\system32\win32spl.dll
2008-08-26 07:24 826,368 ----a-w c:\windows\system32\wininet.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-04 15360]
"VoipStunt"="c:\program files\VoipStunt.com\VoipStunt\VoipStunt.exe" [2007-12-13 8824112]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2008-09-16 1833296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"InCD"="c:\program files\Ahead\InCD\InCD.exe" [2003-07-24 1155122]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"Pure Networks Port Magic"="c:\progra~1\PURENE~1\PORTMA~1\PortAOL.exe" [2004-05-07 99480]
"FLMOFFICE4DMOUSE"="c:\program files\Browser Mouse\mouse32a.exe" [2005-02-07 360448]
"FLMK08KB"="c:\program files\Muiltmedia keyboard utility\1.1\MMKEYBD.EXE" [2005-02-07 207360]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2003-10-31 32768]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"Motive SmartBridge"="c:\progra~1\SBCSEL~1\SMARTB~1\MotiveSB.exe" [2005-08-24 442455]
"tgcmd"="c:\program files\Support.com\bin\tgcmd.exe" [2007-03-07 1773568]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-03-28 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-03-30 267048]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2008-05-09 185896]
"mcagent_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2007-11-01 582992]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-11-13 136600]
"MsmqIntCert"="mqrt.dll" [2007-07-06 c:\windows\system32\mqrt.dll]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2006-02-19 288472]
Microsoft Office OneNote 2003 Quick Launch.lnk - c:\program files\Microsoft Office\OFFICE11\ONENOTEM.EXE [2007-04-19 64864]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"SpecifyDefaultButtons"= 1 (0x1)
"Btn_Search"= 2 (0x2)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.MJPG"= m3jpeg32.dll
"vidc.dmb1"= m3jpeg32.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 nwprovau

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@=""

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\WINDOWS\\system32\\mqsvc.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"c:\\Program Files\\PeerCast\\PeerCast.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"c:\\Program Files\\NetMeeting\\conf.exe"=
"c:\\Program Files\\Windows Media Player\\wmplayer.exe"=
"c:\\Program Files\\QuickTime\\QuickTimePlayer.exe"=
"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"c:\\Program Files\\MSN Messenger\\livecall.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Common Files\\McAfee\\MNA\\McNASvc.exe"=
"c:\\Program Files\\VoipStunt.com\\VoipStunt\\VoipStunt.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"7144:TCP"= 7144:TCP:AITVPornPeer
"7143:TCP"= 7143:TCP:hotmail.com

R3 FastNIC;SMC EZ Card 10/100 (SMC1244TX V2);c:\windows\system32\DRIVERS\FastNIC.sys [2002-05-21 38528]
S3 AN983;ADMtek AN983/AN985/ADM951X 10/100Mbps Fast Ethernet Adapter;c:\windows\system32\DRIVERS\AN983.sys [2004-05-21 36224]
S4 hpt3xx;hpt3xx; []
.
Contents of the 'Scheduled Tasks' folder

2008-11-13 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34]

2008-10-15 c:\windows\Tasks\McDefragTask.job
- c:\program files\mcafee\mqc\QcConsol.exe [2007-12-04 13:32]

2008-04-01 c:\windows\Tasks\McQcTask.job
- c:\program files\mcafee\mqc\QcConsol.exe [2007-12-04 13:32]
.
- - - - ORPHANS REMOVED - - - -

HKCU-Run-System Soap Pro - c:\progra~1\SYSTEM~1\soap.exe
HKCU-Run-ufqz - c:\progra~1\COMMON~1\ufqz\ufqzm.exe
HKCU-Run-SRS Audio Sandbox - c:\program files\SRS Labs\Audio Sandbox\SRSSSC.exe
HKCU-Run-HBt9RTH3W - clsaysvr.exe
HKLM-Run-YOP - c:\progra~1\Yahoo!\YOP\yop.exe
HKLM-Run-Adobe Photo Downloader - c:\program files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
HKLM-Run-TrojanScanner - c:\program files\Trojan Remover\Trjscan.exe


.
------- Supplementary Scan -------
.
FireFox -: Profile - c:\documents and settings\Owner\Application Data\Mozilla\Firefox\Profiles\327gjg5p.default\
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-18 14:41:59
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...


c:\windows\TEMP\g3h6kjdk.TMP 616448 bytes

scan completed successfully
hidden files: 1

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Executive Software\Diskeeper\DkService.exe
c:\windows\system32\inetsrv\inetinfo.exe
c:\program files\Ahead\InCD\incdsrv.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\progra~1\McAfee\MSC\mcmscsvc.exe
c:\program files\Common Files\McAfee\MNA\McNASvc.exe
c:\progra~1\COMMON~1\McAfee\McProxy\McProxy.exe
c:\progra~1\McAfee\VIRUSS~1\Mcshield.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files\McAfee\MPF\MpfSrv.exe
c:\windows\system32\msdtc.exe
c:\windows\system32\HPZipm12.exe
c:\windows\system32\ScsiAccess.EXE
c:\windows\system32\snmp.exe
c:\windows\system32\wdfmgr.exe
c:\windows\system32\mqsvc.exe
c:\windows\system32\mqtgsvc.exe
c:\windows\system32\WgaTray.exe
c:\program files\Muiltmedia keyboard utility\1.1\KBDAP32A.EXE
c:\progra~1\McAfee\MSC\mcuimgr.exe
c:\program files\HP\Digital Imaging\bin\hpqste08.exe
c:\windows\system32\imapi.exe
.
**************************************************************************
.
Completion time: 2008-11-18 14:53:59 - machine was rebooted
ComboFix-quarantined-files.txt 2008-11-18 19:53:34

Pre-Run: 23,065,554,944 bytes free
Post-Run: 23,058,710,528 bytes free

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptIn

222 --- E O F --- 2008-11-12 23:15:08



Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:54:51, on 11/18/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Executive Software\Diskeeper\DkService.exe
C:\WINDOWS\System32\inetsrv\inetinfo.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\program files\common files\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\ScsiAccess.EXE
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\mqsvc.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\WINDOWS\System32\mqtgsvc.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\Browser Mouse\mouse32a.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Muiltmedia keyboard utility\1.1\KbdAp32A.exe
C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
c:\PROGRA~1\mcafee\msc\mcuimgr.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Support.com\bin\tgcmd.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\system32\CF14766.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/?p=us
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/ie/defaults/sb/sbcydsl/*http://www.yahoo.com/search/ie.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/ie/defaults/su/sbcydsl/*https://fr.yahoo.com/?p=us
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: (no name) - {F5735C15-1FB2-41FE-BA12-242757E69DDE} - (no file)
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll
O4 - HKLM\..\Run: [Pure Networks Port Magic] "C:\PROGRA~1\PURENE~1\PORTMA~1\PortAOL.exe" -Run
O4 - HKLM\..\Run: [FLMOFFICE4DMOUSE] C:\Program Files\Browser Mouse\mouse32a.exe
O4 - HKLM\..\Run: [FLMK08KB] C:\Program Files\Muiltmedia keyboard utility\1.1\MMKEYBD.EXE
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [tgcmd] C:\Program Files\Support.com\bin\tgcmd.exe /server /startmonitor /deaf
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [VoipStunt] "C:\Program Files\VoipStunt.com\VoipStunt\VoipStunt.exe" -nosplash -minimized
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office OneNote 2003 Quick Launch.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Download with Go!Zilla - file://C:\PROGRA~1\Go!Zilla\download-with-gozilla.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {49783ED4-258D-4f9f-BE11-137C18D3E543} - (no file)
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - (no file)
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O15 - Trusted Zone: http://www.listen.com
O15 - Trusted Zone: https://us.napster.com/
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} -
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://kazaliou.spaces.live.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {50647AB5-18FD-4142-82B0-5852478DD0D5} (Keynote Connector Launcher 2) - http://webeffective.keynote.com/applications/pconnector/download/ConnectorLauncher.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/webplayer/stage6/windows/AutoDLDivXWebPlayerInstaller.cab
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\Diskeeper\DkService.exe
O23 - Service: InCD File System Service (InCDsrv) - AHEAD Software - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ScsiAccess - Unknown owner - C:\WINDOWS\system32\ScsiAccess.EXE
0
Réponse 37 / 53
geoffrey5 Messages postés 13732 Date d'inscription dimanche 20 mai 2007 Statut Contributeur sécurité Dernière intervention 21 mai 2010 10
18 nov. 2008 à 20:07
Salut !!

relance hijackthis en cliquant sur scan only et coches ces lignes stp :

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/ie/defaults/sb/sbcydsl/*http://www.yahoo.com/search/ie.html
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/ie/defaults/su/sbcydsl/*https://fr.yahoo.com/?p=us
O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file)
O3 - Toolbar: (no name) - {F5735C15-1FB2-41FE-BA12-242757E69DDE} - (no file)
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O9 - Extra button: (no name) - {49783ED4-258D-4f9f-BE11-137C18D3E543} - (no file)
O9 - Extra button: (no name) - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - (no file)
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

puis tu cliques sur fix checked.


ensuite :

▶ Télécharge RegCleaner

▶ Une fois installé, double-clique sur son icône pour l'exécuter

▶ Dans la barre de menu, clique sur Options puis sélectionne Language => Choose the language

▶ recherche French.rlg et double-clique dessus pour appliquer la langue

▶ Clique ensuite sur Outils dans la barre de menu

▶ Sélectionne Nettoyage du registre => Nettoyeur de registre automatique

▶ RegCleaner va alors lancer le nettoyage automatiquement

▶ Coche ensuite les entrées invalides et clique sur Supprimer sélections => Terminer => Quitter


ensuite :


▶ Télécharge JavaRa.zip

▶ Décompresse le fichier sur ton bureau (clique droit > Extraire tout.)

▶ Double-clique sur le répertoire JavaRa obtenu.

▶ Puis double-clique sur le fichier JavaRa.exe (le .exe peut ne pas s'afficher)

▶ Clique sur Search For Updates.

▶ Sélectionne Update Using jucheck.exe puis clique sur Search.

▶ Autorise le processus à se connecter s'il te le demande, clique sur Install et suis les instructions d'installation. Cela prendra quelques minutes.

▶ Quand l'installation est terminée, revient à l'écran de JavaRa et clique sur Remove Older Versions.

▶ Clique sur Oui pour confirmer. L'outil va travailler, clique ensuite sur Ok, puis une deuxième fois sur Ok.

▶ Un rapport va s'ouvrir, copie-colle le dans ta prochaine réponse.

* Note : le rapport se trouve aussi là : ( C:\JavaRa.log )

Ferme l'application et dis moi si tu as encore des problèmes.
0
grandtoure Messages postés 141 Date d'inscription jeudi 6 mars 2008 Statut Membre Dernière intervention 2 juillet 2013
18 nov. 2008 à 20:42
JavaRa 1.11 Removal Log.

Report follows after line.

------------------------------------

The JavaRa removal process was started on Tue Nov 18 15:38:46 2008

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA}

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_02

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_03

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_04

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2.0_01

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBB}

------------------------------------

Finished reporting.



Je crois que l'ordi est bon. Mais lorsque je regarde des videos, le download est rapide mais lorsque la video joue , c est vraiment lent..le son est bon mais la video est lente et coupe souvent
0
Réponse 38 / 53
geoffrey5 Messages postés 13732 Date d'inscription dimanche 20 mai 2007 Statut Contributeur sécurité Dernière intervention 21 mai 2010 10
18 nov. 2008 à 20:44
Tu regardes les vidéos avec quel logiciel ??
0
Réponse 39 / 53
grandtoure Messages postés 141 Date d'inscription jeudi 6 mars 2008 Statut Membre Dernière intervention 2 juillet 2013
18 nov. 2008 à 20:44
Et lorsque je cherchais des updates pour java..ils m'ont indique que j avais la derniere version de java
0
Réponse 40 / 53
geoffrey5 Messages postés 13732 Date d'inscription dimanche 20 mai 2007 Statut Contributeur sécurité Dernière intervention 21 mai 2010 10
18 nov. 2008 à 20:45
ok... je suis peut etre passé à coté dans le rapport :s
0
grandtoure Messages postés 141 Date d'inscription jeudi 6 mars 2008 Statut Membre Dernière intervention 2 juillet 2013
18 nov. 2008 à 21:04
Que dois je faire alors? merci vraiment pour ton aide
0